AU2005100275A4

AU2005100275A4 - User authentication appratus using human body movement detection biometrics system

Info

Publication number: AU2005100275A4
Application number: AU2005100275A
Authority: AU
Inventors: Dinesh Kant; Sanjay Kumar; Neil Mclachlan; Arun Sharma
Original assignee: RUCHIKA KAPUR
Current assignee: Kapur Ruchika Ms
Priority date: 2004-03-31
Filing date: 2005-04-01
Publication date: 2005-06-23
Anticipated expiration: 2013-03-31

Description

USER AUTHENTICATION APPRATUS USING HUMAN BODY MOVEMENT DETECTION BIOMETRICS SYSTEM FIELD OF INVENTION The present invention relates to the field of authentication apparatus and methods.

In one form, the invention relates to a user authentication apparatus that is based on body action based biometrics system.

It will be convenient to hereinafter describe the invention in relation to authentication apparatus and method(s), however it should be appreciated that the present invention is not limited to that use only.

BACKGROUND ART User authentication is one way that is used to check the authenticity of a person seeking access. User authentication can be used to confirm whether or not a person who seeks physical access at a gate or entrance or seeks the right of access to information on a terminal, such as a personal computer, is the person who should be granted that access.

The present inventors have realised that where authentication is based on a possessed article (such as smart card), an unauthorised person also (who has the possession of the card or key) can use it. Also, where authentication is based on knowledge, if an unwanted person manages to gain that knowledge or even guesses that knowledge, unwanted access can be gained based on that knowledge.

The inventors have also realised that there are numerous biometric techniques that are currently being used such as finger print, hand geometry, face features and iris features. Although the biometric techniques are based on the anatomy of a particular individual, the inventors have realised that it is known that each of these techniques is able to be avoided or undermined by determined persons seeking unwanted access and thus the security of these systems may be compromised. Another difficulty realised by the inventors is that as these techniques are based on the anatomy of the user and in the event that some aspects of the anatomy are replicated by those persons seeking unwanted access, the authorised user cannot change these anatomical features, making the system less secure.

Any discussion of documents, devices, acts or knowledge in this specification is included to explain the context of the invention. It should not be taken as an admission that any of the material forms a part of the prior art base or the common general knowledge in the relevant art in Australia or elsewhere on or before the priority date of the disclosure and claims herein.

An object of the present invention is to provide a user authentication method and system which alleviates the need to use a more easily replicated basis of authentication.

Another object of the present invention is to provide a user authentication method and a user authentication apparatus by which, even where biometric input data of the user, such as a hand gesture is of low quality and not suitable for verification, the security of the entire system is augmented without giving rise to an increase in the cost by introducing significant additional hardware.

Another object of the present invention is to provide a user authentication method where the user can change the biometric input if and when he or she desires, for example, if an unauthorised person has had an access to the same.

Another object of the present invention is to save the user data in a form that makes it very difficult for any other person to extract the information from the database.

Another object of the present invention is to have the user data extremely small so that it can be stored on devices such as smart cards that may not have large memory.

Another object of the present invention is to ensure that there is sufficient privacy available to the user to prevent other people in the close vicinity to see the hand actions of the user when hand actions are used as the biometrics.

A further object of the present invention is to alleviate at least one disadvantage associated with the prior art.

SUMMARY OF INVENTION To attain the objective described above, according to one aspect of the present invention, there is provided a user authentication apparatus including authentication of a user by verification of unpenned, secret information of the user which is a special information (the action) and characteristic (style of the action) unique to the individual. From her onwards, this action will be referred to as 'biometrics' data of the individual/ user. Even though this information is not biometrics in the strict sense, it will be referred to as a biometrics data in this document to avoid having to create and define a new word. This apparatus has an acquisition system that is responsible for acquiring biometrics data of the user who has requested for the authentication.

According to another aspect of the present invention, there is provided a user authentication method, including the steps of authenticating a user by verification of biometrics which is a biological characteristics unique to an individual acquiring, when the authentication results in failure in the verification of biometrics, biometrics data of a user who has requested for the authentication, and performing substitution authentication for substituting the verification of biometrics when the biometrics data are required by the acquisition means.

Preferably, the user authentication method further includes a step of storing the hand/ body action (referred as biometrics data) data acquired by the step of acquiring the biometrics data, and provide means for a search and pursuit of an illegal user performed based on the stored biometrics data.

