US007110580B2
`
`(12) United States Patent
`BOstrom
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 7,110,580 B2
`Sep. 19, 2006
`
`(54) DISTRIBUTED BIOMETRIC ACCESS
`CONTROL METHOD AND APPARATUS
`
`Primary Examiner Vikkram Bali
`(74) Attorney, Agent, or Firm Nixon Peabody, LLP
`
`(75) Inventor: Susan J. Bostrom, San Antonio, TX
`(US)
`(73) Assignee: NextgenID, Inc., San Antonio, TX (US)
`(*) Notice:
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`(21) Appl. No.: 10/384,070
`
`(22) Filed:
`
`Mar. 10, 2003
`
`(65)
`
`Prior Publication Data
`US 2004/OO36574 A1
`Feb. 26, 2004
`
`(51) Int. Cl.
`(2006.01)
`G06K 9/00
`(52) U.S. Cl. ........................ 382/124; 382/118; 382/116
`(58) Field of Classification Search ........ 382/115-119,
`382/124-127; 902/3–6: 235/380,382,382.5;
`713/182, 186: 340/5.2, 5.53, 5.1, 5.8, 5.83
`See application file for complete search history.
`References Cited
`
`(56)
`
`U.S. PATENT DOCUMENTS
`
`4,993,068 A * 2/1991 Piosenka et al. ............ T13, 186
`5,802,199 A * 9/1998 Pare et al. .................. 382,115
`6, 160,903 A * 12/2000 Hamid et al. ............... 382,115
`6,496,595 B1* 12/2002 Puchek et al. .............. 382,124
`* cited by examiner
`
`
`
`(57)
`
`ABSTRACT
`
`The present invention is directed to an access control
`apparatus and method. Enrollment is conducted at a cen
`tralized server and enrollment data, Such as identification
`data is downloaded to plural local access units at respective
`entrances to a restricted area. The local access units then
`collect data of a person upon an attempted entry in to the
`area and compare the data with downloaded enrollment data
`to determine if the person is authorized for access. If the
`person is authorized, an access control device is operated to
`open a door, gate, or the like of the entrance. The enrollment
`data can be primary biometric data or primary and secondary
`biometric data, said secondary biometric data can be col
`lected at the local access units. If a secondary type of
`biometric data is collected at the local access units and is
`correlated to data stored on the local access unit, data of the
`same type is compared to the downloaded data for access
`control. The primary enrollment data can be non-environ
`mentally affected data, Such as fingerprint parameter data
`and the secondary type of data can be environmentally
`affected data, Such as facial parameter data. In cases where
`the primary biometric data does not correspond to stored
`primary biometric data, secondary biometric data can be
`collected and authenticated and new primary biometric data
`collected for potential addition to a user's primary biometric
`enrollments.
`
`4 Claims, 4 Drawing Sheets
`
`IPR2022-00602
`Apple EX1042 Page 1
`
`

`

`U.S. Patent
`U.S. Patent
`
`Sep. 19, 2006
`Sep. 19, 2006
`
`Sheet 1 of 4
`Sheet 1 of 4
`
`US 7,110,580 B2
`US 7,110,580 B2
`
`PTTTT 7
`|
`
`09
`
`|
`|
`|
`|
`|
`
`||
`
`4
`
`|
`lo
`|
`|
`
`o9
`
`!
`©
`ows
`|
`»
`om: oN
`= |
`©
`LL. i
`\
`!
`i
`re
`_ {
`|
`ow td
`{
`|
`-
`
`Louw __I
`i
`\
`=
`|
`=
`x
`
`&
`
`oo”
`
`IPR2022-00602
`Apple EX1042 Page 2
`
`IPR2022-00602
`Apple EX1042 Page 2
`
`

`

`U.S. Patent
`
`Sep. 19, 2006
`
`Sheet 2 of 4
`
`US 7,110,580 B2
`
`
`
`
`
`
`
`A
`
`FG. 2
`
`Collect
`Biometric
`Parameters
`
`
`
`Enter
`Corresponding
`Data
`
`All
`Enrollment
`Finished 2
`
`C
`
`DOWnload
`Enrollment Data i
`to label ACCess
`Terminals
`
`N-D
`
`End
`
`E
`
`IPR2022-00602
`Apple EX1042 Page 3
`
`

