US20090300368A1 - User interface for secure data entry - Google Patents

User interface for secure data entry Download PDF

Info

Publication number
US20090300368A1
US20090300368A1 US12/480,692 US48069209A US2009300368A1 US 20090300368 A1 US20090300368 A1 US 20090300368A1 US 48069209 A US48069209 A US 48069209A US 2009300368 A1 US2009300368 A1 US 2009300368A1
Authority
US
United States
Prior art keywords
data
computer
input
user
input device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/480,692
Inventor
Amir Zilberstein
Lior Frenkel
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HUMAN INTERFACE SECURITY Ltd
Original Assignee
HUMAN INTERFACE SECURITY Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HUMAN INTERFACE SECURITY Ltd filed Critical HUMAN INTERFACE SECURITY Ltd
Assigned to HUMAN INTERFACE SECURITY LTD reassignment HUMAN INTERFACE SECURITY LTD ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: FRENKEL, LIOR, ZILBERSTEIN, AMIR
Publication of US20090300368A1 publication Critical patent/US20090300368A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/84Protecting input, output or interconnection devices output devices, e.g. displays or monitors

Definitions

  • the present invention relates generally to data security, and specifically to methods and devices for preventing unauthorized parties from accessing unencrypted data.
  • Data encryption is widely used in preventing unauthorized access to data.
  • Various methods of data encryption are known in the art. In general, these methods use a key to convert data to a form that is unintelligible to a reader (human or machine), and require an appropriate key in order to decrypt the data.
  • Symmetric encryption methods use the same key for both encryption and decryption. Such symmetric methods include the well-known DES (Data Encryption Standard) and AES (Advanced Encryption Standard) algorithms.
  • DES Data Encryption Standard
  • AES Advanced Encryption Standard
  • asymmetric encryption methods such as the RSA (Rivest Shamir Adelman) algorithm, a computer that is to receive encrypted data generates complementary public and private keys and transmits the public key to the sender. After the sender has encrypted the data using the public key, only the holder of the private key can decrypt it.
  • Modern methods of encryption make it very difficult for a malicious party who intercepts an encrypted message to decrypt the message contents.
  • the message contents are typically held, at least temporarily, in clear (unencrypted) form in computer memory or storage.
  • a malicious party who gains access to the memory or CPU of the computer may be able to intercept the message in its internal clear form and read out or otherwise tamper with secret message contents (including user passwords and other sensitive private information).
  • the malicious party may use a key-logger to copy and transmit a record of keystrokes input to the computer from the keyboard, or may use “phishing” in an attempt to trick the user into providing private information.
  • a computer input device comprises an encryption processor, which is coupled between an input transducer, such as a keyboard, microphone, touch screen or camera, and the computer.
  • the encryption processor receives and encrypts input data signals from the input transducer so that the data that are input to the computer from the input device are already encrypted.
  • the input device comprises a mode switch, which switches between an encrypted mode for secret data, in which the data that have been input by the user are unintelligible to the computer, and a clear (unencrypted) mode, for normal (non-secure) data input.
  • the computer may then transmit and/or store the encrypted input data from the input device without ever having to decrypt the data. Thus, even if an unauthorized party were to gain access to the computer, he or she would still be unable to read out the secret data in clear form.
  • the computer input device also comprises an output transducer, such as a lamp, alphanumeric display or audio generator, which indicates to the user whether the input device is operating in encrypted or clear mode.
  • Software running on the computer may monitor the user input in order to detect unencrypted input of secret data to the computer.
  • the software Upon detecting such input, the software initiates preventive action, such as prompting the user to flip the mode switch and re-enter the data, or preventing any further unencrypted data from being sent to the computer.
  • the agent trains the user to make appropriate use of the encryption capabilities of the input device, so that the user will remember to flip the mode switch to encrypted mode even if the agent is later disabled (whether accidentally or intentionally).
  • a computer input device for operation with a computer including:
  • an input transducer which is coupled to receive an input from a user and to generate a data signal responsively to the input
  • an encryption processor which is coupled to process the data signal so as to output data to the computer, and which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
  • a mode switch which is operative so as to switch between the first and second operational modes of the encryption processor
  • an output transducer which is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
  • the input transducer includes a text input device, such as a keyboard.
  • the mode switch may by manually operable by a user.
  • the data signal is not accessible to the computer except in the data output by the encryption processor.
  • the output transducer may include a lamp, an alphanumeric display, or an audio transducer, or may cause a visible mode change in the input device.
  • a method for inputting data to a computer including:
  • an encryption processor which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
  • a method for inputting data to a computer including:
  • the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted;
  • initiating the preventive action includes preventing further unencrypted data from being sent from the input device to the computer.
  • initiating the preventive action includes issuing an alert from the computer to the user, wherein issuing the alert includes instructing the user to switch the input device from the second to the first operational mode and repeat the data input.
  • the computer may not alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
  • computing apparatus including:
  • an input device having a first user-selectable operational mode in which the input device encrypts data input made to the device by the user and a second user-selectable operational mode in which the data input is unencrypted;
  • a computer which is coupled to receive the data input from the input device, and is configured to detect that the data input made by the user for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
  • a computer software product including a tangible computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted, and to detect that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
  • FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention
  • FIG. 2 is a block diagram that schematically shows details of an input device for use with a computer, in accordance with an embodiment of the present invention.
  • FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to a computer, in accordance with an embodiment of the present invention.
  • FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention.
  • a source computer 20 transmits encrypted data over a network 22 to a receiving computer 24 .
  • the data may be encrypted in accordance with any suitable method of encryption that is known in the art, including both symmetric and asymmetric methods.
  • Network 22 may comprise the Internet or substantially any other public or private computer network.
  • Computer 20 comprises a console 26 , which is coupled to one or more output devices, such as a video display screen 28 , and one or more user input devices, which may comprise, for example, text, image capture and/or audio input transducers.
  • the text input device is a keyboard 30 , which comprises keys 32 as input transducers, and has novel encryption features that are described hereinbelow.
  • the encryption capabilities of keyboard 30 may be incorporated into other user input devices, such as a mouse or other pointing device, a camera, scanner or other imaging device, a microphone, or a touch-sensitive screen, as well as other types of input devices that are known in the art.
  • certain techniques for secure input of encrypted data to console 26 are described, by way of example, with reference to keyboard 30 . These techniques may similarly be applied, mutatis mutandis, to input devices of other types.
  • Keyboard 30 has two modes of operation:
  • a light-emitting diode (LED) 36 serves as an output transducer for indicating the current operating mode of keyboard 30 .
  • LED 36 lights to indicate that the keyboard is operating in encrypted mode.
  • any other suitable type of output transducer may be used for this purpose, such as another type of lamp; an alphanumeric display, such as a liquid crystal display (LCD); another type of visual transducer such as a backlight, which causes a visible mode change in the input device; or even an audio transducer, which generates a sound to indicate the operating mode.
  • the output transducer is typically controlled internally within the keyboard to prevent tampering by hackers.
  • FIG. 2 is a block diagram that schematically shows details of console 26 and keyboard 30 , in accordance with an embodiment of the present invention.
  • Console 26 comprises a central processing unit (CPU) 40 , which performs general computing functions.
  • CPU 40 is coupled via a communication interface 42 to transmit and receive data to and from network 22 .
  • the console comprises a memory 44 (which may typically comprise both RAM and disk memory), which is accessed by the CPU in a conventional manner.
  • memory 44 which may typically comprise both RAM and disk memory
  • an encryption processor 46 associated with keyboard 30 encrypts data entered by the user via keys 32 when the encrypted mode is selected by switch 34 .
  • Keys 32 generate respective data signals when depressed by the user, as is known in the art. These data signals are digitized and, optionally, held in a buffer 50 . The digitized data signals are then encoded by encryption processor 46 , using an appropriate encryption key and program instructions stored in a program memory 48 .
  • the encryption processor may comprise a programmable processing device, such as a microprocessor or field-programmable gate array (FPGA), or it may alternatively comprise a hard-coded logic device.
  • encryption processor 46 is integrated with keyboard 30 , typically within the keyboard package.
  • the encryption processor may be packaged separately from the keyboard.
  • the encryption processor, along with switch 34 , LED 36 and memory 48 may be packaged in a plug-in device (not shown in the figures), which has appropriate input and output connectors for coupling between a conventional keyboard and the keyboard input to console 26 .
  • the encryption function of processor 46 may be engaged or bypassed depending on the setting of the switch.
  • the combination of a conventional keyboard with this sort of plug-in device constitutes an input device with equivalent capabilities to those of the integrated keyboard of FIGS. 1 and 2 .
  • the user In normal operation, the user maintains switch 34 in the clear position, so that the user can interact with computer 20 via keyboard 30 in the conventional manner. From time to time, however, the user may toggle switch 34 to the encryption mode, whereupon encryption processor 46 will output encrypted data to CPU 40 .
  • the CPU in this case is unable to decipher the encrypted data (and cannot access the unencrypted data signals in the keyboard). Rather, the CPU stores the encrypted data in memory 44 or transmits the encrypted data via communication interface 42 in accordance with instructions received by the CPU.
  • the user of computer 20 may flip switch 34 to the encryption mode position before inputting some particularly sensitive item of information, such as a password or account number.
  • Software running on computer 20 may cause CPU 40 to generate a data packet for transmission to computer 24 , and to insert the encrypted data that were entered via keyboard 30 into the payload of the packet before transmission.
  • Computer 24 holds the necessary key to decrypt the payload upon reception, but CPU 40 does not have access to the key. Therefore, even if a hacker were to gain control over the CPU and copy the data transmitted to computer 24 , the hacker will still have no way of deciphering the encrypted payload data.
  • FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to computer 20 using keyboard 30 , in accordance with an embodiment of the present invention.
  • the purpose of this method is to ensure that the user of computer 20 actuates switch 34 at the appropriate times, so that secret data are input to the computer from the keyboard only in encrypted form.
  • Secret data in this context does not necessarily include all confidential data that the user may input, but rather those items of confidential data that are to be encrypted by the keyboard in order to protect against security breaches that may occur within the computer, as explained above.
  • the method described hereinbelow is meant to train the user, by negative reinforcement, to flip switch 34 before entering secret data, even without active prompting by the computer.
  • the method of FIG. 3 is typically carried out by a software agent running on computer 20 .
  • the agent monitors interaction between the user and the computer in order to identify data fields requiring encrypted input and to track user input to these fields.
  • agent is used here, for convenience and clarity, to refer to the software that performs the functions of monitoring and training that are described herein, and should be understood broadly to mean any sort of software that is capable of causing computer 20 to carry out these functions.
  • the software for this purpose may be downloaded to computer 20 in electronic form, over network 22 , for example. Alternatively or additionally, the software may be provide and/or stored on tangible media, such as optical, magnetic or electronic memory media.
  • the software may run either on CPU 40 or on an embedded processor in the input device (such as processor 46 in keyboard 30 ), or on the CPU and embedded processor in collaboration.
  • the method carried out by the software agent trains the user to engage the encryption capabilities of keyboard 30 in such a way that even if the software agent is later deactivated or removed from the computer entirely (whether intentionally or accidentally), the user will already have acquired the habit of flipping the encryption switch at the appropriate times without further prompting.
  • the software agent may monitor interaction between the user of computer 20 and the Web site of a bank where the user has an account.
  • remote computer 24 may be the bank's server.
  • computer 20 presents a field on display 28 that requires secret data to be input securely, at an input display step 52 .
  • the secret data may comprise a password, for instance.
  • Standing instructions from the bank indicate that the user is required to flip switch 34 to the encrypted mode before typing in the secret data.
  • the user begins to input the secret data, at a data input step 54 .
  • the software agent checks the steam of input data, at an encryption checking step 56 . If possible, this step is carried out on the fly, as the user inputs the data, rather than waiting for all of the data to be transferred to memory 44 . As long as the input data are encrypted, the agent takes no action. In this case, the encrypted data are typically transferred temporarily to memory 44 and are then transmitted by CPU 40 to computer 24 at the appropriate time (such as when the user presses the “ENTER” key), at a data transfer step 58 . Alternatively, the encrypted data may be stored on computer 20 or otherwise output as required by the application.
  • the agent takes preventive action.
  • the agent may issue an alert to the user, at a user prompt step 60 .
  • the agent may cause a warning to appear on display 28 , prompting the user to flip switch 34 and repeat the data input.
  • the agent may cause computer 20 to issue an audible alarm.
  • the agent may intervene and prevent further unencrypted input from being sent to the computer, either by preventing the computer from accepting the further input or preventing the input device from transmitting it.
  • the user upon receiving the alert, the user is required to flip switch 34 and then repeat step 54 . Before inputting the data, the user will now check to make sure LED 36 is lit, thus indicating that keyboard 30 is operating in encrypted mode. The user may alternatively have the option of continuing in clear mode if necessary.
  • the mode of training described above, using negative reinforcement, may be preferable to positively prompting the user for the sake of building proper user habits: If the user were positively prompted to flip the encryption switch before inputting secret data, the user could easily become dependent on the prompt as a memory aid.
  • the prompt were turned off, due to malicious intervention by a hacker, for example, the user would be likely to forget to flip switch 34 .
  • the mild nuisance created by negative reinforcement in the method of FIG. 3 will encourage and accustom the user to flip the switch and observe LED 36 before inputting secret data, and will thus tend to make the user less dependent on actual prompting.

