KR101278726B1 - Apparautus for inputting user data and method for securiting user data - Google Patents
Apparautus for inputting user data and method for securiting user data Download PDFInfo
- Publication number
- KR101278726B1 KR101278726B1 KR1020120141670A KR20120141670A KR101278726B1 KR 101278726 B1 KR101278726 B1 KR 101278726B1 KR 1020120141670 A KR1020120141670 A KR 1020120141670A KR 20120141670 A KR20120141670 A KR 20120141670A KR 101278726 B1 KR101278726 B1 KR 101278726B1
- Authority
- KR
- South Korea
- Prior art keywords
- data
- keyboard
- user data
- key
- text data
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/01—Input arrangements or combined input and output arrangements for interaction between user and computer
- G06F3/02—Input arrangements using manually operated switches, e.g. using keyboards or dials
- G06F3/023—Arrangements for converting discrete items of information into a coded form, e.g. arrangements for interpreting keyboard generated codes as alphanumeric codes, operand codes or instruction codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Human Computer Interaction (AREA)
- Virology (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
Description
The present invention relates to a user data input device and a user data security method. More particularly, the present invention encrypts text data among key input data generated corresponding to a key signal input from a keyboard and transmits the text data to a host computer. The present invention relates to an apparatus and a method for displaying a, and executing a corresponding application with decrypted text data to fundamentally enhance security of user data.
Personal computers (PCs) use open input / output devices and operating systems (OSs) so that spyware, Trojan horses, or keyloggers can be stored on the PC and do something without the user's knowledge.
Here, keyloggers can log all data from the user's keyboard without user's knowledge, and anti-spyware programs detect keyloggers using signature recognition technology, so they can only detect spyware after they are detected. This is possible.
As a result, the number of online users is rapidly increasing and it has always been a threat to the PC.
However, keylogger creators can avoid being detected by anti-spyware programs simply by changing their signatures, and the issue of online gamers stealing their accounts and theft of items is no longer news.
On the other hand, recently, there have been accidents in which a hacker hides money from a user's bank account by hacking a PC user's bank account and password with a key logger hidden by a hacker.
After all, the damage caused by these keyloggers is due to the use of open systems in both hardware and software.
To solve the damage to these keyloggers, the user data packets are encrypted and transmitted from the entry point of the user data to the end point where the user data reaches the host computer so that the user data is encrypted before being output from the keyboard, and the encrypted user Logic is required to decrypt the data through the specified application.
The present invention has been made to solve the above problems, an object of the present invention is to generate the key input data according to the protocol of the key signal corresponding to the corresponding key of the keyboard portion, the text data when the generated key input data is text data A user who can enhance the security of the key input data by encrypting and transmitting it to the host computer, receiving the key input data transmitted from the host computer, and decrypting and executing the application with the decrypted text data. Another object of the present invention is to provide a data input device and a method of securing user data using the same.
Another object of the present invention is to encrypt text data of key input data in a reduced instruction set compute (RISC) processor-based operating system, and to use an open application program interface (API), a library utility, and a high-level language of a Windows operating system. By decrypting the encrypted text data based on the above, it is intended to provide a user data input device and a user data security method using the same to protect the key input data from the key logger without changing the bus and / or driver that delivers the key input data. have.
Another object of the present invention is to manage and control a user data input apparatus through a low level language, and to encrypt and transmit text data among key input data, so as to protect the key input data from a key logger, and It is to provide a user data security method using the same.
Still another object of the present invention is to provide a user data input device that receives key input data processed according to a processable protocol, encrypts text data, and then transmits the user data input device as one or a separate adapter and is provided as a separate device. By embedding in a keyboard or host computer, the user data input device and user data security using the same can provide compatibility with the types of keyboards and fundamentally solve the limitation of the installation space for the user data input device. To provide a method.
A user data input system according to an aspect of the present invention for achieving the above object,
Keyboard and keyboard
A host computer for displaying key input data corresponding to the key signal of the keyboard;
The keyboard is
A user data input device for encrypting text data among key input data corresponding to a key signal of the keyboard and transmitting user data including one of encrypted text data and control data,
The host computer,
And a user data processing device that receives the user data through the user data input device, decrypts the encrypted text data, and executes the corresponding application with the decrypted text data.
