RU116673U1 - COMPLEX OF COMMUNICATION FACILITIES FOR ORGANIZING TRUSTED CONNECTION OF TERMINALS TO THE BIOMETRIC IDENTIFICATION AND AUTHENTICATION SERVER - Google Patents

Abstract

A set of interface tools for organizing a trusted connection of terminals to a biometric identification and authentication server, containing a personal electronic computer (PC) in industrial design (industrial computer) with a network software for organizing secure exchange and software for secondary processing of biometric information, a terminal console connected via the interface 2 x PS / 2 and VGA with an industrial computer, an uninterruptible power supply connected via a secondary power supply to an industrial computer and a terminal console, and via a primary network with a ~ 220 V source, characterized in that the interface complex additionally contains a switch, the first whose inputs-outputs are connected to the first FTP interface of the industrial computer, and the second inputs-outputs via the Ethernet interface with external access terminals, the router, the first inputs-outputs of which are connected to the second output-inputs (FTP) of the industrial about a computer, a hardware-software encryption complex, the first inputs-outputs of which are connected via the FTP interface to the second inputs-outputs of the router, and the second inputs-outputs via an IP network are connected to an external central server, a switch, a router, a hardware-software encryption complex is connected with a secondary power supply circuit of an uninterruptible power supply.

Description

Technical field

This technical solution relates to the field of computer technology, namely: to control and access control systems by biometric parameters.

State of the art

One of the analogues of this technical solution is the TERMINAL FOR THE TRANSFER OF IDENTIFICATION DATA IN BIOMETRIC SYSTEMS (OPTIONS) (utility model patent RU 50028 U1, application 20051200403/22 dated 06/30/2005, published December 10, 2005) containing a microcontroller, an input device 3D images, consisting of a block of multichannel sources of structured illumination, a block for registering and processing an image, an electronic block for image addition, designed to form a 3D image representing a linear structure, arose guide surfaces on the human face, distorted relief surface of said face, the first controller for controlling the multi-unit structured illumination sources, a second controller for controlling the recording unit and the image processing fingerprint reader and a wireless Wi-Fi transceiver or ZigBee. In the second embodiment, the terminal further comprises a non-volatile memory, in the third embodiment, the terminal further comprises a keyboard, and in the fourth embodiment, a non-volatile memory and keyboard.

The disadvantage of this analogue is the presence of a microcontroller, which requires the implementation to use additional circuitry solutions.

Another analogue of the claimed technical solution is the TERMINAL FOR TRANSMISSION OF IDENTIFICATION DATA IN BIOMETRIC SYSTEMS (OPTIONS) (utility model patent RU 49323 U1, application 2005117175/22 of 06.06.2005, IPC G08C 17/02, published on 10.11.2005) microcontroller, 3D input devices, fingerprint reader and Wi-Fi or ZigBee wireless transceiver. In the second embodiment, the terminal further comprises an input / output port, in the third embodiment, the terminal further comprises non-volatile memory, and in the fourth embodiment, a keyboard.

The disadvantage of this analogue is that when implemented, in addition to the need to use additional circuit solutions, the organization of a wireless data channel is required.

The next analogue of the claimed technical solution is the TERMINAL FOR TRANSMISSION OF IDENTIFICATION DATA IN BIOMETRIC SYSTEMS (OPTIONS) (utility model patent RU 50327 U1, application 2005120795/22 dated 05.07.2005, published on 12/27/2005) containing a microcontroller, an input port output, RFID reader, fingerprint reader and image input device. Embodiments of the terminal also differ in the execution of the image input device.

The disadvantages of this analogue are:

- limited possibility of its use in remote access control and management systems using highly reliable biometric protection in accordance with GOST 52633, since the hardware implementation of the interaction of external devices connected to the microcontroller implies the need to increase the cost of manufacturing and maintenance of the terminal during operation;

- the need for the manufacture of cards containing radio frequency tags.

The closest analogue (prototype) of the claimed technical solution is the access terminal to the server of the biometric system based on handwritten handwriting analysis (patent for the mentioned model RU 113605 U1, application 2011144040 dated 10.31.2011, published 02.20.2012) containing a personal electronic computer (PC), including a monitor, keyboard, mouse-type manipulator, which provides the primary processing of biometric information (handwritten word-password), with software installed on it; a printer and an uninterruptible power supply, the input of which is connected to a ~ 220 V, 50 Hz network, and the outputs - to the inputs of the corresponding terminal devices, characterized in that it additionally contains a graphic tablet for entering a handwritten word-password, a 3D image input device consisting of two HD cameras designed to form a 3D image representing a line structure that appears on the surface of a person’s face, distorted by the surface relief of the said person. In the second embodiment, the terminal is characterized in that it is connected to a node for access control and secondary processing of biometric information, which is connected via an IP network to a centralized data storage and processing server.

The disadvantage of the prototype is its narrow focus, which allows the analysis of biometric parameters only on the basis of one method (handwritten input of the word password).

Utility Model Essence

A set of interface tools for organizing trusted connection of terminals to a biometric identification and authentication server contains an industrial personal computer (industrial computer) (industrial computer) with network software for organizing secure exchange and software for secondary processing of biometric information, a terminal console connected via interface 2 x PS / 2 and VGA with industrial computer, uninterruptible power supply, connected via a secondary lektropitaniyu with industrial PC and console terminal, and on the primary network with a source of ~ 220 V.

The purpose of creating a utility model is to provide the ability to control and monitor the connections of clients of remote access systems using biometric identification and authentication methods on a central server, to redistribute the computational burden of processing biometric information to minimize user authorization time.

The complex of interface equipment additionally contains a switch, the first inputs and outputs of which are connected to the first FTP interface of the industrial computer, and the second inputs and outputs of the interface via Ethernet with external access terminals, a router, the first inputs and outputs of which are connected to the second outputs-inputs (FTP) of the industrial a computer, a hardware-software complex of encryption, the first inputs and outputs of which are connected via FTP interface to the second inputs and outputs of the router, and the second inputs and outputs via an IP network are connected to an external center a real server, a switch, a router, an encryption hardware-software complex is connected to the secondary power supply circuit of an uninterruptible power supply source.

List of figures, drawings and other materials

Figure 1 shows the structural diagram of a set of pairing tools for organizing a trusted connection of terminals to a biometric identification and authentication server. Figure 2 shows a possible diagram of the use of the complex in a control and access control system for biometric parameters.

Utility Model Execution Implementation Example

A set of interface tools for organizing a trusted connection (figure 1) contains:

1. Industrial computer,

2. Router

3. The switch

4. Hardware-software complex encryption,

5. Uninterruptible power supply,

6. The terminal console

7. Network software for organizing a secure exchange,

8. Software for secondary processing of biometric information,

9. A set of interface tools for organizing trusted connection of terminals to a biometric identification and authentication server.

The complex is intended for use in centralized queuing systems that use methods of comparing biometric parameters as methods of identification and authentication of users.

A possible scheme for using the terminal is shown in FIG. 2.

Figure 2 additionally indicated:

10 Access terminal based on the analysis of papillary finger pattern,

11 Special access terminal based on the analysis of a handwritten word-password,

12. The server of centralized storage and data processing,

13. IP network.

To gain access to the storage and processing server of heterogeneous data, a pre-registered user from the access terminal initiates the launch of the program for connecting to the server. The program asks the user to enter biometric parameters for his identification and subsequent authentication on the server. After entering, biometric data is subjected to primary processing and sent to the interface to establish a trusted connection for access control and secondary processing of biometric data, from where, after appropriate processing, they are sent to the system server for authentication of the current user. In case of successful authentication, the system establishes a session of interaction with the server for the current user. Information during the interaction of the terminal user with one of the central servers of the system is transmitted through a set of interface tools, which allows for control and monitoring of the interaction.

Industrial applicability

This utility model is industrially feasible. It can be used for various remote access systems, provided that the server uses mechanisms for identifying and authenticating users by processing personalized biometric parameters, and access terminals use biometric data input devices.

Claims (1)

A set of interface tools for organizing trusted connection of terminals to a biometric identification and authentication server, containing a personalized personal computer (PC) in industrial design (industrial computer) with network software for organizing secure exchange and software for secondary processing of biometric information, a terminal console connected via 2 x PS / 2 and VGA with an industrial computer, uninterruptible power supply, connected via a secondary power supply with an industrial computer and terminal console, and on the primary network with a source of ~ 220 V, characterized in that the complex of interface means additionally contains a switch, the first inputs and outputs of which are connected to the first FTP interface of the industrial computer, and the second inputs and outputs via the interface Ethernet with external access terminals, a router, the first inputs and outputs of which are connected to the second outputs and inputs (FTP) of an industrial computer, a hardware-software encryption complex, whose first inputs and outputs are about FTP interface connected to the second input-output of the router, and the second input-output through the IP-network is connected to an external central server, switch, router, the hardware-software system encryption circuit coupled to the secondary power supply UPS.