lll lll a llDl DID llD llD llD lll Dll DIII Dl Dll DIII DID ll Dl lli
`
`US 20040123 113A1
`
`(19) United States
`12) Patent Application Publication (1
`(43) Pub. Date:
`Mathiassen et nl. (cid:9)
`
`200
`Jun (cid:9)
`
`2004
`
`(54) PORTABLE OR EMBEDDED ACCESS AND
`INPUT DEVICES AND METHODS FOR
`GIVING ACCESS TO ACCESS LIMITED
`DEVICES, APPARATUSES, APPLIANCES,
`SYSTEMS OR NETWORKS
`
`(76) Inventors: Svein Mathiassen, Heggedal (NO);
`Ivar Mathiassen, Narvik (NO)
`
`Correspondence Address:
`ROTHWELL, FIGG, ERNST & MANBECK,
`P.C.
`1425 K STREET, N.W.
`SUITE 800
`WASHINGTON, DC 20005 (US)
`
`(21) Appl. No.: (cid:9)
`
`10/321,850
`
`(22) Filed: (cid:9)
`
`Dec. 18, 2002
`
`Publication Classification
`
`(51) Int. Cl.7 ....................................................... H04L 9/32
`(52) U.S. Cl . (cid:9)
`.............................................................. 713/185
`
`ABSTRACT
`(57) (cid:9)
`A portable or embedded access device is provided for being
`coupled to, and for allowing only authorized users access to,
`an access-limited apparatus, device, network or system, e.g.
`a computer terminal, an internet bank or a corporate or
`government intranet. The access device comprises an inte-
`grated circuit (IC) (1) providing increased security by bridg-
`ing the functionality of biometrics input from a user and,
`upon positive authentication of the user's fingerprint locally
`to provide secure communication with the said access-
`limited apparatus, device, network or system, whether local
`or remote.
`A corresponding method of using the portable device or the
`embedded device is disclosed for providing a bridge from
`biometrics input to a computer locally, into secure commu-
`nication protocol responses to a non-biometrics network.
`An embedded access control and user input device or
`apparatus for being a built-in part of stand alone appliances
`with some form of access control, e.g. hotel safes, medicine
`cabinet or the like, and for providing increased security, is
`also provided.
`Further, a method of providing secured access control and
`user input in stand-alone appliances having an embedded
`access control or user input device according to the inven-
`tion is also explained.
`
`~ (cid:9)
`F2 (cid:9)
`( (cid:9)
`n (cid:9)
`B ~~ (cid:9)
`
`------- - ---- - -
`Portable Device
`with Software
`
`31
`
`F1 (cid:9)
`
`- ------- (cid:9)
`Portable Device (cid:9)
`with integral
`Sensor
`
`--------
`
`Z~
`,=
`
`Integral
`Device
`embedded in
`
`F3
`
`IPR2022-00602
`Apple EX1004 Page 1
`
`

`

`embedded in
`
`Terminal
`
`Device
`Integral
`
`----------
`
`Sensor
`
`Portable Device
`
`with integral (cid:9)
`
`N
`
`----------
`
`------------- (cid:9)
`
`-- (cid:9)
`
`31
`
`Module
`
`Software
`
`I II
`
`_
`/1
`
`31
`
`with Software
`Portable Device
`
`B (cid:9)
`
`A (cid:9)
`
`Figure lb
`
`D
`
`B
`
`A ~
`
`Figure la
`
`b
`
`IPR2022-00602
`Apple EX1004 Page 2
`
`

