SECURE COMPUTING ENVIRONMENT TO ADDRESS THEFT AND UNAUTHORIZED ACCESS

US 20100037312A1
Filed: 08/07/2009
Published: 02/11/2010
Est. Priority Date: 08/08/2008
Status: Active Grant

First Claim

Patent Images

1. A machine-readable medium storing one or more sequences of instructions for securing a client, which when executed, cause:

a BIOS agent storing policy data within a BIOS of the client, wherein the policy data describes one or more policies which the client should follow, wherein the BIOS agent is one or more software modules that execute in the BIOS of the client; and

upon an operating system agent detecting that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performing one or more actions specified by the particular policy, wherein the operating system agent is one or more software modules that execute in the operating system of the client.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for securing a client. A BIOS agent stores policy data within a BIOS of the client. The BIOS agent is one or more software modules that execute in the BIOS of the client. The policy data describes one or more policies which the client should follow. When an operating system agent detects that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performs one or more actions specified by the particular policy, such as disabling the client, retrieving a file from the client, erasing a file from the client, or encrypting a file on the client. The operating system agent is one or more software modules that execute in the operating system of the client.

50 Citations

View as Search Results

21 Claims

1. A machine-readable medium storing one or more sequences of instructions for securing a client, which when executed, cause:
- a BIOS agent storing policy data within a BIOS of the client, wherein the policy data describes one or more policies which the client should follow, wherein the BIOS agent is one or more software modules that execute in the BIOS of the client; and
  
  upon an operating system agent detecting that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performing one or more actions specified by the particular policy, wherein the operating system agent is one or more software modules that execute in the operating system of the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 18, 19, 20)
- - 2. The machine-readable medium of claim 1, wherein the condition is a determination as to whether the client is physically located outside of one or more bounded geographical areas.
  - 3. The machine-readable medium of claim 1, wherein the condition is a determination as to whether the client is located within a certain distance from a mobile device associated with a user of the client.
  - 4. The machine-readable medium of claim 1, wherein the condition is a determination as to whether a user of the client has submitted valid authentication credentials within a configurable period of time.
  - 5. The machine-readable medium of claim 1, wherein the one or more actions includes powering down the client and preventing the client from rebooting.
  - 6. The machine-readable medium of claim 1, wherein the one or more actions includes the client emitting a loud noise.
  - 7. The machine-readable medium of claim 1, wherein the one or more actions includes causing the client to take a picture or video of a user of the client.
  - 8. The machine-readable medium of claim 1, wherein a policy, of the one or more policies, indicates that the client should enter a degraded state after a configurable period of time, wherein the degraded state requires that the user of the client authenticate himself to the client by submitted valid authentication credentials to the client, and wherein the configurable period of time is specified by the policy.
  - 9. The machine-readable medium of claim 8, wherein execution of the one or more sequences of instructions further cause:
    - in response to the user being unable to authenticate himself to the client by submitting valid authentication credentials to the client when the client is in a degraded state, the client entering a disabled state, wherein the disabled state prevents the user from accessing resources of the client.
  - 10. The machine-readable medium of claim 9, wherein execution of the one or more sequences of instructions further cause:
    - in response to the user submitting valid authentication credentials to the client when the client is in a degraded state, the client entering an enabled state, wherein the enabled state enables the user to access resources of the client.
  - 18. The method of claim 1, wherein a policy, of the one or more policies, indicates that the client should enter a degraded state after a configurable period of time, wherein the degraded state requires that the user of the client authenticate himself to the client by submitted valid authentication credentials to the client, and wherein the configurable period of time is specified by the policy.
  - 19. The method of claim 18, further comprising:
    - in response to the user being unable to authenticate himself to the client by submitting valid authentication credentials to the client when the client is in a degraded state, the client entering a disabled state, wherein the disabled state prevents the user from accessing resources of the client.
  - 20. The method of claim 19, further comprising:
    - in response to the user submitting valid authentication credentials to the client when the client is in a degraded state, the client entering an enabled state, wherein the enabled state enables the user to access resources of the client.

11. A method for securing a client, comprising:
- a BIOS agent storing policy data within a BIOS of the client, wherein the policy data describes one or more policies which the client should follow, wherein the BIOS agent is one or more software modules that execute in the BIOS of the client; and
  
  upon an operating system agent detecting that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performing one or more actions specified by the particular policy, wherein the operating system agent is one or more software modules that execute in the operating system of the client.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11, wherein the condition is a determination as to whether the client is physically located outside of one or more bounded geographical areas.
  - 13. The method of claim 11, wherein the condition is a determination as to whether the client is located within a certain distance from a mobile device associated with a user of the client.
  - 14. The method of claim 11, wherein the condition is a determination as to whether a user of the client has submitted valid authentication credentials within a configurable period of time.
  - 15. The method of claim 11, wherein the one or more actions includes powering down the client and preventing the client from rebooting.
  - 16. The method of claim 11, wherein the one or more actions includes the client emitting a loud noise.
  - 17. The method of claim 11, wherein the one or more actions includes causing the client to take a picture or video of a user of the client.

21. An apparatus for securing resources stored thereon, comprising:
- one or more processors; and
  
  a machine-readable medium storing one or more sequences of instructions, which when executed by the one or more processors, cause;
  
  a BIOS agent storing policy data within a BIOS of the apparatus, wherein the policy data describes one or more policies which the apparatus should follow, wherein the BIOS agent is one or more software modules that execute in the BIOS of the apparatus; and
  
  upon an operating system agent detecting that a condition, specified by a particular policy of the one or more policies, has been met, the operating system agent performing one or more actions specified by the particular policy, wherein the operating system agent is one or more software modules that execute in the operating system of the apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Absolute Software Corporation
Original Assignee
Absolute Software Corporation
Inventors
Gupta, Ravi, Tarkhanyan, Anahit, Banga, Gaurav

Granted Patent

US 8,510,825 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/16
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06F 21/88 Detecting or preventing the...

SECURE COMPUTING ENVIRONMENT TO ADDRESS THEFT AND UNAUTHORIZED ACCESS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

50 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

SECURE COMPUTING ENVIRONMENT TO ADDRESS THEFT AND UNAUTHORIZED ACCESS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others