Method of identifying living finger
FIELD: physics; image processing.
SUBSTANCE: present invention relates to dactylography and can be used for preventing unauthorised access to a protected system by random persons. The method of identifying a living finger is based on comparing distinctive features of a papillary figure when a finger is pressed twice to the receiving surface of a scanner. The degree of linearity of displacement of coordinates of the distinctive features of the papillary figure determines whether the finger is living.
EFFECT: increased security of the system.
The present invention relates to the field of equipment that prevent unauthorized access to the protected system, and can be used to prevent access to the system of unregistered persons, or persons intending to commit illegal actions in respect of the protected system. By system we mean a communication channel with the Bank, a secure facility, the office of public authorities, etc. the Method is based on the comparison of fingerprints (or hands) of the user of the protected system with data stored in a database of electronic images of fingerprints and allows to distinguish the fake finger from the real user's finger.
Known analogue of the invention, such as method and device for verification transaction (patent WO 9618169 A1, IPC7G06K 9/00, priority from 01.12.1995,), which consists in the following. Using the scanning device receives the fingerprint of the person conducting the transaction, and then through the device forming electronic signals to convert the received fingerprint in the electronic image and remember it. Then the stored electronic image is compared with the electronic image corresponding to the fingerprint image of the person conducting the transaction.
The transaction is permitted only when e is trip the fingerprint image of the person, conducting the transaction, mainly coincides with the stored electronic image of the fingerprint of the individual who is authorized to conduct the transaction. In case of discrepancy between the image resolution on the transaction is not given. The disadvantage of this method is that it does not allow to distinguish the dummy coated with a papillary relief pattern from a live finger client and in the absence of additional visual control in the protected system can penetrate the attacker.
Also known a method and a device for verifying the identity of the person, where the coordinate system of the device, the constant for fingerprint, is a control (application US 2004/0175023 A1, IPC7G06K 9/00, publ. 09.09.2004 year). This invention is based on the idea of using a fingerprint in a permanent system of coordinates in such a way as to make possible the comparison of private attributes (features) of papillary pattern in a continuous coordinate system while checking the identity of the person. The disadvantage of this method is that it does not allow to distinguish the fake from the real (live) finger client.
As a prototype of the claimed invention, the selected method of restricting access to the protected system described in the patent of Russian Federation №2289845, IPC7G06F 21/20, G06F 21/06, published 20.12.2006. The method is to t the m receive the first image of the fingerprint of the user of the system, identify the user's identity by comparing the first image with a set of images from the database system, first determine the coordinates of the features of the first image in the coordinate system located on the receiving surface of the scanner, and put the first coordinates of the features in the database system, then get the second fingerprint image of the user in the same coordinate system, determine the second coordinates of the features of the second image, and enter the second coordinates of the features in the database system, determine the difference between the first and second coordinates for the same features of the first and second images and the equality-difference zero accept negative the decision to admit a user to the system, and when zero is a positive decision.
In comparison with the known technical solutions, this method provides a higher degree of system protection, but it also does not allow to distinguish the fake from the real user's finger. Quite the same model with offset or rotated, to enter into the system, and the system skips the attacker. This is the disadvantage of the prototype.
The purpose of this invention is to provide such a method is limited to what I have access to the protected system, which would surely distinguish the fake from the real user's finger to exclude intruders in the protected system.
This is achieved by the fact that
in the coordinate system located on the receiving surface of the device for registration of papillary pattern, combine the first and second images of papillary pattern of the user's finger;
- determine the direction and magnitude of displacement coordinates for the same features of the first and second images papillary pattern;
in the case of a linear dependence of the directions and magnitudes of the displacements are judged on application to the receptive surface of the dummy finger, and the nonlinear dependence of a living finger of the user.