`

`U.S. Patent
`
`Sep. 19, 2006
`
`Sheet 3 of 4
`
`US 7,110,580 B2
`
`
`
`
`
`
`
`
`
`
`
`
`
`ex
`
`Collect
`Biometric Parameters
`of Approaching
`PerSOn
`
`A
`
`B
`
`Compare Collected
`Parameters with
`Templates
`
`
`
`E
`
`C
`No
`
`Scan
`Fingerprint
`
`dentified
`Yes -D
`AllOW
`Compare Collected
`ACCeSS
`Parameters with Templates
`
`F
`
`H
`
`G
`
`ldentified NO i-Alarm
`Yes
`
`Collect
`Facial Parameters
`
`J
`
`Store Template
`
`K
`
`AllOW
`Access
`
`IPR2022-00602
`Apple EX1042 Page 4
`
`

`

`U.S. Patent
`
`Sep. 19, 2006
`
`Sheet 4 of 4
`
`US 7,110,580 B2
`
`F.G. 4
`
`Error image
`Au-Assembly? No-Data & Return
`Yes
`to Operation
`
`
`
`C
`
`--
`
`B
`
`Server
`
`Send
`Messages & Alarm
`
`Save & Send
`Image Data
`
`
`
`
`
`Display
`Image Data
`
`IPR2022-00602
`Apple EX1042 Page 5
`
`

