Method and system for maintaining secure data input and output

Abstract

Methods and systems for enhancing the security of data during input and output on a client computer system are provided to prevent attempts by unauthorized code to access, intercept, and / or modify data. Example embodiments provide a plurality of obfuscation techniques and security enhanced drivers that use these obfuscation techniques to prohibit unauthorized viewing / receiving of valid data. When the drivers are used together with the various obfuscation techniques, the security enhanced drivers provide mechanisms for “scheduling” the content of the storage areas used to store the data so that valid data is not available to unauthorized recipients. When unauthorized recipients attempt to access the “data,” they perceive or receive obfuscated data. The obfuscation techniques described include “copy-in,”“replace and restore,” and “in-place replacement” de-obfuscation / re-obfuscation techniques. In one embodiment, a security enhanced display driver, a security enhanced mouse driver, a security enhanced keyboard driver, and a security enhanced audio driver are provided. To complement the security enhancements, the methods and systems also provide for a watchdog mechanism to ensure that the driver is functioning as it should be and various user interface techniques for denoting security on a display device.

Description

[0001] All of the above U.S. patents, U.S. patent application publications, U.S. patent applications, foreign patents, foreign patent applications and non-patent publications referred to in this specification and / or listed in the Application Data Sheet, including but not limited to, U.S. Provisional Patent Application No. 60 / 297,273 entitled “Method and System for Maintaining Secure Data Input and Output,” filed Jun. 8, 2001, U.S. patent application Ser. No. 09 / 726,202 entitled “Method and System for Controlling a Complementary User Interface on a Display Surface,” filed Nov. 28, 2000, and U.S. Pat. Nos. 6,018,332, entitled “Overscan User Interface,” issued on Jan. 25, 2000, and 6,330,010, entitled “Secondary User Interface,” issued on Dec. 11, 2001, are incorporated herein by reference, in their entirety.BACKGROUND OF THE INVENTION [0002] 1. Field of the Invention [0003] The present invention relates to methods and systems for maintaining the security of data in a computer-based en...

AI Technical Summary

Benefits of technology

[0007] Embodiments of the present invention provide computer-based methods and systems for enhancing the security of data during input and output on a client computer system in order to prohibit and / or frustrate attempts by illegitimate processes, applications, or machines to obtain data in an unauthorized fashion. For the purposes of this description, “data” includes digital bits or analog signals in a computer system transferred or stored for any purpose, including graphics, text, audio, video, input signals, output signals, etc. Example embodiments provide a plurality of obfuscation techniques and security enhanced, system level drivers that use these obfuscation techniques to prohibit unauthorized receivers / viewers of the data from receiving / viewing valid data. When these obfuscation techniques are used with the security enhanced drivers, the drivers can ensure that invalid data is always received / viewed by unauthorized recipients / viewers, thus preventing unauthorized hackers with access to valid data. Several obfuscation techniques by themselves offer varying levels of security.

Problems solved by technology

For the purposes of this description, the term “obfuscation” refers to any mechanism or technique for transforming or hiding valid data so that the valid data becomes difficult to view, intercept, process, or modify without proper authorization and thus, appears as invalid data when accessed in an unauthorized manner.

Images