One-to-many matching with application to efficient privacy-preserving re-identification

US 9,762,393 B2
Filed: 03/19/2015
Issued: 09/12/2017
Est. Priority Date: 03/19/2015
Status: Active Grant

First Claim

Patent Images

1. An authentication system comprising:

an authenticator comprising;

an electronic data processing device;

a non-transitory storage medium storing instructions readable and executable by the electronic data processing device to perform an authentication process to determine whether a person or object to be authenticated belongs to a set of authorized persons or objects, the authentication process including the operations of;

acquiring a query signature comprising a vector whose elements store values of an ordered set of features for the person or object to be authenticated;

computing a single inner product of the query signature and a single aggregate signature comprising a vector whose elements store values of the ordered set of features for the set of authorized persons or objects wherein the single aggregate signature is not uniquely associated with any particular authorized person or object of the set of authorized persons or objects; and

determining whether the person or object to be authenticated is a member of the set of authorized persons or objects based on the single inner product of the query signature and the single aggregate signature; and

an authenticator training component comprising an electronic data processing device configured to generate the single aggregate signature representing the set of authorized persons or objects by operations including;

generating a set of authorized signatures by acquiring a signature for each authorized person or object comprising a vector whose elements store values of the ordered set of features for that authorized person or object; and

determining the single aggregate signature by whitening the authorized signatures using a set of background signatures that are not labeled as to membership in the set of authorized signatures and aggregating the whitened authorized signatures;

wherein the determining of the single aggregate signature does not use any signature that is labeled to indicate it is an unauthorized signature that is not in the set of authorized signatures.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication methods are disclosed for determining whether a person or object to be authenticated is a member of a set of authorized persons or objects. A query signature is acquired comprising a vector whose elements store values of an ordered set of features for the person or object to be authenticated. The query signature is compared with an aggregate signature comprising a vector whose elements store values of the ordered set of features for the set of authorized persons or objects. The individual signatures for the authorized persons or objects are not stored; only the aggregate signature. It is determined whether the person or object to be authenticated is a member of the set of authorized persons or objects based on the comparison. The comparing may comprise computing an inner product of the query signature and the aggregate signature, with the determining being based on the inner product.

Citations

19 Claims

1. An authentication system comprising:
- an authenticator comprising;
  
  an electronic data processing device;
  
  a non-transitory storage medium storing instructions readable and executable by the electronic data processing device to perform an authentication process to determine whether a person or object to be authenticated belongs to a set of authorized persons or objects, the authentication process including the operations of;
  
  acquiring a query signature comprising a vector whose elements store values of an ordered set of features for the person or object to be authenticated;
  
  computing a single inner product of the query signature and a single aggregate signature comprising a vector whose elements store values of the ordered set of features for the set of authorized persons or objects wherein the single aggregate signature is not uniquely associated with any particular authorized person or object of the set of authorized persons or objects; and
  
  determining whether the person or object to be authenticated is a member of the set of authorized persons or objects based on the single inner product of the query signature and the single aggregate signature; and
  
  an authenticator training component comprising an electronic data processing device configured to generate the single aggregate signature representing the set of authorized persons or objects by operations including;
  
  generating a set of authorized signatures by acquiring a signature for each authorized person or object comprising a vector whose elements store values of the ordered set of features for that authorized person or object; and
  
  determining the single aggregate signature by whitening the authorized signatures using a set of background signatures that are not labeled as to membership in the set of authorized signatures and aggregating the whitened authorized signatures;
  
  wherein the determining of the single aggregate signature does not use any signature that is labeled to indicate it is an unauthorized signature that is not in the set of authorized signatures.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The authentication system of claim 1 wherein the person or object to be authenticated is a person to be authenticated, the set of authorized persons or objects includes only authorized persons, and the operation of acquiring the query signature comprises:
    - acquiring biometric data for the person to be authenticated; and
      
      extracting the values of the ordered set of features for the person to be authenticated from the acquired biometric data.
  - 3. The authentication system of claim 2 wherein the biometric data including one of an electronic fingerprint, one or more face images, and an eye scan.
  - 4. The authentication system of claim 2 further comprising:
    - a computer; and
      
      an electronic fingerprint reader integral with the computer;
      
      wherein the operation of acquiring biometric data comprises causing the electronic fingerprint reader to acquire a fingerprint of the person to be authenticated; and
      
      wherein the computer is programmed to perform a login process in response to the authenticator determining the person to be authenticated is a member of the set of authorized persons.
  - 5. The authentication system of claim 1 wherein the person or object to be authenticated is a vehicle to be authenticated, the set of authorized persons or objects is a set of authorized vehicles, and the operation of acquiring the query signature comprises:
    - acquiring an image of a license plate of the vehicle to be authenticated; and
      
      extracting the values of the ordered set of features for the vehicle to be authenticated from the image of the license plate.
  - 6. The authentication system of claim 5 further comprising:
    - a camera; and
      
      a vehicle barrier gate;
      
      wherein the operation of acquiring the image uses the camera to acquire the image of the license plate of the vehicle to be authenticated; and
      
      wherein the vehicle barrier gate includes a gate actuator operatively connected to open the vehicle barrier gate in response to the authenticator determining the vehicle to be authenticated is a member of the set of authorized vehicles.
  - 7. The authentication system of claim 1 wherein:
    - the operation of determining the single aggregate signature comprises determining the single aggregate signature to set the inner product of each authorized signature and the single aggregate signature to a target inner product value; and
      
      the operation of determining whether the person or object to be authenticated is a member of the set of authorized persons or objects comprises comparing the single inner product of the query signature and the single aggregate signature with the target inner product value.
  - 8. The authentication system of claim 1 wherein:
    - the operation of determining the single aggregate signature comprises sum aggregating the authorized signatures; and
      
      the operation of determining whether the person or object to be authenticated is a member of the set of authorized persons or objects comprises performing a threshold operation on the single inner product of the query signature and the single aggregate signature.
  - 9. The authentication system of claim 1 wherein the operation of determining the single aggregate signature is performed using generalized max pooling.
  - 10. The authentication system of claim 9 wherein the generalized max pooling is performed using ridge regression.
  - 11. The authentication system of claim 1 wherein:
    - the authenticator and the authenticator training component comprise different electronic data processing devices; and
      
      the authenticator does not have access to the set of authorized signatures generated at the authenticator training component.

