US20090300368A1 - User interface for secure data entry - Google Patents
User interface for secure data entry Download PDFInfo
- Publication number
- US20090300368A1 US20090300368A1 US12/480,692 US48069209A US2009300368A1 US 20090300368 A1 US20090300368 A1 US 20090300368A1 US 48069209 A US48069209 A US 48069209A US 2009300368 A1 US2009300368 A1 US 2009300368A1
- Authority
- US
- United States
- Prior art keywords
- data
- computer
- input
- user
- input device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/84—Protecting input, output or interconnection devices output devices, e.g. displays or monitors
Definitions
- the present invention relates generally to data security, and specifically to methods and devices for preventing unauthorized parties from accessing unencrypted data.
- Data encryption is widely used in preventing unauthorized access to data.
- Various methods of data encryption are known in the art. In general, these methods use a key to convert data to a form that is unintelligible to a reader (human or machine), and require an appropriate key in order to decrypt the data.
- Symmetric encryption methods use the same key for both encryption and decryption. Such symmetric methods include the well-known DES (Data Encryption Standard) and AES (Advanced Encryption Standard) algorithms.
- DES Data Encryption Standard
- AES Advanced Encryption Standard
- asymmetric encryption methods such as the RSA (Rivest Shamir Adelman) algorithm, a computer that is to receive encrypted data generates complementary public and private keys and transmits the public key to the sender. After the sender has encrypted the data using the public key, only the holder of the private key can decrypt it.
- Modern methods of encryption make it very difficult for a malicious party who intercepts an encrypted message to decrypt the message contents.
- the message contents are typically held, at least temporarily, in clear (unencrypted) form in computer memory or storage.
- a malicious party who gains access to the memory or CPU of the computer may be able to intercept the message in its internal clear form and read out or otherwise tamper with secret message contents (including user passwords and other sensitive private information).
- the malicious party may use a key-logger to copy and transmit a record of keystrokes input to the computer from the keyboard, or may use “phishing” in an attempt to trick the user into providing private information.
- a computer input device comprises an encryption processor, which is coupled between an input transducer, such as a keyboard, microphone, touch screen or camera, and the computer.
- the encryption processor receives and encrypts input data signals from the input transducer so that the data that are input to the computer from the input device are already encrypted.
- the input device comprises a mode switch, which switches between an encrypted mode for secret data, in which the data that have been input by the user are unintelligible to the computer, and a clear (unencrypted) mode, for normal (non-secure) data input.
- the computer may then transmit and/or store the encrypted input data from the input device without ever having to decrypt the data. Thus, even if an unauthorized party were to gain access to the computer, he or she would still be unable to read out the secret data in clear form.
- the computer input device also comprises an output transducer, such as a lamp, alphanumeric display or audio generator, which indicates to the user whether the input device is operating in encrypted or clear mode.
- Software running on the computer may monitor the user input in order to detect unencrypted input of secret data to the computer.
- the software Upon detecting such input, the software initiates preventive action, such as prompting the user to flip the mode switch and re-enter the data, or preventing any further unencrypted data from being sent to the computer.
- the agent trains the user to make appropriate use of the encryption capabilities of the input device, so that the user will remember to flip the mode switch to encrypted mode even if the agent is later disabled (whether accidentally or intentionally).
- a computer input device for operation with a computer including:
- an input transducer which is coupled to receive an input from a user and to generate a data signal responsively to the input
- an encryption processor which is coupled to process the data signal so as to output data to the computer, and which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
- a mode switch which is operative so as to switch between the first and second operational modes of the encryption processor
- an output transducer which is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
- the input transducer includes a text input device, such as a keyboard.
- the mode switch may by manually operable by a user.
- the data signal is not accessible to the computer except in the data output by the encryption processor.
- the output transducer may include a lamp, an alphanumeric display, or an audio transducer, or may cause a visible mode change in the input device.
- a method for inputting data to a computer including:
- an encryption processor which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
- a method for inputting data to a computer including:
- the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted;
- initiating the preventive action includes preventing further unencrypted data from being sent from the input device to the computer.
- initiating the preventive action includes issuing an alert from the computer to the user, wherein issuing the alert includes instructing the user to switch the input device from the second to the first operational mode and repeat the data input.
- the computer may not alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
- computing apparatus including:
- an input device having a first user-selectable operational mode in which the input device encrypts data input made to the device by the user and a second user-selectable operational mode in which the data input is unencrypted;
- a computer which is coupled to receive the data input from the input device, and is configured to detect that the data input made by the user for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
- a computer software product including a tangible computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted, and to detect that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
- FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention
- FIG. 2 is a block diagram that schematically shows details of an input device for use with a computer, in accordance with an embodiment of the present invention.
- FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to a computer, in accordance with an embodiment of the present invention.
- FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention.
- a source computer 20 transmits encrypted data over a network 22 to a receiving computer 24 .
- the data may be encrypted in accordance with any suitable method of encryption that is known in the art, including both symmetric and asymmetric methods.
- Network 22 may comprise the Internet or substantially any other public or private computer network.
- Computer 20 comprises a console 26 , which is coupled to one or more output devices, such as a video display screen 28 , and one or more user input devices, which may comprise, for example, text, image capture and/or audio input transducers.
- the text input device is a keyboard 30 , which comprises keys 32 as input transducers, and has novel encryption features that are described hereinbelow.
- the encryption capabilities of keyboard 30 may be incorporated into other user input devices, such as a mouse or other pointing device, a camera, scanner or other imaging device, a microphone, or a touch-sensitive screen, as well as other types of input devices that are known in the art.
- certain techniques for secure input of encrypted data to console 26 are described, by way of example, with reference to keyboard 30 . These techniques may similarly be applied, mutatis mutandis, to input devices of other types.
- Keyboard 30 has two modes of operation:
- a light-emitting diode (LED) 36 serves as an output transducer for indicating the current operating mode of keyboard 30 .
- LED 36 lights to indicate that the keyboard is operating in encrypted mode.
- any other suitable type of output transducer may be used for this purpose, such as another type of lamp; an alphanumeric display, such as a liquid crystal display (LCD); another type of visual transducer such as a backlight, which causes a visible mode change in the input device; or even an audio transducer, which generates a sound to indicate the operating mode.
- the output transducer is typically controlled internally within the keyboard to prevent tampering by hackers.
- FIG. 2 is a block diagram that schematically shows details of console 26 and keyboard 30 , in accordance with an embodiment of the present invention.
- Console 26 comprises a central processing unit (CPU) 40 , which performs general computing functions.
- CPU 40 is coupled via a communication interface 42 to transmit and receive data to and from network 22 .
- the console comprises a memory 44 (which may typically comprise both RAM and disk memory), which is accessed by the CPU in a conventional manner.
- memory 44 which may typically comprise both RAM and disk memory
- an encryption processor 46 associated with keyboard 30 encrypts data entered by the user via keys 32 when the encrypted mode is selected by switch 34 .
- Keys 32 generate respective data signals when depressed by the user, as is known in the art. These data signals are digitized and, optionally, held in a buffer 50 . The digitized data signals are then encoded by encryption processor 46 , using an appropriate encryption key and program instructions stored in a program memory 48 .
- the encryption processor may comprise a programmable processing device, such as a microprocessor or field-programmable gate array (FPGA), or it may alternatively comprise a hard-coded logic device.
- encryption processor 46 is integrated with keyboard 30 , typically within the keyboard package.
- the encryption processor may be packaged separately from the keyboard.
- the encryption processor, along with switch 34 , LED 36 and memory 48 may be packaged in a plug-in device (not shown in the figures), which has appropriate input and output connectors for coupling between a conventional keyboard and the keyboard input to console 26 .
- the encryption function of processor 46 may be engaged or bypassed depending on the setting of the switch.
- the combination of a conventional keyboard with this sort of plug-in device constitutes an input device with equivalent capabilities to those of the integrated keyboard of FIGS. 1 and 2 .
- the user In normal operation, the user maintains switch 34 in the clear position, so that the user can interact with computer 20 via keyboard 30 in the conventional manner. From time to time, however, the user may toggle switch 34 to the encryption mode, whereupon encryption processor 46 will output encrypted data to CPU 40 .
- the CPU in this case is unable to decipher the encrypted data (and cannot access the unencrypted data signals in the keyboard). Rather, the CPU stores the encrypted data in memory 44 or transmits the encrypted data via communication interface 42 in accordance with instructions received by the CPU.
- the user of computer 20 may flip switch 34 to the encryption mode position before inputting some particularly sensitive item of information, such as a password or account number.
- Software running on computer 20 may cause CPU 40 to generate a data packet for transmission to computer 24 , and to insert the encrypted data that were entered via keyboard 30 into the payload of the packet before transmission.
- Computer 24 holds the necessary key to decrypt the payload upon reception, but CPU 40 does not have access to the key. Therefore, even if a hacker were to gain control over the CPU and copy the data transmitted to computer 24 , the hacker will still have no way of deciphering the encrypted payload data.
- FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to computer 20 using keyboard 30 , in accordance with an embodiment of the present invention.
- the purpose of this method is to ensure that the user of computer 20 actuates switch 34 at the appropriate times, so that secret data are input to the computer from the keyboard only in encrypted form.
- Secret data in this context does not necessarily include all confidential data that the user may input, but rather those items of confidential data that are to be encrypted by the keyboard in order to protect against security breaches that may occur within the computer, as explained above.
- the method described hereinbelow is meant to train the user, by negative reinforcement, to flip switch 34 before entering secret data, even without active prompting by the computer.
- the method of FIG. 3 is typically carried out by a software agent running on computer 20 .
- the agent monitors interaction between the user and the computer in order to identify data fields requiring encrypted input and to track user input to these fields.
- agent is used here, for convenience and clarity, to refer to the software that performs the functions of monitoring and training that are described herein, and should be understood broadly to mean any sort of software that is capable of causing computer 20 to carry out these functions.
