Biometric identification using homomorphic primary matching with failover non-encrypted exception handling
Inventors
Assignees
US Department of Homeland Security
Publication Number
US-11843699-B1
Publication Date
2023-12-12
Expiration Date
2042-12-13
Interested in licensing this patent?
MTEC can help explore whether this patent might be available for licensing for your application.
Abstract
Systems and methods for providing exception failover augmented, homomorphic encrypted (HE) distributing, end-to-endpoint persistent encryption, and distributed HE domain non-decrypting, privacy-protective biometric processing are provided. Some configurations may include generating HE biometric feature data, based on homomorphic encrypting the biometric feature data. Some configurations determine an exception status of the HE biometric feature data between exception and non-exception. Systems and methods may include performing a HE domain, non-decrypting biometric classifying of the HE biometric feature data.
Core Innovation
The invention provides systems and methods for exception failover augmented, homomorphic encrypted (HE) distributing, end-to-endpoint persistent encryption, and distributed HE domain non-decrypting, privacy-protective biometric processing. The method includes capturing biometric information of an individual and computing biometric feature data, generating HE biometric feature data by homomorphic encrypting the feature data, and determining an exception status of the HE biometric feature data as either exception or non-exception. The HE biometric feature data is distributed to external computer processing resources, which perform HE domain, non-decrypting biometric classification and send results to designated destinations.
Responsive to the exception status, the method performs a non-distributed classification of the biometric feature data or the biometric record. This approach maintains persistent HE encryption such that the biometric information remains encrypted and is not decryptable by third-party resources or unauthorized entities throughout communication and processing. The system controller generates HE domain processing configurations based on reference galleries of verified biometric reference images and provides these configurations to third-party computer processing resources, allowing distributed, privacy-protective HE domain biometric processing without revealing underlying biometric data.
Claims Coverage
The patent includes two main independent claims, one directed to a third-party computer resource and another to a system for collision detection and fallback processing. These claims cover the core inventive features of homomorphic encrypted biometric identification with exception failover handling, system configuration, and distribution mechanisms.
Homomorphic encrypted biometric identification and exception failover in third-party computer resource
A third-party computer resource configured to perform distributed, privacy-protective HE persistent encryption locked, non-decrypting biometric identification and verification processing with exception failover backup. It stores captured biometric information in an HE encrypted reference gallery, receives HE encrypted feature vectors, performs HE domain, non-decrypting classification using similarity algorithms, detects exceptions such as collisions, and triggers failover processing in the biometric capture unit involving system-internal cleartext biometric processing. It includes logic for comparison of current HE encrypted feature vectors against accumulated memory, verification of biographical information, uploading or invalidating HE encrypted data accordingly.
Collision detection and fallback processing system for biometric identification
A system comprising biometric capture, exception protective HE encryption and distribution unit (EP HE ECDS) configured with user interface and wireless communication devices, logic for extracting biometric feature vectors from captured biometric information and HE encrypting them. A system controller generates and provides specifically generated HE domain processing configurations to third-party computer resources based on reference galleries, which correspond to N verified identities. The biometric capture unit includes logic for privacy-protective distribution of HE encrypted biometric data and system-internal failover biometric processing upon detection of exceptions identified by collision detection logic maintaining a memory of all HE encrypted biometric data generated, checking for repeated encrypted vectors, and conditioning uploading on positive verification that the vector is not an exception.
The claims cover inventive features related to distributed homomorphic encrypted biometric identification with exception failover by detecting HE encryption collisions, maintaining memory for exception checking, system-internal failover processing, configuration of third-party processing resources using encrypted reference galleries, and management of biometric data encryption and distribution to protect privacy while enabling distributed biometric processing.
Stated Advantages
Improved privacy protection by ensuring biometric data remains encrypted and non-decryptable by third parties during all communications and processing stages.
Mitigation of costs and robustness against collisions in HE encryption through real-time detection and failover to system-internal biometric processing, enabling use of HE algorithms with larger operation libraries or maximum repeats.
Distributed and multi-sourced computational load adaptive processing resources providing scalable and dynamic processing capacity.
Integration of persistent encryption through distributed processing to prevent unauthorized access to underlying biometric information.
Documented Applications
Screening individuals prior to boarding aircraft using biometric verification such as facial images and fingerprints captured at kiosks or biometric capture units located in airports.
Access control to restricted areas via electronic gates that include biometric matching technology.
Utilization of third-party computer resources, such as cloud computing services, to reduce local computational load in biometric identification and verification tasks while maintaining privacy protection.
Implementation in environments including airports, train stations, controlled access facilities, and similar screening areas.
Interested in licensing this patent?