1. Field of the Invention
The present invention relates to an apparatus and method for data security. More particularly, the present invention relates to an electronic device and corresponding method of maintaining the integrity of data.
2. Description of Art Related to the Invention
For data security to be highly reliable, it must preserve the "integrity" of data transmitted between two sources. This may be accomplished through a mechanism that determines the data's origin in order to detect whether the data has been illicitly corrupted and to establish when the data was created.
Currently, access control techniques, such as biometrics for example, are failing to preserve data integrity. In general, biometrics involve digitally scanning a characteristic of the user (e.g., finger print, iris, retina, etc.) to capture one and more frames of data (generally referred to as "data clip") associated with the characteristic. Then, the captured data clip is compared to a previously stored master. If certain characteristics of the captured data clip match those of the stored master, the user is identified and/or authenticated.
The reason that access control techniques are failing to preserve data integrity is that electronic technology has become so sophisticated that alteration of a digitally captured data clip is difficult to detect. For example, security systems using biometrics are now susceptible to fraudulent alteration of the captured data clip if the biometric system is not physically connected to a system or component that processes or stores the captured data clip. Usually, this is due to the fact that the communication path is publicly accessible which allows interlopers an opportunity for the captured data clip to be (i) substituted for a prior recorded data clip, (ii) substituted with another data clip transferred in real-time from another location, or (iii) combined with other non-existent images or characteristics.
In fact, our society is beginning to doubt the integrity of images transferred or stored as data clips because these data clips can be easily manipulated. Unless the integrity of the data is preserved, more cases of fraud will be committed, creating distrust between persons. For example, it is foreseeable that insurance companies will begin to distrust and contest claims of property damage where a hardcopy image formed by a data clip (e.g., a photograph from a digital camera) is used by a member of the real-estate industry to appraise and insure property prior to its damage. Likewise, it is foreseeable that hardcopy images formed by a data clip will become inadmissible in court due to their susceptibility to fraudulent modification.
In an effort to preserve data integrity, a technique called "time stamping" has recently been developed and is commercially offered from Surety Technologies, Inc. of Chatham, N.J. Referring to FIG. 1, an example of time-stamping is shown in which a hash operation is initially performed on digital data 110. The hash operation involves a one-way hash function 120, normally stored within first source 100, mapping digital data 110 from its arbitrary size into a fixed size, usually referred to as a "digest" 130. The digest 130 cannot be manipulated to reproduce the data (i.e., no information content). Examples of the hash function 120 include, but are not limited or restricted to those provided by RSA Data Security, Inc. of Redwood City, Calif. (e.g., "MD5"), or those published by the U.S. Government (e.g., "Secure Hash Algorithm").
As indicated by a dotted line 140, a conscious effort is made by a person to electrically download the digest 130 by a telephone line to a time-stamping service provider 150. The digest 130 is hashed and combined with a number of other digests 160 from different sources in a "binary tree" fashion. This results in a composite digest 180 produced from "intermediate digests" 170. Next, the composite digest 180 is widely published (e.g., printed in a publication, disseminated to all sources, stored in a trusted database, etc.) to establish that data 110 existed at least before the publication of the composite digest 180.
However, there is no current mechanism for protecting the integrity of data by ensuring that it was created or existed after a particular point in time as well as before publication of the composite digest. By providing a technique ("time-bracketing"), which ensures that data was created or existed after a particular point in time, fraudulent modification or substitution of a previously captured data clip would be prevented. Hence, there exists a need for an electronic device, employed within a capturing device and coupled with communication circuitry, which would preclude a captured data clip from being altered without subsequent detection by using standard communication schemes with the time-stamping service provider.