• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    A system for authenticating users on a computer network (10) using multi-user metrics. The system includes a service provider 30 that provides services to clients on the computer network 10. The client provides the authentication information 78 of the user before receiving the service from the service provider. The authentication information includes at least an extracted biometric template 85 representing an issued user certificate associated with the client's user, a given session code 66, and biometric information 70 associated with the client's user. The authentication server 50 verifies the identity of the user by analyzing the issued user certificate, a predetermined session code, and the extracted biometric information template 85.
    公开号:KR20030097847A
    申请号:KR10-2003-7014335
    申请日:2002-05-02
    公开日:2003-12-31
    发明作者:푸에릭;이동원;새들러릭;통윌리엄;마하이리;안준영
    申请人:시큐젠 코포레이션;
    IPC主号:
    专利说明:

    AUTHENTICATING USER ON COMPUTER NETWORK FOR BIOMETRIC INFORMATION}
    [3] The advent of the Internet has changed the way society thinks and interacts. It provides users with entirely new concepts, such as in learning, communication, information gathering, business performance, and recreation. However, the Internet is still relatively new, and some important areas remain challenges.
    [4] An example of an area that is not yet highly developed on the Internet is identification. It is still possible to remain anonymous on the Internet or to impersonate someone rather than himself. Being able to remain anonymous on the Internet is, in some situations, a tremendous advantage and an important factor in the media's unparalleled success. However, in other situations, anonymity or identity most likely may not benefit the growth of the medium. For example, in activities such as online shopping, banking, stock trading, negotiating and entering into contracts, confidential communications, and many other types of Internet conversations, the high level that the person you are dealing with is the very person he claims to be. It is desirable to have certainty. Uncertain identities in this situation tend to stagnate the use of the Internet for these and similar purposes.
    [5] One well understood approach to verifying identity asserted on the Internet is the use of digital certificates. In essence, a trusted Certificate Authority verifies the user's identity and issues a digital certificate to the user. A second user who has a transaction with a first user can verify the identity of the first user by viewing the first user's digital certificate or by having the first user send the second user a digital certificate (for example, with a contract). have. A flaw in this approach is that someone who wants to impersonate a first user gains access to the first user's computer (typically, the first user's credentials are stored) or otherwise (stored on the first user's computer). If not), simply gain access to the digital certificate of the first user.
    [6] A second approach to identity authentication on the Internet is discussed in US Pat. No. 5,987,232 to "Verification Server for Use in Authentication on Networks" ("Tabuki") issued to Tabuki. Tabuki discloses a validation server networked with an application client and application server. The verification server stores unique biometric data for network users. When requested by an application server (where the application client is making a transaction requiring an authenticated identity), the application client enters biometric information such as a signature or fingerprint. This biometric information along with information about the application server request authentication is sent to the verification server. The verification server searches for the biometric stored therein to find a match of the input biometric data. The verification server then sends a result from the matching operation (eg, verifying identity, not verifying identity, or requiring additional biometric information) to the requesting application server.
    [7] By using the user's biometric information to identify the user, Tabuki's authentication server makes it difficult for the second user to impersonate the first user so simply by stealing the password of the first user. In other words, in general, the second user must have a fingerprint, a voiceprint, a signature, or other biometric information of the first user in order to impersonate the first user. Because biometrics represent a user's actual physical characteristics (something that he or she is) rather than just what he knows, it may be more difficult to impersonate a user on Tabuki's biometric authentication system than on a standard password-based authentication system. have.
    [8] However, the authentication server outlined in Tabuki uses only a single means or metric to identify the user. Specifically, the authentication server disclosed in Tabuki uses only the user's biometric information to authenticate the user's identity. Thus, to the extent that a second user attempting to impersonate the first user can imitate or access (possibly in some cases) the biometric information of the first user, the authentication server disclosed in Tabuki can be used by the second user to be a successful first user. You may also allow to impersonate.
    [1] The present invention claims priority to US Provisional Application No. 60 / 288,207, entitled "Authentication Server Using Multiple Metrics for Identity Verification," filed May 2, 2001 by Eric Pu, Dong Won Lee, Rick Sadler, and William Tong. Claims, and incorporates the provisional patent application as a reference.
    [2] The present invention relates to identification on distributed computer networks. In particular, the present invention includes methods and apparatus for using multiple metrics to identify a user on a network.
