Methods and systems for secured access to devices and systems
First Claim
1. A method of allowing user access to a user having a role, the method comprising:
- combining individual non-biometric scores from plural non-biometric user tests taken by a user until a non-biometric confidence threshold is met or exceeded;
combining individual biometric test scores of plural biometric user tests taken by the user until a biometric confidence threshold is met or exceeded; and
allowing a level of access based in part upon the user'"'"'s role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user.
1 Assignment
0 Petitions
Accused Products
Abstract
An access system in one embodiment that first determines that someone has correct credentials by using a non-biometric authentication method such as typing in a password, presenting a Smart card containing a cryptographic secret, or having a valid digital signature. Once the credentials are authenticated, then the user must take at least two biometric tests, which can be chosen randomly. In one approach, the biometric tests need only check a template generated from the user who desires access with the stored templates matching the holder of the credentials authenticated by the non-biometric test. Access desirably will be allowed when both biometric tests are passed.
-
Citations
28 Claims
-
1. A method of allowing user access to a user having a role, the method comprising:
-
combining individual non-biometric scores from plural non-biometric user tests taken by a user until a non-biometric confidence threshold is met or exceeded;
combining individual biometric test scores of plural biometric user tests taken by the user until a biometric confidence threshold is met or exceeded; and
allowing a level of access based in part upon the user'"'"'s role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system to control user access to a device, comprising:
-
a first non-biometric tester operationally able to analyze input data to determine if at least one non-biometric test has been successfully executed, preliminarily identifying the user based upon the successful executing of the at least one non-biometric test;
a first unlocker which allows access to at least a first portion of the device when the at least one non-biometric test is successfully executed;
at least one biometric tester operationally able to compare biometric input data with previously stored data associated with the biometric tests and associated with the user that has preliminarily been identified by the successful execution of said at least one non-biometric test to determine if at least two biometric tests have been successfully executed, each of said at least two tests having an associated biometric test confidence level;
the biometric tester combining a user test score for a first of said at least two biometric tests with a biometric confidence level for the first of said two biometric tests to create a first individual confidence test score for the first of said at least two tests, the biometrics tester combining a user test score for a second of said at least two tests with a biometric confidence level for the second of said two biometric tests to create a second individual confidence test score for the second of said at least two tests, the biometric tester combining at least the first and second individual confidence test scores to create a combined biometric confidence score;
wherein the biometric tester determines a biometric success in the event the combined biometric confidence score meets or exceeds a biometric confidence threshold; and
a second unlocker operable to allow access to at least a second portion of the device in the event of a biometric success. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of allowing user access comprising:
-
in response to non-subjective user data;
using at least one randomly-chosen non-subjective test producing either a pass or a fail to establish credentials of the user;
in response to subjective user data;
using at least two randomly-chosen subjective tests, each subjective test generating a subjective score, to establish identity of the user;
determining whether a cumulative subjective score on the subjective tests has reached a confidence threshold in order to establish identity of the user;
wherein at least one subjective test compares the subjective user data with previously-stored data associated with the user whose credentials have been established to determine the subjective score of the test; and
wherein if the credentials of the user are established and the identity of the user is established then allowing user access. - View Dependent Claims (27, 28)
-
Specification