US20060230464A1 - Method for enabling a trusted dialog for collection of sensitive data - Google Patents
Method for enabling a trusted dialog for collection of sensitive data Download PDFInfo
- Publication number
- US20060230464A1 US20060230464A1 US11/427,144 US42714406A US2006230464A1 US 20060230464 A1 US20060230464 A1 US 20060230464A1 US 42714406 A US42714406 A US 42714406A US 2006230464 A1 US2006230464 A1 US 2006230464A1
- Authority
- US
- United States
- Prior art keywords
- application
- security token
- personal security
- dialog
- enabling
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
Definitions
- the present invention relates to the field of computing and particularly to a method and program for enabling a trusted dialog for collection of sensitive data.
- Computing devices are being utilized to perform an ever-increasing number of tasks, some of which involve a user entering and/or storing private or sensitive data, such as when performing online banking transactions, making an online purchase or monitoring personal finances. Consequently, protection of such data from exploitation is becoming an increasingly important issue.
- users are allowed to install software. This is problematic in that a user may unintentionally install a rogue application, which can compromise the security of both the software platform and the user's sensitive data. To some extent, such applications can be “sandboxed” to prevent them from accessing certain data and resources.
- rogue applications are almost always given access to a display of the computing device. This presents the potential problem of a rogue application spoofing the appearance of a legitimate or trusted application and soliciting sensitive data from a user, such as passwords or credit card numbers, which can then be exploited.
- the present invention is directed to a method for enabling a trusted dialog for collection of sensitive data, which includes the steps of: storing a personal security token specified by a user; receiving an input dialog request from an application; determining whether the application is a signed application; and, if the application is a signed application, accessing the personal security token and allowing the input dialog to be displayed with the personal security token and signed application identification.
- FIG. 1 is a flowchart illustrating a method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention
- FIG. 2 is a flowchart illustrating an additional method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention, in particular, the steps by which a platform service receives an input dialog request when a signed application places a call to the platform service via a class path;
- FIG. 3 is a flowchart illustrating a further method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention, wherein the personal security token is at least one of an audible recording or combination of vibrations; and
- FIG. 4 is a flowchart illustrating a method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention.
- the method 100 includes storing a personal security token specified by a user 102 .
- a user of a computing device such as a personal computer, personal digital assistant (PDA) and the like, during initial setup/login, is asked by the software platform of the computing device to enter or select a personal security token.
- the software platform may cause a message or prompt to be generated and displayed on a display screen of the user's computing device asking the user to enter a personal security token.
- the personal security token is selected by the user, via keyboard or mouse entry, and is stored by a platform service in a memory of the user's computing device 102 .
- the personal security token is stored by a platform service in a memory of a remotely located computing device.
- the platform service is software implemented within the operating system of a user's computing device.
- the platform service software may be obtained and implemented within a user's computing device as an add-on feature.
- the personal security token is an image or a portion thereof.
- the image may be 32 ⁇ 32 or 16 ⁇ 16 pixels.
- the personal security token is a user-entered alpha/numeric character string.
- the personal security token may be changed as desired by the user.
- the method 100 further includes receiving an input dialog request from an application 104 .
- An input dialog is a message or prompt which appears on a display screen of a user's computing device and solicits a user response.
- an input dialog may ask a user to input sensitive data, such as a password or a credit card number to be used by a corresponding application. If the corresponding application is a trusted application with a legitimate need for such data, a user can feel secure when providing information in response to that application's input dialog.
- an input dialog may come from a rogue (i.e.—untrustworthy) application that has been installed, perhaps unintentionally, by the user. Rogue applications may generate an input dialog that spoofs the appearance of an input dialog from a trusted application.
- a platform service such as a secure dialog service, receives an input dialog request from an application 104 which is attempting to have its input dialog displayed on a display screen of a user's computing device.
- the user's computing device contains a Java Virtual Machine (JVM) and the platform service receives the input dialog request from an application, which places a call to the platform service via a class path.
- JVM Java Virtual Machine
- FIG. 2 illustrates a method 200 in accordance with the present embodiment of the invention, in particular, the steps by which a platform service receives an input dialog request when a signed application (i.e.—an application containing a digital signature) places a call to the platform service via a class path.
- a generic class loader of the JVM receives a request to load application code package 202 .
- the generic class loader verifies that the application code package is signed 204 .
- the generic class loader transfers the application code package to a signed-class loader 206 .
- the signed-class loader verifies the presence of proper certificate signatures and loads application classes 208 .
- the signed-class loader then calls application entry point 210 , which causes an execution call stack of the application to show the signed-class loader as the root of the call stack.
- the platform service receives the application's input dialog request 212 .
- the method 100 further includes determining whether the application is a signed application 106 .
- the platform service upon receiving an input dialog request from an application, determines if the requesting application is a signed application 108 .
- the platform service determines if the requesting application is a signed application by examining the application's execution call stack. If the execution call stack shows the signed-class loader as the root of the call stack, the platform service makes the determination that the application has been verified as a signed application and is thus, legitimate.
- the platform service operates under the assumption that a rogue application cannot spoof an execution call stack.
- the platform service determines that the requesting application is signed 110 , the platform service accesses the stored personal security token, which the requesting application does not know, and allows the application's input dialog to be displayed on a display of the user's computing device, the input dialog including the personal security token and the application's certificate information (i.e., dialog origin information), which identifies the application as a signed application 110 .
- the platform service determines that the application is not signed 112 , the input dialog will not be displayed with the personal security token and will not include signed application identification.
- the method 300 includes storing a personal security token specified by a user 302 in which the personal security token is at least one of an audible recording or a set of vibratory motions. For instance, various vibration combinations in a cellular phone may be used as the personal security token.
- a user of a personal computer, PDA, cellular phone and other like computing devices may be asked by the software platform of the device to enter or select a personal security token.
- the platform service may be software implemented within the operating system of a user's computing device. Further, the platform service software may be obtained and implemented within a user's computing device as an add-on feature.
- the software platform may cause a message or prompt to be generated and displayed on a display screen of the user's computing device asking the user to enter a personal security token.
- the personal security token (being either an audible recording or set of vibratory motions) is selected by the user, via keyboard or mouse entry, and is stored by a platform service in a memory of the user's computing device or by a platform service in a memory of a remotely located computing device.
- a user may create or use an audible recording as the personal security token by activating an input key which records the user's voice.
- the personal security token may then in the future be supplied by the device recognizing the user's voice, or by supplying the audible recording to the device.
- the user may select an audible recording supplied by the computing device to be used as their personal security token.
- various vibration combinations/patterns either provided by the computing device or programmed into the device by the user may also be used as the personal security token. It is to be understood that the personal security token may be changed as desired by the user.
- the method 300 includes receiving an input dialog request from an application 304 .
- an input dialog is a message or prompt which appears on a display screen of a user's computing device and solicits a user response.
- an input dialog may ask a user to input sensitive data, such as a password or a credit card number to be used by a corresponding application. If the corresponding application is a trusted application with a legitimate need for such data, a user may feel secure when providing information in response to that application's input dialog.
- an input dialog may come from a rogue (i.e.—untrustworthy) application that has been installed, perhaps unintentionally, by the user.
- Rogue applications may generate an input dialog that spoofs the appearance of an input dialog from a trusted application. Consequently, a user may be deceived into providing sensitive data in response to a rogue application's input dialog, thus allowing for possible exploitation of such data.
- a platform service such as a secure dialog service, receives an input dialog request from an application 304 which is attempting to have its input dialog displayed on a display screen of a user's computing device.
- a JVM may be disposed within the user's computing device and the platform service receives the input dialog request from an application, which places a call to the platform service via a class path.
- the method 300 further includes determining whether the application is a signed application 306 .
- the platform service upon receiving an input dialog request from an application, determines if the requesting application is a signed application. For example, the platform service may determine if the requesting application is a signed application by examining the application's execution call stack. If the execution call stack shows the signed-class loader as the root of the call stack, the platform service makes the determination that the application has been verified as a signed application and is thus, legitimate. The platform service operates under the assumption that a rogue application cannot spoof an execution call stack.
- the platform service determines that the requesting application is signed, the platform service accesses the stored personal security token and allows the application's input dialog to be revealed 308 .
- the input dialog may include the personal security token and the application's certificate information (i.e., dialog origin information), which identifies the application as a signed application.
- the application certificate information may be revealed on the user's computing device while simultaneously providing the user's personal security token which is either the user's audible recording or set of vibratory motions. In such example, the user may be confident that the dialog is from the signed application identified in the dialog.
- the platform service determines that the application is not signed, the input dialog will not be revealed with the personal security token and will not include signed application identification.
- the method 400 utilizes a personal security token which is either an audible recording or a set of vibratory motions.
- the method 400 includes storing a personal security token (e.g., specified by a user) in a platform service 402 .
- the personal security token is at least one of an audible recording or a set of vibratory motions.
- the method 400 entails receiving an input dialog request by the platform service from an application 404 and determining whether the application is a signed application by inspecting the application's execution call stack 406 .
- the platform service accesses the personal security token 408 thereby allowing the input dialog to be revealed with the personal security token and signed application identification. If a determination is made that the application is not a signed application, the application will not be revealed with the personal security token and will not include signed application identification 410 .
- the invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements.
- the invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, and the like.
- the invention may take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system.
- a computer-usable or computer readable medium may be any apparatus that may contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
- the medium may be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium.
- a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk.
- Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
- a data processing system suitable for storing and/or executing program code will include at least one processor coupled directly or indirectly to memory elements through a system bus.
- the memory elements may include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution.
- I/O devices including but not limited to keyboards, microphone, speakers, displays, pointing devices, and the like
- I/O controllers may be coupled to the system either directly or through intervening I/O controllers.
- Network adapters may also be coupled to the system to enable the data processing system to become couple to other data processing systems or storage devices through intervening private or public networks.
- Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
Abstract
The present invention is a method for enabling a trusted dialog for collection of sensitive data, including the steps of: storing a personal security token specified by a user; receiving an input dialog request from an application; determining whether the application is a signed application; and, if a determination is made that the application is a signed application, accessing the personal security token and allowing the input dialog to be displayed with the personal security token and signed application identification. The personal security token may be at least one of an audible recording or a set of vibratory motions.
Description
- The present invention is a continuation-in-part under 35 U.S.C. § 120 of U.S. application Ser. No. 10/981,253, filed on Nov. 4, 2004 which is herein incorporated by reference in its entirety.
- The present invention relates to the field of computing and particularly to a method and program for enabling a trusted dialog for collection of sensitive data.
- Computing devices are being utilized to perform an ever-increasing number of tasks, some of which involve a user entering and/or storing private or sensitive data, such as when performing online banking transactions, making an online purchase or monitoring personal finances. Consequently, protection of such data from exploitation is becoming an increasingly important issue. On many software platforms, users are allowed to install software. This is problematic in that a user may unintentionally install a rogue application, which can compromise the security of both the software platform and the user's sensitive data. To some extent, such applications can be “sandboxed” to prevent them from accessing certain data and resources. However, by their very nature, rogue applications are almost always given access to a display of the computing device. This presents the potential problem of a rogue application spoofing the appearance of a legitimate or trusted application and soliciting sensitive data from a user, such as passwords or credit card numbers, which can then be exploited.
- Currently employed techniques to prevent a rogue application spoofing the appearance of a legitimate or trusted application are insufficient. One approach has been to use signed applications. However, such approach is limited by the fact that a rogue application may be signed making a lone test for signed code invoking dialog insufficient. An additional approach has been to use a “trusted” indicator on a display screen to allow a user to obtain dialog origin information. Again, this approach is limited also because a rogue application may spoof the appearance of the entire display screen including the “trusted” indicator. A further approach has been to allow a user to enter a key combination to display originator of dialog which is not able to be intercepted. This approach is non-intuitive and not user friendly.
- Therefore, it would be advantageous to have a method for enabling a trusted dialog for collection of sensitive data, which allows a user to have increased confidence that any input data is being collected by an application with a legitimate need for such data.
- Accordingly, the present invention is directed to a method for enabling a trusted dialog for collection of sensitive data, which includes the steps of: storing a personal security token specified by a user; receiving an input dialog request from an application; determining whether the application is a signed application; and, if the application is a signed application, accessing the personal security token and allowing the input dialog to be displayed with the personal security token and signed application identification.
- It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not necessarily restrictive of the invention as claimed. The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the invention and together with the general description, serve to explain the principles of the invention.
- The numerous advantages of the present invention may be better understood by those skilled in the art by reference to the accompanying figures in which:
-
FIG. 1 is a flowchart illustrating a method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention; -
FIG. 2 is a flowchart illustrating an additional method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention, in particular, the steps by which a platform service receives an input dialog request when a signed application places a call to the platform service via a class path; -
FIG. 3 is a flowchart illustrating a further method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention, wherein the personal security token is at least one of an audible recording or combination of vibrations; and -
FIG. 4 is a flowchart illustrating a method for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention. - Reference will now be made in detail to the presently preferred embodiments of the invention, examples of which are illustrated in the accompanying drawings.
- Referring to
FIGS. 1 and 2 , a method for enabling a trusted dialog for collection of sensitive data in accordance with an embodiment of the present invention is discussed. Themethod 100 includes storing a personal security token specified by auser 102. In a present embodiment, a user of a computing device, such as a personal computer, personal digital assistant (PDA) and the like, during initial setup/login, is asked by the software platform of the computing device to enter or select a personal security token. For example, the software platform may cause a message or prompt to be generated and displayed on a display screen of the user's computing device asking the user to enter a personal security token. The personal security token is selected by the user, via keyboard or mouse entry, and is stored by a platform service in a memory of the user'scomputing device 102. In a further embodiment, the personal security token is stored by a platform service in a memory of a remotely located computing device. In a present embodiment, the platform service is software implemented within the operating system of a user's computing device. In a further embodiment, the platform service software may be obtained and implemented within a user's computing device as an add-on feature. In an embodiment, the personal security token is an image or a portion thereof. For example, the image may be 32×32 or 16×16 pixels. In a further embodiment, the personal security token is a user-entered alpha/numeric character string. In additional embodiments, the personal security token may be changed as desired by the user. - The
method 100 further includes receiving an input dialog request from anapplication 104. An input dialog is a message or prompt which appears on a display screen of a user's computing device and solicits a user response. For example, an input dialog may ask a user to input sensitive data, such as a password or a credit card number to be used by a corresponding application. If the corresponding application is a trusted application with a legitimate need for such data, a user can feel secure when providing information in response to that application's input dialog. However, in some cases, an input dialog may come from a rogue (i.e.—untrustworthy) application that has been installed, perhaps unintentionally, by the user. Rogue applications may generate an input dialog that spoofs the appearance of an input dialog from a trusted application. Consequently, a user may be deceived into providing sensitive data in response to a rogue application's input dialog, thus allowing for possible exploitation of such data. In a present embodiment, a platform service, such as a secure dialog service, receives an input dialog request from anapplication 104 which is attempting to have its input dialog displayed on a display screen of a user's computing device. In a present embodiment, the user's computing device contains a Java Virtual Machine (JVM) and the platform service receives the input dialog request from an application, which places a call to the platform service via a class path. -
FIG. 2 illustrates amethod 200 in accordance with the present embodiment of the invention, in particular, the steps by which a platform service receives an input dialog request when a signed application (i.e.—an application containing a digital signature) places a call to the platform service via a class path. First, a generic class loader of the JVM receives a request to loadapplication code package 202. The generic class loader then verifies that the application code package is signed 204. The generic class loader transfers the application code package to a signed-class loader 206. The signed-class loader verifies the presence of proper certificate signatures andloads application classes 208. The signed-class loader then callsapplication entry point 210, which causes an execution call stack of the application to show the signed-class loader as the root of the call stack. Finally, the platform service receives the application'sinput dialog request 212. - Once an input dialog request from an application has been received 104, the
method 100 further includes determining whether the application is a signedapplication 106. In a present embodiment, the platform service, upon receiving an input dialog request from an application, determines if the requesting application is a signedapplication 108. In the present embodiment, the platform service determines if the requesting application is a signed application by examining the application's execution call stack. If the execution call stack shows the signed-class loader as the root of the call stack, the platform service makes the determination that the application has been verified as a signed application and is thus, legitimate. The platform service operates under the assumption that a rogue application cannot spoof an execution call stack. If the platform service determines that the requesting application is signed 110, the platform service accesses the stored personal security token, which the requesting application does not know, and allows the application's input dialog to be displayed on a display of the user's computing device, the input dialog including the personal security token and the application's certificate information (i.e., dialog origin information), which identifies the application as a signedapplication 110. A user seeing an input dialog on his or her computing device's display which includes the user's personal security token and the application's certificate information can be confident that the dialog is from the signed application identified in the dialog. Conversely, if the platform service determines that the application is not signed 112, the input dialog will not be displayed with the personal security token and will not include signed application identification. - Referring to
FIGS. 3 and 4 , additional methods for enabling a trusted dialog for collection of sensitive data in accordance with embodiments of the present invention are provided. Themethod 300 includes storing a personal security token specified by auser 302 in which the personal security token is at least one of an audible recording or a set of vibratory motions. For instance, various vibration combinations in a cellular phone may be used as the personal security token. - In the present embodiment, a user of a personal computer, PDA, cellular phone and other like computing devices, during initial setup/login, may be asked by the software platform of the device to enter or select a personal security token. The platform service may be software implemented within the operating system of a user's computing device. Further, the platform service software may be obtained and implemented within a user's computing device as an add-on feature.
- In an exemplary embodiment, the software platform may cause a message or prompt to be generated and displayed on a display screen of the user's computing device asking the user to enter a personal security token. In such embodiment, the personal security token (being either an audible recording or set of vibratory motions) is selected by the user, via keyboard or mouse entry, and is stored by a platform service in a memory of the user's computing device or by a platform service in a memory of a remotely located computing device. For example, a user may create or use an audible recording as the personal security token by activating an input key which records the user's voice. The personal security token may then in the future be supplied by the device recognizing the user's voice, or by supplying the audible recording to the device. It is further contemplated that the user may select an audible recording supplied by the computing device to be used as their personal security token. In addition, various vibration combinations/patterns either provided by the computing device or programmed into the device by the user may also be used as the personal security token. It is to be understood that the personal security token may be changed as desired by the user.
- In a further embodiment, the
method 300 includes receiving an input dialog request from anapplication 304. As previously described formethod 100, an input dialog is a message or prompt which appears on a display screen of a user's computing device and solicits a user response. For example, an input dialog may ask a user to input sensitive data, such as a password or a credit card number to be used by a corresponding application. If the corresponding application is a trusted application with a legitimate need for such data, a user may feel secure when providing information in response to that application's input dialog. However, in some cases, an input dialog may come from a rogue (i.e.—untrustworthy) application that has been installed, perhaps unintentionally, by the user. Rogue applications may generate an input dialog that spoofs the appearance of an input dialog from a trusted application. Consequently, a user may be deceived into providing sensitive data in response to a rogue application's input dialog, thus allowing for possible exploitation of such data. - In the present embodiment, a platform service, such as a secure dialog service, receives an input dialog request from an
application 304 which is attempting to have its input dialog displayed on a display screen of a user's computing device. A JVM may be disposed within the user's computing device and the platform service receives the input dialog request from an application, which places a call to the platform service via a class path. - Once an input dialog request from an application has been received 304, the
method 300 further includes determining whether the application is a signedapplication 306. In a present embodiment, the platform service, upon receiving an input dialog request from an application, determines if the requesting application is a signed application. For example, the platform service may determine if the requesting application is a signed application by examining the application's execution call stack. If the execution call stack shows the signed-class loader as the root of the call stack, the platform service makes the determination that the application has been verified as a signed application and is thus, legitimate. The platform service operates under the assumption that a rogue application cannot spoof an execution call stack. If the platform service determines that the requesting application is signed, the platform service accesses the stored personal security token and allows the application's input dialog to be revealed 308. The input dialog may include the personal security token and the application's certificate information (i.e., dialog origin information), which identifies the application as a signed application. For example, the application certificate information may be revealed on the user's computing device while simultaneously providing the user's personal security token which is either the user's audible recording or set of vibratory motions. In such example, the user may be confident that the dialog is from the signed application identified in the dialog. Conversely, if the platform service determines that the application is not signed, the input dialog will not be revealed with the personal security token and will not include signed application identification. - Referring to
FIG. 4 , amethod 400 for enabling a trusted dialog for collection of sensitive data in accordance with an exemplary embodiment of the present invention is provided. Themethod 400 utilizes a personal security token which is either an audible recording or a set of vibratory motions. Themethod 400 includes storing a personal security token (e.g., specified by a user) in aplatform service 402. Again, the personal security token is at least one of an audible recording or a set of vibratory motions. Further, themethod 400 entails receiving an input dialog request by the platform service from anapplication 404 and determining whether the application is a signed application by inspecting the application'sexecution call stack 406. If the application is a signed application, the platform service accesses thepersonal security token 408 thereby allowing the input dialog to be revealed with the personal security token and signed application identification. If a determination is made that the application is not a signed application, the application will not be revealed with the personal security token and will not include signedapplication identification 410. - It is contemplated that the invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment containing both hardware and software elements. In a preferred embodiment, the invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, and the like. Furthermore, the invention may take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system. For the purposes of this description, a computer-usable or computer readable medium may be any apparatus that may contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
- It is further contemplated that the medium may be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. Examples of a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
- A data processing system suitable for storing and/or executing program code will include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements may include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution.
- Input/output or I/O devices (including but not limited to keyboards, microphone, speakers, displays, pointing devices, and the like) may be coupled to the system either directly or through intervening I/O controllers.
- Network adapters may also be coupled to the system to enable the data processing system to become couple to other data processing systems or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
- It is believed that the method of the present invention and many of its attendant advantages will be understood by the foregoing description. It is also believed that it will be apparent that various changes may be made in the form, construction and arrangement of the steps thereof without departing from the scope and spirit of the invention or without sacrificing all of its material advantages. The form herein before described being merely an explanatory embodiment thereof.
Claims (20)
1. A method for enabling a trusted dialog for collection of sensitive data, comprising:
storing a personal security token specified by a user, the personal security token being at least one of an audio recording or a set of vibratory motions;
receiving an input dialog request from an application;
determining whether the application is a signed application; and
if, a determination is made that the application is a signed application, accessing the personal security token and allowing the input dialog to be revealed with the personal security token and signed application identification.
2. The method for enabling a trusted dialog as claimed in claim 1 , wherein the method is implemented in a mobile device.
3. The method for enabling a trusted dialog as claimed in claim 2 , wherein the mobile device is a cellular telephone.
4. A method for enabling a trusted dialog as claimed in claim 1 , wherein the personal security token may be changed as desired by the user.
5. A method for enabling a trusted dialog as claimed in claim 1 , wherein the personal security token is stored in a platform service.
6. A method for enabling a trusted dialog as claimed in claim 1 , wherein receiving the input dialog request from the application is done by a platform service.
7. A method for enabling a trusted dialog as claimed in claim 6 , wherein upon receiving the input dialog request from the application, the platform service determines whether the application is a signed application by inspecting the application's execution call stack.
8. A method for enabling a trusted dialog as claimed in claim 7 , wherein upon determining that the application is a signed application, the platform service accesses the personal security token and allows the application's input dialog to be revealed with the personal security token and signed application identification.
9. A method for enabling a trusted dialog as claimed in claim 7 , wherein if a determination is made that the application is not a signed application, the application is prevented from being revealed with the personal security token.
10. A method for enabling a trusted dialog as claimed in claim 1 , wherein the application does not know the personal security token.
11. A computer program product, comprising:
a computer useable medium including computer usable program code for creating a method for enabling a trusted dialog for collection of sensitive data, the computer program product including:
computer usable program code for storing a personal security token specified by a user, the personal security token being at least one of an audio recording or a set of vibratory motions;
computer usable program code for receiving an input dialog request from an application;
computer usable program code for determining whether the application is a signed application; and,
if, a determination is made that the application is a signed application, computer usable program code for accessing the personal security token and allowing the input dialog to be revealed with the personal security token and signed application identification.
12. A computer program product as claimed in claim 11 , wherein instructions are included within the computer readable medium which cause the program, upon receiving the input dialog request from the application, to determine whether the application is a signed application by inspecting the application's execution call stack.
13. A computer program product as claimed in claim 11 , wherein instructions are included within the computer readable medium which cause the program, upon the program making a determination that the application is not a signed application, to prevent the application from being revealed with the personal security token and signed application identification.
14. A computer program product as claimed in claim 11 , wherein the personal security token may be changed as desired by the user.
15. A computer program product as claimed in claim 11 , wherein the personal security token is stored in a platform service.
16. A method for enabling a trusted dialog for collection of sensitive data, comprising:
storing a personal security token specified by a user on a platform service, the personal security token being at least one of an audible recording or a set of vibratory motions;
receiving an input dialog request by the platform service from an application;
determining whether the application is a signed application by inspecting the application's execution call stack; and
if, the application is a signed application, accessing the personal security token by the platform service and allowing the input dialog to be revealed with the personal security token and signed application identification, or
if, the application is not a signed application, prohibiting the application from being revealed with the personal security token.
17. The method for enabling a trusted dialog as claimed in claim 16 , wherein the method is implemented in a mobile device.
18. The method for enabling a trusted dialog as claimed in claim 17 , wherein the mobile device is a cellular telephone.
19. A method for enabling a trusted dialog as claimed in claim 16 , wherein the personal security token may be changed as desired by the user.
20. A method for enabling a trusted dialog as claimed in claim 16 , wherein the application does not know the personal security token.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/427,144 US20060230464A1 (en) | 2004-11-04 | 2006-06-28 | Method for enabling a trusted dialog for collection of sensitive data |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/981,253 US7437767B2 (en) | 2004-11-04 | 2004-11-04 | Method for enabling a trusted dialog for collection of sensitive data |
US11/427,144 US20060230464A1 (en) | 2004-11-04 | 2006-06-28 | Method for enabling a trusted dialog for collection of sensitive data |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/981,253 Continuation-In-Part US7437767B2 (en) | 2004-11-04 | 2004-11-04 | Method for enabling a trusted dialog for collection of sensitive data |
Publications (1)
Publication Number | Publication Date |
---|---|
US20060230464A1 true US20060230464A1 (en) | 2006-10-12 |
Family
ID=36263683
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/981,253 Expired - Fee Related US7437767B2 (en) | 2004-11-04 | 2004-11-04 | Method for enabling a trusted dialog for collection of sensitive data |
US11/427,144 Abandoned US20060230464A1 (en) | 2004-11-04 | 2006-06-28 | Method for enabling a trusted dialog for collection of sensitive data |
US12/055,168 Expired - Fee Related US8095986B2 (en) | 2004-11-04 | 2008-03-25 | Method for enabling a trusted dialog for collection of sensitive data |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/981,253 Expired - Fee Related US7437767B2 (en) | 2004-11-04 | 2004-11-04 | Method for enabling a trusted dialog for collection of sensitive data |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/055,168 Expired - Fee Related US8095986B2 (en) | 2004-11-04 | 2008-03-25 | Method for enabling a trusted dialog for collection of sensitive data |
Country Status (3)
Country | Link |
---|---|
US (3) | US7437767B2 (en) |
CN (1) | CN100478970C (en) |
TW (1) | TWI389003B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130019310A1 (en) * | 2011-07-14 | 2013-01-17 | Yuval Ben-Itzhak | Detection of rogue software applications |
US20140304649A1 (en) * | 2012-04-16 | 2014-10-09 | Vinay Phegade | Trusted user interaction |
US20150113652A1 (en) * | 2011-07-14 | 2015-04-23 | AVG Netherlands B.V. | Detection of rogue software applications |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7831840B1 (en) * | 2005-01-28 | 2010-11-09 | Novell, Inc. | System and method for codifying security concerns into a user interface |
WO2007005909A2 (en) * | 2005-07-01 | 2007-01-11 | Fred Covely | Methods and apparatus for authentication of content delivery and playback applications |
GB0615015D0 (en) * | 2006-07-28 | 2006-09-06 | Hewlett Packard Development Co | Secure use of user secrets on a computing platform |
BRPI0700706A (en) * | 2007-02-26 | 2008-10-14 | Banco Bradesco S A | transaction authenticity and integrity verification process |
US9152790B1 (en) * | 2009-05-21 | 2015-10-06 | Symantec Corporation | Systems and methods for detecting fraudulent software applications that generate misleading notifications |
US20120167218A1 (en) * | 2010-12-23 | 2012-06-28 | Rajesh Poornachandran | Signature-independent, system behavior-based malware detection |
KR101295709B1 (en) * | 2011-08-24 | 2013-09-16 | 주식회사 팬택 | Apparatus and method for providing security information of background process |
CN107040540B (en) * | 2017-04-20 | 2020-06-09 | 北京安云世纪科技有限公司 | Cloud privacy data display method and device, server and mobile terminal |
JP7262269B2 (en) * | 2019-03-27 | 2023-04-21 | キヤノン株式会社 | Information processing device, control method for information processing device, and program |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6338138B1 (en) * | 1998-01-27 | 2002-01-08 | Sun Microsystems, Inc. | Network-based authentication of computer user |
US20020066039A1 (en) * | 2000-11-30 | 2002-05-30 | Dent Paul W. | Anti-spoofing password protection |
US7100049B2 (en) * | 2002-05-10 | 2006-08-29 | Rsa Security Inc. | Method and apparatus for authentication of users and web sites |
US7269852B2 (en) * | 2001-01-31 | 2007-09-11 | Hitachi, Ltd. | Authenticity output method and its apparatus, and processing program |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2671205B1 (en) * | 1990-12-27 | 1995-01-20 | Telemecanique | METHOD FOR CONTROLLING THE USE OF A COMPUTER WORKSTATION BY PASSWORD AND COMPUTER WORKSTATION USING THE SAME. |
US6138238A (en) | 1997-12-11 | 2000-10-24 | Sun Microsystems, Inc. | Stack-based access control using code and executor identifiers |
US5841869A (en) | 1996-08-23 | 1998-11-24 | Cheyenne Property Trust | Method and apparatus for trusted processing |
DE10048939B4 (en) | 1999-12-11 | 2010-08-19 | International Business Machines Corp. | Conditional suppression of verification of a cardholder |
US20030079039A1 (en) | 2001-10-16 | 2003-04-24 | Forkner Damien R. | Web server utilizing a state machine and user token |
US7685631B1 (en) * | 2003-02-05 | 2010-03-23 | Microsoft Corporation | Authentication of a server by a client to prevent fraudulent user interfaces |
-
2004
- 2004-11-04 US US10/981,253 patent/US7437767B2/en not_active Expired - Fee Related
-
2005
- 2005-10-31 TW TW094138152A patent/TWI389003B/en not_active IP Right Cessation
- 2005-11-03 CN CNB2005101192989A patent/CN100478970C/en not_active Expired - Fee Related
-
2006
- 2006-06-28 US US11/427,144 patent/US20060230464A1/en not_active Abandoned
-
2008
- 2008-03-25 US US12/055,168 patent/US8095986B2/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6338138B1 (en) * | 1998-01-27 | 2002-01-08 | Sun Microsystems, Inc. | Network-based authentication of computer user |
US20020066039A1 (en) * | 2000-11-30 | 2002-05-30 | Dent Paul W. | Anti-spoofing password protection |
US7269852B2 (en) * | 2001-01-31 | 2007-09-11 | Hitachi, Ltd. | Authenticity output method and its apparatus, and processing program |
US7100049B2 (en) * | 2002-05-10 | 2006-08-29 | Rsa Security Inc. | Method and apparatus for authentication of users and web sites |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130019310A1 (en) * | 2011-07-14 | 2013-01-17 | Yuval Ben-Itzhak | Detection of rogue software applications |
US8732831B2 (en) * | 2011-07-14 | 2014-05-20 | AVG Netherlands B.V. | Detection of rogue software applications |
US20140331323A1 (en) * | 2011-07-14 | 2014-11-06 | AVG Netherlands B.V. | Detection of rogue software applications |
US20150113652A1 (en) * | 2011-07-14 | 2015-04-23 | AVG Netherlands B.V. | Detection of rogue software applications |
US9288226B2 (en) * | 2011-07-14 | 2016-03-15 | AVG Netherlands B.V. | Detection of rogue software applications |
US9424422B2 (en) * | 2011-07-14 | 2016-08-23 | AVG Netherlands B.V. | Detection of rogue software applications |
US20140304649A1 (en) * | 2012-04-16 | 2014-10-09 | Vinay Phegade | Trusted user interaction |
Also Published As
Publication number | Publication date |
---|---|
CN1770171A (en) | 2006-05-10 |
US20060095972A1 (en) | 2006-05-04 |
TWI389003B (en) | 2013-03-11 |
TW200627209A (en) | 2006-08-01 |
US8095986B2 (en) | 2012-01-10 |
US20080172748A1 (en) | 2008-07-17 |
US7437767B2 (en) | 2008-10-14 |
CN100478970C (en) | 2009-04-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20060230464A1 (en) | Method for enabling a trusted dialog for collection of sensitive data | |
US10432621B2 (en) | Toggling biometric authentication | |
CN103634109B (en) | Operation right authentication method and device | |
EP1512057B1 (en) | Trusted user interface for a secure mobile wireless device | |
US7257835B2 (en) | Securely authorizing the performance of actions | |
US7783891B2 (en) | System and method facilitating secure credential management | |
US7073067B2 (en) | Authentication system and method based upon random partial digitized path recognition | |
JP4390122B2 (en) | User authentication system using biometric information | |
Petracca et al. | {AWare}: Preventing Abuse of {Privacy-Sensitive} Sensors via Operation Bindings | |
US20190213306A1 (en) | System and method for identity authentication | |
WO2018000370A1 (en) | Mobile terminal authentication method and mobile terminal | |
US11233897B1 (en) | Secure call center communications | |
US10812471B1 (en) | Bank speech authentication | |
CN114041131A (en) | Client-server security enhancements using information accessed from an access token | |
CN111523893A (en) | Service request processing method, device, equipment and medium | |
US20110317824A1 (en) | Anti-hacking system through telephone authentication | |
CN112805700A (en) | Controlling installation of unauthorized drivers on a computer system | |
EP1046976A2 (en) | Method and apparatus for enabling a user to authenticate a system prior to providing any user-privileged information | |
KR101716690B1 (en) | Unauthorized data access blocking method and computing apparatus having Unauthorized data access blocking function | |
Xiao et al. | Privilege leakage and information stealing through the android task mechanism | |
CN111784355B (en) | Transaction security verification method and device based on edge calculation | |
Khadiranaikar et al. | Improving Android application security for intent based attacks | |
KR20140111466A (en) | Process method for authenticating process and electronic device implementing the same | |
US11356441B2 (en) | Alternate user communication routing | |
Iizuka et al. | A design of local resource access control for mobile agent in PDA |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ROBBINS, JAMES P.;ROGALSKI, MARK D.;REEL/FRAME:017855/0339 Effective date: 20060608 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |