EP1121781A4 - ADAPTER WITH SAFE FUNCTION AND COMPUTER SYSTEM ON USING THE SAME - Google Patents

ADAPTER WITH SAFE FUNCTION AND COMPUTER SYSTEM ON USING THE SAME

Info

Publication number
EP1121781A4
EP1121781A4 EP00948363A EP00948363A EP1121781A4 EP 1121781 A4 EP1121781 A4 EP 1121781A4 EP 00948363 A EP00948363 A EP 00948363A EP 00948363 A EP00948363 A EP 00948363A EP 1121781 A4 EP1121781 A4 EP 1121781A4
Authority
EP
European Patent Office
Prior art keywords
secure
key
keyboard
computer system
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP00948363A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP1121781A1 (en
Inventor
Jong Woo Lee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SAFE TECHNOLOGY Co Ltd
Original Assignee
SAFE TECHNOLOGY CO Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SAFE TECHNOLOGY CO Ltd filed Critical SAFE TECHNOLOGY CO Ltd
Publication of EP1121781A1 publication Critical patent/EP1121781A1/en
Publication of EP1121781A4 publication Critical patent/EP1121781A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/02Input arrangements using manually operated switches, e.g. using keyboards or dials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect

Definitions

  • This invention relates to adapter ("secure adapter”), to be installed and used between a computer system and a keyboard, which provides security function, and secure computer system using thereof, in particular, to configuration for transferring input information from keyboard to computer system in secure mode by encrypting the data, and for transferring information to computer system in clear mode without encryption.
  • adapter secure adapter
  • Internet brings a representative paradigm of creating informational environment for individuals, business and e-trade.
  • Internet features openness and conformity, and surmounts difficulties in exchanging and sharing information resources whether used by an individual or a company, whereas the basic drawback of the Internet with respect to information protection and communication safety has been putting serious obstacles.
  • information secure system which is operable for each service type or application whether communication is trusted or not, as is the case with information exchange over the Internet, .
  • the computer operates by using direct connection between the keyboard and the system: the keyboard controller of the computer system receives a key code from the keyboard access port, transmits it to the computer system, and then application program in the computer system receives and uses this value.
  • the object of the present invention is to solve the above problems in full and to tackle related technical issues.
  • the object of the present invention is to prevent information (data) from being drained by other persons using methods not intended by user, such as hacking, enabling the user setting up a secure connection between the computer system and the keyboard for entering data from the keyboard into the computer system .
  • the present invention can cope with such problems as reproduction and can deal with storing and processing of the data which requires secure handling.
  • the present invention which is an adapter to transfer key code input information from the keyboard to the computer system, is configured to transfer the key code input information from the keyboard to the computer system after encrypting it only when the secure mode setup command is received from the keyboard or the computer system, and to transfer the information from the keyboard to the computer system without encrypting the data if the secure mode clear command is received or when in the clear secure mode state.
  • the encrypted key code input information may be the information from all key codes, and only the character and numeral key codes other than special key codes, depending on setup configuration.
  • Secure mode can be setup/cleared by using a special key ("secure key”), which is additionally installed on the keyboard, or using a combination of existing keys (e.g.,
  • CTRL key + ALT key + SHIFT key + S key CTRL key + ALT key + SHIFT key + S key. Also, the application program under execution in the computer system can set up or clear the secure mode depending on the given conditions, although the user does not control the secure mode with the key.
  • the configuration, for example, of a secure adapter for secure mode setup/clearing comprises the main processor to process secure mode setup/clearing commands and to create the secrete key in secure mode setting, the initial cipher to transfer the secrete key transmitted from the main processor to the keyboard controller of the computer system by encrypting the secrete key with the secure key from the computer system, and the stream cipher to encrypt the key code input information from the keyboard with the secrete key.
  • the secure adapter in the present invention comprises: a computer connection coupled to the keyboard port of the computer; a keyboard connection coupled to the keyboard plug; a transmit/receive control on the computer to control communication with the computer system; a transmit/receive control on the keyboard to control communication with the keyboard; a main processor to create a secrete key, to perform secure mode setup/clearing according to the secure mode commands, and to exchange the data between the computer system and the keyboard; an initial cipher to encrypt the secrete key transferred from the main processor with the secure key from the computer system and then transmit the encrypted secret key to the computer system when the secure mode is set up; and, a stream cipher to encrypt the key code input information with the secrete key from the main processor and then to transmit the encrypted information to the computer system when the secure mode is set up.