`

`1.
`DISTRIBUTED BOMETRIC ACCESS
`CONTROL METHOD AND APPARATUS
`
`RELATED APPLICATION DATA
`
`This application is related to U.S. patent application Ser.
`No. 10/215,950 filed Aug. 12, 2002, the disclosure of which
`is herby incorporated by reference. This application is also
`related to U.S. patent application Ser. No. 09/574,001 filed
`May 19, 2000, now U.S. Pat. No. 6,496,595 the disclosure
`of which is herby incorporated by reference.
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`The invention relates to automated systems for permitting
`authorized persons to access secured buildings or other areas
`while preventing Such access by unauthorized persons. More
`particularly, the invention relates to an access control system
`that uses biometric parameters to identify authorized persons
`and to permit access by the authorized persons.
`2. Description of the Related Art
`The invention relates to restricting access into a restricted
`area and thus the term “access', as used herein, refers to
`physical entry into a building, or other restricted area.
`However, the restricted area can be the exterior of a building
`or the like and thus the invention can be applied to control
`ling entry or exit out of a building or other area. There have
`always been situations in which it was desirable to restrict
`access to certain physical areas to a select person or group
`of people. Such restricted access has been accomplished by
`fences, walls, locks and other barriers. However, even the
`use of barriers has not prevented unauthorized access.
`Accordingly, it has been necessary in many instances to
`provide human Surveillance in the form of a security guard
`at an entrance to an area or through the use of video cameras
`or the like to transmit images to a security guard at a remote
`or centralized location. Of course, the use of security guards
`and video cameras can become expensive and is only as
`reliable as the particular guard and his state of alertness at
`any particular time.
`The complexities of modern society have only served to
`increase the need for access control. For example, many
`government agencies and contractors work on matters that
`are of a confidential or even “top secret” nature. In fact, most
`workplaces, such as offices, warehouses, and even retail
`stores in Some instances, have a need to implement access
`control to prevent the theft of intellectual property and/or
`goods.
`In response to the need for access control, many govern
`ment agencies and businesses have issued identification
`cards to their employees and other authorized personnel.
`Often, the identification card includes a picture of the
`authorized person. However, such an identification card still
`requires a security guard or other personnel for Verification.
`Also, Such cards are easily forged by replacing the picture
`with that of an unauthorized person. To overcome these
`limitations, it is known to provide the employee with a
`personal identification number (PIN) or other identifying
`code. The identifying code can be encoded in a magnetic
`strip or the like in a security card and read by an automated
`reader at an entrance to grant access only to persons having
`the card. Alternatively, the code can be entered by the user
`on a keypad to gain access. However, the use of identifying
`codes also has drawbacks in access control applications. In
`particular, the identification card can be stolen or the user
`
`10
`
`15
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 7,110,580 B2
`
`2
`can be forced under duress to reveal their code. In such
`cases, unauthorized possessors of the card or code can gain
`access to a restricted area.
`The use of biometrics has been proposed as a solution to
`the limitations noted above. Generally, the term “biomet
`rics' refers to the study of measurable biological character
`istics, i.e. biometric parameters, of a living being. In the
`context of security, “biometrics' refers to techniques that
`rely on a unique, measurable characteristic of a living being
`for automatically recognizing or verifying identity.
`Examples of biometric parameters are facial data, retinal
`data, fingerprint data, speech data, and the like.
`Generally, biometric systems operate in the following
`manner. First, a system captures a sample of at least one
`biometric parameter during an “enrollment process. The
`parameters are then converted by the system into a math
`ematical code, i.e., data, that is stored as the biometric
`template representing measured biometric parameters for
`that person. There may also be a way to correlate the
`template to the person. For example, a personal identifica
`tion number (PIN) can be given to an enrolled user, which
`is entered to access the template. A new biometric sample is
`then taken and compared to the template or to a group of
`templates. If one of the templates and the new sample match,
`the person is recognized as authorized. Central to a biomet
`ric system is the “engine' which processes the biometric
`data in accordance with various algorithms or artificial
`neural networks.
`Some biometric systems use “identification' methods and
`some use “verification' methods. In identification systems,
`a sample is presented to the biometric system and the system
`then attempts to find out who the sample belongs to by
`comparing the sample with a plurality of templates obtained
`through enrollment. Verification systems on the other hand
`perform a one-to-one process where the biometric system is
`seeking to Verify identity. A single biometric sample is
`matched against a single template obtained during enroll
`ment. If the two match, the system effectively confirms that
`the person actually is who he presents himself to be. The key
`difference between these two approaches centers on the
`logic addressed by the biometric system and how these fit
`within a given application. Identification systems decide
`who the person is and can check whether more than one
`matching biometric template exists. Accordingly, identifica
`tion systems can deny access to an individual who is
`attempting to pass himself off with more than one identity.
`Verification, on the other hand only decides if the person is
`who he says he is. Accordingly, identification systems are
`more versatile and powerful. However, verification systems
`generally require less processing horsepower and thus are
`commonly used.
`In typical biometric access control systems, biometric
`sensors are placed, proximate entrances and are linked to a
`central computer having biometric "enrollment data, i.e.,
`templates, representing biometric parameters of authorized
`users collected from a central enrollment station. If the
`biometric parameter collected at the entrance matches a
`template stored in the central computer, access is granted.
`However, conventional biometric systems have several limi
`tations. In particular, the sensing accuracy of biometric
`parameters, such as facial parameters, retinal parameters,
`and the like is highly dependent on the environment in which
`the parameters are sensed. For example, the lighting inten
`sity, angle and color will affect sensing of biometric param
`eters. Accordingly, the ability to reliably match data repre
`senting parameters collected at an entrance with data of
`templates collected during enrollment is limited, especially
`
`IPR2022-00602
`Apple EX1042 Page 6
`
`

