1. Field of the Present Invention
The present invention relates generally to automated computer systems used to monitor and detect against unauthorized use of a computer network or system and more particularly to a system and method for securing computers against unauthorized use and access.
2. History of Related Art
In today's world, most businesses, government agencies and organizations depend on computer systems to communicate, transfer classified and unclassified information, and carry out various security-sensitive transactions such as executing financial payments using credit cards. It is estimated that nearly 70% of an organization's value is stored inside computer systems. This makes computer systems a prime target for thieves who might wish to steal this important information. It is important to secure computers against such information theft.
Firstly, one method by which thieves try to steal information is through the use of stolen user identities, often called computer identity-theft. Due to security concerns, computer systems were designed to grant access to trusted persons and deny access to those who are not authorized. This is carried out by the use of authentication systems which requires that a user first establish his/her legitimacy to use the computer system by first providing a user name and a password. Some other authentication systems require different access data such as smart cards and a personal identification number, biometrics, etc. However, in the real world, user identities (consisting of user names and passwords, smart cards etc.) are often stolen by thieves who later on use these user identities to log into the computer account of the person whose identity was stolen. In such cases the intruder will have full access to the computer account without being caught because the thief will be disguised using the identity of an authorized user. This is a serious problem because such security breaches never get detected since they appear legitimate. It is important that computer identity-theft attempts should be defeated.
Secondly, another means by which thieves steal information from computer systems is through insider espionage. This occurs when trusted computer users belonging to an organization such as employees or contractors (often called “insiders”) choose to use their access rights for the wrong reasons. This problem is often called the “insider threat”. Sometimes, employees may choose to use their access rights to steal company information with the objective of divulging it to unauthorized outsiders. It is important that such insider security breaches should be detected and thwarted.
Thirdly, computers are tools that have a tremendous amount of power and can do many things much faster and better than humans. Although computers have made life much easier for people, they can be a little bit difficult to use or communicate with. Computer software developers and engineers have developed several input devices, computer software systems and output devices to make it easier for people to use computers. However, sometimes it is still difficult to use computer systems because of their complexity. Therefore it is necessary to make it easier for people to communicate with computer systems.
In summary, computer security breaches caused as a result of identity-theft and insider espionage are very big problems facing the computer industry. Also, because computer systems are becoming more complex, it would be beneficial to allow humans to communicate with computers more easily. Accordingly, it would be beneficial to provide a computer system that can communicate easily with humans and also protect against identity theft and insider security breaches.