Browse Prior Art Database

Functionality of security warning for user while providing sensitive data based on external device changes detection

IP.com Disclosure Number: IPCOM000234165D
Publication Date: 2014-Jan-15
Document File: 3 page(s) / 43K

Publishing Venue

The IP.com Prior Art Database

Abstract

Unattended computers can be potentially used by intruders, where external peripherals like keyboard (connected to computer via Bluetooth or other wireless connections) can be easily switched to steal sensitive data. Known solutions limit physical access to device by an additional locking device. It is proposed to provide a functionality of security warning for user while providing sensitive data.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 3

Functionality of security warning for user while providing sensitive data based on external device changes detection

Unattended computers can be potentially used by intruders, where external peripherals like keyboard (connected to computer via Bluetooth or other wireless connections) can be easily switched to steal sensitive data.

Known solutions limit physical access to device by additional locking device i.e. Kensington Lock, USB Port Lock etc. Such approach is:

· Expensive - every peripheral needs to be locked by separate physical locking device

· Time consuming - every locking device needs to applied and maintained manually

The limitation can be addressed with the disclosed solution. This publication presents functionality of security warning for user while providing sensitive data based external device changes detection.

Functionality consists from following parts:

· functionality of OS daemon which will track the changes in HW IDs of connected external devices

· functionality of OS daemon which will track the application activity and detect the sensitive data input request (like password request)

· functionality of displaying the notification about recent HD IDs change within sensitive data input request window

Benefits of such solution are:


· improved security of external device usage w/o changing the device itself

Following method is about functionality of ensuring that user is fully aware of changes to the external devices set connected to his computer/mobile and to avoid the unwanted sensitive data disclosure

Following scenario describes the problem which can appear w/o the proposed solution implemented:


· User A is leaving the computer locked with OS password

· User B ,who wants to take over the password, is changing the keyboard attached to User A computer to access to his computer.

· After user comes back, he automatically types the password using his keyboard. User B gets the password in clear text written in his computer.

In case where keyboard is physically attached via cable to the computer, case is simple to detect and to fix, but in cases where Bluetooth devices are widely used thing is not so obvious, and may be even ignored by User...