Biometric authentication system for enhancing network security -> Monitor Keywords
Fresh Patents
Monitor Patents Patent Organizer How to File a Provisional Patent Browse Inventors Browse Industry Browse Agents Browse Locations
     new ** File a Provisional Patent ** 
site info Site News  |  monitor Monitor Keywords  |  monitor archive Monitor Archive  |  organizer Organizer  |  account info Account Info  |  
10/18/07 | 55 views | #20070245152 | Prev - Next | USPTO Class 713 | About this Page  713 rss/xml feed  monitor keywords

Biometric authentication system for enhancing network security

USPTO Application #: 20070245152
Title: Biometric authentication system for enhancing network security
Abstract: A network-based biometric authentication system includes a client computer (10), a third party server (24), and a biometric authentication server (26). A user requests access to a web site hosted by the third party server via the client computer, wherein the third party server communicates a deployable object to the client computer. The client computer executes the deployable object, wherein the object enables the client computer to receive a user name, password, and biometric data from the user and to communicate the user name, password, and biometric data to the biometric authentication server in a secure fashion. The biometric authentication server authenticates the user name, password, and biometric data, and communicates the user name and password to the third party server, which attempts to verify the user name and password in a conventional manner and grants access to the user if the user name and password are verified. (end of abstract)
Agent: Hovey Williams LLP - Kansas City, MO, US
Inventors: Erix Pizano, Kass Aiken
USPTO Applicaton #: 20070245152 - Class: 713186000 (USPTO)
Related Patent Categories: Electrical Computers And Digital Processing Systems: Support, System Access Control Based On User Identification By Cryptography, Using Record Or Token, Biometric Acquisition
The Patent Description & Claims data below is from USPTO Patent Application 20070245152.
Brief Patent Description - Full Patent Description - Patent Application Claims  monitor keywords

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention relates to the field of computer security. More particularly, the present invention involves a system for transparently enhancing secure access to a network node by validating a user's identity using biometric data, wherein biometric authentication occurs on a biometric authentication server and the network node to which access is sought initiates the biometric authentication process.

[0003] 2. Description of Prior Art

[0004] Providing secure Internet transactions has become increasingly important as use of the Internet for business, financial, and other sensitive transactions has become ubiquitous. Traditionally, network servers hosted by businesses have been programmed to require a user to submit identification information, such as a user name and a password, before allowing the user to access files managed by the server.

[0005] Use of such identification information renders the server susceptible to access by unauthorized users who obtain a valid user's identification information by, for example, intercepting network communications. Requiring a user's biometric data, such as a fingerprint, before granting the user access is known in the art and benefits from the added measure of security inherent in biometric authentication systems. For example, fingerprint data and other biometric data cannot be "stolen" as easily as a user name and password, and, even if stolen, cannot be used to circumvent security if the system requires the user to submit fresh biometric data via a biometric sensor.

[0006] While use of biometric data increases the security of computer networks, it also requires special hardware and software to implement. For example, fingerprint-based biometric authentication requires use of a fingerprint scanner, driver software for the scanner, and software for authenticating fingerprint data received via the fingerprint scanner. Authenticating the fingerprint data may include, for example, comparing the data with fingerprint data stored in a database to determine whether the received data matches the stored data. Thus, implementing a biometric authentication system can require significant hardware and software resources that, in some circumstances, render it impractical or even impossible to implement.

[0007] Accordingly, there is a need for an improved network security system that does not suffer from the problems and limitations of the prior art.

SUMMARY OF THE INVENTION

[0008] The present invention provides an improved biometric authentication system for network transactions. Particularly, the present invention provides a system for transparently enhancing secure access to a network node by validating a user's identity using biometric data, wherein biometric authentication occurs on a biometric authentication server and the network node to which access is sought initiates the biometric authentication process.

[0009] A first embodiment of the invention is a computer program for enabling a biometric authentication system, wherein at least a portion of the program is stored on a computer-usable medium. The computer program enables a first computer to receive biometric data and identification information from a user and to communicate the biometric data and the identification information to a second computer. The second computer creates a first transaction identifier, and verifies the identification information by confirming that the biometric data corresponds to at least a portion of the identification information.

[0010] The program further enables a third computer to communicate to the second computer a request for at least a portion of the identification information, wherein the request includes a second transaction identifier. The second computer communicates at least a portion of the identification information to the third computer if the first transaction identifier corresponds to the second transaction identifier and if the biometric data corresponds to at least a portion of the identification information.

[0011] According to a second embodiment of the invention, the program enables a first computer to communicate a deployable object to a second computer via a network communications medium, wherein the deployable object enables the second computer to generate a first token, to receive identification information and biometric data from a user, to bundle the biometric data with the token and secure the bundle, and to communicate the first token to the first computer and the bundle to a third computer.

[0012] The program enables the third computer to create a second token and to verify the first token received from the second computer by determining whether the first token corresponds to the second token, and enables the third computer to verify the biometric data received from the second computer by comparing the received data to biometric data stored in a database.

[0013] The third computer communicates the identification information received from the second computer to the first computer if the second token corresponds to the first token, if the received biometric data matches biometric data stored in the database, and if the biometric data corresponds to at least a portion of the identification information.

[0014] According to a third embodiment of the invention, the program enables a network server computer to communicate an ActiveX control to a network client computer via a network communications medium, wherein the ActiveX control enables the client computer to generate a first token, to receive a user name and password from the user, to control a biometric sensor and receive biometric data from the user via the sensor, to combine and encrypt the biometric data and password, to combine the user name with the encrypted biometric data and password to form a bundle and encrypt the bundle, and to communicate the first token to the network server computer and the bundle to the biometric authentication server.

[0015] The biometric authentication server creates a second token and determines whether the first token corresponds to the second token, determines whether the biometric data received from the client matches biometric data stored in a database, and determines whether the biometric data received from the client corresponds to the user name or the password.

[0016] The biometric authentication server communicates the user name and password received from the client computer to the network server computer if the first token corresponds to the second token, if the biometric data received from the client matches biometric data stored in a database, and if the biometric data received from the client corresponds to the user name or the password.

[0017] These and other important aspects of the present invention are described more fully in the detailed description below.

BRIEF DESCRIPTION OF THE DRAWINGS

[0018] An embodiment of the present invention is described in detail below with reference to the attached drawing figures, wherein:

[0019] FIG. 1 is a schematic diagram of an exemplary system for implementing a computer program in accordance with an embodiment of the present invention;

[0020] FIG. 2 is a flow diagram of certain steps performed by the computer program for providing transparent biometric authentication for network-based transactions;

[0021] FIG. 3 is a flow diagram of certain steps performed by the computer program for bundling and securing identification and biometric information for communication in a network-based transaction; and

Continue reading...
Full patent description for Biometric authentication system for enhancing network security

Brief Patent Description - Full Patent Description - Patent Application Claims
Click on the above for other options relating to this Biometric authentication system for enhancing network security patent application.
###
monitor keywords

How KEYWORD MONITOR works... a FREE service from FreshPatents
1. Sign up (takes 30 seconds). 2. Fill in the keywords to be monitored.
3. Each week you receive an email with patent applications related to your keywords.  
Start now! - Receive info on patent apps like Biometric authentication system for enhancing network security or other areas of interest.
###


Previous Patent Application:
Information processing apparatus and program product
Next Patent Application:
Information processing apparatus having a user authentication function
Industry Class:
Electrical computers and digital processing systems: support

###

Design/code © 2008 FreshContext LLC/Freshpatents.com. Website Terms and Conditions - Also read: About this Page
Patent data source: patents published by the United States Patent and Trademark Office (USPTO)
Information published here is for research/educational purposes only (and in conjunction with our Keyword Monitor) and is not meant to be used in place of the full USPTO patent document/images or a comprehensive patent archive search. Complete official applications are on file at the USPTO and often contain additional data/images (Freshpatents is currently text-only). FreshPatents.com is not affiliated with or endorsed by the USPTO or firms/individuals or products/designs/ideas related to listed patents.
FreshPatents.com Support
Thank you for viewing the Biometric authentication system for enhancing network security patent info.
IP-related news and info


Results in 6.44642 seconds


Other interesting Feshpatents.com categories:
Tyco , Unilever , Warner-lambert , 3m