公开(公告)号：DE3851049T2

公开(公告)日：1995-03-09

申请号：DE3851049

申请日：1988-12-22

Applicant: IBM

Inventor： LUCKENBAUGH GARY LINN ,  JOHRI ABHAI

IPC: G06F21/20 ,  G06F9/46 ,  G06F9/48 ,  G06F21/00 ,  G06F1/00

Abstract: The trusted path mechanism guarantees that data typed by a user on a terminal keyboard is protected from any intrusion by unauthorized programs. It allows a user to create a non-forgeable and non-penetrable communication path between the user's terminal and the trusted operating system software. The user can create a trusted path by simply pressing a key, called the Secure Attention Key (SAK), on the terminal keyboard. This operation can be called when the user logs into the system in order to be sure that the user is communicating with the real login program and not a Trojan horse program masquerading as a login program, which could steal the user's password. After the user establishes the trusted path, he can enter his critical data, such as a password, and can be sure that his critical data is not being stolen by an intruder's program. Then, after the user logs out, he can be sure that the trusted path has actually logged him out of the system so that a Trojan horse program is not capable of continuing the session started by the user.

公开(公告)号：DE3855378D1

公开(公告)日：1996-07-25

申请号：DE3855378

申请日：1988-12-20

Applicant: IBM

Inventor： BURGER WILLIAM FRANZ ,  CARSON MARK ERWIN ,  JOHRI ABHAI ,  STOKES ELLEN JEAN

IPC: G06F13/00 ,  G06F21/00 ,  G06F21/20 ,  H04L9/10 ,  G06F9/46 ,  G06F1/00

Abstract: In the remote trusted path, secure systems may provide a mechanism for the user to establish a trusted path for direct communication with the system's trusted computing base for security-critical operations. This invention allows users to request such a trusted path from remote systems using a new TELNET option and command, in a system-independent, confirmed, backward-compatible manner. It also describes how to implement remote support for such a trusted path in systems which use a Secure Attention Key mechanism such as Secure AIX.

公开(公告)号：DE3889444T2

公开(公告)日：1994-11-10

申请号：DE3889444

申请日：1988-12-22

Applicant: IBM

Inventor： HECHT MATTHEW STERLING ,  WEI TSUNG TSAN ,  JOHRI ABHAI ,  STEVENS DOUGLAS H

IPC: G06F12/14 ,  G06F1/00 ,  G06F9/46 ,  G06F11/30 ,  G06F11/34 ,  G06F12/00 ,  G06F15/00 ,  G06F15/16 ,  G06F15/177 ,  G06F21/00 ,  G06F21/24

公开(公告)号：DE3851049D1

公开(公告)日：1994-09-15

申请号：DE3851049

申请日：1988-12-22

Applicant: IBM

Inventor： LUCKENBAUGH GARY LINN ,  JOHRI ABHAI

IPC: G06F21/20 ,  G06F9/46 ,  G06F9/48 ,  G06F21/00 ,  G06F1/00

Abstract: The trusted path mechanism guarantees that data typed by a user on a terminal keyboard is protected from any intrusion by unauthorized programs. It allows a user to create a non-forgeable and non-penetrable communication path between the user's terminal and the trusted operating system software. The user can create a trusted path by simply pressing a key, called the Secure Attention Key (SAK), on the terminal keyboard. This operation can be called when the user logs into the system in order to be sure that the user is communicating with the real login program and not a Trojan horse program masquerading as a login program, which could steal the user's password. After the user establishes the trusted path, he can enter his critical data, such as a password, and can be sure that his critical data is not being stolen by an intruder's program. Then, after the user logs out, he can be sure that the trusted path has actually logged him out of the system so that a Trojan horse program is not capable of continuing the session started by the user.

公开(公告)号：DE3855378T2

公开(公告)日：1997-01-23

申请号：DE3855378

申请日：1988-12-20

Applicant: IBM

Inventor： BURGER WILLIAM FRANZ ,  CARSON MARK ERWIN ,  JOHRI ABHAI ,  STOKES ELLEN JEAN

IPC: G06F13/00 ,  G06F21/00 ,  G06F21/20 ,  H04L9/10 ,  G06F9/46 ,  G06F1/00

Abstract: In the remote trusted path, secure systems may provide a mechanism for the user to establish a trusted path for direct communication with the system's trusted computing base for security-critical operations. This invention allows users to request such a trusted path from remote systems using a new TELNET option and command, in a system-independent, confirmed, backward-compatible manner. It also describes how to implement remote support for such a trusted path in systems which use a Secure Attention Key mechanism such as Secure AIX.

公开(公告)号：DE3852292T2

公开(公告)日：1995-05-24

申请号：DE3852292

申请日：1988-12-20

Applicant: IBM

Inventor： CARSON MARK ERWIN ,  JOHRI ABHAI

IPC: G06F13/00 ,  G06F9/46 ,  G06F9/48 ,  G06F21/00 ,  G06F21/20 ,  H04L9/32 ,  G06F1/00

Abstract: When the user is logged on to a processor running multiple virtual terminals and he presses a Secure Attention Key, the existing virtual terminal processes are not destroyed. Instead, the invention creates a new virtual terminal, establishes a trusted path for the new virtual terminal, makes the new virtual terminal the current virtual terminal, and then runs the trusted process in the new virtual terminal.

公开(公告)号：DE3852292D1

公开(公告)日：1995-01-12

申请号：DE3852292

申请日：1988-12-20

Applicant: IBM

Inventor： CARSON MARK ERWIN ,  JOHRI ABHAI

IPC: G06F13/00 ,  G06F9/46 ,  G06F9/48 ,  G06F21/00 ,  G06F21/20 ,  H04L9/32 ,  G06F1/00

Abstract: When the user is logged on to a processor running multiple virtual terminals and he presses a Secure Attention Key, the existing virtual terminal processes are not destroyed. Instead, the invention creates a new virtual terminal, establishes a trusted path for the new virtual terminal, makes the new virtual terminal the current virtual terminal, and then runs the trusted process in the new virtual terminal.

公开(公告)号：DE3889444D1

公开(公告)日：1994-06-09

申请号：DE3889444

申请日：1988-12-22

Applicant: IBM

Inventor： HECHT MATTHEW STERLING ,  WEI TSUNG TSAN ,  JOHRI ABHAI ,  STEVENS DOUGLAS H

IPC: G06F12/14 ,  G06F1/00 ,  G06F9/46 ,  G06F11/30 ,  G06F11/34 ,  G06F12/00 ,  G06F15/00 ,  G06F15/16 ,  G06F15/177 ,  G06F21/00 ,  G06F21/24