[ ] Additional inventors are being namedon the separately numbered sheet attached hereto.
`
`TITLE OF THE INVENTION (500 characters max)
`UNIVERSAL SECURE REGISTRY
`
`CORRESPONDENCE ADDRESS
`
`a :
`ON 0!
`a
`LL
`
`=
`
`éohorte No.: 617-395-7000
`
`906090
`
`OldSNO&erl
`
`PROVISIONAL APPLICATION COVER SHEET
`
`This is a requestforfiling a PROVISIONAL APPLICATION under 37 CFR 1.53(c).
`
`DOCKET NUMBER: W0537-701000
`Express Mail Label No. EV 307786275 US
`Date of Deposit: June 9, 2006
`
`INVENTOR(S)/APPLICANT(S)
`Given Name (first and middle [if any])|Family Name or Surname Residence (City and either State or
`
`.
`Foreign Country)
`
`©a T
`
`CUSTOMER NUMBER: 37462
`
`[X] Specification Number of Pages 61
`
`*[X] Drawing(s) Number of Sheets 24
`
`[X] Application Data Sheet, See 37 CFR 1.76
`
`[X] Return receipt postcard
`
`[
`
`]Other (specify)
`
`he invention was made by an agencyof the United States Governmentor undera contract with an agencyof the
`United States Government.
`
`[X] No
`
`[
`
`]Yes, the name of the U.S. Government Agency and the Government Contract Numberare:
`
`METHOD OF PAYMENT(check ail that apply)
`
`[X] A checkis enclosed to cover the Provisional Filing Fees, including the Application Size Fee(if applicable).
`
`[
`
`] The Commissioner is hereby authorized to chargethefiling fee and the application size fee (if applicable) or credit
`overpayment to Deposit Account 50/2762. A duplicate of this sheet is enclosed.
`
`[X] Small Entity Status is claimed.
`
`PROVISIONALFILING FEE AMOUNT
`
`$ 100.00
`
`Respectfully submitted,
`
`| June 9, 2006
`Date
`
`Anastasi, Reg. No. 37,765
`
`Send to: Commissionerfor Patents, P.O. B = 1450, Alexandria, VA 22313-1450
`
`rents
`Page 1 of 89
`Page | of 89
`
`Apple 1021
`Apple 1021
`
`

`

`- | -Express Mail Label No.: EV 307786275 US
`Date of Deposit: June 9, 2006
`
`UNIVERSAL SECURE REGISTRY
`
`1.
`
`Field of Invention
`
`BACKGROUNDOF INVENTION
`
`This invention generally relates to a method and apparatusfor securely storing
`
`and disseminating information regarding individuals and, more particularly, to a
`
`computer system for authenticating identity or verifying the identity of individuals
`
`and otherentities seeking accessto certain privileges and for selectively granting
`
`privileges and providing other services in response to such
`
`identifications/verifications.
`
`2.
`
`Discussion of Related Art
`
`Control of access to secure systems presents a problem related to the
`
`identification of a person. An individual may be provided access to the secure system
`
`after their identity is authorized. Generally, access control to secure computer
`
`networksis presently provided by an authentication scheme implemented,at least
`
`partly, in software located on a device being employed to access the secure computer
`network and on a server within the secure computer network. For example,if a
`
`corporation chooses to provide access control for their computer network, they may
`
`purchase authentication software that includes server-side software installed on a
`
`server in their computer system and correspondingclient-side software that is
`
`installed on the devices that are used by employees to access the system. The devices
`
`may include desktop computers, laptop computers, and handheld computers(e.g.,
`
`PDAsandthe like).
`
`In practice, the preceding approach has a numberof disadvantages including
`
`both the difficulty and cost of maintaining the authentication system andthe difficulty
`
`and cost of maintaining the security of the authentication system. Morespecifically,
`the software resides in the corporation’s computers where it may be subject to
`tampering/unauthorized use by company employees. That is, the information
`
`technology team that manages the authentication system has accessto the private keys
`
`787047.1
`
`Page 2 of 89
`Page 2 of 89
`
`

