Semiotic system and method with privacy protection

US 7,761,715 B1
Filed: 12/10/1999
Issued: 07/20/2010
Est. Priority Date: 12/10/1999
Status: Active Grant

First Claim

Patent Images

1. A method of processing semiotic data, comprising:

receiving semiotic data including at least one data set P;

selecting a function h, and for at least one of each said data set P to be collected, computing h(P);

destroying said data set P;

storing h(P) in a database, andobtaining a sample of P′

such that a comparison can be made;

at least one of obtaining and computing h(P′

); and

to determine whether P′

is close to a predetermined subject, comparing h(P′

) to available h(P)s to determine whether P′

substantially matches, but does not exactly match, one of said data set P,wherein said data set P cannot be extracted from h(P),wherein said semiotic data comprises biometric data,wherein said function h comprises a secure hash function,wherein the data set P is not determined perfectly by its reading,wherein each reading gives a number Pi, wherein i is no less than 0, wherein P0 is for an initial reading, and a secret version of said initial reading is stored after further processing thereof,wherein reading P0 is different from Pi for i>

0, and the secret version of P0 is different from the secret version of Pi, such that no identification is possible by a direct comparison of the encrypted data,said method further comprising;

extracting sub-collections Sj from the collection of data in data set P;

encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability,comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred,each time a Pi, with i>

0, is read, computing all possible predetermined size variations of Pi which correspond to an acceptable predetermined imprecision of the reading; and

encrypting all such modified data, and comparing said encrypted modified data to data stored in said database,wherein for a plurality of users of the same biometric information, said biometric information is encrypted differently for each user, andwherein at least one of said data set P and P′

comprises a personal data set.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method (as well as system and signal-bearing medium) of processing biometric data, includes receiving biometric data including a data set P, selecting a secure hash function h, and for each data set P to be collected, computing h(P), destroying the data set P, and storing h(P) in a database, wherein data set P cannot be extracted from h(P).

36 Citations

View as Search Results

21 Claims

1. A method of processing semiotic data, comprising:
- receiving semiotic data including at least one data set P;
  
  selecting a function h, and for at least one of each said data set P to be collected, computing h(P);
  
  destroying said data set P;
  
  storing h(P) in a database, andobtaining a sample of P′
  
  such that a comparison can be made;
  
  at least one of obtaining and computing h(P′
  
  ); and
  
  to determine whether P′
  
  is close to a predetermined subject, comparing h(P′
  
  ) to available h(P)s to determine whether P′
  
  substantially matches, but does not exactly match, one of said data set P,wherein said data set P cannot be extracted from h(P),wherein said semiotic data comprises biometric data,wherein said function h comprises a secure hash function,wherein the data set P is not determined perfectly by its reading,wherein each reading gives a number Pi, wherein i is no less than 0, wherein P0 is for an initial reading, and a secret version of said initial reading is stored after further processing thereof,wherein reading P0 is different from Pi for i>
  
  0, and the secret version of P0 is different from the secret version of Pi, such that no identification is possible by a direct comparison of the encrypted data,said method further comprising;
  
  extracting sub-collections Sj from the collection of data in data set P;
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability,comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred,each time a Pi, with i>
  
  0, is read, computing all possible predetermined size variations of Pi which correspond to an acceptable predetermined imprecision of the reading; and
  
  encrypting all such modified data, and comparing said encrypted modified data to data stored in said database,wherein for a plurality of users of the same biometric information, said biometric information is encrypted differently for each user, andwherein at least one of said data set P and P′
  
  comprises a personal data set.
- View Dependent Claims (2)
- - 2. The method according to claim 1, wherein at least one of said data set P and P′
    - comprises a personal data set.

3. A method of processing semiotic data, comprising:
- receiving semiotic data including at least one data set P;
  
  selecting a function h, and for at least one of each said data set P to be collected, computing h(P);
  
  destroying said data set P;
  
  storing h(P) in a database,wherein said data set P cannot be extracted from h(P),wherein the data set P is not determined perfectly by its reading,wherein each reading gives a number Pi, wherein i is no less than 0, wherein P0 is for an initial reading, and a secret version of said initial reading is stored after further processing thereof,wherein reading P0 is different from Pi for i>
  
  0, and the secret version of P0 is different from the secret version of Pi, such that no identification is possible by a direct comparison of the encrypted data;
  
  extracting sub-collections Sj from the collection of data in data set P; and
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability.
- View Dependent Claims (4, 5, 6)
- - 4. The method according to claim 3, further comprising:
    - comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred.
  - 5. The method according to claim 4, further comprising:
    - each time a Pi, with i>
      
      0, is read, computing all possible predetermined size variations of Pi which correspond to an acceptable predetermined imprecision of the reading; and
      
      encrypting all such modified data, and comparing said encrypted modified data to data stored in said database.
  - 6. The method according to claim 5, wherein for a plurality of users of the same biometric information, said biometric information is encrypted differently for each user.

7. A method of processing biometric data, comprising:
- acquiring unencrypted biometric data including at least one data set P;
  
  encrypting, with one of a secure hash function and an identity function, each said at least one data set acquired;
  
  destroying the unencrypted data set P;
  
  storing each of the at least one encrypted data set in a database,wherein unencrypted biometric data is not available nor retrievable from said data stored in said database, andto determine whether a data set P′
  
  is a predetermined subject, comparing an encrypted data set of P′
  
  to the at least one encrypted data set stored in the database to determine whether the data set P′
  
  substantially matches, but does not exactly match, the at least one encrypted data set stored in the database,said method further comprising;
  
  extracting sub-collections Sj from the collection of data in data set P;
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability,comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred.
- View Dependent Claims (8)
- - 8. The method according to claim 7, wherein at least one of said data set P and P′
    - comprises a personal data set.

