Methods and systems for secured access to devices and systems

US 20070241861A1
Filed: 04/18/2006
Published: 10/18/2007
Est. Priority Date: 04/18/2006
Status: Active Grant

First Claim

Patent Images

1. A method of allowing user access to a user having a role, the method comprising:

combining individual non-biometric scores from plural non-biometric user tests taken by a user until a non-biometric confidence threshold is met or exceeded;

combining individual biometric test scores of plural biometric user tests taken by the user until a biometric confidence threshold is met or exceeded; and

allowing a level of access based in part upon the user'"'"'s role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access system in one embodiment that first determines that someone has correct credentials by using a non-biometric authentication method such as typing in a password, presenting a Smart card containing a cryptographic secret, or having a valid digital signature. Once the credentials are authenticated, then the user must take at least two biometric tests, which can be chosen randomly. In one approach, the biometric tests need only check a template generated from the user who desires access with the stored templates matching the holder of the credentials authenticated by the non-biometric test. Access desirably will be allowed when both biometric tests are passed.

Citations

28 Claims

1. A method of allowing user access to a user having a role, the method comprising:
- combining individual non-biometric scores from plural non-biometric user tests taken by a user until a non-biometric confidence threshold is met or exceeded;
  
  combining individual biometric test scores of plural biometric user tests taken by the user until a biometric confidence threshold is met or exceeded; and
  
  allowing a level of access based in part upon the user'"'"'s role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. A method according to claim 1, wherein the user'"'"'s role is at least partially defined by the score on at least one non-biometric test or biometric test.
  - 3. A method according to claim 1, wherein the user role is incrementally defined based at least in part by incremental individual non biometric scores and incremental individual biometric test scores.
  - 4. The method of claim 1 comprising designating a non-biometric test limit corresponding a maximum number of non-biometric tests allowed, designating a biometric test limit corresponding to a maximum number of biometric tests allowed, denying access if the non-biometric test limits are reached prior to meeting or exceeding the non-biometric confidence threshold, and denying access if the biometric test limit is reached prior to meeting or exceeding the biometric confidence threshold.
  - 5. The method of claim 4 comprising the act of changing at least one of the non-biometric and biometric test limits.
  - 6. The method of claim 1 wherein at least one of the biometric user tests has an associated biometric test confidence level, wherein the at least one of the biometric user tests has a biometric user test result, and wherein the individual biometric test confidence score is a combination of the biometric test confidence level and the biometric user test result.
  - 7. The method of claim 6 wherein the at least one of the biometric user tests has a biometric test failure threshold, and wherein, if the biometric user test result is below the biometric test failure threshold, the user fails the user test.
  - 8. The method of claim 7 wherein the biometric test failure threshold is modified by how many times the at least one of the biometric user tests has been taken by the user.
  - 9. The method of claim 7 wherein at least some of the biometric user tests have an associated biometric test confidence level, and wherein the biometric test failure threshold is based in part on the biometric test confidence level of a preceding biometric user test.
  - 10. The method of claim 9 comprising determining the biometric test failure threshold at least in part based upon the biometric test confidence level of at least one of the biometric user tests.
  - 11. The method of claim 4 comprising the act of triggering an alarm in the event the non-biometric test limit is reached.
  - 12. The method of claim 1 wherein the plural non-biometric user tests are chosen randomly from a group comprising of:
    - inputting a password, inputting a Smart card containing a digital certificate or a predefined secret, possessing a contactless card containing a digital circuit, inputting a USB token device, inputting a bio-token device, using a soft-token device, and showing an ID to a guard.
  - 13. The method of claim 1 wherein the plural biometric tests are chosen randomly from a group comprising of at least two of:
    - a fingerprint recognition test of a specific finger or thumb, a fingerprint recognition test of a different specific finger or thumb, a handprint recognition test, a face recognition test, a handwriting recognition test, a voice recognition test, an iris recognition test, an eye blinking rate test, an eyeball squint extent test, a normalized body temperature test, a keystroke dynamic test, a vein recognition test, and a DNA recognition test.
  - 14. The method of claim 1, wherein at least one of the non-biometric user tests comprises determining a user identity, and wherein at least one of the biometric user tests comprises comparing a test template generated by the user with a stored template associated with the user identity to determine the individual biometric test confidence score.
  - 15. The method of claim 1, wherein the act of allowing a level of access comprises at least one of the acts of allowing movement in a formerly restricted location, allowing access to a formerly restricted computer file, allowing access to a formerly restricted computer function, allowing access to at least a portion of a formerly restricted device, or allowing access to at least a portion of a formerly restricted system.

