Biometric samples used for interactive user or network authentication are different from the traditional password or cryptographic key used in current authentication schemes in that they differ every time they are sampled. Biometric samples are not ideal for cryptographic key material for several reasons. They have limited strength and the entropy of a cryptographic seed can be regenerated or changed. Biometric samples are not absolute values; they are samples and may differ from one sampling to the next. Cryptographic keys are absolutes defined from an original seed whereas biometric readings vary. Because of these limitations, biometric samples are not optimum choices for cryptographic key material.
Biometric samples are typically matched against a stored sample (often referred to in the industry as a “template”) that was previously scanned and/or computed, and if a live match with a stored sample is validated, then stored cryptographic key material is released to the system to allows a user login session to proceed using that key material. However, if the matching process and/or key storage is done outside a secure environment, such as a physically secure server, the key material and/or reference template is subject to attacks and disclosure.
The current Windows™ architecture provided by Microsoft® Corporation of Redmond, Wash. supports password or Kerberos/PKINIT authentication, but does not support matching of biometric templates on the server as a normal part of authentication. Solutions provided today by biometric solution vendors typically store traditional login credentials such as passwords or x.509 based certificates on the client machines and then submit them after a valid template match against a reference biometric sample that is also stored on the client PC. In the current systems, the passwords, x.509 based certificates and reference templates are all subject to attack and disclosure because they reside outside the physically secured servers.
It is therefore desirable to provide a system or method that uses biometric identification in a secure environment. The present invention addresses these and other concerns.
This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
An advance in the use of biometric identification for access to an authentication system such as a Windows or Active Directory based domain infrastructure includes acquisition of biometric data from a user and inputting a user ID and PIN to a client computer. The client computer securely communicates with a biometric matching server which can match the user biometric data with a set of templates of biometric data for the user. The biometric server can verify that the user is authorized and identified. Once verified, the matching server transmits a temporary certificate along with cryptographic keys to the client computer. The temporary certificate and the keys are used to gain immediate access to the Kerberos authentication system. Subsequent use of the temporary certificate by the client will result in denied access to the Kerberos authentication system because the certificate has expired. Once the client computer gains access to the Kerberos system, then subsequent access to a secure set of computing resources may be obtained.
In the drawings:
The present invention functions well with a secure authentication computing system environment. One such existing authentication system environments is well known to those of skill in the art as Kerberos.
Kerberos includes two functional parts: an Authentication Server (AS) 104 and a Ticket Granting Server (TGS) 106. Kerberos works on the basis of “tickets” which serve to prove the identity of users. Using Kerberos, a client 102 can prove its identity to use the resources of a service server (SS) 108. Kerberos maintains a database of secret keys; each entity on the network, whether a client or a server, shares a secret key known only to itself and to Kerberos. Knowledge of this key serves to prove an entity's identity. For communication between two entities, Kerberos generates a session key which they can use to secure their interactions.
Using the Kerberos system, the client authenticates itself to an AS 104, then demonstrates to the TGS 106 that it's authorized to receive a ticket for a service (and receives it), then demonstrates to the SS that it has been approved to receive the service. The process begins when a user enters a username and password on the client 102. The client performs a one-way hash on the entered password, and this becomes the secret key of the client. The client sends a clear-text message to the AS 104 via link 110 requesting services on behalf of the user. At this point, neither the secret key nor the password is sent to the AS.
The AS 104 checks to see if the client 102 is in its database. If it is, the AS sends back the following two messages to the client via link 110:
*Message A: A client/TGS session key encrypted using the secret key of the user and
*Message B: A Ticket-Granting Ticket (which includes the client ID, client network address, ticket validity period, and the client/TGS session key) encrypted using the secret key of the TGS.
Once the client receives messages A and B, it decrypts message A to obtain the client/TGS session key. This session key is used for further communications with TGS. (Note: The client cannot decrypt the Message B, as it is encrypted using TGS's secret key.) At this point, the client 102 has enough information to authenticate itself to the TGS.
When requesting services, the client 102 sends the following two messages to the TGS 106 via link 112:
*Message C: Composed of the Ticket-Granting Ticket from message B and the ID of the requested service, and
*Message D: Authenticator (which is composed of the client ID and the timestamp), encrypted using the client/TGS session key.
Upon receiving messages C and D, the TGS 106 decrypts message D (Authenticator) using the client/TGS session key and sends the following two messages to the client 102 via link 112:
*Message E: Client-to-server ticket (which includes the client ID, client network address, validity period) encrypted using the service's secret key, and
*Message F: Client/server session key encrypted with the client/TGS session key.
Upon receiving messages E and F from TGS 106, the client 102 has enough information to authenticate itself to the SS 108. The client 102 connects to the SS 108 via link 114 and sends the following two messages:
*Message G: the client-to-server ticket, encrypted using service's secret key, and
*Message H: a new Authenticator, which includes the client ID, timestamp and is encrypted using client/server session key.
The SS 108 decrypts the ticket using its own secret key and sends the following message to the client 102 via link 114 to confirm its true identity and willingness to serve the client.
*Message 1: the timestamp found in client's recent Authenticator plus 1, encrypted using the client/server session key.
The client 102 decrypts the confirmation using its shared key with the SS 108 and checks whether the timestamp is correctly updated. If so, then the client 102 can trust the SS 108 and can start issuing service requests to the SS 108. The SS 108 can then provide the requested services to the client 102.
The present invention may advantageously use aspects of the Kerberos system with a biometric sampler device. In one environment a new framework may be implemented wherein a claimed user identity, such as a username, domain name, UPN, etc., a PIN/password and a reader-signed cryptographic biometric sample is sent securely to a newly defined Biometric-Matching Server that holds the reference templates for each user that is enrolled in the biometric system. If the claimed identity, PIN/password, signature on the sample, and match are all validated, then a temporary credential, such as an X.509 certificate or a symmetric key or a one-time-password, is generated and returned to the user. In one embodiment, an alternate temporary certificate can be used, such as is known by those of skill in the art. The user may then use the certificate for login in an automated or manual way with the authentication system.
This new framework provides better protection of cryptographic key material used for an interactive or network user login than current biometric implementations, such as the one described above. Advantages of the new framework include a cryptographic key inside a biometric sampling device may be used to protect the sample from tampering. This cryptographic key may be provided within integrated circuitry inside the biometric sampler. A key on the Biometric-Matching Server may be used for generating the temporary login certificate. This key resides on a physically secure server and is trusted by the network for creating credentials. The certificate that is given to the user for login is usable only for a very short time. And, this new framework is compatible with the current Kerberos/PKINIT authentication structure.
In a typical scenario involving aspects of the invention, the user can begin an access of the client by entering a user ID and PIN or password. This forms part of the user input 202. Client computer 206 can prompt the user to present a biometric sample. In some systems, the biometric sample may simply be collected passively instead of actively. The biometric sampler 204 collects the biometric sample of the user. The biometric sampler 204 then cryptographically signs the biometric sample and forwards to the client computer system 206. The cryptographic signature is used to protect the biometric sample against tampering within the client computer. The digital cryptographic signature establishes origin authentication to the biometric device that has taken the sample. This action attests that a fresh sample from a known source is provided to the client.
The client computer 206 then establishes a secure connection 226 to the biometric matching server 208 and transfers the biometric sample information. In one embodiment, a secure socket layer (SSL) and or a transport layer security (TLS) connection is made between the client 206 and the biometric matching server 208 or other secure link method to protect the sample from tampering in transit.
Information sent from the client 206 to the biometric server 208 includes the digital signature, biometric sample, user input PIN and/or password, and timestamp and/or nonce. If this data matches reference data associated with the user in the database of the biometric matching server 208, then the biometric matching server generates a cryptographic public/private key pair and digital certificate, such as a x.509 certificate for the user login session. The digital certificate is constructed with a short validity period such that it will expire in a short time. The digital certificate and key pair are sent via a secure link from the biometric matching computer 208 to the client computer 206. In one aspect of the invention, a temporary digital certificate is issued so as to increase the security level in obtaining access to the services server 212 resources. Many biometric device readers or biometric systems store a permanent certificate in their biometric reader or client computer. This increases the risk of illegitimate access by presentation of a certificate used in a prior access. By generating a temporary or ephemeral certificate recognized by the authentication system, the freshness of the biometric reading and the strength of the certificate are enhanced. An ephemeral certificate that is temporary in viability is more secure because it cannot be re-used to acquire more than one set of authentication system credentials in a fixed time period. In one embodiment, the fixed time period may be fixed at time interval from ten minutes to several hours. Hence, the certificates are unique for the particular authentication session. Failure to use the temporary certificate within the allotted time for authentication system access will result in denial of authentication system access due to the expiration of the certificate.
