Join
today

Boliven PRO is more than just patent search

  • Build and save lists using the powerful Lists feature
  • Analyze and download your search results
  • Share patent search results with your clients

Patents »

US8127143: Methods for secure enrollment of personal identity credentials into electronic devices

Share

Filing Information

Inventor(s) David S. Abdallah · Barry W. Johnson ·
Assignee(s) Privaris, Inc. ·
Primary Examiner Techane Gergiso ·
Application Number US12190058
Filing date 08/12/2008
Issue date 02/28/2012
Prior Publication Data
Predicted expiration date 08/06/2023
U.S. Classifications 713/186  · 340/582  · 382/115  ·
International Classifications G05B2300  · G06F2100  · G06K900  ·
Kind CodeB2
Related U.S. Application DataRELATED U.S. APPLICATION DATA
This application claims priority to and is a divisional of U.S. patent application Ser. No. 10/635,762, filed Aug. 6, 2003, now U.S. Pat. No. 7,590,861 entitled “Methods for Secure Enrollment and Backup of Personal Identity Credentials into Electronic Devices,” which claims priority to U.S. Patent Application No. 60/401,399 filed on Aug. 6, 2002 entitled, “A Secure Enrollment Process for a Biometric Personal Identification Device,” each of which is herein incorporated by reference in their entireties.
This application is related to U.S. patent application Ser. No. 12/190,061, entitled “Methods for Secure Backup of Personal Identity Credentials for Electronic Devices” and Ser. No. 12/190,064, entitled “Methods for Secure Restoration of Personal Identity Credentials for Electronic Devices,” each filed on the same date, and each of which is incorporated herein by reference their entirety.
24 Claims, 6 Drawings


Abstract

A method and system for securely enrolling personal identity credentials into personal identification devices. The system of the invention comprises the manufacturer of the device and an enrollment authority. The manufacturer is responsible for recording serial numbers or another unique identifier for each device that it produces, along with a self-generated public key for each device. The enrollment authority is recognized by the manufacturer or another suitable institution as capable of validating an individual before enrolling him into the device. The enrollment authority maintains and operates the appropriate equipment for enrollment, and provides its approval of the enrollment. The methods described herein discuss post-manufacturing, enrollment, backup, and recovery processes for the device.

Independent Claims | See all claims (24)

  1. 1. A method, comprising: verifying, at a personal identification device, a validity of an enrollment authority based on an encrypted verification string associated with the enrollment authority, the verifying including comparing a decrypted verification string and an unencrypted verification string such that the validity of the enrollment authority is verified when the decrypted verification string matches the unencrypted verification string, the decrypted verification string being produced by the personal identification device based on the encrypted verification string and a public key associated with the enrollment authority; sending from the personal identification device an encrypted session key to the enrollment authority when the validity of the enrollment authority is verified; downloading, at the personal identification device, biometric data encrypted using the encrypted session key after the sending and when the validity of the enrollment authority is verified; and storing, only at the personal identification device, the biometric data after the receiving such that the biometric data is prevented from being transmitted from the personal identification device after the storing.
  2. 8. A method, comprising: verifying, at an enrollment authority, a validity of a personal identification device based on an encrypted verification string associated with the personal identification device, the verifying including comparing a decrypted string and a device verification string such that the validity of the personal identification device is verified when the decrypted string matches the device verification string; receiving, at the enrollment authority, an encrypted session key from the personal identification device; and sending, from the enrollment authority, a signal configured to permit the personal identification device to download biometric data encrypted using the encrypted session key after the validity of the personal identification device is verified such that the biometric data is stored only at the personal identification device and prevented from being transmitted from the personal identification device.
  3. 17. An apparatus, comprising: a memory configured to store biometric data of a user; a processor coupled to the memory, the processor configured to verify a validity of an enrollment authority based on an encrypted string associated with the enrollment authority and a digital certificate uniquely associated with the enrollment authority; the processor configured to compare a decrypted string and an enrollment authority verification string such that the validity of the enrollment authority is verified when the decrypted string matches the enrollment authority verification string; a biometric sensor coupled to the processor, the biometric sensor configured to receive biometric data from the user; a transmitter coupled to the processor, the processor configured to send an encrypted session key to the enrollment authority via the transmitter when the validity of the enrollment authority is verified; and a receiver coupled to the processor, the receiver configured to receive the digital certificate uniquely associated with the enrollment authority, the digital certificate including a public key of the enrollment authority, the processor configured to download and store the biometric data when the validity of the enrollment authority is verified, the receiver configured to store the biometric data such that such that the biometric data is prevented from being transmitted by the transmitter after the storing.

