Methods of protecting real and virtual property have become increasingly sophisticated in recent times. Microprocessors, biometrics data and advanced encryption techniques are being utilized in various forms and combinations so as to take precautions for ensuring that access to secure data and areas are restricted only to those individuals who have a legitimate right of entry or access. Unfortunately, these precautions often tend to be nullified or rendered useless by the human element.
The use of biometrics data as a reliable verification tool presents a great deal of problems. Many biometrics systems still rely on the presentation of passwords or PIN codes as proof of an individual's identity. The utilization of passwords and PIN codes, which are prone to misappropriation and forgetfulness, create weaknesses in such systems. People are prone to forget passwords, to make them obvious by selecting common or easily deciphered passwords or personal identification numbers (PINs), or to divulge passwords or PINs to other people.
Sophisticated security mechanisms are typically vulnerable to human error in situations when an essential element of the security system, such as a password, is held or utilized in a highly unregulated or careless manner. One need only consider the manner in which individuals select or remember their passwords and PINs in order to appreciate this point.
A further problem with passwords is that they are simple entities. As a means for providing conditional access to secured facilities having a hierarchy of security levels, passwords have obvious deficiencies. Typically, secured facilities require the storage of databases within the memory of a host computer system which contains permission data and controls access to the databases.
In instances when access to data which is held on a "smart" card or other data storage device is required, the database would need to reside in a card reader or other memory device reader which is connected to the computer system. The security weaknesses of these systems are clearly apparent to those skilled in the computer and information systems fields.
Notwithstanding the deficiencies and shortcomings of the utilization of passwords, the password concept still facilitates the provision of secured data for a large and diverse group of individuals or other entities. In this regard, it would appear that the password scheme for providing data access and security should be further isolated from the human element so that passwords and other related data may be stored consistently and in a secured manner. It would also be desirable if the password scheme could be adapted to a security scheme which could accommodate large hierarchies of users and data access requirements without requiring the use of multiple passwords or any passwords at all.