Secure id checking
Abstract
A cost-effective system that provides for the efficient protection of transmitted non-public attribute information may be used, for example, to control access to a secure area. Encryption of the attribute information may be performed using symmetric encryption techniques, such as XOR and/or stream cipher encryption. A centralized database that stores and transmits the encrypted attribute information may generate the encryption/decryption key based on selected information bytes, for example, as taken from a card inserted into a handheld device used at the secure area. The selected information to generate the encryption key stream may be varied on a periodic basis by the centralized database. Information as to which selected bytes are to be used for a particular access authorization request may be transmitted to the handheld unit or may be input through action of a user of the handheld unit, for example by entry of a PIN code.
Claims
exact text as granted — not AI-modified1 . A method for secure ID checking, comprising:
receiving attribute information of a user, wherein at least a portion of said attribute information is encrypted attribute information; identifying said encrypted attribute information in response to an access request initiated by a card presented by the user; generating a decryption key for said encrypted attribute information using at least some of the information on the card; decrypting said encrypted attribute information to generate clear text attribute information; displaying said clear text attribute information; granting or denying access of the user to a secure area based on said clear text attribute information.
2 . The method of claim 1 , wherein generating a the decryption key includes generating a symmetric decryption key.
3 . The method of claim 1 , wherein said attribute information is received from a secure computer.
4 . An apparatus for secure ID checking, comprising:
machine executable code for receiving attribute information of a user, wherein at least a portion of said attribute information is encrypted attribute information; machine executable code for identifying said encrypted attribute information in response to an access request initiated by a card presented by the user; machine executable code for generating a decryption key for said encrypted attribute information using at least some of the information on the card; machine executable code for decrypting said encrypted attribute information to generate clear text attribute information; machine executable code for displaying said clear text attribute information to enable granting or denying access of the user to a secure area based on said clear text attribute information.
5 . The apparatus of claim 4 , wherein generating a decryption key includes generating a symmetric decryption key.
6 . The apparatus of claim 4 , wherein said attribute information is received from a secure computer.
7 . A system for secure ID checking, comprising:
a database an access control device coupled to the database and having a card reader device, wherein said access control device receives attribute information of a user from said database, and wherein at least a portion of said attribute information is encrypted; and a decryption device coupled to said access control device, wherein said decryption device decrypts said encrypted attribute information received from said database to generate clear text attribute information using a decryption key, wherein the decryption key is generated using information obtained by the card reader device from a card presented by the user.
8 . The system of claim 7 , wherein said decryption key is a symmetric decryption key.
9 . The system of claim 7 , wherein said database is a secure computer.
10 . The system of claim 7 , wherein the attribute information of the user is transmitted periodically from the database to the access control device.
11 . The system of claim 7 , wherein the attribute information is transmitted to the access control device in response to a request from the access control device.
12 . The method of claim 1 , wherein the attribute information of the user is transmitted periodically from the database to the access control device.
13 . The method of claim 1 , wherein the attribute information of the user is transmitted to the access control device in response to a request from the access control device.
14 . The apparatus of claim 4 , wherein the attribute information of the user is transmitted periodically from the database to the access control device.
15 . The apparatus of claim 4 , wherein the attribute information of the user is transmitted to the access control device in response to a request from the access control device.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.