DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 1-4 are rejected under 35 U.S.C. 103 as being unpatentable over Kamakari et al (Pub. No: US 20170085382 A1) in view of Inatomi et al (US Patent No 9049191 B2).
Regarding claim 1, Kamakari et al discloses a biological data verification device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130) comprising: comprising: at least one memory storing instructions; and at least one processor the authentication server 140 may include a processor (the processor 124B of fig. 1) that is configured to execute computer instructions to perform or control performance of the method 50; paragraph 0068, 0197) connected to the memory and configured to execute the instructions to: acquire (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038) a service selected by a customer; provide a first verification method (verification algorithm; a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers; paragraph 0070-0071, 0098, 0160, 0175) included in a registration scenario in association with the service (the registration proximity ciphertext in a case in which a combination of a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0081, 0097); acquire a biological data from the customer (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038); collate the acquired biological data with a biological data for registration in association with the first verification method (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097) included in the registration scenario (the authentication server 140 may include a processor (the processor 124B of fig. 1; a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0160, 0175-0176; verify, identify: authentication process: the identity of the user 206 may be authenticated using one or more of the relational encryption operations ; paragraph 0170); receive a request for changing the registration scenario from the customer (receiving a registration input such as the registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; paragraph 0006, 0038); acquire a backup scenario including a second verification method different from the first verification method included in the registration scenario (the authentication server 140 may include a processor (the processor 124B of fig. 1) that is configured to execute computer instructions to perform or control performance of the method 300; paragraph 0188, 0193).
However, Kamakari et al does not specifically disclose the features of receiving the request for changing the registration scenario, providing the second verification method included in the backup scenario; and collating the acquired biological data with a biological data for registration in association with the second verification method included in the backup scenario.
On the other hand, Inatomi et al, from the same field of endeavor, discloses the features of receiving (authentication information acquiring section 520 receives ID information id and key concealment information k from the communication terminal apparatus; col. 2, lines 29-44; col. 13, lines 13-29; col. 13, lines 34-67) the request for changing the registration scenario (make a request to authentication information storing apparatus 400 for registration conversion template w and public key information W upon receipt of biometric information x at the time of authentication ; col. 13, lines 35-67; col. 12, lines 17-50; col. 11, lines 32-67; col. 21, lines 28-45; col. 25, lines 5-14), providing the second verification method included in the backup scenario (note that the request is performed by sending and specifying received ID information id to authentication information storing apparatus 400; upon receipt of registration conversion template w and public key information W, authentication information acquiring section 520 outputs biometric information x’ at the time of authentication, registration conversion template w, public key information W; in addition, verification information generating section that generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus; return registration conversion template w and public key information W in response to a request from biometric authentication apparatus 500 ; col. 7, line 55-col. 8, line 10 ; col. 13, line 52-col. 14, line 20; col. 24, lines 35-53); and collating the acquired biological data (a registration conversion template being the exclusive OR of the biometric information at the time of the registration, the key information and a second error correction code randomly selected from the error correction code group, in the biometric authentication apparatus ; col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32) with a biological data for registration in association with the second verification method (receive first verification information Y and second verification information z, thereby determine whether the biometric information at the time of authentication is similar to the registered biometric information; furthermore, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus; in addition, zero-knowledge proof processing section 540 receives second verification information z from communication terminal apparatus 300, and generates the logical expression in a zero-knowledge proof protocol ; col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32; col. 24, lines 35-60) included in the backup scenario (transmitting information for verification calculated from the information to be verified to the biometric authentication apparatus, in the communication terminal apparatus; and performing the biometric authentication on the basis of the degree of identity between the information for verification calculated on the basis of the transmitted error corrected information and the second error correction code used to calculate the error corrected information, in the biometric authentication apparatus; col. 9, lines 20-50; col. 10, lines 11-27; col. 17, lines 1-61). Note that Inatomi et al, discloses a biometric authentication system that includes a registration apparatus, and an authentication information storing apparatus. Furthermore, the biometric authentication apparatus determines the coincidence between the above information c''' to be verified and authentication parameter c on the basis of the above verification information Y and z returned from the communication terminal apparatus, and the above public key information W (col. 7, line 55-col. 8, line 10). In addition, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus (col. 16, line 49-col. 17, line 30; col. 21, lines 28-41). Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to apply the technique of Inatomi to the communication system of Kamakari in order to provide a method of biometric authentication that can prevent spoofing attacks in case of leak of key information and a registration conversion template stored in the communication terminal apparatus.
Regarding claim 2, Kamakari et al as modified discloses a biological data verification device (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130), wherein the at least one processor is configured to execute the instructions to prompt the customer to input the biological data (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097) in association with the first verification method included in the registration scenario (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038).
Regarding claim 3, Kamakari et al discloses a biological data verification method (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130) comprising: acquiring (the registration process may include obtaining information and data from the user 206 that may be used in the authentication process ; a registration ciphertext 130: a registration proximity ciphertext that represents medical and biometrical information; paragraph 0005-0006, 0038) a service selected by a customer; providing a first verification method included in a registration scenario in association with the service (verification algorithm; a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers; paragraph 0070-0071, 0098, 0160, 0175); acquiring a biological data from the customer (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038); collating the acquired biological data with a biological data for registration in association with the first verification method included in the registration scenario (a method of proximity verification using relational encryption; proximity relationship between the proximity ciphertext and a registration proximity ciphertext detected using a relational proximity key; paragraph 0103, 0077, 0081, 0097); receiving a request for changing the registration scenario from the customer (receiving a registration input such as the registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; paragraph 0006, 0038); acquiring a backup scenario including a second verification method different from the first verification method included in the registration scenario(the authentication server 140 may include a processor (the processor 124B of fig. 1) that is configured to execute computer instructions to perform or control performance of the method 300; paragraph 0188, 0193).
However, Kamakari et al does not specifically disclose the features of receiving the request for changing the registration scenario, providing the second verification method included in the backup scenario; and collating the acquired biological data with a biological data for registration in association with the second verification method included in the backup scenario.
On the other hand, Inatomi et al, from the same field of endeavor, discloses the features of receiving (authentication information acquiring section 520 receives ID information id and key concealment information k from the communication terminal apparatus ; col. 2, lines 29-44; col. 13, lines 13-29; col. 13, lines 34-67) the request for changing the registration scenario (make a request to authentication information storing apparatus 400 for registration conversion template w and public key information W upon receipt of biometric information x at the time of authentication ; col. 13, lines 35-67; col. 12, lines 17-50; col. 11, lines 32-67; col. 21, lines 28-45; col. 25, lines 5-14), providing the second verification method included in the backup scenario (note that the request is performed by sending and specifying received ID information id to authentication information storing apparatus 400; upon receipt of registration conversion template w and public key information W, authentication information acquiring section 520 outputs biometric information x’ at the time of authentication, registration conversion template w, public key information W; in addition, verification information generating section that generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus; return registration conversion template w and public key information W in response to a request from biometric authentication apparatus 500; col. 7, line 55-col. 8, line 10 ; col. 13, line 52-col. 14, line 20; col. 24, lines 35-53); and collating the acquired biological data (a registration conversion template being the exclusive OR of the biometric information at the time of the registration, the key information and a second error correction code randomly selected from the error correction code group, in the biometric authentication apparatus ; col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32) with a biological data for registration in association with the second verification method (receive first verification information Y and second verification information z, thereby determine whether the biometric information at the time of authentication is similar to the registered biometric information; furthermore, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus; in addition, zero-knowledge proof processing section 540 receives second verification information z from communication terminal apparatus 300, and generates the logical expression in a zero-knowledge proof protocol ; col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32; col. 24, lines 35-60) included in the backup scenario (transmitting information for verification calculated from the information to be verified to the biometric authentication apparatus, in the communication terminal apparatus; and performing the biometric authentication on the basis of the degree of identity between the information for verification calculated on the basis of the transmitted error corrected information and the second error correction code used to calculate the error corrected information, in the biometric authentication apparatus; col. 9, lines 20-50; col. 10, lines 11-27; col. 17, lines 1-61). Note that Inatomi et al, discloses a biometric authentication system that includes a registration apparatus, and an authentication information storing apparatus. Furthermore, the biometric authentication apparatus determines the coincidence between the above information c''' to be verified and authentication parameter c on the basis of the above verification information Y and z returned from the communication terminal apparatus, and the above public key information W (col. 7, line 55-col. 8, line 10). In addition, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus (col. 16, line 49-col. 17, line 30; col. 21, lines 28-41). Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to apply the technique of Inatomi to the communication system of Kamakari in order to provide a method of biometric authentication that can prevent spoofing attacks in case of leak of key information and a registration conversion template stored in the communication terminal apparatus.
Regarding claim 4, Kamakari et al discloses a non-transitory recording medium storing a biological data verification computer program (figs. 1-2: authentication server 140, authenticating an identity of the user; a registration ciphertext 130) executable by a computer to perform: acquiring (obtain a registration input; the registration input may include a first biometric template of a user; paragraph 0006, 0038) a service selected by a customer; providing a first verification method included in a registration scenario in association with the service; acquiring (the registration process may include obtaining information and data from the user 206 that may be used in the authentication process ; a registration ciphertext 130: a registration proximity ciphertext that represents medical and biometrical information; paragraph 0005-0006, 0038) a biological data from the customer; collating the acquired biological data with a biological data for registration in association with the first verification method included in the registration scenario (a first verification key assigned to the user device and a second verification key assigned to the one of the plurality of authentication servers permits access to a result of the determining the approximate similarity; paragraph 0160, 0175-0176; verify, identify: authentication process: the identity of the user 206 may be authenticated using one or more of the relational encryption operations ; paragraph 0170); receiving a request for changing the registration scenario from the customer (receiving a registration input such as the registration input 232 of fig. 2; the registration input may include a first biometric template of a user where the first biometric template may be representative of unique features of a biometric characteristic of the user; paragraph 0006, 0038) ; acquiring a backup scenario including a second verification method different from the first verification method included in the registration scenario (the authentication server 140 may include a processor (the processor 124B of fig. 1) that is configured to execute computer instructions to perform or control performance of the method 300; paragraph 0188, 0193).
However, Kamakari et al does not specifically disclose the features of receiving the request for changing the registration scenario, providing the second verification method included in the backup scenario; and collating the acquired biological data with a biological data for registration in association with the second verification method included in the backup scenario.
On the other hand, Inatomi et al, from the same field of endeavor, discloses the features of receiving (authentication information acquiring section 520 receives ID information id and key concealment information k from the communication terminal apparatus; col. 2, lines 29-44; col. 13, lines 13-29; col. 13, lines 34-67) the request for changing the registration scenario (make a request to authentication information storing apparatus 400 for registration conversion template w and public key information W upon receipt of biometric information x at the time of authentication ; col. 13, lines 35-67; col. 12, lines 17-50; col. 11, lines 32-67; col. 21, lines 28-45; col. 25, lines 5-14), providing the second verification method included in the backup scenario (note that the request is performed by sending and specifying received ID information id to authentication information storing apparatus 400; upon receipt of registration conversion template w and public key information W, authentication information acquiring section 520 outputs biometric information x’ at the time of authentication, registration conversion template w, public key information W; in addition, verification information generating section that generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus; return registration conversion template w and public key information W in response to a request from biometric authentication apparatus 500 ; col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32 col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32); and collating the acquired biological data (a registration conversion template being the exclusive OR of the biometric information at the time of the registration, the key information and a second error correction code randomly selected from the error correction code group, in the biometric authentication apparatus ; col. 7, lines 9-67; col. 8, lines 17-54; col. 13, line 52-col. 14, line 32; col. 24, lines 35-60) with a biological data for registration in association with the second verification method (receive first verification information Y and second verification information z, thereby determine whether the biometric information at the time of authentication is similar to the registered biometric information; furthermore, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus; in addition, zero-knowledge proof processing section 540 receives second verification information z from communication terminal apparatus 300, and generates the logical expression in a zero-knowledge proof protocol ; col. 7, line 55-col. 8, line 10 ; col. 13, line 52-col. 14, line 20; col. 24, lines 35-53); col. 13, line 52-col. 14, line 20; col. 24, lines 35-53) included in the backup scenario (transmitting information for verification calculated from the information to be verified to the biometric authentication apparatus, in the communication terminal apparatus; and performing the biometric authentication on the basis of the degree of identity between the information for verification calculated on the basis of the transmitted error corrected information and the second error correction code used to calculate the error corrected information, in the biometric authentication apparatus; col. 9, lines 20-50; col. 10, lines 11-27; col. 17, lines 1-61). Note that Inatomi et al, discloses a biometric authentication system that includes a registration apparatus, and an authentication information storing apparatus. Furthermore, the biometric authentication apparatus determines the coincidence between the above information c''' to be verified and authentication parameter c on the basis of the above verification information Y and z returned from the communication terminal apparatus, and the above public key information W (col. 7, line 55-col. 8, line 10). In addition, the verification information generating section generates information obtained by concealing the calculated information to be verified, as information for verification, and transmits the generated information for verification to the biometric authentication apparatus (col. 16, line 49-col. 17, line 30; col. 21, lines 28-41). Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention was made to apply the technique of Inatomi to the communication system of Kamakari in order to provide a method of biometric authentication that can prevent spoofing attacks in case of leak of key information and a registration conversion template stored in the communication terminal apparatus.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MARCEAU MILORD whose telephone number is (571)272-7853. The examiner can normally be reached 10-6.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, CHARLES APPIAH can be reached on 571-2727904. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
MARCEAU MILORD
Examiner
Art Unit 2641
/MARCEAU MILORD/Primary Examiner, Art Unit 2641