Abstract

A computer input device for operation with a computer includes an input transducer, which is coupled to receive an input from a user and to generate a data signal responsively to the input. An encryption processor is coupled to process the data signal so as to output data to the computer. The encryption processor has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer. A mode switch is operative so as to switch between the first and second operational modes of the encryption processor. An output transducer is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.

Description

    CROSS-REFERENCE TO RELATED APPLICATION
  • This application is a continuation-in-part of PCT patent application PCT/IL2007/001535, filed Dec. 11, 2007, whose disclosure is incorporated herein by reference.
  • FIELD OF THE INVENTION
  • The present invention relates generally to data security, and specifically to methods and devices for preventing unauthorized parties from accessing unencrypted data.
  • BACKGROUND OF THE INVENTION
  • Data encryption is widely used in preventing unauthorized access to data. Various methods of data encryption are known in the art. In general, these methods use a key to convert data to a form that is unintelligible to a reader (human or machine), and require an appropriate key in order to decrypt the data. Symmetric encryption methods use the same key for both encryption and decryption. Such symmetric methods include the well-known DES (Data Encryption Standard) and AES (Advanced Encryption Standard) algorithms. In asymmetric encryption methods, such as the RSA (Rivest Shamir Adelman) algorithm, a computer that is to receive encrypted data generates complementary public and private keys and transmits the public key to the sender. After the sender has encrypted the data using the public key, only the holder of the private key can decrypt it.
  • BRIEF SUMMARY
  • Modern methods of encryption make it very difficult for a malicious party who intercepts an encrypted message to decrypt the message contents. On the other hand, within the computer that sends the message, the message contents are typically held, at least temporarily, in clear (unencrypted) form in computer memory or storage. A malicious party who gains access to the memory or CPU of the computer (using a “Trojan horse” or other “spyware” program, for example) may be able to intercept the message in its internal clear form and read out or otherwise tamper with secret message contents (including user passwords and other sensitive private information). As additional examples, the malicious party may use a key-logger to copy and transmit a record of keystrokes input to the computer from the keyboard, or may use “phishing” in an attempt to trick the user into providing private information.
  • Embodiments of the present invention provide methods and apparatus for encryption that can be used to prevent unauthorized parties from accessing unencrypted secret data on the receiving computer. In these embodiments, a computer input device comprises an encryption processor, which is coupled between an input transducer, such as a keyboard, microphone, touch screen or camera, and the computer. The encryption processor receives and encrypts input data signals from the input transducer so that the data that are input to the computer from the input device are already encrypted. The input device comprises a mode switch, which switches between an encrypted mode for secret data, in which the data that have been input by the user are unintelligible to the computer, and a clear (unencrypted) mode, for normal (non-secure) data input. The computer may then transmit and/or store the encrypted input data from the input device without ever having to decrypt the data. Thus, even if an unauthorized party were to gain access to the computer, he or she would still be unable to read out the secret data in clear form.
  • In some embodiments, the computer input device also comprises an output transducer, such as a lamp, alphanumeric display or audio generator, which indicates to the user whether the input device is operating in encrypted or clear mode. Software running on the computer (whether on the CPU or on an embedded processor within the input device) may monitor the user input in order to detect unencrypted input of secret data to the computer. Upon detecting such input, the software initiates preventive action, such as prompting the user to flip the mode switch and re-enter the data, or preventing any further unencrypted data from being sent to the computer. By forcing the user to observe the status of the output transducer and re-enter data in this manner, the agent trains the user to make appropriate use of the encryption capabilities of the input device, so that the user will remember to flip the mode switch to encrypted mode even if the agent is later disabled (whether accidentally or intentionally).
  • There is therefore provided, in accordance with an embodiment of the present invention, a computer input device for operation with a computer, including:
  • an input transducer, which is coupled to receive an input from a user and to generate a data signal responsively to the input;
  • an encryption processor, which is coupled to process the data signal so as to output data to the computer, and which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
  • a mode switch, which is operative so as to switch between the first and second operational modes of the encryption processor; and
  • an output transducer, which is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
  • In one embodiment, the input transducer includes a text input device, such as a keyboard. The mode switch may by manually operable by a user. In a disclosed embodiment, the data signal is not accessible to the computer except in the data output by the encryption processor.
  • The output transducer may include a lamp, an alphanumeric display, or an audio transducer, or may cause a visible mode change in the input device.
  • There is also provided, in accordance with an embodiment of the present invention, a method for inputting data to a computer, including:
  • receiving a data signal from an input transducer responsively to an input by a user;
  • processing the data signal so as to generate data for output to the computer using an encryption processor, which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
  • setting a mode switch so as to select one of the first and second operational modes;
  • presenting to the user an indication of whether the encryption processor is in the first or the second operational mode; and
  • outputting the data to the computer in accordance with the selected one of the operational modes.
  • There is additionally provided, in accordance with an embodiment of the present invention, a method for inputting data to a computer, including:
  • receiving data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted;
  • detecting that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted; and
  • initiating a preventive action responsively to detecting that the data input is unencrypted.
  • In one embodiment, initiating the preventive action includes preventing further unencrypted data from being sent from the input device to the computer.
  • In another embodiment, initiating the preventive action includes issuing an alert from the computer to the user, wherein issuing the alert includes instructing the user to switch the input device from the second to the first operational mode and repeat the data input. The computer may not alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
  • There is further provided, in accordance with an embodiment of the present invention, computing apparatus, including:
  • an input device having a first user-selectable operational mode in which the input device encrypts data input made to the device by the user and a second user-selectable operational mode in which the data input is unencrypted; and
  • a computer, which is coupled to receive the data input from the input device, and is configured to detect that the data input made by the user for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
  • There is moreover provided, in accordance with an embodiment of the present invention, a computer software product, including a tangible computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted, and to detect that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
  • The present invention will be more fully understood from the following detailed description of the embodiments thereof, taken together with the drawings in which:
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention;
  • FIG. 2 is a block diagram that schematically shows details of an input device for use with a computer, in accordance with an embodiment of the present invention; and
  • FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to a computer, in accordance with an embodiment of the present invention.
  • DETAILED DESCRIPTION OF EMBODIMENTS
  • FIG. 1 is a schematic, pictorial illustration of a system for transmission and reception of encrypted data, in accordance with an embodiment of the present invention. A source computer 20 transmits encrypted data over a network 22 to a receiving computer 24. The data may be encrypted in accordance with any suitable method of encryption that is known in the art, including both symmetric and asymmetric methods. Network 22 may comprise the Internet or substantially any other public or private computer network.
  • Computer 20 comprises a console 26, which is coupled to one or more output devices, such as a video display screen 28, and one or more user input devices, which may comprise, for example, text, image capture and/or audio input transducers. In the present embodiment, the text input device is a keyboard 30, which comprises keys 32 as input transducers, and has novel encryption features that are described hereinbelow. Alternatively or additionally, the encryption capabilities of keyboard 30 may be incorporated into other user input devices, such as a mouse or other pointing device, a camera, scanner or other imaging device, a microphone, or a touch-sensitive screen, as well as other types of input devices that are known in the art. In the description that follows, certain techniques for secure input of encrypted data to console 26 are described, by way of example, with reference to keyboard 30. These techniques may similarly be applied, mutatis mutandis, to input devices of other types.
  • Keyboard 30 has two modes of operation:
    • 1. An encrypted mode, in which signals generated by strokes of keys 32 are encrypted using an encryption key that is not accessible to console 26; and
    • 2. A clear mode, in which the encryption function of the keyboard is turned off or bypassed, so that the output data from the keyboard are intelligible to the console, typically in the standard keyboard data output format.
      A user-operable switch 34 permits the user to toggle between the two modes. The switch may simply be a manual switch on the keyboard package, as shown in FIG. 1, so that even if a hacker gains access to console 26 remotely (via network 22, for example), the hacker will be unable to change the switch setting. Alternatively, any other suitable type of switch that is known in the art may be used in this manner, including an electronic or logic-actuated switch, which may be actuated by a certain combination and/or sequence of user keystrokes on keys 32. Alternatively or additionally, in some embodiments the keyboard may switch modes automatically under the control of software or other suitable logic.
  • A light-emitting diode (LED) 36 serves as an output transducer for indicating the current operating mode of keyboard 30. In this example, LED 36 lights to indicate that the keyboard is operating in encrypted mode. Alternatively, any other suitable type of output transducer may be used for this purpose, such as another type of lamp; an alphanumeric display, such as a liquid crystal display (LCD); another type of visual transducer such as a backlight, which causes a visible mode change in the input device; or even an audio transducer, which generates a sound to indicate the operating mode. The output transducer is typically controlled internally within the keyboard to prevent tampering by hackers.
  • FIG. 2 is a block diagram that schematically shows details of console 26 and keyboard 30, in accordance with an embodiment of the present invention. Console 26 comprises a central processing unit (CPU) 40, which performs general computing functions. CPU 40 is coupled via a communication interface 42 to transmit and receive data to and from network 22. The console comprises a memory 44 (which may typically comprise both RAM and disk memory), which is accessed by the CPU in a conventional manner. In scenarios that are known in the art, when computer 20 is to transmit data to remote computer 24, even if the transmission itself is encrypted, the data is typically held in clear form in memory 44 at least temporarily in preparation for encryption. As a result, if a malicious party is able to gain access to the memory through a software security breach, for example, that party may be able to read the decrypted data (generally by causing CPU 40 or another component of terminal 20 to transmit the decrypted data over network 22), notwithstanding the strength of the encryption that will be applied by the CPU when transmitting the data to computer 24.
  • To avoid this sort of scenario in the present embodiment, an encryption processor 46 associated with keyboard 30 encrypts data entered by the user via keys 32 when the encrypted mode is selected by switch 34. Keys 32 generate respective data signals when depressed by the user, as is known in the art. These data signals are digitized and, optionally, held in a buffer 50. The digitized data signals are then encoded by encryption processor 46, using an appropriate encryption key and program instructions stored in a program memory 48. The encryption processor may comprise a programmable processing device, such as a microprocessor or field-programmable gate array (FPGA), or it may alternatively comprise a hard-coded logic device.
  • In the embodiment shown in FIG. 2, encryption processor 46 is integrated with keyboard 30, typically within the keyboard package. Alternatively, the encryption processor may be packaged separately from the keyboard. For example, the encryption processor, along with switch 34, LED 36 and memory 48, may be packaged in a plug-in device (not shown in the figures), which has appropriate input and output connectors for coupling between a conventional keyboard and the keyboard input to console 26. The encryption function of processor 46 may be engaged or bypassed depending on the setting of the switch. Functionally, the combination of a conventional keyboard with this sort of plug-in device constitutes an input device with equivalent capabilities to those of the integrated keyboard of FIGS. 1 and 2.
  • In normal operation, the user maintains switch 34 in the clear position, so that the user can interact with computer 20 via keyboard 30 in the conventional manner. From time to time, however, the user may toggle switch 34 to the encryption mode, whereupon encryption processor 46 will output encrypted data to CPU 40. The CPU in this case is unable to decipher the encrypted data (and cannot access the unencrypted data signals in the keyboard). Rather, the CPU stores the encrypted data in memory 44 or transmits the encrypted data via communication interface 42 in accordance with instructions received by the CPU.
  • For example, in a secure communication session between computer 20 and remote computer 24, the user of computer 20 may flip switch 34 to the encryption mode position before inputting some particularly sensitive item of information, such as a password or account number. Software running on computer 20 may cause CPU 40 to generate a data packet for transmission to computer 24, and to insert the encrypted data that were entered via keyboard 30 into the payload of the packet before transmission. Computer 24 holds the necessary key to decrypt the payload upon reception, but CPU 40 does not have access to the key. Therefore, even if a hacker were to gain control over the CPU and copy the data transmitted to computer 24, the hacker will still have no way of deciphering the encrypted payload data.
  • FIG. 3 is a flow chart that schematically illustrates a method for inputting encrypted data to computer 20 using keyboard 30, in accordance with an embodiment of the present invention. The purpose of this method is to ensure that the user of computer 20 actuates switch 34 at the appropriate times, so that secret data are input to the computer from the keyboard only in encrypted form. (“Secret data” in this context does not necessarily include all confidential data that the user may input, but rather those items of confidential data that are to be encrypted by the keyboard in order to protect against security breaches that may occur within the computer, as explained above.) The method described hereinbelow is meant to train the user, by negative reinforcement, to flip switch 34 before entering secret data, even without active prompting by the computer.
  • The method of FIG. 3 is typically carried out by a software agent running on computer 20. The agent monitors interaction between the user and the computer in order to identify data fields requiring encrypted input and to track user input to these fields. The term “agent” is used here, for convenience and clarity, to refer to the software that performs the functions of monitoring and training that are described herein, and should be understood broadly to mean any sort of software that is capable of causing computer 20 to carry out these functions. The software for this purpose may be downloaded to computer 20 in electronic form, over network 22, for example. Alternatively or additionally, the software may be provide and/or stored on tangible media, such as optical, magnetic or electronic memory media. The software may run either on CPU 40 or on an embedded processor in the input device (such as processor 46 in keyboard 30), or on the CPU and embedded processor in collaboration.
  • The method carried out by the software agent trains the user to engage the encryption capabilities of keyboard 30 in such a way that even if the software agent is later deactivated or removed from the computer entirely (whether intentionally or accidentally), the user will already have acquired the habit of flipping the encryption switch at the appropriate times without further prompting.
  • In an example scenario, the software agent may monitor interaction between the user of computer 20 and the Web site of a bank where the user has an account. (In this example, remote computer 24 may be the bank's server.) In the course of this interaction, computer 20 presents a field on display 28 that requires secret data to be input securely, at an input display step 52. The secret data may comprise a password, for instance. Standing instructions from the bank indicate that the user is required to flip switch 34 to the encrypted mode before typing in the secret data.
  • The user begins to input the secret data, at a data input step 54. The software agent checks the steam of input data, at an encryption checking step 56. If possible, this step is carried out on the fly, as the user inputs the data, rather than waiting for all of the data to be transferred to memory 44. As long as the input data are encrypted, the agent takes no action. In this case, the encrypted data are typically transferred temporarily to memory 44 and are then transmitted by CPU 40 to computer 24 at the appropriate time (such as when the user presses the “ENTER” key), at a data transfer step 58. Alternatively, the encrypted data may be stored on computer 20 or otherwise output as required by the application.
  • On the other hand, if the software agent detects at step 56 that the incoming data are not encrypted, the agent takes preventive action. As one example, the agent may issue an alert to the user, at a user prompt step 60. For example, the agent may cause a warning to appear on display 28, prompting the user to flip switch 34 and repeat the data input. Alternatively or additionally, the agent may cause computer 20 to issue an audible alarm. Optionally, the agent may intervene and prevent further unencrypted input from being sent to the computer, either by preventing the computer from accepting the further input or preventing the input device from transmitting it. In any case, upon receiving the alert, the user is required to flip switch 34 and then repeat step 54. Before inputting the data, the user will now check to make sure LED 36 is lit, thus indicating that keyboard 30 is operating in encrypted mode. The user may alternatively have the option of continuing in clear mode if necessary.
  • The mode of training described above, using negative reinforcement, may be preferable to positively prompting the user for the sake of building proper user habits: If the user were positively prompted to flip the encryption switch before inputting secret data, the user could easily become dependent on the prompt as a memory aid.
  • Subsequently, if the prompt were turned off, due to malicious intervention by a hacker, for example, the user would be likely to forget to flip switch 34. On the other hand, the mild nuisance created by negative reinforcement in the method of FIG. 3 will encourage and accustom the user to flip the switch and observe LED 36 before inputting secret data, and will thus tend to make the user less dependent on actual prompting.
  • Although the description above relates to uses of embodiments of the present invention in preventing unauthorized access to unencrypted data, the architecture and methods associated with these embodiments may also be useful in enhancing the efficiency and reliability of other sorts of encryption processes. It will thus be appreciated that the embodiments described above are cited by way of example, and that the present invention is not limited to what has been particularly shown and described hereinabove. Rather, the scope of the present invention includes both combinations and subcombinations of the various features described hereinabove, as well as variations and modifications thereof which would occur to persons skilled in the art upon reading the foregoing description and which are not disclosed in the prior art.

Claims (32)

1. A computer input device for operation with a computer, comprising:
an input transducer, which is coupled to receive an input from a user and to generate a data signal responsively to the input;
an encryption processor, which is coupled to process the data signal so as to output data to the computer, and which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
a mode switch, which is operative so as to switch between the first and second operational modes of the encryption processor; and
an output transducer, which is coupled to provide to the user an indication of whether the encryption processor is in the first or the second operational mode.
2. The device according to claim 1, wherein the input transducer comprises a text input device.
3. The device according to claim 2, wherein the text input transducer comprises a keyboard.
4. The device according to claim 1, wherein the mode switch is operable by a user of the device.
5. The device according to claim 4, wherein the mode switch comprises a manually-operable switch.
6. The device according to claim 1, wherein the data signal is not accessible to the computer except in the data output by the encryption processor.
7. The device according to claim 1, wherein the output transducer comprises a lamp.
8. The device according to claim 1, wherein the output transducer comprises an alphanumeric display.
9. The device according to claim 1, wherein the output transducer comprises an audio transducer.
10. The device according to claim 1, wherein the output transducer causes a visible mode change in the input device.
11. A method for inputting data to a computer, comprising:
receiving a data signal from an input transducer responsively to an input by a user;
processing the data signal so as to generate data for output to the computer using an encryption processor, which has a first operational mode in which the encryption processor encrypts the data signal using an encryption key not accessible to the computer so that the data are unintelligible to the computer, and a second operational mode in which the data are intelligible to the computer;
setting a mode switch so as to select one of the first and second operational modes;
presenting to the user an indication of whether the encryption processor is in the first or the second operational mode; and
outputting the data to the computer in accordance with the selected one of the operational modes.
12. The method according to claim 11, wherein the input transducer comprises a text input device.
13. The method according to claim 12, wherein the text input transducer comprises a keyboard.
14. The method according to claim 11, wherein the mode switch is manually operable by the user.
15. The method according to claim 11, wherein the data signal is not accessible to the computer except in the data output by the encryption processor.
16. A method for inputting data to a computer, comprising:
receiving data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted;
detecting that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted; and
initiating a preventive action responsively to detecting that the data input is unencrypted.
17. The method according to claim 16, wherein initiating the preventive action comprises preventing further unencrypted data from being sent from the input device to the computer.
18. The method according to claim 16, wherein initiating the preventive action comprises issuing an alert from the computer to the user.
19. The method according to claim 18, wherein issuing the alert comprises instructing the user to switch the input device from the second to the first operational mode and repeat the data input.
20. The method according to claim 19, wherein the input device comprises a mode switch, which is operable by the user so as to switch from the second to the first operational mode, and an output transducer, which is coupled to provide to the user an indication that the input device is in the first operational mode.
21. The method according to claim 19, wherein the computer does not alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
22. The method according to claim 16, wherein receiving the data input comprises receiving, in the first operational mode, data that have been encrypted using an encryption key not accessible to the computer so that the data are unintelligible to the computer.
23. Computing apparatus, comprising:
an input device having a first user-selectable operational mode in which the input device encrypts data input made to the device by the user and a second user-selectable operational mode in which the data input is unencrypted; and
a computer, which is coupled to receive the data input from the input device, and is configured to detect that the data input made by the user for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
24. The apparatus according to claim 23, wherein the preventive action comprises preventing further unencrypted data from being sent from the input device to the computer.
25. The apparatus according to claim 23, wherein the preventive action comprises issuing an alert from the computer to the user.
26. The apparatus according to claim 25, wherein the computer is configured to alert the user to switch the input device from the second to the first operational mode and repeat the data input upon detecting that the data input is unencrypted.
27. The apparatus according to claim 26, wherein the input device comprises a mode switch, which is operable by a user so as to switch from the second to the first operational mode, and an output transducer, which is coupled to provide to the user an indication that the input device is in the first operational mode.
28. The apparatus according to claim 26, wherein the computer is configured not to alert the user to switch the input device to the first operational mode until the unencrypted data input is detected.
29. The apparatus according to claim 23, wherein the input device is configured to encrypt the data, in the first operational mode, using an encryption key not accessible to the computer so that the data are unintelligible to the computer.
30. A computer software product, comprising a tangible computer-readable medium in which program instructions are stored, which instructions, when read by a computer, cause the computer to receive data input to the computer from an input device operated by a user, the input device having a first user-selectable operational mode in which the input device encrypts the data input and a second user-selectable operational mode in which the data input is unencrypted, and to detect that the data input made to the computer by the user via the input device for entry in a secret data field is unencrypted, and to initiate a preventive action responsively to detecting that the data input is unencrypted.
31. The product according to claim 30, wherein the preventive action comprises preventing further unencrypted data from being sent from the input device to the computer.
32. The product according to claim 30, wherein the preventive action comprises issuing an alert from the computer to the user.
US12/480,692 2006-12-12 2009-06-09 User interface for secure data entry Abandoned US20090300368A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
IL180020 2006-12-12
IL180020A IL180020A (en) 2006-12-12 2006-12-12 Encryption -and decryption-enabled interfaces
PCT/IL2007/001535 WO2008072234A2 (en) 2006-12-12 2007-12-11 Encryption- and decryption-enabled interfaces
IL192043 2008-10-06

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2007/001535 Continuation-In-Part WO2008072234A2 (en) 2006-12-12 2007-12-11 Encryption- and decryption-enabled interfaces

Publications (1)

Publication Number Publication Date
US20090300368A1 true US20090300368A1 (en) 2009-12-03

Family

ID=39512178

Family Applications (3)

Application Number Title Priority Date Filing Date
US12/518,276 Active 2029-04-25 US9268957B2 (en) 2006-12-12 2007-12-11 Encryption-and decryption-enabled interfaces
US12/480,692 Abandoned US20090300368A1 (en) 2006-12-12 2009-06-09 User interface for secure data entry
US14/512,496 Abandoned US20150082052A1 (en) 2006-12-12 2014-10-13 Encryption-enabled interfaces

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US12/518,276 Active 2029-04-25 US9268957B2 (en) 2006-12-12 2007-12-11 Encryption-and decryption-enabled interfaces

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14/512,496 Abandoned US20150082052A1 (en) 2006-12-12 2014-10-13 Encryption-enabled interfaces

Country Status (6)

Country Link
US (3) US9268957B2 (en)
EP (1) EP2119075B1 (en)
ES (1) ES2623434T3 (en)
HU (1) HUE032806T2 (en)
IL (1) IL180020A (en)
WO (1) WO2008072234A2 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080181409A1 (en) * 2007-01-31 2008-07-31 Zhuqiang Wang Method for guaranteeing security of critical data, terminal and secured chip
US20100180120A1 (en) * 2007-09-06 2010-07-15 Human Interface Security Ltd Information protection device
US20110202772A1 (en) * 2008-10-27 2011-08-18 Human Interface Security Ltd. Networked computer identity encryption and verification
US8756436B2 (en) 2007-01-16 2014-06-17 Waterfall Security Solutions Ltd. Secure archive
US8799809B1 (en) 2008-06-04 2014-08-05 United Services Automobile Association (Usaa) Systems and methods for key logger prevention security techniques
US20140244513A1 (en) * 2013-02-22 2014-08-28 Miguel Ballesteros Data protection in near field communications (nfc) transactions
US8826028B1 (en) * 2010-11-12 2014-09-02 Google Inc. Cryptography secure input device
WO2014145186A1 (en) * 2013-03-15 2014-09-18 Strikeforce Technologies, Inc. Methods and apparatus for securing user input in a mobile device
US20140358691A1 (en) * 2013-06-03 2014-12-04 Cloudwear, Inc. System for selecting and receiving primary and supplemental advertiser information using a wearable-computing device
US20160286158A1 (en) * 2015-03-26 2016-09-29 Olympus Corporation Information recording apparatus and tamper prevention method for information recording apparatus
US11461507B2 (en) * 2018-10-30 2022-10-04 Third Block Gear Systems and methods for secure peripherals
US11587073B1 (en) * 2017-12-15 2023-02-21 Worldpay, Llc Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL180020A (en) 2006-12-12 2013-03-24 Waterfall Security Solutions Ltd Encryption -and decryption-enabled interfaces
CA2767368C (en) 2009-08-14 2013-10-08 Azuki Systems, Inc. Method and system for unified mobile content protection
US20120079282A1 (en) * 2010-06-28 2012-03-29 Lionstone Capital Corporation Seamless end-to-end data obfuscation and encryption
US9185094B2 (en) 2012-03-01 2015-11-10 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission and restricted use of media content
US9559845B2 (en) * 2012-03-01 2017-01-31 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission of media content
US20130246800A1 (en) * 2012-03-19 2013-09-19 Microchip Technology Incorporated Enhancing Security of Sensor Data for a System Via an Embedded Controller
US8868927B1 (en) * 2012-08-14 2014-10-21 Google Inc. Method and apparatus for secure data input and output
US9246676B2 (en) 2013-11-22 2016-01-26 Cisco Technology, Inc. Secure access for encrypted data
KR102195900B1 (en) * 2013-12-20 2020-12-29 삼성전자주식회사 Method and apparatus for sending and receiving of encrypted message between devices
IL235175A (en) 2014-10-19 2017-08-31 Frenkel Lior Secure remote desktop
CN107592963B (en) 2015-05-19 2020-05-19 皇家飞利浦有限公司 Method and computing device for performing secure computations
IL250010B (en) * 2016-02-14 2020-04-30 Waterfall Security Solutions Ltd Secure connection with protected facilities
US11177958B2 (en) 2016-09-13 2021-11-16 Silverfort Ltd. Protection of authentication tokens
US10664606B2 (en) * 2017-05-19 2020-05-26 Leonard L. Drey System and method of controlling access to a document file
US11483147B2 (en) * 2020-01-23 2022-10-25 Bank Of America Corporation Intelligent encryption based on user and data properties
US11829452B2 (en) 2020-08-24 2023-11-28 Leonard L. Drey System and method of governing content presentation of multi-page electronic documents

Citations (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5388212A (en) * 1993-02-26 1995-02-07 Motorola Inc. Detecting unauthorized modification of communication unit based on comparison between stored hardware identification code and hardware identification code generated from operational platform identification code
US5822435A (en) * 1992-07-10 1998-10-13 Secure Computing Corporation Trusted path subsystem for workstations
US5825879A (en) * 1996-09-30 1998-10-20 Intel Corporation System and method for copy-protecting distributed video content
US6134661A (en) * 1998-02-11 2000-10-17 Topp; William C. Computer network security device and method
US6311272B1 (en) * 1997-11-17 2001-10-30 M-Systems Flash Disk Pioneers Ltd. Biometric system and techniques suitable therefor
US20020077990A1 (en) * 2000-12-20 2002-06-20 Pitney Bowes Inc. Method for reissuing indicium in a postage metering system
US6442607B1 (en) * 1998-08-06 2002-08-27 Intel Corporation Controlling data transmissions from a computer
US20020174010A1 (en) * 1999-09-08 2002-11-21 Rice James L. System and method of permissive data flow and application transfer
US20020188862A1 (en) * 2001-03-28 2002-12-12 Trethewey James R. Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers
US20030005295A1 (en) * 2001-06-29 2003-01-02 Girard Luke E. Method and apparatus to improve the protection of information presented by a computer
US20040024710A1 (en) * 2002-03-07 2004-02-05 Llavanya Fernando Secure input pad partition
US6738742B2 (en) * 1999-09-23 2004-05-18 International Business Machines Corporation Audio notification management system
US20040125077A1 (en) * 2002-10-03 2004-07-01 Ashton Jason A. Remote control for secure transactions
US6758404B2 (en) * 2001-08-03 2004-07-06 General Instrument Corporation Media cipher smart card
US20050015624A1 (en) * 2003-06-09 2005-01-20 Andrew Ginter Event monitoring and management
US20050057774A1 (en) * 2003-09-08 2005-03-17 Akeo Maruyama Printer server, client terminal, image forming apparatus, print data generating method, and computer product
US20050066186A1 (en) * 2003-09-20 2005-03-24 Gentle Christopher Reon Method and apparatus for an encrypting keyboard
US20050120214A1 (en) * 2003-12-02 2005-06-02 Microsoft Corporation Systems and methods for enhancing security of communication over a public network
US7069437B2 (en) * 1998-08-06 2006-06-27 Cryptek, Inc. Multi-level security network system
US20060161791A1 (en) * 2005-01-19 2006-07-20 Bennett Charles H Access-controlled encrypted recording system for site, interaction and process monitoring
US7100048B1 (en) * 2000-01-25 2006-08-29 Space Micro Inc. Encrypted internet and intranet communication device
US20060242423A1 (en) * 2005-04-22 2006-10-26 Kussmaul John W Isolated authentication device and associated methods
US20070028134A1 (en) * 2005-06-01 2007-02-01 Infineon Technologies Ag Communication device and method of transmitting data
US20070094430A1 (en) * 2005-10-20 2007-04-26 Speier Thomas P Method and apparatus to clear semaphore reservation
US7234158B1 (en) * 2002-04-01 2007-06-19 Microsoft Corporation Separate client state object and user interface domains
US20070180263A1 (en) * 2005-12-16 2007-08-02 David Delgrosso Identification and remote network access using biometric recognition
US20070180493A1 (en) * 2006-01-24 2007-08-02 Citrix Systems, Inc. Methods and systems for assigning access control levels in providing access to resources via virtual machines
US20070258595A1 (en) * 2004-03-11 2007-11-08 Universal Electronics Inc. Syncronizing Device-Specific Encrypted Data to and from Mobile Devices Using Detachable Storage Media
US20080059379A1 (en) * 2006-05-18 2008-03-06 Icache, Inc. Method and apparatus for biometrically secured encrypted data storage and retrieval
US20080065837A1 (en) * 2006-09-07 2008-03-13 Sodick Co., Ltd. Computerized numerical control system with human interface using low cost shared memory
US20080120511A1 (en) * 2006-11-17 2008-05-22 Electronic Data Systems Corporation Apparatus, and associated method, for providing secure data entry of confidential information
US20080144821A1 (en) * 2006-10-26 2008-06-19 Marvell International Ltd. Secure video distribution
US20080209216A1 (en) * 2005-09-30 2008-08-28 Kelly Thomas J Method and system for automated authentication of a device to a management node of a computer network
US20080263672A1 (en) * 2007-04-18 2008-10-23 Hewlett-Packard Development Company L.P. Protecting sensitive data intended for a remote application
US20080288475A1 (en) * 2007-05-17 2008-11-20 Sang-Heun Kim Method and system for automatically generating web page transcoding instructions
US20080288790A1 (en) * 2004-04-09 2008-11-20 Stephen Wilson Means and Method of Using Cryptographic Device to Combat Online Institution Identity Theft
US7523856B2 (en) * 1998-04-17 2009-04-28 Diebold Self-Service Systems Cash dispensing automated banking machine with flexible display
US20090150676A1 (en) * 2007-12-07 2009-06-11 Sherman Xuemin Chen Method and system for robust watermark insertion and extraction for digital set-top boxes
US7581097B2 (en) * 2003-12-23 2009-08-25 Lenovo Pte Ltd Apparatus, system, and method for secure communications from a human interface device
US20100324380A1 (en) * 2002-08-20 2010-12-23 Welch Allyn, Inc. Mobile medical workstation

Family Cites Families (147)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4213177A (en) 1978-04-24 1980-07-15 Texas Instruments Incorporated Eight bit standard connector bus for sixteen bit microcomputer using mirrored memory boards
US4214302A (en) 1978-04-24 1980-07-22 Texas Instruments Incorporated Eight bit standard connector bus for sixteen bit microcomputer
US4375665A (en) 1978-04-24 1983-03-01 Texas Instruments Incorporated Eight bit standard connector bus for sixteen bit microcomputer using mirrored memory boards
US4163289A (en) 1978-05-01 1979-07-31 Texas Instruments Incorporated Sixteen bit microcomputer memory boards for use with eight bit standard connector bus
DE3782819D1 (en) 1987-06-02 1993-01-07 Itt Ind Gmbh Deutsche CONTROL PROCESSOR.
US5185877A (en) 1987-09-04 1993-02-09 Digital Equipment Corporation Protocol for transfer of DMA data
JPH0294836A (en) 1988-09-30 1990-04-05 Aisin Seiki Co Ltd Privacy telephone communication controller
US5347579A (en) 1989-07-05 1994-09-13 Blandford Robert R Personal computer diary
US5163138A (en) 1989-08-01 1992-11-10 Digital Equipment Corporation Protocol for read write transfers via switching logic by transmitting and retransmitting an address
US4987595A (en) 1989-09-11 1991-01-22 Motorola, Inc. Secure cryptographic processor arrangement
US5289478A (en) 1991-03-11 1994-02-22 Fujitsu Limited Method and means for verification of write data
IL103062A (en) 1992-09-04 1996-08-04 Algorithmic Res Ltd Data processor security system
US5454039A (en) 1993-12-06 1995-09-26 International Business Machines Corporation Software-efficient pseudorandom function and the use thereof for encryption
US5835726A (en) 1993-12-15 1998-11-10 Check Point Software Technologies Ltd. System for securing the flow of and selectively modifying packets in a computer network
GB2285524B (en) 1994-01-11 1998-02-04 Advanced Risc Mach Ltd Data memory and processor bus
US5517569A (en) 1994-03-18 1996-05-14 Clark; Dereck B. Methods and apparatus for interfacing an encryption module with a personal computer
US5815577A (en) 1994-03-18 1998-09-29 Innovonics, Inc. Methods and apparatus for securely encrypting data in conjunction with a personal computer
US5530758A (en) 1994-06-03 1996-06-25 Motorola, Inc. Operational methods for a secure node in a computer network
US5548646A (en) 1994-09-15 1996-08-20 Sun Microsystems, Inc. System for signatureless transmission and reception of data packets between computer networks
US5748871A (en) 1995-08-11 1998-05-05 Symbios Logic Inc. Dual bus architecture for a storage device
US5829046A (en) 1995-10-27 1998-10-27 Emc Corporation On-line tape backup using an integrated cached disk array
US6331856B1 (en) 1995-11-22 2001-12-18 Nintendo Co., Ltd. Video game system with coprocessor providing high speed efficient 3D graphics and digital audio signal processing
JPH10178421A (en) 1996-10-18 1998-06-30 Toshiba Corp Packet processor, mobile computer, packet transferring method and packet processing method
JP3526524B2 (en) 1996-10-31 2004-05-17 松下電器産業株式会社 One-way data conversion device and device authentication system
US5940507A (en) 1997-02-11 1999-08-17 Connected Corporation Secure file archive through encryption key management
US5946399A (en) 1997-02-18 1999-08-31 Motorola, Inc. Fail-safe device driver and method
US5995628A (en) 1997-04-07 1999-11-30 Motorola, Inc. Failsafe security system and method
JP3710257B2 (en) 1997-06-10 2005-10-26 キヤノン株式会社 Camera control system, control method thereof, and storage medium storing program for executing control
US6289377B1 (en) 1997-11-10 2001-09-11 General Instrument Corporation Dynamic network configuration of a one-way adapter using a proxy agent that communicates with a resource server through a configured return path adapter
US6023570A (en) 1998-02-13 2000-02-08 Lattice Semiconductor Corp. Sequential and simultaneous manufacturing programming of multiple in-system programmable systems through a data network
GB9816503D0 (en) 1998-07-30 1998-09-23 Ncr Int Inc Self-service terminal
US6970183B1 (en) 2000-06-14 2005-11-29 E-Watch, Inc. Multimedia surveillance and monitoring system including network configuration
US6738388B1 (en) 1998-09-10 2004-05-18 Fisher-Rosemount Systems, Inc. Shadow function block interface for use in a process control network
US6317831B1 (en) 1998-09-21 2001-11-13 Openwave Systems Inc. Method and apparatus for establishing a secure connection over a one-way data path
US6167459A (en) 1998-10-07 2000-12-26 International Business Machines Corporation System for reassigning alias addresses to an input/output device
US6170023B1 (en) 1998-10-07 2001-01-02 International Business Machines Corporation System for accessing an input/output device using multiple addresses
US6202095B1 (en) 1998-10-07 2001-03-13 International Business Machines Corporation Defining characteristics between processing systems
US6185638B1 (en) 1998-10-07 2001-02-06 International Business Machines Corporation Method and system for dynamically assigning addresses to an input/output device
US6467009B1 (en) 1998-10-14 2002-10-15 Triscend Corporation Configurable processor system unit
US6615244B1 (en) 1998-11-28 2003-09-02 Tara C Singhal Internet based archive system for personal computers
US6275891B1 (en) 1999-02-25 2001-08-14 Lsi Logic Corporation Modular and scalable system for signal and multimedia processing
US6957330B1 (en) 1999-03-01 2005-10-18 Storage Technology Corporation Method and system for secure information handling
KR20010011667A (en) 1999-07-29 2001-02-15 이종우 Keyboard having secure function and system using the same
DE10033673B4 (en) 1999-08-17 2005-10-20 Ibm Method for archiving and delivering documents using a central archive system
US6643701B1 (en) 1999-11-17 2003-11-04 Sun Microsystems, Inc. Method and apparatus for providing secure communication with a relay in a network
US6601170B1 (en) 1999-12-30 2003-07-29 Clyde Riley Wallace, Jr. Secure internet user state creation method and system with user supplied key and seeding
CA2314573C (en) 2000-01-13 2009-09-29 Z.I. Probes, Inc. System for acquiring data from a facility and method
US6601126B1 (en) 2000-01-20 2003-07-29 Palmchip Corporation Chip-core framework for systems-on-a-chip
US6915435B1 (en) 2000-02-09 2005-07-05 Sun Microsystems, Inc. Method and system for managing information retention
US6636838B1 (en) 2000-02-23 2003-10-21 Sun Microsystems, Inc. Content screening with end-to-end encryption
JP2001285296A (en) 2000-03-29 2001-10-12 Fujitsu Ltd Repeater
EP1158743B1 (en) 2000-05-23 2008-07-09 Hitachi, Ltd. Computing system with remote copy facility
US6931549B1 (en) 2000-05-25 2005-08-16 Stamps.Com Method and apparatus for secure data storage and retrieval
US6862663B1 (en) 2000-06-30 2005-03-01 Intel Corporation Cache having a prioritized replacement technique and method therefor
EP1524815B1 (en) 2000-08-25 2009-09-23 Research In Motion Limited System and method for implementing an enhanced transport layer security protocol
US7734724B2 (en) 2000-09-06 2010-06-08 Xanboo Inc. Automated upload of content based on captured event
US6986061B1 (en) 2000-11-20 2006-01-10 International Business Machines Corporation Integrated system for network layer security and fine-grained identity-based access control
US20020064282A1 (en) 2000-11-29 2002-05-30 Dmitrii Loukianov Decryption key management in remote nodes
AU2002222739A1 (en) 2000-12-09 2002-07-01 Markany Inc. Network camera apparatus, network camera server and digital video recorder for preventing forgery and alteration of digital image, and apparatus for authenticating the digital image from said apparatus, and method thereof
US20020112181A1 (en) 2000-12-12 2002-08-15 Smith Mark Elwin Multilevel secure network access system
US7165096B2 (en) 2000-12-22 2007-01-16 Data Plow, Inc. Storage area network file system
GB2371125A (en) 2001-01-13 2002-07-17 Secr Defence Computer protection system
US7392541B2 (en) 2001-05-17 2008-06-24 Vir2Us, Inc. Computer system architecture and method providing operating-system independent virus-, hacker-, and cyber-terror-immune processing environments
JP4226231B2 (en) 2001-06-13 2009-02-18 株式会社日立国際電気 Video signal processing system
US6941575B2 (en) 2001-06-26 2005-09-06 Digeo, Inc. Webcam-based interface for initiating two-way video communication and providing access to cached video
US7162630B2 (en) 2001-08-31 2007-01-09 Adaptec, Inc. Systems and methods for implementing host-based security in a computer network
US7009530B2 (en) 2001-09-13 2006-03-07 M&Fc Holding, Llc Modular wireless fixed network for wide-area metering data collection and meter module apparatus
GB2385951A (en) 2001-09-21 2003-09-03 Sun Microsystems Inc Data encryption and decryption
US6671525B2 (en) 2001-12-13 2003-12-30 Motorola, Inc. Beacon assisted hybrid asynchronous wireless communications protocol
JP4122777B2 (en) 2002-01-18 2008-07-23 日本ビクター株式会社 Content recording / playback device
