KR101278726B1 - Apparautus for inputting user data and method for securiting user data - Google Patents

Apparautus for inputting user data and method for securiting user data Download PDF

Info

Publication number
KR101278726B1
KR101278726B1 KR1020120141670A KR20120141670A KR101278726B1 KR 101278726 B1 KR101278726 B1 KR 101278726B1 KR 1020120141670 A KR1020120141670 A KR 1020120141670A KR 20120141670 A KR20120141670 A KR 20120141670A KR 101278726 B1 KR101278726 B1 KR 101278726B1
Authority
KR
South Korea
Prior art keywords
data
keyboard
user data
key
text data
Prior art date
Application number
KR1020120141670A
Other languages
Korean (ko)
Inventor
김영만
Original Assignee
키다리정보통신 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 키다리정보통신 주식회사 filed Critical 키다리정보통신 주식회사
Priority to KR1020120141670A priority Critical patent/KR101278726B1/en
Application granted granted Critical
Publication of KR101278726B1 publication Critical patent/KR101278726B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/01Input arrangements or combined input and output arrangements for interaction between user and computer
    • G06F3/02Input arrangements using manually operated switches, e.g. using keyboards or dials
    • G06F3/023Arrangements for converting discrete items of information into a coded form, e.g. arrangements for interpreting keyboard generated codes as alphanumeric codes, operand codes or instruction codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Human Computer Interaction (AREA)
  • Virology (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

PURPOSE: A user data input device and a user data security method are provided to encode text data among key input data, display the encoded text data, and execute an application by using decoded text data, thereby fundamentally reinforcing security for user data. CONSTITUTION: A keyboard command processor (112) stores a command for keys of a keyboard which is set based on a protocol. A keyboard matrix scan control unit (113) transmits a key signal by scanning a pressed key. A key input data generation unit (114) receives the command corresponding to the key signal from the keyboard command processor and generates key input data for the key signal. When the key input data is text data, text data is transmitted. An encoding module (115) encodes the text data and transmits the encoded text data to the key input data generation unit. [Reference numerals] (111) Keyboard interface; (112) Keyboard command processor; (113) Keyboard matrix scan control unit; (114) Key input data generation unit; (115) Encoding module

Description

User data input device and user data security method using the same {APPARAUTUS FOR INPUTTING USER DATA AND METHOD FOR SECURITING USER DATA}

The present invention relates to a user data input device and a user data security method. More particularly, the present invention encrypts text data among key input data generated corresponding to a key signal input from a keyboard and transmits the text data to a host computer. The present invention relates to an apparatus and a method for displaying a, and executing a corresponding application with decrypted text data to fundamentally enhance security of user data.

Personal computers (PCs) use open input / output devices and operating systems (OSs) so that spyware, Trojan horses, or keyloggers can be stored on the PC and do something without the user's knowledge.

Here, keyloggers can log all data from the user's keyboard without user's knowledge, and anti-spyware programs detect keyloggers using signature recognition technology, so they can only detect spyware after they are detected. This is possible.

As a result, the number of online users is rapidly increasing and it has always been a threat to the PC.

However, keylogger creators can avoid being detected by anti-spyware programs simply by changing their signatures, and the issue of online gamers stealing their accounts and theft of items is no longer news.

On the other hand, recently, there have been accidents in which a hacker hides money from a user's bank account by hacking a PC user's bank account and password with a key logger hidden by a hacker.

After all, the damage caused by these keyloggers is due to the use of open systems in both hardware and software.

To solve the damage to these keyloggers, the user data packets are encrypted and transmitted from the entry point of the user data to the end point where the user data reaches the host computer so that the user data is encrypted before being output from the keyboard, and the encrypted user Logic is required to decrypt the data through the specified application.

The present invention has been made to solve the above problems, an object of the present invention is to generate the key input data according to the protocol of the key signal corresponding to the corresponding key of the keyboard portion, the text data when the generated key input data is text data A user who can enhance the security of the key input data by encrypting and transmitting it to the host computer, receiving the key input data transmitted from the host computer, and decrypting and executing the application with the decrypted text data. Another object of the present invention is to provide a data input device and a method of securing user data using the same.

Another object of the present invention is to encrypt text data of key input data in a reduced instruction set compute (RISC) processor-based operating system, and to use an open application program interface (API), a library utility, and a high-level language of a Windows operating system. By decrypting the encrypted text data based on the above, it is intended to provide a user data input device and a user data security method using the same to protect the key input data from the key logger without changing the bus and / or driver that delivers the key input data. have.

Another object of the present invention is to manage and control a user data input apparatus through a low level language, and to encrypt and transmit text data among key input data, so as to protect the key input data from a key logger, and It is to provide a user data security method using the same.

Still another object of the present invention is to provide a user data input device that receives key input data processed according to a processable protocol, encrypts text data, and then transmits the user data input device as one or a separate adapter and is provided as a separate device. By embedding in a keyboard or host computer, the user data input device and user data security using the same can provide compatibility with the types of keyboards and fundamentally solve the limitation of the installation space for the user data input device. To provide a method.

 A user data input system according to an aspect of the present invention for achieving the above object,

Keyboard and keyboard

A host computer for displaying key input data corresponding to the key signal of the keyboard;

The keyboard is

A user data input device for encrypting text data among key input data corresponding to a key signal of the keyboard and transmitting user data including one of encrypted text data and control data,

The host computer,

And a user data processing device that receives the user data through the user data input device, decrypts the encrypted text data, and executes the corresponding application with the decrypted text data.

Preferably, the user data input device,

A keyboard interface for generating keyboard information indicating a keyboard type according to an output port of a key signal of the keyboard and receiving and transmitting a protocol corresponding to the keyboard information from a host computer;

A keyboard command processor for storing commands for each key of a keyboard set based on a protocol received through the keyboard interface;

A keyboard matrix scan control unit which scans a pressed key of the keyboard unit and transmits a corresponding key signal;

A key input for receiving a command corresponding to a key signal scanned through the keyboard matrix scan control unit from the keyboard command processor to generate key input data for the corresponding key signal, and transmitting the text data when the key input data is text data A data generator,

An encryption module for receiving the text data generated by the key input data generator and encrypting the received text data according to a predefined parameter to transfer the encrypted text to the key input data generator;

The key input data generator,

And transmit key input data of one of text data and control data encrypted by the encryption module to the user data processing apparatus through the keyboard interface.

