WO2007111573A1 - Procede et systeme d'acces en ligne a un serveur - Google Patents

Procede et systeme d'acces en ligne a un serveur Download PDF

Info

Publication number
WO2007111573A1
WO2007111573A1 PCT/SG2007/000083 SG2007000083W WO2007111573A1 WO 2007111573 A1 WO2007111573 A1 WO 2007111573A1 SG 2007000083 W SG2007000083 W SG 2007000083W WO 2007111573 A1 WO2007111573 A1 WO 2007111573A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
user
computer
images
captured images
Prior art date
Application number
PCT/SG2007/000083
Other languages
English (en)
Inventor
Juel Hoi Tang
Original Assignee
Digital Info Technology Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digital Info Technology Pte Ltd filed Critical Digital Info Technology Pte Ltd
Publication of WO2007111573A1 publication Critical patent/WO2007111573A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2109Game systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Definitions

  • the present invention relates broadly to a method and system for providing or gaining online access to a server, to a server for providing an online service, and to a data storage medium having stored thereon computer code means for instructing a computer system to execute a method of providing or gaining online access to a server.
  • a method of providing online access to a server comprising capturing one or more live images of a user utilising a camera connected to a computer; sending the captured images from the computer to the server in electronic form; and verifying the user based on reference images of the user stored at the server.
  • the method may further comprise incorporating a time/date information into the captured images in the electronic form for sending to the server, and the verifying of the user comprises utilising the time/date information to verify a liveness of the captured images received at the server.
  • the time/date information may be incorporated utilising digital watermarking.
  • the method may further comprise capturing the reference images during a registration process, and performing image processing to synthesise a set of reference images based on each captured image, wherein one or more image parameters are varied between the reference images of the set.
  • Verifying the user may comprise retrieving the reference images based on a user name entered by the user and sent to the server.
  • a system for providing online access to a server comprising the server; a computer connected to the server via a network; a camera connected to the computer for capturing one or more live images of a user; a network communication module for sending the captured images from the computer to the server in electronic form via the network; and wherein the server verifies the user based on reference images of the user stored at the server.
  • the system may further comprise an image processing module incorporating a time/date information into the captured images in the electronic form for sending to the server by the network communication module, and the server further verifies a liveness of the captured images received at the server based on the time/date information.
  • the image processing module may utilise digital watermarking to incorporate the time/date information.
  • the remote sever may further perform image processing to synthesise a set of reference images based on respective captured reference images for user registration, wherein one or more image parameters are varied between the reference images of the set.
  • the server may retrieve the reference images based on a user name entered by the user on the computer and sent to the server by the network communication module.
  • a system for providing online access to a server comprising a computer for connection to the server via a network; a camera connected to the computer for capturing one or more live images of a user; and a network communication module for sending the captured images from the computer to the server in electronic form via the network for verification of the user based on one or more reference images of the user stored at the server.
  • the system may further comprise an image processing module incorporating a time/date information into the captured images in the electronic form for sending to the server by the network communication module, for verification of a liveness of the captured images received at the server based on the time/date information.
  • a server for providing an online service, the server comprising an network communication module for receiving captured images of a user in electronic form via a network; a database for storing one or more reference images of the user; and a processor for verifying the user based on the reference images stored in the database and for allowing access to the server based on the verification.
  • the processor may further verify a liveness of the captured images received via the network communication module based on time/date information incorporated into the captured images in the electronic form.
  • a data storage medium having stored thereon computer code means for instructing a computer system to execute a method of providing online access to a server, the method comprising capturing live images of a user utilising a camera connected to a computer; sending the captured images from the computer to the server in electronic form; and verifying the user based on one or more reference images of the user stored at the server.
  • the method may further comprise incorporating a time/date information into the captured images in the electronic form for sending to the server, and the verifying of the user comprises utilising the time/date information to verify a liveness of the captured images received at the server.
  • a data storage medium having stored thereon computer code means for instructing a computer to execute a method of gaining online access to a server, the method comprising capturing one or more live images of a user utilising a camera connected to a computer; and sending the captured images from the computer to the server in electronic form for verification of the user based on one or more reference images of the user stored at the server.
