System, method and program product for communicating a privacy policy associated with a biometric reference template

US 8,301,902 B2
Filed: 02/12/2009
Issued: 10/30/2012
Est. Priority Date: 02/12/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A method for communicating a privacy policy associated with a biometric reference template, said method comprising:

assigning in a first attribute a first identifier, said first identifier uniquely identifying a biometric reference template created for a type of biometric data collected, said biometric reference template comprising the biometric data, said biometric data being a digital form of a biometric sample collected from a part of an individual'"'"'s body, said assigning the first identifier being performed by a processor of a computer system;

said processor defining in a second attribute a second identifier, said second identifier uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling proper use and handling of said biometric data;

said processor cryptographically binding said biometric reference template to said privacy policy; and

said processor transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and program product for communicating a privacy policy associated with a reference template. The method includes assigning a first identifier for identifying a reference template created from biometric data collected, defining a second identifier for identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to the reference template, the second identifier including an accept-reject provision for controlling the proper use and handling of the biometric data, cryptographically binding the reference template to the privacy policy and transmitting, responsive to a request received from the relying party, the accept-reject provision for the reference template, where based on a response received from the relying party to the accept-reject provision for the privacy policy, the reference template is either transmitted or not transmitted to the relying party.

93 Citations

View as Search Results

25 Claims

1. A method for communicating a privacy policy associated with a biometric reference template, said method comprising:
- assigning in a first attribute a first identifier, said first identifier uniquely identifying a biometric reference template created for a type of biometric data collected, said biometric reference template comprising the biometric data, said biometric data being a digital form of a biometric sample collected from a part of an individual'"'"'s body, said assigning the first identifier being performed by a processor of a computer system;
  
  said processor defining in a second attribute a second identifier, said second identifier uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling proper use and handling of said biometric data;
  
  said processor cryptographically binding said biometric reference template to said privacy policy; and
  
  said processor transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the biometric reference template further comprises the first attribute and the second attribute.
  - 3. The method of claim 2, wherein the biometric reference template further comprises a biometric type identifier that identifies the type of the biometric data specific to the part of the individual'"'"'s body.
  - 4. The method of claim 2, wherein said cryptographically binding comprises:
    - computing a cryptographic hash over the entire biometric reference template to generate a hashed biometric reference template; and
      
      digitally signing the hashed biometric reference template to generate a digital signature of the biometric reference template, which cryptographically binds together every component within the biometric reference template.
  - 5. The method of claim 4, said method further comprising:
    - said processor attaching the digital signature to the biometric reference template.
  - 6. The method of claim 4, said method further comprising:
    - said processor storing the digital signature in a database of the computer system.
  - 7. The method of claim 2, wherein the biometric data is stored in a database of the computer system.

8. A process for deploying computing infrastructure comprising integrating computer-readable program code into a computer system, wherein said program code in combination with said computer system is capable of performing a process for controlling dissemination and use of biometric data, said program code being stored in a computer readable hardware storage device of the computer system, said process comprising:
- assigning in a first attribute a first identifier, said first identifier uniquely identifying a biometric reference template created for a type of biometric data collected, said biometric reference template comprising the biometric data, said biometric data being a digital form of a biometric sample collected from a part of an individual'"'"'s body, said assigning the first identifier being performed by a processor of a computer system;
  
  said processor defining in a second attribute a second identifier, said second identifier uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling proper use and handling of said biometric data;
  
  said processor cryptographically binding said biometric reference template to said privacy policy; and
  
  said processor transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The process of claim 8, wherein the biometric reference template further comprises the first attribute and the second attribute.
  - 10. The process of claim 9, wherein the biometric reference template further comprises a biometric type identifier that identifies the type of the biometric data specific to the part of the individual'"'"'s body.
  - 11. The process of claim 9, wherein said cryptographically binding comprises:
    - computing a cryptographic hash over the entire biometric reference template to generate a hashed biometric reference template; and
      
      digitally signing the hashed biometric reference template to generate a digital signature of the biometric reference template, which cryptographically binds together every component within the biometric reference template.
  - 12. The process of claim 11, said method further comprising:
    - said processor attaching the digital signature to the biometric reference template.
  - 13. The process of claim 11, said method further comprising:
    - said processor storing the digital signature in a database of the computer system.