Preferably the keyboard information is

It is derived based on a key signal input through the bus and is characterized in that it is one of PS2 and USB.

Preferably the user data input device is

When the keyboard information is one of PS2 and USB, key input data is generated according to a KBC-based protocol.

Preferably the user data processing device,

An application client unit for transferring user data received through the keyboard interface;

If the user data provided from the application client unit is text, the encrypted text data is displayed on the screen, and the encrypted server provides the encrypted text to the decryption server to execute the application server based on the decrypted text data on the decryption server. It is characterized by including

A user data input system according to an aspect of the present invention for achieving the above object,

Keyboard and keyboard

A host computer displaying a key signal received via the keyboard;

Processing the key signal of the keyboard according to a corresponding protocol to generate key input data, encrypting the text data when the generated key input data is text data, and transferring one of the encrypted text data and the control data to the host computer. Further comprising a user data input device,

The host computer,

Receiving the encrypted text data through the user data input device to display the encrypted text data on the screen, and after decrypting the encrypted text data, the user data processing device for executing the application based on the decrypted text data further It is characterized by including.

Preferably the user data input device,

A keyboard interface for receiving key signals of the keyboard;

Derive keyboard information indicating the type of keyboard based on the input port of the key signal received through the keyboard interface, and generate key input data including one of text data and control data according to a protocol set based on the derived keyboard information; A keyboard protocol analysis and generation unit for transmitting one of encrypted text data and control data as user data;

An encryption module for receiving parameters supplied from the user data processing device of the host computer through the keyboard protocol analysis and generation unit, encrypting the text data of the keyboard protocol analysis and generation unit according to the parameters, and transmitting the encrypted data to the keyboard protocol analysis and generation unit. and,

A host interface for transferring the parameters provided from the user data processing device to the keyboard protocol analysis and generation unit to pass one of the encrypted text data and control data of the keyboard protocol analysis and generation unit as user data to the user data processing device. Characterized in that it comprises a.

Preferably, the user data input device,

If the keyboard information analyzed by the keyboard protocol analysis and generation unit is one of PS2 and USB further comprises a KBC command processor for receiving a KBC-based command from the host computer through the host interface,

The keyboard protocol analysis and generation unit,

And process key input data of a keyboard according to a KBC command supplied from the KBC command processor to generate key input data, and provide text data to the encryption module when the generated key input data is text data. .

 Preferably, the user data input device,

Implemented as a single adapter is characterized in that it is provided to be built in the keyboard.

Preferably the user data processing device,

An application client unit for transmitting the encrypted text data and control data to a decryption server through a communication network to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer;

And receiving an encrypted text data and displaying the same on a screen, and receiving an decrypted text data from the decryption server and executing an application.

User data security method using a user data input system according to another aspect of the present invention for achieving the above object,

a) Process the key signals of the keyboard according to the predefined protocol to generate key input data, and if the generated key input data is text data, encrypt the text data and then use one of the encrypted text data and the control data. Entering user data into the data,

b) a user data processing step of receiving the user data, displaying encrypted text data on a screen, decrypting the encrypted data, and executing the corresponding application with the decrypted text data.

Preferably the user data input step,

Receives commands for each key of each keyboard set based on a protocol capable of processing key signals of the keyboard supplied from the outside,

After generating the key signal by scanning the pressed key of the user's keyboard, the key input data for the corresponding key is generated according to the command corresponding to the generated key signal, and encrypted if the key input data is text data.

And transmit one of the encrypted text data and the control data to the user data processing step.

Preferably the user data processing step,

In order to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer, an application client unit transmits encrypted text data among the received user data to a decryption server,

The application server is characterized in that it is provided to display the encrypted text data on the screen and to execute the application with the decrypted text data on the decryption server.

Preferably the user data processing step,

Generating a page requesting input of user information including an ID and a password for login in the application client unit and transmitting the generated page to the application server;

Activating a keylogger prevention flag in the application client unit in response to a request for activating a keylogger prevention flag of the application server;

Setting a parameter for encrypting text data among key input data and transmitting the same to the user data input device to perform keylogger prevention in the decryption server;

Receiving user data comprising one of text data and control data encrypted based on the received parameters;

Displaying the encrypted text data on an input window of a page requesting input of user information including an ID and a password for login;

And decrypting the encrypted text data in a decryption server and transferring the encrypted text data to the application server to execute the corresponding application.

As described above, according to an exemplary embodiment of the present invention, a key signal input through a keyboard is encrypted and transmitted to a host computer by encrypting text data among key input data generated corresponding to the key signal input from the keyboard and encrypting the text data. In addition, the application can be executed with the decrypted text data to fundamentally enhance the security of the user data.

According to an embodiment of the present invention, the RISC processor-based operating system encrypts text data among key input data and decrypts encrypted text data based on an open API, a library utility, and a high level language of the Windows operating system. The keystroke data can be protected without changing the bus and / or driver that carries the keystroke data.

According to an embodiment of the present invention, key input data can be fundamentally protected by managing and controlling the device and the server through a low level language, and encrypting and transmitting text data among the key input data.

In addition, according to an embodiment of the present invention, a user data input device that receives key input data processed according to a processable protocol, encrypts text data, and then transmits the text data is implemented as a separate device by implementing the keyboard and one adapter. By embedding in the keyboard or the host computer, it is possible to provide compatibility with the types of keyboards and to fundamentally solve the limitation of the installation space for the user data input device.

1 is a diagram illustrating a configuration of a user data input system according to an exemplary embodiment of the present invention.
FIG. 2 is a diagram illustrating a configuration of a user data input device of the user data input system shown in FIG. 1.
3 is a diagram illustrating a configuration of a user data processing apparatus shown in FIG. 1.
4 is a diagram illustrating a configuration of a user data input system according to another embodiment of the present invention.
FIG. 5 is a diagram illustrating a configuration of a user data input device shown in FIG. 4.
FIG. 6 is an exemplary view illustrating another configuration of the user data input device illustrated in FIG. 4.
FIG. 7 is a diagram illustrating a configuration of the user data processing apparatus shown in FIG. 4.
8 is a flowchart illustrating a process of protecting user data using a user data input system according to another embodiment of the present invention.
FIG. 9 is a flowchart illustrating a process of inputting user data shown in FIG. 8.
FIG. 10 is a flowchart illustrating the user data processing process illustrated in FIG. 8 in more detail.

For a better understanding of the present invention and its operational advantages and the objects attained by the practice of the present invention, reference should be made to the accompanying drawings and the accompanying drawings which illustrate preferred embodiments of the present invention.

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, the present invention will be described in detail with reference to the preferred embodiments of the present invention with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.

In the following description, specific details are set forth in order to provide a more thorough understanding of the present invention. In the following description of the present invention, detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

1 is a diagram illustrating a configuration of a user data input system according to an exemplary embodiment of the present invention, which includes a keyboard 10 having a keyboard portion and a host computer 30 displaying key signals of the keyboard portion. ) Includes a user data input device 110 and the host computer 30 includes a user data processing device 310 as an example.

As shown in FIG. 1, a user data input system according to an exemplary embodiment of the present invention may include a user data input device 110 and a user data processing device installed in a host computer 30 integrally formed with the keyboard 10. 310).

Here, the user data input device 110 generates key input data by processing a key signal input from the keyboard according to a corresponding protocol, and encrypts the text data when the generated key input data is text, and encrypts the encrypted text data and And to transmit one of the unencrypted control data.

That is, as shown in FIG. 2, the user data input device 110 may include a keyboard interface 111, a keyboard command processor 112, a keyboard matrix scan control 113, a key input data generator 114, and Encryption module 115.

Here, the keyboard interface 111 is configured to generate keyboard information indicating a keyboard type according to a key signal of a keyboard and to receive and transmit a protocol corresponding to the keyboard information from the user data processing apparatus 310.

In addition, the keyboard command processor 112 stores a command for each key of the keyboard set based on a protocol received through the keyboard interface 111. The command for each key is provided to the key input data generator 113.

On the other hand, the keyboard matrix scan control unit 113 is provided to scan the pressed key of the user's keyboard portion to transmit the corresponding key signal, the key signal is provided to the key input data generation unit 114.

When the key signal is received by the key input data generator 114, the key input data generator 114 receives a command corresponding to the scanned key signal from the keyboard command processor 112 to obtain a corresponding protocol. Based on the generated key input data for the key signal, if the key input data is text data, the text data is provided to the encryption module 115.

The encryption module 115 is provided to receive the text data provided by the key input data generator 114, encrypt the received text data according to a predefined parameter, and then transmit the encrypted text data to the key input data generator 114. do.

In this case, the key input data generator 114 transmits one key input data of text data and control data encrypted by the encryption module 115 to the user data processing apparatus 330 through the keyboard interface 311. To pass.

That is, the keyboard information is derived from a key signal of a keyboard provided through the PS2 or USB port, and the received key signal based on the PS2 or USB protocol is processed according to the derived keyboard information to generate key input data. The keyboard is equipped with one of PS2 and USB, wired and wireless, ATM and POS terminals.

In this case, when the keyboard information is PS2 or USB, the received key signal is processed based on a KBC-based protocol to generate key input data.

Table 1 below shows an example of the PS2 case and omits the USB case. That is, when the keyboard information is PS2, the PS2 keyboard command is written by writing byte data to the IO port 60h using the KBC-based protocol of the host computer 30, followed by the variables shown in Table 1. . For example, the Reset command is started by writing FFh data to the IO port 60h, and the user data input device 10 of the keyboard 10 is confirmed by the user data processing device 330 of the KBC-based host computer 30. In response, FAh is returned, and the keyboard 10 continues with AAh after being reset.


Table. 1 PS2  Keyboard commands code command Description and Command Format FFh Reset Reset keyboard device. The keyboard device responds with 0xFA and sends 0xAA after reset.
Format: FF FA AA FEh Resend Answer the last byte sent by the keyboard to the host.
Typically, this command is an error condition found by the software.
Used to indicate (parity error).
Format: FE FA RR (RR is the last byte sent to the host) F6h Set
Default Set the keyboard typematic rate / delay value to the default value (10.9 cps / 500 ms) and the scan code to (2).
Format: F6 FA F5h Disable Stop keyboard, set default with "Set Default" command.
Format: F5 FA
F4h Enable Enable the keyboard after the Disable command.
Format: F4 FA
F3h Set
Typematic
Rate /
Delay
Set keyboard typematic rate and delay with one argument byte
Format: F3 FA WW FA (WW is argument byte written from IO port 0x60)
F2h Get
Device ID Keyboard responds with 2-byte device ID AB 41.
Format: F2 FA AB 41 F0h Set scan
Set code Scan Code Set settings for the keyboard device. The argument bytes 0x01, 0x02, or 0x03 select Scan Code Set 1, 2, or 3, respectively. Argument 0 gets the current Scan Code Set.
Format 1: F0 FA WW FA (WW is not 0)
Format 2: F0 FA 00 FA RR (RR is the current Scan Code Set responded) EEh Echo The keyboard responds with 0xEE.
Format: EE EE Edh Set LEDs Including Num Lock, Caps Lock, Scroll Lock
LED State Setting
Format: ED FA WW FA
Bit0 ~ 2 of WW is the value to set LED state.
Bit 0: Scroll Lock LED off (0) / on (1)
Bit 1: Num Lock LED off (0) / on (1)
Bit 2: Caps Lock LED off (0) / on (1)

In addition, the commands of the keyboard 10 are controlled by the keyboard command processor 112. The keyboard interface 111 manages the BUS interface to be PS2 or USB, and is connected to the KBC or USB host controller of the host computer 30. The keyboard command processor 11 interacts with the keyboard interface 111 via an internal signal or programming interface.

The key signal of the keyboard generated when the keyboard matrix scan controller 113 which scans one or several key input events of the keyboard 10 is pressed or released is inputted by the key input data generator 114. It is generated as data. At this time, if the pressed or released key input data is text, the key input data is encrypted by the encryption module 115, and the encrypted key input data is user data through the internal interface of the host computer 30 with the keyboard interface 111. Sent to the processing apparatus 300.

 For example, it is achieved by a special function in the key input data generator 114. The function separates the keys into text and controls so that A, B, C,... Z, 0, 1, 2,... Encrypts keystroke data only if it is text, number, or symbol, such as 9, etc., and Ctrl, Shift, Alt, F1, F2…. Do not encrypt keys, etc.