12. An authentication method for determining whether a person or object to be authenticated is a member of a set of authorized persons or objects, the authentication method comprising:
- generating a set of authorized signatures for the set of authorized persons or objects by acquiring a signature for each authorized person or object comprising a vector whose elements store values of an ordered set of features for that authorized person or object;
  
  determining a single aggregate signature whose elements store values of the ordered set of features for the set of authorized persons or objects by aggregating the authorized signatures of the set of authorized signatures;
  
  acquiring a query signature comprising a vector whose elements store values of the ordered set of features for the person or object to be authenticated;
  
  performing a single signature comparison comparing the query signature and the single aggregate signature; and
  
  determining whether the person or object to be authenticated is a member of the set of authorized persons or objects based on the single signature comparison;
  
  wherein one of;
  
  (1) the determining of the single aggregate signature comprises determining the single aggregate signature to set the inner product of each authorized signature and the single aggregate signature to a target inner product value and the determining whether the person or object to be authenticated is a member of the set of authorized persons or objects comprises comparing the single inner product of the query signature and the single aggregate signature with the target inner product value;
  
  or(2) the determining of the single aggregate signature comprises sum aggregating the authorized signatures and the determining whether the person or object to be authenticated is a member of the set of authorized persons or objects comprises performing a threshold operation on the single inner product of the query signature and the single aggregate signature.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The authentication method of claim 12 wherein the comparing comprises computing a single inner product of the query signature and the aggregate signature and the determining is based on the single inner product.
  - 14. The authentication method of claim 12 wherein the person or object to be authenticated is a person to be authenticated, the set of authorized persons or objects is a set of authorized persons, the ordered set of features is an ordered set of biometric features, and the acquiring comprises:
    - acquiring biometric data of the person to be authenticated using a camera, fingerprint scanner, or eye scanner; and
      
      extracting the values of the ordered set of features for the person or object to be authenticated from the acquired biometric data.
  - 15. The authentication method of claim 14 further comprising one of:
    - logging into a computer in response to determining the person to be authenticated is a member of the set of authorized persons;
      
      oradmitting the person to be authenticated to a secure area in response to determining the person to be authenticated is a member of the set of authorized persons.
  - 16. The authentication method of claim 12 wherein the person or object to be authenticated is an object to be authenticated, the set of authorized persons or objects is a set of authorized objects, the ordered set of features is an ordered set of image features derived from an image, and the acquiring comprises:
    - acquiring an image of at least a portion of the object to be authenticated; and
      
      extracting the values of the ordered set of features for the object to be authenticated from the acquired image.
  - 17. The authentication method of claim 12 wherein:
    - the determining of the single aggregate signature comprises determining the single aggregate signature to set the inner product of each authorized signature and the single aggregate signature to a target inner product value; and
      
      the determining whether the person or object to be authenticated is a member of the set of authorized persons or objects comprises comparing the single inner product of the query signature and the single aggregate signature with the target inner product value.
  - 18. The authentication method of claim 12 wherein:
    - the determining of the single aggregate signature comprises sum aggregating the authorized signatures; and
      
      the determining whether the person or object to be authenticated is a member of the set of authorized persons or objects comprises performing a threshold operation on the single inner product of the query signature and the single aggregate signature.

19. A non-transitory storage medium storing instructions readable and executable by an electronic data processing device to perform an authentication method to determine whether a person or object to be authenticated is a member of a set of authorized persons or objects, the authentication method comprising:
- operating a camera or biometric sensor to acquire data on the person or object to be authenticated;
  
  extracting from the acquired data a query signature comprising a vector whose elements store values of an ordered set of features for the person or object to be authenticated;
  
  computing a single inner product of the query signature and a single aggregate signature comprising a vector whose elements store values of the ordered set of features for the set of authorized persons or objects; and
  
  determining whether the person or object to be authenticated is a member of the set of authorized persons or objects by comparing the single inner product of the query signature and the single aggregate signature with a target inner product value;
  
  wherein the authentication method further comprises generating the single aggregate signature representing the set of authorized persons or objects by operations including;
  
  operating a camera or biometric sensor to acquire data on each authorized person or object;
  
  extracting from the acquired data an authorized signature for each authorized person or object comprising a vector whose elements store values of the ordered set of features for the authorized person or object in order to generate a set of authorized signatures; and
  
  determining the single aggregate signature to set an inner product of each authorized signature and the aggregate signature to the target inner product value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Conduent Business Services, LLC (Conduent, Inc.)
Original Assignee
Conduent Business Services, LLC (Conduent, Inc.)
Inventors
Soldevila, Albert Gordo, Murray, Naila, Perronnin, Florent C.
Primary Examiner(s)
Mehrmanesh, Amir
Assistant Examiner(s)
TAYLOR, SAKINAH W

Application Number

US14/662,939
Publication Number

US 20160277190A1
Time in Patent Office

908 Days
Field of Search

713186
US Class Current
CPC Class Codes

G06Q 10/00   Administration; Management

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3247   involving digital signatures

One-to-many matching with application to efficient privacy-preserving re-identification

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

One-to-many matching with application to efficient privacy-preserving re-identification

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links