System, method and program product for generating a cancelable biometric reference template on demand

US 8,359,475 B2
Filed: 02/12/2009
Issued: 01/22/2013
Est. Priority Date: 02/12/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A method for generating on demand a cancelable biometric reference template, said method comprising:

a processor of a computer system creating, using a biometric application, a base biometric reference template comprising base biometric data corresponding to a biometric sample collected for an individual and a unique biometric template identifier that uniquely identifies said base biometric data and said computer system comprising the biometric application, a cancelable biometric transformation engine, and an authentication tool for signing the base biometric reference template;

said processor generating, utilizing the cancelable biometric transformation engine, N cancelable biometric reference templates derived from said base biometric reference template, wherein N is at least 1, wherein said N cancelable biometric reference templates generated is configured to be used by said individual to participate in a new biometric application without having to provide a new biometric sample and without having to rely on a biometric service provider to issue a new biometric reference template for said new biometric application;

said processor injecting said base biometric reference template created into a secure portable device issued to said individual, said secure portable device being external to the computer system;

said processor storing said N cancelable biometric reference templates in the portable device; and

said processor loading an instance of said cancelable biometric transformation engine onto said secure portable device for generating on demand of said individual said at least one cancelable biometric reference template derived from said base biometric reference template for said new biometric application,wherein the portable device concurrently stores said base biometric reference template, said N biometric reference templates, and said instance of said cancelable biometric transformation engine.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and program product for generating a cancelable biometric reference template on demand. The method includes creating, using a biometric application, a base reference template having a unique biometric template identifier that uniquely identifies biometric data corresponding to a biometric sample collected for an individual and generating, utilizing a transformation engine, a cancelable reference template derived from the base reference template, where the cancelable reference template generated is used by the individual to participate in a new biometric application without having to provide a new biometric sample or without having to rely on a biometric service provider to issue a new reference template for the new biometric application. The method further includes injecting the base reference template created into a secure portable device issued to the individual and loading the transformation engine onto the device for generating on demand the cancelable reference template.

91 Citations

View as Search Results

24 Claims

1. A method for generating on demand a cancelable biometric reference template, said method comprising:
- a processor of a computer system creating, using a biometric application, a base biometric reference template comprising base biometric data corresponding to a biometric sample collected for an individual and a unique biometric template identifier that uniquely identifies said base biometric data and said computer system comprising the biometric application, a cancelable biometric transformation engine, and an authentication tool for signing the base biometric reference template;
  
  said processor generating, utilizing the cancelable biometric transformation engine, N cancelable biometric reference templates derived from said base biometric reference template, wherein N is at least 1, wherein said N cancelable biometric reference templates generated is configured to be used by said individual to participate in a new biometric application without having to provide a new biometric sample and without having to rely on a biometric service provider to issue a new biometric reference template for said new biometric application;
  
  said processor injecting said base biometric reference template created into a secure portable device issued to said individual, said secure portable device being external to the computer system;
  
  said processor storing said N cancelable biometric reference templates in the portable device; and
  
  said processor loading an instance of said cancelable biometric transformation engine onto said secure portable device for generating on demand of said individual said at least one cancelable biometric reference template derived from said base biometric reference template for said new biometric application,wherein the portable device concurrently stores said base biometric reference template, said N biometric reference templates, and said instance of said cancelable biometric transformation engine.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the base biometric reference template consists of the unique biometric template identifier, the base biometric data, and a biometric type indicator that indicates a type of the base biometric data used to create the base biometric reference template.
  - 3. The method of claim 1, wherein N is at least 2.
  - 4. The method of claim 3, wherein said cancelable biometric transformation engine comprises a data transformation function that includes N sets of transformation keys, and wherein each different set of transformation keys comprises a plurality of keys used to transform said base biometric reference template into a respective different cancelable biometric reference template of said N cancelable biometric reference templates.
  - 5. The method of claim 4, said method further comprising:
    - said processor assigning a unique transform function identifier for identifying said data transformation function;
      
      said processor generating a list comprising said unique transform function identifier and each set of transformation keys of the N sets of transformation keys;
      
      said processor tracking said list to ensure that a same set of transformation keys of the N sets of transformation keys is not used twice.
  - 6. The method of claim 1, said method further comprising:
    - said processor assigning a unique cancelable biometric reference template identifier for each cancelable biometric reference template for identifying said each cancelable biometric reference template,wherein each cancelable biometric reference template comprises its respective cancelable biometric reference template identifier to enable said each cancelable biometric reference template to be associated with said base biometric reference template.

