The invention relates to systems and methods for securing electronic communication between a client and a remote service provider, and in particular systems and methods using hardware virtualization technology.
An increasing number of goods and services are currently provided online, through electronic communication networks such as the Internet. In some such applications, users may remotely access a protected resource such as a bank account through an e-banking platform hosted on a server computer system. To access the protected resource, users are typically required to provide some credentials, such as a password and/or an access code. In e-commerce applications, users may transmit sensitive information such as credit card details and/or other personal information to a remote computer system. Such sensitive data is typically input by the user into an electronic device such as a computer, mobile phone, etc. Subsequently, the sensitive information circulates over a communication network between the user's electronic device and the remote computer system.
Malicious software, also known as malware, affects a great number of computer systems worldwide. In its many forms such as computer viruses, worms, and rootkits, malware presents a serious risk to millions of computer users, making them vulnerable to loss of data and sensitive information, identity theft, and loss of productivity, among others. Malware may attempt to steal private or sensitive information, e.g., by intercepting keyboard inputs corresponding to a user's password or credit card number, or by intercepting communication between the malware-infected computer system and a remote computer system.
Hardware virtualization technology allows the creation of simulated computer environments commonly known as virtual machines (VM), which behave in many ways as physical computer systems. Several virtual machines may run simultaneously on the same hardware platform (physical machine), sharing the hardware resources among them, thus allowing potentially a great number of users to share a computer system. A virtual machine may run its own operating system and/or software applications separately from other virtual machines, thus increasing data security and privacy.
There is considerable interest in developing electronic communication devices allowing users to securely exchange data with remote computer systems, especially when such devices operate on hardware virtualization platforms.