    [11] 1 is a block diagram illustrating a distributed computer network having clients, services, and authentication servers in accordance with the present invention;
    [12] 2 is a flow chart illustrating the steps taken by a user of the distributed computer network shown in FIG. 1 as part of a method for making a contract in accordance with the present invention;
    [13] 3 is a flowchart illustrating a completion step when the authentication server shown in FIG. 1 receives a contract from a user to be authenticated according to the present invention;
    [14] 4 is a block diagram illustrating components of a client shown in FIG. 1;
    [15] 5 is a block diagram illustrating components of the authentication server shown in FIG. 1;
    [16] 6 is a block diagram illustrating the steps used by a client application program interface (API) executed on the client shown in FIG. 1; and
    [17] 7 is a block diagram illustrating the steps used by a server API executed on the authentication server shown in FIG.
    [9] The present invention includes an authentication server that uses up to three separate pieces of information or "metrics" to verify the identity of a user. The authentication server of the present invention is used to authenticate something that a user has (session code), something that the user knows (user credentials such as a password), and something that user "owns" (biometric information) to authenticate the user's identity. use. In this way, the authentication server of the present invention has the advantage of providing a relatively high level of certainty with respect to the identity of the authenticated user.
    [10] Specifically, according to the present invention, a system for authenticating a user on a computer network includes a service provider, a client, and an authentication server. Service providers provide services to clients on a computer network. The client provides the user's authentication information before receiving the service from the service provider. The authentication information includes at least an extracted biometric template representing an issued user certificate associated with the client's user, a predetermined session code, and biometric information associated with the client's user.
    [18] The present invention includes an authentication server that uses up to three separate pieces of information or "metrics" to verify the identity of a user. First, the authentication server may use the user's biometric information measurement. Such a measurement is preferably a fingerprint image, but may be any other biometric information, such as an iris scan, a voiceprint, or a face scan. It is also recommended that the authentication server use a password known to the user. Finally, the authentication server preferably generates a session code before the user's authentication and delivers it to the user. The session code can be a randomly generated string or other soft token, which is preferably known by the authentication server, not the user.
    [19] By using the three metrics discussed above, the authentication server of the present invention allows the user to "know" something (session code), what the user "knows" (user certificate), and user "self" to authenticate the user's identity. Use something that is biometric. Thus, in order for the second user to impersonate the first user, the second user must obtain the session code, certificate, and biometric information of the first user. This is relatively more difficult than obtaining any one of these metrics. Thus, it is an advantage that the authentication server of the present invention can provide a relatively high level of certainty with respect to the identity of the authenticated user.
    [20] 1 is a block diagram illustrating a distributed computer network 10 including an authentication server according to the present invention. The network 10 may be a LAN, WAN, the Internet, or any other distributed computer network. The network 10 includes a client 20 that enables a user (not shown) to access the network 10, and services 30 interconnected to the client 20 to provide application services to the client 20. ). Client 20 may be a PC, a portable computer, or any other type of computing device. The service 30 may include one or more individual servers and may provide clients with access to services or network applications, such as shopping, banking, stock trading, and other "online" services. The network 10 also includes a biometric server 50 interconnected to both the user 20 and the service 30, as discussed in more detail below. An interconnect connecting the client 20, service 30, and authentication server 50 may be any type of computer network interconnection including, but not limited to, an Internet connection, an Ethernet connection, or a wireless connection. Can be. The interconnects need not be of the same type. As shown, the network 10 may include one or more external databases 80 that accept user authentication information, but is not required and will be discussed in more detail below.
    [21] In the first embodiment of the present invention, the authentication server 50 authenticates or guarantees the identity of the user (not shown) of the client 20 to establish a contractual relationship with the service 30. In addition, the methods and apparatus of the present invention may be used to allow a user of client 20 to make other types of transactions with service 30, such as purchase, stock trading, online banking, and the like.
    [22] A first embodiment of the steps used to provide multi-metric authentication is shown in FIG. In step 60, a connection is established between the service 30 and the client 20. Such a connection may be secured (such as through the use of the Secure Sockets Layer (SSL) protocol) but is not required. In step 62, the service 30 sends a contract to the client to be digitally signed by the user. Preferably, the contract is encrypted with the private key of the service 30 and the client 20 already owns the public key of the service 30. The user can then use the public key of the service 30 to decrypt the contract, read the contract, and decide whether the user will digitally sign it.
