SYSTEM, METHOD, SERVER, CLIENT TERMINAL, PROGRAM FOR BIOMETRIC AUTHENTICATION

US 20090007257A1
Filed: 06/25/2008
Published: 01/01/2009
Est. Priority Date: 06/27/2007
Status: Abandoned Application

First Claim

Patent Images

1. A biometric authentication system comprising:

a plurality of client terminals which acquire the biological information of a user;

a first server which authenticates the biological information acquired by the client terminal; and

a second server which manages a parameter used at the time of biometric authentication, the client terminals and the first and the second server being connected together through a network;

wherein the client terminal includes an input unit by which a user ID provided in advance for a user is input, a biological information sensor which acquires the biological information of the user, feature extracting portion which extracts feature from the biological information acquired by the biological information sensor and a transforming portion which transforms the feature using the user parameter generated by the second server to generate transformation feature,the first server includes a storing portion which stores a template of biological information of the user and a matching portion which matches the transformation feature transmitted from the client terminal against the template stored in the storing portion, andthe second server includes a user parameter generating portion which generates the user parameter using the user ID transmitted from the client terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a biometric authentication system including: a parameter manage server having a user parameter generating portion for generating a user parameter using a user ID transmitted from a client terminal, a master key and a temporary parameter; the client terminal having an input unit by which a user ID provided in advance for a user is input, a biological information sensor which acquires biological information of a user, a feature extracting portion which extracts feature from the biological information acquired by the biological information sensor and a transforming portion which transforms the feature using the user parameter generated by the parameter manage server to generate transformation feature; and an authentication server having a matching portion which matches the transformation feature transmitted from the client terminal against a template stored in advance in the storing portion.

25 Citations

View as Search Results

19 Claims

1. A biometric authentication system comprising:
- a plurality of client terminals which acquire the biological information of a user;
  
  a first server which authenticates the biological information acquired by the client terminal; and
  
  a second server which manages a parameter used at the time of biometric authentication, the client terminals and the first and the second server being connected together through a network;
  
  wherein the client terminal includes an input unit by which a user ID provided in advance for a user is input, a biological information sensor which acquires the biological information of the user, feature extracting portion which extracts feature from the biological information acquired by the biological information sensor and a transforming portion which transforms the feature using the user parameter generated by the second server to generate transformation feature,the first server includes a storing portion which stores a template of biological information of the user and a matching portion which matches the transformation feature transmitted from the client terminal against the template stored in the storing portion, andthe second server includes a user parameter generating portion which generates the user parameter using the user ID transmitted from the client terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The biometric authentication system according to claim 1, wherein the second server includes a master key generating portion which generates a master key and a temporary parameter generating portion which generates a temporary parameter, andthe user parameter generating portion generates the user parameter using the user ID, the master key generated by the master key generating portion and the temporary parameter generated by the temporary parameter generating portion.
  - 3. The biometric authentication system according to claim 2, wherein the second server further includes a parameter difference generating portion which generates a parameter difference using a random number and the temporary parameter generating portion which renews the temporary parameter using the parameter difference generated by the parameter difference generating portion.
  - 4. The biometric authentication system according to claim 2, wherein the user parameter generating portion in the second server generates the user parameter such that the user ID is bit-concatenated to the master key to generate a hash of the bit-concatenated data and each value of the hash is multiplied with each value of the temporary parameter.
  - 5. The biometric authentication system according to claim 2, wherein the user parameter generating portion in the second server generates the user parameter such that the user ID is bit-concatenated to the master key to generate a hash of the bit-concatenated data and each value of the hash is added to each value of the temporary parameter.
  - 6. The biometric authentication system according to claim 2, wherein the user parameter generating portion in the second server generates the user parameter such that the user ID is bit-concatenated to the master key to generate a random number with the bit-concatenated data as a seed and each value of the generated random number is multiplied with each value of the temporary parameter.
  - 7. The biometric authentication system according to claim 2, wherein the user parameter generating portion in the second server generates the user parameter such that the user ID is bit-concatenated to the master key to generate a random number with the bit-concatenated data as a seed and each value of the generated random number is added to each value of the temporary parameter.
  - 8. The biometric authentication system according to claim 1, wherein the first server stores in advance in the storing portion the transformation feature, as the template, which are transformed by the user parameter and generated in the client terminal.
  - 9. The biometric authentication system according to claim 2, wherein the first sever includes a renewal process portion which renews the template stored in the storing portion using the parameter difference generated by the parameter difference generating portion of the second server and stores the renewed template in the storing portion.

10. A biometric authentication method for a biometric authentication system comprising:
- a plurality of client terminals which acquire the biological information of a user;
  
  a first server which authenticates the biological information acquired by the client terminal; and
  
  a second server which manages a parameter used at the time of biometric authentication, the client terminals and the first and the second server being connected together through a network;
  
  the biometric authentication method including the steps of;
  
  inputting a user ID provided in advance for a user through an input unit, acquiring the biological information of the user using a biological information sensor, extracting feature from the biological information acquired by the biological information sensor, in the client terminal,generating the user parameter using the user ID transmitted from the client terminal, in the second server,transforming the feature using the user parameter received from the second server to generate transformation feature, in the client terminal, andmatching the transformation feature transmitted from the client terminal against the template of biological information of the user stored in advance in the storing portion, in the first server.
- View Dependent Claims (11)
- - 11. The biometric authentication method according to claim 10, wherein at the time of registering the template, the client terminal transforms the feature using the user parameter obtained from the second server to generate transformation feature and transmits the transformation feature to the first server and the first server stores the received transformation feature in the storing portion as a template.