The following should be noted. The fake finger made on its surface relief pattern of papillary lines is usually made from rubber. When the application of the model to the receptive surface of the device for registration of papillary pattern get the image on the basis of which define the characteristics of papillary pattern (split line, merging lines, finish lines, the beginning of the line). In a double application of the model to the receptive surface of the device and subsequent combining of the received images of the same features may not match due to the displacement and is iformatsii imitation. If the shift dummy is formed in a natural way, the deformation is manifested by differences in the direction of pressing of the model. However, as studies have shown, the direction and magnitude of displacement of the coordinates of the features for the model are almost linear dependence, i.e. they are formed mainly due to the displacement of the dummy, but not its deformation. It is shown that the direction and magnitude of displacements of the features of papillary pattern of dummy equal. Similarly behave features and when you rotate the model, only in this case, a linear relationship appears after resetting the second image to the first to combine the images.
For a living finger, the skin which has a high ductility and plasticity, of a zone-inhomogeneous elasticity, the direction and magnitude of displacement of the coordinates of the features of papillary pattern with double application of the finger to the receptive surface with subsequent combination of the images is clearly non-linear. Coordinate shift characteristics are significantly different or direction, or magnitude, and usually one and the other together. This fact is known.
The essence of the method is illustrated on the drawing.
Drawing on the example of two identical characteristics shows the magnitude and direction of offset the deposits of first coordinates to the second coordinates of the combined first and second images of the model.
Drawing (b) on the example of two identical characteristics shows the magnitude and direction of displacement of the first coordinates to the second coordinates of the combined first and second images of the real (live) finger.
The method is implemented consistent with the following steps.
Using the device for registration of papillary pattern (hereinafter referred to as test - scanner) receive the first image of the fingerprint of the user of the protected system.
Identify the user's identity by comparing the first image with the existing database system, the set of images. If the identification is found that the identity of the user registered in the system then performs the subsequent steps of the method, otherwise, the system issues a denial of access. Use cases identify results here are different, but they are not the essence of the method. It should be noted that this step is not yet known, was applied to the scanner dummy or live finger.
In the coordinate system associated with the receptive surface of the scanner, first determine the coordinates of the features of the first image and retain the first coordinates of the features in the database system.
Using the same scanner receive a second image of the fingerprint of the user. Determine the second is oordinate features of the second image in the coordinate system of the scanner and store the second coordinates of the features in the database system.
Combine the first and second image of the fingerprints of the user taking into account the fact that these images are obtained in the same coordinate system of the scanner.
Compare the features of the first and second images, and then by comparing the results recognize the same features (corresponding to each other when turning or transfers fingerprint on the receiving surface of the scanner). For found the same characteristics determine the direction and amount of displacement of the same features of papillary pattern (for each particular use coordinates of this feature on the first and second images).
In the case of a linear dependence of the direction and magnitude of displacement of the same features make the decision about the application to the receptive surface of the scanner dummy finger, and the nonlinear dependence of a living finger of a user of the system. The decision model can, for example, to cancel the access to the system, even if the identification showed that the identity of the user registered in the system.
The sequence of method completed.
For rubber dummy (see drawing a) for example, two points of features shows the direction and displacement of their movements in a double latch finger to the receptive surface of the scanner. One feature point And remedies in point A1, another feature of the B point moves to the point B1. For dummy takes place ravnopravnosti point displacements, and the approximate equality of displacements. It is estimated by the values of the arguments and modules of the vectors A-A1 and b-B1 formed by the coordinates of corresponding features as points. For dummy finger characteristic linear dependence of directions and displacements of points. In the case of a live finger (see drawing b) are significantly different control point displacements, or the magnitude of their displacement, or both together. The vectors A-A1 and b-B1 characterized by a noticeable difference between the values of the arguments and values of the modules, i.e. the observed nonlinear dependence of the directions and/or displacements of points. The applicant developed a criterion for evaluating the nonlinearity of the directions and/or displacements of the features of papillary pattern, which allows us to distinguish the fake finger from a live finger. If you do not consciously apply extra effort to sameness touch your finger to the receptive surface of the scanner, the nonlinear dependence of the directions and magnitudes of displacements confidently observed.
Thus, the proposed method allows the applicant significantly increase the reliability of protection against intruders in the protected system.
According to the applicant proposed the technical solution has novelty, distinctive signs, industrial applicability, is not clear from the current level of technology and may be protected by a patent for an invention.