Alternatively, the user authentication method may further include a step of discriminating whether or not biometrics data inputted so as to be used for the verification of biometrics have a quality suitable for automatic verification, and a step of storing the acquired biometrics data when it is discriminated that the biometrics data do not have a quality suitable for automatic comparison. The user authentication method may further comprise a step of discriminating, when it is discriminated that the biometrics data do not have a quality suitable for automatic comparison, using a second biometrics or security measure, whether or not the biometrics data have a quality suitable for use the search and the pursuit of an illegal user, and wherein, when it is discriminated that the biometrics data are suitable for use of the substitute authentication is permitted. The discrimination of whether or not the inputted biometrics data are proper and inputted by the user at the place is used. A correlation of a plurality of biometrics data acquired by the step of acquiring the biometrics data may be measured to perform discrimination of whether or not the biometrics data are inputted by the user at the place. The invention disclosed here comprises with one of the biometrics as being a hand gesture may be used as the biometrics.

Upon storage of biometrics data prior to the substitute authentication, a biometrics data such as an image of the face/and or a figure when a hand gesture is done may be inputted or photographed.

In the user authentication apparatus and the user authentication method, if authentication by verification of biometrics results in failure, then biometrics data of the user who has requested for the authentication are acquired, and verification of biometrics is substituted after the biometrics data of the user ae acquired.

Therefore, when it later becomes clear that attempt to illegally access to entrance gate management or illegally login to a computer system was executed, the information about the person who posed illegally can be specified. Consequently, the user authentication apparatus and the user authentication method are advantageous in that, even where biometrics input data of the some user such as a hand gesture are low in quality and are not suitable for verification, the security of the entire system can be augmented without giving rise to an increase in cost by introduction of significant additional hardware.

Other aspects and preferred aspects are disclosed in the specification and or defined in the appended claims, forming a part of the description of the invention.

In essence, the present invention is based on the user being authenticated based on biometrics such as hand and or body gestures. In an alternative multistep biometric authentication method, authentication is based on biometrics in addition to a method of performing authentication depending upon whether or not the user holds in their possession an article, such as a magnetic card, or whether or not the user has the knowledge of secret information, such as a personal identification or a password.

The hand action and or body gestures based biometrics authentication is based on a predetermined secret short hand action made by each individual that identifies the individual. Every individual selects or determines, in advance, a personal (secret) hand gestures which the authentication system identifies with that person. A particular hand gesture may be the signature of an individual. If required, this signature can be changed by the user and the system will then reconfigured the predetermined biometric associated with that individual to recognise that 'new' gesture as a new signature of the individual. In this manner, for example, a hand gesture can provide an acceptable identification of an individual.

In practice, when a person seeks authentication, the system or method of the present invention, may request from the person a hand gestures. The gesture performed is captured by the video and the gesture is compared with the stored or registered gesture of a particular person user. If the hand gesture substantially matches a registered hand gesture, then authentication is provided, resulting in access, but if the hand gesture does not match with the registered hand gesture, then it may be determined that the person is an illegal user and the accessing of the person is not allowed. The degree to which the biometrics are required to match or coincide with the stored biometrics may be set or predetermined.

In conventional user authentication method, when registration or verification of a hand gesture does not result in success, typically an evading method which substitutes another authentication scheme such as, for example, inputting of a password is used. According to such methods, another hand gesture is inputted, and if it doesn't have a quality sufficient to allow automatic verification, then automatic verification based on hand gesture is given up and a password is inputted from the keyboard as substitute measures. However, where a password is used, an unrelated person can pose as the person itself through furtive looking or like as describe herein above. This makes a security hole to the entire system, which is a disadvantage of the method described above.

Naturally, it is a possible idea to additionally use, where a hand gesture is not suitable for automatic authentication, verification based on some other biometrics such as, for example, Iris. In this instance, however, an additional cost for installation and operation of an inputting apparatus for an iris image such as a camera, an illumination system for obtaining a stabilized image and so forth is required, and the increase in the cost cannot be avoided.

The present invention has been found to result in a number of advantages, such as providing security based on simple non-anatomical biometrics (defined above) hand actions, storing the information of the hand actions in a highly reduced and transformed way that allows this to be stored with very small memory requirement, and what an intruder cannot back engineer to obtain the authentic user hand gesture. Hand gestures of the users are not visible to the people who may be in the close vicinity of the device and these gestures are not related to the anatomical properties of the user and thus it is extremely difficult for an intruder to obtain this information. Further, if this information is obtained by the intruder, the system provides the user the ability to change the hand gesture signature providing the flexibility to the system.

Another applicability of this invention is that the data representing the user is not the original data but the statistical properties of the transformed data or the weights of the neural network that may be used for the purpose, making it extremely compact and suitable for applications such as smart cards and the like.

Further scope of applicability of the present invention will become apparent from the detailed description given hereinafter. However, it should be understood that the detailed description and specific examples, while indicating preferred embodiments of the invention, are given by way of illustration only, since various changes and modifications within the spirit and scope of the invention will become apparent to those skilled in the art from this detailed description.

BRIEF DESCRIPTION OF THE DRAWINGS Further disclosure, objects, advantages and aspects of the present application may be better understood by those skilled in the relevant art by reference to the following description of preferred embodiments taken in conjunction with the accompanying drawings, which are given by way of illustration only, and thus are not limitative of the present invention, and in which: Figure 1 illustrates a block diagram showing a configuration of a user authentication apparatus to which present invention is applied; and Figures 2 and 3 illustrate flowcharts showing an aspect of the operation of the user authentication apparatus of Figure 1.

DETAILED DESCRIPTION Referring first to figure 1, there is shown a representation of a user authentication apparatus to which the present invention is applied. In the authentication apparatus of the present embodiment, a human hand gesture is used as biometrics. Any other gesture or biometrics may be used with conjunction with the present invention, and is intended to be included within the scope of the invention described when a hand gesture is referred to in the following description. It is to be noted that the broken lines in figure 1 indicate flow of a processing procedure (control) and solid lines indicate a flow of data such as hand gesture data.

The user authentication method and or apparatus includes means for the input of user information 10, hand gesture input 11, hand feature verification characteristics 12, hand gesture characteristic verification 14, a user verification determination 15, subsequent hand gesture input request 20, substitute authentication input 21, a substitute authentication determination 22, a substitute authentication means user information storage means 23, a service permission or rejection display 24 (hereinafter referred to simply as a display), and an illegal user pursuit information processing means Figures 2 and 3 illustrate an example of the operation of the user authentication apparatus of figure 1, and operation of the user authentication according to the present invention is described with references to Figures 1 to 3.

It is to be noted that the processing operation illustrated in figures 2 and 3 can be realized by the components of the user authentication apparatus that execute a program stored in a control memory not shown of the user authentication apparatus. The control memory may be a ROM (Read Only Memory), an IC (Integrated Circuit) memory or similar memory.

Initially, the name of a person seeking authentication is input at of figure 1.

Then, in accordance with step S1 of figure 2, further information may be sought. This may comprise a user number or a user identifier input via a keyboard, or otherwise an ID (Identification Number) magnetic card or smart cards. The system checks this in step S2 of figure 2 and if found incorrect, may either request the user to try again or rejects the user. If the password matches, the step S3 is executed.

Next, a hand gesture is captured by the hand gesture input 11. The hand gesture is preferably converted to digital data as to allow later processing in the user authentication apparatus (step S3 of FIG.2). Preferably, the hand gesture is illuminated by light to enhance capture of the gesture. Preferably, the camera and the space for the hand gesture are located inside a small box where the hand gesture is not viewable by people standing close to the device.

The hand gesture verifying characteristic extraction means 12 receives the hand gesture data from input 11 and executes a process of extracting characteristics for identification of the hand gesture from the video gesture.

One characteristic for use for identification of a hand gesture is for example the comparison of the hand gesture performed against a gesture history template.

Another characteristic may be based on the generation of motion tracks. Using grey intensity templates, geometrical moments, wavelets combined with image moments and/or histograms may be extracted from the image. The extracted features are the input to the feature discrimination means for matching and identification.

Further the hand gesture verifying characteristic extraction (12) discriminates based on a result of the characteristics extraction whether or not the inputted gesture hand has a quality suitable for authentication for which automatic hand gesture verification is used (step S5 of FIG.2). In order to allow automatic hand gesture verification, it is necessary that the features extracted from the inputted hand gestures should match or substantially match the stored gestures of the user.

In the available method of realizing the discrimination user data is checked against two set of data, its self and that of statistically relevant group of other people with the output of the system being binary. This reduces the need for highly reliable information of the user's hand gesture. The use of features that are rotation, scale and translation tolerant on the temporal history templates, such as wavelets and image moments makes the system very robust providing discrimination even when the quality of the hand gesture captured is not of high quality. This reliable feature information is applied to the individual characteristic extraction processing and so forth all obtained by the hand gesture verifying characteristic extraction section 12 individually or in combination are higher than threshold values for them determined in advance.

The hand gesture verifying registration characteristic data storage 13 stores hand gesture characteristic information for verification. Preferably, other user unique information regarding the user who is the owner of the hand gesture is also stored in a corresponding relationship to the gesture information. The user unique information preferably further includes information regarding the various types of services permitted to the user.

If the hand gesture verifying characteristics extraction 12 provides a hand gesture input has a sufficient quality, then the hand gesture characteristic verification 14 verifies the hand gesture (step S6 of FIG. A score based on the features extracted of the temporal history template (THT), representative of a similarity of input and stored hand gestures can be used as a basis for providing authentication. Alternatively, the features of the THT can be the input of a trained neural network for the purpose of characterisation.

The hand characteristic verification 14 compares the score with the threshold value set therefore in advance to discriminate whether or not the person who has input the hand characteristic is the same as the registered user (step S7 of FIG.2). If the score is higher than a predetermined threshold value, then the gesture characteristic can be determined as authenticated. Alternatively, this may be done using neural networks that have been trained.

When the input hand gesture is sufficiently similar to the stored hand gesture characteristic, the user verification result determination 15 authenticates that the user is a permitted user (step S8 of FIG.2). On the other hand, if the hand gesture doesn't coincide, then gesture input request 20 subsequently executes a substitute authentication in accordance with the steps of figure 3.

The steps of Figure 3 may otherwise be undertaken if an unsatisfactory gesture input is obtained after a predetermined number of inputs. In this regard, a gesture input section 21 captures gesture input and acquisition of a hand gesture using a scheme similar to that of the gesture input 11. Only when necessary hand gesture is input at 21 in accordance with the request 20, can the user advance to a next substitute authentication step 22 (step S12 of FIG.3).

Authentication 22 includes the input of a personal identification number, a password, the reading of a magnetic card or the like. If it is determined by one of the substitute authentication methods that user is a legal user (step S13 of FIG.3), then authentication is determined (step S14 of FIG.3) and the user is authenticated (step S8 of FIG.1). Otherwise, the display 24 displays a rejection of authentication (step S15 of FIG.3). Depending on the level of security required, the user may have to meet the administrators to get the permission of step 22. In high security environment, this may be eliminated altogether.

The substitute authentication means user information store 23 stores the hand gesture input first from the hand gesture input 11 and the hand gesture input from the hand gesture input 21 after the request by the hand gesture inputting request section 20 (step S3 of FIG.2 and step S10 of FIG.3). The stored hand gestures may be later used for searching and identification of the unauthorised user by the illegal user pursuit information processor 25 when necessary. While these steps are important for reducing false negatives, these steps may not be required for various applications.

The configuration and the operation of the present invention is further described with reference to the following examples.

In a first example, in operation in physical access control application, a user who makes a request for entry inputs a number N or the like for identification of the user from ten keys or the like. This triggers the system that is ready to record the video data of the user and gives a stimuli (sound, light or on the screen) to the user who then performs a gesture S to be captured by the video sensor. The system discriminates coincidence between the input gesture S and a stored gesture F which is identified with the inputted number identification number N of the user from among a plurality of registered gestures stored therein. In actual verification, the similarity of characteristics for verification extracted from the gesture S and the gesture F is evaluated, and if the similarity is higher than a threshold value, then it is determined that the gestures coincide with each other and authentication is given. This may also be done using neural networks.

The verification processing is performed automatically, but when the quality of the inputted gesture is not sufficient, or the gesture cannot be discriminated with sufficient confidence, a substitute authentication process may take place. In accordance with the substitute process, a request to input a special personal identification number or password is issued. Then, if an inputted personal identification number or password coincides with a registered number or password, then the gesture input is stored into the substitute authentication means store 23 and a request to input another gesture is made before substitute authentication is permitted.

The reason why a request to input a gesture is issued a number of times in this manner is that it is intended to prevent a gesture from a counterfeit user being given and stored. In order to prevent such storage of a counterfeit user, a plurality of gestures are compared with each other. If the gestures are not similar within a selected or predetermined threshold, then substitute authentication is not permitted.

If the gesture input is acceptable, then this is stored into the substitute authentication means 23, and the process advances to substitute authentication 22 which is based on the input of a password. If the input password or personal identification number coincides with a registered one, then it is determined that the user can be authenticated.

The password or personal identification number inputted from ten keys, a keyboard or the like for substitute authentication can be entered even by an unrelated person through conjecture, furtive looking or the like, and this gives rise to the possibility of illegal accessing by a person who poses as the legal user.

The present system provides measures for specifying the person who posed illegally, when it later becomes clear that illegal accessing to entrance gate management or illegal login to a computer system was executed. In particular the gestures stored in the substitute authentication means user information storage 23 include gesture information of users who utilized the substitute authentication 22 and can be utilized for search and pursuit of an illegal user by a manager or the like who visually observes the gestures. Since the range of users of such a system is limited in most cases, information to assist in the identification of the illegal user can be obtained by visually comparing gestures of the users and the stored gestures with each other.

Although, in the foregoing description, a method wherein a single gesture used as biometric data is described, naturally it is possible to augment the security by the input of a plurality of gestures and using the gestures to discriminate the propriety of the input gestures more strictly or by storing plurality of gestures and using them for pursuit of an illegal user.

Furthermore, in a simpler form of the present invention, the user information input 10 may be omitted and the gesture characteristics verification 14 may verifythe input gesture characteristics successively with all of the gesture characteristics/ data stored in the gesture data store 13. Where there is a relatively high similarity score between the input gesture/data and the stored gesture data, authentication can be provided.

While this invention has been described in connection with specific embodiments thereof, it will be understood that it is capable of further modification(s). This application is intended to cover any variations uses or adaptations of the invention following in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains and as may be applied to the essential features hereinbefore set forth.

As the present invention may be embodied in several forms without departing from the spirit of the essential characteristics of the invention, it should be understood that the above described embodiments are not to limit the present invention unless otherwise specified, but rather should be construed broadly within the spirit and scope of the invention as defined in the appended claims.

Various modifications and equivalent arrangements are intended to be included within the spirit and scope of the invention and appended claims. Therefore, the specific embodiments are to be understood to be illustrative of the many ways in which the principles of the present invention may be practiced. In the following claims, means-plus-function clauses are intended to cover structures as performing the defined function and not only structural equivalents, but also equivalent structures. For example, although a nail and a screw may not be structural equivalents in that a nail employs a cylindrical surface to secure wooden parts together, whereas a screw employs a helical surface to secure wooden parts together, in the environment of fastening wooden parts, a nail and a screw are equivalent structures.

"Comprises/comprising" when used in this specification is taken to specify the presence of stated features, integers, steps or components but does not preclude the presence or addition of one or more other features, integers, steps, components or groups thereof."

Claims

02. A system as claimed in claim 1 wherein the substitute input or features attributable to the input are stored.
3. A system as claimed in daim 1, further including logic means for determining whether the input biometric data is to be provided to the authentication means.
4. A system as claimed in claim 1, wherein at least one hand gesture or body movement is used as the input biometric data. A system as claimed in claim 1, further including video capture means adapted to provide prior to authentication, of at least the name, number or image of the user.
6. A method of providing authentication for a desired user of a limited access system, the method including the steps oft providing as an input, the biometric data of the user, comparing the input data against stored data, and in response to a determination of the input and stored data having a predetermined level of similarity, providing authentication to the user.
7. A method as claimed in claim 6, further including the step of: storing the input data when authentication is not provided. -14-
8. A method as claimed in claim 6, wherein comparison of the data is Sbased on a predetermined algorithm, the encoded name of which is with the Sdata. oo S9. A method as claimed in claim 6, wherein a hand gesture, or movement of other physical features of the user is used as biometric data. N 10. A method where the data from the movement gesture/ action of the 0 user need only be stored as features and properties of the temporal integrated In template where the data automatically gets encrypted and reduced by the 0very nature of the method making it very difficult for the original movement gesture to be reconstructed from the stored data and making it convenient to store the data with little memory requirement
11. A method where the temporally integrated template of the user is formed based on an input of the user to the system, by the supervisor of the system, or by a timing based system, or by a movement based system and results in a computationally simple system.
12. A method wherein the statistical properties of the temporal/ spatial and spectral/ wavelet transform of the data andl or the weights of the neural network trained for the given input only need be stored for identifying the user.
13. Apparatus adapted to provide authentication for a user, said apparatus including: 13(a) processor means adapted to operate in accordance with a predetermined instruction set, 13(b). said apparatus, in conjunction with said instruction set, being adapted to perform the method as herein disclosed.
14. An apparatus as claimed in claim 13, further including a means of recording the video data of the biometrics user gesture I movement wherein the gesture of the user is not seen by other people close to the user. A computer program product including: c a computer usable medium having computer readable program code and computer readable system code embodied on said medium for providing, in Sassociation with a data processing system, authentication for a user, said OC computer program product including computer readable code within said computer usable medium being adapted to enable performance of a method Ias disclosed herein. 0 16. A method as herein disclosed. 0 17. A system, apparatus and I or device as herein disclosed. DATED THIS 31st day of March 2005 Intelligent Sensing Pty Ltd 44, Lansdown St Balwyn North 3104