Secure communication methods

US 9,235,732 B2
Filed: 10/16/2013
Issued: 01/12/2016
Est. Priority Date: 10/16/2012
Status: Active Grant

First Claim

Patent Images

1. A method of communicating secure data, the method comprising:

displaying a video image on a display device;

detecting a form within the video image, the form including one or more data entry fields;

identifying a member of the one or more data entry fields having a current focus;

gathering metadata characterizing the identified member of the one or more data entry fields;

sniffing a bus to capture data entered in the identified member of the one or more data entry fields;

encrypting the captured data or digitally signing the captured data to produce encrypted or signed data;

inserting the encrypted or signed data in a data packet;

sending the encrypted or signed data, in the data packet, to a remote device via a communication network;

receiving the encrypted or signed data at the remote device, the encrypted or signed data being received in a data packet;

identifying a source of the data packet;

retrieving a decryption key or certification data based on the identity of the source;

decrypting or authenticating contents of the data packet;

identifying an account based on the identity of the source;

identifying a destination for the contents; and

forwarding the contents to the destination based on a status of the account, wherein the received encrypted or signed data includes video data and further comprising processing the video data using character recognition logic.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Secure communication of user inputs is achieved by isolating part of an endpoint device such that certificates and encryption keys are protected from corruption by malware. Further, the communication is passed through a trusted data relay that is configured to decrypt and/or certify the user inputs encrypted by the isolated part of the endpoint device. The trusted data relay can determine that the user inputs were encrypted or certified by the protected certificates and encryption keys, thus authenticating their origin within the endpoint device. The trusted data relay then forwards the inputs to an intended destination. In some embodiments, the isolated part of the endpoint device is configured to detect input created by auto-completion logic and/or spell checking logic.

Citations

19 Claims

1. A method of communicating secure data, the method comprising:
- displaying a video image on a display device;
  
  detecting a form within the video image, the form including one or more data entry fields;
  
  identifying a member of the one or more data entry fields having a current focus;
  
  gathering metadata characterizing the identified member of the one or more data entry fields;
  
  sniffing a bus to capture data entered in the identified member of the one or more data entry fields;
  
  encrypting the captured data or digitally signing the captured data to produce encrypted or signed data;
  
  inserting the encrypted or signed data in a data packet;
  
  sending the encrypted or signed data, in the data packet, to a remote device via a communication network;
  
  receiving the encrypted or signed data at the remote device, the encrypted or signed data being received in a data packet;
  
  identifying a source of the data packet;
  
  retrieving a decryption key or certification data based on the identity of the source;
  
  decrypting or authenticating contents of the data packet;
  
  identifying an account based on the identity of the source;
  
  identifying a destination for the contents; and
  
  forwarding the contents to the destination based on a status of the account, wherein the received encrypted or signed data includes video data and further comprising processing the video data using character recognition logic.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The method of claim 1, wherein the captured data is digitally signed.
  - 3. The method of claim 1, wherein the captured data is encrypted.
  - 4. The method of claim 1, further comprising encrypting the gathered metadata or digitally signing the gathered metadata, and sending the encrypted or signed metadata to the remote device.
  - 5. The method of claim 4, wherein the gathered metadata is encrypted and the captured data is digitally signed.
  - 6. The method of claim 4, wherein the gathered metadata digitally signed and the captured data is encrypted.
  - 7. The method of claim 1, wherein sniffing the bus includes capturing video data.
  - 8. The method of claim 7, wherein capturing the data entered includes processing the captured video data using character recognition logic.
  - 9. The method of claim 1, wherein sniffing the bus includes capturing input data as the input data is communicated from a buffer of an input apparatus.
  - 10. The method of claim 1, wherein sending the encrypted or signed data includes sending an identifier of an endpoint system including the display device.
  - 11. The method of claim 10, wherein the identifier is encrypted.
  - 12. The method of claim 1, wherein encrypting the captured data or digitally signing the captured data includes retrieving a certificate or encryption key from a storage located in a protected capture module.
  - 13. The method of claim 12, wherein retrieving the certificate or encryption key includes selecting from a plurality of certificates or encryption keys responsive to a flag input to the protected capture module.
  - 14. The method of claim 12, wherein the protected capture module is isolated such that the certificate or encryption key cannot be changed from outside the protected capture module.
  - 15. The method of claim 12, wherein the protected capture module is isolated such that the certificate or encryption key cannot be read from outside the protected capture module.
  - 16. The method of claim 1, wherein the step of encrypting the captured data or digitally signing the captured data is performed by logic stored in a protected capture module.
  - 17. The method of claim 16, wherein the logic stored in the protected capture module cannot be modified from outside the protected capture module.
  - 18. The method of claim 16, wherein the logic stored in the protected capture module cannot be read from outside the protected capture module.
  - 19. The method of claim 7, wherein the encrypted or signed data sent to the remote device includes the captured video data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Truedata Systems Incorporated
Original Assignee
Truedata Systems Incorporated
Inventors
Eynon, Michael, Sinclair, Peter, Lloyd, James
Primary Examiner(s)
Mehedi, Morshed

Application Number

US14/055,868
Publication Number

US 20140108790A1
Time in Patent Office

818 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/602   Providing cryptographic fac...

G06F 21/83   input devices, e.g. keyboar...

G06F 21/84   output devices, e.g. displa...

H04L 63/0823   using certificates cryptogr...

H04L 63/10   for controlling access to d...

H04L 63/105   Multiple levels of security

H04L 9/3247   involving digital signatures

Secure communication methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Secure communication methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links