Hardware theft-protection architecture

US 6,032,257 A
Filed: 08/29/1997
Issued: 02/29/2000
Est. Priority Date: 08/29/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method of theft protection, comprising the steps of:

(a.) when a system is powered up, sending a site code, which at least partially identifies said system, to one or more protected components connected to said system; and

(b.) in a protected component which contains memory space reserved for a unique authentication code which is not the same as the component'"'"'s serial number;

if said memory space contains an authentication code, testing said site code against said authentication code by a digital verification test, and enabling full operation of said component only if said testing is successful; and

if said memory space does not contain said authentication code, then automatically generating said authentication code by digitally combining said site code with a unique serial number which is readably stored in nonvolatile memory on said component, and storing said authentication code in said memory space.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of theft protection for computers and computer related hardware. Warranty fraud, theft of proprietary technology, and hardware theft are minimized by encoding the hardware components such that a digitally authenticated handshake must be performed between the system and the component at power-up. If the handshake is successful, normal operation continues with all enhancements. If the handshake is unsuccessful, the device is disabled or shifted into a lower performance mode.

296 Citations

29 Claims

1. A method of theft protection, comprising the steps of:
- (a.) when a system is powered up, sending a site code, which at least partially identifies said system, to one or more protected components connected to said system; and
  
  (b.) in a protected component which contains memory space reserved for a unique authentication code which is not the same as the component'"'"'s serial number;
  
  if said memory space contains an authentication code, testing said site code against said authentication code by a digital verification test, and enabling full operation of said component only if said testing is successful; and
  
  if said memory space does not contain said authentication code, then automatically generating said authentication code by digitally combining said site code with a unique serial number which is readably stored in nonvolatile memory on said component, and storing said authentication code in said memory space.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein said component is hot-pluggable, and said steps (a.) and (b.) are also performed when said component is undergoing device self-testing after hotplug insertion.
  - 3. The method of claim 1, wherein said site code is the unique serial number of said system.
  - 4. The method of claim 1, wherein said digital verification test is a public-key/private-key digital signature verification test.
  - 5. The method of claim 1, wherein a system CPU is programmed to perform said test.
  - 6. The method of claim 1, wherein a microcontroller located on said new component is programmed to perform said testing.
  - 7. The method of claim 1, wherein a microcontroller located on said new component is programmed to perform said testing and said microcontroller is a state machine.

8. A method of theft protection in a computer system which includes a memory, at least-one processor unit, a non-volatile storage unit, a user input, and a user output, comprising the steps of:
- (a.) sending a site code from said processor unit to at least one protected component at power up;
  
  (b.) testing said site code, in combination with a unique serial number of said protected component, against a stored authentication code, in a digital verification test; and
  
  (c.) enabling full performance of said component only when said testing (b.) is successful.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8, wherein said testing is performed by a microcontroller on said component.
  - 10. The method of claim 8, wherein said digital verification test is a public-key/private-key digital signature verification test.
  - 11. The method of claim 8, wherein said site code is the unique serial number of said system.
  - 12. The method of claim 8, wherein said component is hot-pluggable, and said steps (a.) and (b.) are also performed when said component is undergoing device self-testing after hot-plug insertion.

13. A method of configuration control in a computer system which includes a memory, at least one processor unit, a non-volatile storage unit, a user input, and a user output, comprising, the steps of:
- (a.) reading a unique number from at least one protected component connected to said computer system;
  
  (b.) testing said unique number, in combination with a site code which at least partially identifies said system, against a stored authentication code which is different from said site code and from said unique number, using a digital verification test; and
  
  (c.) enabling full performance of said component in partial dependence on the outcome of said testing step (b.).
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13, wherein said unique number is a serial number of said component.
  - 15. The method of claim 13, wherein said testing is performed by said processor unit.
  - 16. The method of claim 13, wherein said digital verification test is a public-key/private-key digital signature verification test.
  - 17. The method of claim 13, wherein said component is hot-pluggable, and said steps (a.) and (b.) are also performed when said component is undergoing device self-testing after hot-plug insertion.
  - 18. The method of claim 13, wherein said testing is performed both by said processor unit and also, independently, by a programmable processor which is part of said component.
  - 19. The method of claim 13, ;
    - herein said site code is the unique serial number of said system.

20. A computer system, comprising:
- a plurality of components comprising a memory, a system CPU, a nonvolatile storage unit, a user input, and a user output;
  
  wherein at least one said component comprisesa microcontroller;
  
  first and second unique numbers stored in readable memory locations;
  
  wherein said first unique number uniquely identifies said component, and said second unique number is derived both from said first unique number, and also from a site code which at least partially identifies the system, in a predetermined transformation relationship;
  
  and wherein said microcontroller is programmed to digitally authenticate a system site code whenever a full power-up initialization occurs, using said second unique number, and in dependence thereon to enable full performance of said component.
- View Dependent Claims (21, 22, 23, 24, 25, 26)
- - 21. The system of claim 20, wherein said CPU is programmed to digitally authenticate during a Power-On-Self-Test procedure.
  - 22. The system of claim 20, wherein said site code is the unique serial number of said system.
  - 23. The system of claim 20, wherein said first unique number is the serial number of said component.
  - 24. The system of claim 20, wherein said memory is a non-volatile memory.
  - 25. The system of claim 20, wherein said microcontroller is implemented by a state machine.
  - 26. The system of claim 20, wherein said microcontroller is programmed to enable operation of said component by way of a latching device.

27. A component, comprising:
- a microcontroller;
  
  a first unique number nonvolatilely stored at a readable address; and
  
  a nonvolatile memory operatively connected to said microcontroller;
  
  wherein upon first power-up in a system which provides a site code to said component, said microcontroller writes to said memory a second unique number which is not equal to said first unique number, and which is derived from said first unique number by a digital transformation which is dependent on said site code.
- View Dependent Claims (28, 29)
- - 28. The component of claim 27, wherein said site code is the unique serial number of said system.
  - 29. The component of claim 27, further comprising a rotatable magnetic storage medium.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Compaq Computer Corporation (HP Inc.)
Inventors
Angelo, Michael F., Olarig, Sompong P., Jansen, Kenneth A.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Iqbal, Nadeem

Application Number

US08/927,114
Time in Patent Office

914 Days
Field of Search

713/200, 713/202, 713/201, 380/2, 380/4, 380/3, 380/23, 380/25, 380/28, 380/30, 380/43, 380/44, 380/48, 714/5, 714/21, 714/27, 714/30, 714/32, 714/33, 714/36, 714/37, 714/48, 714/712, 714/720, 714/732, 395/500.02, 395/500.05, 340/825.34, 235/382
US Class Current

726/35
CPC Class Codes

G06F 21/31   User authentication

G06F 21/575   Secure boot

G06F 21/88   Detecting or preventing the...

G06F 2207/7219   Countermeasures against sid...

G06F 2211/1097   Boot, Start, Initialise, Power

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

G08B 13/1418   Removal detected by failure...

Hardware theft-protection architecture

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

296 Citations

29 Claims

Specification

Use Cases

Quick Links

Others

Hardware theft-protection architecture

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

296 Citations

29 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others