7. A process for deploying computing infrastructure comprising integrating computer-readable code into a computer system, wherein said code in combination with said computer system is capable of performing a method for generating on demand a cancelable biometric reference template, said method comprising:
- a processor of the computer system creating, using a biometric application, a base biometric reference template comprising base biometric data corresponding to a biometric sample collected for an individual and a unique biometric template identifier that uniquely identifies said base biometric data, and said computer system comprising the biometric application, a cancelable biometric transformation engine, and an authentication tool for signing the base biometric reference template;
  
  said processor generating, utilizing the cancelable biometric transformation engine, N cancelable biometric reference templates derived from said base biometric reference template, wherein N is at least 1, wherein said N cancelable biometric reference templates generated is configured to be used by said individual to participate in a new biometric application without having to provide a new biometric sample and without having to rely on a biometric service provider to issue a new biometric reference template for said new biometric application;
  
  said processor injecting said base biometric reference template created into a secure portable device issued to said individual, said secure portable device being external to the computer system;
  
  said processor storing said N cancelable biometric reference templates in the portable device; and
  
  said processor loading an instance of said cancelable biometric transformation engine onto said secure portable device for generating on demand of said individual said at least one cancelable biometric reference template derived from said base biometric reference template for said new biometric application,wherein the portable device concurrently stores said base biometric reference template, said N biometric reference templates, and said instance of said cancelable biometric transformation engine.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The process of claim 7, wherein the base biometric reference template consists of the unique biometric template identifier, the base biometric data, and a biometric type indicator that indicates a type of the base biometric data used to create the base biometric reference template.
  - 9. The process of claim 7, wherein N is at least 2.
  - 10. The process of claim 9, wherein said cancelable biometric transformation engine comprises a data transformation function that includes N sets of transformation keys, and wherein each different set of transformation keys comprises a plurality of keys used to transform said base biometric reference template into a respective different cancelable biometric reference template of said N cancelable biometric reference templates.
  - 11. The process of claim 10, said method further comprising:
    - said processor assigning a unique transform function identifier for identifying said data transformation function;
      
      said processor generating a list comprising said unique transform function identifier and each set of transformation keys of the N sets of transformation keys;
      
      said processor tracking said list to ensure that a same set of transformation keys of the N sets of transformation keys is not used twice.
  - 12. The process of claim 7, said method further comprising:
    - said processor assigning a unique cancelable biometric reference template identifier for each cancelable biometric reference template for identifying said each cancelable biometric reference template,wherein each cancelable biometric reference template comprises its respective cancelable biometric reference template identifier to enable said each cancelable biometric reference template to be associated with said base biometric reference template.

13. A computer system comprising a processor, a memory, and a computer readable storage device, said storage device containing program code configured to be executed by the processor via the memory to implement a method for generating on demand a cancelable biometric reference template, said method comprising:
- said processor creating, using a biometric application, a base biometric reference template comprising base biometric data corresponding to a biometric sample collected for an individual and a unique biometric template identifier that uniquely identifies said base biometric data, and said computer system comprising the biometric application, a cancelable biometric transformation engine, and an authentication tool for signing the base biometric reference template;
  
  said processor generating, utilizing the cancelable biometric transformation engine, N cancelable biometric reference templates derived from said base biometric reference template, wherein N is at least 1, wherein said N cancelable biometric reference templates generated is configured to be used by said individual to participate in a new biometric application without having to provide a new biometric sample and without having to rely on a biometric service provider to issue a new biometric reference template for said new biometric application;
  
  said processor injecting said base biometric reference template created into a secure portable device issued to said individual, said secure portable device being external to the computer system;
  
  said processor storing said N cancelable biometric reference templates in the portable device; and
  
