A method for providing an authentication of a user of a computer system in a
network
is disclosed. The method comprises capturing biometric data of a user; encrypting
and signing the biometric data with a private key and sending the encrypted and
signed data to a central server in the network. The method further comprises accepting
and verifying credentials associated with the signed and encrypted data from the
server utilizing the public key from the server. The method further comprises installing
the credentials into the computer if the credentials are verified. In a method
and system in accordance with the present invention, a user can walk up to any
client within an enterprise and have their locally captured biometric input authenticated
at a central server. The user can then have their individual credentials securely
imported to the local client for subsequent use during that time period, without
needing any additional identification or memory token such as a smartcard.