The method of recognition of a living finger, namely, that using the device for registration of papillary pattern get the first image of the fingerprint of the user of the system, identify the user's identity by comparing the first image with a set of images from the database system in the coordinate system located on the receiving surface of the device, first determine the coordinates of the features of the first image and store them in the database system, then get the second fingerprint image of the user of the system, determine the second coordinates of the features of the second image and store them in the database system, wherein the coordinate system is located on the receiving surface of the device, combine the first and second images to determine the direction and magnitude of displacement coordinates for the same features of the first and second images upon detection of the nonlinear dependence of the direction and/or magnitude of displacement of the coordinates of the same features, decide on a live finger of a user of the system, and upon detection of linear dependence of the directions and the amounts of displacement of the coordinates of the same features decide the dummy finger.
FIELD: information technology.
SUBSTANCE: present invention relates to the mechanism of digital rights management (DRM), and more specifically, to the method and apparatus for sharing content between domains with different DRM. The first DRM-device comprises an unpacking resource for unpacking the contents formatted with first DRM, into clean resources, metadata and rights expression; conversion means for transforming each of the clean resources, metadata, and the expression of rights in its own predefined neutral format, respectively; means of forming neutral-formatted contents, combining the converted resources, metadata and rights of expression, adding to the pre-defined header information; and transferring means for transmission of neutral-formatted contents of the second DRM-mentioned device. The second DRM-device comprises means of extracting the clean resources, metadata, and the expression rights of the neutral-formatted contents, transferred from the above mentioned first DRM-device, and means of packing of the extracted clean resources, the metadata and expression of the rights in the contents formatted with second DRM.
EFFECT: more functional capabilities.
26 cl, 8 dwg
FIELD: information technology.
SUBSTANCE: present invention relates to the identification of an executable file, or another beneficiary for determining the credibility of the resource object so that this object can provide a resource for the executable file. Resource is received from the resource provider for a resource requester, which functions on a computer device. The resource requester has an associated identifier descriptor. The identifier descriptor includes information related to security, giving the environment in which the resource requester operates. An identification code (ID code) is generated in accordance with loaded resource requester and the loaded identifier descriptor, based on the loaded resource requester and the loaded identification code. The resource provider makes sure that the calculated id-Code in request for a resource coincides with one of one or more valid id-Codes for the identified resource requester, so as conclude, that resource requester and identifier descriptor can be trusted, and the resource provider responds to the request by providing the resource requester with the resource.
EFFECT: invention can increase the credibility of executable files, or other recipient of the resource by the resource providers.
36 cl, 4 dwg
FIELD: physics, computation technology.
SUBSTANCE: invention concerns method and device of digital rights management. When authorisation on server is not accessible, operations with minimised risk are allowed by implementation of internal authorisation scheme. Authorisation method for operation to be performed on digital element involves definition of first operation group members including first predetermined group of operations on digital element, and second operation group including second predetermined group of operations on digital elements; comparison of predetermined operation to be performed on digital element to operations included in each indicated operation group; external authorisation with access to authorising server if operation belongs to first operation group; internal authorisation by device if operation belongs to second operation group; and authorisation of operation to be performed on digital element if one of listed authorisations brings positive result.
EFFECT: enhanced security level of operations with digital content.
13 cl, 5 dwg
FIELD: physics, computer engineering.
SUBSTANCE: invention is related to protection systems. Unit of protection and method realise requests for data from USB device or other similar device, at that protected component may realise protected communication to device without variation of underlying USB bus protocol, or device, even where software that controls the bus is not trusted. Protection unit (physically separated or integrated in device or concentrator) intercepts data transmitted from device into protected component in response to request for data. Signal of data reception confirmation unavailability is transmitted into protected component, and data are coded. The following request for data is intercepted, and coded data are sent in response. Confirmation of data reception from protected component in device is allowed to reach the device. In order to process request for installation, permit command that contains coded and decoded installation command is sent to protection unit. If coding is checked successfully, then installation command sent to device (via protection unit), is allowed to reach the device.
EFFECT: provision of improved protection.
32 cl, 6 dwg
FIELD: physics; computer engineering.
SUBSTANCE: present invention pertains to authentication of applications. Identifier of the corresponding distributor is retrieved from meta data applications. Certificates are received. Each certificate contains one or more identifiers of corresponding distributors. The above mentioned identifiers are retrieved from certificates and certificates are chosen, based on comparison of identifiers, retrieved from meta data applications and certificates, such that, the relationship between the identifier and the distributor is controlled so that, certificates could be used only for identifying applications, distributed by identified distributors.
EFFECT: provision for selecting a certificate for authenticating an application, linked to a distributor.
15 cl, 4 dwg
FIELD: physics; computer engineering.
SUBSTANCE: present invention pertains to control of generation of cryptographic keys in an information media, comprising a party which generates the key and distributes the key information for the party using the key. Through a given unilateral function of deriving keys, a relationship between key generations is determined, which is such that, earlier generation of keys can be more efficiently derived from later generation, but not the opposite. Each time, when necessary, the party using the key iteratively receives the given unilateral function of deriving keys for outputting the key information of at least, one previous key generation from the key information of new key generation. That way, memory requirements for the party using the key can considerably be reduced.
EFFECT: protection of data during recording.
32 cl, 6 dwg
FIELD: physics; computer engineering.
SUBSTANCE: present invention pertains to the architecture and method of establishing a secure multimedia channel for content delivery. The computer device has a secure multimedia channel for delivering content from a source to a receiver. In the secure channel, the multimedia base provides a secure environment in the computer device and comprises a common infrastructure of key components, processing content from any specified source and delivering the processed content to any specified receiver, and also comprises a policy implementation unit, providing for compliance with policy on behalf of the source. The policy corresponds to the content from the source and comprises rules and requirements for accessing the content and its playback. The multimedia base provides for secure transmission of content through the computer device and allows for arbitrary processing of protected content in the computer device.
EFFECT: increased security of content from unauthorised use.
23 cl, 6 dwg
FIELD: information technologies.
SUBSTANCE: invention can be used in system of the forced performance of requirements which provides access possibility to the enciphered digital content on a computing mechanism only according to parametres the certain rights of the license got by the user of digital contents. The first confidential builder on the first computing mechanism carries out cryptographic, an estimate and the forced performance of requirements and forcedly contacts it, the first certificate of the user device corresponding to the first computing mechanism, forcedly contacts the user. Accordingly, the second confidential builder on the second computing mechanism carries out cryptographic processing, an estimate and the forced performance of requirements and forcedly contacts it, the second certificate of the user device corresponding to the second computing mechanism, also forcefully contacts the user. The first competent builder gains contents for reproduction on the first computing mechanism by means of the first certificate of the user device and the license, and the second confidential builder gains contents for reproduction on the second computing mechanism by means of the second certificate of the user device and the same license.
EFFECT: prevention of non-authorised duplication of digital content by the user related to the digital license and having of some computing mechanisms.
16 cl, 6 dwg
FIELD: physics, computer technology.
SUBSTANCE: invention concerns digital rights management system. (DRM) features multiple DRM servers with DRM functionality, and incoming server DRM-I is registered in the system by registration server DRM-R, so that incoming server DRM-I should be a trust server in this system. DRM-I server sends registration request to DRM-R server including representative identification data and public key (PU-E). DRM-R server checks validity of representative identification data, and if the request can be met, DRM-R server generates digital registration certificate by (PU-E) for DRM-I server for registration of DRM-I server in DRM system. Just registered DRM-I server with generated registration certificate can use it for delivery of documents with DRM in DRM system.
EFFECT: possible controlled reproduction or replay of arbitrary digital content forms in medium where documents are shared by a definite group of users.
74 cl, 17 dwg
FIELD: physics, computer technology.
SUBSTANCE: invention deals with data protection systems. Certificate-based encryptation mechanism failing to envisage the client source computer access to the whole of the certificate corresponding to the client target computer during encryptation of the e-message to be transferred to the client target computer. Instead the client source computer addresses the certificate server a request for but part of the certificate. The certificate part referred to contains encryptation information but may fail to include (completely or partly) the certificate self-checking information. The certificate server preferably carries out any check of the certificate authenticity before transfer of encryptation information to the client source computer which enables obviation of the need to specifically perform certificate authenticity check with the client source computer especially if the certificate server has been checked for trustworthiness with the client source computer.