16. A system to control user access to a device, comprising:
- a first non-biometric tester operationally able to analyze input data to determine if at least one non-biometric test has been successfully executed, preliminarily identifying the user based upon the successful executing of the at least one non-biometric test;
  
  a first unlocker which allows access to at least a first portion of the device when the at least one non-biometric test is successfully executed;
  
  at least one biometric tester operationally able to compare biometric input data with previously stored data associated with the biometric tests and associated with the user that has preliminarily been identified by the successful execution of said at least one non-biometric test to determine if at least two biometric tests have been successfully executed, each of said at least two tests having an associated biometric test confidence level;
  
  the biometric tester combining a user test score for a first of said at least two biometric tests with a biometric confidence level for the first of said two biometric tests to create a first individual confidence test score for the first of said at least two tests, the biometrics tester combining a user test score for a second of said at least two tests with a biometric confidence level for the second of said two biometric tests to create a second individual confidence test score for the second of said at least two tests, the biometric tester combining at least the first and second individual confidence test scores to create a combined biometric confidence score;
  
  wherein the biometric tester determines a biometric success in the event the combined biometric confidence score meets or exceeds a biometric confidence threshold; and
  
  a second unlocker operable to allow access to at least a second portion of the device in the event of a biometric success.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The system of claim 16 wherein the first non-biometric test comprises a Smart card detachable from the device;
    - and wherein the first unlocker further comprises a remote proximity mechanism operationally able to detect the presence of the Smart card.
  - 18. The system of claim 16 further comprising a biometric randomizer, operable to randomly choose at least one of the at least two biometric tests from a set of available biometric tests.
  - 19. The system of claim 16 wherein failure of at least one test results in actions chosen from a group comprising at least one of:
    - initiating a security system, locking the device for a pre-determined amount of time, and revoking access to a previously allowed portion of the device.
  - 20. The system of claim 16 wherein the device is a vehicle.
  - 21. The system of claim 20 wherein the first unlocker unlocks a door to the vehicle when the at least one non-biometric test is successfully executed, and wherein, if biometric success is not determined within a predetermined time period, the first unlocker locks the previously unlocked door.
  - 22. The system of claim 21 wherein at least one of the at least two biometric tests are chosen randomly from a group comprising at least one of:
    - a fingerprint recognition test, a handprint recognition test, a face recognition test, a handwriting recognition test, a voice recognition test, an IRIS recognition test, an eye blinking rate test, an eyeball squint extent test, a normalized body temperature test, a keystroke dynamic test, a vein recognition test, and a DNA recognition test.
  - 23. The system of claim 16 wherein the biometric tester comprises at least one sensor to take a biometric reading, and a computer, the computer comprising:
    - a data storage device to store biometric data representing at least one valid user profile associated with the at least two biometric tests, and a computer processor operationally able to calculate confidence test scores based at least in part on how closely the biometric reading associated with a test matches with the at least one valid user profile associated with the at least two biometric tests.
  - 24. The system of claim 23 wherein the computer further comprises:
    - instructions stored in memory, the instructions used by the computer processor to calculate confidence test scores;
      
      a network connection between the at least one sensor and the computer, wherein the at least one sensor communicates with the computer processor through the network connection; and
      
      a biometric test enroller, comprising;
      
      a biometric data capturer, a processor, which processes the captured biometric data into a form useable by the instructions, and a profile storer which stores the processed data as a valid user profile for an associated test and associated user on the data storage device wherein for at least one biometric test, biometric data is captured and processed into a valid user profile.
  - 25. The system of claim 16 wherein the first non-biometric tester is operationally able to analyze input data to determine if a second non-biometric test has been successfully executed;
    - and wherein once the first non-biometric test and the second non-biometric test are successfully executed, the first unlocker allows access to at least a first portion of the device.

26. A method of allowing user access comprising:
- in response to non-subjective user data;
  
  using at least one randomly-chosen non-subjective test producing either a pass or a fail to establish credentials of the user;
  
  in response to subjective user data;
  
  using at least two randomly-chosen subjective tests, each subjective test generating a subjective score, to establish identity of the user;
  
  determining whether a cumulative subjective score on the subjective tests has reached a confidence threshold in order to establish identity of the user;
  
  wherein at least one subjective test compares the subjective user data with previously-stored data associated with the user whose credentials have been established to determine the subjective score of the test; and
  
  wherein if the credentials of the user are established and the identity of the user is established then allowing user access.
- View Dependent Claims (27, 28)
- - 27. The method of claim 26 wherein the established credentials of the user have associated credentialed biometric data and wherein the subjective test comprises comparing captured user biometric data to the associated credentialed biometric data to produce the subjective score.
  - 28. The method of claim 26 wherein user access is allowed, and an audit trail is kept of user activity based on the established identity of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Infosys Technologies Limited (Infosys Limited)
Original Assignee
Infosys Technologies Limited (Infosys Limited)
Inventors
Moona, Rajat, Venkatanna, Kumar, Subrahmanya, S.

Granted Patent

US 7,864,987 B2
Time in Patent Office

Days
Field of Search
US Class Current

340/5.520
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2105   Dual mode as a secondary as...

Methods and systems for secured access to devices and systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for secured access to devices and systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links