Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Reexamination Certificate
1998-07-31
2001-04-10
Swann, Tod R. (Department: 2767)
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
C713S172000, C713S152000
Reexamination Certificate
active
06216230
ABSTRACT:
BACKGROUND OF THE INVENTION
Theft is a serious and expensive problem for the users of notebook, or laptop, computers. It has been estimated that over a quarter of a million notebook computers are stolen each year, and a majority of business firms report losses from notebook computer theft. In addition to the value of the hardware, users may also suffer the loss of data stored on the computers. Conventional methods for protecting computer hardware consist of either physically isolating the computer in a locked room or mechanically securing the computer to a fixed object. However, such devices are cumbersome to use and defeat the mobility of the notebook computer.
There are notebook computer security systems that electronically track a computer and sound an alarm when it is moved a certain distance from the user. However, users will often disarm such security features because they restrict personal movement, and passersby will typically ignore audible alarms and similar warning devices. Another security system is a password program that directs the computer to secretly dial a security company when an improper password is entered. The security company uses the caller ID feature to locate the computer. This system may be defeated by intercepting the out-going call. Other security devices, such as “smart cards” and dongles, are also available, but these devices are designed for the protection of data and not for the deterrence of theft of computers.
Therefore, what is needed is an easy-to-use and low cost security system to deter the theft of a notebook computer.
SUMMARY OF THE INVENTION
Briefly, a security system constructed in accordance with the invention implements a user-validation procedure that requires the user to connect the proper hardware “key” device to a computer at power-up to enable operation. The system can support multiple users and a single supervisor. Each authorized user is provided with a unique key device which is carried and stored separately from the computer. The key device holds a unique serial number and an encryption key. A validation record stored on the computer's hard disk contains an unencrypted key device serial number, an encrypted hard disk serial number, and a Personal Identification Number (PIN) unique to the user.
A program that is automatically invoked at computer power-up, or reset, implements the user-validation procedure. The user is prompted to connect the key device to the computer. In the preferred embodiment, the user is prompted to enter a PIN, although the system can be configured to operate without manual PIN entry. The procedure permits entry past a first security level only if the key device serial number matches the unencrypted numbers in the validation record. If the first-level validation is successful, the procedure then uses the encryption key to decrypt the hard drive serial number and PIN found in the stored validation record. The procedure permits entry past the second security level only if the validation record is properly decrypted, the installed hard disk serial number matches the decrypted number, and the manually-entered PIN matches the decrypted PIN. A failure at any step in the user-validation procedure will immediately power down the computer, thereby rendering it useless to a thief not possessing the required key device.
Because the key device is not required for normal computer operations, after the user-validation procedure has successfully terminated, the user can remove the key device and keep it separate from the computer. Moreover, the small size of the key device makes it easy to transport and keep safe.
REFERENCES:
patent: 4789859 (1988-12-01), Clarkson et al.
patent: 4937437 (1990-06-01), Ferguson
patent: 4975550 (1990-12-01), Panchisin
patent: 4993627 (1991-02-01), Phelan et al.
patent: 5012514 (1991-04-01), Renton
patent: 5072101 (1991-12-01), Ferguson
patent: 5077991 (1992-01-01), Stickel et al.
patent: 5142269 (1992-08-01), Mueller
patent: 5265163 (1993-11-01), Golding et al.
patent: 5287408 (1994-02-01), Samson
patent: 5341421 (1994-08-01), Ugon
patent: 5361610 (1994-11-01), Sanders
patent: 5367295 (1994-11-01), Gokcebay et al.
patent: 5402492 (1995-03-01), Goodman et al.
patent: 5416840 (1995-05-01), Cane et al.
patent: 5450271 (1995-09-01), Fukushima et al.
patent: 5461218 (1995-10-01), Castleman et al.
patent: 5475839 (1995-12-01), Watson et al.
patent: 5499297 (1996-03-01), Boebert
patent: 5517569 (1996-05-01), Clark
patent: 5533125 (1996-07-01), Bensimon et al.
patent: 5542044 (1996-07-01), Pope
patent: 5546463 (1996-08-01), Caputo et al.
patent: 5548479 (1996-08-01), Hyvarinen
patent: 5568552 (1996-10-01), Davis
patent: 5572193 (1996-11-01), Flanders et al.
patent: 5587878 (1996-12-01), Tsai et al.
patent: 5598323 (1997-01-01), Muller
patent: 5603008 (1997-02-01), Hilton et al.
patent: 5606615 (1997-02-01), Lapointe et al.
patent: 5608387 (1997-03-01), Davies
patent: 5610981 (1997-03-01), Mooney et al.
patent: 5623637 (1997-04-01), Jones et al.
patent: 5642805 (1997-07-01), Tefft
patent: 5651068 (1997-07-01), Klemba et al.
patent: 5655020 (1997-08-01), Powers
patent: 5657470 (1997-08-01), Fisherman et al.
patent: 5732137 (1998-03-01), Aziz
patent: 5867106 (1999-02-01), Bi et al.
Wiener, P. et al., “Meeting USB and IEEE 1394 Overcurrent Protection Requirements Using PolySwitch Devices,” Wescon/97 Conf. Proc., Nov. 6, 1997, pp. 442-475.*
International Search Report-International Application No. PCT/US 99/17315, dated Oct. 12, 1999, International Filing Date Jul. 29, 1999, applicant Durango Corporation.
SecurityPak—Complete Computer Security Solution, found at <http://acan.net/~portapak/securitypak.html> (Jan. 13, 1998).
M-Crypt—The Ideal in Laptop and Desktop Protection, found at <http://www.securedata.com/ip/mcrypt/mcrypt.html> (Jan. 13, 1998).
SafeHouse for Windows, found at <http://www.pcdynamics.com/SafeHouse/startpage.html> (Jan. 13, 1998).
Are Smartcards a Certificate Solution?, found at <http://www.byte.com/art/9706/sec5/art4.htm> (Feb. 4, 1998).
Serial Cable with Security Key, found at <http://www.scintco.com/skey1.htm> (Feb. 4, 1998).
EY-LOK II dongle security devices, found at <http://www.keylok.com/> (Feb. 4, 1998).
SecuriKey for PC's, found at <http://www.datasec.com/SecruPC.htm> (Feb. 4, 1998).
bluVenom Anti-Theft Devices Inc., found at <http://www.bluvenom.com/body_home.html> (Feb. 2, 1998).
EliaShim releases EasySafe Version 3.1 To Secure Data on DOS/Windows & Windows 95 Laptops, found at <http://www.virussafe.com/presel/pr0907.html> (Jan. 13, 1998).
Infrard Data Association Serial Infrared Physical Layer Link Specification, Version 1.2, Nov. 10, 1997, Joe Tajnai of HP, joe_tajnai@hp.com., John Petrilla of HP, john_petrilla@hp.com.
Infrared Data Association Guidelines For Ultra Protocols, Version 1.0, Oct. 15, 1997, Petri Nykanen Petri.Nykanen@nmp.nokia.com (Nokia Mobile Phones Ltd.) Paul Rubin phr@wireless.com, Mike Cheponis mike@wireless.com (California Wireless, Inc.).
Behar Yaacov
Rallis William N.
Cesari and McKenna LLP
Darrow Justin T.
Durango Corporation
Swann Tod R.
LandOfFree
Notebook security system (NBS) does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Notebook security system (NBS), we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Notebook security system (NBS) will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2464173