Boliven Patents - US8127143: Methods for secure enrollment of personal identity credentials into electronic devices

Join
today

Boliven PRO is more than just patent search

Build and save lists using the powerful Lists feature
Analyze and download your search results
Share patent search results with your clients

New to Patents? Find out more from CambridgeIP ®

US8127143: Methods for secure enrollment of personal identity credentials into electronic devices

Filing Information

Inventor(s)	David S. Abdallah · Barry W. Johnson ·
Assignee(s)	Privaris, Inc. · View assignee updates
Primary Examiner	Techane Gergiso ·
Application Number	US12190058
Filing date	08/12/2008
Issue date	02/28/2012
Prior Publication Data	US20090031140 - 01/29/2009
Predicted expiration date	08/06/2023
U.S. Classifications	713/186 · 340/582 · 382/115 ·
International Classifications	G05B2300 · G06F2100 · G06K900 ·
Kind Code	B2
Related U.S. Application Data	RELATED U.S. APPLICATION DATA This application claims priority to and is a divisional of U.S. patent application Ser. No. 10/635,762, filed Aug. 6, 2003, now U.S. Pat. No. 7,590,861 entitled “Methods for Secure Enrollment and Backup of Personal Identity Credentials into Electronic Devices,” which claims priority to U.S. Patent Application No. 60/401,399 filed on Aug. 6, 2002 entitled, “A Secure Enrollment Process for a Biometric Personal Identification Device,” each of which is herein incorporated by reference in their entireties. This application is related to U.S. patent application Ser. No. 12/190,061, entitled “Methods for Secure Backup of Personal Identity Credentials for Electronic Devices” and Ser. No. 12/190,064, entitled “Methods for Secure Restoration of Personal Identity Credentials for Electronic Devices,” each filed on the same date, and each of which is incorporated herein by reference their entirety.

Abstract

A method and system for securely enrolling personal identity credentials into personal identification devices. The system of the invention comprises the manufacturer of the device and an enrollment authority. The manufacturer is responsible for recording serial numbers or another unique identifier for each device that it produces, along with a self-generated public key for each device. The enrollment authority is recognized by the manufacturer or another suitable institution as capable of validating an individual before enrolling him into the device. The enrollment authority maintains and operates the appropriate equipment for enrollment, and provides its approval of the enrollment. The methods described herein discuss post-manufacturing, enrollment, backup, and recovery processes for the device.

Independent Claims | See all claims (24)

1. A method, comprising: verifying, at a personal identification device, a validity of an enrollment authority based on an encrypted verification string associated with the enrollment authority, the verifying including comparing a decrypted verification string and an unencrypted verification string such that the validity of the enrollment authority is verified when the decrypted verification string matches the unencrypted verification string, the decrypted verification string being produced by the personal identification device based on the encrypted verification string and a public key associated with the enrollment authority; sending from the personal identification device an encrypted session key to the enrollment authority when the validity of the enrollment authority is verified; downloading, at the personal identification device, biometric data encrypted using the encrypted session key after the sending and when the validity of the enrollment authority is verified; and storing, only at the personal identification device, the biometric data after the receiving such that the biometric data is prevented from being transmitted from the personal identification device after the storing.
8. A method, comprising: verifying, at an enrollment authority, a validity of a personal identification device based on an encrypted verification string associated with the personal identification device, the verifying including comparing a decrypted string and a device verification string such that the validity of the personal identification device is verified when the decrypted string matches the device verification string; receiving, at the enrollment authority, an encrypted session key from the personal identification device; and sending, from the enrollment authority, a signal configured to permit the personal identification device to download biometric data encrypted using the encrypted session key after the validity of the personal identification device is verified such that the biometric data is stored only at the personal identification device and prevented from being transmitted from the personal identification device.
17. An apparatus, comprising: a memory configured to store biometric data of a user; a processor coupled to the memory, the processor configured to verify a validity of an enrollment authority based on an encrypted string associated with the enrollment authority and a digital certificate uniquely associated with the enrollment authority; the processor configured to compare a decrypted string and an enrollment authority verification string such that the validity of the enrollment authority is verified when the decrypted string matches the enrollment authority verification string; a biometric sensor coupled to the processor, the biometric sensor configured to receive biometric data from the user; a transmitter coupled to the processor, the processor configured to send an encrypted session key to the enrollment authority via the transmitter when the validity of the enrollment authority is verified; and a receiver coupled to the processor, the receiver configured to receive the digital certificate uniquely associated with the enrollment authority, the digital certificate including a public key of the enrollment authority, the processor configured to download and store the biometric data when the validity of the enrollment authority is verified, the receiver configured to store the biometric data such that such that the biometric data is prevented from being transmitted by the transmitter after the storing.

References Cited

U.S. Patent Documents

Document Number	Assignees	Inventors	Issue/Pub Date
US4993068	Motorola, Inc.	Piosenka et al.	Feb 1991
US5053608	SENANAYAKE DAYA R	Senanayake	Oct 1991
US5131038	Motorola, Inc.	Puhl et al.	Jul 1992
US5280527	Kamahira Safe Co., Inc.	Gullman et al.	Jan 1994
US5469506	Pitney Bowes Inc.	Berson et al.	Nov 1995
US5473692	Intel Corporation	Davis	Dec 1995
US5481265		Russell	Jan 1996
US5526428	International Business Machines Corporation	Arnold	Jun 1996
US5591949		Bernstein	Jan 1997
US5613012	Smarttouch, LLC.	Hoffman et al.	Mar 1997
US5615277		Hoffman	Mar 1997
US5659616	Certco, LLC	Sudia	Aug 1997
US5729220		Russell	Mar 1998
US5805719	SmartTouch	Pare, Jr. et al.	Sep 1998
US5838812	SmartTouch, LLC	Pare, Jr. et al.	Nov 1998
US5870723		Pare, Jr. et al.	Feb 1999
US5872848	Arcanvs	Romney et al.	Feb 1999
US5920640	Harris Corporation	Salatino et al.	Jul 1999
US5930804	Philips Electronics North America Corporation	Yu et al.	Jul 1999
US5952641	C-SAM S.A.	Korshun	Sep 1999
US5991408	Veridicom, Inc.	Pearson et al.	Nov 1999
US6038666*	TRW Inc.	Hsu et al.	Mar 2000
US6041410	TRW Inc.	Hsu et al.	Mar 2000
US6076167	DEW Engineering and Development Limited	Borza	Jun 2000
US6084968	Motorola, Inc.	Kennedy et al.	Jul 2000
US6154879*	SmartTouch, Inc.	Pare et al.	Nov 2000
US6167517	Oracle Corporation	Gilchrist et al.	Dec 2000
US6181803	Intel Corporation	Davis	Jan 2001
US6182221*	TRW Inc.	Hsu et al.	Jan 2001
US6185316	Unisys Corporation	Buffam	Feb 2001
US6201484	Transforming Technologies, LLC	Russell	Mar 2001
US6202151	GTE Service Corporation	Musgrave et al.	Mar 2001
US6219793	Hush, Inc.	Li et al.	Apr 2001
US6256737*	BioNetrix Systems Corporation	Bianco et al.	Jul 2001
US6268788	Litronic Inc.	Gray	Jul 2001
US6282649	International Business Machines Corporation	Lambert et al.	Aug 2001
US6310966	GTE Service Corporation	Dulude et al.	Oct 2001
US6317834*	International Business Machines Corporation	Gennaro et al.	Nov 2001
US6353889	Mytec Technologies Inc.	Hollingshead	Mar 2002
US6366682	Indivos Corporation	Hoffman et al.	Apr 2002
US6367017	Litronic Inc.	Gray	Apr 2002
US6397198	Indivos Corporation	Hoffman et al.	May 2002
US6446210	Activcard Ireland Limited	Borza	Sep 2002
US6466781	Siemens Aktiengesellschaft	Bromba et al.	Oct 2002
US6484260*	Identix, Inc.	Scott et al.	Nov 2002
US6487662		Kharon et al.	Nov 2002
US6490680	TecSec Incorporated	Scheidt et al.	Dec 2002
US6505193	Iridian Technologies, Inc.	Musgrave et al.	Jan 2003
US6529885	Oracle Corporation	Johnson	Mar 2003
US6532298	Iridian Technologies, Inc.	Cambier et al.	Mar 2003
US6581161	International Business Machines Corporation	Byford	Jun 2003
US6609198	Sun Microsystems, Inc.	Wood et al.	Aug 2003
US6615264	Sun Microsystems, Inc.	Stoltz et al.	Sep 2003
US6618806	Saflink Corporation	Brown et al.	Sep 2003
US6636973	Hewlett-Packard Development Company, L.P.	Novoa et al.	Oct 2003
US6657538	Swisscom Mobile AG	Ritter	Dec 2003
US6662166	Indivos Corporation	Pare, Jr. et al.	Dec 2003
US6668332	International Business Machines Corporation	McNeil	Dec 2003
US6671808	Rainbow Technologies, Inc.	Abbott et al.	Dec 2003
US6681034	Precise Biometrics	Russo	Jan 2004
US6719200	Precise Biometrics AB	Wiebe	Apr 2004
US6728881	The United States of America as represented by the Secretary of the Army	Karamchetty	Apr 2004
US6735695	International Business Machines Corporation	Gopalakrishnan et al.	May 2004
US6751734	NEC Corporation	Uchida	Jun 2004
US6757411	Liska Biometry Inc.	Chau	Jun 2004
US6765470	Fujitsu Limited	Shinzaki	Jul 2004
US6766040	Biometric Solutions, LLC	Catalano et al.	Jul 2004
US6775776	Intel Corporation	Vogt et al.	Aug 2004
US6786397	Silverbrook Research Pty Ltd	Silverbrook et al.	Sep 2004
US6819219*	International Business Machines Corporation	Bolle et al.	Nov 2004
US6820202	First Data Corporation	Wheeler et al.	Nov 2004
US6832317	Advanced Micro Devices, Inc.	Strongin et al.	Dec 2004
US6836843	Hewlett-Packard Development Company, L.P.	Seroussi et al.	Dec 2004
US6839688	Diebold, Incorporated	Drummond et al.	Jan 2005
US6844660	Cross Match Technologies, Inc.	Scott	Jan 2005
US6848052	Activcard Ireland Limited	Hamid et al.	Jan 2005
US6850147	Mikos, Ltd.	Prokoski et al.	Feb 2005
US6850252		Hoffberg	Feb 2005
US6853739	Bio Com, LLC	Kyle	Feb 2005
US6853988	Security First Corporation	Dickinson et al.	Feb 2005
US6857073	Equifax Inc.	French et al.	Feb 2005
US6862443	Ford Global Technologies, LLC	Witte	Mar 2005
US6870946	SecuGen Corporation	Teng et al.	Mar 2005
US6870966	Silverbrook Research PTY LTD	Silverbrook et al.	Mar 2005
US6871193	Verizon Corporate Services Group	Campbell et al.	Mar 2005
US6871287		Ellingson	Mar 2005
US6871784	Trijay Technologies International Corporation	Jayaratne	Mar 2005
US6876757	Geometric Informatics, Inc.	Yau et al.	Apr 2005
US6877097	ActivCard, Inc.	Hamid et al.	Apr 2005
US6879243	Penco Products, Inc.	Booth et al.	Apr 2005
US6879966	Indivos Corporation	Lapsley et al.	Apr 2005
US6880749	Diebold, Incorporated	Green et al.	Apr 2005
US6880750		Pentel	Apr 2005
US6883709	Famous Horse, Inc.	Joseph	Apr 2005
US6886096	Voltage Security, Inc.	Appenzeller et al.	Apr 2005
US6886101	American Express Travel Related Services Company, Inc.	Glazer et al.	Apr 2005
US6886104	Cross Match Technologies	McClurg et al.	Apr 2005
US6888445		Gotfried et al.	May 2005
US6898577	Oracle International Corporation	Johnson	May 2005
US6901154	ActivCard Ireland Limited	Dunn	May 2005
US6901155	National University of Singapore	Xia et al.	May 2005
US6901266		Henderson	May 2005
US6901382	Diebold, Incorporated	Richards et al.	May 2005
US6914517*	Dalton Patrick Enterprises, Inc.	Kinsella	Jul 2005
US6957185*	Enco-Tone, Ltd.	Labaton	Oct 2005
US6957337	International Business Machines Corporation	Chainer et al.	Oct 2005
US6963659	FaceKey Corp.	Tumey et al.	Nov 2005
US6985502	Hewlett-Packard Development Company, L.P.	Bunton	Jan 2006
US7024562*	OptiSec Technologies Ltd.	Flink et al.	Apr 2006
US7028191*	MICHENER JOHN R	Michener et al.	Apr 2006
US7035442	Secugen Corporation	Ha et al.	Apr 2006
US7069444	Brent A. Lowensohn	Lowensohn et al.	Jun 2006
US7287158*	Sony Corporation	Futamura et al.	Oct 2007
US7305562*	Citibank, N.A.	Bianco et al.	Dec 2007
US7310734	3M Innovative Properties Company	Boate et al.	Dec 2007
US7590861	Privaris, Inc.	Abdallah et al.	Sep 2009
US7613659*	YT Acquisition Corporation	Hoffman et al.	Nov 2009
US7788501	Privaris, Inc.	Abdallah et al.	Aug 2010
US20020003892	Casio Computer Co., Ltd.	Iwanaga	Jan 2002
US20020023217		Wheeler et al.	Feb 2002
US20020026427*	Sony Corporation	Kon et al.	Feb 2002
US20020056043	Sensar, Inc.	Glass	May 2002
US20020087857		Tsao et al.	Jul 2002
US20020095586	International Business Machines Corporation	Doyle et al.	Jul 2002
US20020104006*		Boate et al.	Aug 2002
US20020129251		Itakura et al.	Sep 2002
US20020133716		Harif	Sep 2002
US20020174344	Imprivata, Inc.	Ting	Nov 2002
US20020186838*		Brandys	Dec 2002
US20030101349*		Wang	May 2003
US20030115475*		Russo et al.	Jun 2003
US20030115490		Russo et al.	Jun 2003
US20030200257		Milgramm et al.	Oct 2003
US20040015958*		Veil et al.	Jan 2004
US20040044627*		Russell et al.	Mar 2004
US20090037745		Abdallah et al.	Feb 2009
US20090037746		Abdallah et al.	Feb 2009
US20100005315		Abdallah et al.	Jan 2010

Foreign Patent Documents

Document Number	Assignees	Issue/Pub Date
WO199908238		Feb 1999
WO199908238*		Feb 1999
WO200065770*	VERIDICOM, INC.	Nov 2000
WO200141032	David RUSSELL	Jun 2001
WO2004014017	PRIVARIS, INC.	Feb 2004

* cited by examiner

Other Publications

International Search Report for PCT/US03/24472 dated Nov. 20, 2003, 2 pages.

Schneier, Bruce, “Applied Cryptography: Protocols, Algorithms, and Source Code in C,” Second Edition, 1996, John Wiley & Sons, Inc., pp. 31-34.

Office action for Canadian Patent Application No. 2,494,299, mailed on Jul. 31, 2008; 3 pages.

Fumiko Komatsu, PKI Handbook, Japan, Soft Research Center Inc., Nov. 25, 2000, pp. 105-108.

Office Action for U.S. Appl. No. 12/190,061, mailed on Sep. 1, 2009; 5 pages.

Office Action for U.S. Appl. No. 12/190,064, mailed on Sep. 2, 2009; 5 pages.

Office Action for U.S. Appl. No. 10/635,762, mailed on Jul. 11, 2007; 10 pages.

Office Action for U.S. Appl. No. 10/635,762, mailed on Jan. 8, 2008; 18 pages.

Office Action for U.S. Appl. No. 10/635,762, mailed on Aug. 20, 2008; 19 pages.

Final Office Action for U.S. Appl. No. 12/190,064, mailed on Aug. 17, 2010, 10 pages.

Office Action for U.S. Appl. No. 12/560,254, mailed on Sep. 17, 2010, 12 pages.

Office Action for Canadian Patent Application No. 2,494,299, mailed on Jul. 7, 2010, 3 pages.

English translation of Office Action for Japanese Patent Application No. 2004-526454, mailed on Jul. 14, 2009, 5 pages.

English translation of Office Action for Japanese Patent Application No. 2004-526454, mailed on Apr. 13, 2010, 3 pages.

Referenced By

The current document is not referenced by other documents.

Patent Family

The current document is not in a family.

Patent Quick View

View Patent Drawings (6)

Click drawings to enlarge · View/print all drawings
Contact us for API access to this data

Your Basket

Boliven PRO - The leading information portal for IP and patent search

Join today