EFFECT: reduction of amount of memory and processor resources used for certificate-based encryptation as well as minimisation of requirements to the width of band between certificate server and client source device.
36 cl, 8 dwg
FIELD: physics, computer engineering.
SUBSTANCE: invention is related to access to information in computer system with application of recognition and comprehension. Invention provides for realisation of user input recognition prior to completion of user input, i.e. at user, but not system stage, which makes it possible to avoid alternating character of plain-text dialog with computer. Semantic analyses may be assessed on result that is immediately reported to user.
EFFECT: provides for mode of verbal input, which dynamically reports partial semantic analyses while perception of audio signal still continues.
24 cl, 7 dwg
FIELD: physics, computer technology.
SUBSTANCE: invention deals with techniques employed for protection of data in the course of biometrical identification and authentification and is highly relevant for e-transaction conclusion, e-trade and Internet-banking. In case of neuron network storage of the user personal key and biometrical parameters encryption of the neuron network description tables is done with segments of the key located within the neuron network proper.
EFFECT: neuron network container enhanced resistance to brute force attacks due to the Alien's error expansion effect.
3 cl, 2 dwg
FIELD: physics; computer technology.
SUBSTANCE: present invention pertains to associative identification devices. The device contains P parallel adders and P units for calculating the activation function, P groups of units for generating membership function values.
EFFECT: increased accuracy and wider functional capabilities.
SUBSTANCE: invention relates to the field of identifying fingerprints, palm-prints and footprints and can be used in criminology, in systems of averting unauthorised access to protected premises. The technical result is the increase in the speed of comparison of fingerprints. The result is reached by building a nest for each feature, which contains the geometric and topological characteristics of the vicinity of a feature, comparing the nests of different patterns first with respect to the topological characteristics, and then according to geometric characteristics, separating the best pairs of nests and, from each chosen pair of nests, developing in parallel the fragments of the compared patterns by the method of passage from one pair of nests to another along the way of the best comparison of nests, accumulating the estimations of the comparison of nests for each way of the development of fragment and selecting the best estimation.
EFFECT: increase in the speed of comparing fingerprints.
2 cl, 2 tbl, 5 dwg
FIELD: surveillance equipment, in particular, analysis of image, produced by an optical or different type of device.
SUBSTANCE: in a shop, video surveillance or motion detection or presence detection means are used, and also purchase registration means, routes of movement of hands of operator and/or product, corresponding to conduction of technological operation, are analyzed, most characteristic ones are singled out, areas of movement detection of detection of presence of operator hands and/or goods are selected. Detected routes are described in form of scenarios which represent a set of time-ordered events, including influx of signals from presence and motion control areas, with consideration of their time relations. Influx of signals from observed areas is detected. Signals are combined in a series and compared to available scenarios. On coincidence of a received series of signals with one or more scenario, receipt of signal from operation completion sensor during a time interval, determined by that scenario, is checked. In case of absence of signal from operation completion sensor the operation is classified as incorrectly performed, and actions of operator are classified as abuse.
EFFECT: detection of incorrect actions of operator with allowed frequency of false activations.
8 cl, 7 dwg
FIELD: artificial intelligence systems, possible use for identification of complex graphic objects on an image, may be used in electronic workflow systems.
SUBSTANCE: in accordance to the method, spectral representation is generated in form of coordinate-phase portrait of object image. Then wavelet transformation of portrait is performed and at each level of transformation a characteristic vector of signs is formed, which consists of statistical characteristics of distributions of wavelet coefficients. Further, distances are computed between coordinate of signs vector of graphic object being analyzed and centers of clusters of characteristic vectors of standard objects. Resulting distances are recorded in a table. Then the table is sent to classifier. The data from the classifier are received at the block for making decisions about association of object being analyzed with one of the permitted classes, where the decision is then made.
