SYSTEM, METHOD AND PROGRAM PRODUCT FOR COMMUNICATING A PRIVACY POLICY ASSOCIATED WITH A BIOMETRIC REFERENCE TEMPLATE
First Claim
1. A method for communicating a privacy policy associated with a biometric reference template, said method comprising the steps of:
- assigning in a first attribute a first identifier for uniquely identifying a biometric reference template created for a type of biometric data collected;
defining in a second attribute a second identifier for uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling said proper use and handling of said biometric data;
cryptographically binding said biometric reference template to said privacy policy; and
transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method and program product for communicating a privacy policy associated with a reference template. The method includes assigning a first identifier for identifying a reference template created from biometric data collected, defining a second identifier for identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to the reference template, the second identifier including an accept-reject provision for controlling the proper use and handling of the biometric data, cryptographically binding the reference template to the privacy policy and transmitting, responsive to a request received from the relying party, the accept-reject provision for the reference template, where based on a response received from the relying party to the accept-reject provision for the privacy policy, the reference template is either transmitted or not transmitted to the relying party.
-
Citations
25 Claims
-
1. A method for communicating a privacy policy associated with a biometric reference template, said method comprising the steps of:
-
assigning in a first attribute a first identifier for uniquely identifying a biometric reference template created for a type of biometric data collected; defining in a second attribute a second identifier for uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling said proper use and handling of said biometric data; cryptographically binding said biometric reference template to said privacy policy; and transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer system for associating a biometric reference template with a privacy policy, said computer system comprising:
-
first program instructions to assign in a first attribute a first identifier for uniquely identifying a biometric reference template created for a type of biometric data collected; second program instructions to define in a second attribute a second identifier for uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling dissemination and usage of said biometric data collected; third program instructions to cryptographically bind said biometric reference template to said privacy policy; and fourth program instructions to transmit, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party; a computer readable storage medium, said computer readable storage medium storing each of said first, second, third and fourth program instructions; and a central processing unit for executing each of said first, second, third and fourth program instructions. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for controlling dissemination and use of biometric data, said computer program product comprising:
-
a computer readable storage medium; first program instructions to assign in a first attribute a first identifier for uniquely identifying a biometric reference template created for a type of biometric data collected; second program instructions to define in a second attribute a second identifier for uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling dissemination and usage of said biometric data collected; third program instructions to cryptographically bind said biometric reference template to said privacy policy; and fourth program instructions to transmit, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party, and wherein said first, second, third and fourth program instructions are recorded on said computer readable storage medium. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A process for deploying computing infrastructure comprising integrating computer-readable code into a computing system, wherein said code in combination with said computing system is capable of performing a process for controlling dissemination and use of biometric data, said process comprising:
-
collecting said biometric data; creating said biometric reference template from said biometric data collected; assigning in a first attribute a first identifier for uniquely identifying said biometric reference template created for a type of biometric data collected; defining in a second attribute a second identifier for uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party accessing biometric data in said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling proper use and handling of said biometric data; cryptographically bind said biometric reference template to said privacy policy; and transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party. - View Dependent Claims (22, 23, 24, 25)
-
Specification