Biometrically enabled private secure information repository

Biometrically enabled private secure information repository
US007519558B2
(12) United States Patent
(10) Patent No.:
Ballard et al.
(54)
US 7,519,558 B2
(45) Date of Patent:
BIOMETRICALLY ENABLED PRIVATE
(58)
Apr. 14, 2009
Field of Classi?cation Search ................. .. 705/43,
SECURE INFORMATION REPOSITORY
705/64, 67, 5059; 713/153, 176; 380/251;
3 82/ 1 15
(76) Inventors: Claudio R. Ballard, 16 W. Neck Ct.,
See application ?le for complete search history.
Lloyd Harbor, NY (US) 11743; Amarish
_
Pathak, 7 Apple Blossom La., East
Patchogue, NY (US) 11772; Michael TImbruce, 291 E. Woodale Ave., East
Patchogue, NY (US) 11772; Edward H.
(56)
Currie, 6-57 158th St., Whitestone, NY
(US) 11357; James Cassata, 263 Old
References Clted
U.S. PATENT DOCUMENTS
4,201,978 A
5/1980 Nally
4,264,808 A
4,326,258 A
4/1981 Owens et al.
4/1982 de la Guardia
Commack Rd., Kings Park, NY (US)
11754; Maurice N. Freedman, 528A
5th St., East Northport, NY (US) 11731
(Continued)
( ) Not1ce.
Subject‘ to any d1scla1mer, the term of this
Primary Examinerisalvatore cangialosi
patent 1s extended or adjusted under 35
_
U‘SC' 1546)) by 1022 days‘
_
_
_
ASSlSZLlI’lZ Exammer4Cr1stma Owen Sher
'
~
(21) Appl. No.: 10/245,232
(74) Attorney, Agent, or FzrmiAnderson, Levme & Lmtel;
Rodney M Anderson
(22) Filed:
(57)
(65)
Sep. 17, 2002
ABSTRACT
Prior Publication Data
A system for remote data acquisition and private and secure
and authenticated, centralized processing and storage is dis
Us 2003/0225693 A1
Dec‘ 4’ 2003
Related U 8 Application Data
closed called the DataTreasuryTM Repository System. The
' '
DataTreasuryTM Repository System provides a secure system
(60) Continuation-in-part of application No. 09/454,492,
forthe storage andretrieval of data comprising personal infor
?led on Dec. 6, 1999, Which is a division of application
mation, ?nancial information, and general information. The
(60)
No. 09/081,012, ?led on May 19, 1998, noW Pat. No.
identity of the users are held private through the use of a
6,032,137, Which is a 00111111113110II-iII-P211't 0f applica-
biometric as the sole personal identi?er. The system acquires
T1011 NO- 08/917,761, ?led 011 Aug- 27, 1997, HOW Pat
NO- 5,910,988
Provisional application NO‘ 60/323 159 ?led on Sep'
transactional data at at least one remote locations, encrypts
the data, transmits the encrypted data to a central location,
transforms the data to a usable form, performs identi?cation
18 2001'
’
veri?cation using biometric data, generates informative
reports from the data and transmits the informative reports to
(51) Int_ CL
H04K 1/00
H04L 9/00
(52)
’
’
the remote location(s), While maintaining privacy, security,
and authenticity of the user’s data and biometric. To ensure
the'complete security of thesystem, all data 1s re-encrypted
(200601)
(200601)
us. Cl. ........................... .. 705/50; 705/51; 705/52;
Whlle “1 Storage’ or when 1‘ 1s m a State of nonuse"
705/53; 705/54; 705/55; 705/56; 705/57;
705/58; 705/59
15 Claims, 7 Drawing Sheets
I00
5O\|
CLIENT
80
J I
HOST
F70
APPLICATION
90
\ PROGRAMMING INTERFACE
5|GN QN SERVER
/
(API) GATEWAY
DATA MANAGEMENT
SUBSYSTEM (ORB)
2/00
<
4>
BIOMETRIC
SUBSYSTEM
DATA
PROCESSING
REMOTE DATA
STORAGE
ENCRYPTION
SUBSYSTEM
(mes)
SUBSYSTEM (As)
/
SUBSYSTEM (DE)
\
(ES)
\
600
300
400
500
US 7,519,558 B2
Page2
U.S. PATENT DOCUMENTS
4,417,136
4,457,015
4,500,750
4,523,330
4,555,617
4,578,530
4,680,803
4,694,147
4,747,058
4,750,201
4,843,220
4,858,121
A
A
A
A
A
A
A
A
A
A
A
A
11/1983
6/1984
2/1985
6/1985
11/1985
3/1986
7/1987
9/1987
5/1988
6/1988
6/1989
8/1989
Rushbyetal
Nallyetal
Elanderetal
Cam
Brooks etal.
Zeidler
Dilella
Amemiyaet a1.
H0
Hodgson et a1.
Haun
Barberetal-
5,484,988
5,506,691
5,544,043
5,590,038
A
A
A
A
1/1996
4/1996
8/1996
12/1996
5,602,933 A
2/1997 Blackwell etal.
5,602,936
5,604,640
5,613,001
5,647,017
5,657,389
5,657,396
5,673,333
5,751,842
5,754,673
2/1997
2/1997
3/1997
7/1997
g/1997
8/1997
9/1997
5/1998
5/1998
A
A
A
A
A
A
A
A
A
4,888,812 A
12/1989 Dinan er 91-
5,768,382 A *
4,912,762
4,926,325
4,960,981
5,091,968
5,122,950
5,144,115
5,159,548
3/1990
5/1990
10/1990
2/1992
6/1992
9/1992
10/1992
5,781,654
5,784,503
5,787,403
5,790,668
5,802,525
5,825,907
5,857,034
A
A
A
A
A
A
A
Lee etal
Benton er 91Benton et a1.
Higgins 9t 91
Bentonetal.
Yoshida
Caslavka
Hills et a1.
Bednaretal.
Miki etal.
Pitroda
A
A
A
A
A
A
A
6/1998
7/1998
7/1998
7/1998
8/1998
9/1998
10/1998
1/1999
Green etal.
zipfetal‘
Bakhoum
Smithiesetal.
Houvener
Rudolph etal.
Johnston
Riach etal.
Brooks etal.
Schneieretal. ........... .. 380/251
carney
Bleecker, 111 et al.
Randle
Tomko
Rigoutsos
Russo
Tsuchiya etal.
5,173,594 A
12/1992 McClure
5,870,723 A *
5,175,682 A
12/1992 Higashiyamaetal.
5,910,988 A
6/1999 Ballard
5,930,804 A *
7/1999 Yu etal. ................ .. 707/104.1
5,187,750 A
5,204,811
5,220,501
5,237,158
5,274,567
5,283,829
A
A
A
A
A
i
5’326’959 A
’
’
5,345,090 A
2/1993 Behera
4/1993
6/1993
8/1993
12/1993
“994
Bednaret a1.
Lawloretal
Kern er 41
K311916131
Anderson
A
A
A
A
A
11/1999
12/1999
2/2000
3/2000
4/2000
2133: gamataletd
6,049,621 A
M994 P yeta'
6,092,202 A *
em”?
.
9/1994 Hludzlnskl
5,434,928 A
7/1995 Wagner
5,436,970 A
M995 Ray et a1‘
5,457,747 A
5,479,510 A
5,995,630
6,005,963
6,032,137
6,041,133
6,049,620
10/1995 DreXler et a1.
12/1995 Olsen et a1.
2/1999 Pare etal. ................... .. 705/39
4/2000 Jain etal.
7/2000 Veil etal. ................. .. 713/153
6,310,966 B1*
10/2001
6,401,206 B1*
6/2002
/
BOIZa
Bolle etal.
Ballard
califano etal.
Dickinson etal.
*
2002 0062284 A1
* cited by examiner
/
Duludeetal.
382/115
Khan etal. ............... .. 713/176
/
52002 Kawan ...................... .. 705 43
US. Patent
Apr. 14, 2009
Sheet 1 of7
US 7,519,558 B2
I00
FIG. 1
5O
8O
/
CLIENT
HOST
APPLICATION
\ PRDGRAMMING INTERFACE
/7O
90
SIGN ON SERVER
V
(APl) GATEWAY
DATA MANAGEMENT
SUBSYSTEM (ORB)
2/00
<
>
DIDMEIRIC
DATA
REMDTE DATA
ENCRYPTION
SUBSYSTEM
PROCESSING
sTDRAGE
SUBSYSTEM
(DTBS)
/
SUBSYSTEM (AS)
/
SUBSYSTEM (DB)
\
(ES)
\
600
300
400
59\ BIOMETRIC
DEvICE
57
/
OUTPUT
DEVICE
51
COMPUTER/
COMPUTER
NETWORK
BIOMETRIC
52/ PROCESSING CLIENT
SUBSYSTEM
INPuT
DEvICE
500
/55
50
/
DATA
DEvICE
CAPTURING
FIG. 3
80D
\53
US. Patent
Apr. 14, 2009
Sheet 4 of7
US 7,519,558 B2
350
\ APPLICATION
SERVER
II OBJECT
DISTRIBUTED
: : REQUEST
CLIENT
I.
II/
200
| l
BUSINESS
ll
<——>||
II
PERSISTENCE
::
l I
IV‘?
Fl G. 5
50
F _ _ _ _ _ __'I
ENCRYPTION
l
SERVER
l
:
:
I
I
/
l
I
520
I
PUBLIC KEY
=
m
/
DATA
CLIENT
=
I
/
9O
: MANAGEMENT I
80
/
SUBSYSTEM
l
{
(ORB)
:
S05
530
:
ZQQ
:
FIREWALI.