`

`-2-
`
`associated with each of the authorized users. Asa result, these individuals have an
`
`opportunity to compromisethe security of the system. Further, any modification
`
`and/or upgradeto the authentication system softwareis likely to require an update to
`at least the server-side software and mayalso require an update of the software
`located on each user/client device. In addition, where the company’s computer
`systems are geographically distributed, software upgrades/updates may be required on
`
`a plurality of geographically distributed servers.
`
`There is also a need, especially in this post September 11 environment, for
`
`secure and valid identification of an individual before allowing the individual access
`
`to highly secure areas. For example, an FBI agent or an air marshal may needto
`
`identify themselvesto airport security or a gate agent, without compromising security.
`
`Typically such identification may comprise the air marshal or FBI agent showing
`
`identification indicia to appropriate personnel. However, there are inherent flaws in
`
`this process that allow for security to be compromised, including falsification of
`
`identification information or the airport security or personnel not recognizing the
`
`situation. Of course this process could be automated, for example, by equipping
`
`airport personnel or security with access to a database and requiring the FBI agent or
`
`air marshal to appropriately identify themselves to the database, for example, by again
`
`providing identification which airport personnel can then enter into the database to
`
`verify the identity of the person seeking access to a secure area. However, this
`
`process also hasthe inherent flawsin it as described above. In addition, there may be
`
`times when airport security or personnel may not be able to communication with the
`
`database to check the identity of the person seeking access, for example, when they
`
`are not near a computer terminal with access to a database or are carrying a hand-held
`
`device that does not have an appropriate wireless signal to access the database. In
`
`addition, there is a need to ensure that if such a hand-held device ends up the wrong
`
`hands, that security is not compromised.
`
`Systems capable of effectively performingall or some of these functions do
`
`not currently exist.
`
`787047.1
`
`Page 3 of 89
`Page 3 of 89
`
`

`

`-3-
`
`SUMMARYOF INVENTION
`
`There is thus a need for an identification system that will enable a person to be
`
`accurately identified (“identification” sometimes being used hereinafter to meaneither
`
`identified or verified) and/or authenticated without compromising security, to gain
`
`access to secure systems and/or areas. Likewise, there is a need for an identification
`
`system that will enable a personto be identified universally without requiring the
`
`person to carry multiple formsofidentification.
`
`Accordingly, this invention relates, in one embodiment, to an information
`
`system that may be used as a universal identification system and/or usedto selectively
`
`provide information about a person to authorized users. Transactions to and from a
`
`secure database maytake place using a public key/private key security system to
`enable users of the system and the system itself to encrypt transaction information
`during the transactions. Additionally, the private key/public key security system may
`
`be usedto allow usersto validate their identity. For example, in one embodiment, a
`smart card such as the Secure ID™ card from RSI Security, Inc. may be provided
`with the user’s private key and the USR system’s public key to enable the card to
`
`encrypt messages being sent to the USR system and to decrypt messages from the
`
`USR system 10.
`
`The system or database of the invention may be usedto identify the person in
`manysituations, and thus maytake the place of multiple conventional forms of
`
`identification. Additionally, the system may enable the user’s identity to be
`confirmed orverified without providing any identifying information about the person
`to the entity requiring identification. This can be advantageous wherethe person
`suspects that providing identifying information may subject the identifying
`information to usurpation.
`Access to the system may be by smart card, such as a Secure ID™ card, or any
`other secure access device. The technology enabling the user to present their identity
`information may be physically embodied as a separate identification device such as a
`
`smart ID card, or may be incorporated into another electronic device, such as a cell
`phone, pager, wrist watch, computer, personal digital assistant such as a Palm Pilot™,
`
`key fob, or other commonlyavailable electronic device. The identity of the user
`
`787047.1
`
`Page 4 of 89
`Page 4 of 89
`
`