  • the method may further comprise incorporating a time/date information into the captured images in the electronic form for sending to the server, and the verifying of the user comprises utilising the time/date information to verify a liveness of the captured images received at the server.
  • a data storage medium having stored thereon computer code means for instructing a server to execute a method of providing online access to the server, the method comprising receiving one or more captured images of a user in electronic form; and verifying the user based on one or more reference images of the user stored at the server.
  • the method may further comprise utilising time/date information incorporated into the captured images in the electronic form to verify a liveness of the captured images received at the server.
  • a method of gaining online access to a server comprising capturing one or more live images of a user utilising a camera connected to a computer; and sending the captured images from the computer to the server in electronic form for verifying the user based on one or more reference images of the user stored at the server.
  • the method may further comprise incorporating a time/date information into the captured images in the electronic form for sending to the server, for utilising the time/date information to verify a liveness of the captured images received at the server.
  • a method of providing online access to a server comprising receiving one or more captured images of a user from a computer in electronic form; and verifying the user based on one or more reference images of the user stored at the server.
  • a time/date information may be incorporated into the captured images in the electronic form for sending to the server, and the method comprises verifying of the user comprises utilising the time/date information to verify a liveness of the captured images received at the remote server.
  • Figure 1 is a schematic drawing of an online access system.
  • Figure 2 is a schematic diagram illustrating a computer system for implementing components of the system of Figure 1.
  • Figure 3 shows a flow chart diagram illustrating online access registration in the system of Figure 1.
  • Figure 4 shows a flow chart diagram illustrating online authentication in the system of Figure 1.
  • Figure 5 shows a flow chart diagram illustrating online recognition in the system of Figure 1.
  • Figure 6 shows a processing flowchart illustrating image processing in the system of Figure 1.
  • Figure 7 shows a flowchart illustrating a method of providing online access to server.
  • Figure 8 shows a flowchart illustrating a method of gaining online access to server.
  • Figure 9 shows a flowchart illustrating a method of providing online access to a server.
  • FIG. 1 is a schematic drawing of an online access system 100.
  • the system 100 comprises an online server 102 connected to the internet 104 for provision of an online service.
  • the online service can take a number of forms, including, but not limited to online computer games, online casino gaming, online banking, e-mail, electronic auctions, electronic commerce, online shopping, or electronic publications.
  • a user can access the server 102 utilising a computer 106 connected to the internet 104.
  • the computer 106 can take many forms, including but not limited to, a desktop computer, a laptop computer, a portable computer device such as a personal digital assistance (PDA) or a mobile phone. Both the computer 106 and the server 102 may be connected to the internet through a wired or wireless connection.
  • the computer 106 and the server 102 include internet communication modules 107, 103 respectively, as well as image processing modules 109, 105 respectively.
  • a user database 108 is coupled to the server 102 for storing user data including user account, user authentication, and user details information.
  • user data including user account, user authentication, and user details information.
  • a new user creates a new account, he connects to a website of the server 102 via the computer 106, and enters a user name and stores one or more face images of himself, which are captured by a web camera 110 and sent to the online server 102. The next time the user logs into the server 102, the user will only key in the user name.
  • the camera 110 captures one or more live face images of the user and a program executed on the computer 106 puts a digital watermark including the computer time and date onto the images before sending the image to the server 102 for verification.
  • the server 102 and computer 106 can each be implemented on a computer system 200, schematically shown in Figure 2. They may be implemented as software, such as a computer program being executed within the computer system 200, and instructing the computer system 200 to conduct the method of the example embodiment.
  • the computer system 200 comprises a computer module 202, input modules such as a keyboard 204 and mouse 206 and a plurality of output devices such as a display 208, and printer 210.
  • the computer module 202 is connected to a computer network 212 via a suitable transceiver device 214, to enable access to e.g. the Internet or other network systems such as Local Area Network (LAN) or Wide Area Network (WAN).
  • LAN Local Area Network
  • WAN Wide Area Network
  • the computer module 202 in the example includes a processor 218, a Random Access Memory (RAM) 220 and a Read Only Memory (ROM) 222.
  • the computer module 202 also includes a number of Input/Output (I/O) interfaces, for example I/O interface 224 to the display 208, and I/O interface 226 to the keyboard 204.
  • I/O Input/Output
  • the components of the computer module 202 typically communicate via an interconnected bus 228 and in a manner known to the person skilled in the relevant art.
  • the application program is typically supplied to the user of the computer system 200 encoded on a data storage medium such as a CD-ROM or flash memory carrier and read utilising a corresponding data storage medium drive of a data storage device 230.
  • the application program is read and controlled in its execution by the processor 218.
  • Intermediate storage of program data maybe accomplished using RAM 220.
