`(12) Patent Application Publication (10) Pub. No.: US 2002/0091937 A1
`Ortiz
`(43) Pub. Date:
`Jul. 11, 2002
`
`US 2002009 1937A1
`
`(54) RANDOM BIOMETRICAUTHENTICATION
`METHODS AND SYSTEMS
`(76) Inventor: Luis M. Ortiz, Dallas, TX (US)
`Correspondence Address:
`Kermit D. Lopez
`PO Box 7720
`Dallas, TX 75209-0720 (US)
`
`(21) Appl. No.:
`
`09/757,903
`
`(22) Filed:
`
`Jan. 10, 2001
`
`Publication Classification
`
`(51) Int. Cl. .................................................... H04L 9/32
`(52) U.S. Cl. ............................................ 713/200; 382/115
`
`ABSTRACT
`(57)
`Methods and Systems for biometrically Securing access to
`electronic Systems. A user prompted to input to the elec
`tronic System at least one biometric attribute randomly
`Selected from a user profile containing biometric attributes
`of the user. A user may be prompted to input Such a
`biometric Sample through a user interface integrated with the
`electronic System. A user may be permitted to perform a
`user-desired activity, Such as accessing an ATM machine,
`particular data, or entry to a Secure area, if at least one
`biometric attribute input by the user to the electronic System
`matches at least one biometric attribute randomly Selected
`from the user profile. A user profile may be generally
`accessible from a Server through the electronic System. A
`user profile may also be accessible from a biometric broker
`through the electronic System over a Secure network con
`nection. A user profile may also be accessible from a hand
`held device, Such as a Smart card, wireless PDA or wireless
`communication device.
`
`132
`
`
`
`
`
`130
`N
`
`START
`
`
`
`User initiates transaction
`with electronic system via
`single biometric attribute
`
`136
`
`
`
`
`
`User profile retrieved by
`electronic system based on
`input of single user biometric
`attribute
`
`
`
`
`
`User selects a user-desired
`activity at interface with
`electronic system
`
`
`
`User requested by electronic
`system to provide at least One
`biometric attribute via random
`selection of attributes by electronic
`system
`
`User inputs at least one
`biometric attribute selected
`randomly by electronic
`system
`
`142
`
`Biometric
`attribute match?
`
`
`
`
`
`User permitted to
`perform user-desired
`activity
`
`IPR2022-00602
`Apple EX1021 Page 1
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002. Sheet 1 of 8
`
`US 2002/0091937 A1
`
`
`
`
`
`ZZ
`
`IPR2022-00602
`Apple EX1021 Page 2
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002 Sheet 2 of 8
`
`US 2002/0091937 A1
`
`
`
`S.
`
`S.
`
`S.
`
`N S
`
`s
`
`S.
`
`3
`
`s
`
`t
`
`S
`
`3
`
`S.
`
`s
`
`S
`
`S
`
`IPR2022-00602
`Apple EX1021 Page 3
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002. Sheet 3 of 8
`
`US 2002/0091937 A1
`
`|NEITO€
`
`
`
`E0\/?HOLS
`CITOHSENHH !
`
`— — — — — — — — — — — — — — — — — — — — — — — <--- — — — — — — —~~~~ ~ ~
`
`#7989
`
`IPR2022-00602
`Apple EX1021 Page 4
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002. Sheet 4 of 8
`
`US 2002/0091937 A1
`
`
`
`80
`
`BIOMETRICAT TRIBUTES
`1. Fingerprint Verification
`
`2. Voice Print
`
`. Retinal Scan
`
`.
`
`Iris Scan
`
`. Hand Geometry
`
`. Facial Scan
`
`. Signature Verification
`
`FIG. 4
`
`USER PROFILE BASED
`ON BIOMETRIC
`ATTRIBUTES OF USER
`
`IPR2022-00602
`Apple EX1021 Page 5
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002 Sheet 5 of 8
`
`US 2002/0091937 A1
`
`102
`
`START
`
`100
`
`User transaction initiated with electronic
`system
`
`
`
`106
`
`
`
`
`
`User required by the electronic system to provide at
`least one biometric attribute randomly selected from
`user profile by electronic system
`
`
`
`
`
`User provides to electronic system
`biometric attributes randomly selected
`from user profile by electronic system
`
`
`
`
`
`
`
`Biometric
`attribute
`match?
