公开(公告)号：DE3851049T2

公开(公告)日：1995-03-09

申请号：DE3851049

申请日：1988-12-22

Applicant: IBM

Inventor： LUCKENBAUGH GARY LINN ,  JOHRI ABHAI

IPC: G06F21/20 ,  G06F9/46 ,  G06F9/48 ,  G06F21/00 ,  G06F1/00

Abstract: The trusted path mechanism guarantees that data typed by a user on a terminal keyboard is protected from any intrusion by unauthorized programs. It allows a user to create a non-forgeable and non-penetrable communication path between the user's terminal and the trusted operating system software. The user can create a trusted path by simply pressing a key, called the Secure Attention Key (SAK), on the terminal keyboard. This operation can be called when the user logs into the system in order to be sure that the user is communicating with the real login program and not a Trojan horse program masquerading as a login program, which could steal the user's password. After the user establishes the trusted path, he can enter his critical data, such as a password, and can be sure that his critical data is not being stolen by an intruder's program. Then, after the user logs out, he can be sure that the trusted path has actually logged him out of the system so that a Trojan horse program is not capable of continuing the session started by the user.

公开(公告)号：DE3851049D1

公开(公告)日：1994-09-15

申请号：DE3851049

申请日：1988-12-22

Applicant: IBM

Inventor： LUCKENBAUGH GARY LINN ,  JOHRI ABHAI

IPC: G06F21/20 ,  G06F9/46 ,  G06F9/48 ,  G06F21/00 ,  G06F1/00

Abstract: The trusted path mechanism guarantees that data typed by a user on a terminal keyboard is protected from any intrusion by unauthorized programs. It allows a user to create a non-forgeable and non-penetrable communication path between the user's terminal and the trusted operating system software. The user can create a trusted path by simply pressing a key, called the Secure Attention Key (SAK), on the terminal keyboard. This operation can be called when the user logs into the system in order to be sure that the user is communicating with the real login program and not a Trojan horse program masquerading as a login program, which could steal the user's password. After the user establishes the trusted path, he can enter his critical data, such as a password, and can be sure that his critical data is not being stolen by an intruder's program. Then, after the user logs out, he can be sure that the trusted path has actually logged him out of the system so that a Trojan horse program is not capable of continuing the session started by the user.