Apparatus, system, and method for detecting theft of network devices

US 10,013,584 B2
Filed: 03/27/2017
Issued: 07/03/2018
Est. Priority Date: 06/08/2015
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a Trusted Platform Module (TPM) chip that securely stores, within a Platform Configuration Register (PCR), an initial geographic location of a network device that has an increased risk of theft due to being deployed in an insecure location; and

a processing unit communicatively coupled to the TPM chip, wherein the processing unit;

determines, in response to detecting a boot up operation of the network device, a current geographic location of the network device;

before the boot up operation is completed, detects evidence of theft of the network device by;

comparing the current geographic location of the network device with the initial geographic location of the network device securely stored in the PCR; and

determining, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device; and

in response to detecting the evidence of theft of the network device, protects the network device from threats of theft by directing the TPM chip to prevent the boot up operation until the current geographic location of the network device matches the initial geographic location of the network device securely stored in the PCR.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed apparatus may include a secure storage device that securely stores an initial geographic location of a network device that facilitates network traffic within a network. This apparatus may also include a processing unit communicatively coupled to the secure storage device. The processing unit may determine a current geographic location of the network device. The policy-enforcement unit may then detect evidence of theft of the network device by (1) comparing the current geographic location of the network device with the initial geographic location of the network device and (2) determining, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device. Finally, the processing unit may perform at least one security action in response to detecting the evidence of theft of the network device.

24 Citations

14 Claims

1. An apparatus comprising:
- a Trusted Platform Module (TPM) chip that securely stores, within a Platform Configuration Register (PCR), an initial geographic location of a network device that has an increased risk of theft due to being deployed in an insecure location; and
  
  a processing unit communicatively coupled to the TPM chip, wherein the processing unit;
  
  determines, in response to detecting a boot up operation of the network device, a current geographic location of the network device;
  
  before the boot up operation is completed, detects evidence of theft of the network device by;
  
  comparing the current geographic location of the network device with the initial geographic location of the network device securely stored in the PCR; and
  
  determining, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device; and
  
  in response to detecting the evidence of theft of the network device, protects the network device from threats of theft by directing the TPM chip to prevent the boot up operation until the current geographic location of the network device matches the initial geographic location of the network device securely stored in the PCR.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, wherein the processing unit determines the current geographic location of the network device using a Global Positioning System (GPS) of the network device.
  - 3. The apparatus of claim 1, wherein the processing unit determines the current geographic location of the network device on a periodic basis.
  - 4. The apparatus of claim 1, wherein the processing unit determines that the current geographic location of the network device is beyond a certain distance from the initial geographic location of the network device.
  - 5. The apparatus of claim 1, wherein the processing unit further protects the network device from threats of theft by at least one of:
    - preventing the network device from facilitating network traffic;
      
      preventing any changes from being made to the configuration of the network device; and
      
      preventing a user from accessing data stored within the network device.
  - 6. The apparatus of claim 1, wherein the processing unit:
    - determines that an external power supply that provides power to the network device has been disconnected from the network device; and
      
      detects additional evidence of theft of the network device based at least in part on the external power supply having been disconnected from the network device.
  - 7. The apparatus of claim 6, wherein the processing unit performs a security action in response to detecting the additional evidence of theft of the network device by utilizing a dying gasp capacitor accessible to the network device.
  - 8. The apparatus of claim 7, wherein the security action comprises notifying an administrator of the network device about the additional evidence of theft of the network device.

9. A system comprising:
- a Trusted Platform Module (TPM) chip that securely stores, within a Platform Configuration Register (PCR), an initial geographic location of a router that has an increased risk of theft due to being deployed in an insecure location; and
  
  a processing unit communicatively coupled to the TPM chip, wherein the processing unit;
  
  determines, in response to detecting a boot up operation of the router, a current geographic location of the router;
  
  before the boot up operation is completed, detects evidence of theft of the router by;
  
  comparing the current geographic location of the router with the initial geographic location of the router securely stored in the PCR; and
  
  determining, based at least in part on the comparison, that the current geographic location of the router does not match the initial geographic location of the router; and
  
  in response to detecting the evidence of theft of the router, protects the router from threats of theft by directing the TPM chip to prevent the boot up operation until the current geographic location of the router matches the initial geographic location of the router securely stored in the PCR.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The system of claim 9, wherein the processing unit further protects the router from threats of theft by at least one of:
    - preventing the router from facilitating network traffic;
      
      preventing any changes from being made to the configuration of the router; and
      
      preventing a user from accessing data stored within the router.
  - 11. The system of claim 9, wherein the processing unit:
    - determines that an external power supply that provides power to the router has been disconnected from the router; and
      
      detects additional evidence of theft of the router based at least in part on the external power supply having been disconnected from the router.
  - 12. The system of claim 11, wherein the processing unit performs a security action in response to detecting the additional evidence of theft of the router by utilizing a dying gasp capacitor accessible to the router.
  - 13. The system of claim 12, wherein the security action comprises notifying an administrator of the router about the additional evidence of theft of the router.

14. A method comprising:
- detecting a boot up operation of a network device that has an increased risk of theft due to being deployed in an insecure location;
  
  determining, in response to detecting the boot up operation, a current geographic location of the network device;
  
  before the boot up operation is completed, detecting evidence of theft of the network device by;
  
  comparing the current geographic location of the network device with an initial geographic location of the network device securely stored within a Platform Configuration Register (PCR) of a Trusted Platform Module (TPM) chip, the TPM chip being communicatively coupled to the network device; and
  
  determining, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device; and
  
  in response to detecting the evidence of theft of the network device, protecting the network device from threats of theft by directing the TPM chip to prevent the boot up operation until the current geographic location of the network device matches the initial geographic location of the network device securely stored in the PCR.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Juniper Networks Incorporated
Original Assignee
Juniper Networks Incorporated
Inventors
Kanakarajan, Ravindranath C., Thadishetty, Venkanna
Primary Examiner(s)
Schmidt, Kari L

Application Number

US15/470,534
Publication Number

US 20170200026A1
Time in Patent Office

463 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/88   Detecting or preventing the...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2149   Restricted operating enviro...

G08B 13/1418   Removal detected by failure...

H04L 41/12   Discovery or management of ...

H04L 41/28   Restricting access to netwo...

H04L 63/107   wherein the security polici...

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

Apparatus, system, and method for detecting theft of network devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus, system, and method for detecting theft of network devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links