Computer security is fast becoming an important issue. With the proliferation of computers and computer networks into all aspects of business and daily life—financial, medical, education, government, and communications—the concern over secure file access is growing. Using passwords is a common method of providing security. Password protection and/or combination type locks are employed for computer network security, automatic teller machines, telephone banking, calling cards, telephone answering services, houses, and safes. These systems generally require the knowledge of an entry code that has been selected by a user or has been preset.
Preset codes are often forgotten, as users have no reliable method of remembering them. Writing down the codes and storing them in close proximity to an access control device (i.e. the combination lock) results in a secure access control system with a very insecure code. Alternatively, the nuisance of trying several code variations renders the access control system more of a problem than a solution.
Password systems are known to suffer from other disadvantages as well. In most cases, a user specifies the password. Most users, being unsophisticated users of security systems, choose passwords that have a personal connection or significance; this practice makes the password not only easy to remember but also relatively insecure. As such, many systems that rely solely on password protection are easily accessed by an unauthorized third party through a simple trial and error process.
A security access system that provides substantially secure access and does not require a password or access code is a biometric identification system. A biometric identification system accepts unique biometric information from a user and identifies the user by matching the information against information belonging to registered users of the system. One such biometric identification system is a fingerprint recognition system. In this type of system, the finger under investigation is usually pressed against a flat surface, such as a side of a glass plate; the ridge and valley pattern of the fingertip is sensed by a sensing means such as an interrogating light beam. Fingerprint identification devices of this nature are routinely used to control the building-access or information-access of individuals to buildings, rooms, and devices such as computer terminals.
Various optical devices are known which employ prisms upon which a finger whose print is to be identified is placed. The prism has a first surface upon which a finger is placed, a second surface disposed at some angle to the first surface through which the fingerprint is viewed and a third illumination surface through which light is directed into the prism. In some cases, the illumination surface is at an acute angle to the first surface, as seen for example, in U.S. Pat. Nos. 5,187,482 and 5,187,748. In other cases, the illumination surface is parallel to the first surface, as seen for example, in U.S. Pat. Nos. 5,109,427 and 5,233,404.
U.S. Pat. No. 4,353,056 in the name of Tsikos issued Oct. 5, 1982, discloses an alternative kind of fingerprint sensor that uses a capacitive sensing approach. The described sensor has a two-dimensional, row and column, array of capacitors, each comprising a pair of spaced electrodes, carried in a sensing member and covered by an insulating film. The sensors rely upon deformation to the sensing member caused by a finger being placed thereon so as to vary locally the spacing between capacitor electrodes, according to the ridge/trough pattern of the fingerprint, and hence, the capacitance of the capacitors. In one arrangement, the capacitors of each column are connected in series with the columns of capacitors connected in parallel and a voltage is applied across the columns. In another arrangement, a voltage is applied to each individual capacitor in the array. Sensing in the respective two arrangements is accomplished by detecting the change of voltage distribution in the series connected capacitors or by measuring the voltage values of the individual capacitances resulting from local deformation. To achieve this, an individual connection is required from the detection circuit to each capacitor.
The analysis of fingerprints is discussed in the following references, which are hereby incorporated by reference:    Xiao Qinghan and Bian Zhaoqi: An approach to Fingerprint Identification By Using the Attributes of Feature Lines of Fingerprint,” IEEE Pattern Recognition, pp 663, 1986;    C. B. Shelman, “Fingerprint Classification—Theory and Application,” Proc. 76 Carnahan Conference on Electronic Crime Countermeasures, 1976;    Feri Pernus, Stanko Kovacic, and Ludvik Gyergyek, “Minutaie Based Fingerprint Registration,” IEEE Pattern Recognition, pp 1380, 1980;    J. A. Ratkovic, F. W. Blackwell, and H. H. Bailey, “Concepts for a Next Generation Automated Fingerprint System,” Proc. 78 Carnahan Conference on Electronic Crime Countermeasures, 1978;    K. Millard, “An approach to the Automatic Retrieval of Latent Fingerprints,” Proc. 75 Carnahan Conference on Electronic Crime Countermeasures, 1975;    Moayer and K. S. Fu, “A Syntactic Approach to Fingerprint Pattern Recognition,” Memo Np. 73-18, Purdue University, School of Electrical Engineering, 1973;    Wegstein, An Automated Fingerprint Identification System, NBS special publication, U.S. Department of Commerce/National Bureau of Standards, ISSN 0083-1883; no. 500-89, 1982;    Moenssens, Andre A., Fingerprint Techniques, Chilton Book Co., 1971; and,    Wegstein and J. F. Rafferty, The LX39 Latent Fingerprint Matcher, NBS special publication, U.S. Department of Commerce/National Bureau of Standards; no. 500-36, 1978.
Although biometric authentication is a secure means of identifying a user, it has not penetrated the marketplace sufficiently to be on most desktops. Further, since most forms of biometric authentication require specialised hardware, market penetration is slow and requires both acceptance of the new hardware and a pressing need. The motivation for a company to establish such sophisticated user authentication systems, despite the considerable time and resources that are involved, is the potential that they will incur even greater losses in the event that an unauthorized third party gains access to their secure files.
Secure files are often stored on a computer or network server only in an encrypted form. A user wishing to have access to an encrypted file must first be authenticated as an authorized user of the system. Once the user has been authenticated, a key is provided to the user for the purpose of decrypting the contents of the electronic file and thus allowing the user access to the file.
Key management systems are well known. One such system, by Entrust® Technologies Limited is currently commercially available. Unfortunately, current key management systems are designed for installation on a single computer for use with a single fixed user authorization method and for portability between computers having a same configuration. As such, implementation of enhanced security through installation of biometric input devices is costly and greatly limits portability of key databases. For example, when using Entrust® software to protect a key database, the database is portable on a smart card or on a floppy disk. The portable key database is a duplicate of the existing key database. User authentication for the portable key database is identical to that of the original key database. The implications of this are insignificant when password user authentication is employed; however, when biometric user authentication such as retinal scanning or fingerprint identification are used, the appropriate biometric identification system is required at each location wherein the portable key database is used.
To minimize the risk of key compromise the members of an organisation are permitted to travel with limited portable key databases, preferably restricted to the secure keys of a single user.
Another system that is known for key management includes a key-server. A key-server is a single system that provides keys to individuals upon identification or authorization. Such a system is useful in large organisations since it permits changing of system access codes without requiring every user to provide their personal key data storage device. Because of the extreme problems associated with losing secure keys, it is essential that a key-server be backed up appropriately. Further, it is necessary that the key-server be available at all times. This is currently achieved through duplication of key-servers. Unfortunately, key-servers are costly and this makes their implementation problematic in some instances. For example, a company performing a trial of a new user access system, such a fingerprint identification system, often purchases and installs only a handful of “test” workstations. Thus, to try out ten (10) fingerprint scanners with a key-server configuration requires two robust key-servers having full backup capabilities, a main key-server and a duplicate key-server, and 10 fingerprint imagers. Since a fingerprint imager is likely to cost much less than 10% of the cost of the key-servers, the additional cost is extremely undesirable, dissuading potential customers from performing trials. Eliminating a need for a duplicate key-server would be highly advantageous.
Another serious limitation of key management systems configured with a key-server is that individuals do not have access to secure files when they are other than at a workstation in communication with the key-server. Individuals who are required to fly during a business trip may wish to avail themselves of the extra time to edit a report, for example, which is stored on a local hard drive within a portable computer. The electronic file containing the report, however, is stored only in an encrypted form. In order to decrypt the file, the user must first be authenticated by and then receive a key from a key-server. Since a key-server is generally other than accessible when the user is other than at work, the user's ability to perform tasks from remote locations is greatly reduced. It would be advantageous to provide a system to allow a user to gain access to a system using a portable key storage device and, as such, have access to a predetermined set of keys both at work and elsewhere.