Secure prompting
US7996682B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 17, 2005 |
| Grant date | Aug 9, 2011 |
| Priority date | — |
| Expiry date | Sep 29, 2028 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/57
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Techniques are described herein for securely prompting a user to confirm sensitive operations, input sensitive information or the like. The techniques include receiving or intercepting calls from applications to prompting routines. When a call to a prompting routine is received or intercepted a hint may be provided to the user to switch to a secure desktop. When the user switches from the user desktop to the secure desktop the particular prompt is displayed. The input to the prompt is received on the secure desktop and verified to have been provided by the user. The user input or a representation of the input is then returned to the application running on the user desktop. Using these techniques, interception of prompting messages by malware does not result in sensitive information being revealed. Furthermore, spoofing of new messages by malware does not lead to the dismissal of critical prompting.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.