Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-03-19
2003-04-08
Hua, Ly V. (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000
Reexamination Certificate
active
06546491
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to computer systems, and more particularly to securing personal computer systems in a corporate environment.
BACKGROUND OF THE INVENTION
Today, securing computer systems from theft and unauthorized use is very important to businesses. Of particular concern is the securing of mobile computers, or “laptop” computers. Due to their portability, they are particularly susceptible to theft. Two approaches to this problem has been proposed by INTERNATIONAL BUSINESS MACHINES CORPORATION, the assignee of the present application.
FIG. 1
illustrates a first possible approach to securing mobile computers. In this first approach, the laptop computer
104
has an identification (ID) tag
102
, and the possessor
108
of the laptop computer
104
has an ID tag
106
as well. These ID tags
102
,
106
are detected via a radio signal when they move through a portal
110
. A “portal”, as used in this specification, refers to a location through which a possessor
108
in possession of a laptop computer
104
may pass through. For example, a corporation may place a portal
110
at possible exists from its office building. When a portal
110
detects the ID tags
102
and
106
, it checks if the identified possessor
108
has authority to possess the identified laptop computer
104
. If not, then the laptop computer
104
is locked by the portal
110
through a radio signal from the portal
110
to the laptop computer
104
. Thus, an unauthorized possessor who transports a laptop computer past a portal will not be able to operate the laptop. However, with this approach, the locking of the laptop computer
104
may be avoided by transporting the computer
104
in a Faraday cage, for example a metal briefcase, or by positioning an antenna in a particular direction such that the computer's ID tag
102
is not seen by the portal
110
. The portal
110
thus never detects the transport of the laptop computer
104
, and it is never locked.
FIG. 2
illustrates a second possible approach. In this approach, a zone of authorized operation
202
is defined within which the laptop computer
204
is freely operable. The zone of authorized operation
202
will be defined by a radio beacon
206
which continuously emits a radio signal. The laptop computer
204
would be equipped with a radio frequency listening device
208
which can hear the signal from the radio beacon
206
. When the laptop computer
204
hears the signal, it is operable. However, when the laptop computer
204
is transported outside the zone
202
, it will not hear the signal, at which time it will lock itself. To operate the locked laptop computer
204
, a possessor
206
of the laptop computer
204
must enter a valid password. However, this approach is unfriendly to the possessor
206
since the possessor must remember passwords. It is also breakable via social engineering if the passwords are not chosen securely.
Accordingly, what is needed is a system and method for securing computers which is possessor friendly and is more reliable than current possible approaches. The method and system should be easily applied in a corporate environment. The present invention addresses such a need.
SUMMARY OF THE INVENTION
The present invention provides a method and system for securing a computer. The method includes providing a zone of authorized operation for the computer; determining if a possessor of the computer is authorized to have possession when the computer and the possessor leaves the zone of authorized operation and pass through a portal; and allowing continued access to the computer without requiring a password if the possessor is authorized. The method and system is transparent to the possessor and provides no advantage in hiding the computer from the portal. This method and system may be easily applied in a corporate environment and is particularly apt for securing mobile computer systems.
REFERENCES:
patent: 5400722 (1995-03-01), Moses et al.
patent: 5402492 (1995-03-01), Goodman et al.
patent: 5892906 (1999-04-01), Chou et al.
patent: 5970227 (1999-10-01), Dayan et al.
patent: 6286102 (2001-09-01), Cromer et al.
patent: 02000259571 (2000-09-01), None
patent: 02000311024 (2000-11-01), None
Challener David C.
Timmons Kenneth D.
Hua Ly V.
International Business Machines - Corporation
Munoz-Bustamante Carlos
Sawyer Law Group LLP
LandOfFree
Securing mobile computer systems in a corporate environment does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Securing mobile computer systems in a corporate environment, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Securing mobile computer systems in a corporate environment will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3088275