  • Said transmit/receive control on the computer writes all information to be transmitted on the input buffer first so that the control program transmits it at a proper time, and all received messages are written on the input buffer and can be used in other modules.
  • Said transmit/receive control on the keyboard transmits the key code input information from the keyboard to the main processor, all commands transmitted are written on the buffer and this module transmits them at a proper time.
  • Said stream cipher encrypts information transmitted from the main processor with the secrete key. While each different encryption function is applied because bits or characters of a plain text are encrypted, and thus different encryption function is applied and respective plain text bit is encrypted irregardless of other bits for stream cipher, unlike block cipher for which the same encryption function is applied to all plain texts, its encrypting speed is relatively high. Also, the impact of channel errors occurring in a certain bit during encryption or transmission process is advantageously applied only to the corresponding bit, but not propagated to other bits. However, configuration using block cipher instead of stream password can be used, if necessary.
  • the secure adapter of the present invention is not necessarily to be a device separated from the keyboard and the computer system in design, and can be coupled with the computer body or with the keyboard.
  • the transmit/receive means of the computer body and the keyboard may not be a cable, but the system can be designed so that radio information transmitter is installed on the keyboard and radio information receiver is installed on the computer body.
  • a secure adapter connected between the computer system and the keyboard as an independent device is shown.
  • an indication lamp showing operating state and a secure mode indication lamp (described below) are installed.
  • a secure adapter of the present invention may include one or more indication lamps. These indication lamps show the operation mode of the secure adapter, the secure mode indication lamp shows secure state, and so on.
  • the secure mode indication lamp is controlled by the main processor. Under secure mode, the secure mode indication lamp is on, and goes off when secure mode is cleared, while the lamp periodically blinks when secure mode state is disabled.
  • the disabled secure mode state means the case when setting of the computer system, the secure key and/or the secrete key was not performed normally.
  • the secure mode indication lamp is not only installed on the secure adapter, but on the front of the computer body, the keyboard or on the monitor as the case may be. If necessary, a small indicator (i.e., an icon type, etc.) can be displayed on the setup screen on the monitor to prompt whether the secure mode is set up or not.
  • safe memory interworking with the main configuration of the secure adapter may be added.
  • Said safe memory operates under the secure mode that an application program executed on the computer system established in necessary case, and is used for storing and processing encrypted data which requires separate security handling.
  • said safe memory comprises: a safe memory interface to transmit a password transmitted from the main processor, or the password and the data which requires security (“secure data”), to an encryption/key operation processor, and to transmit the data received from a decoder to the main processor; an encryption/key operation processor to convert the password to the key ("the safe key”), and then, if the secure data is not received together with the password from the safe memory interface, to transmit the safe key to the decoder and to encrypt the password with the safe key by encryption algorithm and calculate the integrity identification value of the encrypted password (“password integrity identification value”) and then to transmit the password integrity identification value to a comparison/processor, and, if the secure data is received together with the password from the safe memory interface, to encrypt the secure data with the safe key and calculate the integrity identification value of the encrypted secure data (“encrypted data integrity identification value”) and then to transmit the encrypted data integrity identification value together with the "encrypted data” to the comparison/processor; a comparison/processor to transmit the stored data to the decoder
  • the main processor of the secure adapter additionally has a function to transmit the password input request command to the computer system where the secure mode setup command received from the application program of the computer system is for the safe memory, and to transmit the password received from the keyboard to the safe memory.
  • the safe memory does not store password separately, and executes decoding using the safe key converted from the password only when the user enters the same password as the password used for storing the encrypted data. Whether the correct password is entered is acknowledged as valid access only when values are the same after comparing the "password integrity identification value" stored in the encrypted data of the data storage memory with the "password integrity identification value” calculated after encryption with the safe key converted from the newly entered password.
