Method for biometric-based authentication in wireless communication for access control
First Claim
Patent Images
1. A method for biometric authentication based on communication between a portable electronic device and a security authenticator, said method comprising:
- presenting a challenge to said portable electronic device, wherein said portable electronic device, after reception of said challenge;
identifies a biometric template, measures a user'"'"'s biometric profile via a biometric measurer located within said portable electronic device, and identifies an authentication output via comparing said identified biometric template with said measured biometric profile;
receiving said authentication output, said authentication output comprising an authentication token and an authentication message, said authentication message being an authentication successful message if said compared biometrics are identical, else, said authentication message being an authentication failure message if said compared biometrics do not match, and wherein the validity of said authentication token is maintained in said portable electronic device for a predetermined period of time based on a threshold or criteria test, with said authentication token being terminated upon failure of threshold or criteria test.
1 Assignment
0 Petitions
Accused Products
Abstract
Smart cards systems that are utilized in biometric authentication are slow in processing and have the cards themselves have the added disadvantage of being misplaced or lost. Moreover, storing biometric data (on a database) over a network poses security issues that in extreme instances can be compromised. Significant security can be achieved if the biometric templates are stored locally in a portable device. A user can use the portable device to either transmit wirelessly the stored biometric for authentication purposes, or a user can locally measure a biometric using the portable device and match it against a biometric which is also stored locally (in the portable device).
653 Citations
29 Claims
-
1. A method for biometric authentication based on communication between a portable electronic device and a security authenticator, said method comprising:
-
presenting a challenge to said portable electronic device, wherein said portable electronic device, after reception of said challenge;
identifies a biometric template, measures a user'"'"'s biometric profile via a biometric measurer located within said portable electronic device, and identifies an authentication output via comparing said identified biometric template with said measured biometric profile;
receiving said authentication output, said authentication output comprising an authentication token and an authentication message, said authentication message being an authentication successful message if said compared biometrics are identical, else, said authentication message being an authentication failure message if said compared biometrics do not match, and wherein the validity of said authentication token is maintained in said portable electronic device for a predetermined period of time based on a threshold or criteria test, with said authentication token being terminated upon failure of threshold or criteria test. - View Dependent Claims (2, 3, 4, 5, 6, 7, 16)
-
-
8. A system for biometric authentication based on communication between a portable electronic device and a security authenticator, said portable electronic device comprising any of:
- simplex, duplex, or tokenized modes of communications, said system comprising;
a stimulus which requests a biometric template from said portable device;
a biometric-reader which wirelessly receives said requested biometric template from said portable device;
a biometric measurer which measures a user'"'"'s biometric profile via a biometric reader, wherein said biometric reader located within said security authenticator if said biometric authentication is based on said simplex connections, else said biometric reader located within said portable device if said biometric authentication is based on duplex or tokenized connection;
a biometric comparator which compares said wirelessly received biometric template with said measured biometric profile, an output-generator which generates an output based on said compared biometrics, wherein said output is an authentication token if said compared biometrics are identical and said biometric authentication is based on said duplex connection, else an authentication successful message if said compared biometrics are identical, and said biometric authentication is based on said simplex connection, else an authentication failure message if said compared biometrics do not match;
an authentication validator which maintains the validity of said authentication token for a predetermined period of time based on a threshold or criteria test; and
a token terminator which terminates said authentication token upon failure of threshold or criteria test. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- simplex, duplex, or tokenized modes of communications, said system comprising;
-
17. A method for biometric authentication based on duplex communication between a portable electronic device and a system, said method as implemented in said portable electronic device comprising:
-
receiving a challenge from said system;
retrieving a biometric template from said portable device;
measuring a user'"'"'s biometric profile via a biometric measurer located within said portable device;
comparing said retrieved biometric template with said measured biometric profile, and generating an output based on said compared biometrics, wherein said output is an authentication token and an authentication successful message if said compared biometrics are identical, said authentication successful message forwarded to said system issuing said challenge and said token stored locally in said portable electronic device, else an authentication failure message if said compared biometrics do not match. - View Dependent Claims (18, 19, 20, 21, 22, 23)
maintaining the validity of said authentication token for a predetermined period of time based on a threshold or criteria test, and terminating said authentication token upon failure of threshold or criteria test.
-
-
19. A method for biometric authentication based on duplex communication between a portable electronic device and a system, as per claim 17, wherein said portable electronic device comprises one of the following:
- personal digital assistant (PDA), badge, electronic wallet, wireless smartcard, or portable telephone.
-
20. A method for biometric authentication based on duplex communication between a portable electronic device and a system, as per claim 17, wherein said user'"'"'s biometric profile is a physiological profile.
-
21. A method for biometric authentication based on duplex communication between a portable electronic device and a system, as per claim 20, wherein said measured physiological biometric comprises any of the following:
- fingerprint pattern, retinal pattern, pattern of iris, facial pattern, or hand pattern.
-
22. A method for biometric authentication based on duplex communication between a portable electronic device and a system, as per claim 17, wherein said user'"'"'s biometric profile is a behavioral profile.
-
23. A method for biometric authentication based on duplex communication between a portable electronic device and a system, as per claim 22, wherein said measured behavioral biometric comprises of one of the following:
- signature pattern, voice pattern, or key stroke pattern.
-
24. A portable electronic device performing biometric authentication based on duplex communication with a system, said portable electronic device comprising:
-
a biometric measurer which measures a user'"'"'s biometric profile via a biometric reader located within said portable device;
a biometric comparator which compares said measured biometric profile with a biometric template which is stored within said portable device;
an output-generator which generates an output based on said compared biometrics, wherein said output is an authentication token and authentication successful message if said compared biometrics are identical said authentication successful message forwarded to said system and said token stored locally in said portable electronic device, else an authentication failure message if said compared biometrics do not match;
an authentication validator which maintains the validity of said authentication token for a predetermined period of time based on a threshold or criteria test, and a token terminator which terminates said authentication token upon failure of threshold or criteria test. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsBolle, Rudolf Maarten, Nunes, Sharon Louise, Pankanti, Sharathchandra, Ratha, Nalini Kanta, Smith, Barton Allen, Zimmerman, Thomas Guthrie
-
Primary Examiner(s)Horabik, Michael
-
Assistant Examiner(s)NGUYEN, NAM V
-
Application NumberUS09/689,598Time in Patent Office1,495 DaysField of Search340/5.52, 340/5.53, 340/5.54, 340/5.63, 340/5.82, 340/5-3-, 713/186, 713/202, 307/10.5, 307/10.2US Class Current340/5.52CPC Class CodesG05B 2219/24162 Biometric sensor, fingerpri...G06F 21/32 using biometric data, e.g. ...G06F 21/35 communicating wirelesslyG06Q 20/341 Active cards, i.e. cards in...G06Q 20/40145 Biometric identity checksG07C 9/257 electronically G07C9/26 tak...G07C 9/26 using a biometric sensor in...G07F 7/1008 Active credit-cards provide...H04L 63/0853 using an additional device,...H04L 63/0861 using biometrical features,...H04W 12/06 Authentication
