A shortcoming in the prior art, recognized by this specification, is that there is a lack of a secure integration of the identity of the user to the protection of the user's data and the control of the user's computer.
Currently cryptography keys are stored on the user's computer or a chip executing the operating system, which is not secure.
For example, when Bob's computer communicates with Mary's computer, even when using well-implemented Public Key Infrastructure (PKI), Bob's computer can only be sure that it is communicating with Mary's computer.
Similarly, even Bob cannot be certain that the communications he sends Mary are the same as the communications that Mary receives as coming from him.
Sending a secure communication using Public Key Infrastructure (PKI) from one user machine to another user machine ensures communication between the user machines, but may not ensure secure communication between the users of the machines.
In the prior art, each computer cannot be assured of who controls the other computer.
Even the Trusted Platform Module (TPM) has the fundamental cyber security weakness of not knowing who controls the other computer with which a user may be in communication with or who controls the computer which contains the Trusted Platform Module.
Not knowing the other computer with which a current computer is in communication with may be a weakness that is significant when the operating system can directly access the TPM.
Another limitation and weakness of the TPM is that there is no mechanism for binding the identity of the user to the user's cryptography keys and other confidential information that should be bound to the user's true identity.
However, the web browser is where the important connection between authentication of a user and authorization of an action may be broken.
Since the user's computer can be hacked, the lack of a secure and direct link between authenticating the user's computer and authorizing the action may render the act of user verification irrelevant.
In the same way, if this on / off implementation occurs in an untrusted computing environment, then outstanding biometric algorithms and sensor(s) become irrelevant because the biometric authentication can be circumvented between the user authentication and the authorization or confidentiality part of the security system.
However, even with the use of biometrics, if the handling of the biometric information, the storage of the biometric data, or the control of actions based on a biometric verification is done on an unsecured user's computer, the value of the biometrics may be greatly reduced or nullified.
An additional aspect of the weakness of current authentication and authorization processes (such as those using biometrics) is that the action can be hijacked by executing a Trojan attack on the user's computer, for example.
An example of this weakness is the untrusted browser attack used to divert money from a user's bank account.
Since the web browser is executed on the user's computer, the browser cannot be trusted even when using PKI and one-time passcodes!
Yet the manager's computer had a hitchhiker.
Contemporary computers and electronic devices are particularly susceptible to malware attacks due to their processor architecture.
As a consequence, malware has to corrupt or transform only a single machine instruction to initiate execution of malignant code.
This is a deep vulnerability arising from current processor architecture and it cannot be easily rectified.
During machine execution, after the von Neumann machine program has been hijacked by malware, anti-virus software, that is supposed to check the program, might not get executed, may be disabled or in other cases may never detect the malware.
The sequential execution of von Neumann machine instructions hinders a digital computer program from protecting itself
These attacks are not easy to detect or prevent.
In particular, the RSA SecurID breach demonstrated that pseudo-random number generators (i.e., deterministic algorithms), typically used in two-factor authentication solutions cannot prevent “man-in-the-middle” attacks launched by malware.
Malware, however, has a significant weakness: malware is poor at recognizing visual images since computer algorithms cannot match the visual pattern recognition ability of the human brain.
This weakness makes static authentication factors vulnerable to phishing attacks in the host domain or security breaches in the network domain.