Communications: electrical – Condition responsive indicating system – Specific condition
Reexamination Certificate
2000-08-09
2001-09-11
Trieu, Van T. (Department: 2632)
Communications: electrical
Condition responsive indicating system
Specific condition
C340S568100, C340S572400
Reexamination Certificate
active
06288645
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a method for determining the physical location of data processing equipment and to detecting changes in the physical location of data processing equipment.
BACKGROUND OF THE INVENTION
Desktop personal computers are valuable pieces of equipment and are frequently easily movable from one location to another. Presently, physical security can be used to ensure that a personal computer is not moved from one location to another, but such physical security is not always practical in an office environment. When a personal computer has been moved, there is no easy way of detecting its new location.
The universal serial bus (“USB”) is specified to be an industry standard extension to the personal computer architecture with a focus on computer telephony interface, consumer and productivity applications. The USB architecture is described in the “Universal Serial Bus Specification”, Revision 1.1, Sep. 23, 1998 available on the Internet World Wide Web at http://www.usb.org/developers/docs.html. The USB architecture provides for ease of use of peripheral expansion, transfer rates up to 12 megabits per second, protocol flexibility for mixed modes, isochronous data transfers, and asynchronous messaging. USB is a cable bus supporting data transfer between the host personal computer and a range of simultaneously accessible peripherals. The bus allows peripherals to be attached, configured, used and detached while the host and other peripherals are in operation. One host controller can support up to 127 physical devices using a tiered topology. A hub is at the centre of each star with each wire segment creating a point-to-point connection of up to 5 meters. The 5 meter limitation may be between a host and a hub or a hub function or a hub connected to another hub or function.
Pending GB patent application 99020722.7 discloses the tracking of objects within a building using a radio device associated with each object to be tracked and an array of transmitting beacons.
Pinpoint Corporation (see www.pinpointco.com) market a solution to asset location using a proprietary radio technology. Their solution is much more expensive and does not integrate into standard systems management tools.
Solutions based on detecting the personal computer's LAN attachment point only work if the attachment point can be traced through the network hubs, which is not generally the case with Ethernet or TokenRing systems. Where it is possible, continued tracking of the location depends on the physical LAN topology remaining unchanged.
So it would be desirable to provide a mechanism for determining the location of a personal computer that did not require the use of a radio device attached to each object, which could be integrated with standard systems management tools and which did not depend on knowing the computer's LAN attachment point.
DISCLOSURE OF THE INVENTION
Accordingly, the present invention provides a method of determining the physical location of a data processing system, the method comprising the steps of: providing a data tag, having stored data therein including a stored identifier, the data tag being physically attached to the data processing system's environment; reading by the data processing system of data from the data tag; and responsive to the reading step, initiating a security action.
The data tag includes an identifier set at manufacture, and additionally or alternatively a programmable data area which can be set at installation. A data processing system plugs into the tag using an interface, such as a Universal Serial Bus interface and reads the identifier or data area either at boot time, or on demand. It then uses the data either as authority to boot or as location data which can be read by a management system.
The advantage of the present invention is that every data processing system in an organisation can be assigned a physical location, and any movement from that location, or a set of authorised locations, can be detected and the personal computer disabled, or an alert sent to the system administrator.
The tag technique of the present invention is currently cheaper to implement, since radio infrastructure systems, such as Bluetooth, (details of which can be found at www.bluetooth.com) will not be pervasive until about year 2002. The Bluetooth technology will be more appropriate for tracking mobile assets, while the data tag solution is more appropriate for relatively static, but moveable, assets. The data tag technique also has the capability of integration into BIOS allowing the personal computer to be completely disabled after unauthorised moves.
A further advantage of the present invention is that there is no additional wiring involved and the element identifying the location can be permanently attached to the building in which it is located.
The present invention does not prevent theft of the data processing system, and, depending on the level of additional protection in the software, may offer little protection against malicious users circumventing the system, but most problems caused by unauthorised moves are not caused maliciously, but by users who are unaware of the correct procedures or not sufficiently motivated to follow them. This invention makes it easy to track personal computers with no user intervention required except plugging a cable, such as a USB cable, into a socket on the wall, in addition to the power and LAN cables that are already required.
In a first embodiment, the security action comprises storing the data read from the data tag for later recovery. This allows the data to be interrogated by a management system at any time.
In a second embodiment, the security action comprises the step of transmitting the stored information to a remote database. This allows the stored data to be transmitted to a central management database which translates the stored data into a physical location format. This transmission can be by any means, including wireless or wired connections, but may typically be by means of a LAN attachment.
In a third embodiment, the security action comprises the steps of: comparing the data read from the data tag with stored data; and responsive to said comparison, enabling a boot process if the read data corresponds to the stored data and disabling a boot process if the read data does not corresponds to the stored data. This allows the data processing system to be prevented from operating anywhere except the authorised location without administrator password access.
In a fourth embodiment the security action comprises the steps of: checking for the presence of data read by the reading step; and responsive to the presence of data, enabling a boot process if the read data is present and disabling a boot process if the read data is not present. This allows the data processing system to be restricted from being moved from a controlled area, and being used except with another data tag without administrator password access.
The invention also provides a data tag comprising:
stored data, including a identifier; and an interface for transmitting said identifier to a data processing system attached to the interface, the data processing system being adapted to initiate a security action responsive to receiving the identifier; the data tag being adapted to be physically attached to the environment surrounding the data tag.
Preferably, the stored data in the data tag corresponds to the location of the data tag.
In a preferred embodiment, the interface is a USB interface.
The use of a USB interface is particularly advantageous to the present invention as the USB interface is a serial self configuring link.
In a further embodiment, the environment surrounding the data tag is a peripheral device and the data tag forms part of said peripheral device.
The peripheral device may be a monitor or a printer or a communications device and the use of the data tag enables interlocking of the system unit with the peripheral device. Additionally, Vital Product Data such as the serial number of the peripheral devi
Cameron Gavin Munro
McCall Colin David
Orr Frank Martin
Fitch Even Tabin & Flannery
International Business Machines Corp.
Percello Louis J.
Trieu Van T.
LandOfFree
Electronic location tag does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic location tag, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic location tag will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2542980