`

`W
`
`N
`~
`
`
`
`N
`
`--~
`
`
`
`
`
`N
`
` W
`d (cid:9)
`
`7c (cid:9)
`
`10 (cid:9)
`
`(9,600 bits)
`SmartCard (cid:9)
`
`Wake-Up (cid:9)
`
`External Clock (cid:9)
`
`Serial Port (cid:9)
`
`Purpose 10 (cid:9)
`General (cid:9)
`
`lle (cid:9)
`
`(ç/
`
`7c (cid:9)
`
`Interface
`SmartCard (cid:9)
`
`Mode (cid:9)
`
`Operation (cid:9)
`
`Timer (cid:9)
`
`Watchdog (cid:9)
`
`(16550) (cid:9)
`UART (cid:9)
`
`GPIO (cid:9)
`
`APB
`
`Controller
`Interrupt
`
`lla
`
`g (cid:9)
`
`llc (cid:9)
`
`11b
`
`ROM
`Boot (cid:9)
`
`Decoder (cid:9)
`Address (cid:9)
`
`(DES, E B, CBC)
`
`TDES (cid:9)
`
`Seed Guardian (cid:9)
`
`Bridge (cid:9)
`
`AHB/APB (cid:9)
`
`Arbiter (cid:9)
`
`.;
`
`ii
`
`lld (cid:9)
`
`AHB
`
`3
`
`Interface
`Ethernet
`
`Interface (cid:9)
`
`USB (cid:9)
`
`Interface (cid:9)
`
`Flash (cid:9)
`
`Interface (cid:9)
` SORAM (cid:9)
`
`Pre-Processing
`Image Capture &
`
`Wake-Up
`
`Processor (cid:9)
`
`9
`b
`
`9a (cid:9)
`
`7d (cid:9)
`
`6b (cid:9)
`
`
`
`F (cid:9)
`-SoC ASIC
`
`1
`
`MI I / MIIMI
`Ethernet (cid:9)
`
`(1.5-12 Mbits/s) (cid:9)
`
`USB (cid:9)
`
`Serial Flash (cid:9)
`
`SDRAM (cid:9)
`
`Sensor (cid:9)
`
`Fingerprint (cid:9)
`
`5a
`
`5b (cid:9)
`
`5c (cid:9)
`
`Figure 2a
`
`6a
`
`5
`
`IPR2022-00602
`Apple EX1004 Page 3
`
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`

`

`W
`~
`
`
`
`O
`
`"'
`
`W
`
`
`
`rr
`
`
`
`sy
`
`Wake- p
`
`10 (cid:9)
`
`External Clock (cid:9)
`
`lle (cid:9)
`
`Serial Port (cid:9)
`
`Purpose 10 (cid:9)
`General (cid:9)
`
`9d
`
`9c (cid:9)
`
`L--------------------
`
`j
`
`I
`j, (cid:9)
`
`(replacing external FLASH)
`
`SmartCard Block (EEPROM) (cid:9)
`
`(embedded in CMOS) (cid:9)
`
`I (cid:9)
`j (cid:9)
`
`Operation (cid:9)
`
`Mode (cid:9)
`
`Watchdog (cid:9)
`
`Timer (cid:9)
`
`(16550) (cid:9)
`UART (cid:9)
`
`GPO (cid:9)
`
`7a
`
`7b (cid:9)
`
`---- ----I
`Interface (cid:9)
`j
`SmartCard I (cid:9)
`
`j (cid:9)
`
`---------i I---------I
`6
`~- ►
`
`I (cid:9)
`j (cid:9)
`
`i (cid:9)
`
`Encryption (cid:9)
`j (cid:9)
`I Internal I I Other (cid:9)
`1-- ------ __Li --8c---- ---,
`
` 6c (cid:9)
`Memory (cid:9)
`
`APB
`
`1
`
`4
`
`Q
`
`6d (cid:9)
`
`llc (cid:9)
`
`Controller (cid:9)
`Interrupt (cid:9)
`
`I lb
`
`ROM
`Boot (cid:9)
`
`I (cid:9)
`i (cid:9)
`
`Generation (cid:9)
`Secure Key (cid:9)
`
`I (cid:9)
`i (cid:9)
`
`(DES, ECB, CBC) (cid:9)
`
`TDES (cid:9)
`
`I (cid:9)
`
`Interface (cid:9)
`Memory (cid:9)
`
`I (cid:9)
`
`Bridge (cid:9)
`
`AHB I APB (cid:9)
`
`Arbiter (cid:9)
`
`Interface
`Ethernet
`
`Interface (cid:9)
`
`USB (cid:9)
`
`Decoder (cid:9)
`Address (cid:9)
`
`Interface (cid:9)
`SDRAM (cid:9)
`
`9b
`
`9a (cid:9)
`
`11a (cid:9)
`
`6b
`
`AHB
`
`Pie Processing
`tare & (cid:9)
`
`ge Captu
`
`Wake-Up
`
`SPI (cid:9)
`
`iiiii;- (cid:9)
`
`Processor (cid:9)
`
`2 (cid:9)
`
`F-SoC ASIC (cid:9)
`
`MII ( MINI
`Ethernet
`
`(1,5 —12 Mbits/s) (cid:9)
`
`USB (cid:9)
`
`Figure 2b
`
`SDRAM
`
`6a (cid:9)
`
`Sensor (cid:9)
`
`Fingerprint (cid:9)
`
`5 (cid:9)
`
`Sa (cid:9)
`
`5b (cid:9)
`
`Sc (cid:9)
`
`IPR2022-00602
`Apple EX1004 Page 4
`
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`(cid:9)
`

`

`Patent Application Publication Jun. 24, 2004 Sheet 4 of 11
`
`US 2004/0123113 Al
`
`r-1
`
`IPR2022-00602
`Apple EX1004 Page 5
`
`(cid:9)
`

`

`13d
`
`5
`
`13e
`
`) ( 13a
`
`( (cid:9)1 (cid:9)
`
`6, (cid:9)
`
`~
`
`r (cid:9)
`
`13b
`
`~
`
`l
`
`6
`
`13 (cid:9)
`
`13
`
`Figure 4b
`
`l (cid:9)
`
`~ SDRAM
`
`F-SoC
`
`1
`
`13d
`
`Serial Flash n
`
`Sliding Lid
`
`5
`
`Sensor (cid:9)
`
`Finger Guide
`
`13e (cid:9)
`
`Figure 4a (cid:9)
`
`b
`
`IPR2022-00602
`Apple EX1004 Page 6
`
`(cid:9)
`(cid:9)
`

`

`Patent Application Publication Jun. 24, 2004 Sheet 6 of 11 (cid:9)
`
`US 2004/0123113 Al
`
`IPR2022-00602
`Apple EX1004 Page 7
`
`

`

`Patent Application Publication Jun. 24, 2004 Sheet 7 of 11 (cid:9)
`
`US 2004/0123113 Al
`
`IPR2022-00602
`Apple EX1004 Page 8
`
`

`

`Patent Application Publication Jun. 24, 2004 Sheet 8 of 11 (cid:9)
`
`US 2004/0123113 Al
`
`u
`
`IPR2022-00602
`Apple EX1004 Page 9
`
`

`

`Patent Application Publication Jun. 24, 2004 Sheet 9 of 11
`
`US 2004/0123113 Al
`
`Lfl
`w
`
`riin
`
`L]
`
`IPR2022-00602
`Apple EX1004 Page 10
`
`(cid:9)
`

`

`Patent Application Publication Jun. 24, 2004 Sheet 10 of 11 (cid:9)
`
`US 2004/0123113 Al
`
`1 (cid:9)
`
`f1
`
`IPR2022-00602
`Apple EX1004 Page 11
`
`

`

`(ignition).
`phone control, and access control
`For audio, GPS and embedded cellular
`Single sensor mounted on gear stick;
`
`q
`
`access control (engine ignition).
`Right sensor for gearshift operation and
`embedded cellular phone control.
`Left sensor for audio, GPS and
`
`q
`
`q
`
`Twin sensors mounted on steering wheel;
`
`
`
`P
`
`b
`
`on steering wheel.
`sensor on gear stick or
`finger commands from
`operated by thumb (cid:9)
`Display on dashboard )
`
`71
`
`15
`
`. Enroll Profiles
`a Adjust Seats & Mirrors
`
`GPS Navigation
`a Cellular Phone
`Audio System
`Start Engine
`
`Modes
`
`q
`
`q
`
`15
`
`72
`
`Figure 9
`
`IPR2022-00602
`Apple EX1004 Page 12
`
`q
`

