Methods and Apparatuses for Securely Operating Shared Host Computers With Portable Apparatuses

US 20090031403A1
Filed: 03/30/2007
Published: 01/29/2009
Est. Priority Date: 03/31/2006
Status: Active Grant

First Claim

Patent Images

1. A data processing system comprising:

a host computer containing a microprocessor coupled to a memory block;

a portable apparatus containing a data storage unit;

a data communication port in the portable apparatus containing the data storage unit, wherein the data communication port accommodates transfer of data between the host computer and the portable apparatus;

a host operating system, wherein the host operating system is configured to operate the host computer in a pre-connection state before an authorization is granted for a guest operation environment between the host computer and the portable apparatus; and

a guest operating system contained in the portable apparatus, wherein the guest operating system is configured to provide the guest operation environment to the host computer and the portable apparatus after the authorization is granted for the guest operation environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides methods and apparatuses that utilize a plurality of portable apparatuses to securely operate a plurality of host computers. Each portable apparatus including an operating system and a list of software applications is installed in a removable data storage medium. An authorization procedure is implemented before establishing a connected-state operation between a portable apparatus and a host computer. The host computer loads the operating system in the portable apparatus into its random access semiconductor memory (RAM) through the established connected-state operation.

42 Citations

View as Search Results

20 Claims

1. A data processing system comprising:
- a host computer containing a microprocessor coupled to a memory block;
  
  a portable apparatus containing a data storage unit;
  
  a data communication port in the portable apparatus containing the data storage unit, wherein the data communication port accommodates transfer of data between the host computer and the portable apparatus;
  
  a host operating system, wherein the host operating system is configured to operate the host computer in a pre-connection state before an authorization is granted for a guest operation environment between the host computer and the portable apparatus; and
  
  a guest operating system contained in the portable apparatus, wherein the guest operating system is configured to provide the guest operation environment to the host computer and the portable apparatus after the authorization is granted for the guest operation environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The data processing system of claim 1, wherein the authorization granted for the guest operation environment is established by comparing a device identification of the portable apparatus, a user-given password, or decrypted device information with a set of hardware profile information either directly or remotely stored for use by the host computer.
  - 3. The data processing system of claim 1, wherein the guest operation environment provided by the guest operating system contained in the portable apparatus is a virtual operating environment running on top of the host operating system.
  - 4. The data processing system of claim 1, wherein the guest operation environment provided by the guest operating system contained in the portable apparatus accommodates authorized uses of intellectual property or copyrighted data in the data storage unit of the portable apparatus.
  - 5. The data processing system of claim 1, further comprising a computer system server connected to the host computer, wherein the computer system server manages the authorization of the guest operation environment between the portable apparatus and the host computer.
  - 6. The data processing system of claim 5, further comprising a cluster of computers connected to the computer system server, wherein the computer system server manages a plurality of authorizations for data transfer activities between a plurality of portable apparatuses and the cluster of computers.
  - 7. The data processing system of claim 1, wherein the guest operation environment between the host computer and the portable apparatus is wirelessly implemented or via the Internet.
  - 8. The data processing system of claim 1, wherein the host operating system is contained in the host computer.
  - 9. The data processing system of claim 1, wherein the host operating system is restored from the guest operation environment to the pre-connection state in the host computer if the portable apparatus is either directly or indirectly disconnected from the host computer.

10. A method for securely operating a host computer with a portable apparatus, the method comprising:
- initiating a pre-connection state for the host computer, wherein the pre-connection state includes a system-level firmware or BIOS booting for the host computer;
  
  checking whether a portable apparatus is either directly or indirectly connected to the host computer; and
  
  if the portable apparatus is either directly or indirectly connected to the host computer;
  
  checking whether the portable apparatus is authorized to commence a data transfer activity between the portable apparatus and the host computer;
  
  if the portable apparatus is authorized to commence the data transfer activity between the portable apparatus and the host computer;
  
  loading a first guest operating system resident in the portable apparatus to the host computer; and
  
  conducting first additional data transfer activities between the portable apparatus and the host computer if the first additional data transfer activities are requested or necessary; and
  
  if the portable apparatus is not authorized to commence the data transfer activity between the portable apparatus and the host computer;
  
  requesting an authorization permission to commence the data transfer activity by communicating with a software vendor, a computer user, or an intellectual property compliance entity if necessary; and
  
  if the authorization permission to commence the data transfer activity is granted;
  
  loading the first guest operating system resident in the portable apparatus to the host computer; and
  
  conducting second additional data transfer activities between the portable apparatus and the host computer if the second additional data transfer activities are requested or necessary.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10, wherein the conditional step of conducting first additional data transfer activities between the portable apparatus and the host computer if the first additional data transfer activities are requested or necessary means loading a second guest operating system into the first guest operating system.
  - 12. The method of claim 10, wherein the conditional step of conducting second additional data transfer activities between the portable apparatus and the host computer if the second additional data transfer activities are requested or necessary means loading a third guest operating system into the first guest operating system.
  - 13. The method of claim 10, wherein the first guest operating system resident in the portable apparatus provides a virtual environment to the host computer if the first guest operating system is loaded to the host computer.
  - 14. The method of claim 10, wherein the step of initiating the pre-connection state for the host computer includes loading a host operating system to the host computer.
  - 15. The method of claim 14, further comprising steps of:
    - checking whether the portable apparatus is either directly or indirectly disconnected from the host computer; and
      
      restoring the host operating system to the host computer if the portable apparatus is either directly or indirectly disconnected from the host computer and if the host computer was previously operating with the first guest operating system.

16. A data processing system comprising:
- a host computer containing a microprocessor coupled to a memory block;
  
  a portable apparatus containing a data storage unit;
  
  a data communication port in the portable apparatus containing the data storage unit, wherein the data communication port accommodates transfer of data between the host computer and the portable apparatus;
  
  a system-level firmware or a BIOS, wherein the system-level firmware or the BIOS is configured to operate the host computer in a pre-connection state before an authorization is granted for the guest operation environment between the host computer and the portable apparatus; and
  
  a guest operating system contained in the portable apparatus, wherein the guest operating system is configured to provide the guest operation environment to the host computer and the portable apparatus after the authorization is granted for the guest operation environment.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The data processing system of claim 16, wherein the authorization granted for the guest operation environment is established by comparing a device identification of the portable apparatus, a user-given password, or decrypted device information with a set of hardware profile information either directly or remotely stored for use by the host computer.
  - 18. The data processing system of claim 16, wherein the guest operation environment provided by the guest operating system contained in the portable apparatus accommodates authorized uses of intellectual property or copyrighted data in the data storage unit of the portable apparatus.
  - 19. The data processing system of claim 16, further comprising a computer system server connected to the host computer, wherein the computer system server manages the authorization of the guest operation environment between the portable apparatus and the host computer.
  - 20. The data processing system of claim 19, further comprising a cluster of computers connected to the computer system server, wherein the computer system server manages a plurality of authorizations for data transfer activities between a plurality of portable apparatuses and the cluster of computers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
Evan S. Huang
Inventors
Huang, Evan S.

Granted Patent

US 8,245,293 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/575   Secure boot

G06F 21/78   to assure secure storage of...

G06F 2221/2129   Authenticate client device ...

G06F 2221/2153   Using hardware token as a s...

Methods and Apparatuses for Securely Operating Shared Host Computers With Portable Apparatuses

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and Apparatuses for Securely Operating Shared Host Computers With Portable Apparatuses

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links