Methods and systems for secured access to devices and systems
First Claim
1. A method of determining user access for a user having a user role, the method comprising:
- combining, using a computer, test scores for first and second non-biometric tests to meet or exceed a non-biometric confidence threshold;
receiving, using the computer, a test score for a first biometric test for the user;
making a first determination, using the computer and based at least in part on the test score for the first biometric test, that a biometric confidence threshold has not been reached;
as a result of the first determination and using the computer, presenting a second biometric test to the user;
making a second determination, using the computer and based at least in part on a combination of the test score for the first biometric test for the user and a test score for the second biometric test, whether the biometric confidence threshold has been met or exceeded; and
determining, using the computer and as a result of the second determination, a level of access based at least in part on the user role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user, wherein at least one of the first or second biometric tests has an associated biometric test confidence level, wherein the at least one of the first or second biometric tests has a biometric user test result, wherein an individual biometric test confidence score is a combination of the biometric test confidence level and the biometric user test result, wherein the at least one of the first or second biometric tests has a biometric test failure threshold, wherein, if the biometric user test result is below the biometric test failure threshold, the user fails the at least one of the first or second biometric tests, and wherein the biometric test failure threshold is based in part on the biometric test confidence level of a preceding biometric test.
1 Assignment
0 Petitions
Accused Products
Abstract
An access system in one embodiment that first determines that someone has correct credentials by using a non-biometric authentication method such as typing in a password, presenting a Smart card containing a cryptographic secret, or having a valid digital signature. Once the credentials are authenticated, then the user must take at least two biometric tests, which can be chosen randomly. In one approach, the biometric tests need only check a template generated from the user who desires access with the stored templates matching the holder of the credentials authenticated by the non-biometric test. Access desirably will be allowed when both biometric tests are passed.
82 Citations
21 Claims
-
1. A method of determining user access for a user having a user role, the method comprising:
-
combining, using a computer, test scores for first and second non-biometric tests to meet or exceed a non-biometric confidence threshold; receiving, using the computer, a test score for a first biometric test for the user; making a first determination, using the computer and based at least in part on the test score for the first biometric test, that a biometric confidence threshold has not been reached; as a result of the first determination and using the computer, presenting a second biometric test to the user; making a second determination, using the computer and based at least in part on a combination of the test score for the first biometric test for the user and a test score for the second biometric test, whether the biometric confidence threshold has been met or exceeded; and determining, using the computer and as a result of the second determination, a level of access based at least in part on the user role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user, wherein at least one of the first or second biometric tests has an associated biometric test confidence level, wherein the at least one of the first or second biometric tests has a biometric user test result, wherein an individual biometric test confidence score is a combination of the biometric test confidence level and the biometric user test result, wherein the at least one of the first or second biometric tests has a biometric test failure threshold, wherein, if the biometric user test result is below the biometric test failure threshold, the user fails the at least one of the first or second biometric tests, and wherein the biometric test failure threshold is based in part on the biometric test confidence level of a preceding biometric test. - View Dependent Claims (4, 5, 9, 14)
-
-
2. A method of allowing user access to a user having a role, the method comprising:
-
combining, using a computer, individual non-biometric scores from plural non-biometric user tests taken by the user until a non-biometric confidence threshold is met or exceeded; combining, using the computer, individual biometric test scores of plural biometric user tests taken by the user until a biometric confidence threshold is met or exceeded; and allowing, using the computer, a level of access based in part upon the user'"'"'s role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user, wherein at least one of the biometric user tests has an associated biometric test confidence level, wherein the at least one of the biometric user tests has a biometric user test result, wherein an individual biometric test confidence score is a combination of the biometric test confidence level and the biometric user test result, wherein the at least one of the biometric user tests has a biometric test failure threshold, wherein, if the biometric user test result is below the biometric test failure threshold, the user fails the at least one biometric user test, and wherein the biometric test failure threshold is based in part on the biometric test confidence level of a preceding biometric user test. - View Dependent Claims (3, 6, 7, 8, 10, 11, 12, 13)
-
-
15. One or more non-transitory computer-readable storage media having encoded thereon instructions which, when executed by a computer, cause the computer to perform a method, the method comprising:
-
combining, using the computer, test scores for first and second non-biometric tests to meet or exceed a non-biometric confidence threshold; receiving, using the computer, a test score for a first biometric test for the user; making a first determination, using the computer and based at least in part on the test score for the first biometric test, that a biometric confidence threshold has not been reached; as a result of the first determination and using the computer, presenting a second biometric test to the user; making a second determination, using the computer and based at least in part on a combination of the test score for the first biometric test for the user and a test score for the second biometric test, the second determination comprising whether the biometric confidence threshold has been met or exceeded; and determining, using the computer and at least partially as a result of the second determination, a level of access based at least in part on the user role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user, wherein at least one of the first or second biometric tests has an associated biometric test confidence level, wherein the at least one of the first or second biometric tests has a biometric user test result, wherein an individual biometric test confidence score is a combination of the biometric test confidence level and the biometric user test result, wherein the at least one of the first or second biometric tests has a biometric test failure threshold, wherein, if the biometric user test result is below the biometric test failure threshold, the user fails the at least one of the first or second biometric tests, and wherein the biometric test failure threshold is based in part on the biometric test confidence level of a preceding biometric test. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A system, comprising:
-
a processor; and one or more computer-readable storage media having encoded thereon instructions which, when executed by the processor, cause the processor to perform a method, the method comprising; combining test scores for first and second non-biometric user tests to meet or exceed a non-biometric confidence threshold; receiving a test score for a first biometric test for the user; making a first determination, based at least in part on the test score for the first biometric test, that a biometric confidence threshold has not been reached; as a result of the first determination, presenting a second biometric test to the user; making a second determination, based at least in part on a combination of the test score for the first biometric test for the user and a test score for the second biometric test, the second determination comprising whether the biometric confidence threshold has been met or exceeded; and determining, at least partially as a result of the second determination, a level of access based at least in part on the user role in the event both the non-biometric and biometric confidence thresholds have been met or exceeded for the user, wherein at least one of the first or second biometric tests has an associated biometric test confidence level, wherein the at least one of the first or second biometric tests has a biometric user test result, wherein an individual biometric test confidence score is a combination of the biometric test confidence level and the biometric user test result, wherein the at least one of the first or second biometric tests has a biometric test failure threshold, wherein, if the biometric user test result is below the biometric test failure threshold, the user fails the at least one of the first or second biometric tests, and wherein the biometric test failure threshold is based in part on the biometric test confidence level of a preceding biometric test.
-
Specification