`

`US 2004/0123113 Al
`
`Jun. 24, 2004
`
`PORTABLE OR EMBEDDED ACCESS AND INPUT
`DEVICES AND METHODS FOR GIVING ACCESS
`TO ACCESS LIMITED DEVICES, APPARATUSES,
`APPLIANCES, SYSTEMS OR NETWORKS
`[0001] This invention is in general related to access and
`input devices for giving access and allowing user input in
`access limited devices, apparatuses, appliances, systems or
`networks.
`
`[0002] In particular the invention is related to a portable
`and an embedded access or input devices and methods of
`using these in order to obtain a high level of security.
`[0003] Automated access from a device or terminal to
`another device or a network/server is subject to authentica-
`tion of authorized users. Such automated access eliminates
`manual authentication of the user by human recognition, and
`has to rely on some form of electronic identification of the
`user.
`[0004] One way to resolve such electronic identification of
`the user is to issue a secret password to the user. Another
`method is to issue a physical token to the user. In both cases
`the system relies on the assumption that the person knowing
`such password, or alternatively carrying such physical
`token, has proved his identity, assuming that this has authen-
`ticated the authorized user. This is not the case, as pass-
`words, or tokens, may intentionally be passed away to a third
`person, or non-intentionally and illegally acquired by such
`third person. Despite these obvious shortcomings of such
`identification by something you know (e.g. a password) or
`something you carry (e.g. a token) this method is still the
`dominating method of user identification to networks/serv-
`ers, etc. because it is practical, but mainly because no better
`alternative is still commercially available in greater scale.
`[0005] An alternative identification method is by some-
`thing you are, meaning some sort of secure identification by
`biometrics, such as fingerprints. Although biometrics is
`gaining ground, this happens slowly and is not employed in
`a greater scale. There are several reasons for this slow
`growth in biometrics identification for access to networks
`and servers;
`
`[0006] a. Biometrics has to gain wide public accep-
`tance. This will be the case as soon as the benefit from
`biometrics identification outranks assumed disadvan-
`tages. This includes lack of knowledge about, and lack
`of available biometrics solutions. Very few users will
`acquire biometrics solutions per se, if such biometrics
`do not form part of an overall solution that provides
`substantial benefits to the user in the form of increased
`convenience and availability. Basically this item will be
`resolved when items (b) and (c) are resolved.
`
`[0007] b. The unit cost of biometrics sensors still needs
`to be reduced, to achieve widespread commercial solu-
`tions. This is partly pending on cost-efficient designs,
`which are continuously evolving, but mainly pending
`on volume. This item will accordingly be resolved
`when item (c) is resolved.
`
`[0008] c. The major obstacle against secure access
`authentication by biometrics is that the systems and
`solution providers must embed biometrics access con-
`trol in their systems. The major obstacle to this is that
`there are still no commonly accepted international
`
`standards of biometrics. A system or solution provider
`must therefore choose between several alternative
`emerging biometrics standards, at the risk of choosing
`the wrong one, or one of the standard proposals that
`will not be the dominating winner. Most major system
`providers are reluctant to make a choice on this basis,
`because of the grave consequences from a wrong
`selection;
`
`[0009] The costs involved by modifying software on
`servers etc. are considerable, especially if the non-
`winning standard is selected, and the software modi-
`fication process has to be repeated in the near future.
`The price of biometrics hardware adds to this.
`
`[0010] The negative public relation effects from
`selecting the non-winning biometrics standard may
`be serious, and shall not be under-emphasized.
`
`[0011] The time to market will be severely prolonged
`if selecting a non-winning biometrics standard. This
`is further aggravated by the lead this will give any
`major competitors having selected the winning bio-
`metrics standard from the outset. This may upset the
`entire ranking between major solution providers.
`
`[0012] Prior-art attempts to resolve this problem have
`been to enforce biometrics standards. However, there are
`currently several alternative standards battling side-by-side
`without any clear winner yet. Some known attempts to
`resolve the problems have been to use extracted specifics of
`biometrics to form encryption keys. One such solution is
`described in U.S. Pat. No. 5,995,630 as it requires identical
`biometrics representation at the receiving end (e.g. a net-
`work server). A similar approach is described in U.S. Pat.
`No. 5,991,408. However, none of these resolves the problem
`of avoiding the need to choose a biometrics standard as they
`both pose an even more serious problem that will delay
`biometrics implementation even further; namely proprietary
`solutions. Other attempts to resolve the problem are focused
`on improving the communication security by the concept of
`public key cryptosystems, as e.g. per European patent EP 0
`225 010 Bl. Though such systems enhances the security of
`network communication over insecure communication lines,
`the public key cryptosystems do not prove that the bearer of
`electronic certificates (checksums of keys and other identity
`features) is actually the right person. In addition these
`systems do still require a PIN code for the user to access the
`PKI system with electronic certificates. This means that yet
`another PIN code has to be remembered by the user.
`Moreover, the system security is no better than the protec-
`tion of this PIN code. As a countermeasure to breaking PIN
`codes, the industry tends to make longer and longer PIN
`codes, making it even more difficult for the user to remember
`these. The natural response of the users is to write down the
`PIN codes, leaving the potential security breach wide open.
`[0013] Accordingly the present two main directions of
`prior-art attempts to resolve the problems (biometrics
`encryption, and biometrics representation on servers, on one
`hand and the concept of public key cryptosystems on the
`other hand) do not really solve the above problems in
`network communication, and certainly not for secure access
`to devices and apparatuses.
`[0014] Apparent competitors to the portable embodiments
`of the present invention are so-called USB Dongles with
`
`IPR2022-00602
`Apple EX1004 Page 13
`
`(cid:9)
`