References Cited

U.S. Patent Documents

Document NumberAssigneesInventorsIssue/Pub Date
US4993068 Motorola, Inc. Piosenka et al. Feb 1991
US5053608 SENANAYAKE DAYA R Senanayake Oct 1991
US5131038 Motorola, Inc. Puhl et al. Jul 1992
US5280527 Kamahira Safe Co., Inc. Gullman et al. Jan 1994
US5469506 Pitney Bowes Inc. Berson et al. Nov 1995
US5473692 Intel Corporation Davis Dec 1995
US5481265 Russell Jan 1996
US5526428 International Business Machines Corporation Arnold Jun 1996
US5591949 Bernstein Jan 1997
US5613012 Smarttouch, LLC. Hoffman et al. Mar 1997
US5615277 Hoffman Mar 1997
US5659616 Certco, LLC Sudia Aug 1997
US5729220 Russell Mar 1998
US5805719 SmartTouch Pare, Jr. et al. Sep 1998
US5838812 SmartTouch, LLC Pare, Jr. et al. Nov 1998
US5870723 Pare, Jr. et al. Feb 1999
US5872848 Arcanvs Romney et al. Feb 1999
US5920640 Harris Corporation Salatino et al. Jul 1999
US5930804 Philips Electronics North America Corporation Yu et al. Jul 1999
US5952641 C-SAM S.A. Korshun Sep 1999
US5991408 Veridicom, Inc. Pearson et al. Nov 1999
US6038666* TRW Inc. Hsu et al. Mar 2000
US6041410 TRW Inc. Hsu et al. Mar 2000
US6076167 DEW Engineering and Development Limited Borza Jun 2000
US6084968 Motorola, Inc. Kennedy et al. Jul 2000
US6154879* SmartTouch, Inc. Pare et al. Nov 2000
US6167517 Oracle Corporation Gilchrist et al. Dec 2000
US6181803 Intel Corporation Davis Jan 2001
US6182221* TRW Inc. Hsu et al. Jan 2001
US6185316 Unisys Corporation Buffam Feb 2001
US6201484 Transforming Technologies, LLC Russell Mar 2001
US6202151 GTE Service Corporation Musgrave et al. Mar 2001
US6219793 Hush, Inc. Li et al. Apr 2001
US6256737* BioNetrix Systems Corporation Bianco et al. Jul 2001
US6268788 Litronic Inc. Gray Jul 2001
US6282649 International Business Machines Corporation Lambert et al. Aug 2001
US6310966 GTE Service Corporation Dulude et al. Oct 2001
US6317834* International Business Machines Corporation Gennaro et al. Nov 2001
US6353889 Mytec Technologies Inc. Hollingshead Mar 2002
US6366682 Indivos Corporation Hoffman et al. Apr 2002
US6367017 Litronic Inc. Gray Apr 2002
US6397198 Indivos Corporation Hoffman et al. May 2002
US6446210 Activcard Ireland Limited Borza Sep 2002
US6466781 Siemens Aktiengesellschaft Bromba et al. Oct 2002
US6484260* Identix, Inc. Scott et al. Nov 2002
US6487662 Kharon et al. Nov 2002
US6490680 TecSec Incorporated Scheidt et al. Dec 2002
US6505193 Iridian Technologies, Inc. Musgrave et al. Jan 2003
US6529885 Oracle Corporation Johnson Mar 2003
US6532298 Iridian Technologies, Inc. Cambier et al. Mar 2003
US6581161 International Business Machines Corporation Byford Jun 2003
US6609198 Sun Microsystems, Inc. Wood et al. Aug 2003
US6615264 Sun Microsystems, Inc. Stoltz et al. Sep 2003
US6618806 Saflink Corporation Brown et al. Sep 2003
US6636973 Hewlett-Packard Development Company, L.P. Novoa et al. Oct 2003
US6657538 Swisscom Mobile AG Ritter Dec 2003
US6662166 Indivos Corporation Pare, Jr. et al. Dec 2003
US6668332 International Business Machines Corporation McNeil Dec 2003
US6671808 Rainbow Technologies, Inc. Abbott et al. Dec 2003
US6681034 Precise Biometrics Russo Jan 2004
US6719200 Precise Biometrics AB Wiebe Apr 2004
US6728881 The United States of America as represented by the Secretary of the Army Karamchetty Apr 2004
US6735695 International Business Machines Corporation Gopalakrishnan et al. May 2004
US6751734 NEC Corporation Uchida Jun 2004
US6757411 Liska Biometry Inc. Chau Jun 2004
US6765470 Fujitsu Limited Shinzaki Jul 2004
US6766040 Biometric Solutions, LLC Catalano et al. Jul 2004
US6775776 Intel Corporation Vogt et al. Aug 2004
US6786397 Silverbrook Research Pty Ltd Silverbrook et al. Sep 2004
US6819219* International Business Machines Corporation Bolle et al. Nov 2004
US6820202 First Data Corporation Wheeler et al. Nov 2004
US6832317 Advanced Micro Devices, Inc. Strongin et al. Dec 2004
US6836843 Hewlett-Packard Development Company, L.P. Seroussi et al. Dec 2004
US6839688 Diebold, Incorporated Drummond et al. Jan 2005
US6844660 Cross Match Technologies, Inc. Scott Jan 2005
US6848052 Activcard Ireland Limited Hamid et al. Jan 2005
US6850147 Mikos, Ltd. Prokoski et al. Feb 2005
US6850252 Hoffberg Feb 2005
US6853739 Bio Com, LLC Kyle Feb 2005
US6853988 Security First Corporation Dickinson et al. Feb 2005
US6857073 Equifax Inc. French et al. Feb 2005
US6862443 Ford Global Technologies, LLC Witte Mar 2005
US6870946 SecuGen Corporation Teng et al. Mar 2005
US6870966 Silverbrook Research PTY LTD Silverbrook et al. Mar 2005
US6871193 Verizon Corporate Services Group Campbell et al. Mar 2005
US6871287 Ellingson Mar 2005
US6871784 Trijay Technologies International Corporation Jayaratne Mar 2005
US6876757 Geometric Informatics, Inc. Yau et al. Apr 2005
US6877097 ActivCard, Inc. Hamid et al. Apr 2005
US6879243 Penco Products, Inc. Booth et al. Apr 2005
US6879966 Indivos Corporation Lapsley et al. Apr 2005
US6880749 Diebold, Incorporated Green et al. Apr 2005
US6880750 Pentel Apr 2005
US6883709 Famous Horse, Inc. Joseph Apr 2005
US6886096 Voltage Security, Inc. Appenzeller et al. Apr 2005
US6886101 American Express Travel Related Services Company, Inc. Glazer et al. Apr 2005
US6886104 Cross Match Technologies McClurg et al. Apr 2005
US6888445 Gotfried et al. May 2005
US6898577 Oracle International Corporation Johnson May 2005
US6901154 ActivCard Ireland Limited Dunn May 2005
US6901155 National University of Singapore Xia et al. May 2005
US6901266 Henderson May 2005
US6901382 Diebold, Incorporated Richards et al. May 2005
US6914517* Dalton Patrick Enterprises, Inc. Kinsella Jul 2005
US6957185* Enco-Tone, Ltd. Labaton Oct 2005
US6957337 International Business Machines Corporation Chainer et al. Oct 2005
US6963659 FaceKey Corp. Tumey et al. Nov 2005
US6985502 Hewlett-Packard Development Company, L.P. Bunton Jan 2006
US7024562* OptiSec Technologies Ltd. Flink et al. Apr 2006
US7028191* MICHENER JOHN R Michener et al. Apr 2006
US7035442 Secugen Corporation Ha et al. Apr 2006
US7069444 Brent A. Lowensohn Lowensohn et al. Jun 2006
US7287158* Sony Corporation Futamura et al. Oct 2007
US7305562* Citibank, N.A. Bianco et al. Dec 2007
US7310734 3M Innovative Properties Company Boate et al. Dec 2007
US7590861 Privaris, Inc. Abdallah et al. Sep 2009
US7613659* YT Acquisition Corporation Hoffman et al. Nov 2009
US7788501 Privaris, Inc. Abdallah et al. Aug 2010
US20020003892 Casio Computer Co., Ltd. Iwanaga Jan 2002
US20020023217 Wheeler et al. Feb 2002
US20020026427* Sony Corporation Kon et al. Feb 2002
US20020056043 Sensar, Inc. Glass May 2002
US20020087857 Tsao et al. Jul 2002
US20020095586 International Business Machines Corporation Doyle et al. Jul 2002
US20020104006* Boate et al. Aug 2002
US20020129251 Itakura et al. Sep 2002
US20020133716 Harif Sep 2002
US20020174344 Imprivata, Inc. Ting Nov 2002
US20020186838* Brandys Dec 2002
US20030101349* Wang May 2003
US20030115475* Russo et al. Jun 2003
US20030115490 Russo et al. Jun 2003
US20030200257 Milgramm et al. Oct 2003
US20040015958* Veil et al. Jan 2004
US20040044627* Russell et al. Mar 2004
US20090037745 Abdallah et al. Feb 2009
US20090037746 Abdallah et al. Feb 2009
US20100005315 Abdallah et al. Jan 2010