  said processor loading an instance of said cancelable biometric transformation engine onto said secure portable device for generating on demand of said individual said at least one cancelable biometric reference template derived from said base biometric reference template for said new biometric application,wherein the portable device concurrently stores said base biometric reference template, said N biometric reference templates, and said instance of said cancelable biometric transformation engine.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer system of claim 13, wherein the base biometric reference template consists of the unique biometric template identifier, the base biometric data, and a biometric type indicator that indicates a type of the base biometric data used to create the base biometric reference template.
  - 15. The computer system of claim 13, wherein N is at least 2.
  - 16. The computer system of claim 15, wherein said cancelable biometric transformation engine comprises a data transformation function that includes N sets of transformation keys, and wherein each different set of transformation keys comprises a plurality of keys used to transform said base biometric reference template into a respective different cancelable biometric reference template of said N cancelable biometric reference templates.
  - 17. The computer system of claim 16, said method further comprising:
    - said processor assigning a unique transform function identifier for identifying said data transformation function;
      
      said processor generating a list comprising said unique transform function identifier and each set of transformation keys of the N sets of transformation keys;
      
      said processor tracking said list to ensure that a same set of transformation keys of the N sets of transformation keys is not used twice.
  - 18. The computer system of claim 13, said method further comprising:
    - said processor assigning a unique cancelable biometric reference template identifier for each cancelable biometric reference template for identifying said each cancelable biometric reference template,wherein each cancelable biometric reference template comprises its respective cancelable biometric reference template identifier to enable said each cancelable biometric reference template to be associated with said base biometric reference template.

19. A computer program product, comprising a computer readable physically tangible storage device having a computer readable program code stored therein, said program code configured to be executed by a processor of a computer system to implement a method for generating on demand a cancelable biometric reference template, said method comprising:
- said processor creating, using a biometric application, a base biometric reference template comprising base biometric data corresponding to a biometric sample collected for an individual and a unique biometric template identifier that uniquely identifies said base biometric data, and said computer system comprising the biometric application, a cancelable biometric transformation engine, and an authentication tool for signing the base biometric reference template;
  
  said processor generating, utilizing the cancelable biometric transformation engine, N cancelable biometric reference templates derived from said base biometric reference template, wherein N is at least 1, wherein said N cancelable biometric reference templates generated is configured to be used by said individual to participate in a new biometric application without having to provide a new biometric sample and without having to rely on a biometric service provider to issue a new biometric reference template for said new biometric application;
  
  said processor injecting said base biometric reference template created into a secure portable device issued to said individual, said secure portable device being external to the computer system;
  
  said processor storing said N cancelable biometric reference templates in the portable device; and
  
  said processor loading an instance of said cancelable biometric transformation engine onto said secure portable device for generating on demand of said individual said at least one cancelable biometric reference template derived from said base biometric reference template for said new biometric application,wherein the portable device concurrently stores said base biometric reference template, said N biometric reference templates, and said instance of said cancelable biometric transformation engine.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The computer program product of claim 19, wherein the base biometric reference template consists of the unique biometric template identifier, the base biometric data, and a biometric type indicator that indicates a type of the base biometric data used to create the base biometric reference template.
  - 21. The computer program product of claim 19, wherein N is at least 2.
  - 22. The computer program product of claim 21, wherein said cancelable biometric transformation engine comprises a data transformation function that includes N sets of transformation keys, and wherein each different set of transformation keys comprises a plurality of keys used to transform said base biometric reference template into a respective different cancelable biometric reference template of said N cancelable biometric reference templates.
  - 23. The computer program product of claim 22, said method further comprising:
    - said processor assigning a unique transform function identifier for identifying said data transformation function;
      
      said processor generating a list comprising said unique transform function identifier and each set of transformation keys of the N sets of transformation keys;
      
      said processor tracking said list to ensure that a same set of transformation keys of the N sets of transformation keys is not used twice.
  - 24. The computer program product of claim 19, said method further comprising:
    - said processor assigning a unique cancelable biometric reference template identifier for each cancelable biometric reference template for identifying said each cancelable biometric reference template,wherein each cancelable biometric reference template comprises its respective cancelable biometric reference template identifier to enable said each cancelable biometric reference template to be associated with said base biometric reference template.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Griffin, Phillip H.
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Hailu, Teshome

Application Number

US12/370,379
Publication Number

US 20100205658A1
Time in Patent Office

1,440 Days
Field of Search

713/186
US Class Current

713/186
CPC Class Codes

G06F 21/32 using biometric data, e.g. ...

System, method and program product for generating a cancelable biometric reference template on demand

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

91 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

System, method and program product for generating a cancelable biometric reference template on demand

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

91 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others