  • the safe key transferred from the encryption/key operation processor to the decoder is temporally stored on the buffer of the decoder and then the key is deleted from the buffer by the command from the comparison/processor, where the stored "password integrity identification value" and the "password integrity identification value” calculated from the newly entered password are not the same, as the result of execution of the comparison/processor.
  • the conversion of password to a safe key may be executed using various known methods such as hash function or polynomial algorithms.
  • Representative examples are the MAC hash function, the MDC hash function, the MD4 hash function, the MD5 hash function, the SHA hash function, the CRC algorithm, and so on.
  • the integrity identification protects data against hacker's active attacks because it is used as a means to identify the person who performs the access.
  • various known algorithms described above can be used, in particular Cyclic Redundancy Checking (CRC) algorithm is preferred.
  • CRC Cyclic Redundancy Checking
  • the CRC algorithm transmits the data of k+n bits by dividing the transmitted data into n+1 bit patterns and adding the remaining of n bits length occurred at the division to the end of data bits.
  • the algorithm can be adjusted so that the data is organized as n bits at the point to receive the data and the received data is divided by the pattern, and then data transmission errors are found through the remaining values.
  • the data transmission error identification algorithm configuration in communication is transformed and used, as the method to store the values to the data storage memory by calculating the CRC value ("encrypted data CRC value") of the data encrypted with the safe key converted from password and the CRC value of password ("password CRC value”), and to compare the "password CRC value” calculated from the password entered by the user with the "password CRC value” stored on the data storage memory when an application program of the computer system intends to acquire the data under the secure state.
  • n is 16 or 32 bits. In the present invention, 16 bits are preferably used.
  • the encryption algorithm used for encrypting with the safe key can be selected among various known encryption algorithms, or a separate algorithm can be developed and used.
  • the "password integrity identification value" and the “encrypted data integrity identification value” are stored together in the data storage memory, the "password integrity identification value” being used to identify whether the password to newly enter data is correct, while the “encrypted data integrity identification value” being used to identify whether the encrypted data is stored without errors or with errors during storage. That is, it is possible to identify the above by repeatedly encrypting the decoded data with the safe key, calculating the integrity identification value of the encrypted data, and comparing the value with the encrypted data integrity identification value written on the data storage memory. Therefore, it is possible to confirm whether errors occurred in storing or decoding the encrypted data, by adding a separate module that can execute such a function or adding such a function to the basic configuration module.
  • the encryption algorithm used in the safe memory may differ from the encryption algorithm used in the stream cipher of the secure adapter.
  • the present invention also relates to the computer security system, which comprises the secure adapter, the keyboard and the computer system.
  • a separate secure key for entering the secure mode setup/clearing command is incorporated in the keyboard and/or the secure mode setup/clearing command is created by the combination of existing key codes.
  • the computer system has the secure key creation function, the encryption/decoding function with the secrete key and the encryption/decoding function with the secure key, and includes the keyboard manager with application program interface.
  • the application program interface has the function to perform direct decoding in the application program of the computer system and/or provides the function with which the operating system of the computer system can perform decoding.
  • the secure key created in the keyboard manager of the computer system is transmitted to the secure adapter in setting the secure mode.
  • the secure key transmitted to the secure adapter encrypts the newly created secrete key from the adapter in each secure mode setup, and then retransmits the encrypted secrete key to the computer system.
  • the secure adapter transmits the key code value entered from the keyboard to the computer system after encrypting the value with the secrete key. Then, the computer system processes the encrypted key code input information transmitted from the secure adapter after decoding the information with the stored secrete key.
  • the computer system includes general operating system, application programs and so on in addition to the keyboard manager.
  • the function to decode encrypted information may be incorporated to the keyboard manager, the operating system and/or application programs. Wherein, there are protocols between application programs and the keyboard manager, and between the operating system and the keyboard manager, to acquire the decoded information. This is to prevent the case that a third person can misuse the external interface of the keyboard for hacking purposes.
