Method and system for maintaining secure data input and output
Abstract
Methods and systems for enhancing the security of data during input and output on a client computer system are provided to prevent attempts by unauthorized code to access, intercept, and/or modify data. Example embodiments provide a plurality of obfuscation techniques and security enhanced drivers that use these obfuscation techniques to prohibit unauthorized viewing/receiving of valid data. When the drivers are used together with the various obfuscation techniques, the security enhanced drivers provide mechanisms for “scheduling” the content of the storage areas used to store the data so that valid data is not available to unauthorized recipients. When unauthorized recipients attempt to access the “data,” they perceive or receive obfuscated data. The obfuscation techniques described include “copy-in,” “replace and restore,” and “in-place replacement” de-obfuscation/re-obfuscation techniques. In one embodiment, a security enhanced display driver, a security enhanced mouse driver, a security enhanced keyboard driver, and a security enhanced audio driver are provided. To complement the security enhancements, the methods and systems also provide for a watchdog mechanism to ensure that the driver is functioning as it should be and various user interface techniques for denoting security on a display device.
Claims
exact text as granted — not AI-modified1 . A method in a computing environment for secure access to valid data, comprising:
storing valid data; and locking out other processes during activation of a resource to access of the stored valid data to thereby prevent other processes access to the valid data.
2 . The method of claim 1 wherein locking out comprises designating the access resource as the highest priority process in the computing environment wherein operation of the access resource prohibits any other process from operating.
3 . The method of claim 1 wherein the access process comprises dynamically obfuscating the valid data to create obfuscated data and dynamically de-obfuscating the obfuscated data to create valid data such that the valid data is accessible to only an authorized requester and obfuscated data is accessible otherwise.
4 . A method in a computing environment for incorporating a security enhanced driver into an existing operating system having a device driver that processes on of an input event and an output event, comprising:
modifying the device driver to store valid data and lock out other processes during activation of a resource to access of the stored valid data to thereby prevent other processes access to the valid data.
5 . A computer readable media containing computer instructions causing a computer to access to valid data by:
storing valid data; and locking out other processes during activation of a resource to access of the stored valid data to thereby prevent other processes access to the valid data.
6 . The computer readable media of claim 5 wherein locking out comprises designating the access resource as the highest priority process in the computing environment wherein operation of the access resource prohibits any other process from operating.
7 . The computer readable media of claim 5 wherein the access process comprises dynamically obfuscating the valid data to create obfuscated data and dynamically de-obfuscating the obfuscated data to create valid data such that the valid data is accessible to only an authorized requestor and obfuscated data is accessible otherwise.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.