| 发明名称 | Technologies for secure input and display of virtual touch user interfaces | ||
| 摘要 | Technologies for secure input and display of a virtual touch user interface include a computing device having a security monitor that may protect memory regions from being accessed by untrusted code. The security monitor may use hardware virtualization features such as extended page tables or directed I/O to protect the memory regions. A protected touch filter driver intercepts requests for touch input and allocates a transfer buffer. The transfer buffer is protected by the security monitor. A touch screen controller may write touch input data into the protected transfer buffer. The touch input data may be shared by the touch filter driver with authorized applications through a protected communication channel. A graphical virtual user interface may be generated by trusted code and rendered into a hardware overlay surface. The user interface may include a virtual keyboard. The security monitor may protect the overlay surface. Other embodiments are described and claimed. | ||
| 申请公布号 | US9507951(B2) | 申请公布日期 | 2016.11.29 |
| 申请号 | US201414560245 | 申请日期 | 2014.12.04 |
| 申请人 | Intel Corporation | 发明人 | Kang Xiaozhu;Garudapuram Ghayathri V.;Grewal Karanvir S. |
| 分类号 | G06F21/60;G06F21/84;G06F21/83 | 主分类号 | G06F21/60 |
| 代理机构 | Barnes & Thornburg LLP | 代理人 | Barnes & Thornburg LLP |
| 主权项 | 1. A computing device for secure input, the computing device comprising: a security monitor module to restrict access to a protected transfer buffer in a secure memory view using a hardware virtualization feature of a processor of the computing device; and an input module to (i) intercept, by a protected filter driver of the computing device, a request for user input, (ii) replace, by the protected filter driver, an unprotected transfer buffer of the request for user input with the protected transfer buffer in response to interception of the request for user input, (iii) store, in the secure memory view, user input data generated by a user input device of the computing device into the protected transfer buffer in response to replacement of the unprotected transfer buffer with the protected transfer buffer, and (iv) transfer, in response to storage of the user input data, the user input data from the protected filter driver to an authorized application via a protected side channel in the secure memory view. | ||
| 地址 | Santa Clara CA US | ||