  • the keyboard manager makes and sends the secure key to the secure adapter. Then the manager receives the secrete key encrypted by the secure key from the secure adapter in secure mode, and then receives key code input information encrypted by the secrete key from the secure adapter.
  • the encrypted key code input information received from the secure adapter by the keyboard manager is not immediately decoded, but stored in a location of the keyboard manager or the computer system and only the signal that any key code is pressed is sent to the application program interface by the operating system.
  • the application program interface interrupts the code and requests decoding of the key code first pressed to the keyboard manager. Then the keyboard manager transfers the stored encrypted key code input information to the application program interface after decoding it with the stored secrete key, and then the application program interface returns the decoded information to the application program as the result of examination.
  • BIOS operation BIOS operation
  • LOADER operation KERNEL operation
  • keyboard manager operation O.S operation
  • O.S operation is performed in sequence in applying power. Therefore, since the keyboard manager is executed while O.S is being loaded after a computer is energized, the keyboard manager is executed earlier than general hacking or application programs.
  • the keyboard input information is not encrypted and transferred to the keyboard manager and then directly to application programs through the operating system.
  • the main processor switches the system to secure mode and sends the password input request command to the computer system. If the computer system prompts for password input on screen, the user supplies the password, the password is transferred to the main processor through the keyboard transmit/receive control, and the main processor sends it to the interface of the safe memory.
  • the data from an application program is transferred to the main processor and then the main processor receives and transfers the data to the safe memory interface.
  • the safe memory interface transfers password and the secure data to the encryption/key operation processor
  • the encryption/key operation processor converts the password to the safe key and encrypts the secure data and the password, using the safe key.
  • the encryption/key operation processor calculates the CRC values of the encrypted password and the encrypted data, and then transmits the "encrypted data", the "password CRC value” and the "encrypted data CRC value" to the comparison/processor.
  • the comparison/processor records the information to the data storage memory (refer to the Fig.8).
  • the secure mode setup command from the application program is for decoding the stored encrypted information
  • only the password transferred to the safe memory interface is sent to the encryption/key operation processor.
  • the encryption/key operation processor encrypts password with the safe key after converting the password to the safe key, calculates the CRC value of the encrypted password ("password CRC value"), and then respectively transmits the "safe key” to the decoder, and the "password CRC value” to the comparison/processor.
  • the comparison/processor scans the data storage memory and confirms whether the "password CRC value" stored in the memory is equal to the "password CRC value" received from the encryption/key operation processor.
  • the comparison/processor receives and transfers the encrypted data from the data storage memory to the decoder.
  • the decoder decodes the encrypted data from the comparison/processor with the safe key, and deletes the safe key after transmission of the data to the safe memory interface. If two values are not equal, the comparison/processor deletes the safe key stored on the decoder buffer and transmits password nonconformity to the computer system (refer to Fig.9).
  • the process that the decoded data is encrypted again with the secrete key in the stream cipher and transmitted to the computer system is the same as the aforementioned description for the main configuration of a secure adapter. However, as the case may be, it is possible to organize the process where the data decoded in and transmitted from the safe memory can be transferred to the computer system without repeated encryption in the stream cipher.
  • the present invention also relates to a method to secure the key code input information transferred from the keyboard using the secure computer system.
  • the method comprises the steps for: transferring a secure key created in the keyboard manager of the computer system to the secure adapter in computer booting; creating a new secrete key in the main processor when the secure mode setup command from the keyboard or the computer system is transferred to the main processor of the secure adapter, and then transferring the secrete key to the initial cipher and the stream cipher of the secure adapter; encrypting the secrete key with the secure key in the initial cipher and then transferring the encrypted secrete key to the keyboard manager through the computer connection by the transmit/receive control on the computer; under secure mode, main processor transferring the information to the stream cipher if the key code input information of the keyboard is transferred to the main processor through the transmit/receive control on the keyboard, the stream cipher's encrypting the key code input information with the secrete key and transferring the encrypted information to the keyboard manager through computer connection by the transmit/receive control on the computer; computer system decoding the encrypted information using the secrete key; main processor transferring the secure mode clearing
  • the configuration further comprises the step of: main processor transferring the password from the transmit/receive control on the keyboard and the secure data from the transmit/receive control on the computer to the safe memory after the main processor transfers the password input request command to the computer system, and safe memory encrypting and then storing the received data using the password, if secure mode setup is made by the command from the application program of the computer system and also for data storage requiring security; but main processor transferring the password from the transmit/receive control on the keyboard to the safe memory after the main processor transfers the password input request command to the computer system, and safe memory decoding the encrypted data with the password and then transferring the decoded data to the main processor where the password is correct, but not decoding the encrypted data where not correct, if secure mode setup is made by the command from the application program of the computer system and also for acquisition of the secure data.
  • the keyboard manager of the computer system (not shown) transfers the secure key to the main processor through the computer connection by the transmit/receive control on the computer.
  • the main processor turns on the operating indication lamp and sends the secure key to the initial cipher.
  • the key code input information from the keyboard is transferred to the main processor through the keyboard connection by the transmit/receive control on the keyboard.
  • the main processor turns on the secure mode indication lamp, creates and transfers the secrete key to the initial cipher and the stream cipher, and also the key code input information to the stream cipher, if the input information transferred from the keyboard is for secure mode setup.
  • the initial cipher encrypts the secrete key with the secure key, and sends the encrypted secrete key to the keyboard manager of the computer system through the computer connection by the transmit/receive control on the computer.
  • the stream cipher transfers the encrypted information to the keyboard manager of the computer system through the computer connection by the transmit/receive control of the computer after encrypting the key code input information, using the secrete key transmitted from the main processor.
  • the process to handle the encrypted key code input information, transferred to the keyboard manager, in the computer system is referred to the details described before on the Fig.3 basis.
  • the clear command is transferred to the main processor and the stream cipher by the transmit/receive control on the computer or the transmit/receive control on the keyboard.
  • the main processor turns off the secure mode indication lamp and transfers the secure mode clearing command to the stream cipher.
  • key code values transferred from the keyboard are transferred to the computer system through the computer connection by the transmit/receive control on the computer, without encryption in the stream cipher.
  • the secure adapter goes in the disabled secure mode, and the main processor sends periodical ON and OFF signals to the secure mode indication lamp. Then, by the keyboard manager and the decoded data transfer protocol, the disabled secure mode state may be notified on the monitor as a message type and so on, and the keyboard input information is transferred to the keyboard manager without encryption.
  • the Fig.8 shows the data storage process after encrypting data in the secure adapter with the incorporated safe memory
  • the Fig.9 shows the process to decode the encrypted data.
  • Fig. 1 shows a configuration of the module as an embodiment of a secure adapter according to the present invention
  • Fig. 2 shows a view of an embodiment of a secure adapter, of the present invention, with connection between a computer system and a keyboard using cables;
  • Fig. 3 shows a schematical diagram of a computer system in a computer secure system of the present invention
  • Fig. 4 shows a configuration of a module that the safe memory is incorporated to a secure adapter of the Fig.l;
  • Fig. 5 shows steps for secure mode setup in the present invention;
  • Fig. 6 shows steps for clearing secure mode in the present invention;
  • Fig. 7 shows steps for processing key code input information under secure mode;
  • Fig. 8 shows steps for encrypting and storing data in a secure adapter of the Fig. 4;
  • Fig. 9 shows steps for decoding stored data in a secure adapter of the Fig. 4.
  • the secure adapter and the secure computer system employing thereof of the invention are used, it is possible to prevent third person from intruding into the computer system by hacking and stealing user's secrete data, for stock exchange, Internet banking, cyber transactions and other communications over the Internet, modem communications or for network data transfer.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Human Computer Interaction (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Input From Keyboards Or The Like (AREA)
EP00948363A 1999-07-29 2000-07-27 ADAPTER WITH SAFE FUNCTION AND COMPUTER SYSTEM ON USING THE SAME Withdrawn EP1121781A4 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
KR9931145 1999-07-29
KR1019990031145A KR20010011667A (ko) 1999-07-29 1999-07-29 보안 기능을 갖는 키보드 및 이를 이용한 시스템
PCT/KR2000/000811 WO2001010079A1 (en) 1999-07-29 2000-07-27 Adapter having secure function and computer secure system using it

Publications (2)

Publication Number Publication Date
EP1121781A1 EP1121781A1 (en) 2001-08-08
EP1121781A4 true EP1121781A4 (en) 2004-07-28

Family

ID=19605639

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00948363A Withdrawn EP1121781A4 (en) 1999-07-29 2000-07-27 ADAPTER WITH SAFE FUNCTION AND COMPUTER SYSTEM ON USING THE SAME

Country Status (5)

Country Link
EP (1) EP1121781A4 (ko)
JP (1) JP2003506921A (ko)
KR (2) KR20010011667A (ko)
CN (1) CN1319294A (ko)
WO (1) WO2001010079A1 (ko)

Families Citing this family (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100402358B1 (ko) * 2001-03-02 2003-10-22 설동석 간접적인 패스워드 입력을 통한 사용자 확인방법 및 그 장치
KR20010082420A (ko) * 2001-06-19 2001-08-30 서정욱 범용 직렬 버스용 암복호화 장치
WO2003003170A1 (en) * 2001-06-27 2003-01-09 Nokia Corporation Personal user device and method for selecting a secured user input/ output mode in a personal user device
EP1286242A1 (en) * 2001-08-22 2003-02-26 Sonera SmartTrust, Ltd. System and method for protected data input of security data
KR100378586B1 (ko) * 2001-08-29 2003-04-03 테커스 (주) 엑티브엑스 기반의 키보드 해킹 방지 방법 및 장치
KR100447777B1 (ko) * 2002-07-24 2004-09-08 주식회사 잉카인터넷 키 스트록 데이터의 해킹 방지 방법 및 이를 기록한컴퓨터로 읽을 수 있는 기록매체
KR100735727B1 (ko) * 2003-04-24 2007-07-06 테커스 (주) 가상 데이터 전송을 이용한 키보드 해킹 방지 장치 및 방법
US20050015611A1 (en) * 2003-06-30 2005-01-20 Poisner David I. Trusted peripheral mechanism
US20040268143A1 (en) * 2003-06-30 2004-12-30 Poisner David I. Trusted input for mobile platform transactions
BR0302727A (pt) * 2003-07-08 2005-03-29 Guido Costa Souza De Araujo Cifrador externo de teclado
CN1918556A (zh) 2004-02-05 2007-02-21 Kings情报通信 使用安全输入装置驱动器的计算机安全装置和方法
JP4636809B2 (ja) * 2004-03-31 2011-02-23 富士通フロンテック株式会社 情報処理端末およびその情報安全保護方法
CN100345078C (zh) * 2004-07-09 2007-10-24 中国民生银行股份有限公司 计算机键盘信息干扰实现密码保护的方法
DE102005008433A1 (de) * 2005-02-24 2006-08-31 Giesecke & Devrient Gmbh Sicherheitsmodul
US8250151B2 (en) 2005-10-12 2012-08-21 Bloomberg Finance L.P. System and method for providing secure data transmission
KR100734145B1 (ko) * 2005-10-12 2007-07-03 주식회사 안철수연구소 키보드 데이터 인증을 이용한 키 입력 도용 방지 방법
WO2007061147A1 (en) * 2005-11-24 2007-05-31 Softcamp Co., Ltd. Guarding method for input data by usb keyboard and guarding system
US8146164B2 (en) * 2006-01-24 2012-03-27 Eshun Kobi O Method and apparatus for thwarting spyware
JP4780304B2 (ja) 2006-02-13 2011-09-28 株式会社メガチップス 半導体メモリおよびデータアクセス方法
US20080120511A1 (en) * 2006-11-17 2008-05-22 Electronic Data Systems Corporation Apparatus, and associated method, for providing secure data entry of confidential information
IL180020A (en) 2006-12-12 2013-03-24 Waterfall Security Solutions Ltd Encryption -and decryption-enabled interfaces
IL180748A (en) 2007-01-16 2013-03-24 Waterfall Security Solutions Ltd Secure archive
US20080263672A1 (en) * 2007-04-18 2008-10-23 Hewlett-Packard Development Company L.P. Protecting sensitive data intended for a remote application
WO2009018685A1 (fr) * 2007-08-08 2009-02-12 Kamfu Wong Dispositif et méthode de chiffrement et d'authentification anti-cheval de troie utilisant une clef à usage unique
US8793786B2 (en) * 2008-02-08 2014-07-29 Microsoft Corporation User indicator signifying a secure mode
IL192043A0 (en) * 2008-06-10 2009-02-11 Human Interface Security Ltd User interface for secure data entry
KR101006720B1 (ko) * 2008-07-04 2011-01-07 킹스정보통신(주) 웹 페이지에서의 비밀번호 보안방법 및 이를 실행하기 위한프로그램을 기록한 컴퓨터로 읽을 수 있는 기록매체
DE102008042180B4 (de) * 2008-09-17 2010-09-23 Zf Friedrichshafen Ag Verfahren und System zur sicheren Übertragung von Daten
DE102008050441A1 (de) * 2008-10-08 2010-04-15 Straub, Tobias Autonome Vorrichtung zum Schutz der Authentizität von in digitaler Form vorliegenden Daten
EP2184696A1 (en) * 2008-10-31 2010-05-12 Kirill Kretov Method and module for protecting a password authorizing a user access to a computer application
EP2202662A1 (en) * 2008-12-24 2010-06-30 Gemalto SA Portable security device protecting against keystroke loggers
KR101630462B1 (ko) * 2010-04-14 2016-06-14 주식회사 넥슨코리아 키보드 보안 장치 및 방법
KR101368772B1 (ko) * 2012-05-25 2014-02-28 이성만 키 입력 보호 방법과 이를 위한 키 보호 장치
LT2936369T (lt) 2012-12-21 2020-07-27 Biobex, Llc Slaptažodžio patvirtinimas, naudojant klaviatūra ir saugų slaptažodžio įvedimo režimą
CN104008327B (zh) * 2013-02-26 2017-12-01 腾讯科技(深圳)有限公司 一种安全输入方法和系统
CN104219208B (zh) 2013-06-03 2018-11-13 华为技术有限公司 一种数据输入的方法、装置
IL235175A (en) 2014-10-19 2017-08-31 Frenkel Lior Secure desktop remote control
KR101654249B1 (ko) 2015-04-07 2016-09-06 넷큐리티 주식회사 컴퓨터의 통신 인터페이스 보안 시스템
IL250010B (en) 2016-02-14 2020-04-30 Waterfall Security Solutions Ltd Secure connection with protected facilities
US10097537B2 (en) 2016-04-07 2018-10-09 At&T Intellectual Property I, L.P. Cloud-based authentication keyboard
US10872043B2 (en) * 2017-08-17 2020-12-22 Microchip Technology Incorporated Systems and methods for integrity checking of code or data in a mixed security system while preserving confidentiality
US20220147613A1 (en) * 2019-07-19 2022-05-12 Hewlett-Packard Development Company, L.P. Automatic password expiration based on password integrity
US11681798B2 (en) 2019-10-31 2023-06-20 Kyndryl, Inc. Security screening of a universal serial bus device
CN113158268B (zh) * 2021-04-28 2022-10-21 福建金成信息科技有限公司 一种计算机软件加密保护装置