`

`3
`when the entrance is an external entrance where the weather,
`season, and time of day will affect lighting significantly.
`Also, sensing biometric parameters, converting the param
`eters to data, communicating the data to a central computer,
`and comparing the data parameters with templates of enroll
`ment data in the central computer is relatively time consum
`ing, even with modern high speed computers and commu
`nication links. Accordingly, such systems present significant
`inconveniences to the authorized persons through improp
`erly rejected access and time delays prior to granting access.
`The use of less environmentally affected biometric param
`eters, such as fingerprint parameters can alleviate Some of
`the problems noted above. However, sensing Such param
`eters requires that the person desiring access make physical
`contact with a sensor. Such as a fingerprint Scanner, upon
`each entry request. Also, Such parameters are easily affected
`by skin debris, and skin blemishes. Therefore, the person
`desiring access may have to wipe off their finger, not to
`mention remove any gloves, prior to Submitting to the
`physical contact with the sensor. The match tolerance
`between a template and data corresponding to a measured
`parameter can be increased to minimize lockout of autho
`rized users. However, Such an approach inherently reduces
`the accuracy and effectiveness of the system by increasing
`the likelihood of allowing access to unauthorized users.
`U.S. Pat. No. 5,802,199 attempts to solve the issue of slow
`response in biometric identification systems by transmitting
`a subset of templates obtained through enrollment from a
`central computer to one of plural “local computers. If the
`user attempts to use an ATM terminal that corresponds to the
`“local” computer, identification is accomplished by collec
`tion of biometric data and a PIN number and by comparison
`with templates in the “local computer. If a matching
`template and PIN number is not in the “local computer,
`35
`biometric identification is accomplished in the central com
`puter by transmitting collected data over a remote commu
`nication link.
`U.S. Pat. No. 5,802,199 relates to identification for allow
`ing use of ATM terminals and not for access control as
`defined herein. The practical communications of access
`control and ATM use control are quite different. For
`example, the “local computers disclosed in U.S. Pat. No.
`5,802,199 are apparently not at the location of biometric
`sampling, i.e. the ATM terminal. It appears that plural ATM
`45
`terminals are assigned to each local computer because of the
`inherent geographic distribution of ATM terminals. The
`“local computers are actually centralized computers.
`Accordingly, the system disclosed in U.S. Pat. No. 5,802,
`199 is not suitable for high speed access control which
`generally requires high speed identification within a rela
`tively small geographic area, such as a single building or
`campus. Also, since enrollment is conducted centrally, i.e.
`not at the site of the ATM terminal, environmental variables
`will affect the accuracy of identification. Finally, this system
`requires that two separate things be recognized, the biomet
`ric sample parameters and a PIN number entered by the user.
`U.S. Pat. No. 5,903.225 discloses an access control sys
`tem in which data is encoded on a card during an enrollment
`procedure in correspondence to the person’s fingerprint.
`When attempting to gain access to a restricted area, a
`transmitter on the card transmits the data to a receiver at the
`entrance to grant access. This system apparently does not
`implement biometric recognition or identification and thus
`has the same limitations as conventional access systems
`using magnetic cards. In particular, whoever possesses the