Preferably, the user data input device,
A keyboard interface for generating keyboard information indicating a keyboard type according to an output port of a key signal of the keyboard and receiving and transmitting a protocol corresponding to the keyboard information from a host computer;
A keyboard command processor for storing commands for each key of a keyboard set based on a protocol received through the keyboard interface;
A keyboard matrix scan control unit which scans a pressed key of the keyboard unit and transmits a corresponding key signal;
A key input for receiving a command corresponding to a key signal scanned through the keyboard matrix scan control unit from the keyboard command processor to generate key input data for the corresponding key signal, and transmitting the text data when the key input data is text data A data generator,
An encryption module for receiving the text data generated by the key input data generator and encrypting the received text data according to a predefined parameter to transfer the encrypted text to the key input data generator;
The key input data generator,
And transmit key input data of one of text data and control data encrypted by the encryption module to the user data processing apparatus through the keyboard interface.
Preferably the keyboard information is
It is derived based on a key signal input through the bus and is characterized in that it is one of PS2 and USB.
Preferably the user data input device is
When the keyboard information is one of PS2 and USB, key input data is generated according to a KBC-based protocol.
Preferably the user data processing device,
An application client unit for transferring user data received through the keyboard interface;
If the user data provided from the application client unit is text, the encrypted text data is displayed on the screen, and the encrypted server provides the encrypted text to the decryption server to execute the application server based on the decrypted text data on the decryption server. It is characterized by including
A user data input system according to an aspect of the present invention for achieving the above object,
Keyboard and keyboard
A host computer displaying a key signal received via the keyboard;
Processing the key signal of the keyboard according to a corresponding protocol to generate key input data, encrypting the text data when the generated key input data is text data, and transferring one of the encrypted text data and the control data to the host computer. Further comprising a user data input device,
The host computer,
Receiving the encrypted text data through the user data input device to display the encrypted text data on the screen, and after decrypting the encrypted text data, the user data processing device for executing the application based on the decrypted text data further It is characterized by including.
Preferably the user data input device,
A keyboard interface for receiving key signals of the keyboard;
Derive keyboard information indicating the type of keyboard based on the input port of the key signal received through the keyboard interface, and generate key input data including one of text data and control data according to a protocol set based on the derived keyboard information; A keyboard protocol analysis and generation unit for transmitting one of encrypted text data and control data as user data;
An encryption module for receiving parameters supplied from the user data processing device of the host computer through the keyboard protocol analysis and generation unit, encrypting the text data of the keyboard protocol analysis and generation unit according to the parameters, and transmitting the encrypted data to the keyboard protocol analysis and generation unit. and,
A host interface for transferring the parameters provided from the user data processing device to the keyboard protocol analysis and generation unit to pass one of the encrypted text data and control data of the keyboard protocol analysis and generation unit as user data to the user data processing device. Characterized in that it comprises a.
Preferably, the user data input device,
If the keyboard information analyzed by the keyboard protocol analysis and generation unit is one of PS2 and USB further comprises a KBC command processor for receiving a KBC-based command from the host computer through the host interface,
The keyboard protocol analysis and generation unit,
And process key input data of a keyboard according to a KBC command supplied from the KBC command processor to generate key input data, and provide text data to the encryption module when the generated key input data is text data. .
Preferably, the user data input device,
Implemented as a single adapter is characterized in that it is provided to be built in the keyboard.
Preferably the user data processing device,
An application client unit for transmitting the encrypted text data and control data to a decryption server through a communication network to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer;
And receiving an encrypted text data and displaying the same on a screen, and receiving an decrypted text data from the decryption server and executing an application.
User data security method using a user data input system according to another aspect of the present invention for achieving the above object,
a) Process the key signals of the keyboard according to the predefined protocol to generate key input data, and if the generated key input data is text data, encrypt the text data and then use one of the encrypted text data and the control data. Entering user data into the data,
b) a user data processing step of receiving the user data, displaying encrypted text data on a screen, decrypting the encrypted data, and executing the corresponding application with the decrypted text data.
