System and method for protecting the privacy and security of stored biometric data
First Claim
Patent Images
1. A method of securely indexing and storing a biometric for subsequent retrieval, the method including the steps of:
- a) Enrolling a user by effecting a capture of a specific biometric from that user and associating that biometric with an identity element specific to that user, b) Applying a blinding function to the associated identity element so as to provide a blinded identity element, the blinding function taking the identity element as a data input and providing the blinded identity element as a data output, the blinded identity element revealing no information about the data input, c) Combining the blinded identity element and the biometric as an index pair, d) Storing the index pair as a stored pair, e) Retrieving the biometric from the stored pair by subsequently providing the same identity element, applying the same blinding function to that element so as to recreate the blinded identity element and using the recreated blinded identity element to retrieve the biometric stored with that blinded identity element.
3 Assignments
0 Petitions
Accused Products
Abstract
A data storage system that protects privacy and ensures security includes a plurality of nodes in a networked architecture, the nodes being adapted to securely communicate and co-operate with one another to allow storage and retrieval of data. A single piece of biometric data is associated only with a blinded identifier and securely divided across one or more nodes, adapted for data storage. The data itself and the link to the original individual, from whom the biometric was acquired, cannot be obtained without the co-operation of two or more nodes.
39 Citations
21 Claims
-
1. A method of securely indexing and storing a biometric for subsequent retrieval, the method including the steps of:
-
a) Enrolling a user by effecting a capture of a specific biometric from that user and associating that biometric with an identity element specific to that user, b) Applying a blinding function to the associated identity element so as to provide a blinded identity element, the blinding function taking the identity element as a data input and providing the blinded identity element as a data output, the blinded identity element revealing no information about the data input, c) Combining the blinded identity element and the biometric as an index pair, d) Storing the index pair as a stored pair, e) Retrieving the biometric from the stored pair by subsequently providing the same identity element, applying the same blinding function to that element so as to recreate the blinded identity element and using the recreated blinded identity element to retrieve the biometric stored with that blinded identity element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method of authenticating the veracity of a biometric template previously generated from a biometric image, the method including the steps of:
-
a) Enrolling a user by effecting a capture of a specific biometric from that user and associating that biometric with an identity element specific to that user, b) Applying a blinding function to the associated identity element so as to provide a blinded identity element, the blinding function taking the identity element as a data input and providing the blinded identity element as a data output, the blinded identity element revealing no information about the data input, c) Combining the blinded identity element and the biometric as an index pair, d) Storing the index pair as a stored pair, e) Retrieving the biometric from the stored pair by subsequently providing the same identity element, applying the same blinding function to that element so as to recreate the blinded identity element and using the recreated blinded identity element to retrieve the biometric stored with that blinded identity element. f) Using the retrieved biometric to generate an authenticating biometric template, g) Comparing the authenticating biometric template with the biometric template previously generated, and authenticating the veracity if the templates match.
-
-
17. A computer implemented biometric storage and authentication architecture, the architecture comprising:
-
a) a first module configured to enable a enrolment of a user by effecting a capture of a specific biometric from that user and associating that biometric with an identity element specific to that user, b) a second module configured to effect an application of a blinding function to the associated identity element so as to provide a blinded identity element, the blinding function taking the identity element as a data input and providing the blinded identity element as a data output, the blinded identity element revealing no information about the data input, c) a third module configured to effect a combination of the blinded identity element and the biometric so as to form an index pair, d) a repository configured for storing the index pair as a stored pair, and e) a retrieval module configured to enable a retrieval of the biometric from the stored pair by subsequently providing the same identity element, applying the same blinding function to that element so as to recreate the blinded identity element and using the recreated blinded identity element to retrieve the biometric stored with that blinded identity element. - View Dependent Claims (18, 20, 21)
-
-
19. The architecture as claimed in claim 19 wherein the splitting module provides for a storage of each of the two or more constituent parts on separate nodes of the network.
Specification