Access Control System using Stimulus Evoked Cognitive Response

US 20140020089A1
Filed: 07/12/2013
Published: 01/16/2014
Est. Priority Date: 07/13/2012
Status: Abandoned Application

First Claim

Patent Images

1. A system and method for authenticating an individual using stimulus evoked cognitive response and real time calculation of an authentication confidence level, to control access to information, systems, devices, vehicles, and/or data, comprising:

a. Methodologies for acquiring, generating and presenting stimulus, collecting and processing electroencephalogram (EEG) data, extracting the P3 Event Related Potential (ERP) signal of interest, statistically analyzing the processed and cleaned P3 ERPs, and calculating a real time authentication confidence levelb. A method for presenting stimuli to a user in a manner that elicits a measurable cognitive response in the form of a P3 ERPc. A method for eliciting P3 ERPs from users by presenting stimuli with a small percentage of the stimuli associated with the users target stimulus.d. A method for differentiating between infrequent target stimuli known only to the user and random more prevalent non-target stimuli such that comparison of target and non-target responses can be used to authenticate the usere. A Stimulus management function that includes collects, metadata tags, categorizes and stores stimuli, provides a menu for user selection of stimuli, a stimulus filing system with user-specific target and non-target files for each user, and a stimulus presentation algorithm that presents target and non-target stimuli to the user while simultaneously sending stimulus identifiers and precise stimulus presentation timing to the EEG processing unitf. An apparatus to collect real time EEG analog data, convert it to digital data and transmit that data wirelessly to the EEG collection and processing unit, and optionally provide present audio stimulus to a userg. An EEG Collection and Processing function that receives all sensor data, including mastoid references and eye blink sensor data from the stimulus presentation function and converts the raw EEG data into cleaned P3 ERPs associated with each stimulus presented for subsequent statistical analysish. A Statistical Analysis Algorithm that constructs confidence intervals using a normal distribution, such as Student'"'"'s t distribution, for the averaged target and non-target data sets to find the highest confidence level within which the target and non-target confidence intervals do not overlap.i. An Access Control Unit that allows or denies access to the user in real time based on the ongoing calculation of confidence levels

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The ACSSECR invention is a biometric access control system and methodology that measures cognitive, psychophysiological responses to stimuli to confirm the identity of an individual. As an alternative to “Logging in” with a user ID and password, this cognitive biometric authentication system is used for “Cogging in” to a system with user ID and user-selected “Cogkey”. ACSSECR is designed for strict access control scenarios where significant authentication confidence is required to gain access to controlled information, facilities, systems, vehicles, or devices. The system takes advantage of a behavioral and physiological characteristic of humans that is an unconscious response to a stimulus. The Event Related Potential (ERP) response (specifically the P3 ERP) involuntarily occurs when an individual perceives and reacts to an unexpected, task-relevant event. The task is for the user to recognize their Cogkey which is presented infrequently amidst more frequent non-target stimuli. There is no requirement for extensive enrollment by users, only the recognition of their Cogkey. The basic system does not store biometric data for comparison, but rather measures the user'"'"'s Cogkey recognition responses in comparison to non-Cogkey stimulus responses. An individual can have multiple personas with different Cog keys.

Citations

19 Claims

1. A system and method for authenticating an individual using stimulus evoked cognitive response and real time calculation of an authentication confidence level, to control access to information, systems, devices, vehicles, and/or data, comprising:
- a. Methodologies for acquiring, generating and presenting stimulus, collecting and processing electroencephalogram (EEG) data, extracting the P3 Event Related Potential (ERP) signal of interest, statistically analyzing the processed and cleaned P3 ERPs, and calculating a real time authentication confidence levelb. A method for presenting stimuli to a user in a manner that elicits a measurable cognitive response in the form of a P3 ERPc. A method for eliciting P3 ERPs from users by presenting stimuli with a small percentage of the stimuli associated with the users target stimulus.d. A method for differentiating between infrequent target stimuli known only to the user and random more prevalent non-target stimuli such that comparison of target and non-target responses can be used to authenticate the usere. A Stimulus management function that includes collects, metadata tags, categorizes and stores stimuli, provides a menu for user selection of stimuli, a stimulus filing system with user-specific target and non-target files for each user, and a stimulus presentation algorithm that presents target and non-target stimuli to the user while simultaneously sending stimulus identifiers and precise stimulus presentation timing to the EEG processing unitf. An apparatus to collect real time EEG analog data, convert it to digital data and transmit that data wirelessly to the EEG collection and processing unit, and optionally provide present audio stimulus to a userg. An EEG Collection and Processing function that receives all sensor data, including mastoid references and eye blink sensor data from the stimulus presentation function and converts the raw EEG data into cleaned P3 ERPs associated with each stimulus presented for subsequent statistical analysish. A Statistical Analysis Algorithm that constructs confidence intervals using a normal distribution, such as Student'"'"'s t distribution, for the averaged target and non-target data sets to find the highest confidence level within which the target and non-target confidence intervals do not overlap.i. An Access Control Unit that allows or denies access to the user in real time based on the ongoing calculation of confidence levels
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. An apparatus according to claim 1 that embeds in a cap, one or more non-contact or dry internally amplified EEG sensors positioned along the center of the scalp, internally amplified mastoid reference sensors positioned behind the ears, one or more internally amplified eye blink sensors positioned on the scalp close to the forehead, a chin strap to tighten the unit thereby bringing the sensors as close to the scalp as possible, a battery pack to power the electronics, an IR or Bluetooth wireless transmitter/receiver, an Analog to Digital converter tied to each sensor, a multiplexor to put the real time sensor EEG data on the wireless carrier to transmit wirelessly to the EEG collection and processing unit, optional headphones and an optional digital to analog converter to convert digital audio to sound.
  - 3. A method of claim 1 to manage stimulus that includes an internet search agent for collecting stimuli, a stimulus database for storing collected stimuli, an automated metadata tagging algorithm to tag the collected stimuli, a stimulus storage control function for categorizing stimuli based on metadata tags, a menu-driven stimulus selection algorithm through which users selects stimulus categories and a target stimulus, a stimulus filing system with target and non-target stimulus files for each user, and a stimulus presentation algorithm that presents target and non-target stimuli to the user with defined percentages of each while simultaneously sending stimulus identifiers and precise stimulus presentation timing to the EEG processing unit for correlation with collected user stimulus responses
  - 4. The method of claim 3 whereby the stimulus management function collects, processes, stores and presents audio, visual, olfactory and/or tactile stimuli that may include, but not be limited to images of objects, scenes, faces, animals, colors, signs, patterns, numbers, equations, abstract images, drawings, geometric shapes, physical properties (e.g., liquid, solid, gas), still images from movies, sounds, voices, spoken words, environmental noises, computer generated sounds, music, audio clips, olfactory stimuli, tactile stimuli or a mixture of any of these.
  - 5. The method of claim 3 whereby the system has a stimulus presentation unit that includes:
    - a. A target stimulus file associated with the user ID that contains the user'"'"'s target stimulus, multiple target stimuli or embedded target stimulib. An automatically generated non-target stimulus file, based on the user-selected target and stimulus database metadata, containing random non-target stimuli similar in type to the selected target stimulus (e.g. image, sound, etc.)c. An optional user file containing a record of previous user authentication session result timing to set an initial stimulus duration and ISI optimized for the user.
  - 6. A method of claim 1 whereby the system elicits ERPs with no user training, no user enrollment, and no storage of user biometric data
  - 7. The method of claim 1 whereby all system components, including administrative functions, the stimulus database, user files, stimulus presentation, EEG processing, statistical analysis and user access control, is contained on a single processing platform which may be any one of a variety of different hardware devices, such as a smart phone, tablet, desktop or laptop computer, or embedded processor in a vehicle dashboard or at the entry to a facility or secure office space
  - 8. The method of claim 1 whereby the system provides an administrative management function used by the system administrator to optimize authentication processing, and meet organizational or operational requirements, allowing menu selection of system parameters including:
    - a. Either a single or multiple (up to a dozen) related target stimulib. Static or dynamic stimulus presentation ratesc. Initial Stimulus durationd. Initial Inter-stimulus interval (ISI)e. Target percentagef. Number of non-target stimulig. Required confidence level (CL) for authentication completeh. Number of stimuli or amount of time at which if required CL is not reached, either deny access or authentication restartsi. Absolute CL value to allow access or rate at which the user'"'"'s CL is improving to allow accessj. For authentication based on rate of CL improvement, select minimum number of target stimuli responses needed to allow access
  - 9. The method of claim 1 whereby a simple pre-determined system generated and user known stimulus is used as the system-provided initial target “
    - that must be changed”
      
      by the user after initial system access.
  - 10. The method of claim 1 where by the system calculates the amplitude of a subject'"'"'s averaged ERP response to the target stimuli and statistically compares it to responses to non-target stimuli.
  - 11. The method of claim 1 whereby the system rapidly presents stimuli (very short stimulus durations and inter-stimulus intervals) at a rate approaching the limit of human cognition to quickly authenticate users by using narrow waveform analysis windows around the target response peak latency to extract useable P3 ERP data despite potential cognitive response overlap
  - 12. The method of claim 10 whereby the system rapidly presents a minimal number of stimuli to authenticate individuals in a short time for most individuals, and for difficult to authenticate individuals, allows automatic re-testing with slower stimulus presentation (longer stimulus duration and inter-stimulus intervals), more stimuli or longer authentication duration to meet the system required confidence level
  - 13. The method of claim 1 whereby the system presents target stimuli used as a “
    - key”
      
      to elicit an involuntary cognitive response such that;
      
      a. Targets are only known by the user and the access control systemb. Involuntarily cognitive response are elicited from user upon recognizing targets and either no response or a reduced amplitude response to non-targets stimuli.c. Use of multiple related targets can be used with minimal degradation to recognition response amplitude.d. Target stimulus concealment (protection from social engineering, shoulder surfing) by embedding target stimuli in a larger, complex surrounding stimulus (image within image, sound within sound, etc.)e. User may have multiple personas each with its own target stimulus or stimuli
  - 14. The method of claim 1 whereby the system processes raw EEG data by referencing sensor data to the average of the mastoid sensor data, low pass and high pass filters the data to retain only EEG data within range of P3 ERP signals of interest, separates target and non-target stimulus responses, bounds the responses to −
    - 200 msec before and +800 msec after the stimulus, baseline corrects the post stimulus data to the average of the pre-stimulus data, identifies artifacts such as eye blink and rejects those artifacts, and averages separately the target and non-target data for each sensor.
  - 15. The method of claim 1 whereby the system sorts the averaged target and non-target data for each sensor, to identify the peak target sensor which will have collected the highest amplitude P3 ERP target response, and each epoch (all target and non-target responses recorded by the peak sensor) is used to calculate the confidence level whereby:
    - a. The selected peak sensor is compared to the same sensor for the non-target data.b. After the epoch file is extracted, a peak detection algorithm detects the peak of each epoch to create the target sensor marker reportc. The non-target marker report is also generated using the same sensor that was identified as the peak target sensor.d. Once the target and non-target sensor amplitude reports are generated, any values >
      
      50 μ
      
      V or <
      
      −
      
      50 μ
      
      V are thrown out since they are outside the range of P3 ERPse. The mean and standard deviation of the peak measurements are calculatedf. A normal distribution, such as Student'"'"'s t distribution, is used, and starting with the highest confidence level (99.99%) the confidence interval (CI) is generated to determine if the target and non-target confidence intervals (CL) overlap.g. If there is CI overlap, the CL is recursively decremented until the target and non-target confidence intervals do not overlap, at which point authentication is complete and access is allowedh. If the and non-target CIs continue to overlap when the CL is down to the system defined lowest permissible CL (e.g. 80%), authentication failed, access denied
  - 16. The method of claim 2 whereby the system measures eye blink using one or more sensors embedded in the cap, located on the scalp near the center of the forehead as an alternative to typical EEG eye blink sensors that are more intrusively placed around the subject'"'"'s eye.
  - 17. The method according to claim 1 whereby the system dynamically authenticates users after allowing initial access, by intermittently presents either a target or non-target stimuli, and measuring their response throughout the time that the user has access to the system, device, or information
  - 18. The method according to claim 1 whereby the system uses multiple statistical processing methods to rapidly calculate authentication confidence levels including but not limited to:
    - a. The Primary Peak Sensor Method that identifies the sensor with the peak average target response and uses that single sensor to compare target and non-target responsesb. The Multi-Sensor method that averages data from multiple sensors to improve the SNRc. The Peak Detection Interval Reduction which is similar to method (a), but narrows the peak detection interval (+/−
      
      25 msec) to eliminate non-cognitive ERPs and non-relevant artifacts in the non-target responses. This method narrows the peak detection window with little impact on the average target amplitude, but substantial decreases in average non-target amplitude. This method is used to improve separation of target and non-target confidence intervals. This method provides better results for smaller number of trials and faster authentication.
  - 19. The method of claim 15 whereby the statistical comparison is an authentication confidence level that shows the degree to which the user cognitively recognizes his or her chosen target that is continually calculated and revised in real time, and for authorized users, improves as more stimuli are presented, and either deteriorates or remains constant for an illegitimate user trying to illegally gain access.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ii, Remo Peter Perini
Original Assignee
Ii, Remo Peter Perini
Inventors
Perini, Remo Peter II

Application Number

US13/940,775
Publication Number

US 20140020089A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

A61B 5/117   Identification of persons m...

A61B 5/377   using evoked responses

G06F 21/32   using biometric data, e.g. ...

G07C 9/37   using biometric data, e.g. ...

Access Control System using Stimulus Evoked Cognitive Response

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Access Control System using Stimulus Evoked Cognitive Response

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links