System and method of fast biometric database searching using digital certificates
First Claim
1. A system for biometric database searching for identification of a person at a computing platform comprising:
- a database having a plurality of stored biometric images, said database being separated into a plurality of partitions;
a plurality of computing platforms coupled to said database;
a digital certificate attached to each of said plurality of computing platforms and stored in said database to point to an associated one of said partitions;
a biometric imager disposed at each of said plurality of computing platforms for obtaining a biometric image of said person; and
a template comprising said digital certificate and said obtained biometric image, wherein an authentication of said computing platform and an identification of said person is based on a said template.
11 Assignments
0 Petitions
Accused Products
Abstract
A system and method for conducting fast biometric database searches using iris recognition and digital certificates. Authentication of a computing platform is provided based on a digital certificates attached thereto. Fast database searching and identification of a person at the computing platform are provided based on the digital certificate which is used to point to a database partition having stored biometric images and an obtained biometric image, such as an iris template, which is compared to the stored biometric images in order to identify the person. Access to the database containing stored biometric images may be granted based on the results of the digital certificate authentication process. The use of digital certificates narrows the database search to only those individuals who have authorized access to a particular computing platform by using the digital certificates. The inclusion of the iris template allows for the reliable identification of an individual at the computing platform using digital certificates both as the secure transport method and as the means to ensure the privacy of the individual and their iris template. A level of access and other entitlements to use the computing platform may also be granted to the person based on the results of the identification process.
221 Citations
36 Claims
-
1. A system for biometric database searching for identification of a person at a computing platform comprising:
-
a database having a plurality of stored biometric images, said database being separated into a plurality of partitions;
a plurality of computing platforms coupled to said database;
a digital certificate attached to each of said plurality of computing platforms and stored in said database to point to an associated one of said partitions;
a biometric imager disposed at each of said plurality of computing platforms for obtaining a biometric image of said person; and
a template comprising said digital certificate and said obtained biometric image, wherein an authentication of said computing platform and an identification of said person is based on a said template. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
an input device;
a memory for storing said digital certificate;
a processor coupled to said imager and said memory for forming a template containing information regarding said digital certificate and said biometric image; and
an output device adapted for transmitting said biometric template from said computing platform to said network.
-
-
18. The system of claim 17 wherein said processor further comprises one or more of private and public keys for encrypting said biometric template and said digital certificate template for security of transmission.
-
19. The system of claim 1 wherein said imager for obtaining a biometric image obtains an image of an iris of an eye, said imager comprising:
-
an iris acquisition device having a front surface;
a lens having an image plane disposed in front of said front surface of said iris acquisition device;
a mirror disposed on a side of said lens opposite said iris acquisition device; and
an illuminator disposed along a side of said mirror.
-
-
20. The system of claim 19 wherein said iris acquisition device comprises a camera, and said mirror is a cold mirror.
-
21. The system of claim 1 wherein said system is automatically and dynamically reconfigurable.
-
22. The system of claim 1 wherein said system is scalable to allow computing platforms to be added or removed and database partitions to be created or terminated.
-
23. A system for identification of a person at a remote computing platform and for authorizing said person a level of access to use said computing platform comprising:
-
a plurality of computing platforms, each computing platform comprising;
an input device for receiving input from said person;
a biometric imaging device for obtaining a biometric image of said person;
a display device for displaying one or more of said person input and said obtained biometric image;
a processor for forming a template containing information regarding said computing platform and said obtained biometric image;
a first communications device adapted for transmitting said template from said computing platform;
a digital certificate attached to each of said computing platforms;
a certifying authority coupled to each of said plurality of computing platforms, said certifying authority comprising;
a second communications device capable of communicating with said first communications device of each of said computing platforms;
a database having a plurality of stored biometric templates and being separated into a plurality of partitions, each partition being keyed to one of said digital certificates attached to each of said plurality of computing platforms;
a second processor for authenticating said computing platform based on said digital certificate and for comparing said obtained biometric image to said plurality of said stored biometric images within said database partition designated by said certificate to identify said person; and
a feedback mechanism coupled between said certifying authority and said computing platform for authorizing a level of access to said person to use said computing platform. - View Dependent Claims (24, 25, 26)
an iris acquisition device having a front surface;
a lens having an image plane disposed in front of said front surface of said iris acquisition device;
a mirror disposed on a side of said lens opposite said iris acquisition device; and
an illuminator disposed along a side of said mirror.
