The problem for the computer system security from software applications using functions of microphones and cameras of the computer system through an operating system is known in the art. The danger lies in possible unauthorized access to the functions of a microphone and/or camera from a software application. As a result, the computer system can capture a sound and/or image without the user's knowledge, including remotely. Audio and/or video data so collected may be transmitted outside the computer system over Internet channels using data exchange and providing protocols known in the art. In this case, a user may not even notice an unauthorized use of the microphone and/or camera, given a very short time of access to the function of these devices.
The said problem of controlling access to the microphone and/or camera function is solved by identifying processes (software applications) that request access to the microphone and/or camera function followed by the use of the microphone and/or camera access permissions system for the identified processes (software applications). To request access, processes receive information on microphones and cameras available in a computer system through elements of an operating system. If they receive information on the availability of a camera and/or microphone in the system, a process tries to get access and start recording video and/or audio (to create a media stream). When no permission is given, the process is identified and a message of the impossibility to start recording through a microphone and/or camera is sent. Thus, the access to the function of a microphone and/or camera is controlled by controlling media streaming.
A similar approach is disclosed in US20130286225A1 dd. Oct. 31, 2013, where a media stream (of video and/or audio data) from a camera upon request of the process (software application) is blocked using a low level filter driver the computer system is equipped with. Said driver is blocked by default and may be unblocked from the side of a computer system user, once the user has been informed of the created media stream, or may be unblocked automatically. In this case, the information on cameras available in the computer system is accessible to all processes (software applications) operating in the computer system, and the unauthorized receipt of video and/or audio data is terminated by controlling the access to a media stream created by the camera, with the process informed of the availability of the camera and requesting access to its functions.
In some cases, such an approach leads to the termination of recording through a microphone and/or camera well after a media streaming was started. This can lead to short-term unauthorized capture of a sound and/or image without the user's knowledge and breach of the computer system security.
Therefore, solutions are required to secure the computer system and inhibit unauthorized capture of a sound and/or image at a lower level, for example, not by controlling requests of processes (software applications) to access the functions of the camera, but rather by controlling the access of processes (software applications) to information about the availability of cameras in the computer system. That is, the process (software application) will not be able to access the functions of the camera because with the first request the process (software application) will receive information about the unavailability of the camera in the computer system and will be able to get access once a user has given his/her separate permission depending on his/her decision and the information about cameras available in the computer system has been sent. In addition, the process (software application) will not be able to start recording via the microphone because with the first request the process (software application) will be «frozen»/blocked.