Methods for secure enrollment and backup of personal identity credentials into electronic devices
First Claim
1. A method for initializing a Personal Identification Device (PID) before biometric enrollment, the method comprising:
- receiving a unique identifier at a PID;
receiving at the PID a manufacturer'"'"'s public key following manufacture of the PID and before a biometric data associated with enrollment is received;
generating an asymmetric key pair at the PID;
sending the generated PID'"'"'s public key and the unique identifier to the manufacturer;
receiving at the PID a digital certificate of the PID generated by the manufacturer; and
disabling all functionality within the PID such that the PID is in a state waiting for future biometric enrollment by an enrollment authority.
6 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely enrolling personal identity credentials into personal identification devices. The system of the invention comprises the manufacturer of the device and an enrollment authority. The manufacturer is responsible for recording serial numbers or another unique identifier for each device that it produces, along with a self-generated public key for each device. The enrollment authority is recognized by the manufacturer or another suitable institution as capable of validating an individual before enrolling him into the device. The enrollment authority maintains and operates the appropriate equipment for enrollment, and provides its approval of the enrollment. The methods described herein discuss post-manufacturing, enrollment, backup, and recovery processes for the device.
-
Citations
8 Claims
-
1. A method for initializing a Personal Identification Device (PID) before biometric enrollment, the method comprising:
-
receiving a unique identifier at a PID; receiving at the PID a manufacturer'"'"'s public key following manufacture of the PID and before a biometric data associated with enrollment is received; generating an asymmetric key pair at the PID; sending the generated PID'"'"'s public key and the unique identifier to the manufacturer; receiving at the PID a digital certificate of the PID generated by the manufacturer; and disabling all functionality within the PID such that the PID is in a state waiting for future biometric enrollment by an enrollment authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification
-
- Resources
-
Current AssigneeApple Inc.
-
Original AssigneePrivaris, Inc.
-
InventorsJohnson, Barry W., Abdallah, David S.
-
Primary Examiner(s)Smithers; Matthew B
-
Assistant Examiner(s)GERGISO, TECHANE
-
Application NumberUS10/635,762Publication NumberTime in Patent Office2,232 DaysField of Search713/179, 713/186, 382/115, 340/5.82US Class Current713/186CPC Class CodesG06F 21/32 using biometric data, e.g. ...G06Q 20/40145 Biometric identity checksG06V 40/10 Human or animal bodies, e.g...H04L 63/06 for supporting key manageme...H04L 63/0861 using biometrical features,...H04L 9/0894 Escrow, recovery or storing...H04L 9/30 Public key, i.e. encryption...H04L 9/3231 Biological data, e.g. finge...H04L 9/3247 involving digital signaturesH04L 9/3263 involving certificates, e.g...