US7324515B1 (en) 2002-03-27 2008-01-29 Cisco Technology, Inc. Proxy addressing scheme for cable networks
JP2003280826A (en) 2002-03-27 2003-10-02 Hitachi Ltd Storage sub-system
JP4447821B2 (en) 2002-04-15 2010-04-07 ソニー株式会社 Information processing apparatus and method
US7679649B2 (en) 2002-04-19 2010-03-16 Ralston John D Methods for deploying video monitoring applications and services across heterogenous networks
JP3764125B2 (en) 2002-04-26 2006-04-05 富士通株式会社 Gateway, communication terminal device, and communication control program
FI113121B (en) 2002-05-30 2004-02-27 Metso Automation Oy Systems, data communication networks and a method for transmitting information
US7366894B1 (en) 2002-06-25 2008-04-29 Cisco Technology, Inc. Method and apparatus for dynamically securing voice and other delay-sensitive network traffic
US20040080615A1 (en) 2002-08-21 2004-04-29 Strategic Vista Intenational Inc. Digital video security system
JP2004133733A (en) 2002-10-11 2004-04-30 Sony Corp Display device, display method, and program
KR20040079596A (en) 2003-03-08 2004-09-16 주식회사 성진씨앤씨 Network camera embedded with hub
US7418600B2 (en) 2003-03-13 2008-08-26 International Business Machines Corporation Secure database access through partial encryption
CN1764883A (en) 2003-03-24 2006-04-26 松下电器产业株式会社 Data protection management apparatus and data protection management method
US7798900B2 (en) * 2003-04-03 2010-09-21 Igt Secure gaming system
US8234504B2 (en) 2003-04-15 2012-07-31 Broadcom Corporation Method and system for data encryption and decryption
US6842133B2 (en) 2003-04-30 2005-01-11 Intel Corporation Strobe through differential signaling
WO2004105297A2 (en) 2003-05-19 2004-12-02 Network Security Technologies, Inc. Method and system for providing secure one-way transfer of data
JP2004343627A (en) 2003-05-19 2004-12-02 Canon Inc Digital camera
US7260833B1 (en) 2003-07-18 2007-08-21 The United States Of America As Represented By The Secretary Of The Navy One-way network transmission interface unit
US7266847B2 (en) 2003-09-25 2007-09-04 Voltage Security, Inc. Secure message system with remote decryption service
US7792300B1 (en) 2003-09-30 2010-09-07 Oracle America, Inc. Method and apparatus for re-encrypting data in a transaction-based secure storage system
US7685436B2 (en) 2003-10-02 2010-03-23 Itt Manufacturing Enterprises, Inc. System and method for a secure I/O interface
US20050085964A1 (en) 2003-10-21 2005-04-21 Knapp Benjamin P. Network coupled diagnosis and maintenance system
US7280956B2 (en) 2003-10-24 2007-10-09 Microsoft Corporation System, method, and computer program product for file encryption, decryption and transfer
US7587591B2 (en) 2003-10-31 2009-09-08 Juniper Networks, Inc. Secure transport of multicast traffic
US8010789B2 (en) 2003-11-13 2011-08-30 Lantronix, Inc. Secure data transfer using an embedded system
JP4450609B2 (en) 2003-11-28 2010-04-14 株式会社日立製作所 Storage device
WO2005059623A1 (en) 2003-12-19 2005-06-30 Hitachi Metals, Ltd. Optical switch
JP4859348B2 (en) 2004-02-18 2012-01-25 大日本印刷株式会社 Computer system
US7120723B2 (en) 2004-03-25 2006-10-10 Micron Technology, Inc. System and method for memory hub-based expansion bus
US7119678B2 (en) 2004-05-26 2006-10-10 Honeywell International, Inc. Wireless light sensor input to a security system
US7761529B2 (en) 2004-06-30 2010-07-20 Intel Corporation Method, system, and program for managing memory requests by devices
US7254663B2 (en) 2004-07-22 2007-08-07 International Business Machines Corporation Multi-node architecture with daisy chain communication link configurable to operate in unidirectional and bidirectional modes
US7200693B2 (en) 2004-08-27 2007-04-03 Micron Technology, Inc. Memory system and method having unidirectional data buses
JP4555040B2 (en) 2004-09-22 2010-09-29 株式会社日立製作所 Storage device and storage device write access processing method
JP4555046B2 (en) 2004-10-15 2010-09-29 ヒタチグローバルストレージテクノロジーズネザーランドビーブイ Data transfer system and data transfer method
US7441060B2 (en) 2004-10-29 2008-10-21 International Business Machines Corporation System, method and storage medium for providing a service interface to a memory system
JP4520840B2 (en) 2004-12-02 2010-08-11 株式会社日立製作所 Encrypted communication relay method, gateway server device, encrypted communication program, and encrypted communication program storage medium
JP4618785B2 (en) * 2004-12-24 2011-01-26 株式会社日立製作所 Data processing system and method
US7761704B2 (en) 2005-03-17 2010-07-20 Oracle International Corporation Method and apparatus for expiring encrypted data
US7269704B2 (en) 2005-03-30 2007-09-11 Atmel Corporation Method and apparatus for reducing system inactivity during time data float delay and external memory write
US8069250B2 (en) 2005-04-28 2011-11-29 Vmware, Inc. One-way proxy system
US8041832B2 (en) 2005-05-05 2011-10-18 Verizon Services Corp. Network data distribution system and method
US7941860B2 (en) 2005-05-13 2011-05-10 Intel Corporation Apparatus and method for content protection using one-way buffers
US20060288010A1 (en) 2005-05-20 2006-12-21 Jeffrey Chen Networking at a convention
US20070063866A1 (en) 2005-06-02 2007-03-22 Andisa Technologies, Inc. Remote meter monitoring and control system
US20060294295A1 (en) 2005-06-24 2006-12-28 Yukio Fukuzo DRAM chip device well-communicated with flash memory chip and multi-chip package comprising such a device
US20070028027A1 (en) 2005-07-26 2007-02-01 Micron Technology, Inc. Memory device and method having separate write data and read data buses
JP4764103B2 (en) 2005-08-18 2011-08-31 株式会社東芝 Content data distribution system and information processing apparatus
US7716467B1 (en) 2005-12-02 2010-05-11 Sprint Communications Company L.P. Encryption gateway service
EP1802030A1 (en) 2005-12-23 2007-06-27 Nagracard S.A. Secure system-on-chip
US8046821B2 (en) 2006-02-13 2011-10-25 Qualcomm Incorporated Mechanism and method for controlling network access to a service provider
US7441102B2 (en) 2006-02-28 2008-10-21 Freescale Semiconductor, Inc. Integrated circuit with functional state configurable memory and method of configuring functional states of the integrated circuit memory
US7849330B2 (en) 2006-03-20 2010-12-07 Hitachi, Ltd. Apparatus and method for secure data disposal
JPWO2007116487A1 (en) 2006-03-31 2009-08-20 富士通株式会社 MEMORY DEVICE, ERROR CORRECTION SUPPORT METHOD, ITS SUPPORT PROGRAM, MEMORY CARD, CIRCUIT BOARD AND ELECTRONIC DEVICE
US7814316B1 (en) 2006-04-14 2010-10-12 Oracle America, Inc. System, method and data storage device for encrypting data
US7675867B1 (en) 2006-04-19 2010-03-09 Owl Computing Technologies, Inc. One-way data transfer system with built-in data verification mechanism
US20070283297A1 (en) 2006-05-30 2007-12-06 Thomas Hein Signal processing circuit
EP2035948B1 (en) 2006-06-27 2016-04-13 Waterfall Security Solutions Ltd. Unidirectional secure links from and to a security engine
US20080005325A1 (en) 2006-06-28 2008-01-03 Microsoft Corporation User communication restrictions
IL177756A (en) 2006-08-29 2014-11-30 Lior Frenkel Encryption-based attack prevention
US20080066192A1 (en) 2006-09-07 2008-03-13 International Business Machines Corporation Keyless copy of encrypted data
US7660959B2 (en) 2006-09-28 2010-02-09 International Business Machines Corporation Managing encryption for volumes in storage pools
IL180020A (en) 2006-12-12 2013-03-24 Waterfall Security Solutions Ltd Encryption -and decryption-enabled interfaces
US20080155273A1 (en) 2006-12-21 2008-06-26 Texas Instruments, Inc. Automatic Bus Encryption And Decryption
WO2008074533A1 (en) 2006-12-21 2008-06-26 International Business Machines Corporation Training coordinator device and method
IL180748A (en) 2007-01-16 2013-03-24 Waterfall Security Solutions Ltd Secure archive
US7649452B2 (en) 2007-06-29 2010-01-19 Waterfall Solutions Ltd. Protection of control networks using a one-way link
US7992209B1 (en) 2007-07-19 2011-08-02 Owl Computing Technologies, Inc. Bilateral communication using multiple one-way data links
US7698470B2 (en) 2007-08-06 2010-04-13 Qimonda Ag Integrated circuit, chip stack and data processing system
US7941828B2 (en) 2007-08-24 2011-05-10 The Boeing Company Method and apparatus for simultaneous viewing of two isolated data sources
US8223205B2 (en) 2007-10-24 2012-07-17 Waterfall Solutions Ltd. Secure implementation of network-based sensors
US8046443B2 (en) 2008-08-21 2011-10-25 Red Hat, Inc. Rapid deployment remote network monitor
US8583979B1 (en) 2008-10-17 2013-11-12 Sk Hynix Memory Solutions Inc. Multiple interleavers in a coding system
IL194943A0 (en) 2008-10-27 2009-09-22 Human Interface Security Ltd Verification of data transmitted by computer
US9098210B2 (en) 2009-10-29 2015-08-04 Oracle America, Inc. Automatically linking partitions on a tape media device
WO2012144041A1 (en) 2011-04-20 2012-10-26 富士通株式会社 Relay apparatus and recovery method
US8615656B2 (en) 2012-01-09 2013-12-24 The Mitre Corporation Secure remote peripheral encryption tunnel

Patent Citations (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5822435A (en) * 1992-07-10 1998-10-13 Secure Computing Corporation Trusted path subsystem for workstations
US5388212A (en) * 1993-02-26 1995-02-07 Motorola Inc. Detecting unauthorized modification of communication unit based on comparison between stored hardware identification code and hardware identification code generated from operational platform identification code
US5825879A (en) * 1996-09-30 1998-10-20 Intel Corporation System and method for copy-protecting distributed video content
US6311272B1 (en) * 1997-11-17 2001-10-30 M-Systems Flash Disk Pioneers Ltd. Biometric system and techniques suitable therefor
US6134661A (en) * 1998-02-11 2000-10-17 Topp; William C. Computer network security device and method
US7523856B2 (en) * 1998-04-17 2009-04-28 Diebold Self-Service Systems Cash dispensing automated banking machine with flexible display
US6442607B1 (en) * 1998-08-06 2002-08-27 Intel Corporation Controlling data transmissions from a computer
US7069437B2 (en) * 1998-08-06 2006-06-27 Cryptek, Inc. Multi-level security network system
US20020174010A1 (en) * 1999-09-08 2002-11-21 Rice James L. System and method of permissive data flow and application transfer
US6738742B2 (en) * 1999-09-23 2004-05-18 International Business Machines Corporation Audio notification management system
US7100048B1 (en) * 2000-01-25 2006-08-29 Space Micro Inc. Encrypted internet and intranet communication device
US20020077990A1 (en) * 2000-12-20 2002-06-20 Pitney Bowes Inc. Method for reissuing indicium in a postage metering system
US20020188862A1 (en) * 2001-03-28 2002-12-12 Trethewey James R. Method and system for automatic invocation of secure sockets layer encryption on a parallel array of Web servers
US20030005295A1 (en) * 2001-06-29 2003-01-02 Girard Luke E. Method and apparatus to improve the protection of information presented by a computer
US6758404B2 (en) * 2001-08-03 2004-07-06 General Instrument Corporation Media cipher smart card
US20040024710A1 (en) * 2002-03-07 2004-02-05 Llavanya Fernando Secure input pad partition
US7234158B1 (en) * 2002-04-01 2007-06-19 Microsoft Corporation Separate client state object and user interface domains
US20100324380A1 (en) * 2002-08-20 2010-12-23 Welch Allyn, Inc. Mobile medical workstation
US20040125077A1 (en) * 2002-10-03 2004-07-01 Ashton Jason A. Remote control for secure transactions
US20050015624A1 (en) * 2003-06-09 2005-01-20 Andrew Ginter Event monitoring and management
US20050057774A1 (en) * 2003-09-08 2005-03-17 Akeo Maruyama Printer server, client terminal, image forming apparatus, print data generating method, and computer product
US20050066186A1 (en) * 2003-09-20 2005-03-24 Gentle Christopher Reon Method and apparatus for an encrypting keyboard
US20050120214A1 (en) * 2003-12-02 2005-06-02 Microsoft Corporation Systems and methods for enhancing security of communication over a public network
US7581097B2 (en) * 2003-12-23 2009-08-25 Lenovo Pte Ltd Apparatus, system, and method for secure communications from a human interface device
US20070258595A1 (en) * 2004-03-11 2007-11-08 Universal Electronics Inc. Syncronizing Device-Specific Encrypted Data to and from Mobile Devices Using Detachable Storage Media
US20080288790A1 (en) * 2004-04-09 2008-11-20 Stephen Wilson Means and Method of Using Cryptographic Device to Combat Online Institution Identity Theft
US20060161791A1 (en) * 2005-01-19 2006-07-20 Bennett Charles H Access-controlled encrypted recording system for site, interaction and process monitoring
US20060242423A1 (en) * 2005-04-22 2006-10-26 Kussmaul John W Isolated authentication device and associated methods
US20070028134A1 (en) * 2005-06-01 2007-02-01 Infineon Technologies Ag Communication device and method of transmitting data
US20080209216A1 (en) * 2005-09-30 2008-08-28 Kelly Thomas J Method and system for automated authentication of a device to a management node of a computer network
US20070094430A1 (en) * 2005-10-20 2007-04-26 Speier Thomas P Method and apparatus to clear semaphore reservation
US20070180263A1 (en) * 2005-12-16 2007-08-02 David Delgrosso Identification and remote network access using biometric recognition
US20070180493A1 (en) * 2006-01-24 2007-08-02 Citrix Systems, Inc. Methods and systems for assigning access control levels in providing access to resources via virtual machines
US20080059379A1 (en) * 2006-05-18 2008-03-06 Icache, Inc. Method and apparatus for biometrically secured encrypted data storage and retrieval
US20080065837A1 (en) * 2006-09-07 2008-03-13 Sodick Co., Ltd. Computerized numerical control system with human interface using low cost shared memory
US20080144821A1 (en) * 2006-10-26 2008-06-19 Marvell International Ltd. Secure video distribution
US20080120511A1 (en) * 2006-11-17 2008-05-22 Electronic Data Systems Corporation Apparatus, and associated method, for providing secure data entry of confidential information
US20080263672A1 (en) * 2007-04-18 2008-10-23 Hewlett-Packard Development Company L.P. Protecting sensitive data intended for a remote application
US20080288475A1 (en) * 2007-05-17 2008-11-20 Sang-Heun Kim Method and system for automatically generating web page transcoding instructions
US20090150676A1 (en) * 2007-12-07 2009-06-11 Sherman Xuemin Chen Method and system for robust watermark insertion and extraction for digital set-top boxes

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8756436B2 (en) 2007-01-16 2014-06-17 Waterfall Security Solutions Ltd. Secure archive
US20080181409A1 (en) * 2007-01-31 2008-07-31 Zhuqiang Wang Method for guaranteeing security of critical data, terminal and secured chip
US8275134B2 (en) * 2007-01-31 2012-09-25 Lenovo (Beijing) Limited Method for guaranteeing security of critical data, terminal and secured chip
US20100180120A1 (en) * 2007-09-06 2010-07-15 Human Interface Security Ltd Information protection device
US10785256B1 (en) 2008-06-04 2020-09-22 United Services Automobile Association (Usaa) Systems and methods for key logger prevention security techniques
US9998493B1 (en) 2008-06-04 2018-06-12 United Services Automobile Association (Usaa) Systems and methods for key logger prevention security techniques
US8799809B1 (en) 2008-06-04 2014-08-05 United Services Automobile Association (Usaa) Systems and methods for key logger prevention security techniques
US11647044B1 (en) * 2008-06-04 2023-05-09 United Services Automobile Association (Usaa) Systems and methods for key logger prevention security techniques
US20110202772A1 (en) * 2008-10-27 2011-08-18 Human Interface Security Ltd. Networked computer identity encryption and verification
US8826028B1 (en) * 2010-11-12 2014-09-02 Google Inc. Cryptography secure input device
US20140244513A1 (en) * 2013-02-22 2014-08-28 Miguel Ballesteros Data protection in near field communications (nfc) transactions
WO2014145186A1 (en) * 2013-03-15 2014-09-18 Strikeforce Technologies, Inc. Methods and apparatus for securing user input in a mobile device
US20140281549A1 (en) * 2013-03-15 2014-09-18 Strikeforce Technologies, Inc. Methods and apparatus for securing user input in a mobile device
US20140358669A1 (en) * 2013-06-03 2014-12-04 Cloudwear, Inc. Method for selecting and receiving primary and supplemental advertiser information using a wearable-computing device
US20140358691A1 (en) * 2013-06-03 2014-12-04 Cloudwear, Inc. System for selecting and receiving primary and supplemental advertiser information using a wearable-computing device
US20160286158A1 (en) * 2015-03-26 2016-09-29 Olympus Corporation Information recording apparatus and tamper prevention method for information recording apparatus
US9930288B2 (en) * 2015-03-26 2018-03-27 Olympus Corporation Information recording apparatus and tamper prevention method for information recording apparatus
US11587073B1 (en) * 2017-12-15 2023-02-21 Worldpay, Llc Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting
US20230222497A1 (en) * 2017-12-15 2023-07-13 Worldpay, Llc Systems and methods for encryption and decryption service for electronic transaction monitoring and reporting
US11461507B2 (en) * 2018-10-30 2022-10-04 Third Block Gear Systems and methods for secure peripherals

Also Published As

Publication number Publication date
ES2623434T3 (en) 2017-07-11
IL180020A0 (en) 2007-12-03
US9268957B2 (en) 2016-02-23
EP2119075A4 (en) 2011-07-06
US20150082052A1 (en) 2015-03-19
EP2119075B1 (en) 2017-02-08
WO2008072234A3 (en) 2009-05-07
IL180020A (en) 2013-03-24
US20100278339A1 (en) 2010-11-04
EP2119075A2 (en) 2009-11-18
WO2008072234A2 (en) 2008-06-19
HUE032806T2 (en) 2017-11-28

Similar Documents

Publication Publication Date Title
US20090300368A1 (en) User interface for secure data entry
US7353393B2 (en) Authentication receipt
AU2009329836B2 (en) Digital video guard
EP3324572B1 (en) Information transmission method and mobile device
US8868927B1 (en) Method and apparatus for secure data input and output
US8769307B2 (en) Secure operation indicator
US20100313028A1 (en) Electronic Signature Method and Electronic Signature Tool
Nguyen et al. Cloud-based secure logger for medical devices
MXPA04001193A (en) Optical out-of-band key distribution.
US20110202772A1 (en) Networked computer identity encryption and verification
JP2008269610A (en) Protecting sensitive data intended for remote application
CN104270353B (en) information security transmission method and system, receiving terminal and sending terminal
US20180225428A1 (en) Secure recording and rendering of encrypted multimedia content
KR20160108136A (en) A Method and Apparatus For Providing a Secure Mode for User Device
TW201624330A (en) Encryption and decryption system and encryption and decryption method of electronic device
WO2023061320A1 (en) Device identifier counterfeiting prevention method and apparatus, and electronic device
CN113193956B (en) Account information processing method and device
EP2133810A2 (en) Computer input device, method for inputting data to a computer, computing apparatus and computer software product
AU2018202766A1 (en) A Process and Detachable Device for Using and Managing Encryption Keys
JP4140617B2 (en) Authentication system using authentication recording medium and method of creating authentication recording medium
CN206237438U (en) One kind encryption file security Transmission system
WO2016119437A1 (en) Data protection method and device, and mobile terminal
US20050141705A1 (en) Verification method of mobile communication system
JP2011097192A (en) Encrypted message transmission device, program, encrypted message transmission method, and authentication system
JP2005236809A (en) Method and device for decrypting image data

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION