| 发明名称 |
Secured compartment for transactions |
| 摘要 |
Systems and methods that establish a secured compartment that manages sensitive user transactions/information on a user's machine. The secured compartment qualifies user interaction with the machine, and separates such qualified interaction from other user activity on the machine. A user is switched to such secured compartment upon occurrence of a predetermined event, such as in form of: an explicit request (e.g., a secure attention sequence); an implicit request (e.g., inference of user activities); and presence of a peripheral device that is bound to the secured compartment (e.g., a USB)—wherein such actions typically cannot be generated by an application running outside the secured compartment. |
| 申请公布号 |
US9166797(B2) |
申请公布日期 |
2015.10.20 |
| 申请号 |
US200812257765 |
申请日期 |
2008.10.24 |
| 申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Kurien Thekkthalackal Varugis;Herley Cormac E.;Brush Alice Jane Bernheim;Robbins Daniel C.;Chatterjee Arindam;Field Scott |
| 分类号 |
H04L9/32;G06F13/24;G07F7/08;G07F7/10 |
主分类号 |
H04L9/32 |
| 代理机构 |
|
代理人 |
Akhter Julie Kane;Holmes Danielle Johnston;Minhas Micky |
| 主权项 |
1. A computer implemented system comprising the following:
one or more computer-readable storage devices storing one or more components; and one or more processing units operably coupled to the one or more computer-readable storage devices, the one or more processing units adapted to implement the one or more components, the one or more components comprising:
an operating system component to handle a plurality of interrupts via a trusted path; anda switching component to, in response to a Trusted Computing Base (TCB) generated interrupt:
switch user interactions to a secured compartment of the one or more computer-readable storage devices, the secured compartment comprising a plurality of whitelisted applications and whitelisted network domains that are accessible only from within the secured compartment, wherein:
the TCB generated interrupt is captured in a kernel of an operating system stored in the one or more computer-readable storage devices and handled by the operating system component; andthe computer implemented system handles the user interactions within the secured compartment in a different manner than user interactions outside thereof; andprohibit user interaction within the secured compartment with an application or domain that is not one of the plurality of whitelisted applications or the whitelisted network domains. |
| 地址 |
Redmond WA US |