    [23] If the user wants to sign a contract, as shown in Figure 2, the user can access a program on the client that performs many steps. First, in step 64, after the client 20 reviews the contract, the contract is preferably encrypted with the public key of the service 30 that the client 20 has already obtained. This helps to keep the content of the contract confidential during the guarantee by the authentication server 50. Next, in step 66, the session code is preferably attached to the contract. The session code is preferably a random character string or other soft token generated by the authentication server 50 in a manner understood by those skilled in the art and transmitted to the client 20 after the previous authentication session and preferably stored. In addition, a separate server attached to the authentication server 50 will generate a session code. Prior to the first endorsement session by any user of the client 20, the session code may be provided to the user of the client 20 when the client 20 registers with the authentication service. The original session code may be provided on a floppy disk or by some other means and stored in the client 20. The authentication server 50, or a separate session code server, preferably generates a different session code for each endorsement session. After generating the session code for a given transaction, the authentication server 50 associates the session code with the user that issued it and stores the session code and association in a database interconnected with the authentication server 50. A user can be identified by username or other unique user ID. The user name is preferably provided to the authentication server 50 when the client 20 registers with the authentication server 50 for the warranty service. Standard relational databases such as Microsoft® Access2000® can be used to associate usernames with session codes.
    [24] In addition to requesting a session code, the client program also preferably requires the user of client 30 to enter a password or user certificate. The password is assigned to the user at registration and can be changed later by the user, if desired. . The password can also be any other user certificate, for example a user ID or token. The authentication server 50 associates a password with a registered user of the client 20, as discussed in detail below. As shown in step 68, after the password is entered, the client program attaches the password to the contract in a known manner. Next, the client program requests the user to enter biometric information, such as a fingerprint, face scan, retinal scan, voiceprint, or other bioidentifier. As discussed below, the client preferably includes a biometric information input device, such as a fingerprint scanner. In step 71, the input biometric information is preferably encrypted by the client program. As is known in the art, it is preferred that symmetric or PKI encryption be used to encrypt the entered biometric information. Then, in step 72, the client program attaches the encrypted biometric information to the contract. In addition, as shown in step 74, the client program may attach the Internet Protocol (IP) address, network address, and the like of the service 30 to the contract. In this way, the network location at which the authentication server 50 should send the guaranteed contract is provided to the authentication server 50.
    [25] Referring back to FIG. 1, in step 76, the client software may verify the encrypted contract, session code, user's password, user's encrypted biometric information, and, if necessary, the network location of the service 30 with the authentication server ( 50). Referring now to FIG. 3, where the completion step when the authentication server 50 receives a contract to be authenticated from the user is shown, in step 78, as discussed below, the authentication server 50 may provide the above information. When receiving the authentication of the user of the client 20. This is done using all three identifiers: the session code, the user's password, and the user's biometric information.
    [26] If the identity of the user of the client 20 is successfully authenticated in step 78, the authentication server 50 vouches for the contract and sends the guaranteed contract to the service 30. As shown in step 81, this guarantee is preferably achieved by attaching a digital signature to the contract. The digital signature preferably includes a character string associated with the authenticated user's password, biometric template and / or session code. However, it is also within the scope of the present invention that the digital signature includes information corresponding to the user's biometric template of the authenticated user, i. In step 83, this digital signature is preferably encrypted with the private key of the authentication server. When the service 30 receives the guaranteed contract, the signature can be decrypted with the public key of the authentication server 50, which can be provided to the service 30 in advance.
    [27] 4 is a block diagram of the client 20. The client 20 preferably includes a web browser 22 for use in connecting to and communicating with the service 30 over the Internet. Further, client 20 preferably includes authentication software 24 interconnected with web browser 22 and biometric information input device 28 to allow a user to enter biometric information such as a fingerprint for identity authentication. . The device driver 26 for driving the biometric information input device 28 is interconnected with the authentication software 24 and the biometric information input device 28. Various types of biometric data input devices are known in the art. US Pat. Optical Image Capturing System "discloses a fingerprint input device of a user as one of such devices.
    [28] The authentication software 24 is for activating the biometric information input device 28 through the device driver 26 and for collecting and processing biometric information obtained from the biometric information input device 28. Specifically, when the browser 22 receives a request from the service 30 for biometric authentication of a user of the client 20, such as when the service 30 sends the contract to the client 20, such a request. Is sent to the authentication software 24. The authentication software 24 then activates the biometric information input device 28 by the device driver 26.
    [29] At the same time, the authentication software 24 may request that the user of the client 20 enter the biometric information using the biometric information input device 28. The client 20 is preferably a standard personal computer having a CPU, a keyboard, and a monitor. Requests for biometric information can be made via a monitor. Additionally, command feedback may be provided during the user's input of biometric information through the monitor to facilitate the entry of high quality biometric data. As will be discussed in detail below, authentication software 24 includes an application programming interface (API) that processes biometric data input by a user of client 20 to prepare data to be sent to biometric server 50. Include. The software that activates the biometric input device and collects and processes biometric information is SecuDeskTop® available from Secugen® Corporation of Milpitas, CA.
    [30] In addition to processing the input biometric data, the authentication software 24 performs many additional steps. The authentication software 24 encrypts the contract with the public key of the service. The authentication software 24 then sends the encrypted software, the digital session code, the password associated with the user of the client, the user, so that the authentication server 50 can send the signed and authenticated contract back to its originating service 30. Configure a data package that includes the biometric data entered by and processed by the authentication software 24 and, if necessary, the location of the service 30 on the network. In addition, as described above, the service 30 may query the authentication server 50 to search for a signed contract or otherwise search for user identification information.
    [31] 5 is a block diagram showing components of the authentication server 50. The authentication server 50 includes an authentication module 52 for performing and controlling an authentication process, and a database 54 for storing biometric information, user digital certificates, and, if necessary, other identification data. The biometric server 50 may also communicate with one or more remote databases 70 through a communication interface 56. The remote database 70 may also store biometric information, credentials, and other identifying data. Databases 54 and 70 can be standard relational databases, such as Microsoft® Access2000®.
    [32] The data package prepared and sent by the client software 24 is received by the authentication module 52 in the authentication server 50. The authentication module 52 authenticates the identity of the user of the client 20 using all three metrics sent by the client 20. Specifically, as discussed in detail below, the authentication module 52 uses the biometric data, password, and session code of the user to authenticate the identity of the user of the client 20.
    [33] As discussed in detail below, the authentication module 52 provides in advance the biometric data or “template” generated by the authentication software 24 of the client 20 by the user of the client 20 in a separate registration process. Compare with the biometric template. This template is stored in a dedicated authentication database 54 or in an external authentication database 60 which is accessed by the authentication module 52 via the communication interface 56. The identification information provided by the client 20 preferably includes an indicator flag that provides information about the location of the data in the databases 54 and 70 where the biometric information template corresponding to the user of the client 20 is to be stored. After the biometric template is stored in the dedicated database 54, the authentication module 52 queries the dedicated database 54.
    [34] However, if the indicator flag specifies that a suitable template is located in the remote database 70, then this information is sent to the communication interface 56. The communication interface 56 establishes a communication link with the remote database 70 and queries the remote database 70 for the requested template. Communication interface 56 then retrieves the appropriate template. Whether a suitable template is located in dedicated database 54 or remote database 70, authentication module 52 places the template in a temporary buffer. Thereafter, as discussed in detail below, authentication module 52 compares it to a user input template. If the two templates match within a given parameter, then the user's identity is biometrically verified.
    [35] The authentication module 52 also verifies in a known manner that the password previously entered by the user and preferably stored in the dedicated authentication database 54 matches the password sent by the client 20. Finally, the authentication module 52 verifies that the session code sent by the client 20 is correct. Preferably, the session code and password are each a character string. Therefore, the authentication module 52 preferably verifies that the session code is correct by simply matching the two character strings. If all three metrics are verified, then authentication server 50 then verifies the identity of the user of client 20. If one or more of the metrics do not match, then the authentication server cannot verify the identity of the user of client 20. Such authentication information may be retrieved by the service 30 or transmitted to the service 30 by the authentication server 50.
    [36] As described above, the user of the client 20 and the service 30 may have a contract relationship. If this is the case, then the database 54, 70 or other dedicated or remote database of the authentication server 50 will contain a digital certificate for the user of the client 20. The digital certificate is preferably stored in the authentication server when the user of the client 20 registers his stored biometric template. If the authentication information resulting from matching the three metrics, namely biometric template, password, and session code, is positive (i.e. the user's identity is verified), then the authentication server 50 uses the digital certificate of the user. It is desirable to "sign" a digital contract.
    [37] 6 is a detailed block diagram of a preferred embodiment of a client API 80 that is preferably part of the authentication software 24 of the client 20. The client API 80 activates the biometric information input device 28 in response to the input from the browser 22 when the service 30 requests that the user of the client 20 verify its identity and encrypts the biometric information. Create a template. First, the client API 80 includes a device driver for activating and driving the biometric information input device 28. As described above, when the biometric information input device 28 is activated, the user of the client 20 is preferably warned to enter biometric information through a user interface screen on the client monitor. After the user inputs the biometric information through the biometric information input device 28, in step 85, the client API 80 generates a template from the biometric information. For example, if a fingerprint scanner is used as the biometric information input device 28, then a template is generated based on the spatial relationship and type of detail of the fingerprint used as the biometric information input. It is well known in the art to generate such templates from biometric information, i.e., fingerprint, voice, pace, eye, and the like.
