公开(公告)号：US20160364559A1

公开(公告)日：2016-12-15

申请号：US14734710

申请日：2015-06-09

Applicant: INTEL CORPORATION

Inventor： Niraj Bali ,  Kumar N. Dwarakanath ,  Asaf Haskel ,  Gennadi Iosad ,  Anoop K. Jayasankaran ,  Victoria C. Moore ,  Vinod Gomathi Nayagam ,  David Zahavi

IPC: G06F21/32 ,  H04L9/08 ,  G06F21/60 ,  G06K9/00 ,  G06F21/62

CPC classification number: G06F21/32 ,  G06F21/602 ,  G06F21/62 ,  G06F21/6209 ,  G06F21/74 ,  G06K9/00087 ,  G06K9/00885 ,  G06K2009/00953 ,  H04L9/0866 ,  H04L9/3231 ,  H04L9/3239 ,  H04L2209/24 ,  H04L2209/805

Abstract: A system includes one or more biometric sensors, a sensor hub and a trusted application execution environment. The sensor hub has exclusive access to the sensors and also isolates untrusted/unauthenticated portions of the operating system from direct access to unencrypted biometric data acquired by the sensors. During a biometric scan/collection process, only the sensor hub and a security engine can access the sensors and a storage component. The sensor hub reads the sensors to obtain the biometric data associated with the scan/collection process and stores the biometric data in the storage component. The security engine encrypts the biometric data before the sensor hub removes the access restrictions. Various components transfer the encrypted biometric data from the storage component to the trusted environment, which hosts algorithms for processing the biometric data.

Abstract translation: 系统包括一个或多个生物测定传感器，传感器集线器和可信应用执行环境。 传感器集线器具有对传感器的独占访问，并且还将操作系统的不受信任/未认证的部分与对传感器获取的未加密生物特征数据的直接访问隔离开。 在生物识别扫描/收集过程中，只有传感器集线器和安全引擎可以访问传感器和存储组件。 传感器集线器读取传感器以获得与扫描/收集过程相关联的生物特征数据，并将生物特征数据存储在存储部件中。 在传感器集线器移除访问限制之前，安全引擎加密生物特征数据。 各种组件将加密的生物特征数据从存储组件传送到可信环境，该环境承载用于处理生物特征数据的算法。

公开(公告)号：US10061910B2

公开(公告)日：2018-08-28

申请号：US14734710

申请日：2015-06-09

Applicant: Intel Corporation

Inventor： Niraj Bali ,  Kumar N. Dwarakanath ,  Asaf Haskel ,  Gennadi Iosad ,  Anoop K. Jayasankaran ,  Victoria C. Moore ,  Vinod Gomathi Nayagam ,  David Zahavi

IPC: G06F21/32 ,  H04L9/32 ,  G06F21/60 ,  G06F21/62 ,  G06K9/00 ,  H04L9/08 ,  G06F21/74

CPC classification number: G06F21/32 ,  G06F21/602 ,  G06F21/62 ,  G06F21/6209 ,  G06F21/74 ,  G06F21/79 ,  G06K9/00087 ,  G06K9/00885 ,  G06K2009/00953 ,  H04L9/0866 ,  H04L9/3231 ,  H04L9/3239 ,  H04L2209/24 ,  H04L2209/805

Abstract: A system includes one or more biometric sensors, a sensor hub and a trusted application execution environment. The sensor hub has exclusive access to the sensors and also isolates untrusted/unauthenticated portions of the operating system from direct access to unencrypted biometric data acquired by the sensors. During a biometric scan/collection process, only the sensor hub and a security engine can access the sensors and a storage component. The sensor hub reads the sensors to obtain the biometric data associated with the scan/collection process and stores the biometric data in the storage component. The security engine encrypts the biometric data before the sensor hub removes the access restrictions. Various components transfer the encrypted biometric data from the storage component to the trusted environment, which hosts algorithms for processing the biometric data.