`card is granted access regardless of their identity.
`
`4
`U.S. Pat. No. 4,993,068 discloses an access system in
`which the enrollment procedure includes recording biomet
`ric data on a card to be carried by the user and comparing the
`data on the card with data of biometric parameters measured
`at the entrance. This system is inherently a verification
`system and thus is not as flexible as an identification system
`for the reasons discussed above. Also, since enrollment is
`conducted at a central location, sensing of parameters upon
`access can be affected by the environment at the entrance.
`Accordingly, the accuracy of this system is limited.
`
`SUMMARY OF THE INVENTION
`
`It is an object of the invention to overcome the limitations
`of the known systems described above.
`It is an object of the invention to maximize the speed of
`biometric identification access control.
`It is another object of the invention to maximize the
`accuracy of biometric identification access control.
`It is another object of the invention to minimize the
`inconvenience and obtrusiveness of biometric identification
`access control.
`It is another object of the invention to minimize the effect
`of environmental variables in biometric identification access
`control.
`It is another object of the invention to clearly indicate any
`security anomaly in a biometric identification access control
`system.
`A first aspect of this invention is an apparatus for con
`trolling access into an area. The apparatus comprises (1) a
`server including a server memory and a server data collec
`tion device; (2) a local access unit; (3) an access control
`device and (4) a communication channel. The server data
`collection device is configured to collect identification data.
`The local access unit is associated with an entrance to an
`area and includes a local memory, a local processor, a
`primary local biometric parameter sending device and at
`least one secondary biometric parameter sensing device, a
`local data collection device, and an access control device.
`The communication channel is used for downloading the
`identification data from the server to the local access unit.
`The local processor is operative to recognize an autho
`rized user by comparing primary biometric parameter data
`of a person proximate an entrance with primary biometric
`parameter data stored in the local memory. Access to the area
`is granted when the primary biometric parameter data of a
`person proximate the entrance and the primary biometric
`parameter data stored in the local memory correspond.
`The local processor is also operative to collect secondary
`biometric parameter data through the secondary biometric
`parameter sensing device when the primary biometric
`parameter data collected by the local primary biometric
`sensing device and the primary biometric parameter data
`stored in the local memory do not correspond. In this event,
`access to the area is granted when the secondary biometric
`parameter data collected by the local secondary biometric
`parameter sensing device and the secondary biometric
`parameter data stored in the local memory correspond.
`When the biometric parameter data collected by the local
`primary biometric parameter sensing device and the biomet
`ric parameter data stored in the local memory do not
`correspond and the secondary biometric parameter data
`collected by the local secondary biometric parameter sens
`ing device and the secondary biometric parameter data
`stored in the local memory correspond, the local processor
`is operative to prompt the user to provide a new biometric
`parameter data to the local primary biometric parameter
`
`US 7,110,580 B2
`
`10
`
`15
`
`25
`
`30
`
`40
`
`50
`
`55
`
`60
`
`65
`
`IPR2022-00602
`Apple EX1042 Page 7
`
`