    [38] In step 86, the client API 80 formats the template for the appropriate protocol for the database 54 or 70 of the authentication server 50. In step 88, the client API 80 encrypts the template. This enables a higher level of security when sending a template from the client 20 to the authentication server 50. Next, in step 90, the encrypted template is formatted for transmission over the network. The formatting of the encrypted template depends on the type of network to which the template is to be sent. For example, a template might be formatted differently for a LAN than for a WAN or the Internet. Finally, for additional security, in step 92, the network formatted and encrypted template is preferably sent to the authentication server 50 over the network using SSL.
    [39] 7 is a block diagram showing the details of the server API 100 is preferably part of the authentication module 52 included in the authentication server (50). As shown in steps 102 and 104, the template is received by the server API 100 using SSL and the appropriate network protocol, respectively. In step 106, the template encrypted in step 88 of FIG. 6 is decrypted. In step 108, the server API 100 performs database translation, if necessary. In step 110, a suitable template stored in database 54 or 70 is retrieved and compared with the received template. The stored template that matches the received template is preferably located in the database using the user identification code. The database 54 or 70 may also directly search the stored template to find a matching template and then determine whether the name associated with the received template in the database matches the received user name.
    [40] In order to match the received template, the server API 100 preferably uses an image processing matching algorithm. Preferably, since the type of biometric information used is an image, the type of matching algorithm used is preferably a fingerprint matching algorithm. Generating a fingerprint template from a fingerprint image is well understood in the art and generally includes standard image processing techniques that use an algorithm to translate fingerprint image information into a unique character string. Examples of such algorithms are disclosed in the co-pending US patent application Ser. No. 09 / 994,173, "Method for Extracting Fingerprint Feature Data Using Ridge Orientation Model," which is incorporated herein by reference in its entirety. Since the fingerprint template is preferably a character string, matching a retrieved fingerprint template from a user with a template stored in the authentication server includes only matching two character strings representing each template. Finally, at step 112, the fingerprint match is verified or not verified.
    [41] The foregoing descriptions of specific embodiments of the present invention have been presented for purposes of illustration and description. They are not intended to limit the invention to the disclosed forms, and it should be understood that many variations and modifications are possible from the above teachings. The above embodiments are chosen and described in order to best explain the principles of the invention and its practical applications in order to enable those skilled in the art to best utilize various modifications suitable for the invention and the particular use thereof. Many other variations will be within the scope of the present invention.
    权利要求:
    Claims (13)
    [1" claim-type="Currently amended] A method of authenticating the identity of a user of a client on a computer network,
    Extracting the biometric information template from the user;
    Bundling the extracted biometric information template with the issued user certificate and a predetermined session code;
    Providing the extracted biometric information template, the issued user certificate, and a predetermined session code to the authentication server; And
    And comparing the extracted biometric information template, issued user certificate, and predetermined session code with the registered biometric information template, registered user certificate, and session code stored in the authentication server, respectively.
    [2" claim-type="Currently amended] The method of claim 1,
    Generating a new session code in the authentication server different from the predetermined session code; And
    Sending a new session code to the client for use during subsequent transactions.
    [3" claim-type="Currently amended] 3. The method of claim 2, further comprising storing a copy of the new session code in the authentication server.
    [4" claim-type="Currently amended] The method according to claim 3, wherein the extracted biometric information template matches the registered biometric template, the issued user certificate matches the registered user certificate, and the predetermined session code matches the session code stored in the authentication server. And providing a positive authentication response to the service requesting user authentication.
    [5" claim-type="Currently amended] The method of claim 4, wherein the extracting of the biometric information template comprises:
    Providing a biometric information input device connected to the client; And
    And inputting the biometric information from the user into the biometric information input device.
    [6" claim-type="Currently amended] 6. The method of claim 5, wherein bundling the extracted biometric template with the issued user certificate and a predetermined session code is completed by the client.
    [7" claim-type="Currently amended] 7. The method of claim 6, wherein bundling the extracted biometric template with the issued user certificate comprises bundling the extracted biometric template with a user ID, password, or token.
    [8" claim-type="Currently amended] 8. The method of claim 7, wherein inputting biometric information from a user comprises inputting fingerprint information of the user.
    [9" claim-type="Currently amended] In a system for authenticating a user on a computer network,
    A service provider that provides services to clients on a computer network;
    Prior to receiving service from a service provider, providing authentication information including at least an issued user certificate associated with a user of the client, a predetermined session code, and an extracted biometric information template representing biometric information associated with the user of the client. Client; And
    And an authentication server verifying the identity of the user by analyzing the issued user ID, a predetermined session code, and the extracted biometric information template.
    [10" claim-type="Currently amended] 10. An authentication system according to claim 9, wherein the predetermined session code is generated by an authentication server and provided to a client for use during an authentication transaction.
    [11" claim-type="Currently amended] The method of claim 10,
    The issued user certificate is entered into the client by the user;
    The predetermined session code is provided to the authentication server by the client;
    The extracted biometric information template is generated from biometric information input by the user to the client computer;
    The issued user certificate, the predetermined session code, and the extracted biometric information template are transmitted from the client to the authentication server, respectively.
    [12" claim-type="Currently amended] 12. The method of claim 11, further comprising at least a registered biometric template, each associated with a user of the client and stored in the authentication server, a session code stored in the authentication server, and a registered user certificate, wherein the authentication server is issued a user certificate. An authentication system comprising: comparing with a registered user certificate, comparing a predetermined session code with a session code stored in the authentication server, and comparing the extracted biometric information template with a registered biometric information template.
    [13" claim-type="Currently amended] 13. The authentication system according to claim 12, further comprising a fingerprint input device connected to the client, wherein the extracted biometric information template and the registered biometric information template are each fingerprint templates.
    类似技术:
    公开号 | 公开日 | 专利标题
    US10027485B1|2018-07-17|System and method for device registration and authentication
    US20200186536A1|2020-06-11|Graduated authentication in an identity management system
    US10270766B2|2019-04-23|Anonymous association system utilizing biometrics
    US9438633B1|2016-09-06|System, method and computer program product for providing unified authentication services for online applications
    US9124433B2|2015-09-01|Remote authentication and transaction signatures
    US9900163B2|2018-02-20|Facilitating secure online transactions
    US9712526B2|2017-07-18|User authentication for social networks
    US20180181745A1|2018-06-28|Method and system for interoperable identity and interoperable credentials
    US20170249633A1|2017-08-31|One-Time Use Password Systems And Methods
    US9967747B2|2018-05-08|Determining identity of individuals using authenticators
    US8862888B2|2014-10-14|Systems and methods for three-factor authentication
    US20160255069A1|2016-09-01|Context sensitive dynamic authentication in a cryptographic system
    US9654468B2|2017-05-16|System and method for secure remote biometric authentication
    KR101666374B1|2016-10-14|Method, apparatus and computer program for issuing user certificate and verifying user
    US8800003B2|2014-08-05|Trusted device-specific authentication
    JP5903190B2|2016-04-13|Secure authentication in multi-party systems
    EP1358533B1|2004-09-15|Method, arrangement and secure medium for authentication of a user
    JP4413774B2|2010-02-10|User authentication method and system using e-mail address and hardware information
    JP5694344B2|2015-04-01|Authentication using cloud authentication
    US6167518A|2000-12-26|Digital signature providing non-repudiation based on biological indicia
    US20130262873A1|2013-10-03|Method and system for authenticating remote users
    KR100621420B1|2006-09-13|Network connection system
    EP1498800B1|2008-07-02|Security link management in dynamic networks
    US7197568B2|2007-03-27|Secure cache of web session information using web browser cookies
    AU2007345313B2|2010-12-16|Biometric credential verification framework
    同族专利:
    公开号 | 公开日
    WO2002089018A1|2002-11-07|
    US20030105966A1|2003-06-05|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    法律状态:
    2001-05-02|Priority to US28820701P
    2001-05-02|Priority to US60/288,207
    2002-05-02|Application filed by 시큐젠 코포레이션
    2002-05-02|Priority to PCT/US2002/014277
    2003-12-31|Publication of KR20030097847A
    优先权:
    申请号 | 申请日 | 专利标题
    US28820701P| true| 2001-05-02|2001-05-02|
    US60/288,207|2001-05-02|
    PCT/US2002/014277|WO2002089018A1|2001-05-02|2002-05-02|Authenticating user on computer network for biometric information|
    [返回顶部]