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0272230A2 (en) * 1986-12-15 1988-06-22 DE LA RUE INTER INNOVATION Aktiebolag An operator console for data communication purposes
EP0587375A2 (en) * 1992-09-04 1994-03-16 ALGORITHMIC RESEARCH Ltd. Security unit for data processor systems
EP0588471A2 (en) * 1992-09-17 1994-03-23 International Business Machines Corporation Trusted personal computer system with identification
US5596718A (en) * 1992-07-10 1997-01-21 Secure Computing Corporation Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor
WO1997016779A2 (de) * 1995-11-03 1997-05-09 Esd Information Technology Entwicklungs Gmbh Eingabesicherungs- und transaktionseinheit für digitale informationen und verfahren zur eingabesicherung und für transaktionen von digitalen informationen
US5864666A (en) * 1996-12-23 1999-01-26 International Business Machines Corporation Web-based administration of IP tunneling on internet firewalls

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5214429A (en) * 1990-09-20 1993-05-25 R.E.T.S. Sales And Service, Inc. Computer method utilizing keyboard adapter
US5388156A (en) * 1992-02-26 1995-02-07 International Business Machines Corp. Personal computer system with security features and method
US5550984A (en) * 1994-12-07 1996-08-27 Matsushita Electric Corporation Of America Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information
DE69601560T2 (de) * 1995-07-17 1999-07-01 Toyota Jidosha K.K., Toyota, Aichi Polypropylen-Harzmasse
KR100281869B1 (ko) * 1995-07-28 2001-02-15 윤종용 보안 기능을 갖는 개인용 컴퓨터, 그의 보안 방법 및 그 보안 장치의 설치 및 제거방법