  • the server 102 first extracts the time and date of image creation from the digitally watermarked images at step 406.
  • the server 102 then computes the time difference between the times of image creation (step 408) and checks if they are within a pre-set limit (step 410).
  • the user name is first read by the server 102 to retrieve the pre-stored images of the user stored in the database 108 ( Figure 1) under the user account identified by the user name at step 500.
  • the server 102 compares the stored with the received images 404 ( Figure 4) at step 502. If the images match based on given biometric features, the server 102 allows the user to access his account (step 504). If images do not match based on the given biometric features, the server 102 denies the user access to the account (step 506).
  • image processing is first applied to identify a face area 600 in the taken image 602 to 'cut' a face image 604 based on pre-set boundary conditions, which may involve intermediate images 606 to which further cropping processing is applied.
  • Each of the face images 604 is the subjected to further image processing to synthesise a set e.g. 606 of images, including a number of modified images e.g. 608 in which parameters such as contrast, brightness, sharpness, etc. are modified to "stimulate" variation in the conditions in which the live photos 610 of a user will be taken during future logins. This can result in a high possibility of a correct match during the recognition process.
  • the process measures biometric features in the form of nodal points on the face in the live photo 610, such as the distance between the eyes, the shape of the cheekbones and other distinguishable features. These nodal points are then compared to the nodal points computed from the database of pictures 612 in order to find a match. While this process is currently limited based on the angle of the face captured and the lighting conditions present, technologies are currently in development to create three-dimensional models of a person's face based on a digital photograph in order to create more nodal points for comparison.
  • Face recognition technology is a non-intrusive biometric technology. Instead of requiring people to place their hand on a reader or precisely position their eye in front of a scanner, face recognition systems unobtrusively take pictures of people's faces.
  • the facial recognition in the system 100 ( Figure 1) is a computer-based system to automatically detect and identify a human face based on a recognition algorithm, such as eigenface or the hidden Markov model.
  • Digital watermarking technology allows users to embed a digital code into audio, video, still images and printed documents.
  • the embedded digital code is imperceptible during normal use but readable by computers and software.
  • this process which is also sometimes referred to as data embedding, information hiding, steganography, or simply watermarking, a pattern of bits is inserted into a digital image, audio or video file.
  • the pattern typically identifies the file's ownership and can convey additional information such as time and user name.
  • digital watermarks are typically designed to be invisible, or in the case of audio clips, inaudible.
  • the actual bits representing the watermark should be scattered throughout the file in such a way that they cannot be identified and manipulated.
  • the digital watermark preferably is robust enough so that it can withstand normal changes to the file, such as rotation, filtering or the application of compression algorithms such as JPEG that discard some of the original data (lossy compression).
  • the server 102 is expected to handle a large volume of faces as registered users. By using the user name, the server 102 will select only the users pre-stored images for matching and verification. This will limit the database of comparison and hence greatly enhances the speed and accuracy of recognition.
  • the system 100 uses a digital watermark with time-stamp.
  • the current time and date from the computer 106 is imprinted onto each image separately with digital watermarking technology.
  • Authentication of the user involves the sending of images with digital watermark of the computer time to the server 102 as described above.
  • the server 102 authenticates the time stamps using the algorithm described above. Using this method, the server 102 can authenticate the images in a very short span of time hence a high speed, real-time authentication system is possible.
  • FIG. 7 shows a flowchart 700 illustrating a method of providing online access to a server.
  • one or more live images of a user are captured utilising a camera connected to a computer.
  • the captured images are sent from the computer to the server in electronic form.
  • the user is verified based on reference images of the user stored at the server.
  • FIG. 8 shows a flowchart 800 illustrating a method of gaining online access to server.
  • step 802 one or more live images of a user are captured utilising a camera connected to a computer.
  • step 804 the captured images are sent from the computer to the server in electronic form for verifying the user based on reference images of the user stored at the server.
  • Figure 9 shows a flowchart 900 illustrating a method of providing online access to a server.
  • one or more captured images of a user are received from a computer in electronic form.
  • the user is verified based on reference images of the user stored at the server.
  • the described system and method may be used in all areas where access of remote servers is done through a network such as the Internet, including: Online Computer Games - Online Gaming: Casinos, etc - Online Banking - Emails - eAuction sites - eCommerce Portals & Online Shopping - ePublications: online newspapers, online books, etc
  • alogorithms other than the described example algorithm may be used to check the liveness of the received images during the authentication process.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)
  • Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Collating Specific Patterns (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

L'invention concerne un procédé et un système d'accès en ligne à un serveur. Le procédé comprend les étapes consistant à capturer une ou plusieurs images en direct d'un utilisateur au moyen d'une caméra raccordée à un ordinateur ; à envoyer la ou les images capturées de l'ordinateur au serveur sous forme électronique ; et à authentifier l'utilisateur en fonction d'images de référence de l'utilisateur stockées au niveau du serveur.
PCT/SG2007/000083 2006-03-29 2007-03-29 Procede et systeme d'acces en ligne a un serveur WO2007111573A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SG200602117-4 2006-03-29
SG200602117-4A SG136010A1 (en) 2006-03-29 2006-03-29 Method and system for online access to a server

Publications (1)

Publication Number Publication Date
WO2007111573A1 true WO2007111573A1 (fr) 2007-10-04

Family

ID=38541411

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SG2007/000083 WO2007111573A1 (fr) 2006-03-29 2007-03-29 Procede et systeme d'acces en ligne a un serveur

Country Status (2)

Country Link
SG (1) SG136010A1 (fr)
WO (1) WO2007111573A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103327019A (zh) * 2013-06-18 2013-09-25 中国科学技术大学 一种人脸识别的云认证服务方法及系统
EP2443591A4 (fr) * 2009-06-16 2016-05-25 Intel Corp Accès contrôlé aux fonctionnalités d'un dispositif sans fil
TWI587171B (zh) * 2013-09-09 2017-06-11 群邁通訊股份有限公司 資料隱藏系統、方法及電子裝置
WO2020026021A1 (fr) * 2018-08-03 2020-02-06 Shaikh Asif Kasam Plateforme pour connecter une pluralité d'utilisateurs et procédé associé

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000042577A1 (fr) * 1999-01-18 2000-07-20 Iridian Technologies, Inc. Procede et appareil de transmission et d'authentification sures de donnees biometriques via un reseau
KR20020010949A (ko) * 2000-07-31 2002-02-07 최규완 온라인상에서 응시자 인증 및 감독 방법
KR20020092515A (ko) * 2001-06-04 2002-12-12 주식회사 리즈텍 온라인 강의의 수강 인증 방법
KR20030066533A (ko) * 2003-07-15 2003-08-09 배경율 인터넷 기반의 얼굴인식 기술을 이용한 사용자 인증 방법 및 시스템

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000042577A1 (fr) * 1999-01-18 2000-07-20 Iridian Technologies, Inc. Procede et appareil de transmission et d'authentification sures de donnees biometriques via un reseau
KR20020010949A (ko) * 2000-07-31 2002-02-07 최규완 온라인상에서 응시자 인증 및 감독 방법
KR20020092515A (ko) * 2001-06-04 2002-12-12 주식회사 리즈텍 온라인 강의의 수강 인증 방법
KR20030066533A (ko) * 2003-07-15 2003-08-09 배경율 인터넷 기반의 얼굴인식 기술을 이용한 사용자 인증 방법 및 시스템

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2443591A4 (fr) * 2009-06-16 2016-05-25 Intel Corp Accès contrôlé aux fonctionnalités d'un dispositif sans fil
CN103327019A (zh) * 2013-06-18 2013-09-25 中国科学技术大学 一种人脸识别的云认证服务方法及系统
TWI587171B (zh) * 2013-09-09 2017-06-11 群邁通訊股份有限公司 資料隱藏系統、方法及電子裝置
WO2020026021A1 (fr) * 2018-08-03 2020-02-06 Shaikh Asif Kasam Plateforme pour connecter une pluralité d'utilisateurs et procédé associé

Also Published As

Publication number Publication date
SG136010A1 (en) 2007-10-29

Similar Documents

Publication Publication Date Title
US11068576B2 (en) Hardening security images
US9286507B2 (en) Online identity verification
US9946865B2 (en) Document authentication based on expected wear
CN108804884B (zh) 身份认证的方法、装置及计算机存储介质
Galbally et al. Three‐dimensional and two‐and‐a‐half‐dimensional face recognition spoofing using three‐dimensional printed models
US20220215382A1 (en) Blockchain-based product authentication system
US20120032782A1 (en) System for restricted biometric access for a secure global online and electronic environment
WO2017114289A1 (fr) Procédé d'authentification d'informations de carte bancaire, terminal client, et système bancaire
WO2020231637A1 (fr) Procédés et systèmes pour générer une signature unique sur la base des mouvements d'un dispositif utilisateur dans un espace tridimensionnel
CN101291226B (zh) 一种利用图片信息提高信息安全设备验证安全性的方法
TW202312058A (zh) 去中心化零信任身份核實認證系統與方法
CN114422144B (zh) 一种提升场景证书区块链存证可信度的方法、系统、设备及存储介质
EP3966770A1 (fr) Procédés et systèmes de génération d'une signature unique en fonction de mouvements d'utilisateur dans un espace tridimensionnel
WO2007111573A1 (fr) Procede et systeme d'acces en ligne a un serveur
WO2021244471A1 (fr) Procédé et dispositif d'authentification de nom réel
US7310432B2 (en) Ported system for personal identity verification
Ramya et al. Personalized authentication procedure for restricted web service access in mobile phones
Goicoechea-Telleria et al. Attack potential evaluation in desktop and smartphone fingerprint sensors: can they be attacked by anyone?
JP2008103949A (ja) 署名認証端末及び署名認証システム及び署名確認システム及び署名認証プログラム及び署名確認プログラム及び署名認証方法及び署名確認方法
Raina Integration of Biometric authentication procedure in customer oriented payment system in trusted mobile devices.
CN112434727A (zh) 身份证明文件认证方法和系统
US10068072B1 (en) Identity verification
TWI774977B (zh) 線上身份確認方法與線上金融服務系統
JP7359917B2 (ja) 情報処理サーバ、情報処理システム、判定装置、及び方法
WO2021049321A1 (fr) Dispositif d'authentification, procédé d'authentification, programme, et dispositif de traitement d'informations

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07716168

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07716168

Country of ref document: EP

Kind code of ref document: A1