Protection of information in computing devices

US 20060112418A1
Filed: 11/19/2004
Published: 05/25/2006
Est. Priority Date: 11/19/2004
Status: Active Grant

First Claim

Patent Images

1. A method for protecting information in a computing device, comprising:

detecting location of the computing device;

determining whether the location is an unauthorized location; and

restricting access to the information in response to the location being an unauthorized location.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides techniques for protecting information in a computing device. For instance, a location of the computing device is detected. It is determined whether the location is an unauthorized location. Access to the information is restricted in response to the location being an unauthorized location. As another example, information in a computing device may be protected by detecting location of the computing device. It is determined whether the location is an unauthorized location. One or more decoy files are created in the information in response to the location being an unauthorized location.

103 Citations

View as Search Results

34 Claims

1. A method for protecting information in a computing device, comprising:
- detecting location of the computing device;
  
  determining whether the location is an unauthorized location; and
  
  restricting access to the information in response to the location being an unauthorized location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, further comprising the step of appending one or more alert messages to one or more outgoing communications by the computing device in response to the location being an unauthorized location.
  - 3. The method of claim 2, wherein a given one of the outgoing communications is to one or more of a tracing agency, a recovery service bureau, and predetermined authorities.
  - 4. The method of claim 1, wherein the steps of detecting, determining, and restricting are performed by the computing device.
  - 5. The method of claim 1, wherein:
    - the step of detecting location further comprises the step of detecting location of the computing device by measuring one or more distances of the computing device from one or more of at least one network access point and at least one known network location; and
      
      wherein the step of determining further comprises the step of determining that the computing device is in an unauthorized location when the one or more distances are larger than a predetermined distance.
  - 6. The method of claim 1, wherein:
    - the step of detecting location further comprises the step of detecting a current position of the computing device; and
      
      the step of determining further comprises the step of determining that the computing device is in an unauthorized location when the current position of the computing device is not within one or more predetermined regions.
  - 7. The method of claim 1, wherein the step of restricting access further comprises the step of modifying one or more software programs on the computing device.
  - 8. The method of claim 1, wherein:
    - the step of detecting location further comprises the step of detecting that the computing device has moved, from an initial location, a given distance over a given time period; and
      
      the step of determining further comprises the step of determining that the location is an unauthorized location when the given distance and given time period are greater than a predetermined distance and predetermined time period.
  - 9. The method of claim 1, wherein:
    - the step of detecting location further comprises the step of detecting whether the computing device can communicate with one or more predetermined nodes on a network; and
      
      the step of determining further comprises the step of determining that the location is an unauthorized location in response to the computing device being unable to communicate with the one or more predetermined nodes on the network.
  - 10. The method of claim 1, wherein:
    - the step of detecting location further comprises the step of detecting one or more network addresses used by the computing device; and
      
      the step of determining further comprises the step of determining that the location is an unauthorized location in response to the detected one or more network addresses not being any of one or more predetermined network addresses.
  - 11. The method of claim 1, further comprising the step of transmitting at least location information corresponding to the location via one or more of a wired network connection and a wireless network connection.
  - 12. The method of claim 1, further comprising the step of queuing the location information prior to transmission.
  - 13. The method of claim 1, wherein a storage device comprises the information and wherein the step of restricting access further comprises the step of encrypting the information in response to the location being the unauthorized location.
  - 14. The method of claim 1, wherein the step of restricting access further comprises the step of denying access to a storage device containing the information in response to the location being the unauthorized location.
  - 15. The method of claim 1, wherein the step of restricting access further comprises the step of requiring one or more of a password and an encryption key in response to the location being the unauthorized location.
  - 16. The method of claim 1, wherein the step of restricting access further comprises the step of encrypting at least one file, the at least one file part of the information.
  - 17. The method of claim 1, wherein the step of restricting access further comprises the step of destroying at least one file, the at least one file part of the information.
  - 18. The method of claim 1, wherein the step of restricting access further comprises the step of disabling a portion of the computing device.
  - 19. The method of claim 1, wherein:
    - the method further comprises the step of delivering at least one file in the information to a second computing device; and
      
      the step of restricting access further comprises the step of disabling, after the step of delivering, the at least one file by performing one or more of the following steps;
      
      encrypting the at least one file, destroying the at least one file, and creating one or more decoy files corresponding to the at least one file.
  - 20. The method of claim 1, wherein:
    - the step of detecting location further comprises the step of monitoring of internet entry fields having entered identifying information;
      
      the step of determining whether the location is an unauthorized location further comprises the step of determining that the location is an unauthorized location when the entered identifying information does not match stored identifying information; and
      
      the method further comprises the step of communicating the entered identifying information to one or more servers.

21. A system for protecting information in a computing device comprising:
- one or more devices adapted to detect location of the computing device; and
  
  a protection process coupled to the one or more devices, the protection process adapted to determine whether the location is in an unauthorized position and adapted to cause the information in the computing device to be restricted in response to the location being an unauthorized location.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The system of claim 21, wherein the computing device comprises the system.
  - 23. The system of claim 21, wherein the one or more devices comprise a motion detector.
  - 24. The system of claim 21, wherein the one or more devices comprise a position detector.
  - 25. The system of claim 21, further comprising an encryption apparatus adapted to encrypt the information, wherein the protection process is adapted to communicate to the encryption apparatus, and wherein the encryption apparatus is adapted to encrypt a portion of the information in response to the communication.
  - 26. The system of claim 21, further comprising a storage device comprising the information, the storage device further comprising an access disabling device, wherein the protection process is adapted to communicate to the access disabling device, and wherein the access disabling device is adapted to disable access to the information in the storage device in response to the communication.
  - 27. The system of claim 21, further comprising one or more components in the computing device, each of the one or more components having an access disabling device, wherein the protection process is adapted to communicate to a given access disabling device, and wherein the access disabling device is adapted to disable a corresponding component in response to the communication.
  - 28. The system of claim 21, wherein protection process is implemented in one or more of hardware, firmware, and software.
  - 29. The system of claim 28, wherein the protection process is implemented at least in part by software, the computing device comprises a processor, and the processor executes the software of the protection process.
  - 30. The system of claim 28, wherein the protection process is implemented at least in part by software, the computing device comprises a first processor and the system comprises a second processor, and one or more of the first and second processors execute the software of the protection process.

31. A method for protecting information in a computing device, comprising:
- detecting location of the computing device;
  
  determining whether the location is an unauthorized location; and
  
  creating one or more decoy files in the information in response to the location being an unauthorized location.
- View Dependent Claims (32, 33, 34)
- - 32. The method of claim 31, wherein the information comprises a file and wherein the step of creating further comprises the step of creating the one or more decoy files to have decoy information that corresponds to the file or to have decoy information that does not correspond to the file.
  - 33. The method of claim 31, wherein the information comprises a file and wherein the step of creating further comprises the step of creating the one or more decoy files to have names corresponding to a portion of a name of the file.
  - 34. The method of claim 33, wherein the step of creating further comprises the step of modifying times associated with a given one of the one or more decoy files and the file so that a time associated with the given decoy file is later than a time associated with the file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
HCL Technologies Limited
Original Assignee
International Business Machines Corporation
Inventors
Pickover, Clifford Alan, Mastrianni, Steven J., Chefalas, Thomas E., Bantz, David F.

Granted Patent

US 7,546,639 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/88   Detecting or preventing the...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/102   Entity profiles

Protection of information in computing devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

103 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Protection of information in computing devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links