Secure ID checking
First Claim
1. A method for secure ID checking, comprising:
- receiving attribute information of a user, wherein at least a portion of said attribute information is encrypted attribute information;
identifying said encrypted attribute information in response to an access request initiated by a card presented by the user, wherein the attribute information of the user is received independently of information from the card presented by the user;
generating a decryption key for said encrypted attribute information using at least some of the information on the card;
decrypting said encrypted attribute information using the decryption key to generate clear text attribute information;
displaying said clear text attribute information;
granting or denying access of the user to a secure area based on said clear text attribute information.
2 Assignments
0 Petitions
Accused Products
Abstract
A cost-effective system that provides for the efficient protection of transmitted non-public attribute information may be used, for example, to control access to a secure area. Encryption of the attribute information may be performed using symmetric encryption techniques, such as XOR and/or stream cipher encryption. A centralized database that stores and transmits the encrypted attribute information may generate the encryption/decryption key based on selected information bytes, for example, as taken from a card inserted into a handheld device used at the secure area. The selected information to generate the encryption key stream may be varied on a periodic basis by the centralized database. Information as to which selected bytes are to be used for a particular access authorization request may be transmitted to the handheld unit or may be input through action of a user of the handheld unit, for example by entry of a PIN code.
-
Citations
15 Claims
-
1. A method for secure ID checking, comprising:
-
receiving attribute information of a user, wherein at least a portion of said attribute information is encrypted attribute information; identifying said encrypted attribute information in response to an access request initiated by a card presented by the user, wherein the attribute information of the user is received independently of information from the card presented by the user; generating a decryption key for said encrypted attribute information using at least some of the information on the card; decrypting said encrypted attribute information using the decryption key to generate clear text attribute information; displaying said clear text attribute information; granting or denying access of the user to a secure area based on said clear text attribute information. - View Dependent Claims (2, 3, 12, 13)
-
-
4. An apparatus for secure ID checking, comprising:
-
machine executable code for receiving attribute information of a user, wherein at least a portion of said attribute information is encrypted attribute information; machine executable code for identifying said encrypted attribute information in response to an access request initiated by a card presented by the user, wherein the attribute information of the user is received independently of information from the card presented by the user; machine executable code for generating a decryption key for said encrypted attribute information using at least some of the information from the card; machine executable code for decrypting said encrypted attribute information using the decryption key to generate clear text attribute information; machine executable code for displaying said clear text attribute information to enable granting or denying access of the user to a secure area based on said clear text attribute information. - View Dependent Claims (5, 6, 14, 15)
-
-
7. A system for secure ID checking, comprising:
-
a database; an access control device coupled to the database and having a card reader device, wherein said access control device receives attribute information of a user from said database, and wherein at least a portion of said attribute information is encrypted; and a decryption device coupled to said access control device, wherein said decryption device decrypts said encrypted attribute information received from said database to generate clear text attribute information using a decryption key, wherein the decryption key is generated using information obtained by the card reader device from a card presented by the user, and wherein the attribute information of the user is received by the access control device independently of the information from the card presented by the user, and wherein a decision to grant or deny access is based on the clear text attribute information. - View Dependent Claims (8, 9, 10, 11)
-
Specification