Many computer systems utilize some type of security to prevent unauthorized use. In the vast majority of systems, this security takes the form of a single password per user for a particular company. This password is conventionally an arbitrary combination of characters known only to the user.
Security is a major concern in computer networks because once an unauthorized person gains access to the network a large number of files and information can then be accessed by the unauthorized person and compromised. With the advent of the INTERNET, computer security has taken on additional urgency. Using the INTERNET, and a valid password, unauthorized persons can gain access to computer networks and improperly view and retrieve confidential files. It is often very difficult to trace the location of the unauthorized user over the INTERNET connections.
With the software sophistication increasing it is sometimes difficult for an authorized user to be sure that he is actually communicating with a legitimate program on his own system. For example, it is possible for an unauthorized person to send an authorized user an "active" or "Trojan horse" mail message over an INTERNET connection. This mail message is programmed to generate a visual display which is the same as a display generated by the legitimate program which appears when a user must enter information, such as his password. When the user enters the requested information into such a mail message, the entered characters are captured and returned to the person who sent the mail message, thereby compromising the information or password, possibly without the user's knowledge. Still other software merely records information passing between the user and the legitimate program and forwards this information back to the unauthorized "eavesdropper."
Thus, it has been necessary to establish what is termed a "protected channel" between a user and legitimate software. Such a protected channel provides a means for a legitimate program to interface with a user in a manner in which other software cannot detect or record the information which passes between the user and the legitimate program. There have been a number of prior art methods for providing such a protected channel to prevent information and valid passwords from being stolen. One known method is embodied in the WINDOWS NT.RTM. operating system sold by the Microsoft Corporation, Redmond, Wash. The WINDOWS NT.RTM. operating system provides a protected channel by requiring the user to enter a particular key sequence during information (password) entry. The key sequence is CONTROL-ALT-DELETE. When the operating system receives this sequence, it prompts the user for a password, however, this key sequence terminates any application programs which are in operation during the password entry sequence. Thus, any "Trojan horse" or eavesdropping programs will be terminated during the information entry sequence. After the information has been entered correctly, the operating system returns control to the application programs. Thus, during the entry sequence, the user can be sure that no "foreign" programs are active.
The aforementioned scheme works well but is not available to application programs. Since each application program must interface with the operating system like any other application program, the application program itself cannot be programmed to recognize the CONTROL-ALT-DELETE sequence because it would be terminated by the sequence.
Therefore, there is a need for an apparatus and a method for providing a protected channel between a user and legitimate software which can be used by application programs.