EFFECT: increased trustworthiness when recognizing graphic objects due to extraction of signs from images being analyzed which make it possible to efficiently describe objects being analyzed under conditions when the manner of handwriting influences their structure.
FIELD: methods for digital processing of images, possible use for classification of underlying surface in multi-channel systems for remote probing.
SUBSTANCE: method includes forming an image of underlying surface in q spectral channels with various location sensors, performing geometrical correction and presentation of component images in unified system of spatial coordinates, density of brightness value probability is transformed to gauss form of those component images in which it is different from gauss form, class number of underlying surface is determined for each element of multi-channel image, and when generating component images of underlying surface for every element of component image, a posteriori probabilities of association of given element of component image with k class of underlying surface (k=1,2,...,K) are determined, for every element of multi channel image a posteriori probabilities of association of that element with k class of underlying surface are determined by addition of corresponding a posteriori probabilities of component image and their normalization to number of channels q, class number of underlying surface is determined for each element of multi-channel image on basis of maximum value of a posteriori probability of association of given element of multi-channel image with k class of underlying surface.
EFFECT: increased precision of underlying surface classification on basis of multi-channel image.
FIELD: methods for automatic decision making in informational and controlling systems of robot-engineering complexes, in particular, technical vision systems and television systems for detecting, tracking and recognizing objects, may also be used in automated systems for controlling situation of various purposes.
SUBSTANCE: image recognition method additionally includes operation for detecting local extremes, while a priori unknown structure of image being recognized, presence and location of its component objects, are determined not by using preliminarily given object standard, but on basis of analysis of characteristics of a set of local extremes detected on image signal being analyzed.
EFFECT: expanded area of application of recognizing informational machines to include cases of a priori indeterminacy of characteristics of objects being analyzed and conditions of observation of those objects.
FIELD: automatics and computer science, possible use in systems for automatic recognition of images for recognizing states of objects on basis of their parameter values.
SUBSTANCE: device additionally includes multi-channel commutator, analog-digital converter, and logical elements AND are made in form of a block of logical elements AND, while information input of multi-channel commutator is the information input of the device, address inputs of multi-channel commutator are connected to outputs of address counter and to address inputs of higher bits of memory block, while the output of multi-channel commutator is connected to information input of analog-digital converter, outputs of which are connected to address inputs of lower bits of memory block, outputs of which are connected directly to information inputs of shift registers block and to first inputs of logical elements AND block, second inputs of which are combined and connected to output of control block, and outputs are connected to matching shift inputs of shift registers block, and input of control block is the control input of the device.
EFFECT: increased productivity of device due to simultaneous check of whether range values of each recognition sign belong to all possible classes of images.
FIELD: identification of prints of papillary patterns.
SUBSTANCE: method can be used in forensics, in unauthorized access preventing systems, for card user identification on base of papillary patterns of feet, fingers and palms. Nest is built for any peculiarity, which nest has geometrical and morphological characteristics of vicinity. Then nests with different patterns are subject to comparison and best pairs of nests are selected. Fragments of patterns to be compared are developed from any selected pair of nests by means of transition from one pair of nests to other one along way of best comparison of nests. Then estimations of comparison are stored for any way of development of fragments and the vest way is selected. Estimations of comparison of nests are subject to correction depending on degree of similarity of areas of patterns which patterns do not contain peculiarities.
EFFECT: reduced chance of error of identification.
2 cl, 5 dwg
FIELD: physics; computer engineering.
SUBSTANCE: present invention relates to computer engineering and can be used for protecting binary program files. In the invention description is given of a system and method which enable installation of security patches (on weak points) in binary files. Detection and installation of patches on vulnerable binary files is automatic, reliable, and free from worsening and exhaustion in networks of unlimited size. Reliable detection of vulnerable binary files (for example, in operation systems, application programs etc) is achieved through use of binary signatures, which are related to the detected vulnerabilities. Distinction of security patches from ordinary service packs provides for possibility of making patches which do not worsen vulnerability in binary files.
EFFECT: provision for reliable detection of vulnerable binary files and making patches which do not worsen vulnerability in binary files.
24 cl, 7 dwg