Recently, Intel® introduced a hardware-enhanced identity protection solution, named “Authenticate solution”, on select 6th and 7th generation Intel® Core™ vPro™ platforms [1]. This Embedded Security Protection delivers customizable multifactor authentication options to fit individual IT policy. Intel® Authenticate solution is designed to verify two or more factors which are captured, encrypted, matched, and stored in the hardware, thus reducing exposure to common software-level attack methods. Using Intel® Active Management Technology (Intel® AMT), the authentication factors may be selected in any combination from: fingerprint, Bluetooth proximity, protected PIN, and location detection. The new hardware-enhanced identity protection solution significantly decreases the risk of stealing and misusing of the user credentials. However, it does not protect against unwanted software embedded into useful software intentionally acquired by a user from Internet. Indeed, the “Authenticate solution” introduces the hardware to enhance security only in the moment of verification, but do not use hardware in active mode during the work online. Even more importantly, the “Authenticate solution” permanently inserts the most sensitive private information into both hardware and software subsystems working online and thus making them the ultimate target of the hackers.
[1] https://www-ssl.intel.com/content/www/us/en/architecture-and-technology/authenticate/intel-authenticate-is-hardware-enhanced-security.html
Objectives of the present invention include novel methods and apparatuses reinforcing security of a personal computer during its interaction with the world-wide web and providing a principally higher safety than the methods known by the prior art while inserting any sensitive private information neither into hardware nor into software subsystems working online.
Another objective of the present invention is a novel architecture of personal computer consistent with the disclosed secured computer system.
Still another objective of the present invention is integration of software and hardware security devices into a united system unconditionally blocking penetration of unwanted software into said system or leaking of the sensitive personal and business data from the system.