Thwarting attacks that involve analyzing hardware sensor output

US 9,507,967 B2
Filed: 02/15/2012
Issued: 11/29/2016
Est. Priority Date: 02/15/2012
Status: Active Grant

First Claim

Patent Images

1. A portable electronic device, comprising:

a processor;

a hardware sensor integrated in the portable electronic device, the hardware sensor operable to produce hardware sensor output indicative of orientation or motion or both of the portable electronic device within an environment;

a hardware user-input component integrated in the portable electronic device, the hardware user-input component having multiple elements operable to accept user input through touch;

a memory coupled to the processor, the memory storing;

an operating system;

a sensor driver for use by the operating system to interface with the hardware sensor;

a user-input driver for use by the operating system to interface with the hardware user-input component, the user-input driver and operating system jointly operable to detect touch events involving the elements; and

a software application,wherein the software application is executable by the processor as a process that runs in foreground during times when the operating system is operable to notify the process of any detected touch events involving the elements and that runs in background during times when the operating system is operable not to notify the process of any detected touch events involving the elements, andwherein, while the software application is executed by the processor as the process, the sensor driver or the operating system or both are configured to control what hardware sensor output produced by the hardware sensor, if any, is available to the process as follows;

any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in the foreground and produced by the hardware sensor is available to the process, and any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in the background and produced by the hardware sensor is not available to the process.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A hardware sensor and a hardware user-input component are integrated in a portable electronic device. The hardware sensor is operable to produce hardware sensor output indicative of orientation or motion or both of the device within its environment. The hardware user-input component has multiple elements operable to accept user input through touch. A user-input driver and the device'"'"'s operating system are jointly operable to detect touch events involving the elements. A software application stored in the device'"'"'s memory is executable by the device'"'"'s processor as a process. A sensor driver or the operating system or both are configured to control what hardware sensor output, if any, is receivable by the process. This control may thwart an attack based on analysis of the hardware sensor output, the attack designed to deduce what user input has been made via multiple elements of the hardware user-input component.

12 Citations

View as Search Results

32 Claims

1. A portable electronic device, comprising:
- a processor;
  
  a hardware sensor integrated in the portable electronic device, the hardware sensor operable to produce hardware sensor output indicative of orientation or motion or both of the portable electronic device within an environment;
  
  a hardware user-input component integrated in the portable electronic device, the hardware user-input component having multiple elements operable to accept user input through touch;
  
  a memory coupled to the processor, the memory storing;
  
  an operating system;
  
  a sensor driver for use by the operating system to interface with the hardware sensor;
  
  a user-input driver for use by the operating system to interface with the hardware user-input component, the user-input driver and operating system jointly operable to detect touch events involving the elements; and
  
  a software application,wherein the software application is executable by the processor as a process that runs in foreground during times when the operating system is operable to notify the process of any detected touch events involving the elements and that runs in background during times when the operating system is operable not to notify the process of any detected touch events involving the elements, andwherein, while the software application is executed by the processor as the process, the sensor driver or the operating system or both are configured to control what hardware sensor output produced by the hardware sensor, if any, is available to the process as follows;
  
  any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in the foreground and produced by the hardware sensor is available to the process, and any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in the background and produced by the hardware sensor is not available to the process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The portable electronic device as recited in claim 1, wherein the hardware user-input component is a physical tactile keyboard, the elements are keys of the keyboard, and the touch events comprise key presses or key releases or both.
  - 3. The portable electronic device as recited in claim 1, wherein the hardware user-input component is a touchscreen, the elements are touch sensors, and the touch events comprise presses or releases or both, the memory further storing a display driver for displaying images on the touchscreen.
  - 4. The portable electronic device as recited in claim 3, wherein an image of a virtual keyboard is displayable on the touchscreen and the touch events comprise key presses or key releases or both or key swipes of keys in the virtual keyboard.
  - 5. The portable electronic device as recited in claim 1, wherein the hardware sensor comprises an accelerometer.
  - 6. The portable electronic device as recited in claim 1, wherein the hardware sensor comprises a gyroscope.
  - 7. The portable electronic device as recited in claim 1, wherein the hardware sensor comprises a magnetometer.
  - 8. The portable electronic device as recited in claim 1, wherein, while the software application is executed by the processor as the process, the sensor driver or the operating system or both are configured to make available to the process false hardware sensor output instead of any of the hardware sensor output that was sampled using the sensor driver during the time periods throughout which the process is running in the background and that was produced by the hardware sensor.
  - 9. The portable electronic device as recited in claim 8, wherein the false hardware sensor output is generated from one or any combination of constants, fixed waveforms, and actual hardware sensor output produced by the hardware sensor integrated in the portable electronic device.
  - 10. The portable electronic device as recited in claim 1, further comprising an additional hardware sensor integrated in the portable electronic device and operable to produce additional hardware sensor output indicative of orientation or motion or both of the portable electronic device within the environment, the memory further storing an additional sensor driver for use by the operating system to interface with the additional hardware sensor, wherein, while the software application is executed by the processor as the process, the additional sensor driver or the operating system or both are configured to control what hardware sensor output produced by the additional hardware sensor integrated in the portable electronic device, if any, is available to the process as follows:
    - any of the additional hardware sensor output sampled using the additional sensor driver during the time periods throughout which the process is running in the foreground and produced by the additional hardware sensor available to the process, and any of the additional hardware sensor output sampled using the additional sensor driver during the time periods throughout which the process is running in the background and produced by the additional hardware sensor is not available to the process.
  - 11. The portable electronic device as recited in claim 10, wherein the additional hardware sensor comprises an accelerometer.
  - 12. The portable electronic device as recited in claim 10, wherein the additional hardware sensor comprises a gyroscope.
  - 13. The portable electronic device as recited in claim 10, wherein the additional hardware sensor comprises a magnetometer.
  - 14. The portable electronic device as recited in claim 1, wherein the memory is arranged to store another software application, wherein, while the other software application is executed by the processor as another process, the operating system is operable to register that the other software application has permission to receive samples of the hardware sensor output produced by the hardware sensor integrated in the portable electronic device, and wherein the sensor driver or the operating system or both are configured to control what hardware sensor output produced by the hardware sensor integrated in the portable electronic device, if any, is available to the other process as follows:
    - any hardware sensor output produced by the hardware sensor integrated in the portable electronic device and sampled using the sensor driver is available to the other process regardless of when the hardware sensor output produced by the hardware sensor integrated in the portable electronic device is sampled using the sensor driver.

15. A portable electronic device, comprising:
- a processor;
  
  a hardware sensor integrated in the portable electronic device, the hardware sensor operable to produce hardware sensor output indicative of orientation or motion or both of the portable electronic device within an environment;
  
  a hardware user-input component integrated in the portable electronic device, the hardware user-input component having multiple elements operable to accept user input through touch;
  
  a memory coupled to the processor, the memory storing;
  
  an operating system;
  
  a sensor driver for use by the operating system to interface with the hardware sensor;
  
  a user-input driver for use by the operating, system to interface with the hardware user-input component, the user-input driver and operating system jointly operable to detect touch events involving the elements; and
  
  a software application,wherein the software application is executable by the processor as a process that runs in foreground during times when the operating system is operable to notify the process of any detected touch events involving the elements and that runs in background during times when the operating system is operable not to notify the process of any detected touch events involving the elements, andwherein, while the software application is executed by the processor as the process, the sensor driver or the operating system or both are configured to control what hardware sensor output produced by the hardware sensor integrated in the portable electronic device, if any, is available to the process as follows;
  
  any of the hardware sensor output sampled using the sensor driver during touch event windows that occur during time periods throughout which the process is running in the background and produced by the hardware sensor is not available to the process, and any of the hardware sensor output sampled using the sensor driver at all other times during execution of the software application and produced by the hardware sensor is available to the process, wherein a touch event window of the touch event windows starts prior to detection of a particular touch event involving one of the elements and ends sometime after detection of the particular touch event.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 16. The portable electronic device as recited in claim 15, wherein the hardware user-input component is a physical tactile keyboard, the elements are keys of the keyboard, and the touch events comprise key presses or key releases or both.
  - 17. The portable electronic device as recited in claim 15, wherein the hardware user-input component is a touchscreen, the elements are touch sensors, and the touch events comprise presses or releases or both, the memory further storing a display driver for displaying images on the touchscreen.
  - 18. The portable electronic device as recited in claim 17, wherein an image of a virtual keyboard is displayable on the touchscreen and the touch events comprise key presses or key releases or both or key swipes of keys in the virtual keyboard.
  - 19. The portable electronic device as recited in claim 15, wherein the hardware sensor comprises an accelerometer.
  - 20. The portable electronic device as recited in claim 15, wherein the hardware sensor comprises a gyroscope.
  - 21. The portable electronic device as recited in claim 15, wherein the hardware sensor comprises a magnetometer.
  - 22. The portable electronic device as recited in claim 15, wherein, while the software application is executed by the processor as the process, the sensor driver or the operating system or both ace configured to make available to the process false hardware sensor output instead of any of the hardware sensor output that was sampled using the sensor driver during the touch event windows that occur during the time periods throughout which the process is running in the background and that was produced by the hardware sensor.
  - 23. The portable electronic device as recited in claim 22, wherein the false hardware sensor output is generated from one or any combination of constants, fixed waveforms, and actual hardware sensor output produced by the hardware sensor integrated in the portable electronic device.
  - 24. The portable electronic device as recited in claim 15, further comprising an additional hardware sensor integrated in the portable electronic device and operable to produce additional hardware sensor output indicative of orientation or motion or both of the portable electronic device within the environment, the memory further storing an additional sensor driver for use by the operating system to interface with the additional hardware sensor, wherein, while the software application is executed by the processor as the process, the additional sensor driver or the operating system or both are configured to control what hardware sensor output produced by the additional hardware sensor integrated in the portable electronic device, if any, is available to the process as follows:
    - any of the additional hardware sensor output sampled using the additional sensor driver during the touch event windows that occur during the time periods throughout which the process is running in the background and produced by the additional hardware sensor is not available to the process, and any of the additional hardware sensor output sampled using the additional sensor driver at all other times during execution of the software are application and produced by the additional hardware sensor is available to the process.
  - 25. The portable electronic device as recited in claim 24, wherein the additional hardware sensor comprises an accelerometer.
  - 26. The portable electronic device as recited in claim 24, wherein the additional hardware sensor comprises a gyroscope.
  - 27. The portable electronic device as recited in claim 24, wherein the additional hardware sensor comprises a magnetometer.
  - 28. The portable electronic device as recited in claim 15, wherein the memory is arranged to store another software application, wherein the operating system is operable to register that the other software application has permission to receive samples of the hardware sensor output produced by the hardware sensor integrated in the portable electronic device, and wherein, while the other software application is executed by the processor as another process, the sensor driver or the operating system or both are configured to control what hardware sensor output produced by the hardware sensor integrated in the portable electronic device, if any, is available to the other process as follows:
    - any hardware sensor output produced by the hardware sensor integrated in the portable electronic device and sampled using the sensor driver from the hardware sensor is available to the other process regardless of when the hardware sensor output produced by the hardware sensor integrated in the portable electronic device is sampled using the sensor driver.

29. A method performed in a portable electronic device, the method comprising:
- controlling, by a sensor driver of the portable electronic device or an operating system of the portable electronic device or both, what hardware sensor output produced by a hardware sensor integrated in the portable electronic device, if any, is available to a process resulting from execution of a software application by a processor of the portable electronic device, as follows;
  
  making any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in foreground and produced by the hardware sensor available to the process; and
  
  making any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in background and produced by the hardware sensor not available to the process,wherein the hardware sensor output is indicative of orientation or motion or both of the portable electronic device within an environment,wherein the portable electronic device comprises a hardware user-input component integrated in the portable electronic device, the hardware user-input component having multiple elements operable to accept user input through touch, andwherein the process runs in the foreground during times when the operating system of the portable electronic device is operable to notify the process of any detected touch events involving the elements, and the process runs in the background during times when the operating system is operable not to notify the process of any detected touch events involving the elements.
- View Dependent Claims (30, 31)
- - 30. The method as recited in claim 29, further comprising:
    - making false hardware sensor output available to the process instead of any of the hardware sensor output that was sampled using the sensor driver during the time periods throughout which the process is running in the background and that was produced by the hardware sensor.
  - 31. The method as recited in claim 30, further comprising:
    - generating the false hardware sensor output from one or any combination of constants, fixed waveforms, and actual hardware sensor output produced by the hardware sensor integrated in the portable electronic device.

32. A non-transitory computer-readable medium having stored thereon instructions which, when executed by a processor of a portable electronic device, cause the processor to perform operations comprising:
- controlling, by a sensor driver of the portable electronic device or an operating system of the portable electronic device or both, what hardware sensor output produced by a hardware sensor integrated in the portable electronic device, if any, is available to a process resulting from execution of a software application by a processor of the portable electronic device, as follows;
  
  making any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in foreground and produced by the hardware sensor available to the process; and
  
  making any of the hardware sensor output sampled using the sensor driver during time periods throughout which the process is running in background and produced by the hardware sensor not available to the process,wherein the hardware sensor output is indicative of orientation or motion or both of the portable electronic device within an environment,wherein the portable electronic device comprises a hardware user-input component integrated in the portable electronic device, the hardware user-input component having multiple elements operable to accept user input through touch, andwherein the process runs in the foreground during times when the operating system of the portable electronic device is operable to notify the process of any detected touch events involving the elements, and the process runs in the background during times when the operating system is operable not to notify the process of any detected touch events involving the elements.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Wurster, Glenn Daniel
Primary Examiner(s)
Cervetti, David Garcia
Assistant Examiner(s)
NGUYEN, TRONG H

Application Number

US13/396,871
Publication Number

US 20130212677A1
Time in Patent Office

1,749 Days
Field of Search

726 22- 30, 726/17, 726/21, 713193-194
US Class Current

1/1
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/83   input devices, e.g. keyboar...

G06F 2221/033   Test or assess software

G06F 3/02   Input arrangements using ma...

G06F 3/0346   with detection of the devic...

G06F 3/0416   Control or interface arrang...

G06F 3/04166   Details of scanning methods...

G06F 3/04886   by partitioning the display...

Thwarting attacks that involve analyzing hardware sensor output

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Thwarting attacks that involve analyzing hardware sensor output

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links