`

`-4-
`
`possessing the identifying device may beverified at the point of use via any
`
`combination of a memorized PIN numberor code, biometric identification such as a
`fingerprint, voice print, signature, iris or facial scan, or DNAanalysis, or any other
`method ofidentifying the person possessing the device. If desired, the identifying
`
`device may also be provided with a picture of the person authorized to use the device
`
`to enhancesecurity.
`
`According to one embodimentofthe invention, a method of controlling access
`
`to a plurality of secure computer networks using a secure registry system located
`
`remotely from the secure computer networks is disclosed. The secure registry system
`
`includes a database containing selected data of a plurality of users each authorized to
`
`accessat least one of the plurality of secure computer networks. The method
`
`comprisesacts of receiving authentication information from an entity at a secure
`
`computer network, communicating the authentication information to the secure
`registry system, and validating the authentication information at the secure registry
`system. The methodalso includes receiving from the secure registry system an
`
`indication of whetherthe entity is authorized to access the secure computer network,
`
`granting the entity access to the secure computer network whenthe authentication
`
`information of the entity correspondsto oneofthe plurality of users, and denying the
`
`entity access to the secure computer network whenthe authentication information of
`
`the user does not correspond to oneofthe plurality of users.
`
`Another embodimentof the invention comprises a method of controlling
`
`access to a secure computer network using a secure registry system. The secure
`
`registry system includes a database containing selected data of a plurality of users
`
`authorized to access the secure computer networkandselected data identifying the
`secure computer network. The method comprises receiving an access request
`including authentication information and a computer network ID from anentity,
`determining whetherthe authentication information is valid for any ofthe plurality of
`
`users, accessing data whenthe authentication information of the entity is valid for one
`
`of the plurality of users to determine whetherthe entity is authorized to access the
`
`computer networkidentified by the computer network ID, and allowingthe entity to
`
`access the secure computer network whenthe authentication information ofthe entity
`
`787047.1
`
`Page 5 of 89
`Page 5 of 89
`
`

`

`-5-
`
`is valid for one of the plurality of users authorized to access the computer network
`identified by the computer network ID.
`
`Another embodimentof the invention comprises a method of authenticating an
`identity of a first entity. The method comprises the acts of wirelessly transmitting
`fromafirst device, first encrypted authentication informationofthe first entity,
`receiving with a second device the wirelessly transmitted first encrypted
`authentication information, decrypting with the second device,the first wirelessly
`encrypted authentication information to provide the first authentication information of
`the first entity to the second device; and authenticating the identity ofthe first entity
`based uponthefirst authentication information; and acting based on the assessed
`
`identity ofthe first entity.
`
`,
`
`Another embodimentof the invention comprises a system for authenticating
`an identity ofa first entity, comprising a first wireless device comprisingafirst
`wireless transmitter and receiver configured to transmit a first wireless signal
`including first encrypted authentication information, a first processor configured to
`compare stored biometric data with detected biometric data ofthe first entity and
`
`configured to enable or disable use ofthe first device based on a result of the
`
`comparison, and configuredto encryptfirst authentication information with a first
`
`private key ofthe first entity into the first encrypted authentication information,a first
`biometric detector for detecting biometric data ofthe first entity, and a first memory
`for storing biometric data of the first entity, a private key ofthe first entity authorized
`to use the first device, and the first authentication information.
`
`According to some embodiments, the system further comprises a second
`wireless device comprising a second wireless transmitter and receiver configured to
`receive the first wireless signal and to processthe first wireless signal, a second
`processor configured to compare detected biometric data of a second entity with
`stored biometric data and configured to enable or disable use of the second device
`based upona result of the comparison, and configured to decrypt thefirst
`authentication information received in the first wireless signal, a biometric detector
`for detecting biometric data of a second entity, and a second memory storing
`
`787047.
`
`Page 6 of 89
`Page 6 of 89
`
`

`

`-6-
`
`biometric data of the second entity and a plurality of public keysofa plurality offirst
`
`entities.
`
`BRIEF DESCRIPTION OF DRAWINGS
`
`This invention is pointed out with particularity in the appended claims. The
`above and further advantagesofthis invention maybe better understood by referring
`to the following description when taken in conjunction with the accompanying
`
`drawings. The accompanying drawingsare not intended to be drawn to scale. In the
`
`drawings, each identical or nearly identical componentthatis illustrated in various
`
`figures is represented by a like numeral. For purposesofclarity, not every component
`
`maybe labeled in every thawing. In the drawings:
`
`FIG. 1 is a functional block diagram of a computer system configured to
`implementthe universal secure registry (““USR”), including a USR database,
`according to one embodimentofthe invention;
`
`FIG.2 is a functional block diagram ofa first embodiment of a networked
`
`environment including the computer system of FIG.1;
`
`FIG.3 is a functional block diagram of an entry of a database forming the
`
`USRdatabase of FIG. 1;
`
`FIG. 4 is a functional block diagram of a sécond embodiment of a networked
`
`environmentincluding the computer system of FIG.1;
`
`FIG.5 is a flow chart illustrating steps in a process of inputting data into the
`USRdatabase;
`
`FIG.6 is a flow chart illustrating steps in a process of retrieving data from the
`
`USRdatabase;
`
`FIG.7 is a flow chart illustrating a first protocol for purchasing goods from a
`
`merchantvia the USR database without transmitting credit card information to the
`
`merchant;
`
`FIG. 8 is a flow chart illustrating a second protocol for purchasing goods from
`a merchantvia the USR database without transmitting credit card information to the
`
`merchant;
`
`7870471
`
`Page 7 of 89
`Page 7 of 89
`
`

`

`-7-
`
`FIG.9 is a flow chart illustrating a protocol for purchasing goods from a
`
`merchantvia the USR database by validating the user’s check;
`
`FIG. 10 is a flow chart illustrating a protocol for purchasing goods from an on-
`
`line merchantvia the USR database without transmitting credit card information to
`
`the on-line merchant, and enabling the on-line merchantto ship the goodsto a virtual
`
`address;
`
`FIG. 11 is a flow chart illustrating a protocol for shipping goodsto a virtual
`
`address via the USR database;
`
`FIG. 12 is a flow chart illustrating a protocol for telephoning a virtual phone
`
`numbervia the USR database;
`
`FIG.13 is a flow chart illustrating a protocol for identifying a person via the
`
`USRdatabase;
`
`FIG. 14 is a flow chart illustrating a protocol for identifying a person to a
`
`policeman via the USR database;
`
`FIG.15 is a flow chart illustrating a protocol for providing information to an
`
`authorized recipient of the information via the USR database;
`
`FIG. 16 is a flow chart illustrating a protocol for providing application
`
`information to an authorized recipient of the information via the USR database;
`
`FIG. 17 is a functional block diagram of an embodimentconfigured to use
`
`information in the USR system to activate or keep active property secured through the
`
`USRsystem; and
`
`FIG. 18A is a functional block diagram of an embodiment configured to use
`
`the USRsystem to control access to a secure computer network;
`
`FIG. 18Bis a functional block diagram of another embodiment configured to
`use the USR system to control access to a secure computer network;
`FIG. 19 is a flow diagram of a process for controlling access to a secure
`
`computer network with the USR system in accordance with an embodiment of the
`
`invention;
`FIG,20 ts a flow diagram of a process for controlling access to a secure
`computer network with the USR system in accordance with another embodiment of
`
`the invention;
`
`787047.1
`
`Page 8 of 89
`Page 8 of 89
`
`

`

`-8-
`
`FIG.21 illustrates an embodimentof a system for validating the identity of an
`
`individual;
`
`FIGS. 22A and 22Billustrate one embodimentof a process for validating the
`
`identity of an individual;
`
`FIG. 23 illustrates one embodimentof variousfields included within a first
`
`wireless signal and a secondwireless signal as transmitted by the system of FIG. 21;
`
`FIG.24 illustrates one embodimentof a process for verifying or authenticating
`the identity ofa first user of a first wireless transmission device;
`FIG. 25 illustrates another embodiment of a process for authenticating the
`
`identity of a first user of a wireless transmission device;
`
`FIG.26 illustrates still another embodiment of a process for authenticating the
`
`identity of a first user of a wireless transmission device; and
`
`FIG.27illustrates one embodimentof a data structure that can be used by any
`
`wireless device of the system of FIG. 21.
`
`DETAILED DESCRIPTION
`
`This invention is not limited in its application to the details of construction and
`the arrangement of componentsset forth in the following description or illustrated in
`the drawings. The invention is capable of other embodiments and of being practiced
`or of being carried out in various ways. Also, the phraseology and terminology used
`
`herein is for the purpose of description and should not be regarded as limiting. The
`29 66
`39 66
`39
`66
`“containing”, “involving”, and
`
`“comprising,” or “having,”
`
`use of “including,”
`
`variations thereof herein, is meant to encompassthe itemslisted thereafter and
`
`equivalents thereof as well as additional items.
`
`In one embodiment, an information system is formed as a computer program
`
`running on a computer or group of computers configured to provide a universal secure
`
`registry (USR) system. The computer, in this instance, may be configured to run
`
`autonomously (without the intervention of a human operator), or may require
`
`intervention or approvalforall, a selected subset, or particular classes of transactions.
`The invention is not limited to the disclosed embodiments, and may take on many
`different forms depending on the particular requirements of the information system,
`
`787047.1
`
`Page 9 of 89
`Page 9 of 89
`
`

`

`-9-
`
`the type of information being exchanged, and the type of computer equipment
`
`employed. An information system according to this invention, may optionally, but
`
`need not necessarily, perform functions additional to those described herein, and the
`
`invention is not limited to a computer system performing solely the described
`
`functions.
`
`In the embodiment shownin FIG. 1, a computer system 10 for implementing a
`
`USRsystem according to the invention includes at least one main unit 12 connected
`
`to a wide area network, such as the Internet, via a communicationsport 14. The main
`
`unit 12 may include one or more processors (CPU 16) running USR software 18
`configured to implement the USR system functionality discussed in greater detail
`
`below. The CPU 16 may be connected to a memory system including one or more
`
`memory devices, such as a random access memory system RAM 20,a read only
`
`memory system ROM 22, and one or more databases 24. In the illustrated
`
`embodiment, the database 24 contains a universal secure registry database. The
`invention is not limited to this particular manner of storing the USR database. Rather,
`the USR database maybe included in any aspect of the memory system,such asin
`
`RAM 20, ROM 22 ordisc, and mayalso be separately stored on one or more
`
`dedicated data servers.
`
`The computer system may be a general purpose computer system whichis
`
`programmable using a computer programming language, such as C, C+, Java, or
`
`other language,such asa scripting language or even assembly language. The
`
`computer system mayalso be specially programmed,special purpose hardware, an
`application specific integrated circuit (ASIC) or a hybrid system including both
`
`special purpose components and programmed general purpose components.
`
`In a genera! purpose computer system, the processoris typically a
`
`commercially available microprocessor, such as Pentium series processoravailable
`from Intel, or other similar commercially available device. Such a microprocessor
`executes a program called an operating system, such as UNIX, Linux, WindowsNT,
`Windows 95, 98, or 2000, or any other commercially available operating system,
`which controls the execution of other computer programs and provides scheduling,
`debugging, input/output control, accounting, compilation, storage assignment, data
`
`787047.1
`
`Page 10 of 89
`Page 10 of 89
`
`

`

`-10-
`
`management, memory management, communication control and related services, and
`
`many other functions. The processor and operating system defines a computer
`platform for which application programsin high-level programming languagesare
`written.
`
`The database 24 maybe any kindof database, including a relational database,
`object-oriented database, unstructured database, or other. database. Examplerelational
`databases include Oracle 81 from Oracle Corporation of RedwoodCity, California;
`Informix Dynamic Server from Informix Software, Inc. of Menlo Park, California;
`
`DB2 from International Business Machines of Armonk, New York; and Accessfrom
`
`Microsoft Corporation of Redmond, Washington. An example object-oriented
`
`database is ObjectStore from Object Design of Burlington, Massachusetts. An
`
`example of an unstructured database is Notes fromthe Lotus Corporation, of
`Cambridge, Massachusetts. A database also may be constructed usinga flat file
`system, for example by using files with character-delimited fields, such as in early
`
`versions of dBASE, now known as Visual dBASEfrom Inprise Corp. of Scotts
`
`Valley, California, formerly Borland International Corp.
`
`The main unit 12 may optionally include or be connectedto an userinterface
`26 containing, for example, one or more input and output devices to enable an
`operator to interface with the USR system 10. Illustrative input devices include a
`keyboard, keypad, track ball, mouse, pen and tablet, communication device, and data
`
`input devices such as voice and other audio and video capture devices. Illustrative
`output devices include cathode ray tube (CRT)displays, liquid crystal displays (LCD)
`and other video output devices, printers, communication devices such as modems,
`
`storage devices such as a disk or tape, and audio or video output devices. Optionally,
`the user interface 26 may be omitted, in which case the operator may communicate
`with the USR system 10 in a networked fashion via the communication port 14. It
`should be understoodthat the invention is not limited to any particular manner of
`interfacing an operator with the USR system.
`It also should be understoodthat the invention is not limited to a particular
`computer platform, particular processor, or particular high-level programming
`language. Additionally, the computer system may be a multiprocessor computer
`
`787047.14
`
`Page 11 of 89
`Page 11 of 89
`
`

`

`-ll-
`
`system or may include multiple computers connected over a computer network. It
`further should be understood that each module or step shownin the accompanying
`figures and the substeps or subparts shown in the remaining figures may correspond
`to separate modules of a computer program, or may be separate computer programs.
`Such modules may be operable on separate computers. The data produced by these
`
`components maybestored in a memory system or transmitted between computer
`
`systems.
`
`Such a system may be implemented in software, hardware, or firmware, or any
`
`combination thereof. The various elements of the information system disclosed
`
`herein, either individually or in combination, may be implemented as a computer
`
`program product, such as USRsoftware 18, tangibly embodied in a machine-readable
`
`storage device for execution by the computer processor 16. Various steps of the
`
`process may be performed by the computer processor 16 executing the program 18
`tangibly embodied on a computer-readable medium to perform functions by operating
`on input and generating output. Computer programming languagessuitable for
`implementing such a system include procedural programming languages, object-
`
`oriented programming languages, and combinationsofthe two.
`
`As shownin FIG. 2, the computer system 10 may be connectedto a plurality
`of interface centers 27 over a wide area network 28. The wide area network 28 may
`be formed from a plurality of dedicated connections between the interface centers 27
`
`and the computer system 10, or may take place, in whole or in part, over a public
`
`networksuchas the Internet. Communication between the interface centers 27 and
`
`the computer system 10 may take place according to any protocol, such as TCP/IP,
`ftp, OFX, or XML,and mayinclude any desired level of interaction between the
`
`interface centers 27 and the computer system 10. To enhancesecurity, especially
`where communication takes place over a publicly accessible networksuch as the
`Internet, communicationsfacilitating or relating to transmission of data from/to the
`USR database 24 or the computer system 10 may be encrypted using an encryption
`algorithm, such as PGP, DES, or other conventional symmetric or asymmetric
`
`encryption algorithm.
`
`787047.1
`
`Page 12 of 89
`Page 12 of 89
`
`

`

`-12-
`
`In one embodiment, the USR system 10 orUSR database 24 maybeable to
`
`authenticate its identity to a user or other entity accessing the system by providing an
`
`- appropriate code which maybe displayed on the user’s. smart card, for example a
`SecurID™card orits equivalent, or other code generator, for example a single use
`code generator, being employed by the user. A comparisonbythe useror the code
`
`generator between the provided number and an expected numbercan validate, to the
`
`user (or other entity) or the code generator, that communication is with the database
`
`and not an imposter.
`
`The database 24 shownin FIG. 1 has a USRdatabase containing entries
`
`related to persons 1-n. The data in the USR database mayalso be segregated, as
`
`shownin FIG. 4, according to data type to enable individual computer modulesto
`handle discrete applications on discrete data types. Segregating the data, asillustrated
`
`in FIG. 4, may makeaccessto the database more robust by enabling portions of the
`
`data in the USR database 24 to be accessible even whenit is necessary to perform
`maintenanceon a portion of the database. However, storing the data in the USR
`database 24 according to the schemeillustrated in FIG. 1 may makeit easier for a user
`
`of the database to make changesto multiple types of data simultaneously or in a
`
`single session. There are advantages and disadvantagesto each data structure, and the
`
`invention is not limited to a particular mannerof organizing the data within the
`
`database 24, data structures other than the two shownalso being possible.
`
`As shownin FIG. 3, each entry 30 in the database 24 may contain multiple
`
`types of information. For example, in the embodiment shownin FIG.3, the entry
`
`contains validation information 32, access information 34, publicly available
`
`information 36, address information 38, credit card and other financial information
`
`40, medical information 42, job application information 44, and tax information 46.
`
`The invention is not limited to a USR containing entries with all of this information or
`
`only this particular information, as any information on a person orother entity such as
`
`a company,institution, etc. may be stored in USR database 24.
`
`If the database information is split between multiple databases, each database
`
`will typically include at least the validation and access information to enable the USR
`
`software to correlate a validation attempt with a verified validation, and to enable the
`
`787047.1
`
`Page 13 of 89
`Page 13 of 89
`
`

