SYSTEM AND METHOD TO PROVIDE ADDED SECURITY TO A PLATFORM USING LOCALITY-BASED DATA
First Claim
Patent Images
1. A system for protecting a computing platform from unauthorized access, comprising:
- a host processor coupled to a first wireless communication device to receive location-based information from a positioning device;
a firmware service configured to run during boot to verify that the computing platform is authorized for operation, the authorization based at least on location-based information received from the positioning device and pre-defined platform policy; and
a runtime service configured to run after boot, the runtime service configured to verify that the computing platform is authorized for operation, the authorization based at least on location-based information received from the positioning device and pre-defined platform policy.
1 Assignment
0 Petitions
Accused Products
Abstract
In some embodiments, the invention involves protecting a platform using locality-based data and, more specifically, to using the locality-based data to ensure that the platform has not been stolen or subject to unauthorized access. In some embodiments, a second level of security, such as a key fob, badge or other source device having an identifying RFID is used for added security. Other embodiments are described and claimed.
59 Citations
40 Claims
-
1. A system for protecting a computing platform from unauthorized access, comprising:
-
a host processor coupled to a first wireless communication device to receive location-based information from a positioning device; a firmware service configured to run during boot to verify that the computing platform is authorized for operation, the authorization based at least on location-based information received from the positioning device and pre-defined platform policy; and a runtime service configured to run after boot, the runtime service configured to verify that the computing platform is authorized for operation, the authorization based at least on location-based information received from the positioning device and pre-defined platform policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for protecting a computing platform from unauthorized access, comprising:
-
receiving location-based information from a positioning device during both boot and runtime; determining whether the platform is within range of a pre-defined location, based on the received location-based information and a platform policy; transmitting a platform identifier to an ID Authenticator on a network server; receiving one of an authentication confirmation or authentication failure from the ID Authenticator; determining whether the platform is authorized to operate at a current location determined by the received location-based information, authentication confirmation/failure of the platform identifier, and platform policy; when the platform is authorized to operate, allowing normal boot and runtime operation; and when the platform is not authorized to operate, based on platform policy and whether the platform is in boot mode or runtime mode, performing at least one of; prohibiting the platform to boot, locking-up the platform when in runtime, shutting down the platform when in runtime, and sending an alert that identifies failure to authorize the platform to operate normally. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A computer readable medium having instructions stored therein for protecting a computing platform from unauthorized access, the instructions when executed on at least one processor on the platform, cause the platform to:
-
receive location-based information from a positioning device during both boot and runtime; determine whether the platform is within range of a pre-defined location, based on the received location-based information and a platform policy; transmit a platform identifier to an ID Authenticator on a network server; receive one of an authentication confirmation or authentication failure from the ID Authenticator; determine whether the platform is authorized to operate at a current location determined by the received location-based information, authentication confirmation/failure of the platform identifier, and platform policy; when the platform is authorized to operate, allow normal boot and runtime operation; and when the platform is not authorized to operate, based on platform policy and whether the platform is in boot mode or runtime mode, perform at least one of; prohibit the platform to boot, lock-up the platform when in runtime, shutdown the platform when in runtime, and send an alert that identifies failure to authorize the platform to operate normally. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification