1. Field of the Invention
The present invention relates to using network identities at a human interface, and in particular to associating multiple familiar patterns with a network identity to improve human recognition of network identities or discrimination among multiple network identities, or both.
2. Description of the Related Art
Networks of general purpose computer systems connected by external communication links are well known and widely used in commerce. The networks often include one or more network devices that facilitate the passage of information between the computer systems. A network node is a network device or computer system connected by the communication links. An “end node” is a node that is configured to originate or terminate communications over the network. An “intermediate network node” facilitates the passage of data between end nodes.
A human interacts with one or more local processes operating on a local end node that exchange data with one or more remote processes operating on one or more different, remote end nodes elsewhere on the network. In many commercial circumstances, information exchanged between a local process and a remote process is confidential and sensitive. For example, the information sent includes a user's account identification (user ID or credit card number) and password for accessing a bank account through the remote end node. If a malicious party were to obtain the user ID and password, the malicious entity could access the user's account and divert substantial user funds for the benefit of the malicious entity or to the harm to the user, or both.
Various security procedures are in place to provide secure transmission of confidential and sensitive data between the local node and the remote node. For example, in the public key infrastructure (PKI) a public key is distributed to users. PKI is well known and widely used in commercial transactions over the Internet, and described, for example, in the article published by THE OPEN GROUP, as “Architecture for Public-Key Infrastructure,” 1997, Publisher: www.opengroup.org/public/tech/security/pki/apki—1-0.pdf, Published in: Reading, UK, the entire contents of which are hereby incorporated by reference as if fully set forth herein.
A network entity, such as a bank, sends its public key to a user during communication between the bank and user, such as when the user connects with the bank's website. The name of the entity and its public key are authenticated by a trusted PKI arbiter. The user's local process employs the public key to encrypt information to be sent over the network. The original information is called plain text. The encrypted information is called ciphertext. The ciphertext can only be decoded using a private key that is known only to the one receiver, e.g., the bank. The private key can not practically be deduced from the public key, the plain text and the ciphertext. In many procedures, PKI is used to securely exchange an unpredictable temporary session key; and the session key is used to encrypt and decrypt subsequent messages between the local node and the remote node for the duration of a session.
Many security procedures depend on a user distinguishing a trusted entity from an untrusted entity. Such procedures are subject to attacks by a malicious entity who can exploit human deficiencies to dupe a user into believing the malicious entity is a trusted entity.
One approach for duping a user is for the malicious entity to use a network identity that appears to the user to be the network identity of a trusted partner, such as the bank. For example, the malicious entity initiates communications with a user and identifies itself with a name similar to the name of a trusted partner and provides the malicious entity's own public key, as verified by the arbiter. In some cases, the malicious entity's public key can look similar to the trusted partner's public key, as well. In other cases, the public keys are so long and meaningless to a human observer that a user does not view them and does not notice even a substantial difference in the public keys. Based on the similar name, the user engages in secure communications with the malicious entity. Because the communications are apparently secure, the user is likely to divulge sensitive and confidential information, such as bank accounts and passwords.
A network entity can be identified in a variety of ways. One way a network entity is identified is by the entity name and public key available through PKI, as described above. A malicious entity can appear to be a trusted partner by using a similar but different name. For example, the malicious entity can register with the arbiter as “SMITH BANK” in order to confuse users who trust “Smith Bank” if the registry is case sensitive. Any other changes to a target name can be made to confuse a user into believing communications are with the target, provided the arbiter recognizes the difference. In some cases the number of spaces is significant to the arbiter, so that “Smith Bank” with two intervening spaces is different than “Smith Bank” with one intervening space. Similarly, a numeral “1” a vertical bar “|” and the letter “l” can be substituted for each other, or the numeral “0” and the letter “O” can be exchanged. Other synonyms or homonyms can be substituted for each other, such as “Inc.” for “Corp.” or “Corporation” or “Incorporated”, and “2” for “two” or “too” or “to”, and “4” for “for” or “four”, and “five” for “5”, and so on.
Another way a network entity is identified is by the network address of the user's end node. For example, an Internet Protocol (IP) address for local node is a 32 binary digit (bit) number. To make it easier for humans to find a particular end node without having to memorize 32 bit addresses, the world wide web of network resources allows a resource on a node, such as a file or process, the node itself, or a group of nodes on the same sub-network to be identified by a name called a Universal Resource Locator (URL). A domain name server (DNS) is a process that executes on a network node to resolve URL names into IP addresses. A malicious entity can register with the DNS using a name that a user perceives to be the same as the name of a trusted partner. Some of the substitutions described above for the PKI registry can be employed here. Furthermore, the exact name of the trusted partner can be used in a URL subdomain that would confuse even a careful user who is unaware of URL conventions. According to URL convention, the domain name appears to the left of “.com” and a subdomain appears to the left of its parent domain separated by a period. Thus, even if a careful user knows that the website domain name for ABC Corp. is “ABCcorp.com” a malicious entity which owns domain name “WelcomeTo.com” can confuse the user when a link is encountered to the malicious entity subdomain “ABCcorp.com.WelcomeTo.com”.
Another way a network entity is identified is by an email address. An email address includes a personal name and a URL domain name separated by the symbol “@”. A user may reply to an email from an apparently trusted email sender. For example, if a well known Internet Service Provider has the domain “isp.net”, and the user has an account at Smith Bank, which has a domain “SmithBank.com”, the user might reply with confidential information to an email from an email address such as “member.services.SmithBank@isp.net.”
In some networks, a user is identified by other identifications, such as a telephone number on a telephone network and an employee identification code on an enterprise private network.
Many of the identifications for entities on a network involve a large number of almost random characters and digits that most people have trouble remembering or distinguishing. Identifications that include names that are easier to remember might still be found confusing if two names appear to be synonymous, such as in examples given above. Thus a user might easily be duped into believing network communications are being conducted with a trusted entity when in fact the communications are being conducted with a different entity. The user is then subject to unintentionally revealing sensitive and confidential information.
Based on the foregoing description, there is a clear need for techniques that present identifications for network entities that clearly distinguish to a human observer different network identifications, no matter how similar the different network identifications are perceived by the human observer to be. Furthermore, there is a clear need for substantially distinguishing different network identifications even in the presence of efforts by a malicious entity to appear similar.