\
|
l
I
I
DICITAL
PRIVATE KEY
API GATEWAY
l
MESSAGE
—
HOST
/
50
70
/
CLIENT
SUBSYSTEM /
'
: CERTIFICATE ':
:
I
MESSAGE
I
_
DIGITAL
CERTIFICATE
:
/
:
'
CERTIFICATE
/
550
|
l
560
|
I
|
AUTHORITY
580
SUBSYSTEM /
I
L _ _ _ _ _ __ J
FI G.
6
API GATEWAY
/
\
550
90
80
/
505
FIREWALL
— CLIENT SUBSYSTEM
/
50
Z0
HOST
US. Patent
Apr. 14, 2009
FI G.
Sheet 5 of7
US 7,519,558 B2
11
910\
CAPTURING TRANSACTIONAL DATA
9Z0 -\
ENCRYPTING AND SENDING
ENCRYPTED TRANSACTIONAL DATA
1T
931% VERIFYING THE IDENTITY OF THE USER
3
9 3\
A
CREATE A PSEUDO IDENTIFIER
T
935\
STORE PSEUDO [DENTIFIER
IN A DATABASE
957
sET sEGuRITY FILTER
940
DECRYPTING TRANSACTIONAL DATA
L
MANAGING THE CAPTURING AND
SENDING OF DATA
A
950%
960A
L
/ 605
PREPRocEssING
COLLECTING DATA AT A
A
REMoTE LOCATION
BINARIZATION
970/ MANAGING THE COLLECTING OF DATA
980
FIG- 7
RAW IMAGE
I
615
SKELETON PROCESSING V617
I
TRANSMDTING THE ENCRYPTED DATA
MINDTIA FINGERPRINT
CLASSIFICATION
\63D
EXTRAGTIDN
\650
A UTILIZE A DIFFERENT
695/
610
/
A
670
V
COMPARE \
BIOMETRIC
BIoMETRIGs
REPEAT THE
MINuTIA [S
COMPARISON OF
THE BIDMEIRIGS
675
POSITIVELY \690
MATCHED
US. Patent
_|
I
I
I
I
I
l
Apr. 14, 2009
l
l
I
I
l
l
|
l
l
l
Sheet 6 of7
l
l
I
I
I
l
l
I
I
I
l
US 7,519,558 B2
l
l
l
I
I
I
I
l
l
I
862
g
:
860
NETWORK
SUBSYSTEM
i
/
OATA STORAGE /400 |
SWITCH
I
:
I
845\
l
|
/
| 400\ DATA STORAGE
I
SUBSYSTEM
:
843\
|
:
WAN ROUTER
I
I
I
FRAME RELAY\, \
:
:
I
840\
I
:
I
848
CENTRAL OFFICE
I
I
I
I
I
I
I
I
I
|
846/I \
I
I
:
844\ WAN ROUTER
I
I
I
|
810
I
:
ORB
200 f
842/
\
NEIWORK
|I
L
/
SWITCH
l
812
ORB
|
'
\ZOO
:
823/
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
:
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
azef'I- \
FRAME RELAY
828
820/’
824/
I
wAN ROUTER
822/
50/
CLIENT
SUBSYSTEMS
800
/
HOSTS
FIG. 8
\70
_
.__J
US. Patent
Apr. 14, 2009
US 7,519,558 B2
Sheet 7 of7
FIG. 9
CAPTURING
TRANSACTIONAL DATA
I
920\
ENCRYPTING AND
SENDING THE ENCRYPTED
TRANSACTIONAL DATA
I
950\
VERIFYING AUTHENTICITY
AND IDENTITY OF USER
I
FIG.
70
CLIENT INVOKES A
FUNCTION ON THE ORB
THROUGH THE CLIENT STUB
I
DECRYPTING
TRANSACTIONAL DATA
CLIENT STUB
I
IDENTIFIED AND
VERIFIED THROUGH
CRYPTO SUBSYSTEM
I
950/
MANAGING THE
CAPTURING AND SENDING
OF TRANSACTIONAL DATA
I
ORB MATCHES, IDENTIFIES,
960/
COLLECTING DATA AT A
REMOTE LOCATION
AND INITIATES
CORRESPONDING SKELETONS
I
I
970/
MANAGING THE
COLLECTING OF DATA
INVOKES BUSINESS
APPLICATION OBJECTS
980/
fIOIO
/103O
I
I
I
TRANSMITTING THE
ENCRYPTED DATA
BUSINESS APPLICATION
OBJECT INVOKES
BIOMETRIC SUBSYSTEM
/105O
\1 060
I
BIOMETRIC SUBSYSTEM
EXTRACTS MINUTIA
I
ORB DIRECTS DB TO
SEARCH FOR A MATCH
\1080
I
IF THERE IS A MATCH ORB
PERFORMS THE OPERATION
\1085
I
SEND RESPONSE
TO THE CLIENT
\1090
US 7,519,558 B2
1
2
BIOMETRICALLY ENABLED PRIVATE
SECURE INFORMATION REPOSITORY
puter systems to conduct vandalism, espionage, and theft. It is
possible for hackers to gain successful, unauthorized access
to computer systems.
Even for systems With nearly absolute security, by alloW
ing access only to authorized individuals, there is still the
danger of fraud through the impersonation of an authorized
CROSS-REFERENCE TO RELATED
APPLICATIONS
This application claims priority, under 35 U.S.C. §119(e),
of Provisional Application No. 60/323,159, ?led Sep. 18,
user. For example, bad checks are abundant Within the stream
2001. This application is also a continuation-in-part of
tures.
copending application Ser. No. 09/454,492 ?led Dec. 6, 1999,
entitled “Remote Image Capture With Centralized Processing
security as a primary concern. Some systems utilize pass
of commerce. Individuals may steal checks and forge signa
Other computer systems designs do not re?ect the issue of
and Storage”, by inventor C. Ballard, Which is a divisional of
application Ser. No. 09/081,012, ?led May 19, 1998, now
US. Pat. No. 6,032,137, Which is itselfa continuation-in-part
of application Ser. No. 08/917,761, ?led Aug. 27, 1997, now
rity is further susceptible to user negligence, e.g., forgotten,
US. Pat. No. 5,910,988. All these applications and patents are
lost, stolen, or intercepted passWords.
Words in the form of alphanumeric characters, Which can be
easily guessed using algorithms capable of generating ran
dom combinations of numbers and letters. This type of secu
incorporated herein by this reference.
STATEMENT REGARDING FEDERALLY
SPONSORED RESEARCH OR DEVELOPMENT
Other approaches have focused on providing secure iden
ti?cation and veri?cation. US. Pat. No. 5,790,668 discloses a
20
Not applicable.
sures and methods to implement such measures and Web
based authentication systems and methods. Similarly, US.
Pat. No. 5,870,723 discloses a method and system to provide
BACKGROUND OF THE INVENTION
25
This invention relates generally to a private system to store
and retrieve all types of information With the use of biomet
method to facilitate secure and authorized access to a com
puter.
30
on a gateWay comprising security and user veri?cation. First,
these approaches do not offer a secure, authenticated central
35
thermore, in certain cases access to information requested by
its provider, or oWner, is restricted.
In today’s information age, users are required to provide
personal information freely, hoWever, their access to that
information may be strictly prohibited. Merchants normally
require ?nancial information to complete transactions, yet
40
ized repository system. The database element in these
approaches is limited to storing information pertinent to a
particular business, or security purpose. For example, the
databases in these inventions house only biometric informa
tion, personal identi?ers, limited ?nancial information, or
encryption keys. Accordingly, these approaches do not offer
an imnplementable system that serves as a secure repository
in Which to store any and all types of data.
they are unlikely to divulge any credit data regarding that
individual. Governmental agencies usually maintain a
detailed pro?le database on all individuals, but some, or all, of
this information is not accessible to the respective individu
While these approaches provide a method to avoid the
problems associated With unauthorized access With user iden
ti?cation, they have disadvantages. These approaches focus
reason, access to all stored information from one source is
virtually impossible, or, at the very least impracticable. Fur
a biometric transaction authorization With the use of a PIN
number. Similarly, US. Pat. No. 5,995,630 discloses a
rics for authentication and encryption techniques for security.
In this age of the information highWay, virtually all per
sonal and ?nancial information is stored Within computer
systems. Yet this information tends to be scattered among
different organizations, such as Federal and local govem
ments, banks, merchants, and educational facilities. For this
system and method to provide secure handling of data
through means of a personal identi?er database. Similarly,
US. Pat. No. 5,930,804 discloses Web-based security mea
45
als. HoWever, When governmental agencies do alloW people
These approaches also have a security de?ciency, as they
require a personal PIN number or personal identi?er. These
methods seriously compromise the security of the system as a
Whole. PIN numbers can be forgotten, lost, misplaced, and
to access their information, these venues can be described as
obtained through disreputable algorithmic approaches or
inconvenient, limited in accessible hours, entailing Waiting
other schemes.
on long lines, and inadequate service. These facilities may
include: county courthouses, departments of motor vehicles,
departments of Welfare services, departments of housing,
departments of immigration and naturalization services, and
the various other government agencies. A major reason the
government Will not alloW computer access to personal infor
mation is due to security and identity veri?cation issues. The
50
ity to provide anonymity to the users. Information is inexpli
55
cably tied to a particular person. Individuals are uniquely
identi?ed With ease through a Social Security Number. More
over, Social Security Numbers are easily accessible and
Widely utilized. It is common practice for governmental insti
tutions, ?nancial institutions, educational institutions, and
infeasibility of a secure solution has made convenient access
impracticable.