`

`US 2004/0123113 Al
`
`Jun. 24, 2004
`
`2
`
`memory onboard (up to 1 Gb). Some of these USB Dongle
`memory devices are even equipped with fingerprint sensors
`to prevent unauthorized access to the information stored
`onboard the USB Dongle. While these devices may physi-
`cally look somewhat like one of the preferred embodiments
`of the present invention, there is no similarity in their
`functionality at all. The USB Dongles presently on the
`market are purely portable storage means, while the present
`invention focuses on secure communication triggered by an
`authorized fingerprint on such portable devices.
`[0015] On this basis the major solution providers are
`hesitant to make an early move, though there is a general
`consensus that biometrics access control is far more secure,
`and convenient, than password-based or token-based access
`control. However, when the market leaders are hesitant to
`provide biometrics access methods widely offered to the
`market, the lack of availability to the general public will
`continue to restrain the growth of biometrics access control
`systems.
`[0016]
`It is one object of the present invention to over-
`come the above limitations by providing a portable access
`device for being coupled to, and for allowing only autho-
`rized users access to, an access-limited apparatus, device,
`network or system, e.g. a computer terminal, an internet
`bank or a corporate or government intranet comprising a
`device interface, being electronic or mechanical or both, for
`coupling the device to the access-limited unit, e.g. a com-
`puter terminal port.
`[0017] It is a second object of the present invention to
`overcome the above limitations by providing an embedded
`access device for integration into peripherals of networked
`computers or communication terminals, to allow only autho-
`rized users access to all types of proprietary networks (LAN,
`WAN, etc.) typically represented by internet banking appli-
`cations, corporate and government intranets, and similar.
`[0018]
`It is a third object to provide a method of using a
`portable access device or an embedded access device for
`providing a bridge from biometrics input to a computer, into
`secure communication protocol responses, to a non-biomet-
`rics network.
`[0019] It is yet another object to provide a portable or
`embedded access device and methods of using these, which
`provides improved security as compared to present technol-
`ogy.
`[0020]
`It is a further objective of the present invention
`provide a portable or embedded access device and methods
`of using such which does not require a transfer of biometrics
`fingerprint information over otherwise open and insecure
`parts of communication systems using such devices.
`[0021] It is yet another object of the present invention
`provide a portable or embedded access device and methods
`of using such which does not rely on the development on
`international biometrics standards.
`[0022]
`It is a further object of the invention to provide a
`combined embedded access control and user input device or
`apparatus and use of such a device which can be a built-in
`part of stand-alone appliances with some form of access
`control which also satisfies the objectives set out above.
`[0023]
`It is yet a further object of the invention to provide
`a method of improved secure access control and user input
`
`in stand-alone appliances having an embedded access con-
`trol or user input device as given above.
`
`[0024] The objects of the invention as set forth above are
`obtained with a portable device as given in independent
`claim 1.
`
`[0025] Preferable embodiments of the portable device are
`given in the dependent claims 2-6.
`
`[0026] The objectives of the invention are also obtained
`with an embedded access device as given in independent
`claim 7.
`
`[0027] Preferable embodiments of the embedded access
`device are given in the dependent claims 8-9.
`
`[0028] The objectives of the invention are also obtained
`with a method of using a portable access device according
`to claim 1 or an embedded access device according to claim
`7 in a way as given in the independent claim 10.
`
`[0029] Preferable embodiments of the method are given in
`the dependent claims 11-17.
`
`[0030] The objectives of the invention are also obtained
`with an embedded access control and user input device or
`apparatus having the features as given in the independent
`claim 18.
`
`[0031] Preferable embodiments of the embedded access
`control and user input device or apparatus are given in the
`dependent claims 19-21.
`
`[0032] The objectives of the invention are also obtained
`with a method of secured access control and user input in
`stand-alone appliances as given in the independent claim 22.
`
`[0033] The invention will now be described in detail by
`references to the accompanying figures where
`
`[0034] FIG. la Shows a network (N) or a system using a
`fingerprint sensor according to prior art.
`
`[0035] FIG. lb Shows a network (N) or a system of
`devices employing a biometrics device according to the
`invention.
`
`[0036] FIG. 2a Shows a first realization of an integrated
`circuit that is an integral part of the invention.
`
`[0037] FIG. 2b Shows a second realization of an inte-
`grated circuit that is an integral part of the invention.
`
`[0038] FIGS. 3a,3b Shows a portable access device
`according to the invention in the form of a USB dongle.
`
`[0039] FIGS. 4a,4b Shows a portable access device
`according to the invention in the form of a PCMCIA card
`
`[0040] FIG. 4c Shows a PCMCIA card where the inte-
`grated fingerprint sensor is protected underneath a sliding
`lid, for mechanical protection of the sensor.
`
`[0041] FIG. 5 Illustrates how an access device according
`to the invention may be embedded as part of the keyboard
`or mouse of a computer terminal or laptop computer.
`
`[0042] FIG. 6 Illustrates how an access control and user
`input device or apparatus according to the invention may be
`arranged as a built-in part of a hotel safe.
`
`IPR2022-00602
`Apple EX1004 Page 14
`
`(cid:9)
`

`

`US 2004/0123113 Al
`
`Jun. 24, 2004
`
`3
`
`[0043] FIG. 7 Illustrates how an access control and user (cid:9)
`input device or apparatus according to the invention may be (cid:9)
`arranged as a built-in part of a medicine cabinet. (cid:9)
`[0044] FIG. 8 Illustrates how an access control and user
`input device or apparatus according to the invention can be
`applied in a portable door control unit for the electronic
`systems in automotive applications.
`[0045] FIG. 9 Illustrates how an access control and user
`input device or apparatus according to the invention can be
`embedded in the gear stick or steering wheel of a car.
`[0046] The traditional biometrics approach, as per current
`methods, is illustrated in FIG. IA. The User places, or
`swipes his finger (A) over the access/input device with a
`fingerprint sensor (B). The entire image from the sensor (B)
`is transmitted from the access/input device to the processor
`(C) (e.g. a PC) where implemented Software Module(s) (D)
`acquires the sensor signals and processes them to reconstruct
`a 2-dimensional fingerprint image, and thereafter extracts
`the particulars of the fingerprint, and finally either perform
`a matching locally at the PC (C) or transmits the interpreted
`fingerprint essentials to a server in a network (E).
`
`[0047] In an access-limited apparatus, device, network or
`system (N), e.g. a computer terminal, an internet bank or a
`corporate or government intranet, a portable access device
`for allowing only authorized users access is preferably
`arranged as shown schematically in FIG. IB. A biometrics
`processor (F1) may be integrated with the sensor (B), or
`alternatively mounted as a separate integrated circuit (F2)
`next to or closely coupled to the sensor (B), or alternatively
`be embedded in a PC or its peripherals (F3). The sensor (B)
`and the biometrics processor (F; referring to F1, F2, or F3)
`may work in a stand-alone mode (e.g. in a hotel safe without
`connection to a network) or be may be connected to another
`device (C) and optionally networked (E). The biometrics
`processor as an integrated circuit is exemplified in FIGS. 2A
`and 2B. The advantages of this configuration are multiple.
`As the biometrics processor (F) is directly connected to he
`sensor (B) the biometrics processor (F) can be tailored to
`optimize the interaction between the sensor (B) and the
`biometrics processor (F). Such tailoring of the biometrics
`processor (F) to the sensor (B) combined with is direct
`connection to the sensor (B), or integration therein, enables
`inclusion of methods and procedures that severely constrains
`interception of the signals between the sensor (B) and the
`biometrics processor (F). It further significantly reduces the
`network traffic between the sensor (B)/biometrics processor
`(F) and the other networked processors (C and N). The major
`advantage is, however, that the biometrics processor can
`transform the biometrics from the sensor (B) to general
`communication security measures in a network, such as
`including Secure Key Generation (SKG) as basis for encryp-
`tion into the biometrics processor (F). By this method
`biometrics sensors (B) may be connected to a network (C
`and N) in a secure manner according to existing infrastruc-
`ture, without requiring that the supplier of the network
`system architecture makes any decision on which biometrics
`standard will evolve in the future as the winning standard.
`By this method the biometrics processor (F) becomes a
`bridge between biometrics sensors (B) and current infra-
`structure of networks (E).
`[0048] A biometrics sensor in the form of a fingerprint
`sensor (5) is coupled with a biometrics processor in the form
`
`of an integrated circuit—IC (1) that is the core device of the