12. A parameter manage server which is connected to a plurality of client terminals acquiring biological information of a user and an authentication server authenticating biological information through a network and manages a parameter used at the time of biometric authentication, the parameter manage server comprising:
- a receiving portion which receives a user ID transmitted from the client terminal;
  
  a master key generating portion which generates a master key;
  
  a temporary parameter generating portion which generates a temporary parameter;
  
  a storing portion which stores the generated master key and temporary parameter;
  
  a user parameter generating portion which generates the user parameter using the user ID received through the receiving portion, the master key generated by the master key generating portion and the temporary parameter generated by the temporary parameter generating portion; and
  
  a transmitting portion which transmits the user parameter generated by the user parameter generating portion to the client terminal.
- View Dependent Claims (13, 14, 15)
- - 13. The parameter manage server according to claim 12 further comprising a parameter difference generating portion which generates a parameter difference using a random number, wherein the temporary parameter generating portion renews the temporary parameter using the parameter difference generated by the parameter difference generating portion.
  - 14. The parameter manage server according to claim 12, wherein the user parameter generating portion generates the user parameter such that the user ID is bit-concatenated to the master key to generate a hash of the bit-concatenated data and each value of the hash is multiplied with each value of the temporary parameter.
  - 15. The parameter manage server according to claim 12, wherein the user parameter generating portion generates the user parameter such that the user ID is bit-concatenated to the master key to generate a hash of the bit-concatenated data and each value of the hash is added to each value of the temporary parameter.

16. An authentication managing method for a parameter manage server which is connected to a plurality of client terminals acquiring biological information of a user and an authentication server authenticating biological information through a network and manages a parameter used at the time of biometric authentication, the authentication managing method comprising the steps of:
- receiving a user ID transmitted from the client terminal through a communication portion;
  
  generating a master key;
  
  generating a temporary parameter;
  
  storing the generated master key and temporary parameter in a storing portion;
  
  generating the user parameter using the user ID received through the communication portion, the master key and the temporary parameter; and
  
  transmitting the generated user parameter to the client terminal through the communication portion.

17. A client terminal used for authenticating biological information of a user and connected to a first server which authenticates biological information of a user and a second server which generates a parameter used for subjecting the biological information to a transformation process, through a network, the client terminal comprising:
- an input unit by which a user ID provided in advance for a user is input;
  
  a transmitting portion which transmits the user ID input by the input unit to the second server;
  
  a receiving portion which receives the parameter from the second server;
  
  a biological information sensor which acquires the biological information of the user;
  
  a feature extracting portion which extracts feature from the biological information acquired by the biological information sensor;
  
  a transforming portion which transforms the feature using the user parameter received from the receiving portion to generate transformation feature; and
  
  a transmitting portion which transmits the transformation characteristic generated by the transforming portion to the first server.

18. A program used for biometric authentication executed by a client terminal, a first server and a second server in a biometric authentication system including the plurality of client terminals which acquire the biological information of a user, the first server which authenticates the biological information acquired by the client terminal and the second server which manages a parameter used at the time of biometric authentication, the client terminals and the first and the second server being connected together through a network, the program comprising the steps of:
- inputting a user ID provided in advance for a user through an input unit, acquiring the biological information of the user using a biological information sensor, extracting feature from the biological information acquired by the biological information sensor, in the client terminal,generating the user parameter using the user ID transmitted from the client terminal, in the second server,transforming the feature using the user parameter received from the second server to generate transformation feature, in the client terminal, andmatching the transformation feature transmitted from the client terminal against a template of biological information of the user stored in advance in the storing portion, in the first server.

19. An authentication managing program executed by a parameter manage server which is connected to a plurality of client terminals acquiring biological information of a user and an authentication server authenticating biological information through a network and manages a parameter used at the time of biometric authentication, the program comprising the steps of:
- receiving a user ID transmitted from the client terminal through a communication portion;
  
  generating a master key;
  
  generating a temporary parameter;
  
  storing the generated master key and temporary parameter in a storing portion;
  
  generating the user parameter using the user ID received through the communication portion, the master key and the temporary parameter; and
  
  transmitting the generated user parameter to the client terminal through the communication portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Wakui, Katsunori, Tokoro, Yasuyuki, Takahashi, Kenta, Hirata, Shinji

Application Number

US12/145,706
Publication Number

US 20090007257A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06V 40/14   Vascular patterns

G06V 40/50   Maintenance of biometric da...

SYSTEM, METHOD, SERVER, CLIENT TERMINAL, PROGRAM FOR BIOMETRIC AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

25 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM, METHOD, SERVER, CLIENT TERMINAL, PROGRAM FOR BIOMETRIC AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links