There is not one entity currently available to house all
personal information for convenient retrieval. Personal infor
mation may include, but is not limited to: leases, deeds, pass
Furthermore, systems that require personal identi?ers
commonly associate the person’s Social Security Number
With their identity. These approaches inherently lack the abil
medical institutions and to use Social Security Numbers as
personal identi?ers. Most of these institutions utilize and
60
display Social Security Numbers With disregard for privacy or
ports, birth certi?cates, Wills, trusts, driver’s licenses, bank
security. Thus, the identity of the data oWner can be easily
account information, credit information, commercial trans
obtained through his Social Security Number.
action information, educational information, and citizenship
information.
Even if a secure system Were available, security issues
Would make people hesitant to supply their personal informa
tion electronically. Hackers may attempt to compromise com
HoWever, none of these veri?cation systems offer a gen
65
eral, centralized database to store any, and all, types of data
and information. Accordingly, there is a need for a system
Where any type of information may be stored securely and
retrieved With anonymity, ease and convenience. Further,
US 7,519,558 B2
4
3
The DataTreasuryTM Repository system securely supplies
there is a need for a single, comprehensive, information stor
age system having reliability, privacy, authenticity, and acces
authenticated access to information such as, credit informa
sibility.
tion, banking information, personal information, real-estate
By Way of furtherbackground, US. Pat. No. 6,032,137 and
US. Pat. No. 5,910,988 commonly assigned hereWith and
transaction information.
information, employment information, and commercial
incorporated herein by this reference, describe data reposi
It is a further object of the DataTreasuryTM Repository
System to facilitate: private and secure ?nancial transactions,
via a centraliZed, secure, and easily accessible system World
Wide.
It is a further object of the DataTreasuryTM Repository
System to facilitate a virtually fraud proof system of conduct
tory systems and methods, for example as applied to com
mercial payments and transactions.
SUMMARY OF THE INVENTION
This invention involves the storage and retrieval of data
With the full identi?cation and veri?cation of users through
ing transactions.
means of a biometric identi?er. The biometric identi?er iden
ti?es biometric data or biometrics that comprises a statistical
System to facilitate a private method to traverse the intemet.
analysis of biological data, for example: retina geometry
System to facilitate the secure and private electronic commu
prints, facial prints, DNA data, ?ngerprints, or voice patterns.
Biometric data represents a unique personal identity marker,
nication betWeen computer systems.
It is a further object of the DataTreasuryTM Repository
System to facilitate the registration process for Warranties,
and similar legal documents.
It is a further object of the DataTreasuryTM Repository
Which is in possession of the user at all times. The use of
biometrics ensures a private system due to its inherent char
It is a further object of the DataTreasuryTM Repository
It is a further object of the DataTreasuryTM Repository
20
acteristics. The DataTreasuryTM Repository System uses a
biometric, as a unique identity marker. The usage of biomet
System to secure email communication and prevent unsolic
ited advertisements or spamming.
rics effectuates creates an extremely secure method of
It is further object of the DataTreasuryTM Repository Sys
authentication for access to data stores. Furthermore, as com
munication protocols have become increasingly sophisti
25
tem of the invention to store and provide data With a multi
cated users can access data anyWhere in the World.
tiered architecture comprised of the DataTreasuryTM Object
Users Who Wish to enroll into the DataTreasuryTM Reposi
tory System must ?rst present documents to authenticate their
Request broker (ORB), the DataTreasuryTM Application
Server (AS), the DataTreasuryTM Database (DB), DataTrea
suryTM Encryption Subsystem (ES), and a DataTreasuryTM
claimed identity. Upon registration they must input their bio
metrics, and any required information into client stations. The
biometrics obtained through the registration process are is
stored in an enrollment biometric database. The enrollment
30
Biometric Subsystem (DTBS).
BRIEF DESCRIPTION OF THE SEVERAL
VIEWS OF THE DRAWING
biometrics are utiliZed to assist in the veri?cation of the user
in future transactions.
As a paradigm, merchants, as Well as ?nancial institutions,
35
may enroll in the DataTreasuryTM Repository System to
These and other objects and features of the invention Will
be more clearly understood from the folloWing detailed
facilitate ?nancial transactions. Commercial users can take
description along With the accompanying draWing ?gures,
the form of a host Within the DataTreasuryTM Repository
System, and utiliZe its services to conduct business. Financial
Wherein:
FIG. 1 is a block diagram of the DataTreasuryTM Reposi
transactions are not limited to ?nancial institutions that are 40
tory System (DRS) architecture;
enrolled into the system. The DataTreasuryTM Repository
System may further communicate With, transmit information
to, and facilitate transactions With ?nancial institutions that
are not enrolled. The DataTreasuryTM Repository System
may further communicate and conduct transactions With any
FIG. 2 is a block diagram of the distributed environment;
FIG. 3 is a block diagram of the client subsystem;
FIG. 4 is a block diagram of the Object Request Broker
(ORB) architecture;
45
FIG. 6 is a block diagram of the Encryption Server archi
or an individual.
It is an object of the present invention to provide a system
for a secure, centraliZed storage of all types of information.
For example, a system Which could handle commercial trans
tecture;
FIG. 7 is a block diagram of the process for analyZing and
50
FIG. 8 is a block diagram of the communication netWork;
FIG. 9 is a How chart of the process for transferring infor
authenticated access, Would comprise:
mation;
at least one remote client subsystem designed to receive
55
FIG. 10 is a How chart describing the process for the DRS;
and
FIG. 11 is a How chart of the second embodiment of the
process shoWn in FIG. 9.
60
DETAILED DESCRIPTION OF THE INVENTION
at least one remote data processing subsystem designed to
facilitate the processing of data, comprising an encryption
subsystem to ensure a secure, biometric authentication sub
system to ensure the identity of users;
at least one remote data management sub system to manage
storing biometrics using the DataTreasuryTM Biometric Sub
system architecture;
action information, ?nancial information, credit information,
citiZenship information, educational information With
and transmit data;
FIG. 5 is a block diagram of the Application Server (AS)
architecture;
non-enrolled user or entity, Whether an institution, a business,
the processing of data;
FIG. 1 displays the block diagram of a DataTreasuryTM
Repository System (DRS) 100, Which is connected to either
at least one remote data storage subsystem to store any, and
all, types of data; and
at least one communication netWork for secure transmis
sion of data Within, and betWeen the data processing sub
system, the data management sub system, and the data storage
subsystem.
65
clients 50 or hosts 70 via either anApplication Programmable
Interface (API) gateWay 80 or through a sign on server (SOS)
90. The DataTreasuryTM Repository System 100 has ?ve ele
ments: a DataTreasuryTM Object Request broker (ORB) 200
US 7,519,558 B2
5
6
(transaction management subsystem), a DataTreasuryTM
Application Server (AS) 300 (data processing subsystem), a
DataTreasuryTM Database (DB) 400 (data storage sub
Wireless netWork is not limited to a speci?c technology, trans
mission speed, or mode of operation. The physical means for
communication betWeen the client subsystem 50 and the
ORB 200 may be facilitated by, but not limited to modems,
cables, ?ber optics, or satellites. Furthermore, Client sub
systems 50 are not tied to a speci?c programming language.
Client subsystems 50 and AS 300 in a distributed environ
mental need only communicate in terms of the ORB 200,
system), DataTreasuryTM Encryption Subsystem (ES) 500
(system to ensure security), and a DataTreasuryTM Biometric
Subsystem (DTBS) 600 (system to process and verify bio
metrics).
As shoWn in FIG. 2, the DataTreasuryTM Repository Sys
tem 100 uses an object oriented programming language for
housing any and all types of information across a distributed
environment. Data is sent to the ORB 200 via client sub
systems 50 and hosts 70. This information is ?rst encapsu
interface. The ORB 200 may act as a middle Ware layer
betWeen the client subsystems 50 and all types of heteroge
neous sources. Furthermore, the ORB 200 may automate
services such as, but not limited to: object registration, loca
lated, next, it is compressed and then it is encrypted before it
tion, activation, and demultiplexing. The ORB 200 handles
is sent through API gateWay 80 or SOS 90. This information
the request betWeen the client subsystem 50 to the AS 300.
Objects 350 are encapsulated packages of code and data that
can be manipulated by operations through a de?ned interface.
The ORB 200 initiates queries of the DB 400, Which are
is then decrypted and processed through ORB 200, Which in
connection With AS 300, ES 500, and DTBS 600, processes
this information. This information is then sent on to DB 400
necessary for object 350 functionalities. The DataTreasuryTM
for storage of this information or retrieval of additional infor
mation stored in DB 400. A communication netWork 800
connects these elements together. As shoWn, API gateWay 80,
SOS 90, ORB 200,AS 300, DB 400, relational databases 430,
ES 500, and DTB 600 are all housed in a central location. API
gateWay 80 or SOS 90 are designed to receive information
from clients 50 or hosts 70. SOS 90 is designed as a single
sign on server Whereby With one passWord or one set of
biometric information, the user can gain access to multiple
Repository System enables, identi?es, authenticates, and pro
20
graphic algorithms.
As is knoWn to persons of ordinary skill in the art, the
DataTreasuryTM Repository System 100 could also use other
softWare development standards, other system deployment
25
cations of this scale. See, eg Fayad, Johnson, and Schmidt,
30
FIG. 4 is a block diagram of the ORB 200 architecture.