- the software for this purpose may be downloaded to computer 20 in electronic form, over network 22 , for example. Alternatively or additionally, the software may be provide and/or stored on tangible media, such as optical, magnetic or electronic memory media.
- the software may run either on CPU 40 or on an embedded processor in the input device (such as processor 46 in keyboard 30 ), or on the CPU and embedded processor in collaboration.
- the method carried out by the software agent trains the user to engage the encryption capabilities of keyboard 30 in such a way that even if the software agent is later deactivated or removed from the computer entirely (whether intentionally or accidentally), the user will already have acquired the habit of flipping the encryption switch at the appropriate times without further prompting.
- the software agent may monitor interaction between the user of computer 20 and the Web site of a bank where the user has an account.
- remote computer 24 may be the bank's server.
- computer 20 presents a field on display 28 that requires secret data to be input securely, at an input display step 52 .
- the secret data may comprise a password, for instance.
- Standing instructions from the bank indicate that the user is required to flip switch 34 to the encrypted mode before typing in the secret data.
- the user begins to input the secret data, at a data input step 54 .
- the software agent checks the steam of input data, at an encryption checking step 56 . If possible, this step is carried out on the fly, as the user inputs the data, rather than waiting for all of the data to be transferred to memory 44 . As long as the input data are encrypted, the agent takes no action. In this case, the encrypted data are typically transferred temporarily to memory 44 and are then transmitted by CPU 40 to computer 24 at the appropriate time (such as when the user presses the “ENTER” key), at a data transfer step 58 . Alternatively, the encrypted data may be stored on computer 20 or otherwise output as required by the application.
- the agent takes preventive action.
- the agent may issue an alert to the user, at a user prompt step 60 .
- the agent may cause a warning to appear on display 28 , prompting the user to flip switch 34 and repeat the data input.
- the agent may cause computer 20 to issue an audible alarm.
- the agent may intervene and prevent further unencrypted input from being sent to the computer, either by preventing the computer from accepting the further input or preventing the input device from transmitting it.
- the user upon receiving the alert, the user is required to flip switch 34 and then repeat step 54 . Before inputting the data, the user will now check to make sure LED 36 is lit, thus indicating that keyboard 30 is operating in encrypted mode. The user may alternatively have the option of continuing in clear mode if necessary.
- the mode of training described above, using negative reinforcement, may be preferable to positively prompting the user for the sake of building proper user habits: If the user were positively prompted to flip the encryption switch before inputting secret data, the user could easily become dependent on the prompt as a memory aid.
- the prompt were turned off, due to malicious intervention by a hacker, for example, the user would be likely to forget to flip switch 34 .
- the mild nuisance created by negative reinforcement in the method of FIG. 3 will encourage and accustom the user to flip the switch and observe LED 36 before inputting secret data, and will thus tend to make the user less dependent on actual prompting.
Abstract
A computer input device for operation with a computer includes an input transducer, which is coupled to receive an input from a user and to generate a data signal responsively to the input. An encryption processor is coupled to process the data signal so as to output data to the computer. The encryption processor has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer. A mode switch is operative so as to switch between the first and second operational modes of the encryption processor. An output transducer is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
Description
- This application is a continuation-in-part of PCT patent application PCT/IL2007/001535, filed Dec. 11, 2007, whose disclosure is incorporated herein by reference.
- The present invention relates generally to data security, and specifically to methods and devices for preventing unauthorized parties from accessing unencrypted data.
- Data encryption is widely used in preventing unauthorized access to data. Various methods of data encryption are known in the art. In general, these methods use a key to convert data to a form that is unintelligible to a reader (human or machine), and require an appropriate key in order to decrypt the data. Symmetric encryption methods use the same key for both encryption and decryption. Such symmetric methods include the well-known DES (Data Encryption Standard) and AES (Advanced Encryption Standard) algorithms. In asymmetric encryption methods, such as the RSA (Rivest Shamir Adelman) algorithm, a computer that is to receive encrypted data generates complementary public and private keys and transmits the public key to the sender. After the sender has encrypted the data using the public key, only the holder of the private key can decrypt it.
- Modern methods of encryption make it very difficult for a malicious party who intercepts an encrypted message to decrypt the message contents. On the other hand, within the computer that sends the message, the message contents are typically held, at least temporarily, in clear (unencrypted) form in computer memory or storage. A malicious party who gains access to the memory or CPU of the computer (using a “Trojan horse” or other “spyware” program, for example) may be able to intercept the message in its internal clear form and read out or otherwise tamper with secret message contents (including user passwords and other sensitive private information). As additional examples, the malicious party may use a key-logger to copy and transmit a record of keystrokes input to the computer from the keyboard, or may use “phishing” in an attempt to trick the user into providing private information.
- Embodiments of the present invention provide methods and apparatus for encryption that can be used to prevent unauthorized parties from accessing unencrypted secret data on the receiving computer. In these embodiments, a computer input device comprises an encryption processor, which is coupled between an input transducer, such as a keyboard, microphone, touch screen or camera, and the computer. The encryption processor receives and encrypts input data signals from the input transducer so that the data that are input to the computer from the input device are already encrypted. The input device comprises a mode switch, which switches between an encrypted mode for secret data, in which the data that have been input by the user are unintelligible to the computer, and a clear (unencrypted) mode, for normal (non-secure) data input. The computer may then transmit and/or store the encrypted input data from the input device without ever having to decrypt the data. Thus, even if an unauthorized party were to gain access to the computer, he or she would still be unable to read out the secret data in clear form.
- In some embodiments, the computer input device also comprises an output transducer, such as a lamp, alphanumeric display or audio generator, which indicates to the user whether the input device is operating in encrypted or clear mode. Software running on the computer (whether on the CPU or on an embedded processor within the input device) may monitor the user input in order to detect unencrypted input of secret data to the computer. Upon detecting such input, the software initiates preventive action, such as prompting the user to flip the mode switch and re-enter the data, or preventing any further unencrypted data from being sent to the computer. By forcing the user to observe the status of the output transducer and re-enter data in this manner, the agent trains the user to make appropriate use of the encryption capabilities of the input device, so that the user will remember to flip the mode switch to encrypted mode even if the agent is later disabled (whether accidentally or intentionally).
- There is therefore provided, in accordance with an embodiment of the present invention, a computer input device for operation with a computer, including:
- an input transducer, which is coupled to receive an input from a user and to generate a data signal responsively to the input;
- an encryption processor, which is coupled to process the data signal so as to output data to the computer, and which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
- a mode switch, which is operative so as to switch between the first and second operational modes of the encryption processor; and
- an output transducer, which is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
- In one embodiment, the input transducer includes a text input device, such as a keyboard. The mode switch may by manually operable by a user. In a disclosed embodiment, the data signal is not accessible to the computer except in the data output by the encryption processor.
- The output transducer may include a lamp, an alphanumeric display, or an audio transducer, or may cause a visible mode change in the input device.
- There is also provided, in accordance with an embodiment of the present invention, a method for inputting data to a computer, including:
- receiving a data signal from an input transducer responsively to an input by a user;
- processing the data signal so as to generate data for output to the computer using an encryption processor, which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
- setting a mode switch so as to select one of the first and second operational modes;
- presenting to the user an indication of whether the encryption processor is in the first or the second operational mode; and
- outputting the data to the computer in accordance with the selected one of the operational modes.
- There is additionally provided, in accordance with an embodiment of the present invention, a method for inputting data to a computer, including:
- receiving data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted;
- detecting that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted; and
- initiating a preventive action responsively to detecting that the data input is unencrypted.
- In one embodiment, initiating the preventive action includes preventing further unencrypted data from being sent from the input device to the computer.
- In another embodiment, initiating the preventive action includes issuing an alert from the computer to the user, wherein issuing the alert includes instructing the user to switch the input device from the second to the first operational mode and repeat the data input. The computer may not alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
- There is further provided, in accordance with an embodiment of the present invention, computing apparatus, including:
- an input device having a first user-selectable operational mode in which the input device encrypts data input made to the device by the user and a second user-selectable operational mode in which the data input is unencrypted; and
- a computer, which is coupled to receive the data input from the input device, and is configured to detect that the data input made by the user for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
- There is moreover provided, in accordance with an embodiment of the present invention, a computer software product, including a tangible computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted, and to detect that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
- The present invention will be more fully understood from the following detailed description of the embodiments thereof, taken together with the drawings in which:
-
FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention; -
FIG. 2 is a block diagram that schematically shows details of an input device for use with a computer, in accordance with an embodiment of the present invention; and -
FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to a computer, in accordance with an embodiment of the present invention. -
FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention. Asource computer 20 transmits encrypted data over anetwork 22 to a receivingcomputer 24. The data may be encrypted in accordance with any suitable method of encryption that is known in the art, including both symmetric and asymmetric methods.Network 22 may comprise the Internet or substantially any other public or private computer network. -
Computer 20 comprises aconsole 26, which is coupled to one or more output devices, such as avideo display screen 28, and one or more user input devices, which may comprise, for example, text, image capture and/or audio input transducers. In the present embodiment, the text input device is akeyboard 30, which compriseskeys 32 as input transducers, and has novel encryption features that are described hereinbelow. Alternatively or additionally, the encryption capabilities ofkeyboard 30 may be incorporated into other user input devices, such as a mouse or other pointing device, a camera, scanner or other imaging device, a microphone, or a touch-sensitive screen, as well as other types of input devices that are known in the art. In the description that follows, certain techniques for secure input of encrypted data to console 26 are described, by way of example, with reference tokeyboard 30. These techniques may similarly be applied, mutatis mutandis, to input devices of other types. -
Keyboard 30 has two modes of operation: - 1. An encrypted mode, in which signals generated by strokes of
keys 32 are encrypted using an encryption key that is not accessible to console 26; and - 2. A clear mode, in which the encryption function of the keyboard is turned off or bypassed, so that the output data from the keyboard are intelligible to the console, typically in the standard keyboard data output format.