`

`5
`sensing device and to store the new biometric parameter
`sensing device in correspondence with primary biometric
`parameter data stored in the local memory.
`A second aspect of the invention is an apparatus for
`controlling access to an area comprising a local processor
`that is operative to recognize an authorized user by com
`paring primary biometric parameter data of a person proxi
`mate the entrance with primary biometric parameter data
`corresponding to a plurality of users stored in the local
`memory. Access is granted if the primary biometric param
`eter data collected by the local primary biometric parameter
`sensing device and the stored primary biometric parameter
`data corresponding to any one of the plural users correspond.
`A third aspect of the invention is an apparatus for con
`trolling access to an area, comprising a local processor that
`is operative to recognize an authorized user by prompting a
`person proximate the entrance to enter identification data
`into the local data collection device, retrieving a subset of
`primary biometric parameter data corresponding to the iden
`tification data stored in the local memory, and comparing the
`primary biometric parameter data collected by the local
`primary biometric parameter sensing device with the Subset
`of primary biometric parameter data. Access to the area is
`granted when the primary biometric parameter data col
`lected by the local primary biometric parameter sensing
`device and the Subset of primary biometric parameter data
`correspond.
`A fourth aspect of the invention is an apparatus for
`controlling access to an area comprising a means for authen
`ticating a secondary biometric parameter data when the
`primary biometric parameter data collected by the local
`primary biometric parameter sensing device and the primary
`biometric parameter data stored in the local access unit do
`not correspond.
`A fifth aspect of the invention is a method of controlling
`access into an area comprising the steps of (1) recognizing
`an authorized user by comparing primary biometric param
`eter data of a person proximate the entrance collected by the
`local primary biometric parameter sensing device with pri
`mary biometric parameter data stored in the local memory,
`and granting access by operating the access control device if
`the primary biometric parameter data collected by the local
`primary biometric parameter sensing device and the primary
`biometric parameter data stored in the local access unit
`correspond; (2) prompting the person to enter secondary
`biometric parameter data through at least one secondary
`biometric parameter sensing device when the primary bio
`metric parameter data collected by the primary biometric
`parameter sensing device and the primary biometric param
`eter data stored in the local access unit do not correspond
`and granting access by operating the access control device
`when the secondary biometric parameter data of an autho
`rized person collected by the local secondary biometric
`parameter sensing device and the secondary biometric
`parameter data stored in the local memory correspond; and
`(3) prompting the person to provide additional primary
`biometric data through the primary biometric parameter
`sensing device and storing said additional primary biometric
`parameter data collected by the local primary biometric
`parameter sensing device in the local access unit when the
`primary biometric parameter data collected by the local
`primary biometric parameter sensing device and the primary
`biometric parameter data stored in the local access unit do
`not correspond and when the secondary biometric parameter
`data collected by the at least one local secondary biometric
`parameter sensing device and the secondary biometric
`parameter data stored in the local memory correspond.
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 7,110,580 B2
`
`5
`
`10
`
`15
`
`6
`A sixth aspect of the invention is a method wherein the
`recognizing step comprises comparing primary biometric
`parameter data of a person collected by the local primary
`biometric parameter sensing device with primary biometric
`parameter data corresponding to plural users stored in the
`local memory, and granting access to the area by operating
`the access control device if the primary biometric parameter
`data collected by the local primary biometric parameter
`sensing device and the primary biometric parameter data
`correspond.
`A seventh aspect of the invention is a method wherein the
`recognizing step comprises prompting a person proximate
`the entrance to enter identification data into the local data
`collection device, retrieving a Subset of primary biometric
`parameter data corresponding to the identification data
`stored in the local memory, comparing the primary biometric
`parameter data collected by the local primary biometric
`parameter sensing device with the Subset of primary bio
`metric parameter data, and granting access to the area when
`said primary biometric parameter data collected by said
`local primary biometric parameter sensing device and said
`Subset of primary biometric parameter data correspond.
`A eighth aspect of the invention is a method including the
`step of a system administrator authenticating the additional
`primary biometric parameter data collected by the local
`primary biometric parameter sensing device when the sec
`ondary biometric parameter data collected by the secondary
`biometric parameter sensing device and the secondary bio
`metric parameter data stored in the local memory corre
`spond, by comparing primary biometric parameter data
`collected during the primary enrollment procedure with the
`additional primary biometric parameter data collected by the
`local primary biometric parameter sensing device.
`
`BRIEF DESCRIPTION OF THE DRAWING
`
`The invention is described through a preferred embodi
`ment and the attached drawing in which:
`FIG. 1 is a block diagram of the architecture of an access
`control system of the preferred embodiment;
`FIG. 2 is a flow chart of the primary enrollment procedure
`of the preferred embodiment;
`FIG. 3 is a flow chart of the identification and secondary
`enrollment procedures of the preferred embodiment; and
`FIG. 4 is a flow chart of the anomaly enunciation proce
`dure.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENT
`
`FIG. 1 illustrates the system architecture of a preferred
`embodiment of the invention. Biometric access control
`system 20 includes server 40, plural local access units 60,
`and communications channel 80. Server 40 and local access
`units 60 can each include microprocessor based digital
`computers as described in detail below. In the preferred
`embodiment, communications channel 80 is a local area
`network (LAN) such as an Ethernet network communicating
`over a coaxial cable or unshielded twisted pair (UTP).
`However, communication channel 80 can be any type of
`communication channel using cables, radio frequency trans
`mission, optical transmission over fibers, infrared transmis
`Sion, or any other wired or wireless communication mode
`capable of providing the communication described herein.
`Any communications protocols and transmission medium
`can be used. For example, communication channel 80 can be
`the Internet and each computer can have a separate IP
`
`IPR2022-00602
`Apple EX1042 Page 8
`
`