The key input data protocol between the host computer 30, the KBC-based user data processing apparatus 310, and the keyboard 10 is performed by the key input data generator 114 and the keyboard interface 111. The key input data generator 114 manages the BUS independent data protocol, but the keyboard interface 111 manages the data using the PS2 or the USB BUS interface depending on the type of keyboard. For example, PS2 keystroke data is divided into “make” key and “break” key, the make key means the key pressed by the user, and the break key means the key released by the user. The PS2 protocol defines make and break keys as shown in the following table.

Table 2 PS2  Key format ( Set Scan Code ) Make Break Key Description 01 F0 01 F9 03 F0 03 F5 04 F0 04 F3 05 F0 05 F1 06 F0 06 F2 07 F0 07 F12 08 F0 08 F13 09 F0 09 F10 0a F0 0a F8 0b F0 0b F6 0c F0 0c F4 0d F0 0d Tab 0e F0 0e `~ 0f F0 0f Keypad = 10 F0 10 F14 11 F0 11 Left alt 12 F0 12 Left shift 13 F0 13 Keyboard Int'l 2 14 F0 14 Left control 15 F0 15 q Q 16 F0 16 One ! 18 F0 18 F15 1a F0 1a z Z 1b F0 1b s S 1c F0 1c a A 1d F0 1d w W 1e F0 1e 2 @ 20 F0 20 F16 21 F0 21 c C 22 F0 22 x X 23 F0 23 d D 24 F0 24 e E 25 F0 25 4 $ 26 F0 26 3 # 27 F0 27 Keyboard Int'l 6 28 F0 28 F17 29 F0 29 Space 2a F0 2a v V 2b F0 2b f F 2c F0 2c t T 2d F0 2d r R 2e F0 2e 5% 30 F0 30 F18 31 F0 31 n N 32 F0 32 b B 33 F0 33 h H 34 F0 34 g G 35 F0 35 y Y 36 F0 36 6 ^ 38 F0 38 F19 3a F0 3a m M 3b F0 3b j J 3c F0 3c u U 3d F0 3d 7 & 3e F0 3e 8 * 40 F0 40 F20 41 F0 41 , < 42 F0 42 k K 43 F0 43 I I 44 F0 44 o O 45 F0 45 0 ) 46 F0 46 9 ( 48 F0 48 F21 49 F0 49 . > 4a F0 4a /? 4b F0 4b l L 4c F0 4c ; : 4d F0 4d p P 4e F0 4e -_ 50 F0 50 F22 51 F0 51 Keyboard Int'l 1 52 F0 52  '' "" 54 F0 54 [{ 55 F0 55 = + 57 F0 57 F23 58 F0 58 Caps lock 59 F0 59 Right shift 5a F0 5a Return 5b F0 5b ]} 5d F0 5d \ | 5f F0 5f F24, Keyboard Lang S 61 F0 61 Europe 2 62 F0 62 Keyboard lang 4 63 F0 63 Keyboard lang 3 64 F0 64 Keyboard Int'l 4 66 F0 66 Backspace 67 F0 67 Keyboard Int'l 5 69 F0 69 Keypad 1 End 6a F0 6a Keyboard Int'l 2 6b F0 6b Keypad 4 Left 6c F0 6c Keypad 7 Home 6d F0 6d Brazilian Keypad 70 F0 70 Keypad 0 Insert 71 F0 71 keypad. Delete 72 F0 72 Keypad 2 Down 73 F0 73 Keypad 5 74 F0 74 Keypad 6 Right 75 F0 75 Keypad 8 Up 76 F0 76 Escape 77 F0 77 Num lock 78 F0 78 F11 79 F0 79 Keypad + 7a F0 7a Keypad 3 PageDn 7b F0 7b Keypad- 7c F0 7c Keypad * 7d F0 7d Keypad 9 PageUp 7e F0 7e Scroll lock E0 10 E0 F0 10 WWW Search E0 11 E0 F0 11 Right alt E0 12 E0 F0 12 print Screen 1 E0 14 E0 F0 14 Right Control E0 15 E0 F0 15 Scan Previous Track E0 18 E0 F0 18 WWW Favorites E0 1F E0 F0 1F Left GUI E0 20 E0 F0 20 WWW Refresh E0 21 E0 F0 21 Volume down E0 23 E0 F0 23 Mute E0 27 E0 F0 27 Right GUI E0 28 E0 F0 28 WWW Stop E0 2B E0 F0 2B Calculator E0 2F E0 F0 2F App E0 30 E0 F0 30 WWW Forward E0 32 E0 F0 32 Volume up E0 34 E0 F0 34 Play / Pause E0 37 E0 F0 37 System Power, Keyboard Power E0 38 E0 F0 38 WWW Back E0 3A E0 F0 3A WWW Home E0 3B E0 F0 3B Stop E0 3F E0 F0 3F System sleep E0 40 E0 F0 40 My computer E0 48 E0 F0 48 Mail E0 4A E0 F0 4A Keypad / E0 4D E0 F0 4D Scan Next Track E0 50 E0 F0 50 Media select E0 5A E0 F0 5A Keypad enter E0 5E E0 F0 5E System wake E0 69 E0 F0 69 End E0 6B E0 F0 6B Left arrow E0 6C E0 F0 6C Home E0 70 E0 F0 70 Insert E0 71 E0 F0 71 Delete E0 72 E0 F0 72 Down Arrow E0 74 E0 F0 74 Right Arrow E0 75 E0 F0 75 Up arrow E0 7A E0 F0 7A Page Down E0 7C E0 F0 7C print Screen 2 E0 7D E0 F0 7D page Up E0 7E E0 F0 7E Ctrl-Break

 (All Make and Break codes are hexadecimal.)

According to Table 2 above, the make and break keys differ in that F0 is in front. Accordingly, the key input data generating unit 114 may distinguish the make and break keys, and may encrypt the same according to the same mapping table (Encryption Translate Table), but does not encrypt the first F0. In addition, the key input data generator 114 may select and encrypt only a text key, and control keys are not encrypted. The reason for selecting and encrypting only the text key is to minimize the compatibility problem between the application server and the OS operating system. The text key is encrypted while the application server's control remains unchanged. As a result, software compatibility of keylogger prevention programs is ensured. And, if the control keys are encrypted, these keys must be decrypted by the operating system OS, so that not only the control key but also all the keys of the text key can be logged by the keylogger installed in the operating system OS. Will be lost.

Therefore, the control keys are kept the same as those of the general keyboard, so that the application server and the operating system of the user data processing apparatus 310 do not affect the control key functions of the OS. However, the text keys are encrypted by the encryption module 115.

