Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-03-02
2001-02-20
Beausoliel, Jr., Robert W. (Department: 2785)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C345S215000
Reexamination Certificate
active
06192478
ABSTRACT:
TECHNICAL FIELD
The invention relates to the field of computer security.
BACKGROUND OF THE INVENTION
It is sometimes necessary to restrict the use of sensitive operations performed by a computer program to an authorized subset of the users of the program so that users not among the subset are prevented from using these “restricted operations.” As an example, in some cases it may be necessary to restrict the use of certain system administration operations (e.g., a Registry editor for altering the configuration of a computer system) of a computer program to members of a computer support staff, as improper use of such system administration operations by users not among the computer support staff can render a computer system inoperable.
Such restriction of the use of operations to an authorized subset of users is sometimes performed by requiring users to enter a secret password before they may use a restricted operation.
FIG. 1
is a display diagram showing the conventional use of a secret password to secure restricted operations. The display diagram shows a window
100
containing a field
101
in which a user attempting to use restricted operations of a program must type a secret password. If the user types a correct password into the field
101
, the user is permitted to use the restricted operations. If, on the other hand, the user does not type a correct password into the field
101
, the restricted operations are unavailable to the user.
While this secret password approach can be effective to prevent unauthorized users from using restricted operations, it has the disadvantage that it requires each authorized user to memorize a password. This requirement can be especially burdensome for users that are required to memorize several different passwords for various purposes. This requirement is also difficult for authorized users who use the restricted operations infrequently, since it is common for a user's memory of a secret password to fade if not reinforced by regular use.
In view of the above-mentioned shortcomings of the secret password approach to securing restricted operations, a facility capable of effectively restricting use of restricted operations to authorized users without requiring authorized users to memorize a password would have significant utility.
SUMMARY OF THE INVENTION
An embodiment of the present invention secures the use of restricted operations of a computer program, such as computer system administration operations, using a visual “key feature” which is not immediately conspicuous to the end user. In one embodiment, a security facility (“the facility”) secures the use of restricted operations by requiring users to select a visual key feature hidden in an ornamental image. For example, users may be required to select a button within an ornamental image of a computer, or to select a hollow within an ornamental image of a tree. The user preferably selects the key feature using a pointing device, such as a mouse. To enable a user to use the restricted operations, an administrator may point out or describe the key feature within the image to the user. To increase the level of security afforded to the restricted operations, some embodiments permit the facility to be configured to require certain additional key presses and/or button presses as part of the selection of the key feature. Other embodiments require the user to perform a specified type of gesture relative to the key feature, such as passing a pointer around the key feature in a small circle, or “dragging” from the key feature to another point within the image.
Embodiments of the invention serve to effectively secure the use of restricted operations without requiring authorized users to memorize a password. The image in which the key feature is hidden serves as a reminder to authorized users of how to access the restricted operations, but does not indicate to unauthorized users that the image contains a security mechanism, nor even that the restricted operations are available to any user. The image containing the key feature may serve one or more additional purposes, including ornamentation, advertising, or information.
REFERENCES:
patent: 5465084 (1995-11-01), Cottrell
patent: 5559961 (1996-09-01), Blonder
patent: 5608387 (1997-03-01), Davies
patent: 5821933 (1998-10-01), Keller et al.
patent: 0 677 801 A1 (1995-10-01), None
patent: 60-171560 (1985-09-01), None
patent: 61-142835 (1986-06-01), None
patent: 9-128208A (1997-05-01), None
Knowledge Adventure, Inc.,JumpStart Toddlers User's Guide,Knowledge Adventure, Inc., 1996, pp. 1-18.
Beausoliel, Jr. Robert W.
Dorsey & Whitney LLP
Micron Electronics Inc.
Revak Christopher
LandOfFree
Securing restricted operations of a computer program using a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Securing restricted operations of a computer program using a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Securing restricted operations of a computer program using a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2605170