A user-operable switch 34 permits the user to toggle between the two modes. The switch may simply be a manual switch on the keyboard package, as shown inFIG. 1 , so that even if a hacker gains access toconsole 26 remotely (vianetwork 22, for example), the hacker will be unable to change the switch setting. Alternatively, any other suitable type of switch that is known in the art may be used in this manner, including an electronic or logic-actuated switch, which may be actuated by a certain combination and/or sequence of user keystrokes onkeys 32. Alternatively or additionally, in some embodiments the keyboard may switch modes automatically under the control of software or other suitable logic. - A light-emitting diode (LED) 36 serves as an output transducer for indicating the current operating mode of
keyboard 30. In this example,LED 36 lights to indicate that the keyboard is operating in encrypted mode. Alternatively, any other suitable type of output transducer may be used for this purpose, such as another type of lamp; an alphanumeric display, such as a liquid crystal display (LCD); another type of visual transducer such as a backlight, which causes a visible mode change in the input device; or even an audio transducer, which generates a sound to indicate the operating mode. The output transducer is typically controlled internally within the keyboard to prevent tampering by hackers. -
FIG. 2 is a block diagram that schematically shows details ofconsole 26 andkeyboard 30, in accordance with an embodiment of the present invention.Console 26 comprises a central processing unit (CPU) 40, which performs general computing functions.CPU 40 is coupled via acommunication interface 42 to transmit and receive data to and fromnetwork 22. The console comprises a memory 44 (which may typically comprise both RAM and disk memory), which is accessed by the CPU in a conventional manner. In scenarios that are known in the art, whencomputer 20 is to transmit data toremote computer 24, even if the transmission itself is encrypted, the data is typically held in clear form inmemory 44 at least temporarily in preparation for encryption. As a result, if a malicious party is able to gain access to the memory through a software security breach, for example, that party may be able to read the decrypted data (generally by causingCPU 40 or another component ofterminal 20 to transmit the decrypted data over network 22), notwithstanding the strength of the encryption that will be applied by the CPU when transmitting the data tocomputer 24. - To avoid this sort of scenario in the present embodiment, an
encryption processor 46 associated withkeyboard 30 encrypts data entered by the user viakeys 32 when the encrypted mode is selected byswitch 34.Keys 32 generate respective data signals when depressed by the user, as is known in the art. These data signals are digitized and, optionally, held in abuffer 50. The digitized data signals are then encoded byencryption processor 46, using an appropriate encryption key and program instructions stored in aprogram memory 48. The encryption processor may comprise a programmable processing device, such as a microprocessor or field-programmable gate array (FPGA), or it may alternatively comprise a hard-coded logic device. - In the embodiment shown in
FIG. 2 ,encryption processor 46 is integrated withkeyboard 30, typically within the keyboard package. Alternatively, the encryption processor may be packaged separately from the keyboard. For example, the encryption processor, along withswitch 34,LED 36 andmemory 48, may be packaged in a plug-in device (not shown in the figures), which has appropriate input and output connectors for coupling between a conventional keyboard and the keyboard input to console 26. The encryption function ofprocessor 46 may be engaged or bypassed depending on the setting of the switch. Functionally, the combination of a conventional keyboard with this sort of plug-in device constitutes an input device with equivalent capabilities to those of the integrated keyboard ofFIGS. 1 and 2 . - In normal operation, the user maintains
switch 34 in the clear position, so that the user can interact withcomputer 20 viakeyboard 30 in the conventional manner. From time to time, however, the user may toggleswitch 34 to the encryption mode, whereuponencryption processor 46 will output encrypted data toCPU 40. The CPU in this case is unable to decipher the encrypted data (and cannot access the unencrypted data signals in the keyboard). Rather, the CPU stores the encrypted data inmemory 44 or transmits the encrypted data viacommunication interface 42 in accordance with instructions received by the CPU. - For example, in a secure communication session between
computer 20 andremote computer 24, the user ofcomputer 20 may flipswitch 34 to the encryption mode position before inputting some particularly sensitive item of information, such as a password or account number. Software running oncomputer 20 may causeCPU 40 to generate a data packet for transmission tocomputer 24, and to insert the encrypted data that were entered viakeyboard 30 into the payload of the packet before transmission.Computer 24 holds the necessary key to decrypt the payload upon reception, butCPU 40 does not have access to the key. Therefore, even if a hacker were to gain control over the CPU and copy the data transmitted tocomputer 24, the hacker will still have no way of deciphering the encrypted payload data. -
FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data tocomputer 20 usingkeyboard 30, in accordance with an embodiment of the present invention. The purpose of this method is to ensure that the user ofcomputer 20 actuates switch 34 at the appropriate times, so that secret data are input to the computer from the keyboard only in encrypted form. (“Secret data” in this context does not necessarily include all confidential data that the user may input, but rather those items of confidential data that are to be encrypted by the keyboard in order to protect against security breaches that may occur within the computer, as explained above.) The method described hereinbelow is meant to train the user, by negative reinforcement, to flipswitch 34 before entering secret data, even without active prompting by the computer. - The method of
FIG. 3 is typically carried out by a software agent running oncomputer 20. The agent monitors interaction between the user and the computer in order to identify data fields requiring encrypted input and to track user input to these fields. The term “agent” is used here, for convenience and clarity, to refer to the software that performs the functions of monitoring and training that are described herein, and should be understood broadly to mean any sort of software that is capable of causingcomputer 20 to carry out these functions. The software for this purpose may be downloaded tocomputer 20 in electronic form, overnetwork 22, for example. Alternatively or additionally, the software may be provide and/or stored on tangible media, such as optical, magnetic or electronic memory media. The software may run either onCPU 40 or on an embedded processor in the input device (such asprocessor 46 in keyboard 30), or on the CPU and embedded processor in collaboration. - The method carried out by the software agent trains the user to engage the encryption capabilities of
keyboard 30 in such a way that even if the software agent is later deactivated or removed from the computer entirely (whether intentionally or accidentally), the user will already have acquired the habit of flipping the encryption switch at the appropriate times without further prompting. - In an example scenario, the software agent may monitor interaction between the user of
computer 20 and the Web site of a bank where the user has an account. (In this example,remote computer 24 may be the bank's server.) In the course of this interaction,computer 20 presents a field ondisplay 28 that requires secret data to be input securely, at aninput display step 52. The secret data may comprise a password, for instance. Standing instructions from the bank indicate that the user is required to flipswitch 34 to the encrypted mode before typing in the secret data. - The user begins to input the secret data, at a data input step 54. The software agent checks the steam of input data, at an
encryption checking step 56. If possible, this step is carried out on the fly, as the user inputs the data, rather than waiting for all of the data to be transferred tomemory 44. As long as the input data are encrypted, the agent takes no action. In this case, the encrypted data are typically transferred temporarily tomemory 44 and are then transmitted byCPU 40 tocomputer 24 at the appropriate time (such as when the user presses the “ENTER” key), at adata transfer step 58. Alternatively, the encrypted data may be stored oncomputer 20 or otherwise output as required by the application. - On the other hand, if the software agent detects at
step 56 that the incoming data are not encrypted, the agent takes preventive action. As one example, the agent may issue an alert to the user, at a userprompt step 60. For example, the agent may cause a warning to appear ondisplay 28, prompting the user to flipswitch 34 and repeat the data input. Alternatively or additionally, the agent may causecomputer 20 to issue an audible alarm. Optionally, the agent may intervene and prevent further unencrypted input from being sent to the computer, either by preventing the computer from accepting the further input or preventing the input device from transmitting it. In any case, upon receiving the alert, the user is required to flipswitch 34 and then repeat step 54. Before inputting the data, the user will now check to makesure LED 36 is lit, thus indicating thatkeyboard 30 is operating in encrypted mode. The user may alternatively have the option of continuing in clear mode if necessary. - The mode of training described above, using negative reinforcement, may be preferable to positively prompting the user for the sake of building proper user habits: If the user were positively prompted to flip the encryption switch before inputting secret data, the user could easily become dependent on the prompt as a memory aid.
- Subsequently, if the prompt were turned off, due to malicious intervention by a hacker, for example, the user would be likely to forget to flip
switch 34. On the other hand, the mild nuisance created by negative reinforcement in the method ofFIG. 3 will encourage and accustom the user to flip the switch and observeLED 36 before inputting secret data, and will thus tend to make the user less dependent on actual prompting. - Although the description above relates to uses of embodiments of the present invention in preventing unauthorized access to unencrypted data, the architecture and methods associated with these embodiments may also be useful in enhancing the efficiency and reliability of other sorts of encryption processes. It will thus be appreciated that the embodiments described above are cited by way of example, and that the present invention is not limited to what has been particularly shown and described hereinabove. Rather, the scope of the present invention includes both combinations and subcombinations of the various features described hereinabove, as well as variations and modifications thereof which would occur to persons skilled in the art upon reading the foregoing description and which are not disclosed in the prior art.
Claims (32)
1. A computer input device for operation with a computer, comprising:
an input transducer, which is coupled to receive an input from a user and to generate a data signal responsively to the input;
an encryption processor, which is coupled to process the data signal so as to output data to the computer, and which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
a mode switch, which is operative so as to switch between the first and second operational modes of the encryption processor; and
an output transducer, which is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
2. The device according to claim 1 , wherein the input transducer comprises a text input device.
3. The device according to claim 2 , wherein the text input transducer comprises a keyboard.
4. The device according to claim 1 , wherein the mode switch is operable by a user of the device.
5. The device according to claim 4 , wherein the mode switch comprises a manually-operable switch.
6. The device according to claim 1 , wherein the data signal is not accessible to the computer except in the data output by the encryption processor.
7. The device according to claim 1 , wherein the output transducer comprises a lamp.
8. The device according to claim 1 , wherein the output transducer comprises an alphanumeric display.
9. The device according to claim 1 , wherein the output transducer comprises an audio transducer.
10. The device according to claim 1 , wherein the output transducer causes a visible mode change in the input device.
11. A method for inputting data to a computer, comprising:
receiving a data signal from an input transducer responsively to an input by a user;
processing the data signal so as to generate data for output to the computer using an encryption processor, which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
setting a mode switch so as to select one of the first and second operational modes;
presenting to the user an indication of whether the encryption processor is in the first or the second operational mode; and
outputting the data to the computer in accordance with the selected one of the operational modes.
12. The method according to claim 11 , wherein the input transducer comprises a text input device.
13. The method according to claim 12 , wherein the text input transducer comprises a keyboard.
14. The method according to claim 11 , wherein the mode switch is manually operable by the user.
15. The method according to claim 11 , wherein the data signal is not accessible to the computer except in the data output by the encryption processor.
16. A method for inputting data to a computer, comprising:
receiving data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted;
detecting that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted; and
initiating a preventive action responsively to detecting that the data input is unencrypted.
17. The method according to claim 16 , wherein initiating the preventive action comprises preventing further unencrypted data from being sent from the input device to the computer.
18. The method according to claim 16 , wherein initiating the preventive action comprises issuing an alert from the computer to the user.
19. The method according to claim 18 , wherein issuing the alert comprises instructing the user to switch the input device from the second to the first operational mode and repeat the data input.
20. The method according to claim 19 , wherein the input device comprises a mode switch, which is operable by the user so as to switch from the second to the first operational mode, and an output transducer, which is coupled to provide to the user an indication that the input device is in the first operational mode.
21. The method according to claim 19 , wherein the computer does not alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
22. The method according to claim 16 , wherein receiving the data input comprises receiving, in the first operational mode, data that have been encrypted using an encryption key not accessible to the computer so that the data are unintelligible to the computer.
23. Computing apparatus, comprising:
an input device having a first user-selectable operational mode in which the input device encrypts data input made to the device by the user and a second user-selectable operational mode in which the data input is unencrypted; and
a computer, which is coupled to receive the data input from the input device, and is configured to detect that the data input made by the user for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
24. The apparatus according to claim 23 , wherein the preventive action comprises preventing further unencrypted data from being sent from the input device to the computer.
25. The apparatus according to claim 23 , wherein the preventive action comprises issuing an alert from the computer to the user.
26. The apparatus according to claim 25 , wherein the computer is configured to alert the user to switch the input device from the second to the first operational mode and repeat the data input upon detecting that the data input is unencrypted.
27. The apparatus according to claim 26 , wherein the input device comprises a mode switch, which is operable by a user so as to switch from the second to the first operational mode, and an output transducer, which is coupled to provide to the user an indication that the input device is in the first operational mode.
28. The apparatus according to claim 26 , wherein the computer is configured not to alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
29. The apparatus according to claim 23 , wherein the input device is configured to encrypt the data, in the first operational mode, using an encryption key not accessible to the computer so that the data are unintelligible to the computer.
30. A computer software product, comprising a tangible computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted, and to detect that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
31. The product according to claim 30 , wherein the preventive action comprises preventing further unencrypted data from being sent from the input device to the computer.
32. The product according to claim 30 , wherein the preventive action comprises issuing an alert from the computer to the user.
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IL180020 | 2006-12-12 | ||
IL180020A IL180020A (en) | 2006-12-12 | 2006-12-12 | Encryption -and decryption-enabled interfaces |
PCT/IL2007/001535 WO2008072234A2 (en) | 2006-12-12 | 2007-12-11 | Encryption- and decryption-enabled interfaces |
IL192043 | 2008-10-06 |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IL2007/001535 Continuation-In-Part WO2008072234A2 (en) | 2006-12-12 | 2007-12-11 | Encryption- and decryption-enabled interfaces |
Publications (1)
Publication Number | Publication Date |
---|---|
US20090300368A1 true US20090300368A1 (en) | 2009-12-03 |
Family
ID=39512178
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/518,276 Active 2029-04-25 US9268957B2 (en) | 2006-12-12 | 2007-12-11 | Encryption-and decryption-enabled interfaces |
US12/480,692 Abandoned US20090300368A1 (en) | 2006-12-12 | 2009-06-09 | User interface for secure data entry |
US14/512,496 Abandoned US20150082052A1 (en) | 2006-12-12 | 2014-10-13 | Encryption-enabled interfaces |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/518,276 Active 2029-04-25 US9268957B2 (en) | 2006-12-12 | 2007-12-11 | Encryption-and decryption-enabled interfaces |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/512,496 Abandoned US20150082052A1 (en) | 2006-12-12 | 2014-10-13 | Encryption-enabled interfaces |
Country Status (6)
Country | Link |
---|---|
US (3) | US9268957B2 (en) |
EP (1) | EP2119075B1 (en) |
ES (1) | ES2623434T3 (en) |
HU (1) | HUE032806T2 (en) |
IL (1) | IL180020A (en) |
WO (1) | WO2008072234A2 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080181409A1 (en) * | 2007-01-31 | 2008-07-31 | Zhuqiang Wang | Method for guaranteeing security of critical data, terminal and secured chip |
US20100180120A1 (en) * | 2007-09-06 | 2010-07-15 | Human Interface Security Ltd | Information protection device |
US20110202772A1 (en) * | 2008-10-27 | 2011-08-18 | Human Interface Security Ltd. | Networked computer identity encryption and verification |
US8756436B2 (en) | 2007-01-16 | 2014-06-17 | Waterfall Security Solutions Ltd. | Secure archive |
US8799809B1 (en) | 2008-06-04 | 2014-08-05 | United Services Automobile Association (Usaa) | Systems and methods for key logger prevention security techniques |
US20140244513A1 (en) * | 2013-02-22 | 2014-08-28 | Miguel Ballesteros | Data protection in near field communications (nfc) transactions |
US8826028B1 (en) * | 2010-11-12 | 2014-09-02 | Google Inc. | Cryptography secure input device |
US20140281549A1 (en) * | 2013-03-15 | 2014-09-18 | Strikeforce Technologies, Inc. | Methods and apparatus for securing user input in a mobile device |
US20140358669A1 (en) * | 2013-06-03 | 2014-12-04 | Cloudwear, Inc. | Method for selecting and receiving primary and supplemental advertiser information using a wearable-computing device |
US20160286158A1 (en) * | 2015-03-26 | 2016-09-29 | Olympus Corporation | Information recording apparatus and tamper prevention method for information recording apparatus |
US11461507B2 (en) * | 2018-10-30 | 2022-10-04 | Third Block Gear | Systems and methods for secure peripherals |
US11587073B1 (en) * | 2017-12-15 | 2023-02-21 | Worldpay, Llc | Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting |
Families Citing this family (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
IL180020A (en) | 2006-12-12 | 2013-03-24 | Waterfall Security Solutions Ltd | Encryption -and decryption-enabled interfaces |
CA2767368C (en) | 2009-08-14 | 2013-10-08 | Azuki Systems, Inc. | Method and system for unified mobile content protection |
US20120079282A1 (en) * | 2010-06-28 | 2012-03-29 | Lionstone Capital Corporation | Seamless end-to-end data obfuscation and encryption |
US9559845B2 (en) * | 2012-03-01 | 2017-01-31 | Ologn Technologies Ag | Systems, methods and apparatuses for the secure transmission of media content |
CA2865548C (en) | 2012-03-01 | 2021-03-02 | Ologn Technologies Ag | Systems, methods and apparatuses for the secure transmission and restricted use of media content |
US20130246800A1 (en) * | 2012-03-19 | 2013-09-19 | Microchip Technology Incorporated | Enhancing Security of Sensor Data for a System Via an Embedded Controller |
US8868927B1 (en) * | 2012-08-14 | 2014-10-21 | Google Inc. | Method and apparatus for secure data input and output |
US9246676B2 (en) | 2013-11-22 | 2016-01-26 | Cisco Technology, Inc. | Secure access for encrypted data |
KR102195900B1 (en) * | 2013-12-20 | 2020-12-29 | 삼성전자주식회사 | Method and apparatus for sending and receiving of encrypted message between devices |
IL235175A (en) | 2014-10-19 | 2017-08-31 | Frenkel Lior | Secure remote desktop |
US10680796B2 (en) | 2015-05-19 | 2020-06-09 | Koninklijke Philips N.V. | Computing with encrypted values |
IL250010B (en) | 2016-02-14 | 2020-04-30 | Waterfall Security Solutions Ltd | Secure connection with protected facilities |
WO2018051236A1 (en) | 2016-09-13 | 2018-03-22 | Silverfort Ltd. | Protection of authentication tokens |
US10664606B2 (en) * | 2017-05-19 | 2020-05-26 | Leonard L. Drey | System and method of controlling access to a document file |
US11483147B2 (en) * | 2020-01-23 | 2022-10-25 | Bank Of America Corporation | Intelligent encryption based on user and data properties |
US11829452B2 (en) | 2020-08-24 | 2023-11-28 | Leonard L. Drey | System and method of governing content presentation of multi-page electronic documents |
Citations (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5388212A (en) * | 1993-02-26 | 1995-02-07 | Motorola Inc. | Detecting unauthorized modification of communication unit based on comparison between stored hardware identification code and hardware identification code generated from operational platform identification code |
US5822435A (en) * | 1992-07-10 | 1998-10-13 | Secure Computing Corporation | Trusted path subsystem for workstations |
US5825879A (en) * | 1996-09-30 | 1998-10-20 | Intel Corporation | System and method for copy-protecting distributed video content |
US6134661A (en) * | 1998-02-11 | 2000-10-17 | Topp; William C. | Computer network security device and method |
US6311272B1 (en) * | 1997-11-17 | 2001-10-30 | M-Systems Flash Disk Pioneers Ltd. | Biometric system and techniques suitable therefor |
US20020077990A1 (en) * | 2000-12-20 | 2002-06-20 | Pitney Bowes Inc. | Method for reissuing indicium in a postage metering system |
US6442607B1 (en) * | 1998-08-06 | 2002-08-27 | Intel Corporation | Controlling data transmissions from a computer |
US20020174010A1 (en) * | 1999-09-08 | 2002-11-21 | Rice James L. | System and method of permissive data flow and application transfer |
US20020188862A1 (en) * | 2001-03-28 | 2002-12-12 | Trethewey James R. | Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers |
US20030005295A1 (en) * | 2001-06-29 | 2003-01-02 | Girard Luke E. | Method and apparatus to improve the protection of information presented by a computer |
US20040024710A1 (en) * | 2002-03-07 | 2004-02-05 | Llavanya Fernando | Secure input pad partition |
US6738742B2 (en) * | 1999-09-23 | 2004-05-18 | International Business Machines Corporation | Audio notification management system |
US20040125077A1 (en) * | 2002-10-03 | 2004-07-01 | Ashton Jason A. | Remote control for secure transactions |
US6758404B2 (en) * | 2001-08-03 | 2004-07-06 | General Instrument Corporation | Media cipher smart card |
US20050015624A1 (en) * | 2003-06-09 | 2005-01-20 | Andrew Ginter | Event monitoring and management |
US20050057774A1 (en) * | 2003-09-08 | 2005-03-17 | Akeo Maruyama | Printer server, client terminal, image forming apparatus, print data generating method, and computer product |
US20050066186A1 (en) * | 2003-09-20 | 2005-03-24 | Gentle Christopher Reon | Method and apparatus for an encrypting keyboard |
US20050120214A1 (en) * | 2003-12-02 | 2005-06-02 | Microsoft Corporation | Systems and methods for enhancing security of communication over a public network |
US7069437B2 (en) * | 1998-08-06 | 2006-06-27 | Cryptek, Inc. | Multi-level security network system |
US20060161791A1 (en) * | 2005-01-19 | 2006-07-20 | Bennett Charles H | Access-controlled encrypted recording system for site, interaction and process monitoring |
US7100048B1 (en) * | 2000-01-25 | 2006-08-29 | Space Micro Inc. | Encrypted internet and intranet communication device |
US20060242423A1 (en) * | 2005-04-22 | 2006-10-26 | Kussmaul John W | Isolated authentication device and associated methods |
US20070028134A1 (en) * | 2005-06-01 | 2007-02-01 | Infineon Technologies Ag | Communication device and method of transmitting data |
US20070094430A1 (en) * | 2005-10-20 | 2007-04-26 | Speier Thomas P | Method and apparatus to clear semaphore reservation |
US7234158B1 (en) * | 2002-04-01 | 2007-06-19 | Microsoft Corporation | Separate client state object and user interface domains |
US20070180493A1 (en) * | 2006-01-24 | 2007-08-02 | Citrix Systems, Inc. | Methods and systems for assigning access control levels in providing access to resources via virtual machines |
US20070180263A1 (en) * | 2005-12-16 | 2007-08-02 | David Delgrosso | Identification and remote network access using biometric recognition |
US20070258595A1 (en) * | 2004-03-11 | 2007-11-08 | Universal Electronics Inc. | Syncronizing Device-Specific Encrypted Data to and from Mobile Devices Using Detachable Storage Media |
US20080059379A1 (en) * | 2006-05-18 | 2008-03-06 | Icache, Inc. | Method and apparatus for biometrically secured encrypted data storage and retrieval |
US20080065837A1 (en) * | 2006-09-07 | 2008-03-13 | Sodick Co., Ltd. | Computerized numerical control system with human interface using low cost shared memory |
US20080120511A1 (en) * | 2006-11-17 | 2008-05-22 | Electronic Data Systems Corporation | Apparatus, and associated method, for providing secure data entry of confidential information |
US20080144821A1 (en) * | 2006-10-26 | 2008-06-19 | Marvell International Ltd. | Secure video distribution |
US20080209216A1 (en) * | 2005-09-30 | 2008-08-28 | Kelly Thomas J | Method and system for automated authentication of a device to a management node of a computer network |
US20080263672A1 (en) * | 2007-04-18 | 2008-10-23 | Hewlett-Packard Development Company L.P. | Protecting sensitive data intended for a remote application |
US20080288790A1 (en) * | 2004-04-09 | 2008-11-20 | Stephen Wilson | Means and Method of Using Cryptographic Device to Combat Online Institution Identity Theft |
US20080288475A1 (en) * | 2007-05-17 | 2008-11-20 | Sang-Heun Kim | Method and system for automatically generating web page transcoding instructions |
US7523856B2 (en) * | 1998-04-17 | 2009-04-28 | Diebold Self-Service Systems | Cash dispensing automated banking machine with flexible display |
US20090150676A1 (en) * | 2007-12-07 | 2009-06-11 | Sherman Xuemin Chen | Method and system for robust watermark insertion and extraction for digital set-top boxes |
US7581097B2 (en) * | 2003-12-23 | 2009-08-25 | Lenovo Pte Ltd | Apparatus, system, and method for secure communications from a human interface device |
US20100324380A1 (en) * | 2002-08-20 | 2010-12-23 | Welch Allyn, Inc. | Mobile medical workstation |
Family Cites Families (147)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4213177A (en) * | 1978-04-24 | 1980-07-15 | Texas Instruments Incorporated | Eight bit standard connector bus for sixteen bit microcomputer using mirrored memory boards |
US4375665A (en) * | 1978-04-24 | 1983-03-01 | Texas Instruments Incorporated | Eight bit standard connector bus for sixteen bit microcomputer using mirrored memory boards |
US4214302A (en) * | 1978-04-24 | 1980-07-22 | Texas Instruments Incorporated | Eight bit standard connector bus for sixteen bit microcomputer |
US4163289A (en) * | 1978-05-01 | 1979-07-31 | Texas Instruments Incorporated | Sixteen bit microcomputer memory boards for use with eight bit standard connector bus |
DE3782819D1 (en) * | 1987-06-02 | 1993-01-07 | Itt Ind Gmbh Deutsche | CONTROL PROCESSOR. |
US5185877A (en) * | 1987-09-04 | 1993-02-09 | Digital Equipment Corporation | Protocol for transfer of DMA data |
JPH0294836A (en) * | 1988-09-30 | 1990-04-05 | Aisin Seiki Co Ltd | Privacy telephone communication controller |
US5347579A (en) * | 1989-07-05 | 1994-09-13 | Blandford Robert R | Personal computer diary |
US5163138A (en) * | 1989-08-01 | 1992-11-10 | Digital Equipment Corporation | Protocol for read write transfers via switching logic by transmitting and retransmitting an address |
US4987595A (en) * | 1989-09-11 | 1991-01-22 | Motorola, Inc. | Secure cryptographic processor arrangement |
US5289478A (en) * | 1991-03-11 | 1994-02-22 | Fujitsu Limited | Method and means for verification of write data |
IL103062A (en) | 1992-09-04 | 1996-08-04 | Algorithmic Res Ltd | Data processor security system |
US5454039A (en) * | 1993-12-06 | 1995-09-26 | International Business Machines Corporation | Software-efficient pseudorandom function and the use thereof for encryption |
US5835726A (en) * | 1993-12-15 | 1998-11-10 | Check Point Software Technologies Ltd. | System for securing the flow of and selectively modifying packets in a computer network |
GB2285524B (en) * | 1994-01-11 | 1998-02-04 | Advanced Risc Mach Ltd | Data memory and processor bus |
US5517569A (en) | 1994-03-18 | 1996-05-14 | Clark; Dereck B. | Methods and apparatus for interfacing an encryption module with a personal computer |
US5815577A (en) | 1994-03-18 | 1998-09-29 | Innovonics, Inc. | Methods and apparatus for securely encrypting data in conjunction with a personal computer |
US5530758A (en) * | 1994-06-03 | 1996-06-25 | Motorola, Inc. | Operational methods for a secure node in a computer network |
US5548646A (en) * | 1994-09-15 | 1996-08-20 | Sun Microsystems, Inc. | System for signatureless transmission and reception of data packets between computer networks |
US5748871A (en) * | 1995-08-11 | 1998-05-05 | Symbios Logic Inc. | Dual bus architecture for a storage device |
US5829046A (en) | 1995-10-27 | 1998-10-27 | Emc Corporation | On-line tape backup using an integrated cached disk array |
US6331856B1 (en) * | 1995-11-22 | 2001-12-18 | Nintendo Co., Ltd. | Video game system with coprocessor providing high speed efficient 3D graphics and digital audio signal processing |
JPH10178421A (en) * | 1996-10-18 | 1998-06-30 | Toshiba Corp | Packet processor, mobile computer, packet transferring method and packet processing method |
JP3526524B2 (en) * | 1996-10-31 | 2004-05-17 | 松下電器産業株式会社 | One-way data conversion device and device authentication system |
US5940507A (en) * | 1997-02-11 | 1999-08-17 | Connected Corporation | Secure file archive through encryption key management |
US5946399A (en) * | 1997-02-18 | 1999-08-31 | Motorola, Inc. | Fail-safe device driver and method |
US5995628A (en) * | 1997-04-07 | 1999-11-30 | Motorola, Inc. | Failsafe security system and method |
JP3710257B2 (en) * | 1997-06-10 | 2005-10-26 | キヤノン株式会社 | Camera control system, control method thereof, and storage medium storing program for executing control |
US6289377B1 (en) * | 1997-11-10 | 2001-09-11 | General Instrument Corporation | Dynamic network configuration of a one-way adapter using a proxy agent that communicates with a resource server through a configured return path adapter |
US6023570A (en) * | 1998-02-13 | 2000-02-08 | Lattice Semiconductor Corp. | Sequential and simultaneous manufacturing programming of multiple in-system programmable systems through a data network |
GB9816503D0 (en) * | 1998-07-30 | 1998-09-23 | Ncr Int Inc | Self-service terminal |
US6970183B1 (en) * | 2000-06-14 | 2005-11-29 | E-Watch, Inc. | Multimedia surveillance and monitoring system including network configuration |
US6738388B1 (en) * | 1998-09-10 | 2004-05-18 | Fisher-Rosemount Systems, Inc. | Shadow function block interface for use in a process control network |
US6317831B1 (en) * | 1998-09-21 | 2001-11-13 | Openwave Systems Inc. | Method and apparatus for establishing a secure connection over a one-way data path |
US6170023B1 (en) * | 1998-10-07 | 2001-01-02 | International Business Machines Corporation | System for accessing an input/output device using multiple addresses |
US6167459A (en) * | 1998-10-07 | 2000-12-26 | International Business Machines Corporation | System for reassigning alias addresses to an input/output device |
US6185638B1 (en) | 1998-10-07 | 2001-02-06 | International Business Machines Corporation | Method and system for dynamically assigning addresses to an input/output device |
US6202095B1 (en) * | 1998-10-07 | 2001-03-13 | International Business Machines Corporation | Defining characteristics between processing systems |
US6467009B1 (en) * | 1998-10-14 | 2002-10-15 | Triscend Corporation | Configurable processor system unit |
US6615244B1 (en) * | 1998-11-28 | 2003-09-02 | Tara C Singhal | Internet based archive system for personal computers |
US6275891B1 (en) * | 1999-02-25 | 2001-08-14 | Lsi Logic Corporation | Modular and scalable system for signal and multimedia processing |
US6957330B1 (en) * | 1999-03-01 | 2005-10-18 | Storage Technology Corporation | Method and system for secure information handling |
KR20010011667A (en) | 1999-07-29 | 2001-02-15 | 이종우 | Keyboard having secure function and system using the same |
DE10033673B4 (en) * | 1999-08-17 | 2005-10-20 | Ibm | Method for archiving and delivering documents using a central archive system |
US6643701B1 (en) * | 1999-11-17 | 2003-11-04 | Sun Microsystems, Inc. | Method and apparatus for providing secure communication with a relay in a network |
US6601170B1 (en) | 1999-12-30 | 2003-07-29 | Clyde Riley Wallace, Jr. | Secure internet user state creation method and system with user supplied key and seeding |
CA2314573C (en) * | 2000-01-13 | 2009-09-29 | Z.I. Probes, Inc. | System for acquiring data from a facility and method |
US6601126B1 (en) * | 2000-01-20 | 2003-07-29 | Palmchip Corporation | Chip-core framework for systems-on-a-chip |
US6915435B1 (en) * | 2000-02-09 | 2005-07-05 | Sun Microsystems, Inc. | Method and system for managing information retention |
US6636838B1 (en) | 2000-02-23 | 2003-10-21 | Sun Microsystems, Inc. | Content screening with end-to-end encryption |
JP2001285296A (en) * | 2000-03-29 | 2001-10-12 | Fujitsu Ltd | Repeater |
EP1158743B1 (en) * | 2000-05-23 | 2008-07-09 | Hitachi, Ltd. | Computing system with remote copy facility |
US6931549B1 (en) * | 2000-05-25 | 2005-08-16 | Stamps.Com | Method and apparatus for secure data storage and retrieval |
US6862663B1 (en) * | 2000-06-30 | 2005-03-01 | Intel Corporation | Cache having a prioritized replacement technique and method therefor |
ATE307452T1 (en) * | 2000-08-25 | 2005-11-15 | Research In Motion Ltd | SYSTEM AND METHOD FOR IMPLEMENTING THE ENHANCED TRANSPORT LAYER SECURITY PROTOCOL |
US7734724B2 (en) * | 2000-09-06 | 2010-06-08 | Xanboo Inc. | Automated upload of content based on captured event |
US6986061B1 (en) * | 2000-11-20 | 2006-01-10 | International Business Machines Corporation | Integrated system for network layer security and fine-grained identity-based access control |
US20020064282A1 (en) | 2000-11-29 | 2002-05-30 | Dmitrii Loukianov | Decryption key management in remote nodes |
AU2002222739A1 (en) * | 2000-12-09 | 2002-07-01 | Markany Inc. | Network camera apparatus, network camera server and digital video recorder for preventing forgery and alteration of digital image, and apparatus for authenticating the digital image from said apparatus, and method thereof |
US20020112181A1 (en) | 2000-12-12 | 2002-08-15 | Smith Mark Elwin | Multilevel secure network access system |
US7165096B2 (en) | 2000-12-22 | 2007-01-16 | Data Plow, Inc. | Storage area network file system |
GB2371125A (en) | 2001-01-13 | 2002-07-17 | Secr Defence | Computer protection system |
US7392541B2 (en) | 2001-05-17 | 2008-06-24 | Vir2Us, Inc. | Computer system architecture and method providing operating-system independent virus-, hacker-, and cyber-terror-immune processing environments |
JP4226231B2 (en) * | 2001-06-13 | 2009-02-18 | 株式会社日立国際電気 | Video signal processing system |
US6941575B2 (en) * | 2001-06-26 | 2005-09-06 | Digeo, Inc. | Webcam-based interface for initiating two-way video communication and providing access to cached video |
US6760769B2 (en) * | 2001-08-31 | 2004-07-06 | Adaptec, Inc. | Apparatus and methods for transmitting data at high speed using TCP/IP |
US7009530B2 (en) | 2001-09-13 | 2006-03-07 | M&Fc Holding, Llc | Modular wireless fixed network for wide-area metering data collection and meter module apparatus |
GB2385951A (en) | 2001-09-21 | 2003-09-03 | Sun Microsystems Inc | Data encryption and decryption |
US6671525B2 (en) * | 2001-12-13 | 2003-12-30 | Motorola, Inc. | Beacon assisted hybrid asynchronous wireless communications protocol |
JP4122777B2 (en) * | 2002-01-18 | 2008-07-23 | 日本ビクター株式会社 | Content recording / playback device |
US7324515B1 (en) | 2002-03-27 | 2008-01-29 | Cisco Technology, Inc. | Proxy addressing scheme for cable networks |
JP2003280826A (en) * | 2002-03-27 | 2003-10-02 | Hitachi Ltd | Storage sub-system |
JP4447821B2 (en) * | 2002-04-15 | 2010-04-07 | ソニー株式会社 | Information processing apparatus and method |
US7679649B2 (en) | 2002-04-19 | 2010-03-16 | Ralston John D | Methods for deploying video monitoring applications and services across heterogenous networks |
JP3764125B2 (en) * | 2002-04-26 | 2006-04-05 | 富士通株式会社 | Gateway, communication terminal device, and communication control program |
FI113121B (en) * | 2002-05-30 | 2004-02-27 | Metso Automation Oy | Systems, data communication networks and a method for transmitting information |
US7366894B1 (en) | 2002-06-25 | 2008-04-29 | Cisco Technology, Inc. | Method and apparatus for dynamically securing voice and other delay-sensitive network traffic |
US20040080615A1 (en) * | 2002-08-21 | 2004-04-29 | Strategic Vista Intenational Inc. | Digital video security system |
JP2004133733A (en) * | 2002-10-11 | 2004-04-30 | Sony Corp | Display device, display method, and program |
KR20040079596A (en) * | 2003-03-08 | 2004-09-16 | 주식회사 성진씨앤씨 | Network camera embedded with hub |
US7418600B2 (en) | 2003-03-13 | 2008-08-26 | International Business Machines Corporation | Secure database access through partial encryption |
US20060173787A1 (en) | 2003-03-24 | 2006-08-03 | Daniel Weber | Data protection management apparatus and data protection management method |
US7798900B2 (en) * | 2003-04-03 | 2010-09-21 | Igt | Secure gaming system |
US8234504B2 (en) | 2003-04-15 | 2012-07-31 | Broadcom Corporation | Method and system for data encryption and decryption |
US6842133B2 (en) * | 2003-04-30 | 2005-01-11 | Intel Corporation | Strobe through differential signaling |
JP2004343627A (en) * | 2003-05-19 | 2004-12-02 | Canon Inc | Digital camera |
WO2004105297A2 (en) * | 2003-05-19 | 2004-12-02 | Network Security Technologies, Inc. | Method and system for providing secure one-way transfer of data |
US7260833B1 (en) | 2003-07-18 | 2007-08-21 | The United States Of America As Represented By The Secretary Of The Navy | One-way network transmission interface unit |
US7266847B2 (en) | 2003-09-25 | 2007-09-04 | Voltage Security, Inc. | Secure message system with remote decryption service |
US7792300B1 (en) | 2003-09-30 | 2010-09-07 | Oracle America, Inc. | Method and apparatus for re-encrypting data in a transaction-based secure storage system |
US7685436B2 (en) | 2003-10-02 | 2010-03-23 | Itt Manufacturing Enterprises, Inc. | System and method for a secure I/O interface |
US20050085964A1 (en) * | 2003-10-21 | 2005-04-21 | Knapp Benjamin P. | Network coupled diagnosis and maintenance system |
US7280956B2 (en) | 2003-10-24 | 2007-10-09 | Microsoft Corporation | System, method, and computer program product for file encryption, decryption and transfer |
US7587591B2 (en) * | 2003-10-31 | 2009-09-08 | Juniper Networks, Inc. | Secure transport of multicast traffic |
US8010789B2 (en) | 2003-11-13 | 2011-08-30 | Lantronix, Inc. | Secure data transfer using an embedded system |
JP4450609B2 (en) * | 2003-11-28 | 2010-04-14 | 株式会社日立製作所 | Storage device |
US7336865B2 (en) | 2003-12-19 | 2008-02-26 | Hitachi Metals, Ltd. | Optical switch |
JP4859348B2 (en) | 2004-02-18 | 2012-01-25 | 大日本印刷株式会社 | Computer system |
US7120723B2 (en) * | 2004-03-25 | 2006-10-10 | Micron Technology, Inc. | System and method for memory hub-based expansion bus |
US7119678B2 (en) * | 2004-05-26 | 2006-10-10 | Honeywell International, Inc. | Wireless light sensor input to a security system |
US7761529B2 (en) | 2004-06-30 | 2010-07-20 | Intel Corporation | Method, system, and program for managing memory requests by devices |
US7254663B2 (en) | 2004-07-22 | 2007-08-07 | International Business Machines Corporation | Multi-node architecture with daisy chain communication link configurable to operate in unidirectional and bidirectional modes |
US7200693B2 (en) | 2004-08-27 | 2007-04-03 | Micron Technology, Inc. | Memory system and method having unidirectional data buses |
JP4555040B2 (en) | 2004-09-22 | 2010-09-29 | 株式会社日立製作所 | Storage device and storage device write access processing method |
JP4555046B2 (en) * | 2004-10-15 | 2010-09-29 | ヒタチグローバルストレージテクノロジーズネザーランドビーブイ | Data transfer system and data transfer method |
US7441060B2 (en) | 2004-10-29 | 2008-10-21 | International Business Machines Corporation | System, method and storage medium for providing a service interface to a memory system |
JP4520840B2 (en) | 2004-12-02 | 2010-08-11 | 株式会社日立製作所 | Encrypted communication relay method, gateway server device, encrypted communication program, and encrypted communication program storage medium |
JP4618785B2 (en) * | 2004-12-24 | 2011-01-26 | 株式会社日立製作所 | Data processing system and method |
US7761704B2 (en) | 2005-03-17 | 2010-07-20 | Oracle International Corporation | Method and apparatus for expiring encrypted data |
US7269704B2 (en) | 2005-03-30 | 2007-09-11 | Atmel Corporation | Method and apparatus for reducing system inactivity during time data float delay and external memory write |
US8069250B2 (en) | 2005-04-28 | 2011-11-29 | Vmware, Inc. | One-way proxy system |
US8041832B2 (en) | 2005-05-05 | 2011-10-18 | Verizon Services Corp. | Network data distribution system and method |
US7941860B2 (en) | 2005-05-13 | 2011-05-10 | Intel Corporation | Apparatus and method for content protection using one-way buffers |
US20060288010A1 (en) | 2005-05-20 | 2006-12-21 | Jeffrey Chen | Networking at a convention |
US20070063866A1 (en) | 2005-06-02 | 2007-03-22 | Andisa Technologies, Inc. | Remote meter monitoring and control system |
US20060294295A1 (en) | 2005-06-24 | 2006-12-28 | Yukio Fukuzo | DRAM chip device well-communicated with flash memory chip and multi-chip package comprising such a device |
US20070028027A1 (en) | 2005-07-26 | 2007-02-01 | Micron Technology, Inc. | Memory device and method having separate write data and read data buses |
JP4764103B2 (en) | 2005-08-18 | 2011-08-31 | 株式会社東芝 | Content data distribution system and information processing apparatus |
US7716467B1 (en) | 2005-12-02 | 2010-05-11 | Sprint Communications Company L.P. | Encryption gateway service |
EP1802030A1 (en) | 2005-12-23 | 2007-06-27 | Nagracard S.A. | Secure system-on-chip |
US8046821B2 (en) | 2006-02-13 | 2011-10-25 | Qualcomm Incorporated | Mechanism and method for controlling network access to a service provider |
US7441102B2 (en) | 2006-02-28 | 2008-10-21 | Freescale Semiconductor, Inc. | Integrated circuit with functional state configurable memory and method of configuring functional states of the integrated circuit memory |
US7849330B2 (en) | 2006-03-20 | 2010-12-07 | Hitachi, Ltd. | Apparatus and method for secure data disposal |
KR101019443B1 (en) | 2006-03-31 | 2011-03-07 | 후지쯔 가부시끼가이샤 | Memory apparatus, error correction supporting method thereof, computer readable recording medium having supporting program thereof recorded, memory card, circuit board and electronic device |
US7814316B1 (en) | 2006-04-14 | 2010-10-12 | Oracle America, Inc. | System, method and data storage device for encrypting data |
US7675867B1 (en) | 2006-04-19 | 2010-03-09 | Owl Computing Technologies, Inc. | One-way data transfer system with built-in data verification mechanism |
US20070283297A1 (en) | 2006-05-30 | 2007-12-06 | Thomas Hein | Signal processing circuit |
HUE030535T2 (en) | 2006-06-27 | 2017-05-29 | Waterfall Security Solutions Ltd | Unidirectional secure links from and to a security engine |
US20080005325A1 (en) | 2006-06-28 | 2008-01-03 | Microsoft Corporation | User communication restrictions |
IL177756A (en) | 2006-08-29 | 2014-11-30 | Lior Frenkel | Encryption-based attack prevention |
US20080066192A1 (en) | 2006-09-07 | 2008-03-13 | International Business Machines Corporation | Keyless copy of encrypted data |
US7660959B2 (en) | 2006-09-28 | 2010-02-09 | International Business Machines Corporation | Managing encryption for volumes in storage pools |
IL180020A (en) | 2006-12-12 | 2013-03-24 | Waterfall Security Solutions Ltd | Encryption -and decryption-enabled interfaces |
US20080155273A1 (en) | 2006-12-21 | 2008-06-26 | Texas Instruments, Inc. | Automatic Bus Encryption And Decryption |
EP2101884A1 (en) | 2006-12-21 | 2009-09-23 | International Business Machines Corporation | Training coordinator device and method |
IL180748A (en) | 2007-01-16 | 2013-03-24 | Waterfall Security Solutions Ltd | Secure archive |
US7649452B2 (en) | 2007-06-29 | 2010-01-19 | Waterfall Solutions Ltd. | Protection of control networks using a one-way link |
US7992209B1 (en) | 2007-07-19 | 2011-08-02 | Owl Computing Technologies, Inc. | Bilateral communication using multiple one-way data links |
US7698470B2 (en) | 2007-08-06 | 2010-04-13 | Qimonda Ag | Integrated circuit, chip stack and data processing system |
US7941828B2 (en) | 2007-08-24 | 2011-05-10 | The Boeing Company | Method and apparatus for simultaneous viewing of two isolated data sources |
US8223205B2 (en) | 2007-10-24 | 2012-07-17 | Waterfall Solutions Ltd. | Secure implementation of network-based sensors |
US8046443B2 (en) | 2008-08-21 | 2011-10-25 | Red Hat, Inc. | Rapid deployment remote network monitor |
US8583979B1 (en) | 2008-10-17 | 2013-11-12 | Sk Hynix Memory Solutions Inc. | Multiple interleavers in a coding system |
IL194943A0 (en) | 2008-10-27 | 2009-09-22 | Human Interface Security Ltd | Verification of data transmitted by computer |
US9098210B2 (en) | 2009-10-29 | 2015-08-04 | Oracle America, Inc. | Automatically linking partitions on a tape media device |
JP5585725B2 (en) | 2011-04-20 | 2014-09-10 | 富士通株式会社 | Relay device and recovery method |
US8615656B2 (en) | 2012-01-09 | 2013-12-24 | The Mitre Corporation | Secure remote peripheral encryption tunnel |
-
2006
- 2006-12-12 IL IL180020A patent/IL180020A/en active IP Right Grant
-
2007
- 2007-12-11 ES ES07849562.9T patent/ES2623434T3/en active Active
- 2007-12-11 EP EP07849562.9A patent/EP2119075B1/en active Active
- 2007-12-11 WO PCT/IL2007/001535 patent/WO2008072234A2/en active Application Filing
- 2007-12-11 US US12/518,276 patent/US9268957B2/en active Active
- 2007-12-11 HU HUE07849562A patent/HUE032806T2/en unknown
-
2009
- 2009-06-09 US US12/480,692 patent/US20090300368A1/en not_active Abandoned
-
2014
- 2014-10-13 US US14/512,496 patent/US20150082052A1/en not_active Abandoned
Patent Citations (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5822435A (en) * | 1992-07-10 | 1998-10-13 | Secure Computing Corporation | Trusted path subsystem for workstations |
US5388212A (en) * | 1993-02-26 | 1995-02-07 | Motorola Inc. | Detecting unauthorized modification of communication unit based on comparison between stored hardware identification code and hardware identification code generated from operational platform identification code |
US5825879A (en) * | 1996-09-30 | 1998-10-20 | Intel Corporation | System and method for copy-protecting distributed video content |
US6311272B1 (en) * | 1997-11-17 | 2001-10-30 | M-Systems Flash Disk Pioneers Ltd. | Biometric system and techniques suitable therefor |
US6134661A (en) * | 1998-02-11 | 2000-10-17 | Topp; William C. | Computer network security device and method |
US7523856B2 (en) * | 1998-04-17 | 2009-04-28 | Diebold Self-Service Systems | Cash dispensing automated banking machine with flexible display |
US6442607B1 (en) * | 1998-08-06 | 2002-08-27 | Intel Corporation | Controlling data transmissions from a computer |
US7069437B2 (en) * | 1998-08-06 | 2006-06-27 | Cryptek, Inc. | Multi-level security network system |
US20020174010A1 (en) * | 1999-09-08 | 2002-11-21 | Rice James L. | System and method of permissive data flow and application transfer |
US6738742B2 (en) * | 1999-09-23 | 2004-05-18 | International Business Machines Corporation | Audio notification management system |
US7100048B1 (en) * | 2000-01-25 | 2006-08-29 | Space Micro Inc. | Encrypted internet and intranet communication device |
US20020077990A1 (en) * | 2000-12-20 | 2002-06-20 | Pitney Bowes Inc. | Method for reissuing indicium in a postage metering system |
US20020188862A1 (en) * | 2001-03-28 | 2002-12-12 | Trethewey James R. | Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers |
US20030005295A1 (en) * | 2001-06-29 | 2003-01-02 | Girard Luke E. | Method and apparatus to improve the protection of information presented by a computer |
US6758404B2 (en) * | 2001-08-03 | 2004-07-06 | General Instrument Corporation | Media cipher smart card |
US20040024710A1 (en) * | 2002-03-07 | 2004-02-05 | Llavanya Fernando | Secure input pad partition |
US7234158B1 (en) * | 2002-04-01 | 2007-06-19 | Microsoft Corporation | Separate client state object and user interface domains |
US20100324380A1 (en) * | 2002-08-20 | 2010-12-23 | Welch Allyn, Inc. | Mobile medical workstation |
US20040125077A1 (en) * | 2002-10-03 | 2004-07-01 | Ashton Jason A. | Remote control for secure transactions |
US20050015624A1 (en) * | 2003-06-09 | 2005-01-20 | Andrew Ginter | Event monitoring and management |
US20050057774A1 (en) * | 2003-09-08 | 2005-03-17 | Akeo Maruyama | Printer server, client terminal, image forming apparatus, print data generating method, and computer product |
US20050066186A1 (en) * | 2003-09-20 | 2005-03-24 | Gentle Christopher Reon | Method and apparatus for an encrypting keyboard |
US20050120214A1 (en) * | 2003-12-02 | 2005-06-02 | Microsoft Corporation | Systems and methods for enhancing security of communication over a public network |
US7581097B2 (en) * | 2003-12-23 | 2009-08-25 | Lenovo Pte Ltd | Apparatus, system, and method for secure communications from a human interface device |
US20070258595A1 (en) * | 2004-03-11 | 2007-11-08 | Universal Electronics Inc. | Syncronizing Device-Specific Encrypted Data to and from Mobile Devices Using Detachable Storage Media |
US20080288790A1 (en) * | 2004-04-09 | 2008-11-20 | Stephen Wilson | Means and Method of Using Cryptographic Device to Combat Online Institution Identity Theft |
US20060161791A1 (en) * | 2005-01-19 | 2006-07-20 | Bennett Charles H | Access-controlled encrypted recording system for site, interaction and process monitoring |
US20060242423A1 (en) * | 2005-04-22 | 2006-10-26 | Kussmaul John W | Isolated authentication device and associated methods |
US20070028134A1 (en) * | 2005-06-01 | 2007-02-01 | Infineon Technologies Ag | Communication device and method of transmitting data |
US20080209216A1 (en) * | 2005-09-30 | 2008-08-28 | Kelly Thomas J | Method and system for automated authentication of a device to a management node of a computer network |
US20070094430A1 (en) * | 2005-10-20 | 2007-04-26 | Speier Thomas P | Method and apparatus to clear semaphore reservation |
US20070180263A1 (en) * | 2005-12-16 | 2007-08-02 | David Delgrosso | Identification and remote network access using biometric recognition |
US20070180493A1 (en) * | 2006-01-24 | 2007-08-02 | Citrix Systems, Inc. | Methods and systems for assigning access control levels in providing access to resources via virtual machines |
US20080059379A1 (en) * | 2006-05-18 | 2008-03-06 | Icache, Inc. | Method and apparatus for biometrically secured encrypted data storage and retrieval |
US20080065837A1 (en) * | 2006-09-07 | 2008-03-13 | Sodick Co., Ltd. | Computerized numerical control system with human interface using low cost shared memory |
US20080144821A1 (en) * | 2006-10-26 | 2008-06-19 | Marvell International Ltd. | Secure video distribution |
US20080120511A1 (en) * | 2006-11-17 | 2008-05-22 | Electronic Data Systems Corporation | Apparatus, and associated method, for providing secure data entry of confidential information |
US20080263672A1 (en) * | 2007-04-18 | 2008-10-23 | Hewlett-Packard Development Company L.P. | Protecting sensitive data intended for a remote application |
US20080288475A1 (en) * | 2007-05-17 | 2008-11-20 | Sang-Heun Kim | Method and system for automatically generating web page transcoding instructions |
US20090150676A1 (en) * | 2007-12-07 | 2009-06-11 | Sherman Xuemin Chen | Method and system for robust watermark insertion and extraction for digital set-top boxes |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8756436B2 (en) | 2007-01-16 | 2014-06-17 | Waterfall Security Solutions Ltd. | Secure archive |
US20080181409A1 (en) * | 2007-01-31 | 2008-07-31 | Zhuqiang Wang | Method for guaranteeing security of critical data, terminal and secured chip |
US8275134B2 (en) * | 2007-01-31 | 2012-09-25 | Lenovo (Beijing) Limited | Method for guaranteeing security of critical data, terminal and secured chip |
US20100180120A1 (en) * | 2007-09-06 | 2010-07-15 | Human Interface Security Ltd | Information protection device |
US10785256B1 (en) | 2008-06-04 | 2020-09-22 | United Services Automobile Association (Usaa) | Systems and methods for key logger prevention security techniques |
US9998493B1 (en) | 2008-06-04 | 2018-06-12 | United Services Automobile Association (Usaa) | Systems and methods for key logger prevention security techniques |
US8799809B1 (en) | 2008-06-04 | 2014-08-05 | United Services Automobile Association (Usaa) | Systems and methods for key logger prevention security techniques |
US11647044B1 (en) * | 2008-06-04 | 2023-05-09 | United Services Automobile Association (Usaa) | Systems and methods for key logger prevention security techniques |
US20110202772A1 (en) * | 2008-10-27 | 2011-08-18 | Human Interface Security Ltd. | Networked computer identity encryption and verification |
US8826028B1 (en) * | 2010-11-12 | 2014-09-02 | Google Inc. | Cryptography secure input device |
US20140244513A1 (en) * | 2013-02-22 | 2014-08-28 | Miguel Ballesteros | Data protection in near field communications (nfc) transactions |
US20140281549A1 (en) * | 2013-03-15 | 2014-09-18 | Strikeforce Technologies, Inc. | Methods and apparatus for securing user input in a mobile device |
WO2014145186A1 (en) * | 2013-03-15 | 2014-09-18 | Strikeforce Technologies, Inc. | Methods and apparatus for securing user input in a mobile device |
US20140358691A1 (en) * | 2013-06-03 | 2014-12-04 | Cloudwear, Inc. | System for selecting and receiving primary and supplemental advertiser information using a wearable-computing device |
US20140358669A1 (en) * | 2013-06-03 | 2014-12-04 | Cloudwear, Inc. | Method for selecting and receiving primary and supplemental advertiser information using a wearable-computing device |
US20160286158A1 (en) * | 2015-03-26 | 2016-09-29 | Olympus Corporation | Information recording apparatus and tamper prevention method for information recording apparatus |
US9930288B2 (en) * | 2015-03-26 | 2018-03-27 | Olympus Corporation | Information recording apparatus and tamper prevention method for information recording apparatus |
US11587073B1 (en) * | 2017-12-15 | 2023-02-21 | Worldpay, Llc | Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting |
US20230222497A1 (en) * | 2017-12-15 | 2023-07-13 | Worldpay, Llc | Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting |
US11461507B2 (en) * | 2018-10-30 | 2022-10-04 | Third Block Gear | Systems and methods for secure peripherals |
Also Published As
Publication number | Publication date |
---|---|
IL180020A0 (en) | 2007-12-03 |
US20150082052A1 (en) | 2015-03-19 |
WO2008072234A2 (en) | 2008-06-19 |
HUE032806T2 (en) | 2017-11-28 |
US20100278339A1 (en) | 2010-11-04 |
US9268957B2 (en) | 2016-02-23 |
EP2119075A2 (en) | 2009-11-18 |
IL180020A (en) | 2013-03-24 |
EP2119075B1 (en) | 2017-02-08 |
WO2008072234A3 (en) | 2009-05-07 |
EP2119075A4 (en) | 2011-07-06 |
ES2623434T3 (en) | 2017-07-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20090300368A1 (en) | User interface for secure data entry | |
US7353393B2 (en) | Authentication receipt | |
AU2009329836B2 (en) | Digital video guard | |
US8868927B1 (en) | Method and apparatus for secure data input and output | |
US20180219688A1 (en) | Information Transmission Method and Mobile Device | |
US8769307B2 (en) | Secure operation indicator | |
US20100313028A1 (en) | Electronic Signature Method and Electronic Signature Tool | |
Nguyen et al. | Cloud-based secure logger for medical devices | |
MXPA04001193A (en) | Optical out-of-band key distribution. | |
US20110202772A1 (en) | Networked computer identity encryption and verification | |
JP2008269610A (en) | Protecting sensitive data intended for remote application | |
CN104270353B (en) | information security transmission method and system, receiving terminal and sending terminal | |
KR20160108136A (en) | A Method and Apparatus For Providing a Secure Mode for User Device | |
US9971879B2 (en) | Secure recording and rendering of encrypted multimedia content | |
TWI599903B (en) | Encryption and decryption system and encryption and decryption method of electronic device | |
WO2023061320A1 (en) | Device identifier counterfeiting prevention method and apparatus, and electronic device | |
CN113193956B (en) | Account information processing method and device | |
EP2133810A2 (en) | Computer input device, method for inputting data to a computer, computing apparatus and computer software product | |
AU2018202766A1 (en) | A Process and Detachable Device for Using and Managing Encryption Keys | |
JP4140617B2 (en) | Authentication system using authentication recording medium and method of creating authentication recording medium | |
WO2016119437A1 (en) | Data protection method and device, and mobile terminal | |
US20050141705A1 (en) | Verification method of mobile communication system | |
JP2011097192A (en) | Encrypted message transmission device, program, encrypted message transmission method, and authentication system | |
JP2005236809A (en) | Method and device for decrypting image data | |
WO2003024019A1 (en) | Authentication receipt |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |