EP1151417A1 - Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a person - Google Patents
Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a personInfo
- Publication number
- EP1151417A1 EP1151417A1 EP00908967A EP00908967A EP1151417A1 EP 1151417 A1 EP1151417 A1 EP 1151417A1 EP 00908967 A EP00908967 A EP 00908967A EP 00908967 A EP00908967 A EP 00908967A EP 1151417 A1 EP1151417 A1 EP 1151417A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- arrangement
- data
- person
- signals
- input data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/21—Individual registration on entry or exit involving the use of a pass having a variable access code
Definitions
- Biometric characteristics such as fingerprint patterns, iris patterns, and similar characteristics of a person are characterized by their uniqueness and immutability. Therefore, every person can be easily recognized by such biometric features with the help of information technology systems.
- a secret password is also a characteristic of a person, as long as the password has not been revealed. Biometric characteristics and passwords are therefore generally well suited for the purposes mentioned.
- Modern biometric verification methods initially record the biometric characteristics of a person using a special sensor as raw data.
- the actual features can be extracted from this raw data using special algorithms.
- the verification or identification is then carried out by comparing a stored set of reference features with the current features.
- the object of the invention is to improve this situation. This object is achieved with the aid of an arrangement for recording and evaluating data or signals with features according to claim 1 or by a method for checking the identity or authorization of a person with features according to claim 5.
- the invention is based on the idea of not transferring the data characteristic of a person to a third-party system, but of capturing this data or signals by an arrangement which is in the possession of the authorized person, and with the aid of this arrangement input data which the Receives the order from a third-party system to be encrypted, so that the third-party system does not recognize the authorization of the person by their characteristics, which are to be protected, but by the correct encryption of the input data.
- Input data encryption takes place within the arrangement that is particularly secured against unauthorized access. This effectively protects a person's characteristic data against misuse.
- FIG. 1 shows the structure of a preferred embodiment of the invention in a schematic manner and at the same time illustrates the sequence of a method according to the invention.
- An arrangement according to the invention for recording and evaluating data or signals, in particular for checking the identity or authorization of a person, etc., comprises a device (DE) for recording data (D) or signals (S) and a device (DV) for Checking the recorded data or signals within the arrangement and a device (KE) for encrypting input data (ED) within the arrangement.
- DE device
- D data
- S signals
- DV device
- KE device
- ED encrypting input data
- the device for acquiring data or signals can be a simple keyboard of a computer or communication terminal or another small device.
- a graphical input medium such as e.g. a pressure-sensitive input surface, perhaps with an underlying display, can be used.
- Such input devices are particularly suitable for entering passwords or signatures.
- the device for recording data or signals can also be a microphone, or a camera, or a
- Fingerprint sensor Further devices, in particular for recording biometric characteristics of a person, are conceivable.
- the recorded data or signals can include anything from text, numbers, lettering, to voice samples, spoken words or sentences, all for identification or for
- the user can therefore be sure, at least as long as he remains in the exclusive possession of the arrangement and can rule out interference by unauthorized persons, that his data cannot be misused. Passes the exam successful (positive), ie if the recorded data and signals indicate an entry by an authorized user in the sense of checking, input data (ED), which are supplied to the arrangement from outside, are encrypted with the help of a device (KE) the arrangement is encrypted.
- ED input data
- KE device
- An external system can now check the correct encryption of the input data and thus the identity of the person or your authorization at any time. All that is required is to read out and check the encrypted input data. The characteristic data of the person remain in the arrangement and are therefore protected against misuse.
- the personal data can be checked within the arrangement in many different ways.
- Another possibility is to supply the characteristic data to a decision function, which directly determines the test result in the form of a yes / no decision.
- the simplest, however, is probably the direct comparison of the data, signals or feature data with reference data (RD) stored in a memory device (SEI) of the arrangement.
- RD reference data
- SEI memory device
- the key (K) is not calculated directly within the arrangement, it is advantageous to store it in a storage device (SE2) within the arrangement.
- SE2 storage device
- Another possibility would be to use a "hard-wired" encryption algorithm, in which the key is implicit in the architecture is hidden from the circuit.
- this method has the disadvantage of more complex production.
- the explicitly stored key is the only person-specific parameter of an otherwise universal arrangement.
- asymmetrical key pairs are particularly suitable.
- the key (K) would be the private key of the authorized person, which is to be kept secret.
- the public key would be used to decrypt the encrypted input data in a third-party information system that wants to check the identity or authorization of the person.
- Random or pseudo-random sequences of characters, numbers or symbols are particularly suitable as input data (ED), the correct encryption of which can easily be checked by the checking external system and which can practically not be predicted or guessed by an attacker.
- the return time of these symbol rims should also be sufficiently long, i.e. be practically infinitely long.
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Collating Specific Patterns (AREA)
Abstract
Description
Claims
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE19905033 | 1999-02-08 | ||
DE19905033 | 1999-02-08 | ||
PCT/DE2000/000284 WO2000048133A1 (en) | 1999-02-08 | 2000-02-01 | Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a person |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1151417A1 true EP1151417A1 (en) | 2001-11-07 |
Family
ID=7896762
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP00908967A Ceased EP1151417A1 (en) | 1999-02-08 | 2000-02-01 | Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a person |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1151417A1 (en) |
CN (1) | CN1154960C (en) |
HU (1) | HUP0201309A2 (en) |
WO (1) | WO2000048133A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU2003240355B2 (en) * | 2003-06-24 | 2009-07-09 | T-Cos Solutions Gmbh | Work time recording system and method for recording work time |
CN101926675B (en) | 2009-10-30 | 2012-08-08 | 华为技术有限公司 | Method, device and system for remotely acquiring physical detection data of user |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
US5680460A (en) * | 1994-09-07 | 1997-10-21 | Mytec Technologies, Inc. | Biometric controlled key generation |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE3412663A1 (en) * | 1984-04-04 | 1985-10-17 | Siemens AG, 1000 Berlin und 8000 München | CHIP CARD SYSTEM |
US5657388A (en) * | 1993-05-25 | 1997-08-12 | Security Dynamics Technologies, Inc. | Method and apparatus for utilizing a token for resource access |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US6213391B1 (en) * | 1997-09-10 | 2001-04-10 | William H. Lewis | Portable system for personal identification based upon distinctive characteristics of the user |
-
2000
- 2000-02-01 CN CNB008035717A patent/CN1154960C/en not_active Expired - Lifetime
- 2000-02-01 EP EP00908967A patent/EP1151417A1/en not_active Ceased
- 2000-02-01 WO PCT/DE2000/000284 patent/WO2000048133A1/en active Application Filing
- 2000-02-01 HU HU0201309A patent/HUP0201309A2/en unknown
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
US5680460A (en) * | 1994-09-07 | 1997-10-21 | Mytec Technologies, Inc. | Biometric controlled key generation |
Non-Patent Citations (2)
Title |
---|
"Applied Cryptography", 1 January 1996, WILEY, ISBN: 978-0-47-112845-8, article BRUCE SCHNEIER: "Applied Cryptography 2nd Ed.", pages: 44,45,52-55, XP055190859 * |
See also references of WO0048133A1 * |
Also Published As
Publication number | Publication date |
---|---|
HUP0201309A2 (en) | 2002-09-28 |
CN1377492A (en) | 2002-10-30 |
WO2000048133A1 (en) | 2000-08-17 |
CN1154960C (en) | 2004-06-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE69228315T2 (en) | ACCESS CONTROL SYSTEMS | |
DE69415053T2 (en) | Method and device for credit card authenticity checking | |
DE10249801B3 (en) | Method of performing a secure electronic transaction using a portable data carrier | |
GB2321743A (en) | Method and apparatus for securely handling data in a database of biometrics and associated data | |
EP1199623A2 (en) | Method and system for user identification | |
WO2011072717A1 (en) | Authorizing system, comparing device, and method for authorizing a subject | |
DE19860177A1 (en) | Chip card function releasing device comprises pocket chip card reader with checking component in chip card for verifying authentication data | |
DE69330743T2 (en) | Procedure for the certification of one unit of information by another | |
EP1706957B1 (en) | Biometric authentication | |
EP3182317A1 (en) | Apparatus and method for personalised provision of a key | |
CN108198306A (en) | Access control system with a variety of verification channels | |
WO2005050911A1 (en) | Authorisation of a transaction | |
DE19715644A1 (en) | Identity verification procedures | |
DE10203926A1 (en) | Data carrier e.g. smart card with personal data security, has storage element for encoded person-specific data based on biometric characteristics | |
EP2300955A1 (en) | Method and apparatus for improving biometric identification systems | |
DE19822206A1 (en) | Device for recognition of living being or object | |
EP1151417A1 (en) | Arrangement for determining and evaluating data or signals and method for verifying the identity or authorisation of a person | |
DE102017115669A1 (en) | Mobile communication device for communicating with an access control device | |
DE4439593A1 (en) | Authorised access security-control device | |
EP1057144A1 (en) | Access authorization or identification medium and method for the production of the same | |
DE102018010027A1 (en) | Settlement system | |
DE19710664A1 (en) | Voice recognition method for access control, e.g. to secure car park | |
US20070124598A1 (en) | System And Method For Providing Security | |
DE102009014919A1 (en) | Method for authenticating user to system e.g. automated teller machine, involves comparing compressed recording value with stored recording value so that access to secured function is denied based on correlation of values | |
DE102016110274B4 (en) | Method for a biometric-based triggering of a user action by means of an ID token assigned to a user |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20010621 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE |
|
RBV | Designated contracting states (corrected) |
Designated state(s): DE FR GB |
|
17Q | First examination report despatched |
Effective date: 20080207 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SIEMENS AKTIENGESELLSCHAFT |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SIEMENS AKTIENGESELLSCHAFT |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20150925 |