`

`-13-
`
`USRsoftware to determine accessprivileges to the requested data. Alternatively,
`databases maybe linked to permit information not in a main USR database to be
`
`retrieved, with validation/identification for all databases accessed being doneat the
`USRsystem.
`
`In FIG. 3, the validation information is information about the user of the
`
`database to whomthe data pertains and is to be used by the USR software 18 to
`
`validate that the person attempting to access the information is the person to whom
`the data pertains or is otherwise authorized to receive it. The validation information
`
`maybe any type of information that will reliably authenticate the identity of the
`individual.
`
`In one embodiment, the user of the database will carry a SecurID™card
`available from RSA Security, formerly Security Dynamics Technologies,Inc., of
`
`Cambridge, MA. Use ofthis card enables secure access to the USR database without
`
`requiring the user to transmit any personal information. Specifically, to access the
`USRdatabase,the card retrieves a secret user code and/or time varying value from
`memory and obtains from the user a secret personal identification code. The card
`
`mathematically combines these three numbers using a predetermined algorithm to
`
`generate a one-time nonpredictable code whichis transmitted to the computer system
`
`10. The computer system, specifically USR software 18, utilizes the received one-
`
`time nonpredictable code to determineif the user is authorized access to the USR
`
`database and grants access to the USR databaseif the user is determined to be
`
`authorized. The verification information 32 in the database entry in the embodiment
`
`of the inventionillustrated in FIG. 3 contains information to enable the USR software
`
`18 to validate the user using such a card in this manner.
`
`Alternative types of identification cards or tokens may likewise be used. For
`example, other smart cards may be used which generate non-predictable single use
`codes, which mayor maynotbe time varying, or other access code generators may be
`used. An algorithm generating such non-predictable codes may also be programmed
`
`onto a processor on a smart card or other computing device, such as a cell phone,
`
`pager, ID badge, wrist watch, computer, personaldigital assistant, key fob, or other
`
`commonly available electronic device. For convenience, the term “electronic ID
`
`787047.1
`
`Page 14 of 89
`Page 14 of 89
`
`

`

`-14-
`
`device”will be used generically to refer to any type of electronic device that may be
`
`used to obtain access to the USR database.
`
`Likewise, various types of biometric information may be stored in the
`
`verification area of the database entry to enable the identity of the user possessing the
`identifying device to be verified at the point of use. Examples ofthe type of biometric
`information that maybeusedin this situation includes a personalidentification
`
`number(PIN), fingerprint, voice print, signature, iris or facial scan, or DNA analysis.
`
`If desired, the verifying section of the database may contain a picture to be transmitted
`
`back to the person seeking to validate the device to ensure the person using the device
`
`is the correct person. Optionally, the identifying device itself may also be provided
`
`with a picture of the person authorized to use the card to provide a facial confirmation
`of the person’s right to use the card.
`
`In FIG.3, the Access information 34 is provided to enable different levels of
`
`security to attach to different types of information stored in the entry 30 in the USR
`
`database 14. For example, the person maydesire that their address information be
`
`made available only to certain classes of people, for example colleagues, friends,
`
`family, Federal Express, U.P.S., and the U.S. mail service. The namesor universal
`
`identifiers for those selected individuals, companies, organ