`
`FIG. 5
`
`User permitted to perform
`user-desired activity
`
`IPR2022-00602
`Apple EX1021 Page 6
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002. Sheet 6 of 8
`
`US 2002/0091937 A1
`
`ONE
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IPR2022-00602
`Apple EX1021 Page 7
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002 Sheet 7 of 8
`
`US 2002/0091937 A1
`
`1St
`Biometric
`Input
`
`204
`
`
`
`202
`
`206
`
`2nd
`Blometric
`Input
`
`INPUT BIOMETRICATTRIBUTE
`
`Fingerprint, Right Middle Finger
`
`
`
`
`
`
`
`
`
`3rd
`Biometric
`input
`
`204
`
`202
`
`206
`
`INPUT BIOMETRICATTRIBUTE As
`
`Iris Scan, Left Eye
`
`FIG. 7
`
`208
`
`208
`
`IPR2022-00602
`Apple EX1021 Page 8
`
`
`
`Patent Application Publication
`
`Jul. 11, 2002 Sheet 8 of 8
`
`US 2002/0091937 A1
`
`222
`
`224
`
`Biometric Input: Speak Your Name
`
`220
`N
`
`1St
`Biometric
`Input
`
`222
`
`2nd
`Biometric
`Input
`
`230
`
`222
`
`3rd
`Biometric
`Input
`
`
`
`226
`
`226
`
`226
`
`IPR2022-00602
`Apple EX1021 Page 9
`
`
`
`US 2002/009 1937 A1
`
`Jul. 11, 2002
`
`RANDOM BIOMETRICAUTHENTICATION
`METHODS AND SYSTEMS
`
`BACKGROUND OF THE INVENTION
`0001) 1. Technical Field of the Invention
`0002 The present invention relates to authentication for
`and Security of electronic Systems, Such as computers,
`kiosks, wireleSS devices, associated fixed and wireleSS net
`Works, and mechanical Systems, Such as Secure buildings.
`The present invention also relates to the use of biometric
`data for authenticating user identity and providing Secure
`user access to data and/or transactions.
`0003 2. Description of the Related Art
`0004 Security for electronic and mechanical systems has
`rapidly become an important issue in recent years. With the
`proliferation of computers, computer networks and other
`electronic device and networks into all aspects of busineSS
`and daily life, the concern over Secure file and transaction
`access has grown tremendously. The ability to Secure data
`and transactions is particularly important for financial, medi
`cal, education, government, military, and communications
`endeavors.
`0005. Using passwords is a common method of providing
`Security for electrical or mechanical Systems. Password
`protection and/or combination type locks are employed for
`computer network Security, automatic teller machines, tele
`phone banking, calling cards, telephone answering Services,
`buildings, factories, houses and SafeS. These Systems gen
`erally require the knowledge of an entry code that has been
`Selected by or provided to a user or has been configured in
`advance.
`0006 Pre-set codes are often forgotten, however, as users
`have no reliable method of remember them. Writing down
`the codes and Storing them in close proximity to an acceSS
`control device (e.g., a combination lock) results in a Secure
`access control System with a very insecure code. Alterna
`tively, the nuisance of trying Several code variations renders
`the access control System more of a problem than a Solution.
`0007 Password systems are known to suffer from other
`disadvantages. Usually, a user Specifies passwords. Most
`users, being unsophisticated users of Security Systems,
`choose passwords that are relatively insecure. AS Such, many
`password Systems are easily accessed through a simple trial
`and error process.
`0008 To secure access to particular areas, such as build
`ings, the most common building Security System relied on
`traditionally has been a Security guard. A Security guard
`reviews identification cards and compares pictures thereon
`to a perSon carrying the card. The Security guard provides
`access upon recognition or upon other criteria. Other build
`ing Security Systems use card access, password access, or
`another Secure acceSS approach. Unfortunately, passwords
`and cards have the same drawbacks when used for building
`Security as when used for computer Security.
`0009 AS computer networks are increasingly used to link
`computer Systems together, applications have been devel
`oped to allow a user on a client computer System to acceSS
`a Service on a host computer System. For example, a user on
`a client System may be able to access information contained
`in a database on a host computer System. Unfortunately,
`
`along with this increased accessibility comes increased
`potential for Security problems. For example, communica
`tions, including authentication, between a client System and
`a host System can be intercepted and tampered with while in
`transit over the computer network. This may allow third
`parties or malicious users on a client computer System to
`gain access to, or Security codes for, a Service on a host
`computer System without proper authorization.
`0010) A number of systems have been developed to
`ensure that users do not gain unauthorized access to host
`computer Systems. AS explained above, Some Systems
`prompt a user for passwords. Such Systems may also rely on
`PIN numbers, before granting the user access to the host
`computer System. AS indicated above, however, passwords
`and PIN numbers may be forgotten or may fall into the
`wrong hands. Additionally, using passwords and PIN num
`bers for Security purposes places an additional burden on
`institutions because passwords or PIN numbers require
`additional machinery and human resources to deal with
`customers when customers forget passwords or PIN num
`bers, or when customers request that passwords or PIN
`numbers be changed.
`0011. As an alternative to traditional security systems,
`Such as Security guards, passwords or PIN numbers, bio
`metric authentication Systems have been developed to autho
`rize accesses to various electronic and mechanical Systems.
`Biometrics can generally be defined as the Science of
`utilizing unique physical or behavioral personal character
`istics to verify the identity of an individual. Biometric
`authentication Systems are typically combined with hard
`ware and Software Systems for automated biometric verifi
`cation or identification. Biometric authentication Systems
`receive a biometric input, Such as a fingerprint or a voice
`Sample, from a user. This biometric input is typically com
`pared against a prerecorded template containing biometric
`data associated with the user to determine whether to grant
`the user access to a Service on the host System.
`0012. A biometric security access system can thus pro
`vide Substantially Secure access and does not require a
`password or acceSS code. A biometric identification System
`accepts unique biometric information from a user and iden
`tifies the user by matching the information against informa
`tion belonging to registered users of the System. One Such
`biometric System is a fingerprint recognition System.
`0013 In a fingerprint biometric system input transducer
`or Sensor, the finger under investigation is usually pressed
`against a flat Surface, Such as a Side of a glass plate; the ridge
`and Valley pattern of the finger tip is Sensed by a Sensing
`means Such as an interrogating light beam. In order to
`capture an image of a fingerprint, a System may be prompted
`through user entry that a fingertip is in place for image
`capture. Another method of identifying fingerprints is to
`capture images continuously and to analyze each image to
`determine the presence of biometric information Such as a
`fingerprint.
`0014 Various optical devices are known which employ
`prisms upon which a finger whose print is to be identified is
`placed. The prism has a first Surface upon which a finger is
`placed, a Second Surface disposed at an acute angle to the
`first Surface through which the fingerprint is viewed and a
`third illumination surface through which light is directed
`into the prism. In Some cases, the illumination Surface is at
`
`IPR2022-00602
`Apple EX1021 Page 10
`
`
`
`US 2002/009 1937 A1
`
`Jul. 11, 2002
`
`an acute angle to the first Surface. In other cases, the
`illumination Surface may be parallel to the first Surface.
`Fingerprint identification devices of this nature are generally
`used to control the building-access or information-access of
`individuals to buildings, rooms, and devices Such as com
`puter terminals.
`0.015. Before the advent of computers and imaging
`devices, research was conducted into fingerprint character
`ization and identification. Today, much of the research focus
`in biometricS has been directed toward improving the input
`transducer and the quality of the biometric input data.
`Fingerprint characterization is thus generally well known
`and can involve many aspects of fingerprint analysis.
`0016 For doorway security systems, biometric authenti
`cation Systems have many known problems. For example, a
`user identification code, a PIN, is generally required to
`identify each individual in order to permit comparison of the
`biometric information and a Single user's template. Remem
`bering a PIN can be inconvenient and the device needed to
`accept a PIN are Sometimes Subject to damage and failure.
`The device is also an additional expense in a doorway acceSS
`System. Since a single processor can provide processing for
`several doors, for a multiple doorway system, the PIN entry
`unit forms a significant portion of the Overall System cost. It
`would be advantageous to provide a System wherein provi
`sion of a PIN is not always necessary for identification. To
`date most biometric authentication Systems or Services rely
`on some form of PIN input.
`0.017. In evaluating security of biometric authorization
`Systems, false acceptance and false rejections are Sometimes
`evaluated as a fraction of a user population. A Security
`System may be characterized as allowing 1 in 1,000 false
`acceptances or, alternatively, 1 in 1,000,000. Typically a
`probability distribution curve establishes a cut off for a given
`registration to determine what false acceptance rate this
`reflects. Curves of this type are exponential in nature and,
`therefore for better false acceptance rates provide only
`nominal improvements to false acceptance rate for Signifi
`cant changes to a threshold value. Typically when using a
`biometric information Sample, a low match Score results in
`failure to authorize an individual.
`0.018. In the past, a one-to-many search of biometric
`information has generally been considered undesirable
`because Security may be compromised. For example, when
`a Single biometric template is compared and a resulting
`comparison having a 1/1,000,000 likelihood of false accep
`tance is desired, it should be clear that 1/1,000,000 users
`may be misidentified. When, however, a forty user system is
`provided with equivalent individual comparison criteria, the
`probability of false acceptance can escalate to 1-(0.999
`999) which is about 1/25,000. Whereas 1/1,000,000 is
`generally acceptable for many applications, 1/25,000 is
`likely not as acceptable. Further, as the number of individual
`templates grows, the rate of false acceptance increases,
`when 250 templates exist, a likelihood of about 1/4,000 of
`false acceptance exists.
`0019. In order to solve this problem, one might reduce the
`false acceptance rate to 1/10,000,000; however, this results
`in problems identifying Some people and makes Such a
`System inconvenient. A System of this type is unlikely to
`provide consistent results and therefore, requires a Security
`guard at least at a door to provide access for those who are
`not identifiable to 1/10,000,000.
`
`0020. Another potential problem with the use of biomet
`ricS is related to the unauthorized interception of a digital
`Signal or file representing a biometric (i.e., Similar to unau
`thorized interception of passcodes/passwords). An unautho
`rized user may Substitute a digital Signal of a biometric
`attribute or template by bypassing biometric readers or
`ScannerS altogether. Therefore, like passwords or passcodes,
`use of biometricS for Security purposes and user authoriza
`tion, Verification, and identification is not full proof.
`0021
`Based on the foregoing, those skilled in the art can
`appreciate that despite the advances in biometric authenti
`cation, most biometric authentication Systems are still
`plagued with various physical and algorithmic drawbacks. It
`is believed that the biometric methods and systems disclosed
`herein overcome Such drawbacks by employing a unique
`random method and System of biometric identification and
`verification that correlates directly to biometric attributes
`themselves.
`
`SUMMARY OF THE INVENTION
`0022. The present invention provides biometric authen
`tication methods and Systems.
`0023. It is a feature of the present invention to provide
`biometric authentication based on random factors.
`0024.
`It is still another feature of the present invention to
`provide a biometric authentication methods and Systems
`based on the random selection of biometric attributes from
`a user profile containing biometric information about the
`USC.
`0025 The above and other features of the invention are
`achieved as will now be further described. Methods for
`biometrically Securing access to an electronic System are
`disclosed. According to one Such method, a user may be
`prompted to input to the electronic System at least one
`biometric attribute randomly selected from a user profile
`containing biometric attributes of the user.
`0026. A user may be permitted to perform a user-desired
`activity if at least one biometric attribute input by the user
`to the electronic System matches the at least one biometric
`attribute randomly Selected from the user profile. A user
`profile may be generally accessible from a Server through
`the electronic System. A user profile may also be accessible
`from a biometric broker through an electronic System over
`a Secure network connection. A user profile may also be
`accessible from a portable electronic device Such as Smart
`cards PDAS and/or other wireless hand held devices.
`0027 Additionally, methods may include processing
`Steps which result in obtaining at least one biometric
`attribute from a user for compilation in a user profile or
`template, compiling the user profile, and Subsequently Stor
`ing the user profile in a location accessible by at least one
`electronic System. The user may be permitted to modify the
`user profile in response to approval of a request by the user.
`0028. Additionally, a method can involve the processing
`Step of comparing at least one biometric attribute input by
`the user to an electronic System with at least one biometric
`attribute randomly selected from the user profile. The user
`can then be Subsequently prompted to input to the electronic
`System at least one additional biometric attribute randomly
`Selected from the user profile, if at least one biometric
`
`IPR2022-00602
`Apple EX1021 Page 11
`
`
`
`US 2002/009 1937 A1
`
`Jul. 11, 2002
`
`attribute previously input by the user to the electronic
`System does not match the at least one biometric attribute
`previously Selected randomly from the user profile.
`0029. The electronic system itself may be configured
`with at least one wireleSS device that operates with a wireleSS
`network. The electronic System can also be configured with
`at least one computer WorkStation operable over an associ
`ated network. The electronic System may be configured as an
`automated teller machine. The electronic System can also be
`configured as a Secured entry System to a Secured environ
`ment. The electronic System may also be part of a point of
`Sale in a retail establishment that relies on credit card
`authorization to enable customer transactions. The elec
`tronic System may simply be a wireleSS network or a
`computer network, or a combination thereof. Alternatively,
`the electronic System may simply be a wireleSS device, Such
`as, for example, a Wireless Application Protocol (WAP)
`enabled cellular telephone and/or PDA (Personal Digital
`ASSistant).
`0030) Biometric attributes can comprise fingerprints,
`facial information, Voice print data, retinal data, hand geom
`etry measurements, Scanned iris data, and/or Signature veri
`fication data. Other biometric attributes not listed herein
`may also be utilized in accordance with the present inven
`tion.
`Additionally, at least one defective biometric
`0.031
`attribute associated with the user may be identified as
`defective (or otherwise un-readable), according to a method
`disclosed herein. Thereafter, a user can be prompted to input
`to the electronic System at least one additional biometric
`attribute randomly Selected from a user profile containing
`biometric attributes of the user.
`0032. A user-desired activity, according to the present
`invention, may be, for example, a financial transaction, an
`ATM transaction, access to a Secure area, access to data from
`the electronic System, and/or execution of a mechanical
`activity.
`0033. In accordance with the present invention, there is
`also provided a method for biometrically Securing access to
`an electronic System. In Such a method, a user may be
`prompted to input to an electronic System at least two
`biometric attributes randomly Selected from a user profile
`containing biometric attributes of the user. The user may
`then be permitted to perform a user-desired activity if
`biometric attributes input by the user to the electronic
`System matches the at least two biometric attribute randomly
`Selected from the user profile.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0034. The novel features believed characteristic of this
`invention are set forth in the appended claims. The invention
`itself, however, as well as a preferred mode of use, further
`objects, and advantages thereof, will best be understood by
`reference to the following detailed description of an illus
`trative embodiment when read in conjunction with the
`accompanying drawings, wherein:
`0.035
`FIG. 1 depicts a block diagram illustrating com
`ponents of an electronic System associated with a database
`containing biometric attributes in which preferred embodi
`ments of the present invention may be implemented;
`
`0036 FIG. 2 illustrates a diagram illustrating client com
`puter Systems coupled to host Systems through a network in
`which preferred embodiments of the present invention may
`be implemented;
`0037 FIG. 3 illustrates a block diagram illustrating some
`of the functional components within the client computer
`system depicted in FIG. 2, which may be utilized to imple
`ment an embodiment of the present invention
`0038 FIG. 4 depicts a diagram illustrating biometric
`attributes and a user profile, which may be utilized in
`accordance with preferred embodiments of the present
`invention;
`0039 FIG. 5 illustrates a flow chart illustrating opera
`tions for authenticating a user in accordance with an
`embodiment of the present invention;
`0040 FIG. 6 depicts a flow chart illustrating additional
`operations for authenticating a user in accordance with an
`embodiment of the present invention;
`0041
`FIG. 7 depicts a portion of a user interface that
`may be implemented in accordance with the present inven
`tion; and
`0042 FIG. 8 depicts a portion of an alternative user
`interface that may be implemented in accordance with the
`present invention.
`
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENT
`0043. The following description is presented to enable
`any person skilled in the art to make and use the invention,
`and is provided in the context of particular applications and
`its requirements. Various modifications to the disclosed
`embodiments will be readily apparent to those skilled in the
`art, and the general principles defined herein may be applied
`to other embodiments and applications without departing
`from the Spirit and Scope of the present invention.
`0044) Thus, the present invention is not intended to be
`limited to the embodiments shown, but is to be accorded the
`widest Scope consistent with principles and features dis
`closed herein. Although preferred embodiments of the
`present invention are described herein, those skilled in the
`art can appreciate that a number of varying embodiments
`may be implemented in accordance with the present inven
`tion.
`FIG. 1 depicts a block diagram illustrating com
`004.5
`ponents of an electronic System 12 associated with a data
`base or memory containing biometric attributes 14, in which
`preferred embodiments of the present invention may be
`implemented. Database 14 may be linked or integrated with
`electronic System 12 and may include a at least one user
`profile 15 containing biometric templates (i.e., Samples) of
`biometric attributes provided previously by particular users.
`Electronic System 12 may interact with and communicate
`with a variety of devices and mechanical Systems.
`0046 Electronic system 12 may, for example, communi
`cate with a computer WorkStation 24. In Such an example,
`electronic System 12 may be configured as a remote com
`puter network, Such as the Internet, or a dedicated computer
`network operating within a particular organization, business
`or institution. Electronic System 12 may also be configured
`
`IPR2022-00602
`Apple EX1021 Page 12
`
`
`
`US 2002/009 1937 A1
`
`Jul. 11, 2002
`
`to communicate with electromechanical Systems, Such as
`entry hardware of a Secure building 22. A user may acceSS
`electronic System 12 to Secure entry to Secure building 22.
`In Some applications, electronic System 12 may be config
`ured as electronics associated with or resident within the
`user interface (e.g., typical of non-networked Systems, Such
`as Secure entries).
`0047. Additionally, electronic system 12 may be config
`ured to communicate with an Automatic Teller Machine
`(ATM) 20 and/or point of sale. A user attempting to retrieve
`cash through ATM 20 can be required to authentication his
`or her identification, based on previously Stored biometric
`attributes contained within database 14 and/or user profile
`15. Database 14 and user profile 15 may together function as
`a biometric broker that communicates as a third-party Ser
`Vice with various mechanical Systems and other devices
`through electronic System 12. Electronic System 12 may also
`communicate with a financial institution 18 and wireleSS
`device 16.
`0.048. In order to communicate with wireless device 16,
`electronic System 12 may be configured as part of a wireleSS
`network. A wireleSS device 16 may be, for example, a
`wireleSS telephone or a wireleSS hand held device that can
`communicate with wireleSS networks to Send and receive
`data. Wireless device 16 may be, for example, a Wireless
`Application Protocol (WAP) enabled communications
`device configured to authenticate the identity of a user
`through a biometric Scanner integrated with or attached to
`the wireless device.
`0049 FIG. 2 illustrates a diagram illustrating client com
`puter systems 32, 34, and 36 coupled to host computer
`systems 48, 40, and 42 through a network 30, in which
`preferred embodiments of the present invention may be
`implemented. Network 30 may be any communication chan
`nel through which computer Systems can communicate. This
`includes, but is not limited to, local area networks, Such as
`Ethernet or Token ring, and wide area or remote computer
`networks, such as the Internet and World Wide Web, well
`known in the networking arts.
`0050 Network 30 may also be implemented as a wireless
`network through which wireleSS devices, Such as wireleSS
`device 16 of FIG. 1, may communicate with other devices
`and other Systems. A client, Such as client Systems 32, 34,
`and 36 can be any node on a computer network including
`computational capability and including a mechanism for
`communication across network 30. Human users 33,35, and
`37 may operate client systems 32, 34, and 36, respectively.
`A host, such as host systems 48, 40 and 42, can be any node
`on a computer network including a mechanism for Servicing
`requests from a client for computational or data Storage
`resources. Hosts may also be implemented as Servers.
`0051
`Host systems 48, 40 and 42 may be coupled to
`biometric broker 44. Biometric broker 44 can be imple
`mented as a centralized repository for Storing biometric
`attributes (i.e., biometric data), Such as fingerprint data.
