Security system with methodology for defending against security breaches of peripheral devices
First Claim
1. A method for protecting a computer from security breaches involving a hardware-based key logger installed between the computer and an attached input device, the method comprising:
- when the computer is first powered on, storing authorization information received from an administrative user to indicate that the input device is authorized to communicate with the computer;
detecting a potential tampering attempt by an unauthorized user comprising detachment of the input device from the computer, installation of a hardware-based key logger, and reattachment of the input device, so that the hardware-based key logger is installed between the computer and the input device;
requiring entry of a password for authorizing the input device;
if the required password is entered, authorizing the input device to communicate with the computer and, otherwise, continuing to block communication from the input device to the computer;
storing authorization information indicating whether or not the input device is allowed to communicate with the computer;
detecting detachment of the input device from the computer;
when said potential tampering attempt is detected, updating the authorization information to indicate that the input device is no longer authorized to communicate with the computer; and
upon said reattachment of the input device, blocking communication from the input device to the computer until the input device is again authorized.
4 Assignments
0 Petitions
Accused Products
Abstract
A security system with methodology for defending against security breaches of peripheral devices is described. In one embodiment, for example, a method is described for protecting a computer from security breaches involving devices that may be attached to the computer, the method comprises steps of: when a device is first attached to the computer, specifying authorization information indicating that the device is allowed to communicate with the computer; detecting detachment of the device from the computer; updating the authorization information to indicate that the device is no longer authorized to communicate with the computer; and upon reattachment of the device, blocking communication with the device while the device remains unauthorized, thereby preventing a security breach involving the device.
62 Citations
42 Claims
-
1. A method for protecting a computer from security breaches involving a hardware-based key logger installed between the computer and an attached input device, the method comprising:
-
when the computer is first powered on, storing authorization information received from an administrative user to indicate that the input device is authorized to communicate with the computer; detecting a potential tampering attempt by an unauthorized user comprising detachment of the input device from the computer, installation of a hardware-based key logger, and reattachment of the input device, so that the hardware-based key logger is installed between the computer and the input device; requiring entry of a password for authorizing the input device; if the required password is entered, authorizing the input device to communicate with the computer and, otherwise, continuing to block communication from the input device to the computer; storing authorization information indicating whether or not the input device is allowed to communicate with the computer; detecting detachment of the input device from the computer; when said potential tampering attempt is detected, updating the authorization information to indicate that the input device is no longer authorized to communicate with the computer; and upon said reattachment of the input device, blocking communication from the input device to the computer until the input device is again authorized. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system for protecting a computer from security breaches involving an unauthorized user installing a hardware-based key logger between a computer and an attached peripheral device, the system comprising:
-
a computer having at least a processor and memory and including an operating system service that monitors connection and disconnection of peripheral devices that may be attached to the computer via an available external port; a filter module for receiving notification of connection and disconnection events from the operating system service when peripheral devices are attached to and detached from the computer, including connection and disconnection events that occur during installation of a hardware-based key logger on a given peripheral device attached to the computer, reporting such connection and disconnection events, and blocking communication with the given peripheral device attached to the computer until communication with the given peripheral device is authorized; and a desktop agent that determines, in response to reported connection events relating to a given peripheral device, whether or not the given peripheral device is authorized to communicate with the computer based on obtaining user input as to whether to allow communication with the given peripheral device, and for revoking the authorization of the given peripheral device to communicate with the computer in response to reported connection and disconnection events relating to the given peripheral device. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
Specification