Many security software packages require that a password be typed by a user to authenticate the user. Once this password is entered, a software application such as a cryptographic application may perform strong cryptographic operations on behalf of the user with no further authentication. Thus, the password is one of the main secrets protecting a user's security.
The design of some operating systems, such as windows-based operating systems and UNIX-type operating systems, for example, allow software applications to intercept keyboard events such as keyboard messages destined for use by a program, before they are delivered to the program or other software application. This facility allows a rogue application to record, for example, a password entered by a user as it is typed into the security application. It would be desirable to prevent such an attack. In addition, further data being input into an application may take many other forms, such as voice input or other input. In addition, applications other than security applications also require input data for operation and as such it would be desirable to limit or substantially prevent interception of incoming data to such applications.
Some operating systems provide a type of operating system based prevention technique that prevents, for example, keyboard data interceptions by allowing specified programs to run on the operating system through a “secure desktop”. Such operating systems allow a user, for example, to open a secure desktop and designate which applications can be run in the secure desktop. Such systems typically provide access controls which limit the programs that can run on the secure desktop. A problem with such systems is that the secure desktop will still allow keyboard interception programs to run if they are embedded in an application that has been designated to be accessible in the secure desktop. Hence, if a keyboard “sniffing” program is embedded in an application, the secure desktop may still allow the launch of the keyboard sniffing program when the software application is launched.
Other operating systems may include a software keyboard locking interface that allows a user to indicate that the operating system should grant exclusive access to the keyboard for a particular software application. However, such operating systems can be quite costly and there are many applications that may not be compatible with such operating systems. These applications would benefit from the prevention of interception of incoming data.
Consequently, there exists a need for a method and device for facilitating prevention of interception of incoming data for a software application that may be application based or non-operating system based to allow such a method or device to be used independently from a particular type of operating system or operating system based interception prevention program.