-
-
25. The system of claim 23, further comprising:
-
a first memory for storing at least one template comprising at least one image of an iris of at least one person'"'"'s eye and at least one digital certificate;
a second memory for storing a template of an iris image previously obtained by said iris acquisition device and for storing a template of said digital certificates attached to said computing platforms; and
a comparator for comparing said template of said digital certificate of said second memory with said at least one stored digital certificate template of said first memory to authenticate said computing platform and for comparing said biometric template of said iris image of said second memory with said at least one stored biometric template of said first memory to identify said person.
-
-
26. The system according to claim 25, wherein said comparator comprises a processor responsive to an output of said computing platform for comparing said template of said digital certificate and said template of said iris image of said second memory with said stored templates of said first memory.
-
27. In a system involving a transaction between a computing platform and a certifying authority having a central database, a computer-readable media being provided at one of said computing platform and said controlling authority having computer-executable instructions for performing the following steps:
-
assigning a digital certificate from said certifying authority, said digital certificate containing information pertaining to said computing platform, and said digital certificate being keyed to a partition in said database;
attaching said assigned digital certificate to said computing platform;
obtaining a biometric image of a user at said computing platform;
processing said attached digital certificate and said obtained biometric image to form a template, said template containing information relating to said digital certificate and said obtained biometric image;
transmitting said template from said computing platform to said certifying authority;
authenticating said computing platform by comparing said digital certificate to a plurality of stored digital certificates stored in said database;
accessing said database based on said step of authenticating;
searching a partition established within said database keyed to said digital certificate;
identifying said user by comparing said obtained biometric image to a plurality of stored biometric images stored in said partition of said database; and
authorizing said user to use said computing platform based on said step of identifying.
-
-
28. A method of biometric database searching for identification of a person at a computing platform, said method comprising:
-
attaching a digital certificate to each of a plurality of computing platforms;
storing a copy of said attached digital certificates with a certifying authority and identity server initiating a transaction by said person at one of said plurality of computing platforms;
obtaining an image of a biometric trait of said person;
processing said obtained image and said digital certificate to form a template;
communicating said template to a certifying authority and identity server;
providing a database containing a plurality of stored images of persons authorized to use said computing platform and said stored digital certificates;
segregating said database into a plurality of partitions keyed to said digital certificates;
comparing said communicated digital certificate to said stored digital certificates;
authenticating said computing platform based on said comparison of said digital certificates;
searching one or more partitions based on said partitions pointed to by said communicated digital certificate contained in said template;
comparing said obtained biometric image of said template to said stored biometric images in said partition; and
identifying said person based on said comparison of said biometric images. - View Dependent Claims (29, 30, 31, 32, 33)
(a) illuminating an iris of said person;
(b) forming an approximately centered image of said iris at an image plane of a camera;
(c) storing said image in a memory;
(d) determining if said image is an image of sufficient quality; and
(e) repeating steps (a) through (d) until said image of sufficient quality is obtained.
-
-
32. The method according to claim 28, wherein said communicating said template further comprises transmitting said template via a transmitter/receiver device at said computing platform over one of a wired and wireless connection, and receiving said template via a transmitter/receiver device at said certifying authority.
-
33. The method according to claim 28, wherein said authorizing further comprises communicating said authorization between said certifying authority and said computing platform using said transmitter/receiver device at said certifying authority, one of said wired and wireless connection, and said transmitter/receiver device at said computing platform.
-
34. A method of biometric database searching for authentication of an identity of a person to use one or more of a plurality of computing platforms, said method comprising:
-
(a) storing image information of an iris of at least one person'"'"'s eye in a database that is separated into a plurality of partitions keyed to a digital certificate assigned to each of said plurality of computing platforms;
(b) illuminating an eye of an unidentified person having an iris;
(c) obtaining an image of said iris of said unidentified person;
(d) storing said image in a memory;
(e) determining if said image is an image of sufficient quality for a step (h) of comparing;
(f) repeating steps (b) through (e) until said image of sufficient quality is obtained;
(g) transmitting a template having said digital certificate and said iris image to a certifying authority and identity server;
(h) authenticating said computing platform based on said digital certificate portion of said template;
(i) accessing a partition of said database pointed to by said digital certificate;
(h) comparing said obtained image portion of said template with said stored image information to identify said unidentified person; and
(i) identifying said person based on said step of comparing. - View Dependent Claims (35, 36)
-
Specification