`

`US 7,110,580 B2
`
`10
`
`15
`
`7
`address. Also, communication channel 80 can be accom
`plished merely by physically moving a removable recording
`medium, Such as a diskette, between server 40 and access
`terminals 60: a channel sometimes referred to as "sneaker
`net’.
`Server 40 is a digital microprocessor based computer,
`Such as a personal computer, a minicomputer, a program
`mable logic controller, or any other proprietary or non
`proprietary device capable of accomplishing the processing
`and communication functions described below. Server 40
`includes central processing unit (CPU) 42, memory device
`44 (Such as a magnetic hard drive), random access memory
`(RAM) 46, input device 48 (such as a keyboard and mouse),
`display 50, microphone 52, speaker 54, biometric parameter
`sensing device 56, a data bus (not illustrated) for providing
`communications between the various components and the
`appropriate interfaces for each component (also not illus
`trated). Biometric parameter sensing device 56 serves to
`collect identification data during an enrollment procedure, as
`described below, and can be of any type, such as a finger
`print Scanner, a camera for sensing facial parameters, a
`retinal scanner, or the like. For the sake of discussion of the
`preferred embodiment, it is assumed herein that biometric
`parameter sensing device 56 is a facial recognition camera
`or a fingerprint Scanner capable of sensing parameters
`relating to a persons fingerprint. Server 40 has a control
`program stored on memory device 44 that includes instruc
`tions for accomplishing the functions described below. The
`control program of server 40 also includes a biometric
`engine such as that described in U.S. Pat. No. 5,386,103, the
`disclosure of which is incorporated herein by reference.
`Local access unit 60 also is a digital microprocessor based
`computer, such as a personal computer, a minicomputer, a
`programmable logic controller, or any other proprietary or
`non-proprietary device capable of accomplishing the pro
`cessing and communication functions described below. Only
`one local access unit 60 is illustrated in detail and discussed
`in detail below. However, each local access unit is similar
`and thus the description below applies to each local access
`unit 60. Local access unit 60 includes central processing unit
`(CPU) 62, memory device 64 (such as a magnetic hard
`drive), random access memory (RAM) 66, input device 68
`(such as a keypad), display 70, microphone 72, speaker 74,
`biometric parameter sensing device 76 (serving as an aux
`iliary biometric parameter sensing device), biometric param
`45
`eter sensing device 77, access control device 78 (such as a
`lock Solenoid, gate, or the like), a data bus (not illustrated)
`for providing communications between the various compo
`nents, and the appropriate interfaces for each component
`(not illustrated). Biometric parameter sensing device 76
`preferably is of the same type, i.e. senses the same biometric
`parameters, as biometric parameter sensing device 56 of
`server 40, a fingerprint scanner or facial recognition camera
`in the preferred embodiment. Biometric parameter sensing
`device 77 can be of any type but is preferably of a different
`type, i.e. senses different biometric parameters, than bio
`metric parameter sensing device 76. In the preferred
`embodiment, biometric parameter sensing device 77 is a
`camera for sensing facial parameters.
`Each local access unit 60 has a control program stored in
`memory device 64 that includes instructions for accomplish
`ing the functions described below. The control programs of
`local access units 60 also include a biometric engine, Such
`as that described in U.S. Pat. No. 5,386,103. Each local
`access unit 60 can include access panel 60a (including input
`device 68, display 70, microphone 72, speaker 74, biometric
`parameter sensing device 76, biometric parameter sensing
`
`55
`
`8
`device 77, and access control device 78) and controller 60b
`(including CPU 62, memory device 64, and RAM 66).
`Access panel 60a and controller 60b can be housed sepa
`rately. However, it will become apparent below that access
`panel 60a and controller 60b preferably are located in close
`proximity to one another. The number of physical enclosures
`associated with local access unit 60 can vary as is required
`by the particular application and entrance.
`Server 40 can be disposed at any location in the building
`or other area to which access control system 20 is being
`applied or at a remote location. Also, server 40 can be any
`one of plural computers coupled to a network or can be
`embodied by plural computers on the network each con
`ducting a different portion of the function of server 40. For
`example, the enrollment procedure disclosed below can be
`conducted on one computer and the anomaly monitoring
`functions disclosed below can be conducted by another
`computer with the two computers together constituting
`server 40. Local access units 60 are associated with the
`respective doors or other entrances of the building or other
`area to which access control system 20 is applied. Typically,
`access panels 60a are located just outside the doorframe and
`controllers 60b are located inside an entrance to the building
`or other area to prevent tampering therewith. However,
`controllers 60b are preferably located close enough to
`respective access panels 60a to allow local communications
`through a serial port, parallel port, Universal Serial Bus
`(USB) port or the like.
`FIG. 2 illustrates the primary enrollment procedure of the
`preferred embodiment in which persons are authorized for
`access. A person to be allowed access to the area controlled
`by system 20 is brought to an enrollment location proximate
`server 40. Biometric parameters are sensed by biometric
`parameter sensing device 56 of server 40 in step A. Prefer
`ably, both fingerprint and facial parameters are collected
`during the primary enrollment procedure. The collection of
`fingerprint parameters is accomplished by placing the finger
`of the person on a sensing Surface of biometric parameter
`sensing device 56 and selecting appropriate menu choices
`di