Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for enabling a trusted dialog for collection of sensitive data

a trusted dialog and data technology, applied in the computer field, can solve the problems of insufficient methods and programs to prevent a rogue application from spoofing the appearance of a legitimate or trusted application, affecting the security of both the software platform and the user's sensitive data, and increasing the importance of protecting such data from exploitation

Inactive Publication Date: 2006-10-12
IBM CORP
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The present invention is a method for securely collecting sensitive data from a user. It involves storing a personal security token specified by the user and accessing it when an application is requested. The application is first determined to be a signed application. This method ensures that the input dialog is displayed with the personal security token and the identification of the signed application. Overall, this invention provides a trusted and secure way to collect sensitive data.

Problems solved by technology

Consequently, protection of such data from exploitation is becoming an increasingly important issue.
This is problematic in that a user may unintentionally install a rogue application, which can compromise the security of both the software platform and the user's sensitive data.
However, by their very nature, rogue applications are almost always given access to a display of the computing device.
This presents the potential problem of a rogue application spoofing the appearance of a legitimate or trusted application and soliciting sensitive data from a user, such as passwords or credit card numbers, which can then be exploited.
Currently employed techniques to prevent a rogue application spoofing the appearance of a legitimate or trusted application are insufficient.
However, such approach is limited by the fact that a rogue application may be signed making a lone test for signed code invoking dialog insufficient.
Again, this approach is limited also because a rogue application may spoof the appearance of the entire display screen including the “trusted” indicator.
This approach is non-intuitive and not user friendly.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for enabling a trusted dialog for collection of sensitive data
  • Method for enabling a trusted dialog for collection of sensitive data
  • Method for enabling a trusted dialog for collection of sensitive data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] Reference will now be made in detail to the presently preferred embodiments of the invention, examples of which are illustrated in the accompanying drawings.

[0014] Referring to FIGS. 1 and 2, a method for enabling a trusted dialog for collection of sensitive data in accordance with an embodiment of the present invention is discussed. The method 100 includes storing a personal security token specified by a user 102. In a present embodiment, a user of a computing device, such as a personal computer, personal digital assistant (PDA) and the like, during initial setup / login, is asked by the software platform of the computing device to enter or select a personal security token. For example, the software platform may cause a message or prompt to be generated and displayed on a display screen of the user's computing device asking the user to enter a personal security token. The personal security token is selected by the user, via keyboard or mouse entry, and is stored by a platform...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention is a method for enabling a trusted dialog for collection of sensitive data, including the steps of: storing a personal security token specified by a user; receiving an input dialog request from an application; determining whether the application is a signed application; and, if a determination is made that the application is a signed application, accessing the personal security token and allowing the input dialog to be displayed with the personal security token and signed application identification. The personal security token may be at least one of an audible recording or a set of vibratory motions.

Description

CROSS REFERENCE TO RELATED DOCUMENTS [0001] The present invention is a continuation-in-part under 35 U.S.C. § 120 of U.S. application Ser. No. 10 / 981,253, filed on Nov. 4, 2004 which is herein incorporated by reference in its entirety.FIELD OF INVENTION [0002] The present invention relates to the field of computing and particularly to a method and program for enabling a trusted dialog for collection of sensitive data. BACKGROUND OF THE INVENTION [0003] Computing devices are being utilized to perform an ever-increasing number of tasks, some of which involve a user entering and / or storing private or sensitive data, such as when performing online banking transactions, making an online purchase or monitoring personal finances. Consequently, protection of such data from exploitation is becoming an increasingly important issue. On many software platforms, users are allowed to install software. This is problematic in that a user may unintentionally install a rogue application, which can co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L9/32H04L9/00G06F12/14G06F17/30H04K1/00G06F12/00G06F7/04G06F13/00G06K9/00H03M1/68G06F7/58G06K19/00H04N7/16G11C7/00
CPCG06F21/31G06F21/51G06F2221/2119G06F21/82G06F21/6245
Inventor ROBBINS, JAMES P.ROGALSKI, MARK D.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com