System and method to grant or refuse access to a system

US 20060116970A1
Filed: 11/15/2005
Published: 06/01/2006
Est. Priority Date: 11/18/2004
Status: Abandoned Application

First Claim

Patent Images

1. System to grant or refuse access to a system, comprising a portable access device communicating with a terminal of an access point, wherein the portable access device comprises a storage means, characterized in that a set of trust parameters is stored on the storage means, said set of trust parameters being used to evaluate the amount of service and/or functionality of the system, being granted to the user presenting the trust parameters on the portable access device, wherein the evaluation and the decision, whether to grant or refuse access to the system is made as a result of computation of the trust parameters without revealing the identity of the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A new system to grant or refuse access to a system, comprising a portable access device communicating with a terminal of an access point, wherein the portable access device comprises a storage means. A set of trust parameters is stored on the storage means, the set of trust parameters being used to evaluate the amount of service and/or functionality of the system being granted to the user presenting the trust parameters on the portable access device, wherein the evaluation and the decision, whether to grant or refuse access to the system is made as a result of computation of the trust parameters without revealing the identity of the user.

Citations

17 Claims

1. System to grant or refuse access to a system, comprising a portable access device communicating with a terminal of an access point, wherein the portable access device comprises a storage means, characterized in that a set of trust parameters is stored on the storage means, said set of trust parameters being used to evaluate the amount of service and/or functionality of the system, being granted to the user presenting the trust parameters on the portable access device, wherein the evaluation and the decision, whether to grant or refuse access to the system is made as a result of computation of the trust parameters without revealing the identity of the user.
- View Dependent Claims (2)
- - 2. System according to claim 1, characterized in that the portable access device is a smart card or chip card that holds at least part of the trust parameters.

3. A method to grant or refuse access to a system, comprising a portable access device communicating with a terminal of an access point, wherein the portable access device comprises a storage means, characterized by evaluating according to an algorithm the actual access rights of the user from a set of trust parameters in an anonymous way, and storing the set of trust parameters in the storage means, said set of trust parameters being used to evaluate the amount of service and/or functionality of the system being granted to the user presenting the trust parameters on the portable access device, wherein the evaluation and the decision whether to grant or refuse access to the system is made as a result of computation of the trust parameters without revealing the identity of the user.
- View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 4. A method according to claim 3, characterized in changing the evaluation criteria of the algorithm depending on a set of working conditions (time of day, social events, political situation, emergency situation etc.).
  - 5. A method according to claim 3, characterized in linking to a registration instance to update the trust parameters.
  - 6. A method in accordance with claim 3, characterized in performing a biometric verification to authenticate the user before the set of trust parameters is presented, while the identity of the user remains protected.
  - 7. A method in accordance with claim 3, characterized in performing a mutual authentication between the device and the access point to assure that a genuine access device is communicating to a genuine access point.
  - 8. A method in accordance with claim 3, characterized in performing a biometric scan by the access point.
  - 9. A method in accordance with claim 3, characterized in performing a biometric scan by the access device.
  - 10. A method in accordance with claim 3, characterized in performing a biometric verification by the access device.
  - 11. Method in accordance with claim 3, characterized in performing a biometric verification by the access point.
  - 12. A method according to claim 11, characterized in sending by the access point at least part of the scanned biometric information of the user to the access device.
  - 13. A method according to claim 12, characterized in storing the biometric reference parameters in the access device.
  - 14. A method according to claim 13, characterized in verifying that the user is linked to the biometric reference parameters kept in the access device.
  - 15. A method according to claim 14, characterized in performing the final decision by the access device whether the scanned biometric data matches the biometric reference data stored in the access device.
  - 16. A method according to claim 3, characterized in performing in the access point the evaluation and the decision whether to grant or refuse access to the system.
  - 17. A computer program product comprising a storage medium containing computer code for controlling a computer to perform the method in accordance with claims 3 to 16.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Palmer, Elaine, Scherzer, Helmut

Application Number

US11/274,619
Publication Number

US 20060116970A1
Time in Patent Office

Days
Field of Search
US Class Current

705/74
CPC Class Codes

G06Q 20/383   Anonymous user system

G07C 2209/04   Access control involving a ...

G07C 9/257   electronically G07C9/26 tak...

System and method to grant or refuse access to a system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to grant or refuse access to a system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links