Inactivity monitor for trusted personal computer system
First Claim
1. A personal computer system for receiving and retaining data and capable of securing data retained within the system against unauthorized access, the system comprising:
- a normally closed enclosure;
an erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state;
a manually operable option switch mounted within said enclosure, said option switch being operatively connected with said erasable memory element and manually settable by a user of the personal computer system for setting said erasable memory element to the active and inactive states;
an inactivity monitor in the computer system for determining whether or not a measured time period between successive uses of the system exceeds a specified inactivity period;
means for selectively enabling and disabling the inactivity monitor;
means for inhibiting a successful power-up of the computer system in response to a determination by the inactivity monitor, while enabled, that the measured time period exceeds the specified inactivity period; and
a system processor mounted within said enclosure and operatively connected with said erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between entry and non-entry of the password and between the enabled and disabled state of the inactivity monitor.
2 Assignments
0 Petitions
Accused Products
Abstract
A personal computer system is described, having security features enabling control over access to data retained in such a system. The system has a normally closed enclosure, at least one erasable memory element for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state, an option switch operatively connected with the erasable memory element for setting the erasable memory element to the active and inactive states, a tamper detection switch operatively connected with the erasable memory element for detecting opening of the enclosure, and a system processor operatively connected with the erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between entry and non-entry of any stored privileged access password and between detection and non-detection of opening of the enclosure by the tamper detection switch. In addition, an inactivity monitor is provided for measuring the time period between successive uses of the system and for determining whether or not the measured time period exceeds a specified inactivity period. A utility is provided for rendering the monitor enabled. When the enabled monitor determines that the measured time exceeds the specified time, power-up of the system is prevented until the privileged access password (or a power-on password) is successfully entered into the system by a user.
83 Citations
19 Claims
-
1. A personal computer system for receiving and retaining data and capable of securing data retained within the system against unauthorized access, the system comprising:
-
a normally closed enclosure; an erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state; a manually operable option switch mounted within said enclosure, said option switch being operatively connected with said erasable memory element and manually settable by a user of the personal computer system for setting said erasable memory element to the active and inactive states; an inactivity monitor in the computer system for determining whether or not a measured time period between successive uses of the system exceeds a specified inactivity period; means for selectively enabling and disabling the inactivity monitor; means for inhibiting a successful power-up of the computer system in response to a determination by the inactivity monitor, while enabled, that the measured time period exceeds the specified inactivity period; and a system processor mounted within said enclosure and operatively connected with said erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between entry and non-entry of the password and between the enabled and disabled state of the inactivity monitor. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A personal computer system for receiving and retaining data and capable of securing data retained within the system against unauthorized access, the system comprising:
-
a normally closed enclosure; an erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a power-on password and a privileged access password; a manually operable option switch mounted within said enclosure, said option switch being operatively connected with said erasable memory element and manually settable by a user of the personal computer system for setting said erasable memory element to the active and inactive states; a tamper detection switch mounted within said enclosure and operatively connected with said erasable memory element for detecting opening of said enclosure; A real time clock; an inactivity monitor in the computer system for determining whether or not a time period between successive uses of the system measured by the clock exceeds a specified inactivity period; program controlled means for selectively enabling and disabling the inactivity monitor; means for preventing a successful power-up of the computer system in response to switching of the tamper detection switch and in response to a determination by the inactivity monitor, while enabled, that the measured time period exceeds the specified inactivity period; and a system processor mounted within said enclosure and operatively connected with said erasable memory element for controlling access to at least certain levels of data stored within the system by distinguishing between the active and inactive states of said memory element, between entry and nonentry of the passwords, and between the enabled and disabled state of the inactivity monitor. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A personal computer system for receiving and retaining data and capable of securing data retained within the system against unauthorized access, the system comprising:
-
a normally closed enclosure; an inactivity monitor in the system for measuring the time between successive uses of the system and for determining whether or not the measured time exceeds a specified inactivity period; program controlled means for selectively rendering the inactivity monitor enabled and disabled; a first erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state; an option switch mounted within said enclosure and operatively connected with said first erasable memory element for setting said first erasable memory element to the active and inactive states; a second erasable memory element mounted within said enclosure for receiving and storing a power-on password and data indicative of the enabled state of the inactivity monitor, the state of said first erasable memory element, and of correct installation of any stored power-on password and privileged access password; a tamper detection switch mounted within said enclosure and operatively connected with said second erasable memory element for detecting unauthorized opening of said enclosure; means for preventing a successful power-up of the computer system in response to switching of the tamper detection switch and in response to the inactivity monitor while it is enabled, determining that the measured time exceeds the specified inactivity period; and a system processor mounted within said enclosure and operatively connected with said erasable memory elements for controlling access to at least certain levels of data stored within the system by distinguishing between the enabled and disabled state of the inactivity monitor, between the active and inactive states of said first memory element, and between entry and non-entry of any valid stored privileged access password and any valid stored power-on password in the first and second erasable memory elements. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method of operating a personal computer system having an enclosure, a system processor mounted within the enclosure, a selectively activatable erasable memory element mounted within the enclosure, a manually operable option switch mounted within the enclosure manually settable by a user of the personal computer system for setting the memory element to active and inactive states, a tamper detection switch mounted within the enclosure for detecting opening of the enclosure, an inactivity monitor for determining whether or not a measured time between successive uses of the system exceeds a specified inactivity period, and a utility program invocable by the user for rendering the inactivity monitor enabled and specifying the inactivity period, the method comprising the steps of:
-
manually setting the option switch and selectively setting the memory element into the active state; storing a privileged access password in the active memory element; invoking the utility program to enable the inactivity monitor; controlling access to at least certain levels of data stored within the system by distinguishing between entry and non-entry of the password and between an enabled and disabled state of the inactivity monitor; and inhibiting a power-up of the system in response to any switching of the tamper switch and in response to a determination by the enabled inactivity monitor that the measured time exceeds the specified inactivity period while the privileged access password is stored in the memory element. - View Dependent Claims (18, 19)
-
Specification