Preferably the user data input step,
Receives commands for each key of each keyboard set based on a protocol capable of processing key signals of the keyboard supplied from the outside,
After generating the key signal by scanning the pressed key of the user's keyboard, the key input data for the corresponding key is generated according to the command corresponding to the generated key signal, and encrypted if the key input data is text data.
And transmit one of the encrypted text data and the control data to the user data processing step.
Preferably the user data processing step,
In order to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer, an application client unit transmits encrypted text data among the received user data to a decryption server,
The application server is characterized in that it is provided to display the encrypted text data on the screen and to execute the application with the decrypted text data on the decryption server.
Preferably the user data processing step,
Generating a page requesting input of user information including an ID and a password for login in the application client unit and transmitting the generated page to the application server;
Activating a keylogger prevention flag in the application client unit in response to a request for activating a keylogger prevention flag of the application server;
Setting a parameter for encrypting text data among key input data and transmitting the same to the user data input device to perform keylogger prevention in the decryption server;
Receiving user data comprising one of text data and control data encrypted based on the received parameters;
Displaying the encrypted text data on an input window of a page requesting input of user information including an ID and a password for login;
And decrypting the encrypted text data in a decryption server and transferring the encrypted text data to the application server to execute the corresponding application.
As described above, according to an exemplary embodiment of the present invention, a key signal input through a keyboard is encrypted and transmitted to a host computer by encrypting text data among key input data generated corresponding to the key signal input from the keyboard and encrypting the text data. In addition, the application can be executed with the decrypted text data to fundamentally enhance the security of the user data.
According to an embodiment of the present invention, the RISC processor-based operating system encrypts text data among key input data and decrypts encrypted text data based on an open API, a library utility, and a high level language of the Windows operating system. The keystroke data can be protected without changing the bus and / or driver that carries the keystroke data.
According to an embodiment of the present invention, key input data can be fundamentally protected by managing and controlling the device and the server through a low level language, and encrypting and transmitting text data among the key input data.
In addition, according to an embodiment of the present invention, a user data input device that receives key input data processed according to a processable protocol, encrypts text data, and then transmits the text data is implemented as a separate device by implementing the keyboard and one adapter. By embedding in the keyboard or the host computer, it is possible to provide compatibility with the types of keyboards and to fundamentally solve the limitation of the installation space for the user data input device.
1 is a diagram illustrating a configuration of a user data input system according to an exemplary embodiment of the present invention.
FIG. 2 is a diagram illustrating a configuration of a user data input device of the user data input system shown in FIG. 1.
3 is a diagram illustrating a configuration of a user data processing apparatus shown in FIG. 1.
4 is a diagram illustrating a configuration of a user data input system according to another embodiment of the present invention.
FIG. 5 is a diagram illustrating a configuration of a user data input device shown in FIG. 4.
FIG. 6 is an exemplary view illustrating another configuration of the user data input device illustrated in FIG. 4.
FIG. 7 is a diagram illustrating a configuration of the user data processing apparatus shown in FIG. 4.
8 is a flowchart illustrating a process of protecting user data using a user data input system according to another embodiment of the present invention.
FIG. 9 is a flowchart illustrating a process of inputting user data shown in FIG. 8.
FIG. 10 is a flowchart illustrating the user data processing process illustrated in FIG. 8 in more detail.
For a better understanding of the present invention and its operational advantages and the objects attained by the practice of the present invention, reference should be made to the accompanying drawings and the accompanying drawings which illustrate preferred embodiments of the present invention.
BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, the present invention will be described in detail with reference to the preferred embodiments of the present invention with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.
In the following description, specific details are set forth in order to provide a more thorough understanding of the present invention. In the following description of the present invention, detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.
1 is a diagram illustrating a configuration of a user data input system according to an exemplary embodiment of the present invention, which includes a
As shown in FIG. 1, a user data input system according to an exemplary embodiment of the present invention may include a user
Here, the user
That is, as shown in FIG. 2, the user
Here, the
In addition, the
On the other hand, the keyboard matrix
When the key signal is received by the key
The
In this case, the key
That is, the keyboard information is derived from a key signal of a keyboard provided through the PS2 or USB port, and the received key signal based on the PS2 or USB protocol is processed according to the derived keyboard information to generate key input data. The keyboard is equipped with one of PS2 and USB, wired and wireless, ATM and POS terminals.
In this case, when the keyboard information is PS2 or USB, the received key signal is processed based on a KBC-based protocol to generate key input data.
Table 1 below shows an example of the PS2 case and omits the USB case. That is, when the keyboard information is PS2, the PS2 keyboard command is written by writing byte data to the IO port 60h using the KBC-based protocol of the
Table. 1
Format: FF FA AA
Typically, this command is an error condition found by the software.
Used to indicate (parity error).
Format: FE FA RR (RR is the last byte sent to the host)
Default
Format: F6 FA
Format: F5 FA
Format: F4 FA
Typematic
Rate /
Delay
Format: F3 FA WW FA (WW is argument byte written from IO port 0x60)
Device ID
Format: F2 FA AB 41
Set code
Format 1: F0 FA WW FA (WW is not 0)
Format 2: F0 FA 00 FA RR (RR is the current Scan Code Set responded)
Format: EE EE
LED State Setting
Format: ED FA WW FA
Bit0 ~ 2 of WW is the value to set LED state.
Bit 0: Scroll Lock LED off (0) / on (1)
Bit 1: Num Lock LED off (0) / on (1)
Bit 2: Caps Lock LED off (0) / on (1)
In addition, the commands of the
The key signal of the keyboard generated when the keyboard
For example, it is achieved by a special function in the key
The key input data protocol between the
(All Make and Break codes are hexadecimal.)
According to Table 2 above, the make and break keys differ in that F0 is in front. Accordingly, the key input
Therefore, the control keys are kept the same as those of the general keyboard, so that the application server and the operating system of the user
The
Format: 30 FA
Format: 31 FA
AA, BB... HHs are Translate ID (TID) with an 8 byte sequence.
AA is LSB, HH is MSB.
Format: 33 FA AA BB CC DD EE FF GG HH
AA, BB... HHs are Device Serial IDs (SIDs) in an 8 byte sequence. AA is LSB, HH is MSB
Format: 34 FA .... (followed by 64 bytes), (
In addition, there is another implementation method that can make the parameter setting of the
Meanwhile, as illustrated in FIG. 3, the user data processing apparatus 330 includes an application client unit 331, a decryption server 332, and an application server 333.
The application client unit 331 is provided to transfer key input data received through the keyboard interface. That is, in order to protect the key input data received from the keylogger installed in the OS operating system of the host computer, the key input data of the user
When the received key input data is text, the application client unit 331 provides the encrypted text data to the decryption server 332, and the decryption server 332 decrypts the encrypted text according to a preset parameter so that the application server ( 333).
The application server 333 is provided to execute a response to the control data when the key input data is the control data and to execute a response to the text data supplied to the decryption server 332.
In this case, as shown in FIG. 10, since the text data of the encrypted key input data is displayed instead of the key input signal corresponding to the key signal input through the
4 is a diagram illustrating a configuration of a user data input system implementing the user
As shown in FIG. 4, a user data input system according to an embodiment of the present invention includes a
As illustrated in FIG. 5, the user
In an embodiment of the present disclosure, detailed descriptions of components having the same configuration in the user data input device and the user data processing device shown in FIG. 1 will be omitted.
However, the functions of the
In addition, the keyboard protocol analysis and
That is, the keyboard protocol analysis and
In other words, the keyboard protocol analysis and
The keyboard protocol analysis and
FIG. 7 is a diagram illustrating another embodiment of the host interface of the user data input apparatus illustrated in FIG. 5. When the keyboard is PS2, the
That is, the KBC-based user
Table 4
Data
Output
If no instruction is disclosed, the data comes from the keyboard device or mouse device depending on the state of 64h (KBC state) bits 0 and 5 OBF. If data is coming from the keyboard device, the format can be either
Data
Input
There is no KBC instruction before write IO 60h.
Write IO 60h is a keyboard device command for the PS2 keyboard device. PS2 keyboard device commands are listed in Tables 1 and 3. The PS2 mouse command must first start the KBC command D4h before writing IO 60h to the mouse device.
Command
Status
Bit0: OBF, Output Buffer Full flag.
Bit1: IBF, Input Buffer Full flag.
Bit2: System Flag, indicates that the system POST has finished.
Bit3: A2, address bit for last write IO 60h (0) or 64h (1).
Bit4: Uninhibited, indicating that the keyboard is inhibited.
Bit5: For AUX OBF, PS2 mouse data output flag. Bit6: Indicate normal timeout, PS2 BUS timeout condition
Bit7: Parity Error, PS2 BUS Parity Error Condition Display
Table 5
Bit0: IRQ1 enable
Bit1: IRQ12 enable
Bit2: System flag
Bit3: Inhibit override
Bit4: Keyboard device disable
Bit5: mouse device disable
Bit6: Scan Code Conversion
1: KBC converts Set 2 to Set 1 Scan Code.
0: KBC cannot convert Set 2 to Set 1 Scan Code
Bit7: NA
Port 60h commands are for keyboard or mouse devices
Here, to support the keylogger prevention function of the KBC-based
Format: 30
Format: 31
Format: 32 AA BB CC DD EE FF GG HH
AA, BB... HHs are Translate ID (TID) of 8 byte sequence.
AA is LSB, HH is MSB
Format: 34 ... (following 64 bytes), (
Accordingly, the KBC-based
Meanwhile, as illustrated in FIG. 7, the user
Since the components of the user
8 is a flowchart illustrating an operation process of the user data input system illustrated in FIGS. 1 and 4, FIG. 9 is a flowchart illustrating the user data input process illustrated in FIG. 8, and FIG. 10 is a user illustrated in FIG. 8. A flow chart showing the data processing process in more detail.
A user data protection process using the user data input system according to another embodiment of the present invention will be described in more detail with reference to FIGS. 1 to 9.
First, in
Here, the user data input step of the
First, through
The user
Meanwhile, as illustrated in FIG. 10, the user
In
Subsequently, in order to perform keylogger prevention in the decryption server, the user
Meanwhile, based on the parameter received from the user
In
That is, for example, the "xyzmn" shown in the text box of the page for entering the ID is an encrypted code (let's say the user's actual keystroke is "abcde" and the encrypted keystroke data is "xyzmn"). If the decrypted code "abcde" is delivered to the
However, if a keylogger includes a screen logger function, the user entered "abcde" may be captured by the screen logger, which may be a risk for important information such as credit card numbering, for example.
Therefore, although it is better to send the actual key input data directly to the
In an embodiment of the present invention, the actual key input data is not displayed on the screen such as a password, an account number, and the like. Output encrypted text data directly to the
In addition, the
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in the form of a program form which may be performed via a variety of computing means and recorded in a computer-readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. The program instructions recorded on the medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. The hardware device described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
Although the invention has been described with reference to illustrated embodiments, this description should not be construed in a limiting sense. Those skilled in the art will appreciate that various modifications are possible in combination with the illustrative embodiments as well as other embodiments of the invention when referring to the description. In addition, it is within the scope of the present invention to reorder the processing steps to the ordinary skill in the art, and the claims of the appended claims include all such variations or embodiments. Moreover, the scope of the embodiments of the present invention is not limited to the specific embodiments of the processes, machines, manufacture, composition of matter, means, methods and steps described in the specification of the patent. Therefore, the claims of the appended patents encompass all such scopes as processes, machines, manufactures, compositions of matter, means, methods and steps.
According to the user data input device and the method for user data security using the same according to the present invention, if the key input data processed according to the protocol of the key signal input through the keyboard is text data, the text data is encrypted and transmitted. By providing and decrypting key input data and executing a corresponding application based on the key input data, and providing a user data security method using the same, the security of the key input data can be fundamentally strengthened, and the key Key input data can be protected without changing the bus and / or driver that carries the input data, and the key input data is inherently protected. Still life It is an invention with sufficient industrial applicability.
Claims (14)
A host computer for displaying key input data corresponding to the key signal of the keyboard;
The keyboard is
A user data input device for encrypting text data among key input data corresponding to a key signal of the keyboard and transmitting user data including one of encrypted text data and control data,
The host computer,
A user data processing device which receives the user data through the user data input device, decrypts the encrypted text data, and executes the corresponding application with the decrypted text data;
The user data input device,
A keyboard interface for generating keyboard information indicating a keyboard type according to an output port of a key signal of the keyboard and receiving and transmitting a protocol corresponding to the keyboard information from a host computer;
A keyboard command processor for storing commands for each key of a keyboard set based on a protocol received through the keyboard interface;
A keyboard matrix scan control unit which scans a pressed key of the keyboard unit and transmits a corresponding key signal;
A key input for receiving a command corresponding to a key signal scanned through the keyboard matrix scan control unit from the keyboard command processor to generate key input data for the corresponding key signal, and transmitting the text data when the key input data is text data A data generator,
An encryption module for receiving the text data generated by the key input data generator and encrypting the received text data according to a predefined parameter to transfer the encrypted text to the key input data generator;
The key input data generator,
And transmit key input data of one of text data and control data encrypted by the encryption module to the user data processing apparatus through the keyboard interface.
A user data input system, which is derived based on a key signal input through a bus and is one of PS2 and USB, wired and wireless, ATM and POS terminals.
And when the keyboard information is one of PS2 and USB, generate key input data according to a KBC-based protocol.
An application client unit transferring key input data received through the keyboard interface;
If the key input data received from the application client unit is a text provided to the decryption server, the user characterized in that it comprises an application server for responding to one key input data of the text data and control data decrypted by the decryption server Data entry system.
A host computer displaying a key signal received via the keyboard;
Processing the key signal of the keyboard according to a corresponding protocol to generate key input data, encrypting the text data when the generated key input data is text data, and transferring one of the encrypted text data and the control data to the host computer. Further comprising a user data input device,
The host computer,
Receiving the encrypted text data through the user data input device to display the encrypted text data on the screen, and after decrypting the encrypted text data, the user data processing device for executing the application based on the decrypted text data further Including,
The user data input device,
A keyboard interface for receiving key signals of the keyboard;
Derive keyboard information indicating the type of keyboard based on the input port of the key signal received through the keyboard interface, and generate key input data including one of text data and control data according to a protocol set based on the derived keyboard information; A keyboard protocol analysis and generation unit for transmitting one of encrypted text data and control data as user data;
An encryption module for receiving parameters supplied from the user data processing device of the host computer through the keyboard protocol analysis and generation unit, encrypting the text data of the keyboard protocol analysis and generation unit according to the parameters, and transmitting the encrypted data to the keyboard protocol analysis and generation unit. and,
A host interface for transferring the parameters provided from the user data processing device to the keyboard protocol analysis and generation unit to pass one of the encrypted text data and control data of the keyboard protocol analysis and generation unit as user data to the user data processing device. User data input system comprising a.
If the keyboard information analyzed by the keyboard protocol analysis and generation unit is one of PS2 and USB further comprises a KBC command processor for receiving a KBC-based command from the host computer through the host interface,
The keyboard protocol analysis and generation unit,
And processing key signals of a keyboard according to a KBC command supplied from the KBC command processor to generate key input data, and when the generated key input data is text data, provide text data to the encryption module. User Data Entry System.
User data input system, characterized in that provided as implemented in one adapter to be installed in one of the keyboard or the host computer.
An application client unit for transmitting the encrypted text data and control data to a decryption server through a communication network to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer;
And an application server configured to receive the encrypted text data on a screen and receive the decrypted text data from the decryption server to execute the corresponding application.
b) a user data processing step of receiving the user data, displaying encrypted text data on a screen, decrypting the encrypted data, and executing the corresponding application with the decrypted text data;
The user data input step,
Receives commands for each key of each keyboard set based on a protocol capable of processing key signals of the keyboard supplied from the outside,
After generating the key signal by scanning the pressed key of the user's keyboard, the key input data for the corresponding key is generated according to the command corresponding to the generated key signal, and encrypted if the key input data is text data.
And transmitting one of the encrypted text data and the control data to the user data processing step.
In order to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer, an application client unit transmits encrypted text data among the received user data to a decryption server,
And an application server configured to display the encrypted text data on the screen and to execute the corresponding application with the decrypted text data on the decryption server.
Generating a page requesting input of user information including an ID and a password for login in the application client unit and transmitting the generated page to the application server;
Activating a keylogger prevention flag in the application client unit in response to a request for activating a keylogger prevention flag of the application server;
Setting a parameter for encrypting text data among key input data and transmitting the same to the user data input device to perform keylogger prevention in the decryption server;
Receiving user data comprising one of text data and control data encrypted based on the received parameters;
Displaying the encrypted text data on an input window of a page requesting input of user information including an ID and a password for login;
And decrypting the encrypted text data in a decryption server and transferring the encrypted text data to the application server to execute a corresponding application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020120141670A KR101278726B1 (en) | 2012-12-07 | 2012-12-07 | Apparautus for inputting user data and method for securiting user data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020120141670A KR101278726B1 (en) | 2012-12-07 | 2012-12-07 | Apparautus for inputting user data and method for securiting user data |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101278726B1 true KR101278726B1 (en) | 2013-07-02 |
Family
ID=48996088
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020120141670A KR101278726B1 (en) | 2012-12-07 | 2012-12-07 | Apparautus for inputting user data and method for securiting user data |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101278726B1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101688630B1 (en) * | 2015-09-15 | 2016-12-21 | 한국전자통신연구원 | Keyboard apparatus and data communication method using the same |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20030036276A (en) * | 2003-02-07 | 2003-05-09 | 킹스정보통신(주) | Computer Security System using secure input device driver |
KR20060059779A (en) * | 2004-11-29 | 2006-06-02 | 주식회사 안철수연구소 | Method and device for protecting file data by using real time decryption technics |
-
2012
- 2012-12-07 KR KR1020120141670A patent/KR101278726B1/en active IP Right Grant
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20030036276A (en) * | 2003-02-07 | 2003-05-09 | 킹스정보통신(주) | Computer Security System using secure input device driver |
KR20060059779A (en) * | 2004-11-29 | 2006-06-02 | 주식회사 안철수연구소 | Method and device for protecting file data by using real time decryption technics |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101688630B1 (en) * | 2015-09-15 | 2016-12-21 | 한국전자통신연구원 | Keyboard apparatus and data communication method using the same |
US10255426B2 (en) | 2015-09-15 | 2019-04-09 | Electronics And Telecommunications Research Institute | Keyboard device and data communication method using the same |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20090144558A1 (en) | Method For Anit-Keylogger | |
US7224801B2 (en) | Wireless secure device | |
US8572403B2 (en) | Digital video guard | |
US8959350B2 (en) | Token for securing communication | |
TW201539247A (en) | Password input and verification method and system thereof | |
US8712049B2 (en) | System for implementing dynamic pseudorandom keyboard remapping | |
US20100023750A1 (en) | System and Method for Controllably Concealing Data from Spying Application | |
CN103929306A (en) | Intelligent secret key device and information management method of intelligent secret key device | |
US20100195825A1 (en) | Keystroke encryption system | |
US20090066543A1 (en) | Method for implementing dynamic pseudorandom keyboard remapping | |
CN101685425A (en) | Mobile storage device and method of encrypting same | |
TWI476625B (en) | Data security management systems and methods | |
CN109165531B (en) | AES mask method, electronic equipment and storage medium | |
CN101770559A (en) | Data protecting device and data protecting method | |
CN104915583A (en) | Interface decryption processing method and mobile terminal | |
CN103107883A (en) | Safe protection method of personal identification number (PIN) and client | |
KR101278726B1 (en) | Apparautus for inputting user data and method for securiting user data | |
US20150156195A1 (en) | Method for protecting data on a mass storage device and a device for the same | |
KR100998214B1 (en) | Apparatus for and method of securing keyboard to evade stealth sniffing | |
KR20020048313A (en) | Method for preventing key board hacking | |
KR101267875B1 (en) | Apparatus for message encryption and decryption using virtual keyboard and recording medium storing program for executing method of the same in computer | |
CN101751522B (en) | Method, device and system for preventing keys of keyboard from being logged | |
CN100552649C (en) | Hard disc enciphering system based on MEMS coded lock and FPGA | |
KR101318668B1 (en) | Portable memory card having information security function | |
US20100042849A1 (en) | Device and method for generating digital signatures |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
A302 | Request for accelerated examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant | ||
FPAY | Annual fee payment |
Payment date: 20160614 Year of fee payment: 4 |