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0272230A2 (en) * 1986-12-15 1988-06-22 DE LA RUE INTER INNOVATION Aktiebolag An operator console for data communication purposes
US5596718A (en) * 1992-07-10 1997-01-21 Secure Computing Corporation Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor
EP0587375A2 (en) * 1992-09-04 1994-03-16 ALGORITHMIC RESEARCH Ltd. Security unit for data processor systems
EP0588471A2 (en) * 1992-09-17 1994-03-23 International Business Machines Corporation Trusted personal computer system with identification
WO1997016779A2 (de) * 1995-11-03 1997-05-09 Esd Information Technology Entwicklungs Gmbh Eingabesicherungs- und transaktionseinheit für digitale informationen und verfahren zur eingabesicherung und für transaktionen von digitalen informationen
US5864666A (en) * 1996-12-23 1999-01-26 International Business Machines Corporation Web-based administration of IP tunneling on internet firewalls

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SCHNEIER B: "Applied Cryptography, Second Edition", APPLIED CRYPTOGRAPHY. PROTOCOLS, ALGORITHMS, AND SOURCE CODE IN C, NEW YORK, JOHN WILEY & SONS, US, 1996, pages 31 - 38150, XP002248999, ISBN: 0-471-11709-9 *
See also references of WO0110079A1 *

Also Published As

Publication number Publication date
KR100334720B1 (ko) 2002-05-06
JP2003506921A (ja) 2003-02-18
KR20010011667A (ko) 2001-02-15
WO2001010079A1 (en) 2001-02-08
EP1121781A1 (en) 2001-08-08
KR20010075411A (ko) 2001-08-09
CN1319294A (zh) 2001-10-24

Similar Documents

Publication Publication Date Title
WO2001010079A1 (en) Adapter having secure function and computer secure system using it
US7366916B2 (en) Method and apparatus for an encrypting keyboard
KR101130415B1 (ko) 비밀 데이터의 노출 없이 통신 네트워크를 통해 패스워드 보호된 비밀 데이터를 복구하는 방법 및 시스템
EP2332089B1 (en) Authorization of server operations
US7389536B2 (en) System and apparatus for limiting access to secure data through a portable computer to a time set with the portable computer connected to a base computer
RU2371756C2 (ru) Безопасная связь с клавиатурой или родственным устройством
JP5344716B2 (ja) モバイルデバイスからコンピュータへのセキュアな遠隔での起動、ブート、およびログイン方法、システム及びプログラム
EP1415430B1 (en) A method and a system for processing information in an electronic device
RU2352986C2 (ru) Динамическая подстановка данных usb для оперативного шифрования/расшифровки
US8250151B2 (en) System and method for providing secure data transmission
US7085385B2 (en) Method and apparatus for initiating strong encryption using existing SSL connection for secure key exchange
EP2080148B1 (en) System and method for changing a shared encryption key
US20070101401A1 (en) Method and apparatus for super secure network authentication
US20060048227A1 (en) Client apparatus, server apparatus and authority control method
CA2272894A1 (en) Information security method and apparatus
CN116070241A (zh) 一种移动硬盘加密控制方法
KR100562981B1 (ko) 개인용 팜 컴퓨터로부터 월드와이드웹 단말기로의 무선전송 암호화 시스템
US20060277301A1 (en) File protection for a network client
KR100998214B1 (ko) 스니핑 방지를 위한 키보드 보안 장치 및 방법
US8904487B2 (en) Preventing information theft
CN101008927A (zh) 信息处理装置、便携终端装置及信息处理执行控制方法
CN111291398A (zh) 基于区块链的认证方法、装置、计算机设备及存储介质
US20030101360A1 (en) Method for industrially changing the passwords of AIX/UNIX users
KR100379675B1 (ko) 보안기능을 갖는 어댑터 및 이를 이용한 컴퓨터 보안 시스템
CN115146284A (zh) 数据处理方法、装置、电子设备和存储介质

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17P Request for examination filed

Effective date: 20010705

A4 Supplementary search report drawn up and despatched

Effective date: 20040611

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20040909