Once the key(s) and certificate have been issued, the client 206 can go forward to authenticate itself to a secure system 210 which in an exemplary implementation would be a Kerberos KDC (Key Distribution Center). An example authentication system is the Kerberos system. In one Kerberos authentication embodiment, the client presents the user ID, certificate, and signature as an authentication request to the Kerberos Authentication server (see
As a further security measure, the biometric data collected from the user is digitally signed. This digital signature of the biometric data indicates that a particular biometric sampling device was used to collect the data. For example, if a biometric device data that is not recognized by the client computer is presented, the client computer can reject the biometric data based on a failure of the client to recognize the sampling device used. In addition, a timestamp may be added to the biometric sample to attest to the freshness of the biometric sample data. For example, if time-stale data is presented to the client computer, the client computer may reject the biometric data as being old and possibly fraudulently submitted. As a further alternative, a nonce may be added along with or in lieu of a timestamp. In the instance where a timestamp and/or nonce is/are added, the digital signature may be applied to all of the collected data.
After collecting the user credentials and biometric data, a secure link is developed with the biometric matching server and the client computer securely transmits the collected data (step 306). The secure link may be established using a private key from the client to the biometric matching server. The private key used may come the biometric server if the key was given to the client in a secure transaction. Alternately, the private key could have securely provisioned by an external authority and given to the client. The client then uses the private key to encrypt the page a of data which includes the signed biometric data, the user ID and PIN or password, and the timestamp or nonce.
At the biometric server, many checks of the collected data are performed. The checks of step 308-316 may be performed in any logical order. In one embodiment, the package of biometric data and user credentials, along with timestamp and nonce data is examined for validity. The user ID is checked and matched with a list of authorized users listed in the biometric matching server (step 308). At this step, the biometric matching server verifies that a user matching the identity information exists. If the user does not exist the process 300 fails and the user logon terminates.
If password or PIN information was presented along with the biometric data collection, the information is verified as belonging to the authorized user (step 310). As before, if the validation of the user PIN or password information is invalid, the process 300 fails and the user logon terminates. Next, the biometric data itself is matched (step 312). The comparison of the submitted biometric data is preferably performed against a secure template of biometric data available via the biometric matching server. The template information may be provisioned by any secure means known to those of skill in the art. If the biometric match does not yield a statistically significant correlation or match, the process 300 fails and the user login terminates.
Another verification of the biometric data may be performed (step 314) if a timestamp or nonce was submitted or added at the time of biometric data collection. This timestamp or nonce data helps ensure that the biometric data obtained is fresh and not merely copied and resubmitted. In one embodiment, the nonce or timestamp may be generated by the biometric sampling device itself or by the client computer. In either case, the timestamp or nonce data may be added as a hardware added stamp on the biometric sample data as an indication of a recently collected sample. The hardware may be in integrated circuit in the biometric sampling device that adds a timestamp, nonce, and/or digital signature.
Another verification of the biometric data is the confirmation that the digital signature added by the biometric sampling device (step 316) authenticates the biometric device. If the biometric matching server does not recognize that the biometric sampling device indicated via the digital signature is one associate with the client computer, then the process 300 fails and the user login is terminated. The digital signature can also be used to verify that the biometric data and the timestamp and/or nonce have not been manipulated after generation by the sampling device.
Upon verification that the package of information given to the biometric matching server meets all of the criteria for acceptance, then keys and at least one temporary credential or certificate are generated (step 318). The biometric matching server generates a public/private key pair for use by the client. The public/private key pair is not limited by any specific cryptographic algorithm such as RSA, ECC, DH, or any other type as known to those of skill in the art. All types of cryptographic means compatible with the client and authentication system are useable in the present invention. Similarly, the certificate format is not limited to X.509. The format can be XrML, ISO REL, SAML, or any other format known to those of skill in the art. All types of digital certificates may be used provided that they are compatible with the client and authentication system. In addition, the cryptographic keys and methods used in any connection between functions such as the client, the biometric matching server, the authentication system, and the service server may be either symmetric or asymmetric.
The cryptographic keys used in the biometric readers, scanning or sampling devices may be provisioned during manufacture or they may be provisioned by an organization using a cryptographic key hierarchy, public key infrastructure, or other external authority. The cryptographic keys generated on the biometric matching server may be generated in software, they may be generated using a hardware devices such as an HSM or accelerator, they may be generated using a pre-computed list of keys loaded from an external source traceable to a key authority.
Returning to
In one embodiment, the client may initiate a Kerberos protocol as described above with respect to
In one alternative to the method of
In one embodiment of the method
In one embodiment of the invention, the functions of
Although not required, embodiments of the invention can also be implemented via an operating system, for use by a developer of services for a device or object, and/or included within application software. Software may be described in the general context of computer-executable instructions, such as program modules, being executed by one or more computers, such as client workstations, servers or other devices. Generally, program modules include routines, programs, objects, components, data structures and the like that perform particular tasks or implement particular abstract data types. Typically, the functionality of the program modules may be combined or distributed as desired in various embodiments. Moreover, those skilled in the art will appreciate that various embodiments of the invention may be practiced with other computer configurations. Other well known computing systems, environments, and/or configurations that may be suitable for use include, but are not limited to, personal computers (PCs), automated teller machines, server computers, hand-held or laptop devices, multi-processor systems, microprocessor-based systems, programmable consumer electronics, network PCs, appliances, lights, environmental control elements, minicomputers, mainframe computers and the like. Embodiments of the invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network/bus or other data transmission medium. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices and client nodes may in turn behave as server nodes.
With reference to
Computer system 410 typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by computer system 410 and includes both volatile and nonvolatile media, removable and non-removable media. By way of example, and not limitation, computer readable media may comprise computer storage media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, Compact Disk Read Only Memory (CDROM), compact disc-rewritable (CDRW), digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by computer system 410.
The system memory 430 includes computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) 431 and random access memory (RAM) 432. A basic input/output system 433 (BIOS), containing the basic routines that help to transfer information between elements within computer system 410, such as during start-up, is typically stored in ROM 431. RAM 432 typically contains data and/or program modules that are immediately accessible to and/or presently being operated on by processing unit 420. By way of example, and not limitation,
The computer system 410 may also include other removable/non-removable, volatile/nonvolatile computer storage media. By way of example only,
The drives and their associated computer storage media discussed above and illustrated in
A user may enter commands and information into the computer system 410 through input devices such as a keyboard 462 and pointing device 461, commonly referred to as a mouse, trackball or touch pad. Other input devices (not shown) may include a microphone, joystick, game pad, satellite dish, scanner, or the like. These and other input devices are often connected to the processing unit 420 through a user input interface 460 that is coupled to the system bus 421, but may be connected by other interface and bus structures, such as a parallel port, game port or a universal serial bus (USB). A monitor 491 or other type of display device is also connected to the system bus 421 via an interface, such as a video interface 490, which may in turn communicate with video memory (not shown). In addition to monitor 491, computer systems may also include other peripheral output devices such as speakers 497 and printer 496, which may be connected through an output peripheral interface 495.
The computer system 410 may operate in a networked or distributed environment using logical connections to one or more remote computers, such as a remote computer 480. The remote computer 480 may be a personal computer, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above relative to the computer system 410, although only a memory storage device 481 has been illustrated in
When used in a LAN networking environment, the computer system 410 is connected to the LAN 471 through a network interface or adapter 470. When used in a WAN networking environment, the computer system 410 typically includes a modem 472 or other means for establishing communications over the WAN 473, such as the Internet. The modem 472, which may be internal or external, may be connected to the system bus 421 via the user input interface 460, or other appropriate mechanism. In a networked environment, program modules depicted relative to the computer system 410, or portions thereof, may be stored in the remote memory storage device. By way of example, and not limitation,
Various distributed computing frameworks have been and are being developed in light of the convergence of personal computing and the Internet. Individuals and business users alike are provided with a seamlessly interoperable and Web-enabled interface for applications and computing devices, making computing activities increasingly Web browser or network-oriented.
For example, MICROSOFT®'s .NET™ platform, available from Microsoft Corporation, includes servers, building-block services, such as Web-based data storage, and downloadable device software. While exemplary embodiments herein are described in connection with software residing on a computing device, one or more portions of an embodiment of the invention may also be implemented via an operating system, application programming interface (API) or a “middle man” object between any of a coprocessor, a display device and a requesting object, such that operation may be performed by, supported in or accessed via all of .NET™'s languages and services, and in other distributed computing frameworks as well.
As mentioned above, while exemplary embodiments of the invention have been described in connection with various computing devices and network architectures, the underlying concepts may be applied to any computing device or system in which it is desirable to implement a biometric credential verification scheme. Thus, the methods and systems described in connection with embodiments of the present invention may be applied to a variety of applications and devices. While exemplary programming languages, names and examples are chosen herein as representative of various choices, these languages, names and examples are not intended to be limiting. One of ordinary skill in the art will appreciate that there are numerous ways of providing object code that achieves the same, similar or equivalent systems and methods achieved by embodiments of the invention.
The various techniques described herein may be implemented in connection with hardware or software or, where appropriate, with a combination of both. Thus, the methods and apparatus of the invention, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program code is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the invention.
While aspects of the present invention has been described in connection with the preferred embodiments of the various figures, it is to be understood that other similar embodiments may be used or modifications and additions may be made to the described embodiment for performing the same function of the present invention without deviating therefrom. Furthermore, it should be emphasized that a variety of computer platforms, including handheld device operating systems and other application specific operating systems are contemplated, especially as the number of wireless networked devices continues to proliferate. Therefore, the claimed invention should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended claims.