14. A computer system comprising a processor, a memory coupled to the processor, and a computer readable hardware storage device coupled to the processor, said storage device containing program code configured to be executed by the processor via the memory to implement a method for associating a biometric reference template with a privacy policy, said method comprising:
- said processor assigning in a first attribute a first identifier, said first identifier uniquely identifying a biometric reference template created for a type of biometric data collected, said biometric reference template comprising the biometric data, said biometric data being a digital form of a biometric sample collected from a part of an individual'"'"'s body;
  
  said processor defining in a second attribute a second identifier, said second identifier uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling proper use and handling of said biometric data;
  
  said processor cryptographically binding said biometric reference template to said privacy policy; and
  
  said processor transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The computer system of claim 14, wherein the biometric reference template further comprises the first attribute and the second attribute.
  - 16. The computer system of claim 15, wherein the biometric reference template further comprises a biometric type identifier that identifies the type of the biometric data specific to the part of the individual'"'"'s body.
  - 17. The computer system of claim 15, wherein said cryptographically binding comprises:
    - computing a cryptographic hash over the entire biometric reference template to generate a hashed biometric reference template; and
      
      digitally signing the hashed biometric reference template to generate a digital signature of the biometric reference template, which cryptographically binds together every component within the biometric reference template.
  - 18. The computer system of claim 17, said method further comprising:
    - said processor attaching the digital signature to the biometric reference template.
  - 19. The computer system of claim 17, said method further comprising:
    - said processor storing the digital signature in a database of the computer system.

20. A computer program product, comprising a computer readable hardware storage device having a computer readable program code stored therein, said program code configured to be executed by a processor of a computer system to implement a method for controlling dissemination and use of biometric data, said method comprising:
- said processor assigning in a first attribute a first identifier, said first identifier uniquely identifying a biometric reference template created for a type of biometric data collected, said biometric reference template comprising the biometric data, said biometric data being a digital form of a biometric sample collected from a part of an individual'"'"'s body;
  
  said processor defining in a second attribute a second identifier, said second identifier uniquely identifying a privacy policy that indicates a level of protection to be provided by a relying party requesting access to said biometric reference template, said second identifier including an accept-reject provision for said privacy policy for controlling proper use and handling of said biometric data;
  
  said processor cryptographically binding said biometric reference template to said privacy policy; and
  
  said processor transmitting, responsive to a request received from said relying party, said second identifier along with an accept-reject provision for said privacy policy associated with said biometric reference template for controlling said proper use and handling of said biometric data, wherein based on a response received from said relying party to said accept-reject provision for said privacy policy, said biometric reference template is either transmitted or not transmitted to said relying party.
- View Dependent Claims (21, 22, 23, 24, 25)
- - 21. The computer program product of claim 20, wherein the biometric reference template further comprises the first attribute and the second attribute.
  - 22. The computer program product of claim 21, wherein the biometric reference template further comprises a biometric type identifier that identifies the type of the biometric data specific to the part of the individual'"'"'s body.
  - 23. The computer program product of claim 21, wherein said cryptographically binding comprises:
    - computing a cryptographic hash over the entire biometric reference template to generate a hashed biometric reference template; and
      
      digitally signing the hashed biometric reference template to generate a digital signature of the biometric reference template, which cryptographically binds together every component within the biometric reference template.
  - 24. The computer program product of claim 23, said method further comprising:
    - said processor attaching the digital signature to the biometric reference template.
  - 25. The computer program product of claim 23, said method further comprising:
    - said processor storing the digital signature in a database of the computer system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Griffin, Phillip H.
Primary Examiner(s)
Gee, Jason K.
Assistant Examiner(s)
Hailu, Teshome

Application Number

US12/370,359
Publication Number

US 20100205452A1
Time in Patent Office

1,356 Days
Field of Search

713/186, 726/1
US Class Current

713/186
CPC Class Codes

H04L 2209/805 Lightweight hardware, e.g. ...

H04L 9/3231 Biological data, e.g. finge...

System, method and program product for communicating a privacy policy associated with a biometric reference template

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

93 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and program product for communicating a privacy policy associated with a biometric reference template

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

93 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links