Biometrically enabled private secure information repository

US 7,519,558 B2
Filed: 09/17/2002
Issued: 04/14/2009
Est. Priority Date: 08/27/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A system to provide a centralized, secured and authenticated storage of information comprising:

a client subsystem to receive and send transactional data comprising;

a biometric processing client subsystem for capturing biometric data; and

a data capturing device to capture additional data;

a remote data management subsystem for receiving the transactional data from the client subsystem;

a remote data storage subsystem, connected to the remote data management subsystem over a communication network, to store transactional data at the direction of the remote data management subsystem;

a data processing subsystem, connected to the remote data management subsystem over the communication network, for processing transactions initiated by the remote data management subsystem, on encrypted subsystem identification information and encrypted transactional data provided by the client subsystem to the remote data management subsystem;

a biometric subsystem instantiated by the data processing subsystem to verify the identity of a user of the client subsystem, from the captured biometric data in the transactional data; and

an encryption subsystem instantiated by the data processing subsystem for ensuring the security of the transactional data.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for remote data acquisition and private and secure and authenticated, centralized processing and storage is disclosed called the DataTreasury™ Repository System. The DataTreasury™ Repository System provides a secure system for the storage and retrieval of data comprising personal information, financial information, and general information. The identity of the users are held private through the use of a biometric as the sole personal identifier. The system acquires transactional data at at least one remote locations, encrypts the data, transmits the encrypted data to a central location, transforms the data to a usable form, performs identification verification using biometric data, generates informative reports from the data and transmits the informative reports to the remote location(s), while maintaining privacy, security, and authenticity of the user'"'"'s data and biometric. To ensure the complete security of the system, all data is re-encrypted while in storage, or when it is in a state of nonuse.

133 Citations

View as Search Results

15 Claims

1. A system to provide a centralized, secured and authenticated storage of information comprising:
- a client subsystem to receive and send transactional data comprising;
  
  a biometric processing client subsystem for capturing biometric data; and
  
  a data capturing device to capture additional data;
  
  a remote data management subsystem for receiving the transactional data from the client subsystem;
  
  a remote data storage subsystem, connected to the remote data management subsystem over a communication network, to store transactional data at the direction of the remote data management subsystem;
  
  a data processing subsystem, connected to the remote data management subsystem over the communication network, for processing transactions initiated by the remote data management subsystem, on encrypted subsystem identification information and encrypted transactional data provided by the client subsystem to the remote data management subsystem;
  
  a biometric subsystem instantiated by the data processing subsystem to verify the identity of a user of the client subsystem, from the captured biometric data in the transactional data; and
  
  an encryption subsystem instantiated by the data processing subsystem for ensuring the security of the transactional data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system, as in claim 1, wherein the client subsystem further comprises a biometric device for capturing biometric data;
    - and wherein the client subsystem successively transforms the captured biometric data to an encrypted image format, a compressed image file, data transmission identifying a location and time of the transactional data capture, into a transaction stub for interfacing to the data management subsystem.
  - 3. The system, as in claim 1, wherein said data management subsystem comprises:
    - a server providing for resources for processing, and managing the storage of transactional data from said at least one remote client subsystem;
      
      a report generator for generating reports from the transactional data;
      
      a transaction processing architecture for dynamically administrating a series of intelligent data management services among the server; and
      
      a memory hierarchy.
  - 4. The system, as in claim 3, wherein said processing of transactional data by said data processing subsystem occurs after said transactional data is decrypted by said encryption subsystem.
  - 5. The system, as in claim 3, wherein said transactional data is re-encrypted by said encryption subsystem after said data processing and said data is then stored in said data storage subsystem.
  - 6. The system, as in claim 3, wherein the transaction processing architecture contains a CORBA object request broker (ORB) architecture that apportions and balances transactional resources among at least one server.
  - 7. The system, as in claim 3, wherein the server also receives encrypted transactional data from the client subsystem, and said data storage subsystem stores the encrypted transactional data;
    - wherein the biometric subsystem reduces the biometric data to a series of invariant characteristics through the use of an algorithm;
      
      wherein the server utilizes a biometric search algorithm to facilitate a one to many search to identify a corresponding data storage subsystem resident enrolled biometric to verify the user;
      
      and wherein the server identifies an appropriate user account corresponding to a verified user biometric.

8. A method for central management, security, storage, biometric authentication, verification, and initiation of data transactions comprising the steps of:
- capturing transactional data including an image of the biometric data of a user and additional data, at a remote location, and encrypting the transactional data, and sending encrypted transactional data to an object request broker;
  
  verifying the authenticity of the user for access to an appropriate account by a sequence of operations comprising;
  
  operating the object request broker to cause an application server to instantiate a biometric verification object;
  
  operating the biometric verification object to extract characteristics from the biometric data; and
  
  operating the object request broker to query a database for stored matches to the biometric data based on the extracted characteristics; and
  
  operating the object request broker to cause an application server to instantiate an encryption object for encrypting the transactional data for transmissions and storage in a database in a data storage subsystem, and for decrypting the transactional data upon processing for presentation to the authorized user.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method as in claim 8, wherein said capturing the transactional data which includes biometric data step comprises:
    - capturing biometric data;
      
      successively transforming the captured biometric data to a biometric signature;
      
      creating an encrypted, compressed file identifying a location and time of the biometric data capturing;
      
      storing the tagged, encrypted, compressed biometric signature file; and
      
      initiating a transaction upon the capture of a biometric.
  - 10. The method, as in claim 8, wherein said biometric capturing and sending step is performed at a plurality of remote locations.
  - 11. The method as in claim 8, further comprising the steps of:
    - creating a pseudo identifier for said user;
      
      storing the pseudo identifier in a pseudo identifier database; and
      
      setting a security filter so that said pseudo identifier and said pseudo identifier database do not reveal said user'"'"'s original identity; and
      
      then using the pseudo identifier, executing the encryption object to decrypt transactional data for presentation to the authorized user.
  - 12. The method as in claim 11 wherein said pseudo identifier is a demographic tag that can be set to reveal information relating to the user.
  - 13. The method as in claim 11 wherein said step of creating a pseudo identifier occurs after said step of verifying the identity of said user.
  - 14. The method as in claim 11 further comprising the step of storing said pseudo identifier in a pseudo identifier database.
  - 15. The method, as in claim 10, further comprising:
    - operating the object request broker to store specific types of encrypted transactional data at distinct independent remote locations in a memory hierarchy of the data storage subsystem, said storing maintaining recently accessed encrypted transactional data in a primary memory and other encrypted transactional data in a secondary memory;
      
      operating the object request broker to dynamically assigning the assign servers at a central location to receive portions of the transactional data for balancing the transactional data among a plurality of servers; and
      
      generating reports from the transactional data and providing data to software applications executed by the application server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amarish Pathak, Claudio Ballard, Edward H. Currie, James Cassata, Maurice N. Freedman, Michael T. Imbruce
Original Assignee
Amarish Pathak, Claudio Ballard, Edward H. Currie, James Cassata, Maurice N. Freedman, Michael T. Imbruce
Inventors
Freedman, Maurice N., Cassata, James, Pathak, Amarish, Currie, Edward H., Imbruce, Michael T., Ballard, Claudio R.
Primary Examiner(s)
Cangialosi; Salvatore
Assistant Examiner(s)
Sher; Cristina Owen

Application Number

US10/245,232
Publication Number

US 20030225693A1
Time in Patent Office

2,401 Days
Field of Search

705/43, 705/64, 705/67, 705 50- 59, 713/153, 713/176, 380/251, 382/115
US Class Current

705/50
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06K 17/00   Methods or arrangements for...

G06Q 10/10   Office automation; Time man...

G06Q 20/00   Payment architectures, sche...

G06Q 20/108   Remote banking, e.g. home b...

G06Q 20/389   Keeping log of transactions...

G06V 10/94   Hardware or software archit...

H04L 63/0428   wherein the data content is...

H04L 63/0861   using biometrical features,...

Biometrically enabled private secure information repository

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

133 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Biometrically enabled private secure information repository

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

133 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links