Electrical computers and digital processing systems: support – System access control based on user identification by...
Reexamination Certificate
2011-08-09
2011-08-09
Arani, Taghi T. (Department: 2438)
Electrical computers and digital processing systems: support
System access control based on user identification by...
C713S183000, C713S184000, C713S185000, C713S186000, C713S168000, C713S169000, C713S170000, C713S171000, C713S172000, C713S173000, C713S174000, C726S002000, C726S003000, C726S004000, C726S005000, C726S006000, C726S007000, C726S008000, C726S027000, C726S028000, C726S029000, C726S030000, C709S227000, C709S228000, C709S229000
Reexamination Certificate
active
07996682
ABSTRACT:
Techniques are described herein for securely prompting a user to confirm sensitive operations, input sensitive information or the like. The techniques include receiving or intercepting calls from applications to prompting routines. When a call to a prompting routine is received or intercepted a hint may be provided to the user to switch to a secure desktop. When the user switches from the user desktop to the secure desktop the particular prompt is displayed. The input to the prompt is received on the secure desktop and verified to have been provided by the user. The user input or a representation of the input is then returned to the application running on the user desktop. Using these techniques, interception of prompting messages by malware does not result in sensitive information being revealed. Furthermore, spoofing of new messages by malware does not lead to the dismissal of critical prompting.
REFERENCES:
patent: 4885789 (1989-12-01), Burger et al.
patent: 4918653 (1990-04-01), Johri et al.
patent: 4945468 (1990-07-01), Carson et al.
patent: 6006333 (1999-12-01), Nielsen
patent: 6389535 (2002-05-01), Thomlinson et al.
patent: 6507909 (2003-01-01), Zurko et al.
patent: 7036022 (2006-04-01), Zurko et al.
patent: 7383570 (2008-06-01), Pinkas et al.
patent: 2003/0065940 (2003-04-01), Brezak et al.
patent: 2003/0217287 (2003-11-01), Kruglenko
patent: 2004/0221045 (2004-11-01), Joosten et al.
patent: 2005/0188210 (2005-08-01), Perlin et al.
patent: 2005/0193208 (2005-09-01), Charrette et al.
patent: 2007/0101435 (2007-05-01), Konanka et al.
patent: 2008/0214210 (2008-09-01), Rasanen et al.
Balmer, et al., “Analysis of Terminal Server Architectures for Thin Clients in a High Assurance Network”, 23rd National Information Systems Security Conference, 2000. 11 pages.
Mittra, et al., “A Flow-Based Approach to Datagram Security”, SIGCOMM 1997, Cannes, France, pp. 221-234.
Field Scott A.
Schutz Klaus U.
Thomlinson Matthew W.
Arani Taghi T.
Jeudy Josnel
Lee & Hayes PLLC
Microsoft Corporation
LandOfFree
Secure prompting does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure prompting, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure prompting will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2775263