Foreign Patent Documents

Document NumberAssigneesInventorsIssue/Pub Date
WO199908238Feb 1999
WO199908238*Feb 1999
WO200065770*VERIDICOM, INC.Nov 2000
WO200141032David RUSSELLJun 2001
WO2004014017PRIVARIS, INC.Feb 2004
* cited by examiner

Other Publications

International Search Report for PCT/US03/24472 dated Nov. 20, 2003, 2 pages.
Schneier, Bruce, “Applied Cryptography: Protocols, Algorithms, and Source Code in C,” Second Edition, 1996, John Wiley & Sons, Inc., pp. 31-34.
Office action for Canadian Patent Application No. 2,494,299, mailed on Jul. 31, 2008; 3 pages.
Fumiko Komatsu, PKI Handbook, Japan, Soft Research Center Inc., Nov. 25, 2000, pp. 105-108.
Office Action for U.S. Appl. No. 12/190,061, mailed on Sep. 1, 2009; 5 pages.
Office Action for U.S. Appl. No. 12/190,064, mailed on Sep. 2, 2009; 5 pages.
Office Action for U.S. Appl. No. 10/635,762, mailed on Jul. 11, 2007; 10 pages.
Office Action for U.S. Appl. No. 10/635,762, mailed on Jan. 8, 2008; 18 pages.
Office Action for U.S. Appl. No. 10/635,762, mailed on Aug. 20, 2008; 19 pages.
Final Office Action for U.S. Appl. No. 12/190,064, mailed on Aug. 17, 2010, 10 pages.
Office Action for U.S. Appl. No. 12/560,254, mailed on Sep. 17, 2010, 12 pages.
Office Action for Canadian Patent Application No. 2,494,299, mailed on Jul. 7, 2010, 3 pages.
English translation of Office Action for Japanese Patent Application No. 2004-526454, mailed on Jul. 14, 2009, 5 pages.
English translation of Office Action for Japanese Patent Application No. 2004-526454, mailed on Apr. 13, 2010, 3 pages.

Referenced By

Document NumberAssigneeInventorsIssue/Pub Date
US8407480 --
US8478992 --

Patent Family

The current document is not in a family.