DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-8 are rejected under 35 U.S.C. 103 as being unpatentable over Kamakari et al (Pub. No: US 20170085382 A1) in view of Inatomi et al (US Patent No 9049191 B2).
Regarding claim 1, Kamakari et al discloses a biological data registration support device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), comprising: a memory (memory 122 A) at least one memory storing instructions; and at least one processor (processor 124A or processor 124 B) connected to the memory and configured to execute the instructions to : display a plurality of candidate scenarios (registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038, 0097) each including a combination of a plurality of verification methods in association with services (communicating to a user device from one of a plurality of authentication servers and authentication signal indicative of whether there is the approximate similarity between the proximity ciphertext and the registration proximity ciphertext; paragraph 0006, 0038); acquire the plurality of candidate scenarios (read as: obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038) each including a combination of a plurality of verification methods as registration scenarios (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097), the registration scenarios being in association with services (the authentication service may include a registration process and an authentication; paragraph 0170), respectively ; specify a verification method that is commonly included in the plurality of registration scenarios as a common verification method (a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0160, 0175-0176).
However, Kamakari et al does not specifically disclose the features of acquiring one biological data for registration regarding the common verification method and another biological data for registration regarding the verification method other than the common verification method; and transmitting the acquired biological data for registration and the plurality registration scenarios.
On the other hand, Inatomi et al, from the same field of endeavor, discloses the features of acquiring (an authentication information acquiring section acquires the key concealment information from the communication terminal apparatus; in addition, an authentication biometric information acquiring section acquires biometric information at the time of authentication; col. 4, lines 31-67 ; col. 25, lines 5-14) one biological data for registration regarding the common verification method (verification processing section that transmits the calculated error corrected information to the communication terminal apparatus; col. 3, line 53-col. 4, line 30; col. 21, lines 28-45; col. 25, lines 5-14) and another biological data for registration regarding the verification method other than the common verification method (each time registration apparatus 200 acquires registered biometric information x from a user to be biometrically authenticated, it issues key information k, at which time registration apparatus 200 randomly selects one of a predetermined error correction code group as authentication parameter; ); and transmitting (a verification processing section transmits the calculated error corrected information to the communication terminal apparatus; col. 3-co. 4, line 30; col. 8, lines 15-60) the acquired biological data for registration and the plurality registration scenarios (the biometric authentication apparatus generates a random value and transmits the random value to a communication terminal apparatus in concealment during authenticating; furthermore, the communication terminal apparatus converts the key information using the random value to transmit it to the biometric authentication apparatus; col. 5, lines 5-30; col. 7, lines 22-53 ; col. 13, lines 34-67). Note that Inatomi et al, discloses a biometric authentication system that includes a registration apparatus, and an authentication information storing apparatus. Furthermore, the biometric authentication apparatus determines the coincidence between the above information c''' to be verified and authentication parameter c on the basis of the above verification information Y and z returned from the communication terminal apparatus, and the above public key information W (col. 7, line 55-col. 8, line 10). In addition, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus (col. 16, line 49-col. 17, line 30; col. 21, lines 28-41). Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to apply the technique of Inatomi to the communication system of Kamakari in order to provide a method of biometric authentication that can prevent spoofing attacks in case of leak of key information and a registration conversion template stored in the communication terminal apparatus.
Regarding claim 2, Kamakari et al as modified discloses a biological data registration support device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), wherein the at least one processor is configured to execute the instructions to: display a proposed scenario including at least one verification method (registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; paragraph 0006, 0038, 0097) in association with each service (communicating to a user device from one of a plurality of authentication servers and authentication signal indicative of whether there is the approximate similarity between the proximity ciphertext and the registration proximity ciphertext; paragraph 0006, 0038); and when an instruction to modify the proposed scenario has been input, display the candidate scenarios, and when a decision instruction of the proposed scenario has been input, acquire the proposed scenario as the registration scenario (registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038, 0097).
Regarding claim 3, Kamakari et al as modified discloses a biological data registration support device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), wherein the at least one processor is configured to execute the instructions to: in addition to acquiring the registration scenarios, acquire backup scenarios, each including a combination of a plurality of verification methods (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097), the backup scenarios being associated with the same service as the registration scenarios (receiving a registration input such as the registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; paragraph 0006, 0038), respectively; and further transmit the backup scenarios (communicating to a user device from one of a plurality of authentication servers and authentication signal indicative of whether there is the approximate similarity between the proximity ciphertext and the registration proximity ciphertext; paragraph 0006, 0038; furthermore, the first linearity ciphertext may be communicated to the authentication server 140 by the communication module 116, where it may be stored as a registration ciphertext 130; paragraph 0097-0098).
Regarding claim 4, Kamakari et al as modified discloses a biological data registration support device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), wherein the verification support device displays verification methods included in the registration scenarios (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097) and, when a change instruction of the registration scenario has been input (receiving a registration input such as the registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; paragraph 0006, 0038), obtain biological data for verification regarding a verification method included in the backup scenario (verification algorithm; a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers; paragraph 0070-0071, 0098, 0160, 0175).
Regarding claim 5, Kamakari et al as modified discloses a biological data registration support device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), wherein the server selects one or a plurality of the verification methods from the plurality of verification methods to generate a scenario, and transmits the generated scenario to the registration support device; and the biological data registration support device acquires the received scenario as the registration scenario (a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0160, 0175-0176; verify, identify: authentication process: the identity of the user 206 may be authenticated using one or more of the relational encryption operations ; paragraph 0170; paragraph 0098, 0160, 0247).
Regarding claim 6, Kamakari et al as modified discloses a biological data registration support device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), wherein each of the verification methods included in the generated scenarios is associated with a security value indicating the level of security of the verification method (the registration process may include obtaining information and data from the user 206 that may be used in the authentication process ; a registration ciphertext 130: a registration proximity ciphertext that represents medical and biometrical information; paragraph 0005-0006, 0038); and the server calculates a scenario security value indicating the security level (a first value may be calculated; where the first value may be calculated as a pairing function of a first element of a first linearity ciphertext and a first element of a second linearity ciphertext raised to the power of a linearity relational secret key; paragraph 0198-0199) of the scenario on the basis of the security value (a communication terminal device (300) calculates secret key information k’ which is exclusive OR of key information k of the registration biological information and masked value c’ which is randomly selected from a predetermined error correction code group, and calculates verified information c’’’ which is exclusive OR of sent information c’’ and value c’) and when the scenario security value satisfies a predetermined condition (the second value may be calculated as a product of the pairing function of each element of the first linearity ciphertext and a corresponding element in the second linearity ciphertext raised to the power of an arbitrary generator raised to the power of a product of negative one and a corresponding element of the particular vector; in addition, it may be determined whether the first value is equal to the second value; in response to the first value being equal to the second value (“Yes” at block 508), paragraph 0199-0200) regarding the service (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097), transmits the scenario in association with the service to the registration support device (communicating to a user device from one of a plurality of authentication servers and authentication signal indicative of whether there is the approximate similarity between the proximity ciphertext and the registration proximity ciphertext; paragraph 0006, 0038; furthermore, the first linearity ciphertext may be communicated to the authentication server 140 by the communication module 116, where it may be stored as a registration ciphertext 130; paragraph 0097-0098).
Regarding claim 7, Kamakari et al discloses a biological data registration support method (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130) comprising: displaying a plurality of candidate scenarios (registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038, 0097) each including a combination of a plurality of verification methods in association with services (communicating to a user device from one of a plurality of authentication servers and authentication signal indicative of whether there is the approximate similarity between the proximity ciphertext and the registration proximity ciphertext; paragraph 0006, 0038); acquiring the plurality of candidate scenarios (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038) each including a combination of a plurality of verification methods as registration scenarios, the registration scenarios being in association with services (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097), respectively; specifying a verification method (a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0160, 0175-0176); that is commonly included in the plurality of registration scenarios as a common verification method (verification algorithm; a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers; paragraph 0070-0071, 0098, 0160, 0175).
However, Kamakari et al does not specifically disclose the features of acquiring one biological data for registration regarding the common verification method and another biological data for registration regarding the verification method other than the common verification method; and transmitting the acquired biological data for registration and the plurality registration scenarios.
On the other hand, Inatomi et al, from the same field of endeavor, discloses the features of acquiring (an authentication information acquiring section acquires the key concealment information from the communication terminal apparatus; in addition, an authentication biometric information acquiring section acquires biometric information at the time of authentication; col. 4, lines 31-67 ; col. 25, lines 5-14) one biological data for registration regarding the common verification method (verification processing section that transmits the calculated error corrected information to the communication terminal apparatus; col. 3, line 53-col. 4, line 30; col. 21, lines 28-45; col. 25, lines 5-14) and another biological data for registration regarding the verification method other than the common verification method (each time registration apparatus 200 acquires registered biometric information x from a user to be biometrically authenticated, it issues key information k, at which time registration apparatus 200 randomly selects one of a predetermined error correction code group as authentication parameter; ); and transmitting (a verification processing section transmits the calculated error corrected information to the communication terminal apparatus; col. 3-co. 4, line 30; col. 8, lines 15-60) the acquired biological data for registration and the plurality registration scenarios (the biometric authentication apparatus generates a random value and transmits the random value to a communication terminal apparatus in concealment during authenticating; furthermore, the communication terminal apparatus converts the key information using the random value to transmit it to the biometric authentication apparatus; col. 5, lines 5-30; col. 7, lines 22-53 ; col. 13, lines 34-67). Note that Inatomi et al, discloses a biometric authentication system that includes a registration apparatus, and an authentication information storing apparatus. Furthermore, the biometric authentication apparatus determines the coincidence between the above information c''' to be verified and authentication parameter c on the basis of the above verification information Y and z returned from the communication terminal apparatus, and the above public key information W (col. 7, line 55-col. 8, line 10). In addition, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus (col. 16, line 49-col. 17, line 30; col. 21, lines 28-41). Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to apply the technique of Inatomi to the communication system of Kamakari in order to provide a method of biometric authentication that can prevent spoofing attacks in case of leak of key information and a registration conversion template stored in the communication terminal apparatus.
Regarding claim 8, Kamakari et al discloses a non-transitory recording medium storing a biological data registration support computer program (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130) executable by a computer to perform: displaying a plurality of candidate scenarios (registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038, 0097) each including a combination of a plurality of verification methods in association with services (communicating to a user device from one of a plurality of authentication servers and authentication signal indicative of whether there is the approximate similarity between the proximity ciphertext and the registration proximity ciphertext; paragraph 0006, 0038); acquiring the plurality of candidate scenarios (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038) each including a combination of a plurality of verification methods as registration scenarios, the registration scenarios being in association with services(a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097), respectively; specifying a verification method (a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0160, 0175-0176) that is commonly included in the plurality of registration scenarios as a common verification method (verification algorithm; a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers; paragraph 0070-0071, 0098, 0160, 0175).
However, Kamakari et al does not specifically disclose the features of acquiring one biological data for registration regarding the common verification method and another biological data for registration regarding the verification method other than the common verification method; and transmitting the acquired biological data for registration and the plurality registration scenarios.
On the other hand, Inatomi et al, from the same field of endeavor, discloses the features of acquiring (an authentication information acquiring section acquires the key concealment information from the communication terminal apparatus; in addition, an authentication biometric information acquiring section acquires biometric information at the time of authentication; col. 4, lines 31-67 ; col. 25, lines 5-14) one biological data for registration regarding the common verification method (verification processing section that transmits the calculated error corrected information to the communication terminal apparatus; col. 3, line 53-col. 4, line 30; col. 21, lines 28-45; col. 25, lines 5-14) and another biological data for registration regarding the verification method other than the common verification method (each time registration apparatus 200 acquires registered biometric information x from a user to be biometrically authenticated, it issues key information k, at which time registration apparatus 200 randomly selects one of a predetermined error correction code group as authentication parameter; ); and transmitting (a verification processing section transmits the calculated error corrected information to the communication terminal apparatus; col. 3-co. 4, line 30; col. 8, lines 15-60) the acquired biological data for registration and the plurality registration scenarios (the biometric authentication apparatus generates a random value and transmits the random value to a communication terminal apparatus in concealment during authenticating; furthermore, the communication terminal apparatus converts the key information using the random value to transmit it to the biometric authentication apparatus; col. 5, lines 5-30; col. 7, lines 22-53 ; col. 13, lines 34-67). Note that Inatomi et al, discloses a biometric authentication system that includes a registration apparatus, and an authentication information storing apparatus. Furthermore, the biometric authentication apparatus determines the coincidence between the above information c''' to be verified and authentication parameter c on the basis of the above verification information Y and z returned from the communication terminal apparatus, and the above public key information W (col. 7, line 55-col. 8, line 10). In addition, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus (col. 16, line 49-col. 17, line 30; col. 21, lines 28-41). Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to apply the technique of Inatomi to the communication system of Kamakari in order to provide a method of biometric authentication that can prevent spoofing attacks in case of leak of key information and a registration conversion template stored in the communication terminal apparatus.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARCEAU MILORD whose telephone number is (571)272-7853. The examiner can normally be reached on 10-6.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CHARLES APPIAH can be reached on 571-2727904. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system. Status information for published applications may be obtained from either Private PAIR or Public PAIR. Status information for unpublished applications is available through Private PAIR only. For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
MARCEAU MILORD
Examiner
Art Unit 2641
/MARCEAU MILORD/Primary Examiner, Art Unit 2641