`Biometric broker 44 may also be configured as an entity that
`obtains biometric data form a variety of biometric databases
`operated by different entities and organizations, and utilizes
`such information for authentication purposes. FIG.4, which
`will be further described herein, lists examples of biometric
`data that may be utilized in accordance with the present
`invention. Biometric broker 44 may also include a mecha
`
`nism for managing the biometric attributes Stored as data,
`and may additionally include a mechanism for implementing
`Security policies for the biometric attributes. Such policies
`may require Specific levels of authentication for different
`groups of users, or for access to different Servers.
`0052 Biometric brokers 44 may be implemented in any
`number of forms. In one possible embodiment, biometric
`broker 44 may be implemented as a node on network 30,
`which communicates with host systems 48, 40, and 42
`across network 30. In another possible embodiment, bio
`metric broker 44 is located on a host, such as host system 48.
`0053) The example illustrated in FIG. 2 may operate
`generally as follows. A user, Such as user 33, works on a
`client, Such as client System 32. User 33 requests access to
`resources on host system 48 across network 30. In response
`to this request, host System 48 attempts to authenticate user
`33. In doing so, host system 48 requests a biometric attribute
`(i.e., biometric data) from biometric broker 44. Biometric
`broker 44 returns a biometric attribute or biometric template,
`which may be compared against Sample biometric
`attribute(s) randomly collected from user 33. This compari
`Son may take place at a number of locations, including at
`client system 32, at host system 48 or at biometric broker 44.
`If the sample biometric attribute collected from user 33
`matches the biometric attribute retrieved from biometric
`broker 44, user 33 may be permitted to access resources on
`host system 48.
`0054 Providing a centralized authentication service such
`as biometric broker 114 has a number of advantages. One
`advantage is generally that centralized revocation can be
`Supported. For example, an employee in an organization
`typically has access to a number of different resources on a
`number of different host systems. When this employee
`leaves the organization, it often takes a long time to explic
`itly revoke the employee's access rights on all host Systems.
`Under a centralized revocation Scheme, Such revocation
`only needs to take place once at the centralized revocation
`Service Since the disparate host Systems always look to the
`centralized revocation Service to authenticate a user.
`0055 FIG. 3 illustrates a block diagram illustrating some
`of the functional components within client computer System
`32 that may be utilized to implement an embodiment of the
`present invention. Note that in FIGS. 2 and 3 identical parts
`are represented by identical reference numerals. AS men
`tioned above, client System 32 can be any node on a
`computer network including computational capability and
`including a mechanism for communication acroSS network
`30. In the illustrated embodiment, client system 32 includes
`user interface 62, networking code 64 and adapter 66. These
`functional components can be implemented in Software
`running on, for example, a client CPU. User interface 62
`provides a mechanism through which user 33 can operate
`client system 32. Networking code 64 may include a library
`of functions, which allow client System 32 to communicate
`across network 30. Adapter 66 may include a collection of
`functions that implement the client portion of a biometric
`authentication System according to one embodiment of the
`present invention.
`0056 Adapter 66 may communicate with sealed hard
`ware unit 58, which can be utilized to perform biometric
`authentication functions. In the example illustrated in FIG.
`3, Sealed hardware unit 58 can be encased in a sealed
`
`IPR2022-00602
`Apple EX1021 Page 13
`
`
`
`US 2002/009 1937 A1
`
`Jul. 11, 2002
`
`insulating layer, which prevents a malicious user of client
`System 32 from monitoring the computational operations
`performed within sealed hardware unit 58. This can prevent
`a malicious user from improperly gaining access to host
`system 48, even if the malicious user has the power to
`modify hardware and Software resources on client System
`32. The circuitry inside sealed hardware unit 58 may be
`encased in the insulating layer in Such a manner that any
`attempt to cut through the insulating layer to monitor the
`circuitry is likely to render the circuitry inoperable. Of
`course, Such features may or may not be implemented and
`are presented here for illustrative purposes only and are not
`meant to be interpreted as limited features of the present
`invention.
`0057 Sealed hardware unit 58 can include a C