`invention. Two versions of the IC are shown in FIGS. 2A
`and 2B. The details of the ICs will now be explained.
`[0049] The sensor (5) is connected to a fingerprint sensor
`signal capturing and pre-processing block (5C) via a first
`interface block (5A) as well as a wake-up circuit (5B), the
`function of the latter being to power up all other blocks of
`the IC (1). When a finger is detected on the sensor (5)
`surface, the output signals from the sensor (5) will raise
`beyond a pre-set threshold, triggering the wake-up circuit
`(5B) to power up the rest of the IC (1) in a pre-set sequence.
`The first blocks to be powered up are the Image Capture and
`Pre-processing block (5C) as well as the high-speed bus (3)
`and the volatile memory (6 or 6C), all of which are con-
`nected to the high-speed bus (3). The pre-processing block
`is designed to perform the initial, heavy-duty processing of
`the captured raw images from the sensor (5). The interme-
`diate results are stored in the volatile memory (6A or 6C)
`that is interfaced via the high speed bus (3) to a first memory
`interface block (6B or 6D). The volatile memory (6A or 6C)
`thus provides working memory that is available to other
`modules on the IC (1).
`[0050] Meanwhile the remaining blocks of the IC (1) are
`powered up in a pre-set sequence, starting with the central
`processor (2) being a powerful processor, such as ARM 9, or
`equivalent. The processor unit (2) is also connected to the
`high-speed bus (3) for allowing communication with the
`other on-chip components or modules. When the pre-pro-
`cessing block (5C) has crunched the captured raw images to
`an intermediate stage of significantly compressed informa-
`tion, i.e. a dataset of reduced size, denoted intermediate
`fingerprint data. The intermediate fingerprint data are fed to
`the central processor (2) for final reduction of the captured
`fingerprint image to compact fingerprint representations,
`called minutiae. Such minutiae are distinct points where
`fingerprint lines (ridges) starts or stops, or locations of
`bifurcation of the ridges and may be described by at least a
`vector comprising X and Y coordinates, and direction of the
`individual minutiae, stored as an alphanumeric string in
`non-volatile memory (7, 7A or 7C). The non-volatile
`memory (7, 7A or 7E) being coupled to the high-speed bus
`(3) via a second memory interface block (7B or 7D), is
`typically used for storing program code, e.g. administrative
`software, tailored security output responses, secret informa-
`tion like seed and key number(s) for the encryption, elec-
`tronic certificates and fingerprint representations in the form
`of so-called minutiae. These fingerprint representations
`(master minutiae) are compared by the central processor (2)
`with master fingerprint representations stored in non-volatile
`memory (7, 7A or 7C). If a positive match is established, the
`chip may proceed with generating a secure key (SKG) either
`processed by a special algorithm on the central processor (2)
`based on a seed pre-stored in the non-volatile memory (7, 7A
`or 7C), or alternatively embedded in hardware block (8A).
`If the same SKG algorithm is run on two separate computers
`(e.g. a server (30) and the central processor (2) on the IC (1))
`it will yield the same key, or password, when the identical
`algorithm on both of the two separate computers is fed with
`the identical seed. While the algorithms normally are
`assumed known, and may be the same for all computers in
`a network (N), or for a user sub-set, the seed is individual
`and secret and only known by the system administrator and
`the user. The SKG algorithm may be constructed to produce
`a pseudo-random identical key on both computers (2 and 30)
`
`IPR2022-00602
`Apple EX1004 Page 15
`
`(cid:9)
`

`

`US 2004/0123113 Al
`
`Jun. 24, 2004
`
`0
`
`that is either valid for a time frame, or alternatively changes
`for each transaction. This may require that the present key
`number as well as the past key number is stored in the
`non-volatile memory (7, 7A or 7C). Secret information such
`as seed, key numbers, IP address, etc. may either be
`scrambled by block (8) and stored on a regular Flash
`memory (7), or securely stored in SmartCard environments
`(7A or 7C). When a key is generated, as per above, the
`administrative software, stored in the non-volatile memory
`(7, 7A or 7C) and run on the central processor (2) may then
`combine information to be part of a secure communication
`between the IC (1) and the network server (30). The infor-
`mation to be encrypted may comprise User ID, password
`and other info. Encryption is performed in hardware blocks
`(8 or 8B or 8C). The rules of secure communication enforced
`on the prevailing network (N) are embedded in the admin-
`istrative software executed on the central processor (2), and
`may be adapted to include PKI biometrics verification and
`hand-shake sequences. The encryption blocks (8, 8B or 8C)
`may also be used to encrypt general information transactions
`between the IC (1) and the network server (30), if desirable.
`Access to such extended encryption will be given to the user
`pending a positive match of his fingerprint with an autho-
`rized fingerprint representation by compact minutiae tables,
`pre-stored in the non-volatile memory (7, 7A or 7C). The IC
`(1) also comprises hardware and/or software required to
`supply output signals to a number of second interface blocks
`(9A, 9B, 9C or 9D) for transferring data to other devices and
`networks (N) external to the IC (1). In the present invention
`the IC (1) is adapted to provide data to the external access-
`limited apparatus, device or system. This second interface
`block may comprise hardware and software for supporting a
`USB (9A), Ethernet (9B), GPIO (9C), PCMCIA/UART
`(9D) and/or SmartCard (7C) interface. Except from the USB
`and the Ethernet interfaces, the second interface blocks are
`serviced by a bus (4) with lower bandwidth and capacity
`than the high-speed bus (3). The two buses (3 and 4) are
`connected by a bus bridge (11C). The hardware blocks that
`are not dependent on high speed are connected to the slower
`bus (4). The hardware blocks of the IC (1) are designed to
`perform their respective tasks in a minimum of time, and to
`interact with each other with a minimum of delays and
`queuing. In addition to the hardware blocks the central
`processor (2) executing the administrative software renders
`a high degree of flexibility in adapting the programming to
`secure communication with external devices and networks
`(N).
`
`[0051] Thereby the IC (1) is designed as a multi-purpose
`tool that can service a fingerprint sensor (5) in a stand-alone
`mode, but it can also communicate with external devices and
`networks (N) by bridging the biometrics from the sensor (5)
`to a non-biometrics representation into the network (N) and
`onto its server(s) (30). The IC (1) transforms the fingerprint,
`under prevailing secure communication rules, to a regular
`representation by e.g. password and User ID on a server
`(30).
`
`[0052] The main difference between the ICs (1) of FIG.
`2A and 2B is that the version in FIG. 2B has volatile
`memory (6C) and non-volatile memory (7A) as integrated
`blocks in the IC (1) thus reducing the demand for data
`exchange with external memory and thus further enhancing
`the security and speed of operation of the device by con-
`
`taming almost all data processing of the fingerprints, and
`therefrom automatically triggered security responses, inter-
`nally within the IC (1).
`
`[0053] The utilization of the IC (1) for authentication of an
`authorized user to access an intranet comprising a server
`(30) in a network (N) will first be explained for the alter-
`native where the IC (1) is a portable device to be plugged
`into a terminal (31) of the network, either as USB dongle, as
`illustrated in FIGS. 3A and 3B, or as a PCMCIA card, as
`illustrated in FIGS. 4A and 4B.
`
`[0054]
`In one embodiment of the invention, the portable
`device has an IC (1) being mounted on a small printed circuit
`board PCB (12B) also carrying a fingerprint sensor (5). The
`PCB (12B) is connected to at least one of a USB interface
`(12C) or a PCMCIA mechanical interface (13B). Electronic
`surface components to support at least one of the USB
`mechanical interface (12C) and the PCMCIA mechanical
`interface (13B) are mounted on the PCB (12B). An SDRAM
`chip (6), typically at least with 4 MB capacity, is also
`mounted on the same PCB (12B). Further a non-volatile
`serial Flash chip (7), typically with at least 256 Kbytes
`capacity, is also mounted on the same PCB (12B). In this
`embodiment all preceding components and chips are pro-
`tected inside a housing (12A or 13C).
`
`[0055] In another alternative embodiment of the