9. A method of extracting components of biometric data which are stable under measurement errors, comprising:
- acquiring unencrypted biometric data including at least one data set P;
  
  encrypting each said at least one data set acquired to form at least one encrypted data set;
  
  destroying the unencrypted data set P;
  
  storing each said at least one encrypted data set in a database,wherein unencrypted biometric data is not available nor retrievable from said data stored in said database, andto determine whether a data set P′
  
  is a predetermined subject, comparing an encrypted data set of P′
  
  to the at least one encrypted data set stored in the database to determine whether there is a match,said method further comprising;
  
  extracting sub-collections Sj from the collection of data in data set P;
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability,comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred.
- View Dependent Claims (10)
- - 10. The method according to claim 9, wherein at least one of said data set P and P′
    - comprises a personal data set.

11. A method of extracting components of biometric data which are stable under measurement errors, comprising:
- acquiring unencrypted biometric data including at least one data set P;
  
  encrypting each said at least one data set acquired to form at least one encrypted data set;
  
  destroying the unencrypted data set P; and
  
  storing each said at least one encrypted data set in a database,wherein unencrypted biometric data is not available nor retrievable from said data stored in said database,extracting sub-collections Sj from the collection of data in said data set P; and
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method according to claim 11, wherein said data set comprises a personal data set.
  - 13. The method according to claim 11, further comprising:
    - comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred.
  - 14. The method according to claim 13, wherein a data set P is not determined perfectly by its reading, such that each reading gives a number Pi,wherein i is no less than 0,wherein P0 is for an initial reading, and a secret version of said initial reading is stored after further processing thereof,wherein reading P0 is different from Pi for i>
    - 0, and the secret version of P0 is different from the secret version of Pi, such that no identification is possible by a direct comparison of the encrypted data.
  - 15. The method according to claim 13, further comprising:
    - each time a data set is read Pi, with i>
      
      0, is read, computing all possible predetermined size variations of Pi which correspond to an acceptable predetermined imprecision of the reading; and
      
      encrypting all such modified data, and comparing said encrypted modified data to data stored in said database.

16. A system for extracting components of biometric data which are stable under measurement errors, comprising:
- acquiring unencrypted biometric data including at least one data set P;
  
  encrypting each said at least one data set acquired to form at least one encrypted data set;
  
  destroying the unencrypted data set P; and
  
  storing each said at least one encrypted data set in a database,wherein unencrypted biometric data is not available nor retrievable from said data stored in said database,extracting sub-collections Sj from the collection of data in said data set P; and
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability.
- View Dependent Claims (17)
- - 17. The system according to claim 16, wherein said data set comprises a personal data set.

18. A computer-readable medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform a method for computer-implemented verifying of biometric data without storing unencrypted biometric data, said method comprising:
- acquiring unencrypted biometric data including at least one data set P;
  
  encrypting each said at least one data set acquired to form at least one encrypted data set;
  
  destroying the unencrypted data set P;
  
  storing each said at least one encrypted data set in a database, wherein unencrypted biometric data is not available nor retrievable from said data stored in said database, andto determine whether a data set P′
  
  is close to a predetermined subject, comparing an encrypted data set of P′
  
  to said at least one encrypted data set to determine whether data set P′
  
  is close to some data set P,said method further comprising;
  
  extracting sub-collections Sj from the collection of data in data set P;
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability,comparing encrypted versions of the sub-collections Sj with those data stored in said database,wherein if one or more of the sub-collection Sj matches with said data, then verification is deemed to have occurred.
- View Dependent Claims (19)
- - 19. The computer-readable medium according to claim 18, wherein at least one of said data set P and P′
    - comprises a personal data set.

20. A computer-readable medium tangibly embodying a program of recordable, machine-readable instructions executable by a digital processing apparatus to perform a method for computer-implemented extracting components of biometric data which are stable under measurement errors, said method comprising:
- acquiring unencrypted biometric data including at least one data set P;
  
  encrypting each said at least one data set acquired to form at least one encrypted data set;
  
  destroying the unencrypted data set P;
  
  storing each said at least one encrypted data set in a database, wherein unencrypted biometric data is not available nor retrievable from said data stored in said database;
  
  extracting sub-collections Sj from the collection of data in said data set P; and
  
  encrypting a predetermined number of such sub-collections such that at least one of the sub-collections is reproduced exactly with a predetermined probability.
- View Dependent Claims (21)
- - 21. The computer-readable medium according to claim 20, wherein said data set comprises a personal data set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dropbox, Inc.
Original Assignee
International Business Machines Corporation
Inventors
Stolovitzky, Gustavo Alejandro, Martens, Marco, Tresser, Charles Philippe, Kaufman, Stephen Carl, Pulleyblank, William Robert, Wu, Chai Wah, Califano, Andrea
Primary Examiner(s)
LAFORGIA, CHRISTIAN A

Application Number

US09/457,732
Time in Patent Office

3,875 Days
Field of Search

713/182, 713/186, 713/200, 713/201, 726/7, 382/115
US Class Current

713/186
CPC Class Codes

H04L 9/3231 Biological data, e.g. finge...

H04L 9/3236 using cryptographic hash fu...

Semiotic system and method with privacy protection

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Semiotic system and method with privacy protection

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others