CARDENAS CHRISTOFHER JOEL (PA)
DE LEVANTE RICARDO ANTONIO (PA)
DE LEVANTE RICARDO ALLAN (PA)
GONZÁLEZ GIL JOSÉ ÁNGEL (PA)
| US20110224509A1 | 2011-09-15 | |||
| EP1929950A1 | 2008-06-11 |
| CLAIMS 1. A system for controlling secure access of a user, which comprises a terminal which in turn comprises: · a controller, • a credential screen intended to allow a username and password to be entered in respective displays, • an input device, slave output devices of the controller defined by a screen intended to show an image or video and a speaker intended to emit a sound, the system comprising an electrodermal module, slave of the controller, which in turn comprises a sensor intended to capture an electrodermal signal. 2. The system for controlling secure access of a user according to claim 1 , which also comprises an electrodermal signal database accessible by way of the controller. 3. The system for controlling secure access of a user according to claim 1 , which also comprises a memory maintained and accessible by way of the controller and which comprises an electrodermal signal database. 4. A method for controlling secure access of a user, which comprises: • entering a username and password in respective displays of a credential screen, • comparing the username and password with a credential database, stimulating the user by means of an audiovisual stimulus where said stimulation comprises showing an image on a screen controlled by a controller and emitting a sound by means of a speaker intended to emit sound and controlled by the controller, • capturing an electrodermal signal of the user by means of an electrodermal module which comprises a sensor for such purpose, and • allowing access to the user by means of making a decision when the electrodermal signal of the user matches a recorded electrodermal signal of the user which is stored in an electrodermal signal database accessible by way of the controller. 5. The method for controlling secure access of a user according to claim 4, wherein the stimulus is taken from an input database which comprises the stimulus corresponding to the user. 6. The method for controlling secure access of a user according to claim 4, wherein the stimulus is taken from an input database which comprises the stimulus corresponding to the user when the username and password are correct. |
FIELD OF THE INVENTION
The present invention relates to a method and a system for access security, a method and a system based on electrodermal signals which are emitted upon receiving a type of visual, audio or audiovisual stimulus.
This method and this system are aimed at protecting sensitive information and can be used for controlling access to personal information as a measure for perimeter security and even for determining the psychological state of a person for performing a task.
BACKGROUND OF THE INVENTION
At present a significant part of the existing services and process in society require an access control system. This system is geared towards guaranteeing that the entities can only access the resources for which they are authorized.
The authentication methods are usually based on the concept of identity where the service associates users with identities. Once the association has been carried out, authentication credentials are assigned which, according to the context, allow greater or less access to the resources of the system which is supported by the cited authentication service. A fundamental element for the correct operation of the authentication and access control system is the manner of assigning the credentials to each identity.
There are physical and mental states which may mean that a determined user, even having the abilities or competences required, is not in a suitable condition to allow access to a determined resource of the system. One example may be a surgeon who is not sufficiently concentrated on carrying out a remote operation, a pilot of a plane or air traffic controller with stress that is incompatible with piloting, access to bank vaults, access to chemical laboratories where pharmaceutical are developed, amongst others. Due to this, it is necessary to assess not only the abilities and competences, but also the current state of an individual for carrying out a determined task or accessing critical information. There are psychological states related to factors which may include: their stress level, anxiety, confidence with respect to a determined task, attention to what they are doing, states of health, amongst others.
We believe that by implementing this security method, which may or may not provide access in accordance with the electrodermal activity which is received based on a stimulus (visual, audio or audiovisual).
The application thereof may be in TIC areas, perimeter security and human behaviors may provide greater protection since the responses of each individual faced with a stimulus are different and characteristic of that individual. The response of each individual exposed to these stimuli cannot be cloned.
The patent number US 5, 676, 138 in the name of Zawilinski details a computer system which detects the emotional responses produced by an audiovisual stimulus which is presented on a determined interface. Said responses are measured by a series of sensors which determine, for example the cardiac frequency and dermal activity.
The patent with number US 7, 486,810 B1 granted to Accapadi details the assignment of virtual keyboards as a biometric mechanism for collecting digital fingerprints. The process functions in the following manner, a field is assigned to each key of the virtual keyboard, said field collects the information of the digital fingerprints, the delay in keystrokes of each key is recorded and these values are compared with the previous data in a training stage.
The patent application with application number US13/285464 in the name of Ermoza details a system for verifying the identity of an individual, this system provides at least one characteristic of the analyzed subject, this system includes a surface for the hand of the subject which contains a series of sensors for physiological parameters, the information collected by the system is analyzed by way of a computer application which provides a response which indicates whether the person is who they say they are.
The last two inventions do not use audiovisual stimuli to provoke emotions in the user and do not use this information to determine the state of the user for carrying out a determined task nor is it used as a security method for access to a system.
DESCRIPTION OF THE INVENTION
The main objective of the present invention is to provide a new security and secure access control method based on the electrodermal activity of the individual and implement it together with a system for controlling secure access of a user which is based on a password and username.
Another objective of the invention is to create a secure and efficient access method, where elements that are easy to obtain and/or falsify are not used like in the case of systems with digital fingerprints.
Another objective of the invention is to create a more economically accessible mechanism since the current biometric mechanisms are very costly.
Another objective of the invention is to reduce the falsifications of the personal credentials, carried out by various means such as social engineering; a clear example is based on alterations to the face by taking a photograph.
Another objective of the invention is to reduce the dependency on external agents at the time of authentication, a clear example are biometric systems which use the face and depend on many external factors such as luminosity, make-up and age.
DESCRIPTION OF THE FIGURES
In order to complement the description being made and with the object of helping to better understand the characteristics of the invention, in accordance with a preferred practical embodiment thereof, said description is accompanied, as an integral part thereof, by a set of drawings where, in an illustrative and non-limiting manner, the following has been illustrated:
Figure 1 shows an illustrative diagram of the system of the invention,
Figure 2 shows a flow diagram of the method of the invention,
Figure 3 shows a diagram where the connections of the different parts which form the invention are observed.
DETAILED DESCRIPTION OF THE FIGURES
As is observed in Figure 1 , a terminal (1) is present in a preferred embodiment of the system of the invention which prevents unauthorized access to the interior of a device and which has three main components, a main display or credential screen (2) to enter the username and the password, an input device for this terminal such as a keyboard (3) and an electrodermal system (4) which is equipped with a sensor (4c) which is an electrodermal sensor.
The user who desires access by way of the terminal (1) must use a keyboard (3) to enter their username in a first display (2a) and their password in a second display (2b) of the credential screen (2). Upon entering their data correctly, a screen (4a) will show an image or video and a speaker (4b) will emit a sound, thus generating an audiovisual stimulus. The audiovisual stimulus will be perceived by the user and provoke a response in the user that is measurable in their hand at an electrodermal level. At this moment, the user with their hand on the sensor (4c), which is an electrodermal sensor, will be the object of a measurement from said sensor (4c).
The system compares the value measured with a database and will provide access if the reading corresponds to other readings related to the same user.
As is observed in Figure 2, the credentials which the user enters by means of the keyboard (3) and which are shown on the credential screen (2) are compared with a credential database (7) in a decision taken in (5a). If the data are correct, the system will search in the input database (6) for the stimulus corresponding to the user, if they are incorrect the process will not be continued and it will be requested that the data be entered again.
Each user should have a particular stimulus, preferably configured by the user themselves when they are identified in the system. The output devices (4a, 4b) show the audiovisual stimulus (audio and/or images) which corresponds to the user. The user provides their electrodermal signal to the sensor (4c) and the system supplies this information to an expert system (8). The expert system (8) improves the accuracy of the correspondence between the data provided by the user and that which is stored in the electrodermal signal database (10) accessible by the controller (11).
This is necessary in order to ensure that the user is identified correctly even when they are under an effect which modifies the reading of the sensor (4c). The credentials updated by the expert system are provided for making the decision (5b), if they are considered identical, final access is provided to the user. The user may try to provide their electrodermal signal a number of times before the system prevents access.
As is observed in Figure 3, all the elements of the system are supplied by an energy source (9). The keyboard (3) communicates with the controller (1 1) in order to carry out the signal display on the credential screen (2). The controller (1 1) maintains a memory (11 a) where the electrodermal signal database (10) can be stored; the databases are accessible by way of said controller. Both the output devices (4a, 4b) such as the electrodermal sensor are slaves of the controller (11).
Next Patent: METHOD FOR CONDITIONAL ACCESS TO A SYSTEM BY A USER