Tokenless security system for authorizing access to a secured computer system
DCFirst Claim
1. A tokenless security system partially to fully operationally integrated with and dedicated to a computer system for preventing unauthorized access of said designated computer system by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics that are specific to the user, said security system comprising:
- a) means for gathering and recording a biometric sample taken directly and physically from an unknown user, said means otherwise operationally isolated and distinct from said computer system;
b) means interconnecting said gathering means and said computer system for transmitting the gathered biometric sample to said secured computer system;
c) means integral with said computer system for receiving, storing, retrieving and identifying the gathered biometric sample;
d) means integral with said computer system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from each authorized user of said computer system, access to and manipulation of the authenticated biometric samples limited to systems functions necessary for operation of said security system and to specific users charged with updating and maintaining the authenticated biometric samples;
e) means integral with said computer system for comparing the biometric sample of the unknown user with an authenticated biometric sample obtained from other authorized user, and for generating a correlation factor of a first type from each comparison;
f) means for evaluating each correlation factor generated by said comparing means in order to determine whether the unknown user is one of said authorized users; and
g) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced.
18 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A tokenless security system and method for preventing unauthorized access to one or more secured computer systems is shown. The security system and method are principally based on a correlative comparison of a unique biometric sample, such as a finger print or voice recording, gathered directly from the person of an unknown user with an authenticated unique biometric sample of the same type obtained from each authorized user. The security system and method may be integrated with and dedicated to a single computer system, or may be configured as a non-dedicated, stand-alone entity capable of and intended to perform security functions simultaneously for more than one computer system. Further, the stand alone configuration can be networked to act as a full or partial intermediary between a secured computer system and its authorized users, or may be interactive solely with and act as a consultant to the computer systems. The security system and method further contemplate the use of personal codes to confirm identifications determined from biometric comparisons, and the use of one or more variants in the personal identification code for alerting authorities in the event of coerced access.
669 Citations
113 Claims
-
1. A tokenless security system partially to fully operationally integrated with and dedicated to a computer system for preventing unauthorized access of said designated computer system by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics that are specific to the user, said security system comprising:
-
a) means for gathering and recording a biometric sample taken directly and physically from an unknown user, said means otherwise operationally isolated and distinct from said computer system; b) means interconnecting said gathering means and said computer system for transmitting the gathered biometric sample to said secured computer system; c) means integral with said computer system for receiving, storing, retrieving and identifying the gathered biometric sample; d) means integral with said computer system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from each authorized user of said computer system, access to and manipulation of the authenticated biometric samples limited to systems functions necessary for operation of said security system and to specific users charged with updating and maintaining the authenticated biometric samples; e) means integral with said computer system for comparing the biometric sample of the unknown user with an authenticated biometric sample obtained from other authorized user, and for generating a correlation factor of a first type from each comparison; f) means for evaluating each correlation factor generated by said comparing means in order to determine whether the unknown user is one of said authorized users; and g) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A tokenless method for preventing unauthorized access to a secured computer system by identifying an unknown user from an examination of unique biometric characteristics personal to the user, said method comprising the steps of:
-
a) gathering and recording a biometric sample and personal identification code from the unknown user by sensor means that are otherwise operatively connected to said secured computer system;
wherein a personal identification code is selected by authorized users and each personal identification code comprises a standard variant for entry when an access attempt is voluntary and one or more emergency variants, any one of which is entered to indicate that the authorized user'"'"'s access attempt is involuntarily coerced;b) transmitting the biometric sample and personal identification code to said computer system; wherein an authorized user can use an emergency variant rather than the standard variant to generate a signal undetectable to a coercive party, said signal to be transmitted to designated authorities that the authorized user'"'"'s access attempt is being coerced or otherwise involuntary; c) comparing the biometric sample gathered from the unknown user with an authenticated biometric sample of other authorized users stored within said secured computer system and generating a correlation factor of a first type for each comparison performed; d) analyzing each of the first type correlation factors so generated to determine whether the individual is an authorized user of the system; and e) confirming the determination of the unknown user'"'"'s identity by matching the personal identification code entered by the unknown user with the personal identification code selected by the specific authorized user. - View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A tokenless, stand alone security system operationally independent but interconnected to and preventing unauthorized access of one or more computer systems by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics personal to the unknown user, said security system further interconnecting said one or more computer systems to authorized users thereof, mediating at least some aspects of interactions between each of said one or more computer systems and the authorized users thereof, said system comprising:
-
a) means for gathering and recording a biometric sample from the unknown user'"'"'s person, said gathering means distinct and otherwise operationally isolated from said security system; b) means for transmitting the gathered biometric sample of the unknown individual to said security system; c) means integral with said security system for receiving, storing, retrieving and identifying the gathered biometric sample of the unknown individual; d) means integral with said security system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from and specific to each authorized user of said one or more secured computer systems; e) means integral with said security system for comparing the gathered biometric sample of the individual with an authenticated biometric sample derived from other authorized users of said one or more secured computer systems and for generating from each comparison a correlation factor of a first type; f) means for evaluating each first type correlation factor generated by said comparison means to determine whether the individual is an authorized user; and g) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user is assigned a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72)
-
-
73. A tokenless, stand alone security system operationally independent of but interconnected to and preventing unauthorized access of one or more computer systems by determining an unknown user'"'"'s identity from an examination of unique biometric characteristics personal to the unknown user, said security system limited in operative interaction to said one or more computer systems and isolated from authorized users of said one or more computer systems, said system comprising:
-
a) means for gathering and recording a biometric sample from the unknown user'"'"'s person, said gathering means distinct and otherwise operationally isolated from said one or more computer systems; b) means for transmitting the gathered biometric sample of the unknown user to one of said one or more computer systems; c) means integral with said computer system for receiving the gathered biometric sample and forwarding it to said security system; d) means integral with said security system for receiving, storing, retrieving and identifying the gathered biometric sample of the unknown individual; e) means integral with said security system for receiving, storing, retrieving and identifying an authenticated biometric sample obtained from and specific to each authorized user of said one or more secured computer systems; f) means integral with said security system for comparing the gathered biometric sample of the individual with an authenticated biometric sample derived from other authorized users of said one or more secured computer systems and for generating from each comparison a correlation factor of a first type; g) means for evaluating each first type correlation factor generated by said comparison means to determine whether the individual is an authorized user; and h) means for use by an authorized user, unapparent to a coercive third party, for notifying designated authorities that the authorized user'"'"'s access attempt is being coerced, wherein the authorized user selects a variable personal code comprising at least two variants, a standard variant which the authorized user enters when the access attempt is voluntary, and one or more alternative variants, any one of which is entered by the authorized user when an access attempt is being coerced. - View Dependent Claims (74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102)
-
-
103. A tokenless security method incorporated in a security system for preventing unauthorized access to one or more computer systems by identifying an unknown user from an examination of unique biometric characteristics personal to the user, said method comprising the steps of:
-
a) gathering and recording a biometric sample and personal identification code from the person of the unknown user at a site operationally isolated from said computer system;
wherein a personal identification code is selected by authorized users and each personal identification code comprises a standard variant for entry when an access attempt is voluntary and one or more emergency variants, any one of which is entered to indicate that the authorized user'"'"'s access attempt is involuntarily coerced;b) transmitting the gathered biometric sample and personal identification code to said computer system;
wherein an authorized user can use an emergency variant of the personal identification code to generate an emergency signal undetectable to a coercive party, said signal to be transmitted to designated authorities that the authorized user'"'"'s access attempt is being coerced or otherwise involuntary;c) receiving the gathered biometric sample at said computer system and forwarding the gathered biometric sample to said security system; d) receiving the gathered biometric sample at said security system and thereafter comparing the gathered biometric sample with an authenticated biometric sample derived from other authorized users of said computer system and generating a correlation factor of a first type from each comparison; e) evaluating each first type correlation factor so generated to determine whether the unknown user is one of the authorized users of said computer system; and f) confirming the determination of the unknown user'"'"'s identity by matching the personal identification code entered by unknown user with the personal code assigned to the specific authorized user. - View Dependent Claims (104, 105, 106, 107, 108, 109, 110, 111, 112, 113)
-
Specification