The keyboard command processor 112 activates, deactivates, and changes encryption parameters. Table 3 below shows an example of the PS2 extension command for configuring the encryption module 115.

table. 3 PS2  Extended Commands for Keyboard Encryption code  command Description and Command Format 30h  Set Translate Off Stop encryption.
Format: 30 FA 31h  Set Translate On Encryption Initiation.
Format: 31 FA 32h  Get Translate ID Translate ID is one of the parameters of the encryption module. Translate ID can be changed many times. For example, every time the Enter key is pressed on the server, the request is made to change the Translate ID. Format: 32 FA AA BB CC DD EE FF GG HH
AA, BB... HHs are Translate ID (TID) with an 8 byte sequence.
AA is LSB, HH is MSB. 33h  Get Device Serial ID Device Serial ID is one of the parameters of the encryption module. The Device Serial ID is determined when the keyboard is manufactured.
Format: 33 FA AA BB CC DD EE FF GG HH
AA, BB... HHs are Device Serial IDs (SIDs) in an 8 byte sequence. AA is LSB, HH is MSB
34h  Get Translate Table Translate Table (TT) is used when the host computer remaps text keys. This table is encrypted in a manner known in advance by both parties (keyboard 10 and designated application 130 or remote server 63) for security.
Format: 34 FA .... (followed by 64 bytes), (sequence bytes 0, 1, 2, 3, ... 63 = data encrypted by TT)

In addition, there is another implementation method that can make the parameter setting of the encryption module 115 the same without using the newly added PS2 command. For example, the encryption module 115 may be activated or deactivated using the scroll lock function of the keyboard 10. When the Scroll Lock LED is on, it means that the encryption module 115 is activated. If the Scroll Lock LED is off, it means that the encryption module 115 is disabled. The Scroll LED is set according to the ED (Set LED) command in Table 1. When the Scroll LED is set, the key input data generator 203 sequentially sends a make key and a break key. The make and break keys consist of hexadecimal ASCII forms such as Translate ID, Device Serial ID, and Translate Table. For example, hexdecimal AB sends the key input data generator 114 make and break keys A, followed by make and break keys B. Sending the Translate ID, the device Serial ID, and the Translate Table to the application server or remote server of the user data processing apparatus 310 includes A, B,. Z, 0, 1,... Only 9 scan codes are used. This implementation reduces the compatibility issues of the new PS2 instructions. The Translate ID, Device Serial ID, and Translate Table are all sent by the simulated keystroke data.

Meanwhile, as illustrated in FIG. 3, the user data processing apparatus 330 includes an application client unit 331, a decryption server 332, and an application server 333.

The application client unit 331 is provided to transfer key input data received through the keyboard interface. That is, in order to protect the key input data received from the keylogger installed in the OS operating system of the host computer, the key input data of the user data input device 310 of the host computer is not passed through the OS operating system through the application client unit 331. The application server 333 or the decryption server 332 is provided.

When the received key input data is text, the application client unit 331 provides the encrypted text data to the decryption server 332, and the decryption server 332 decrypts the encrypted text according to a preset parameter so that the application server ( 333).

The application server 333 is provided to execute a response to the control data when the key input data is the control data and to execute a response to the text data supplied to the decryption server 332.

In this case, as shown in FIG. 10, since the text data of the encrypted key input data is displayed instead of the key input signal corresponding to the key signal input through the keyboard 10, the key logger reading the text data displayed on the screen. The damage from can be prevented.

4 is a diagram illustrating a configuration of a user data input system implementing the user data input apparatus 110 illustrated in FIG. 1 as a separate adapter, and FIG. 5 is a diagram illustrating a configuration of the user data input apparatus illustrated in FIG. 4. 6 is a diagram illustrating a configuration of a user data processing apparatus illustrated in FIG. 4, and a user data input system according to another exemplary embodiment of the present invention will be described with reference to FIGS. 4 through 6.

As shown in FIG. 4, a user data input system according to an embodiment of the present invention includes a keyboard 10, a user data input device 120, and a host computer 30, and the host computer 30 includes And a user data processing device 310.

As illustrated in FIG. 5, the user data input device 120 indicates a type of keyboard based on a keyboard interface 121 for receiving a key signal supplied from the keyboard and a key signal received through the keyboard interface. Keyboard protocol analysis and generation unit for deriving keyboard information and generating key input data including one of text data and control data according to a corresponding protocol set based on the derived keyboard information, and transmitting one of encrypted text data and control data. And the text data supplied from the keyboard protocol analysis and generation unit 122 is received through the keyboard protocol analysis and generation unit 122 from a parameter supplied from the user data control device of the host computer according to the parameter. Remind Keyboard Pro by An encryption module 123 for transmitting to the call analysis and generation unit, and the parameter provided from the user data processing device 320 to the keyboard protocol analysis and generation unit 122, and the keyboard protocol analysis and generation unit ( A host interface 124 for delivering one of the encrypted text data and control data of 122 to the user data processing device.

In an embodiment of the present disclosure, detailed descriptions of components having the same configuration in the user data input device and the user data processing device shown in FIG. 1 will be omitted.

However, the functions of the keyboard interface 121 and the host interface 124 shown in FIG. 4 manage the PS2 or USB BUS protocol. In addition, since the encryption module 123 performs the same function as the encryption module 123 shown in FIG. 2, a detailed description thereof will be omitted.

In addition, the keyboard protocol analysis and generation unit 122 serves as a bridge managing data flow between the keyboard interface 121 and the host interface 124.

That is, the keyboard protocol analysis and generation unit 122 obtains parameters for the encryption module 123 from the host interface 124, but does not transfer the parameters to the keyboard interface 121.

In other words, the keyboard protocol analysis and generation unit 121 does not transmit the new PS2 or USB command of Table 3 to the keyboard interface 121.

The keyboard protocol analysis and generation unit 122 obtains a text key from the keyboard interface 121 and transmits the text key to the host interface 124. In this case, when the encryption mode is activated, the text key is provided to the user data processing apparatus 310 of the host computer 30 through the host interface 124 the text key encrypted by the encryption module 123.

FIG. 7 is a diagram illustrating another embodiment of the host interface of the user data input apparatus illustrated in FIG. 5. When the keyboard is PS2, the host computer 30 is the KBC-based user data processing apparatus 310. Is another exemplary diagram for the host interface 124.

That is, the KBC-based user data processing device 310 has two IO ports 60h and 64h for communicating with the host interface 124. That is, the KBC-based user data processing apparatus 310 is protocols of IO ports 60h and 64h through which software communicates with the KBC-based host interface 124. The IO port 60h, 64h, and KBC-based host interface 124 command (write IO 64h) are defined as follows, and the following Table 4 shows an example of a KBC-based host interface.


Table 4 KBC  Host controller interface ( IO  60h and 64h) Description port name Description and Command Format Read 60h KBC
Data
Output Read KBC data output buffer.
If no instruction is disclosed, the data comes from the keyboard device or mouse device depending on the state of 64h (KBC state) bits 0 and 5 OBF. If data is coming from the keyboard device, the format can be either Set 1 or Set 2 Scan Code, depending on the Bit6 Scan Code conversion of the command byte settings of the KBC instruction 60h in Table 5. Write 60h KBC
Data
Input Write KBC data input buffer.
There is no KBC instruction before write IO 60h.
Write IO 60h is a keyboard device command for the PS2 keyboard device. PS2 keyboard device commands are listed in Tables 1 and 3. The PS2 mouse command must first start the KBC command D4h before writing IO 60h to the mouse device. Write 64h KBC
Command Initiate a KBC instruction for a KBC host controller. Read 64h KBC
Status Read KBC Status
Bit0: OBF, Output Buffer Full flag.
Bit1: IBF, Input Buffer Full flag.
Bit2: System Flag, indicates that the system POST has finished.
Bit3: A2, address bit for last write IO 60h (0) or 64h (1).
Bit4: Uninhibited, indicating that the keyboard is inhibited.
Bit5: For AUX OBF, PS2 mouse data output flag. Bit6: Indicate normal timeout, PS2 BUS timeout condition
Bit7: Parity Error, PS2 BUS Parity Error Condition Display


Table 5 KBC  command code command Description and Command Format 20h Read Command Byte KBC read command byte. The command byte is located in KBC.
Bit0: IRQ1 enable
Bit1: IRQ12 enable
Bit2: System flag
Bit3: Inhibit override
Bit4: Keyboard device disable
Bit5: mouse device disable
Bit6: Scan Code Conversion
1: KBC converts Set 2 to Set 1 Scan Code.
0: KBC cannot convert Set 2 to Set 1 Scan Code
Bit7: NA 60h Write Command Byte Write a byte to the KBC instruction byte to update the KBC configuration settings as described in 20h, Read command byte. A7h Disable mouse device A8h Enable Mouse Device A9h Test mouse port Examine the KBC mouse PS2 port Aah Self test KBC performs self test and disables keyboard / mouse device Abh Test keyboard port Test KBC keyboard PS2 port Adh Disable Keyboard Devcie Aeh Enable Keyboard Device C0h Read Port1 Read port 1 status of 804. The instruction always gets 00h. D0h Read Port2 Read port 2 status of 8042. Only bit 1 is valid for reading GA20 status D1h Write Port2 Only Bit 1 is valid for GA20 setting D2h Write KBC Keyboard Output Buffer Write one byte as data comes from a KBC mouse device D3h KBC Mouse Output Buffer Write one byte as data comes from KBC mouse device D4h Mouse Port Prefix Write IO For write commands to PS2 mouse devices before port 60h. D4h is a prefix command to distinguish
Port 60h commands are for keyboard or mouse devices E0h Read Test Input Always returns 00h Feh Keyboard Reset Reset the PC system by generating a low pulse KBRST # signal from KBC

Here, to support the keylogger prevention function of the KBC-based host interface 124, there is an extended KBC command, such as the PS2 keyboard extension command of Table 3, to perform an encryption function.

Table 6 Encryption KBC  Extended command code command Description and Command Format 30h Set Translate Off Decrypt
Format: 30 31h Set Translate On Encryption Initiation.
Format: 31 32h Get Translate ID Translate ID is one of the parameters for the encryption module. Translate ID can be changed many times. For example, the server can ask the designated application to change the Translate ID each time the "Enter" key is pressed.
Format: 32 AA BB CC DD EE FF GG HH
AA, BB... HHs are Translate ID (TID) of 8 byte sequence.
AA is LSB, HH is MSB 34h Get Translate Table Translate Table (TT) is used by the host computer to remap text keys. This table is encrypted in a manner known to both sides (keyboard 10, designated application 130, remote server 63) for security.
Format: 34 ... (following 64 bytes), (sequence bytes 0, 1, 2, 3, ... 63 = Encrypt data by TT)

Accordingly, the KBC-based keyboard command processor 112 processes commands coming from the KBC host interface 124. If the encryption mode is activated, the KBC extension command causes the keyboard protocol analysis and generation unit 122 to encrypt the text key input from the keyboard interface 121. At this time, the control key is not changed.

Meanwhile, as illustrated in FIG. 7, the user data processing apparatus 310 includes an application client unit 311, a decryption server 312, and an application server 313.

Since the components of the user data processing apparatus 310 have the same components as the user data processing apparatus 310 illustrated in FIG. 3, detailed description thereof will be omitted.

8 is a flowchart illustrating an operation process of the user data input system illustrated in FIGS. 1 and 4, FIG. 9 is a flowchart illustrating the user data input process illustrated in FIG. 8, and FIG. 10 is a user illustrated in FIG. 8. A flow chart showing the data processing process in more detail.

A user data protection process using the user data input system according to another embodiment of the present invention will be described in more detail with reference to FIGS. 1 to 9.

First, in operation 700, the user data input apparatus 110 generates key input data by processing a key signal of a keyboard according to a predefined protocol, and when the generated key input data is text data, the text data. And encrypt one of the encrypted text data and one of the control data of the key input data, and receive the key input data in step 900 to decrypt the encrypted text data, and one of the decrypted text data and control data. Respond to

Here, the user data input step of the step 700 will be described in more detail with reference to FIG. 9.

First, through step 711 of the user data input device 110, a command for each key of each keyboard set based on a protocol capable of processing key signals of a keyboard supplied from the outside is received, and then step 713 is performed. After generating a key signal by scanning the pressed key of the user's keyboard through the command to generate the key input data according to the command corresponding to the generated key signal.

The user data input apparatus 110 encrypts the key input data text data in step 715 (step 717), and then, in step 719, one of the encrypted text data and the control data. Transfer to the user data processing step 900.

Meanwhile, as illustrated in FIG. 10, the user data processing apparatus 310 provided with one of the encrypted text data and the control data of the user data input apparatus 110 may have an application client 311 through step 911. ) Generates a page requesting input of user information including an ID and password for login and delivers the page to the application server.

In operation 913, the user data processing apparatus 310 activates the key logger prevention flag in the application client unit 311 in response to the request for activating the key logger prevention flag of the application server 313.

Subsequently, in order to perform keylogger prevention in the decryption server, the user data processing apparatus 310 sets a parameter for encrypting text data among key input data and transmits it to the user data input apparatus. .

Meanwhile, based on the parameter received from the user data input device 110, key input data including encrypted text data and control data is received (step 917), and the ID and password for logging in the encrypted text data are received. Displayed on a page requesting input of the containing user information (step 919).

In operation 921, the user data processing apparatus 310 decrypts the encrypted text data among the received user data in a decryption server and transmits the encrypted text data to the application server to respond to the key input data.

That is, for example, the "xyzmn" shown in the text box of the page for entering the ID is an encrypted code (let's say the user's actual keystroke is "abcde" and the encrypted keystroke data is "xyzmn"). If the decrypted code "abcde" is delivered to the application client unit 311, the application client unit 311 shows the actual data "abcde" in the username text box.

However, if a keylogger includes a screen logger function, the user entered "abcde" may be captured by the screen logger, which may be a risk for important information such as credit card numbering, for example.

Therefore, although it is better to send the actual key input data directly to the application server 313 for decryption by the decryption server 312, the actual key input data cannot be displayed on the screen. For example, in the case of an instant chat program, MSN messenger and Yahoo messenger, the encrypted text cannot be displayed on the screen. In this case, the application client 311 displays only the encrypted text in the text box for the chat program. do.

In an embodiment of the present invention, the actual key input data is not displayed on the screen such as a password, an account number, and the like. Output encrypted text data directly to the application server 313.

In addition, the application server 313 authenticates the personal information based on the decrypted text data and the previously stored personal information.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in the form of a program form which may be performed via a variety of computing means and recorded in a computer-readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. The program instructions recorded on the medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks. Magneto-optical media, and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like. The hardware device described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

Although the invention has been described with reference to illustrated embodiments, this description should not be construed in a limiting sense. Those skilled in the art will appreciate that various modifications are possible in combination with the illustrative embodiments as well as other embodiments of the invention when referring to the description. In addition, it is within the scope of the present invention to reorder the processing steps to the ordinary skill in the art, and the claims of the appended claims include all such variations or embodiments. Moreover, the scope of the embodiments of the present invention is not limited to the specific embodiments of the processes, machines, manufacture, composition of matter, means, methods and steps described in the specification of the patent. Therefore, the claims of the appended patents encompass all such scopes as processes, machines, manufactures, compositions of matter, means, methods and steps.

According to the user data input device and the method for user data security using the same according to the present invention, if the key input data processed according to the protocol of the key signal input through the keyboard is text data, the text data is encrypted and transmitted. By providing and decrypting key input data and executing a corresponding application based on the key input data, and providing a user data security method using the same, the security of the key input data can be fundamentally strengthened, and the key Key input data can be protected without changing the bus and / or driver that carries the input data, and the key input data is inherently protected. Still life It is an invention with sufficient industrial applicability.

Claims (14)

Keyboard and keyboard
A host computer for displaying key input data corresponding to the key signal of the keyboard;
The keyboard is
A user data input device for encrypting text data among key input data corresponding to a key signal of the keyboard and transmitting user data including one of encrypted text data and control data,
The host computer,
A user data processing device which receives the user data through the user data input device, decrypts the encrypted text data, and executes the corresponding application with the decrypted text data;
The user data input device,
A keyboard interface for generating keyboard information indicating a keyboard type according to an output port of a key signal of the keyboard and receiving and transmitting a protocol corresponding to the keyboard information from a host computer;
A keyboard command processor for storing commands for each key of a keyboard set based on a protocol received through the keyboard interface;
A keyboard matrix scan control unit which scans a pressed key of the keyboard unit and transmits a corresponding key signal;
A key input for receiving a command corresponding to a key signal scanned through the keyboard matrix scan control unit from the keyboard command processor to generate key input data for the corresponding key signal, and transmitting the text data when the key input data is text data A data generator,
An encryption module for receiving the text data generated by the key input data generator and encrypting the received text data according to a predefined parameter to transfer the encrypted text to the key input data generator;
The key input data generator,
And transmit key input data of one of text data and control data encrypted by the encryption module to the user data processing apparatus through the keyboard interface. delete The method of claim 1, wherein the keyboard type is
A user data input system, which is derived based on a key signal input through a bus and is one of PS2 and USB, wired and wireless, ATM and POS terminals.
The apparatus of claim 1, wherein the user data input device comprises:
And when the keyboard information is one of PS2 and USB, generate key input data according to a KBC-based protocol. The apparatus of claim 1, wherein the user data processing apparatus comprises:
An application client unit transferring key input data received through the keyboard interface;
If the key input data received from the application client unit is a text provided to the decryption server, the user characterized in that it comprises an application server for responding to one key input data of the text data and control data decrypted by the decryption server Data entry system.
Keyboard and keyboard
A host computer displaying a key signal received via the keyboard;
Processing the key signal of the keyboard according to a corresponding protocol to generate key input data, encrypting the text data when the generated key input data is text data, and transferring one of the encrypted text data and the control data to the host computer. Further comprising a user data input device,
The host computer,
Receiving the encrypted text data through the user data input device to display the encrypted text data on the screen, and after decrypting the encrypted text data, the user data processing device for executing the application based on the decrypted text data further Including,
The user data input device,
A keyboard interface for receiving key signals of the keyboard;
Derive keyboard information indicating the type of keyboard based on the input port of the key signal received through the keyboard interface, and generate key input data including one of text data and control data according to a protocol set based on the derived keyboard information; A keyboard protocol analysis and generation unit for transmitting one of encrypted text data and control data as user data;
An encryption module for receiving parameters supplied from the user data processing device of the host computer through the keyboard protocol analysis and generation unit, encrypting the text data of the keyboard protocol analysis and generation unit according to the parameters, and transmitting the encrypted data to the keyboard protocol analysis and generation unit. and,
A host interface for transferring the parameters provided from the user data processing device to the keyboard protocol analysis and generation unit to pass one of the encrypted text data and control data of the keyboard protocol analysis and generation unit as user data to the user data processing device. User data input system comprising a. delete The apparatus of claim 6, wherein the user data input device comprises:
If the keyboard information analyzed by the keyboard protocol analysis and generation unit is one of PS2 and USB further comprises a KBC command processor for receiving a KBC-based command from the host computer through the host interface,
The keyboard protocol analysis and generation unit,
And processing key signals of a keyboard according to a KBC command supplied from the KBC command processor to generate key input data, and when the generated key input data is text data, provide text data to the encryption module. User Data Entry System.
The apparatus of claim 8, wherein the user data input device comprises:
User data input system, characterized in that provided as implemented in one adapter to be installed in one of the keyboard or the host computer.
The apparatus of claim 8, wherein the user data processing apparatus comprises:
An application client unit for transmitting the encrypted text data and control data to a decryption server through a communication network to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer;
And an application server configured to receive the encrypted text data on a screen and receive the decrypted text data from the decryption server to execute the corresponding application.
a) Process the key signals of the keyboard according to the predefined protocol to generate key input data, and if the generated key input data is text data, encrypt the text data and then use one of the encrypted text data and the control data. Entering user data into the data,
b) a user data processing step of receiving the user data, displaying encrypted text data on a screen, decrypting the encrypted data, and executing the corresponding application with the decrypted text data;
The user data input step,
Receives commands for each key of each keyboard set based on a protocol capable of processing key signals of the keyboard supplied from the outside,
After generating the key signal by scanning the pressed key of the user's keyboard, the key input data for the corresponding key is generated according to the command corresponding to the generated key signal, and encrypted if the key input data is text data.
And transmitting one of the encrypted text data and the control data to the user data processing step.
delete The method of claim 11, wherein the user data processing step,
In order to prevent reception of the user data provided through the host interface in a keylogger installed in an operating system (OS) of a host computer, an application client unit transmits encrypted text data among the received user data to a decryption server,
And an application server configured to display the encrypted text data on the screen and to execute the corresponding application with the decrypted text data on the decryption server.
The method of claim 11, wherein the user data processing step,
Generating a page requesting input of user information including an ID and a password for login in the application client unit and transmitting the generated page to the application server;
Activating a keylogger prevention flag in the application client unit in response to a request for activating a keylogger prevention flag of the application server;
Setting a parameter for encrypting text data among key input data and transmitting the same to the user data input device to perform keylogger prevention in the decryption server;
Receiving user data comprising one of text data and control data encrypted based on the received parameters;
Displaying the encrypted text data on an input window of a page requesting input of user information including an ID and a password for login;
And decrypting the encrypted text data in a decryption server and transferring the encrypted text data to the application server to execute a corresponding application.

KR1020120141670A 2012-12-07 2012-12-07 Apparautus for inputting user data and method for securiting user data KR101278726B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020120141670A KR101278726B1 (en) 2012-12-07 2012-12-07 Apparautus for inputting user data and method for securiting user data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020120141670A KR101278726B1 (en) 2012-12-07 2012-12-07 Apparautus for inputting user data and method for securiting user data

Publications (1)

Publication Number Publication Date
KR101278726B1 true KR101278726B1 (en) 2013-07-02

Family

ID=48996088

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020120141670A KR101278726B1 (en) 2012-12-07 2012-12-07 Apparautus for inputting user data and method for securiting user data

Country Status (1)

Country Link
KR (1) KR101278726B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101688630B1 (en) * 2015-09-15 2016-12-21 한국전자통신연구원 Keyboard apparatus and data communication method using the same

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030036276A (en) * 2003-02-07 2003-05-09 킹스정보통신(주) Computer Security System using secure input device driver
KR20060059779A (en) * 2004-11-29 2006-06-02 주식회사 안철수연구소 Method and device for protecting file data by using real time decryption technics

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030036276A (en) * 2003-02-07 2003-05-09 킹스정보통신(주) Computer Security System using secure input device driver
KR20060059779A (en) * 2004-11-29 2006-06-02 주식회사 안철수연구소 Method and device for protecting file data by using real time decryption technics

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101688630B1 (en) * 2015-09-15 2016-12-21 한국전자통신연구원 Keyboard apparatus and data communication method using the same
US10255426B2 (en) 2015-09-15 2019-04-09 Electronics And Telecommunications Research Institute Keyboard device and data communication method using the same

Similar Documents

Publication Publication Date Title
US20090144558A1 (en) Method For Anit-Keylogger
US7224801B2 (en) Wireless secure device
US8572403B2 (en) Digital video guard
US8959350B2 (en) Token for securing communication
TW201539247A (en) Password input and verification method and system thereof
US8712049B2 (en) System for implementing dynamic pseudorandom keyboard remapping
US20100023750A1 (en) System and Method for Controllably Concealing Data from Spying Application
CN103929306A (en) Intelligent secret key device and information management method of intelligent secret key device
US20100195825A1 (en) Keystroke encryption system
US20090066543A1 (en) Method for implementing dynamic pseudorandom keyboard remapping
CN101685425A (en) Mobile storage device and method of encrypting same
TWI476625B (en) Data security management systems and methods
CN109165531B (en) AES mask method, electronic equipment and storage medium
CN101770559A (en) Data protecting device and data protecting method
CN104915583A (en) Interface decryption processing method and mobile terminal
CN103107883A (en) Safe protection method of personal identification number (PIN) and client
KR101278726B1 (en) Apparautus for inputting user data and method for securiting user data
US20150156195A1 (en) Method for protecting data on a mass storage device and a device for the same
KR100998214B1 (en) Apparatus for and method of securing keyboard to evade stealth sniffing
KR20020048313A (en) Method for preventing key board hacking
KR101267875B1 (en) Apparatus for message encryption and decryption using virtual keyboard and recording medium storing program for executing method of the same in computer
CN101751522B (en) Method, device and system for preventing keys of keyboard from being logged
CN100552649C (en) Hard disc enciphering system based on MEMS coded lock and FPGA
KR101318668B1 (en) Portable memory card having information security function
US20100042849A1 (en) Device and method for generating digital signatures

Legal Events

Date Code Title Description
A201 Request for examination
A302 Request for accelerated examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant
FPAY Annual fee payment

Payment date: 20160614

Year of fee payment: 4