35
40
services including but not limited to: life cycle services, per
sistence services, naming services, event services, concur
rency control services, transaction services, relationship ser
45
50
55
control service alloWs the ORB 200 to manage locks to data
monitors, printers, and speakers. Client subsystems 50 may
specify speci?c events to be noti?ed of. The concurrency
further take any form comprising a point of sale, Internet, or
caused by competing transactions or threads. The transaction
turing biometric data.
service ensures that once transactions are completed, the
Client subsystems 50 may connect to the ORB 200 through
required functions are performed, and to ensure the consis
tency of the DB 400. The relationship service can create
a communication netWork such as communication netWork
60
by any means including, but not limited to, the internet, Wire
less RF, microWave, infrared or, through a Wired local or Wide
area netWork. A Wireless data netWork may be used for con
employed for either local area netWork (LAN) or Wide area
netWork (WAN) connectivity, or both simultaneously. The
and/or keep track of dynamic associations betWeen compo
nents. The extemaliZation service provides a method to add
and obtain data from a component resident in a stream of data.
The query service alloWs the component to query the DB 400.
The licensing service alloWs the use of the component to be
necting one or more client subsystems 50 to one or more
centraliZed processing facilities. This Wireless netWork is
vices, extemaliZation services, query services, licensing
services, and properties services. Life cycle services de?ne
hoW to create, copy, move, and delete components. A com
ponent is a reusable program building block that can be com
bined With other components in the same or other computers
in a distributed netWork to form an application. The persis
tence service facilitates the ability to store data on the DB 400.
The naming service alloWs components to ?nd other com
ponents by name. The event service alloWs the components to
may facilitate report generation such as but not limited to:
800. HoWever client subsystem 50 may connect to ORB 200
tions 265, persistence 270, concurrency 275 and security 260.
In the preferred embodiment, the ORB 200 is facilitated
through the use of Common Object Request Broker Archi
tecture (CORBA). The ORB 200 may provide a series of
DVD readers, keyboards, mice, microphones, smart card
readers, scanners, magnetic strip readers, MICR readers,
Wireless machines, to name a feW. Furthermore, client sub
systems 50 may also contain a biometric device 59 for cap
transaction processing architecture 250, Which manages
objects 230 such as application objects 232, domain objects
234, and database objects 236. In addition, transaction pro
cessing architecture 250 also manages events 255, transac
client subsystem may contain input devices 55 such as but not
limited to: video cameras, digital cameras, CD-ROM readers,
2D/3D bar code readers, and biometric capture devices. The
client subsystem may also contain output devices 57 Which
“Building Application FrameWorks: Object Oriented Foun
dations of FrameWork Design”, chap. 1 to chap. 6, (Wiley,
1 999).
ORB 200 can exist on one or more servers and can contain a
venient interface to users to enable data entry and extraction
from the DB 400. A simpli?ed interface to enable data extrac
tion from a database for use in the present invention is
describedinU.S. Pat. No. 5,910,988, US. Pat. No. 6,032,137,
and US. patent application Ser. No. 09/454,492 to Ballard,
entitled “Remote Image Capture With CentraliZed Processing
and Storage”, Which is incorporated herein by reference. Fur
thermore, the client subsystems 50 may also be hosts 70.
These client subsystems may contain a biometric processing
client subsystem 51, and a data capturing device 53. The
standards, and other reliability standards as long as adherence
to these alternative standards provides the security, availabil
ity, integrity and reliability required by mission critical appli
accounts that Would formerly take multiple login identi?ca
tions and passWords.
Client subsystem 50 is shoWn in greater detail in FIG. 3,
ORB 200 is shoWn in greater detail in FIG. 4,AS 300 is shoWn
in greater detail in FIG. 5, ES 500 is shoWn in greater detail in
FIG. 6, the process for DTBS 600 is shoWn in greater detail in
FIG. 7, and communication netWork 800 is shoWn in greater
detail in FIG. 8.
As shoWn in FIG. 3, client subsystem 50 provides a con
cesses information using, inter alia, biometric and crypto
65
measured. Lastly, the properties service alloWs components
to have a self description, Which in turn can be used by other
components. The client subsystems 50 use stubs to invoke the
US 7,519,558 B2
7
8
required application obj ects 230 in AS 300 through the ORB
Ethernet, using TCP/IP protocol, though the invention is not
200 for the required transaction. ORB 200 can also contain a
so limited. As is knoWn to persons of ordinary skill in the art,
the 1000BaseT/100BaseT Ethernet is a netWorking link layer
protocol. Further, the numbers 1000 and 100 refer to the
communication link speed in megabits per second. In the
memory hierarchy 262 containing a primary memory 264 and
a secondary memory 266.
In the preferred embodiment, the ORB 200 server com
preferred embodiment the CISCO Catalyst 6000, model No.
6509, NetWork SWitch or equivalent hardWare supports the
prises stand-alone IBM Enterprise RS/ 6000 7026 Model M80
servers, Which are connected through a common netWork.
Typically, the IBM Enterprise RS/ 6000 7026 Model M80
LAN connectivity betWeen the devices connected to it. A
communication netWork for use in the present invention is
describedinU.S. Pat. No. 5,910,988, US. Pat. No. 6,032,137,
class computers have 6 GB of RAM, a 1.26 TB Shark storage
array, and gigabit Ethernet netWork connection.
The client subsystems 50 requests to the AS 300, DB 400,
and US. patent application Ser. No. 09/454,492 to Ballard,
entitled “Remote Image Capture With CentraliZed Processing
and Storage”, Which is incorporated herein by reference.
ORB 200, and hosts 70 are facilitated through CORBA com
pliant services. Object request brokers, ORB 200 can create a
persistent link betWeen client subsystems 50, hosts 70 andAS
The ORB 200 and the client subsystems 50 are connected
300 for servicing requests. AS 300 and ORB 200 are usually
on a Wide Area NetWork (WAN). A WAN router facilitates
the middle tier and databases are maintained in the third tier.
AS 300 requires CORBA services to communicate With third
communication betWeen the client subsystem 50 and the
ORB 200. In the preferred embodiment, the WAN uses frame
tier databases for executing queries.
relay connectivity. As is knoWn to persons of ordinary skill in
the art, frame relay is a netWork protocol for data communi
cation. In contrast to dedicated point-to-point links that pro
vide a ?xed data rate, frame relay communication provides
variable bandWidth availability on-demand With a guaranteed
minimum data rate. Frame relay communication also alloWs
occasional short high data rate bursts according to netWork
As is knoWn to persons of ordinary skill in the art, CORBA
or any equivalent architectural frameWork may be utiliZed to
construct an ORB 200 to provide load balancing and alloca
tion of services betWeen application servers and databases.
In an alternate embodiment, an information gateWay may
be utiliZed to construct the ORB 200. The object based ORB
200 may be also implemented With a message, transaction, or
20
25
event based architectural frameWorks . An exemplary embodi
ment of alternate architectural frameWorks Which may be
utiliZed, as knoWn to persons of ordinary skill in the art,
include but are not limited to: MQ series, Tuxedo, and Ren
deZvous. See, e.g., Bernstein, and NeWcomer, “Principles of
Transaction Processing”, chap. 2 to chap. 10, (Morgan Kauf
man Publishers, 1997). Additionally, see, e. g., Primatesta,
“Tuxedo, an Open Approach to OLTP”, chap. 2 to chap. 6,
(Prentice Hall, 1995). Further, see, e.g., Gilman and
Schreiber, “Distributed Computing With IBM MQSeries”,
chap. 3 to chap 10, (Wiley, John & Sons, Incorporated, 1996).
As Will be understood by those skilled in the art, Object
Oriented Programming (OOP) techniques involve the decla
ration, de?nition, creation, invocation and destruction of
“objects” 230. OOP focuses on objects rather than speci?c
functions. In object-oriented programming, objects are the
concepts to consider ?rst in designing a program and they
may also comprise units of code that are eventually derived
from the process. In betWeen, each object is made into a
generic class of object and even more generic classes are
30
second (kb/ s) and 1.544 megabytes per second (Mb/ s).
mately 1024 bytes.
In the preferred embodiment, the telecommunications
35
40
45
of?ces Within its oWn netWork and Within netWorks of other
carriers.
Since the component links of the interconnection netWork
are shared by the carrier’s clients, data communication must
ing, the interconnection netWork is referred to as a carrier
50
cloud of communication bandWidth.
The ORB 200 may be coupled With a ?reWall (See FIG. 6)
to provide more secure communication. A ?reWall is a secu
rity device Which prevents unauthorized users and/or data
traf?c from gaining access to a computer netWork, and/or
monitors the transfer of information to and from the netWork.
are softWare entities comprising data elements and routines,
or functions, Which manipulate the data elements. The data
55
Client subsystem 50 requests and system responses betWeen
system and client subsystem 50 programs are communicated
through a ?ltering router. FireWalls are Well knoWn Within the
rent fashion. Together, the data and functions enable objects
230 to model virtually any real-World entity in terms of its
art. See, e.g., Strebe and Perkins, “FireWalls 24 Seven”, part 1
and part 2, (Sybex, NetWork Press, 2000). Filtering routers
characteristics, represented by the data elements, relation
ships and its behavior. Object 230’ s behavior determines hoW
and When it manipulates its data elements. In this Way, objects
230 can model complex physical phenomena like Weather
systems, and it can also model abstract complexities like
many mathematical algorithms.
In the preferred embodiment, through a communication
frame relay carrier cloud is a communication netWork, Which
receives the frames destined for the ORB 200 sent by the
WAN router from the client subsystems 50. As is knoWn to
persons of ordinary skill in the art, carriers provide commu
nication services through local central o?ices. These central
of?ces contain netWorking facilities and equipment to inter
connect telephone and data communications to other central
be dynamically assigned to links in the netWork according to
availability. Because of the dynamic nature of the data rout
procedures and data variable. An object is What actually runs
and related functions are treated by the softWare as an entity
and can be created, used and deleted in a parallel and concur
Each frame encloses one user packet and adds addressing
and veri?cation information. Frame relay data communica
tion typically has transmission rates betWeen 56 kilobytes per
Frames may vary in length up to a design limit of approxi
de?ned so that objects can share models and reuse the class
de?nitions in their code. Each object is an instance of a
particular class or subclass With the class’s oWn method or
in the system. See, e.g., Rumbaugh, Blaha, Premerlani, Eddy,
and Lorensen, “Object Oriented Modeling and Design”,
chap. 1 to chap. 10, (Prentice Hall, 1991). These objects 230
availability. In the preferred embodiment, the CISCO 2621
router, or equivalent hardWare, supports the WAN connectiv
ity betWeen the devices.
60
interrogate the source and destination addresses of open net
Work messages communicated through the router to verify
that the source and destination addresses conform to the
requirements speci?ed by the operator for communication
netWork, the ORB 200 are connected to the AS 300 and DB
through the router.
For example, the ?ltering router does not pass communi
cation messages through it, When these messages arrive from
400 through a LAN using sWitched 1000BaseT/100BaseT
an external netWork that have a source address Which corre
65
US 7,519,558 B2
10
tion subsystems are all instantiated through AS 300 objects.
Thus, distributed objects 350 Will be seen by those skilled in
the art as including the basic properties that de?ne traditional
sponds to the same network for the destination address. This
prevents a “spoo?ng” attack Where a computer outside a
computer netWork attempts to emulate another computer on
the netWork to Which the destination address computer is
coupled, to exploit potentially loWer security measures for
programming objects. HoWever, distributed objects 350 dif
fer from traditional programming objects by the inclusion of
computers on the same netWork. Spoo?ng is the attempt to
tWo important features. First, distributed objects 350 are mul
exploit the source routing feature of the TCP/IP protocol by
intentionally creating packets With incorrect IP addresses. In
tilingual. Distributed objects 350 may be comparable to
object abstractions in various programming languages. Dis
spoo?ng the hacker disguises himself as a host 70 or router on
tributed object 350 provides a set of ?elds and methods acces
sible to clients 50. Distributed objects 350 give users a virtual
the targeted netWork to circumvent some security measures.
Transmission from the ORB 200 is preferably ?rst passed
model of the data source, alloWing seamless integration of
heterogeneous data models and protocols. A frameWork is
necessary for management of the distributed objects. The
through a proxy ?reWall. Proxy ?reWalls require the use of a
proxy server, or bastion host. The bastion host prevents the
direct access to Internet services by the internal users by
acting as their proxy, and ?ltering out unauthoriZed traf?c. A
frameWork can dynamically replicate objects, providing
automatic load balancing, event handling and fault tolerance.
proxy is a structure, Where one system acts as a vanguard to
This technology of?oads business logic processing from the
another system in making and responding to request. The
?reWall is preferably implemented With PGP Security Inc.
Gauntlet, version 5.5. This is a fully integrated system Which
provides both packet ?ltering and proxy services. It also
contains softWare enabling remote management of the ?re
Wall throughout the entire enterprise.
FIG. 5 is a block diagram of the DataTreasuryTM Applica
client 50 side onto middle Ware object services.
tion Server (AS) 300. The AS 300 processes all transactions
initiated by the ORB 200. HoWever, it is essential that each
The interfaces of distributed objects 350 are de?ned using
an interface de?nition language that can be mapped to a
20
Management Group produces one such Interface De?nition
Language (IDL). IDL is a language used by CORBA to de?ne
interfaces betWeen application components. The IDL gener
ates the stubs and skeletons.
25
transaction must be ?rst veri?ed by the encryption applica
tion object subsystem 230 and the biometrics application
object subsystem 230. A system for processing data for later
authoriZed retrieval for use in the present invention is
describedinU.S. Pat. No. 5,910,988, US. Pat. No. 6,032,137,
and US. patent application Ser. No. 09/454,492 to Ballard,
Second, distributed objects 350 are location, language,
client subsystem 50, or hosts 70 independent, i.e., distributed
objects 350 can be located anyWhere in a netWork. This con
trasts sharply With traditional programming objects, Which
30
typically exist in the same physical address space as the client
subsystem 50. Distributed objects 350 can be object clients or
object servers, depending upon Whether the object 350 sends
requests to other objects 350 or replies to requests from other
objects 350. Requests and replies are made through the ORB
entitled “Remote Image Capture With Centralized Processing
and Storage”, Which is incorporated herein by reference.
In the preferred embodiment, the AS 300 server comprises
stand-alone IBM Enterprise RS/6000 7026 Model M80,
variety of different programming languages. The Object
35
200, Which is aWare of the locations and status of the objects
350. A distributed object system refers to a system compris
Which are connected on a common netWork. Typically, the
ing distributed objects 350 that communicate through the
IBM Enterprise RS/6000 7026 Model M80 class computers
ORB 200. An object reference is a unique Way to identify
objects 350. The creation and de?nition of object references
dependent on the ORB 200 Will be familiar to those skilled in
have an 6 GB of RAM, a 1.26 TB Shark storage array, and a
gigabit Ethernet netWork connection.
Application services of the AS 300 are preferably applica
40
350 to invoke an object operation, the corresponding stub
implemented in the C++ programming language using
object-oriented programming techniques. C++ is a compiled
language, that is, programs are Written in a human-readable
script and the script is then provided to a program called a
45
compiler, Which transforms the human readable code and
produces object code. The resulting object code is then pro
points to a skeleton. The ORB 200 passes the invocation from
the client subsystem 50 stub to the application server skel
eton. Stubs are code produced by the IDL compiler in con
junction With client subsystem 50 applications to facilitate an
interface With the ORB 200. Skeletons are proxy code, Which
facilitates the application server implementations through a
corresponding interface. The corresponding object 350
cessed by a second process, called a linker. The linker incor
porates various library routines required by the object code.
the art.
When a client subsystem 50 calls one of theAS 300 objects
tion programs Written in a programming language such as
Java, C, or C++. In a preferred embodiment, the invention is
50
The output of the linker is machine executable code. As
described beloW, the C++ language has certain characteristics
implementation to the skeleton is then able to perform the
requested service; Which in turn can return any results
through the ORB 200 skeleton to the client subsystem 50.
In the preferred embodiment, through communication net
Which alloW a softWare developer to easily use programs
Written by others While still providing a great deal of control
Work 800, the AS 300 are connected to the ORB 200 using
over the reuse of programs to prevent their destruction or 55 sWitched 1000BaseT/100BaseT Ethernet, and TCP/IP proto
improper use. The C++ language is Well knoWn and many
articles and texts are available Which describe the language in
detail. In addition, C++ compilers are commercially available
from several vendors including Sun Microsystems, Inc. and
col though the invention is not so limited. As is knoWn to
Microsoft Corporation. Accordingly, for reasons of clarity,
the details of the C++ language and the operation of the C++
compiler Will not be discussed further in detail herein.
As used herein, the term “object” refers to an encapsulated
package of code and data that can be manipulated by opera
60
tions through a de?ned interface associated With a distributed
65
object 350. The encryption subsystem 500, biometric sub
system 600, collector subsystem, and other business applica
persons of ordinary skill in the art, 1000BaseT/100BaseT
Ethernet is a netWorking link layer protocol. Further, the
numbers 1000 and 100 refer to the communication link speed
in megabits per second. In the preferred embodiment the
CISCO Catalyst 6000, model 6509, NetWork SWitch or
equivalent hardWare supports the LAN connectivity betWeen
the devices connected to it.
Turning back to FIG. 2, there is a block diagram of the DB
400 having associated databases 430. DB 400 is responsible
for replication and synchronization and responds to queries
directed by the ORB 200. An essential aspect of the DB 400
US 7,519,558 B2
11
12
is its storage and retrieval of any type of data including bio
metric data. In the preferred embodiment all data stored in the
DB 400 is encrypted to maximize privacy and security. A
Fingerprint Image Processing”, US. Pat. No. 6,049,621 to
Anil Jain, et al., entitled “Determining a Point Corresponding
BetWeen TWo Points in TWo Respective (Fingerprint)
Images”, US. Pat. No. 6,041,133 to Andrea Califano, et al.,
entitled “Method and Apparatus for Fingerprint Matching
remote secure, reliable, and centraliZed repository to store
data for later retrieval for use in the present invention is
describedinU.S. Pat. No. 5,910,988, US. Pat. No. 6,032,137,
Using Transformation Parameter Clustering Based on Local
Feature Correspondence”, US. Pat. No. 6,005,963 to Rudolf
Maarten Bolle, et al., entitled “System and Method for Deter
mining if a Fingerprint Image Contains an Image Portion
and US. patent application Ser. No. 09/454,492 to Ballard,
entitled “Remote Image Capture With Centralized Processing
and Storage”, Which patent is incorporated herein by this
reference.
In the preferred embodiment, the DB 400 server comprises
stand-alone IBM Enterprise RS/ 6000 7026 Model M80 serv
Representing a Partial Fingerprint Impression”.
In another embodiment of the invention, the device may
include a personal identi?er that is assigned to each user to
ers, Which are connected on a common network. The IBM
narroW the search parameters for matching biometric data.
This personal identi?er reduces the search from the entire set
Enterprise RS/ 6000 7026 Model M80 class computers have 6
GB of RAM, a 1.26 TB Shark storage array, and a gigabit
Ethernet netWork connection.
As shoWn in FIG. 2, DB 400 is a centraliZed storage sub
system, Which comprises numerous databases 430 housed in
of data on the DB 400 to a manageable subset of data. The
identi?er is utiliZed to effectuate an enhanced rate of search
separate remote physical locations. Data is partitioned by its
type and housed in distinct locations. Further, the DB 400 is
20
ing in the DB 400. The personal identi?er may include but is
not restricted to area codes, Zip codes, or any other personal
identi?er representing the user’s allocated group.
capable of replicating itself to mirrored databases 430,
DB 400 Database server also includes local data memory,
located either on site or in separate sites.
In the preferred embodiment of the invention, a one to
many search is utiliZed to scan the entire data set of enrolled
biometric data resident on the DB 400 to determine the iden
tity of a user to allocate the appropriate account. The search
Which is preferably implemented With the IBM DB2, version
6.1, relational database, Which Was designed to support both
data and image storage Within a single repository. This is a
relational database management system (“RDBMS”) for
managing data operations betWeen local data memory and
25
and matching processing of the DB 400 may be implemented
application services. IBM DB2 is a commercially available
on servers containing multiple CPU’s, each CPU Working on
a subset of the data. A massive parallel clustering scheme may
softWare product of International Business Machines Corpo
ration, NeW Orchard Road, Armonk, NY. The dynamic
be utiliZed to merge all processors Within one server, or it’s 30 server of the preferred embodiment uses multiprocessing to
e?iciently process database 430 commands and other mes
functional equivalent. Further, all operating data may be held
in RAM at all times for maximum throughput.
Further, in the preferred embodiment, an ef?cient search
and matching algorithm may be implemented With the DB
400 for an expeditious one to many search. An exemplary
sages communicated through application services Without
delaying application service processing and communication
With client subsystem 50 programs. Other embodiments of
35
Veridicom Software Development Kit, Minutia Extraction
Module and Fingerprint Veri?cation Module, version linux
sdk-2.6.2.9-i386, available from Veridicom Incorporated,
Santa Clara, Calif. The Minutia Extraction Module scans and
produces minutia based on features such as ridge endings,
local data memory are possible as long as the embodiment is
a highly available platform With su?icient storage and access
times for the storage and retrieval of data. The database need
not reside on a single physical platform; it may reside on
algorithm suitable for use in the preferred embodiment is the
several computing platforms comprising one logical unit, as
40
in a database cluster. An application can access data from the
client subsystem 50 and the server. LikeWise, such an inter
spacing, bifurcations, etc. Further, it extracts particularly sig
face may be required When an application service is imple
ni?cant minutia to perform a relative and distinct comparison
mented in an object-oriented language such as C++ and local
data memory is a relational database 430.
It is essential that the DB 400 is designed to store and house
any and all types of information Within user accounts includ
betWeen ?ngerprints; eliminating noisy minutia, borders,
Wrinkles, smudges, etc. The software produces templates of 1
45
KB (uncompressed) or 300 bytes (compressed) for use With
the Fingerprint Veri?cation Module. The searching algorithm
categoriZes the stored ?ngerprint minutia into four catego
ries: left loop, right loop, Whirl, and neither. This categoriza
tion reduces the number of minutia to search and to match
ing, but not limited to: biometric, ?nancial, business, per
50
against hence, making the searching and matching process
store, and process any type of transactional data, Which may
include but is not limited to: leases, deeds, passports, birth
faster. The softWare scores these results, and provides statis
tics on matches relying on matching minutia based on dis
tance, and neighborhood placement/orientation discrimina
tion. This technique is capable of distinctly matching
certi?cates, Wills, trusts, driver’s licenses, bank account
information, credit information, commercial transaction
55
?les, medical information, laboratory notes, grocery lists,
personal dairies, to do lists, Christmas lists, digital movies,
set is very small based on the matching criteria mentioned
customer lists, trade secrets, computer source code, elec
60
rithm may be used as described in the US. Pat. No. 5,802,525
to Isidore Rigoutsos, entitled “TWo-Dimensional A?ine-In
variant Hashing De?ned OverAny TWo-Dimensional Convex
Domain and Producing Uniformly-Distributed Hash Keys”,
US. Pat. No. 6,072,895 to Rudolf Maarten Bolle, et al.,
entitled “System and Method Using Minutiae Pruning for
information, educational information, citiZenship informa
tion, photographs, pictures, digital sound ?les, digital graphic
individuals based on discriminating minutia. Though the
extraction module may extract many minutia, the matching
above and alloWs the matching algorithm to be more ef?cient,
since less minutia are being compared.
An alternate embodiment of a search and matching algo
sonal, or academic; knoWn henceforth as transactional data.
User accounts are de?ned as storage allotted to each particu
lar user Within the DB 400. This system can receive, transmit,
65
tronic mails, merchant inventory lists, cash ?oW information,
expense information, consumer demographic information,
sales information, payroll information, tax information,
retirement information, investment information, bene?ts
information, biometric information, incentive information,
coupon information, governmental assistance program infor
mation, electronic cash, electronic signature information and
voting information.
US 7,519,558 B2
13
14
As known to persons of ordinary skill in the art, a relational
database 430 consists of a collection of tables each of Which
have a unique name. See, eg Toerey, “Database Modeling &
or equivalent hardWare supports the LAN connectivity
betWeen the devices connected to it. HoWever, DB 400 could
also connect to ORB using a WAN connection shoWn in FIG.
8.
Design, Second Edition”, chap. 2and chap. 3, (Morgan Kauf
mann Publishers, 1994). A database schema is the logical
FIG. 6 displays the block diagram of the DataTreasuryTM
design of the database. Each table in a relational database has
Encryption Subsystem (ES) 500. The ES 500 ensures a secure
attributes. A roW in a table represents a relationship among a
transaction and communication betWeen the DataTreasuryTM
Application Server (AS) 300 and their client subsystems 50.
set of values for the attributes in the table. Each table has one
or more superkeys. A superkey is a set of one or more
Furthermore, the ES 500 ensures that all data stored is
attributes, Which uniquely identify a roW in the table. A can
didate key is a superkey for Which no proper subset is also a
encrypted and secured against any attempts to gain unautho
rized access. Encryption Which protects against unauthorized
superkey. A primary key is a candidate key selected by the
database designer as the means to identify a roW in a table.
access foruse in the present invention is described in US. Pat.
As is Well knoWn to persons of ordinary skill in the art, the
DataTreasuryTM Repository System 100 could use other data
base models available from other vendors including the entity
No. 5,910,988, US. Pat. No. 6,032,137, and US. patent
application Ser. No. 09/454,492 to Ballard, entitled “Remote
relationship model as long as the selected database meets the
Which patent is incorporated herein by this reference. The ES
Image Capture With Centralized Processing and Storage”,
storage access ef?ciency and synchronization requirements
500 is further capable of detecting potential tampering of
of the system. See, e. g., Toerey, “Database Modeling &
documents in transit. Lastly, the ES 500 veri?es the identity of
the client subsystem 50 initiating the transaction. The ES 500
Design, Second Edition”, chap. 2 and chap. 3, (Morgan Kauf
20
mann Publishers, 1994).
An exemplary DB 400 basic schema consists of the tables
is created as an encryption object initiated from the AS 300.
One embodiment of the cryptography scheme in the ES
listed beloW. Since the names of the attributes are descriptive,
500, is implemented With a symmetric cryptography scheme.
they adequately de?ne the attributes’ contents. The primary
keys in each table are identi?ed With tWo asterisks (* *).
I. CUSTOMER: This table describes the DataTreasuryTM
25
Repository System customer.
A. **CUSTOMER.sub.--ID
B. COMPANY.sub.--NAME
C. CONTACT
D. CONTACT.sub.--TITLE
E. ADDR1
F. ADDR2
G. CITY
H. STATE.sub.--CODE
I. ZIP.sub.--CODE
J. COUNTRY.sub.--CODE
K. VOX.sub.--PHONE
L. FAX.sub.--PHONE
M. CREATE.sub.--DATE
II. CUSTOMER.sub.--MAIL.sub.--TO:
30
35
Symmetric cryptography entails the use of a single secret key
for both encryption and decryption of the transmission. The
client subsystem 50 and the AS 300 require the possession of
the key issued to the client subsystem 50 in order to decipher
transmissions. The AS 300 issues unique keys to each of their
client subsystems 50.
Another embodiment of the cryptography scheme in the
ES 500, is implemented With an asymmetric cryptography
scheme. An asymmetric scheme utilizes a tWo key pair, Which
consists of a public key 520 and a private key 580. A public
key 520 is one that is freely distributed, Whereas a private key
580 is treated in a surreptitious fashion. A document that is
encrypted With public key 520 may only be decrypted With
the corresponding private key 580, and visa versa.
Furthermore, the integrity of the communications Within
40
This
table
describes the mailing address of the DataTreasuryTM
the transmission in transit. The transmission is subjected to an
Repository System customer.
A. **MAIL.sub.--TO.sub.--NO
B. **CUST.sub.--ID
C. CUSTOMER.sub.--NAME
D. CONTACT
E. CONTACT.sub.--TILE
F. ADDR1
G. ADDR2
H. CITY
I. STATE.sub.--CODE
J. ZIP.sub.--CODE
K. COUNTRY.sub.--CODE
L. VOX.sub.--PHONE
M. FAX.sub.--PHONE
N. CREATE.sub.--DATE
O. COMMENTS
encryption process, knoWn to a person skilled in the art as
45
50
link speed in megabits per second. In the preferred embodi
ment the CISCO Catalyst 6000, model 6509, NetWork SWitch
parties need to be aWare that the digesting process is utilized.
Once the user formulates the desired transmission, it is then
subjected to the digesting process. Then the client subsystem
50 utilizes his public key to encrypt the message digest and
the transmission, Which results in a digital signature. The
55
digital signature can be combined With the transmission, or
exist as a separate entity. The AS 300 receives the transmis
sion along With the digital signature. The digital signature is
decrypted utilizing the corresponding private key to obtain a
decrypted message digest. The transmission is then subjected
60
LAN using sWitched 1000BaseT/100BaseT Ethernet, and
TCP/IP protocol though the invention is not so limited. As is
knoWn to persons of ordinary skill in the art, the 1000BaseT/
100BaseT Ethernet is a netWorking link layer protocol. Fur
ther, the numbers 1000 and 100 refer to the communication
hashing, and a message digest is created. The process of
creating the message digest is knoWn as the digesting process.
A message digest is a unique value of ?xed length dependent
on the input into the digesting process transmission. Both
In the preferred embodiment, through a communication
netWork, the DB 400 is connected to the ORB 200 through a
the ES 500 may be ensured With the use of a digital signature.
A digital signature is used to link the oWner of the public key
to the document; it is also capable of detecting alterations to
to the digest process to obtain a message digest. Lastly, the ES
500 compares the signature message digest With the transmis
sion message digest, if these values are equal, then the client
subsystem 50 is authenticated.
Another method that may be used to ensure data transmis
sion authenticity is the use of digital certi?cates 550. These
65
digital certi?cates 550 certify the identity of the holder of the
public key 520. The AS 300 may act as a certi?cation author
ity 560. The certi?cation authority 560 issues the digital cer
US 7,519,558 B2
15
16
ti?cates 550 to client subsystems 50. The digital certi?cates
550 verify that the owner of the public key 520 is also the
certi?cate holder.
The client subsystem 50 obtains the digital certi?cate 550
and presents it to the application With some form of identity
affecting image acquisition. It is also possible to create pro
jected to a binariZation process 615. The binariZation process
veri?cation, speci?cally, but not exclusively biometric infor
mation, personal information, ?nancial information. The
black or White.
application veri?es the certi?cate With the certi?cate author
ity 560, and the AS 300. The digital certi?cate 550 Which is
eton image is formed by reducing the lines representing ?nger
?les for speci?c devices or conditions, and apply them con
ditionally during preprocessing 610.
After preprocessing 610 is complete, the image is sub
615 transforms the image into pixels of values either pure
Skeleton processing 617 folloWs binariZation. The skel
ridges in the binary image to a Width of 1 pixel Wide. This is
done to maintain the original topography and connectivity of
the ridges. Skeleton postprocessing is then conducted to
sent to the client subsystem 510 may contain one or more of
the folloWing: the certi?cation authority’s 560 digital signa
ture, the public key 520 of the client subsystem 510, the name
enhance the skeleton image by interpolating breaks in the
skeleton images caused by ?nger pores, scars, Wrinkles, and
other surface imperfections in the ?nger. See, e.g., Jain,
of the user, the name of the certi?cation authority 560, and the
expiration date of the certi?cate.
Data is stored in the DB 400 in an encrypted form. After
retrieval from the database the records must be decrypted
before any useful operation can be performed on them. For
Halici, Hayashi, Lee, and Tsutsui, “Intelligent Biometric
Techniques in Fingerprint and Face Recognition”, chap. 2 and
decryption, a cryptographic key is required. The key is
chap. 3, (CRC Press, 1999).
The image is then classi?ed in step 630 into distinct cat
egories to decrease retrieval time. These categories may
obtained as a result of, or in conjunction With, the authenti
cation process using a biometric. In this Way, it is possible to
secure records from access from all but the authentic oWner of 20 include but are not limited to: Whorls, loops, and arches.
These categories are utiliZed to form an index of the client
the information.
The DataTreasuryTM Repository System 100 is not so lim
ited to the encryption and the authentication schemes. As
knoWn to persons of ordinary skill in the art, the DataTrea
suryTM Repository System may utiliZe any scheme that
ensures the highest degree of security, encryption and authen
tication may also be implemented. See, e.g., Pleeger, “Secu
subsystem’s 50 identity corresponding to minutia Within DB
400. For instance, a process in the US. Patent entitled “Neu
25
rity in Computing”, Second Edition, chap. 2 to chap. 9, (Pren
tice Hall, 1996).
metrics, then the extracted minutia points are compared in
step 675 With the point of reference minutia points resident in
DB 400. The point of reference, enrollment minutia are
obtained and subsequently stored in the DB 400 during the
user’ s registration process. If the minutia points match in step
system (DTBS) 600. The DTBS 600 processes all biometric
information in the DataTreasuryTM Repository System. The
DTBS 600 may make use of layered biometrics for added
security. A layered biometric consists of multiple types of
composite of the resulting elements are used for veri?cation.
The DTBS 600 extracts minutia from the ?ngerprint and
stores them in the DB 400. The DTBS 600 further authenti
cates the user identity With their personal biometric. Devices
for capturing biometrics Which are subsequently utiliZed to
The minutia points are extracted in step 650. An algorithm
is utiliZed to obtain minutia points. If the extracted minutia
points cannot be read, then in step 670 DTBS 600 utiliZes a
different biometric and then in step 695 repeats the compari
son of biometrics. HoWever if DTBS 600 can read the bio
FIG. 7 displays a block diagram of the process for process
ing biometrics using the DataTreasuryTM Biometric Sub
biometrics or multiples of the same type biometric. The bio
metric information may be from a ?ngerprint, digital voice
print, retinal scan, DNA or some other form of biometric. The
multiple biometric sources are individually processed, and a
ral NetWork System for Classifying Fingerprints,” US. Pat.
No. 5,825,907 may be utiliZed to classify ?ngerprints.
35
690, a positive veri?cation is made. HoWever, if there is no
match, then another biometric input 670 is requested, and
veri?cation fails. The other biometric may be from another
type of biometric input 670, like a voiceprint or retinal print.
40
Furthermore, it may be from another source input of the same
type of biometrics. This other biometric 670 is reintroduced
into the veri?cation process 695.
FIG. 8 shoWs a block diagram of communication netWork
800 connecting client subsystems 50, hosts 70 ORB 200, and
verify the identity of a person by comparing the biometric
DB 400. ORB 200 may connect to other ORB 200 systems via
data captured remotely With the biometric data stored for use
in the present invention are described in US. Pat. No. 5,910,
988, US. Pat. No. 6,032,137, and US. patent application Ser.
a ?rst local area netWork or LAN connection 810 Which
No. 09/454,492 to Ballard, entitled “Remote Image Capture
With Centralized Processing and Storage”, Which is incorpo
rated herein by reference.
In the ?ngerprint biometric subsystem, a capacitive appa
45
then to ORB 200 via a Wide area netWork or WAN connection
50
ratus may be utiliZed to capture a biometric signature, pref
erably in the form of a raW image 605 of the ?ngerprint. This
biometric device is connected to the client subsystem 50. The
?ngerprint may then be saved in an image format. It may also
be compressed With a loss-less compression algorithm, and/
55
or converted to a more e?icient image format. An apparatus
stated in the US. Patent entitled “Capacitive Fingerprint Sen
sor With Adjustable Gain,” 6,049,620, may be utiliZed.
The compressed and then encrypted image is then trans
ferred to the DataTreasuryTM Repository System. In the pre
ferred embodiment, once the image has been received, the AS
acquisition using different sensors, as Well as other variables
820. WAN connection 820 comprises an Ethernet netWork
822 connected to client subsystems 50 or hosts 70 and another
Ethernet netWork 823 connected to netWork sWitch 812. Eth
ernet 822 associated With client subsystems 50 connects to a
WAN router 824 While Ethernet 823 associated With netWork
sWitch 812 connects to WAN router 825. WAN routers 824
and 825 connect to API GateWay 80 or SOS 90 via netWork
lines 823. API GateWay 80 or SOS 90 connects to netWork
sWitch 812 Which connects to ORB servers 200.
ORB 200 also connects to DB 400 via a second LAN 840.
In addition DB 400 may exist as one or more servers con
60
300 begins preprocessing 610 the image. Preprocessing 610
performs basic image enhancement transformations on the
image, such as the adjustment of: contrast, brightness, and
scale, and additionally removes extraneous noise from the
image to produce an enhanced image of the ?ngerprint. Pre
processing 610 can correct for differences in images due to
contains a netWork sWitch 812. Client subsystems 50 and
hosts 70 may be connected to each other via the intemet or via
an Ethernet connection forming an intranet. Both client sub
systems 50 and hosts 70 connect to API 80 or SOS 90 ?rst and
nected to each other via a second LAN 860 containing a
netWork sWitch 862. Second LAN 840 comprises an Ethernet
netWork, for connecting to netWork sWitch 812 for ORB 200
and for connecting to netWork sWitch 862 for DB 400. Net
Work sWitch 862 connects to data storage subsystems DB
65
400.
This invention is not so limited by the method of extracting
and analyZing minutia.
US 7,519,558 B2
17
18
For example, FIG. 9 is a ?owchart depicting the general
process for the central management, security, storage, bio
In step 1070, the raw ?ngerprint is grafted on a vector grid
to extract invariant characteristics, such as minutia points.
metric authentication, veri?cation and user or initiator initi
The minutia extraction is accomplished through an algorithm.
ated data transactions.
Thus this process includes a ?rst step 910 which includes
In step 1080, the ORB 200 initiates a query of the DB 400,
amongst the enrolled user biometrics store, for minutia
capturing transactional data including an image of the bio
metric data, and any and all types of additional data. Next, in
when there exists no personal identi?er. When there is such a
matches. This can be but not limited to a one-to-one search
transactional data or information. In step 930, the authenticity
personal identi?er available, the parameters of the one-to
many search are dramatically reduced. Lastly, the minutia
and identity of the user is veri?ed so that the user can access
points are matched.
step 920 at least one remote location encrypts and sends this
an appropriate account. In step 940, the transactional data is
In step 1085, theAS 300 business objects perform the client
encrypted and decrypted upon transmission and storage and
presentation to the user. In step 950 the capturing and sending
of data is managed. Next, in step 960, this data is collected at
subsystem 50 requested operation on the user account corre
sponding to the user’s biometric.
In step 1090, the encrypted response/results are returned to
the client subsystem 50.
a remote centraliZed location. In step 970, the remote central
iZed location manages the collecting, processing, sending and
storing of this transactional data. Finally, in step 980 the
encrypted transactional data and subsystem identi?cation
FIG. 11 is a second embodiment of the ?owchart shown in
FIG. 9. In this case, many of the steps shown in FIG. 9 are
information is transmitted between the remote location the
centraliZed location and other entities.
Step 910 which comprises the step of capturing transac
tional data may include the steps of capturing biometric data
and any and all additional data; successively transforming the
captured biometric data to a biometric signature, creating an
encrypted compressed ?le identifying a location and time of
the biometric data capturing; storing the tagged, encrypted
compressed biometric signature ?le; and initiating a transac
20
931. This step involves a one to many search wherein the
system searches for the user’ s identity which has been previ
ously stored in DB 400. Once this identity has been matched,
in step 933 the system creates a pseudo identi?er which
25
with encryption and decryption keys.
is stored in a pseudo identi?er database in DB 400. Next, in
step 937, the system sets a security ?lter so that this pseudo
identi?er and cannot be used to determine the true identity of
30
Steps 910 and 920 can occur at a plurality of remote loca
tions while step 960 which includes collecting, processing,
sending, and storing the encrypted transactional data at a
35
involves capturing the health history of the user, the health
care insurance information of the user, or any health related
40 tests for the user such as blood tests or urine tests.
While the above invention has been described with refer
ence to certain preferred embodiments, the scope of the
present invention is not limited to these embodiments. One
skilled in the art may ?nd variations of these preferred
45
In step 1010, a registered user who desires a service from
relay. All transmissions sent to the ORB 200 are encrypted.
In step 1030, the crypto object veri?es that the stub is a
valid DataTreasuryTM Repository issuer. The crypto sub
50
comprising:
55
a biometric processing client subsystem for capturing
biometric data; and
a data capturing device to capture additional data;
a remote data management subsystem for receiving the
transactional data from the client subsystem;
Lastly, the crypto object decrypts the messages.
60
In step 1050, the business application objects associated
with the identi?ed skeletons are invoked by the ORB 200. The
a remote data storage subsystem, connected to the remote
data management sub system over a communication net
work, to store transactional data at the direction of the
remote data management subsystem;
AS 300 instantiates the business objects, to correspond with
the skeletons.
In step 1060, the business application object instantiates a
What is claimed is:
1. A system to provide a centralized, secured and authen
a client subsystem to receive and send transactional data
system veri?es secure communication between the stub and
biometric veri?cation object to ensure the identi?cation of the
user with the corresponding level of con?dence.
embodiments which, nevertheless, fall within the spirit of the
present invention, whose scope is de?ned by the claims set
forth below.
ticated storage of information comprising:
skeleton using but not limited to socket level cryptography.
In step 1040, the skeletons specify all objects to be created
to accomplish the desired task.
remain secret. If this process is used for voting then step 910,
which is the step of capturing transactional data, includes
capturing voting information such as the votes cast by each
user. If this process is used for health care, then step 910
ers at the central location to receive portions of the transac
the DataTreasuryTM Repository System initiates a transac
tion. The user begins the transaction by inputting a biometric.
Client subsystem 50 transactions are associated with unique
stubs.
In step 1020, a client subsystem 50 stub resides at the
terminal; and the stub forwards the transaction via frame
Once the user’s pseudo identi?cation has been established,
the system proceeds through steps 940-980 as in FIG. 9. This
voting or health care where the identity of the user must
tional data for balancing
FIG. 10 is a ?owchart depicting the operation of one
embodiment of the present invention.
the user.
type of process shown in FIG. 11 can be used especially for
remote centraliZed location can occur at a plurality of inde
pendent locations. Step 960 may also include the steps of
transmitting, from remote locations, transactional data with
servers at a centraliZed location; storing speci?c types of
encrypted transactional data at distinct independent remote
locations in a memory hierarchy, wherein the storing of this
data maintains recently accessed encrypted transactional data
in a primary memory and other encrypted transactional data
in a secondary memory; and dynamically assigning the serv
identi?es the user via a limited information tag such as a set of
demographic information. In step 935, this pseudo identi?er
tion upon the capture of a biometric.
Step 920 which includes the step of encrypting the data
includes the steps of creating encryption keys to encrypt the
data; and encrypting and decrypting the transactional data
shown. For example, in step 910 transactional data is cap
tured, while in step 920, this data is encrypted and sent.
However, instead of verifying the authenticity of the user in
step 930, the system veri?es the identity of the user in step
65
a data processing subsystem, connected to the remote data
management subsystem over the communication net
work, for processing transactions initiated by the remote
data management subsystem, on encrypted subsystem
US 7,519,558 B2
19
20
identi?cation information and encrypted transactional
data provided by the client subsystem to the remote data
operating the object request broker to cause an applica
tion server to instantiate a biometric veri?cation
object;
management subsystem;
a biometric subsystem instantiated by the data processing
operating the biometric veri?cation object to extract
characteristics from the biometric data; and
operating the object request broker to query a database
subsystem to verify the identity of a user of the client
sub system, from the captured biometric data in the trans
actional data; and
an encryption subsystem instantiated by the data process
ing subsystem for ensuring the security of the transac
for stored matches to the biometric data based on the
extracted characteristics; and
operating the object request broker to cause an application
server to instantiate an encryption object for encrypting
the transactional data for transmissions and storage in a
database in a data storage subsystem, and for decrypting
tional data.
2. The system, as in claim 1, Wherein the client subsystem
further comprises a biometric device for capturing biometric
the transactional data upon processing for presentation
data;
and Wherein the client subsystem successively transforms
the captured biometric data to an encrypted image for
mat, a compressed image ?le, data transmission identi
to the authorized user.
15
9. The method as in claim 8, Wherein said capturing the
transactional data Which includes biometric data step com
prises:
fying a location and time of the transactional data cap
ture, into a transaction stub for interfacing to the data
capturing biometric data;
management subsystem.
3. The system, as in claim 1, Wherein said data management
successively transforming the captured biometric data to a
biometric signature;
20
subsystem comprises:
creating an encrypted, compressed ?le identifying a loca
tion and time of the biometric data capturing;
a server providing for resources for processing, and man
storing the tagged, encrypted, compressed biometric sig
aging the storage of transactional data from said at least
nature ?le; and
one remote client subsystem;
a report generator for generating reports from the transac
initiating a transaction upon the capture of a biometric.
10. The method, as in claim 8, Wherein said biometric
25
tional data;
capturing and sending step is performed at a plurality of
a transaction processing architecture for dynamically
administrating a series of intelligent data management
services among the server; and
a memory hierarchy.
remote locations.
11. The method as in claim 8, further comprising the steps
30
4. The system, as in claim 3, Wherein said processing of
creating a pseudo identi?er for said user;
transactional data by said data processing subsystem occurs
after said transactional data is decrypted by said encryption
storing the pseudo identi?er in a pseudo identi?er data
base; and
subsystem.
5. The system, as in claim 3, Wherein saidtransactional data
35
subsystem.
object to decrypt transactional data for presentation to
6. The system, as in claim 3, Wherein the transaction pro
the authoriZed user.
40
tional resources among at least one server.
7. The system, as in claim 3, Wherein the server also
receives encrypted transactional data from the client sub
system, and said data storage subsystem stores the encrypted
45
transactional data;
base.
15. The method, as in claim 10, further comprising:
data to a series of invariant characteristics through the
50
ing data storage subsystem resident enrolled biometric
to verify the user;
and Wherein the server identi?es an appropriate user
55
account corresponding to a veri?ed user biometric.
8. A method for central management, security, storage,
biometric authentication, veri?cation, and initiation of data
transactions comprising the steps of:
capturing transactional data including an image of the bio
metric data of a user and additional data, at a remote 60
location, and encrypting the transactional data, and
sending encrypted transactional data to an object request
broker;
verifying the authenticity of the user for access to an appro
priate account by a sequence of operations comprising:
12. The method as in claim 11 Wherein said pseudo iden
ti?er is a demographic tag that canbe set to reveal information
relating to the user.
13. The method as in claim 11 Wherein said step of creating
a pseudo identi?er occurs after said step of verifying the
identity of said user.
14. The method as in claim 11 further comprising the step
of storing said pseudo identi?er in a pseudo identi?er data
Wherein the biometric subsystem reduces the biometric
use of an algorithm;
Wherein the server utiliZes a biometric search algorithm to
facilitate a one to many search to identify a correspond
setting a security ?lter so that said pseudo identi?er and
said pseudo identi?er database do not reveal said user’ s
original identity; and
then using the pseudo identi?er, executing the encryption
is re-encrypted by said encryption subsystem after said data
processing and said data is then stored in said data storage
cessing architecture contains a CORBA object request broker
(ORB) architecture that apportions and balances transac
of:
operating the object request broker to store speci?c types of
encrypted transactional data at distinct independent
remote locations in a memory hierarchy of the data
storage subsystem, said storing maintaining recently
accessed encrypted transactional data in a primary
memory and other encrypted transactional data in a sec
ondary memory;
operating the object request broker to dynamically assign
ing the assign servers at a central location to receive
portions of the transactional data for balancing the trans
actional data among a plurality of servers; and
generating reports from the transactional data and provid
ing data to softWare applications executed by the appli
cation server.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement