Web-based biometric authentication system and method

US 5,930,804 A
Filed: 06/09/1997
Issued: 07/27/1999
Est. Priority Date: 06/09/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for Web-based, biometric authentication of individuals who are using a Web Client station, the individuals seeking access of a Web server station, the method comprising the steps of:

establishing parameters associated with selected biometric characteristics to be used in authentication;

acquiring, at the Web client station, biometric data from an individual in accordance with the parameters;

receiving, at an authentication center, a message that includes live data comprising the acquired biometric data from the individual seeking access of the Web server station;

selecting, at the authentication center, one or more records from among records associated with one or more enrolled individuals;

comparing the live data with selected records, the comparison determining whether the so-compared live data sufficiently matches the selected records as to authenticate the individual seeking access;

recording selected details of the received message and the results of the comparing step so as to create a biometric audit trail; and

when an individual fails authentication, using selected details of the received message, and comparing said selected details with a plurality of records, the comparison determining whether the so-compared selected details sufficiently match any one or more of the so-compared records, so as to identify the individual seeking unauthorized access of the Web server station.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Web-based authentication system and method, the system comprising at least one Web client station, at least one Web server station and an authentication center. The Web client station is linked to a Web cloud, and provides selected biometric data of an individual who is using the Web client station. The Web server station is also linked to the Web cloud. The authentication center is linked to at least one of the Web client and Web server stations so as to receive the biometric data. The authentication center, having records of one or more enrolled individuals, provides for comparison of the provided data with selected records. The method comprises the steps of (i) establishing parameters associated with selected biometric characteristics to be used in authentication; (ii) acquiring, at the Web client station, biometric data in accordance with the parameters; (iii) receiving, at an authentication center, a message that includes biometric data; (iv) selecting, at the authentication center, one or more records from among records associated with one or more enrolled individuals; and (v) comparing the received data with selected records. The comparisons of the system and method are to determine whether the so-compared live data sufficiently matches the selected records so as to authenticate the individual seeking access of the Web server station, which access is typically to information, services and other resources provided by one or more application servers associated with the Web server station.

Citations

14 Claims

1. A method for Web-based, biometric authentication of individuals who are using a Web Client station, the individuals seeking access of a Web server station, the method comprising the steps of:
- establishing parameters associated with selected biometric characteristics to be used in authentication;
  
  acquiring, at the Web client station, biometric data from an individual in accordance with the parameters;
  
  receiving, at an authentication center, a message that includes live data comprising the acquired biometric data from the individual seeking access of the Web server station;
  
  selecting, at the authentication center, one or more records from among records associated with one or more enrolled individuals;
  
  comparing the live data with selected records, the comparison determining whether the so-compared live data sufficiently matches the selected records as to authenticate the individual seeking access;
  
  recording selected details of the received message and the results of the comparing step so as to create a biometric audit trail; and
  
  when an individual fails authentication, using selected details of the received message, and comparing said selected details with a plurality of records, the comparison determining whether the so-compared selected details sufficiently match any one or more of the so-compared records, so as to identify the individual seeking unauthorized access of the Web server station.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method as claimed in claim 1, wherein said step of comparing said selected details with a plurality of records where an individual fails authentication comprises using, as the plurality of records, biometric data records of said authentication center and also biometric data records of at least one additional authentication center.
  - 3. A method as claimed in claim 1, wherein said live data includes a voice print and the selected records include voice print data.
  - 4. A method as claimed in claim 1, further comprising the steps of:
    - providing, at the Web client station, a claimed identity associated with the individual;
      
      receiving, at the authentication center, a message that includes the claimed identity;
      
      determining the acceptability of the message based on the claimed identity;
      
      if the message is acceptable, providing, at the authentication center, selected records that agree with the claimed identity; and
      
      comparing the received data with the so-provided, selected records.
  - 5. A method as claimed in claim 1, further comprising the step of providing, from the authentication center, a response respecting the result of the comparing step, this providing step comprising the steps of:
    - (A) preparing the response, which step includes one or more of the following steps;
      
      (i) preparing a digital certificate;
      
      (ii) preparing a page having electronic links to accessible pages associated with one or more application servers;
      
      (iii) preparing an appropriate entry in a biometric database; and
      
      (iv) preparing a secure protocol message; and
      
      (B) effecting the response, which step includes one or more of the following steps;
      
      (i) downloading the response to the Web server station;
      
      (ii) routing the response to the Web server station via the Web client station;
      
      (iii) making an appropriate entry in a selected biometric;
      
      (iv) downloading the response to the Web client station; and
      
      (v) routing the response to the Web client station via the Web server station.
  - 6. A method as claimed in claim 5, wherein the step of preparing a page having electronic links comprises including or activating only those electronic links that are appropriate to the confidence level attained in the comparing step.
  - 7. A method as claimed in claim 1, further comprising the step of establishing secure communication channels in and among the Web client station, the Web server station and the authentication station.
  - 8. A method as claimed in claim 7, wherein the step of establishing secure communication channels comprises:
    - (A) employing a Web client at the Web client station and a Web server at the Web server station, the Web client and the Web server providing for establishing a secure communication channel between the Web client station and the Web server station; and
      
      (B) employing an interface mechanism at the Web client station and an authorization server at the authentication center, the interface mechanism and the authorization server providing for establishing a secure communication channel between the Web client station and the authentication center.
  - 9. A method as claimed in claim 1, wherein:
    - the acquiring step comprises plural acquisitions, said plural acquisitions relating to one or more biometric characteristics; and
      
      the establishing parameters step further comprises at least one of the following steps;
      
      (i) selecting a confidence level from among supported confidence levels, said supported confidence levels being categorized in relation to authentication based on using biometric data associated with single biometric characteristics and with combinations of biometric characteristics; and
      
      (ii) selecting a trigger event, said trigger event causing the acquisition of biometric data.
  - 10. A method as claimed in claim 9, wherein the step of selecting a trigger event comprises selected a time interval for repeating the authentication steps.
  - 11. A method as claimed in claim 1, wherein the step of establishing parameters comprises one or more communications by and among the Web server station, the Web client station and the authentication center.
  - 12. A method as claimed in claim 11, wherein the step of establishing parameters further comprises the step of choosing among negotiable parameters by using predetermined arbitration algorithms.
  - 13. A method as claimed in claim 11, wherein the step of establishing parameters further comprises downloading a page from the Web server station to the Web client station responsive to the Web client station requesting access of the Web server station, the page including parameters.
  - 14. A method as claimed in claim 1, further comprising the step of determining an authentication center from among plural authentication centers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Original Assignee
Philips Electronics North America Corporation (Koninklijke Philips N.V.)
Inventors
Wong, Stephen, Hoffberg, Mark B., Yu, Yuan-Pin
Primary Examiner(s)
Lintz, Paul R.
Assistant Examiner(s)
MILLS, JOHN G

Application Number

US08/871,035
Time in Patent Office

778 Days
Field of Search

707/1-205
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/33   using certificates

G06F 2211/007   Encryption, En-/decode, En-...

G06Q 20/4014   Identity check for transact...

G07C 9/37   using biometric data, e.g. ...

H04L 63/0861   using biometrical features,...

Y10S 707/99931   Database or file accessing

Y10S 707/99933   Query processing, i.e. sear...

Y10S 707/99945   Object-oriented database st...

Y10S 707/99948   Application of database or ...

Web-based biometric authentication system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Web-based biometric authentication system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links