Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-12-23
2001-09-04
Le, Dieu-Minh T. (Department: 2184)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C340S870030
Reexamination Certificate
active
06286102
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The invention relates in general to security for computer systems and, in particular, to a security system for computers, such as laptop computers, that are moved past a checkpoint.
2. Description of the Prior Art
Personal computer systems have attained widespread use for providing computer power to many segments of today's modern society. Personal computer systems can usually be defined as a desk top, floor standing, or portable microcomputer that consists of a system unit having at least one system processor and associated volatile and non-volatile memory, a display monitor, a keyboard, one or more diskette drives, a fixed disk storage, and an optional printer. One of the distinguishing characteristics of these systems is the use of a motherboard (also known as and occasionally mentioned herein as a system board, system planar or planar) to electrically connect these components together. These systems are designed primarily to give independent computing power to a single user and are inexpensively priced for purchase by individuals or small businesses. Examples of such personal computer systems are IBM's PERSONAL SYSTEM/2 Models 90 and 95, IBM PC 300 series, and Think Pad series.
Advances in technology are resulting in smaller form factors for desktop and portable systems. Portables are designed to fit into a standard brief case and some of the small form desktop could also fit into a large brief case. The small size combined with the tremendous computing power has made these computers a target for thieves. This coupled with the growing use of personal computers in the world in recent years, resulting in more information being collected and stored in such systems, has created a security risk. Many computers contain data that is either sensitive to an individual or to a company. In the wrong hands, this data could become damaging to individuals, a company could lose a competitive edge, or sensitive data could be used to force payment for silence. As more users recognize the sensitive nature of data and its value, the more it becomes desirable to protect against such misuse. To protect themselves and the persons associated with the stored data, users are requiring incorporation of security and integrity features into the personal computers that they purchase.
Users are not the only people to recognize the sensitivity of the data being collected and stored. Governments are also enacting laws to enforce protection of sensitive data. One such government is that of the United States. It has recognized and responded to the gravity of the situation. The United States federal government has defined security levels and the associated requirements it takes to meet those levels, and provides a certification agency for personal computer manufacturers to submit products in order to see if the products meet the security level claimed by the manufacturer. The source for the Federal Requirements is the Department of Defense, Trusted Computer System Evaluation Criteria, DOD 5200.28 STD, 12/85, generally referred to as The Orange Book. The government has legislated that by Jan. 1, 1992 all data related to the government must only be processed and stored on personal computers with a minimum security level of C-2. For computer system hardware, the essence of the requirements is contained in the Assurance section, Requirement 6: “trusted mechanisms must be continuously protected against tampering and/or unauthorized changes . . .”
The related Application Ser. No. 840,965 describes a personal computer providing means for limiting access to certain critical data to only those users having a proper privilege to access such data. In realizing this purpose, a specialized memory element is provided for receiving and storing a Power On Password and a Privileged Access Password (sometimes hereinafter called a “POP” and a “PAP” respectively) and for coordinating the access granted to various functions and data to the activation and usage of the passwords. The related Application Ser. No. 08/640366 filed Apr. 30, 1996 describes a security system for computers that defines a control zone using radiation, preferably at radio frequency, having a distinctive characteristic, such as a particular frequency. The zone may be established, for example, at a door exit or other limited passage to a secured area. Thus use of such systems provides protection of physical assets and data but is too restrictive for use in mobile computers. The system may be adapted to selectively allow activation or deactivation of security measures should the circumstances of use so permit. Thus users of such systems are given great flexibility in application of the systems while company or organization can maintain strict security controls. Certain of the teachings of this related Application are described in detail hereinafter in view of its relationship with the invention of the present Application.
BRIEF DESCRIPTION OF THE INVENTION
With the foregoing in mind, the present invention contemplates a new personal computer feature, which makes data stored in a personal computer system inaccessible if transported by an unauthorized person. In particular, the invention addresses the problem of removal of the computer from an area by a person without authorization to remove and disables the computer in response to such removal. Indeed, the present invention responds to removal of a computer authorized for removal but which is being removed by a person not authorized for such removal or who has not provided an personal identity code. For a preferred implementation the computer can be made operative again by providing a correct password.
A personal computer system of the type described above has a first radiation responsive system that emits a radiation signal bearing a coded serial number upon being exposed to radiation having a predefined characteristic. The personal identification number is required of the person in the zone with the computer, either by key input or an encoded radio signal. Receivers in the control zone then trigger a computer to do a search referencing a list of serial numbers authorized for removal by individuals through such zone, which may, for example, be a doorway to a computer room. If the serial number of the computer is not authorized for the identified individual, a signal is sent to trigger transmission of radiation having a second predefined characteristic, different from the first characteristic, which causes a receiver in the computer to activate logic that disables the computer from completing power-on setup, thereby making the computer inoperable.
The preferred new security feature renders the personal computer system inoperable, if an unauthorized individual moves the computer system through a control zone where it is exposed to radiation with a predefined characteristic. Thus, at least, certain data contained within the system components cannot be accessed by an unauthorized user in the event that the system is transported through the control zone or checkpoint.
REFERENCES:
patent: 5097253 (1992-03-01), Eschbach et al.
patent: 5111185 (1992-05-01), Kozaki
patent: 5117457 (1992-05-01), Comerford et al.
patent: 5142626 (1992-08-01), Arnold et al.
patent: 5151684 (1992-09-01), Johnsen
patent: 5245317 (1993-09-01), Chidley et al.
patent: 5353011 (1994-10-01), Wheeler et al.
patent: 5388156 (1995-02-01), Blackledge, Jr. et al.
patent: 5406261 (1995-04-01), Glenn
patent: 5574431 (1996-11-01), McKeown et al.
patent: 5574786 (1996-11-01), Dayan et al.
patent: 5712973 (1998-01-01), Dayan et al.
patent: 5748083 (1998-05-01), Rietkerk
patent: 5754110 (1998-05-01), Appalucci et al.
patent: 5793290 (1998-08-01), Eagleson et al.
patent: 5970227 (1999-10-01), Dayan et al.
patent: 6040773 (2000-03-01), Vega et al.
Cromer Daryl
Dayan Richard
Locker Howard
Steinmetz Mike
Ward Jim
Dillon Andrew
Grosser George E.
International Business Machines - Corporation
Le Dieu-Minh T.
LandOfFree
Selective wireless disablement for computers passing through... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Selective wireless disablement for computers passing through..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Selective wireless disablement for computers passing through... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2448134