Method and apparatus for preventing unauthorized access to computer-stored information

US 6,182,223 B1
Filed: 06/10/1998
Issued: 01/30/2001
Est. Priority Date: 06/10/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A computer based security system to prevent unauthorized access to computer-stored information, comprising:

a mechanism for detecting an intrusion into said computer;

a self contained power supply to provide sufficient operation time for said computer system to execute specific protective actions;

a switch to said self contained power supply, responsive to said intrusion detection mechanism;

a mechanism to reset the central processing unit of said computer responsive to said intrusion detection mechanism;

a ROM-based firmware program containing a procedure, in said firmware program, to specify the data, files and objects in secondary storage, that are to be overwritten or deleted from said computer file system upon said intrusion, and upon said intrusion, said system immediately executes specific protection actions against sensitive data objects contained in a security priority list of data structures.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus of a computer based security system to prevent unauthorized access to computer-stored information comprising several components. These comprise of an intrusion detection mechanism, a ROM-based firmware program, an internal battery sized to provide several minutes of operation of the computer system and all its internal devices, and a mechanism to reset the central processing unit of the computer and switch to battery power responsive to the intrusion detection mechanism.

36 Citations

View as Search Results

26 Claims

1. A computer based security system to prevent unauthorized access to computer-stored information, comprising:
- a mechanism for detecting an intrusion into said computer;
  
  a self contained power supply to provide sufficient operation time for said computer system to execute specific protective actions;
  
  a switch to said self contained power supply, responsive to said intrusion detection mechanism;
  
  a mechanism to reset the central processing unit of said computer responsive to said intrusion detection mechanism;
  
  a ROM-based firmware program containing a procedure, in said firmware program, to specify the data, files and objects in secondary storage, that are to be overwritten or deleted from said computer file system upon said intrusion, and upon said intrusion, said system immediately executes specific protection actions against sensitive data objects contained in a security priority list of data structures.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein said power supply is a battery, sized to provide several minutes of operation of said computer system and all its integrated secondary storage devices.
  - 3. The system of claim 1, wherein said intrusion detection mechanism is a spring-loaded switch within said computer system which is maintained in the electrically open position by the shear weight of said computer system, and when said computer is moved or relocated, said switch closes, triggering said intrusion detection mechanism.
  - 4. The system of claim 3 wherein the detection of the unauthorized removal of the covers of said computer system, triggers said intrusion detection mechanism.
  - 5. The system of claim 1, wherein said intrusion detection mechanism is a magnetic coupling of the continued proximity of the floor or table upon which said computer system rests.
  - 6. The system of claim 1, wherein an optional processor may be provided within said computer system to take over the execution of an equivalent process in the event the central processing unit is inoperable.
  - 7. The system of claim 1, wherein once said intrusion mechanism is triggered, it causes said system to be powered by the self contained power supply causing said computer to reset;
    - and

8. A computer based security system to prevent unauthorized access to computer-stored information, comprising:
- a mechanism for detecting an intrusion into said computer;
  
  a self contained power supply to provide sufficient operation time for said computer system to execute specific protective actions;
  
  a switch to said self contained power supply responsive to said intrusion detection mechanism;
  
  a mechanism to reset the central processing unit of said computer responsive to said intrusion detection mechanism;
  
  a ROM-based firmware program;
  
  a intrusion detection mechanism which when triggered, causes said computer system to be powered by the self contained power supply, causing said computer system to reset;
  
  said ROM-based firmware program then takes control and determines that an intrusion event occurred, thus erasing, on a prioritized manner, all data in said system and secondary storage; and
  
  said firmware which is personalized by means of tables stored in non-private RAM, erases various user critical data first to assure their destruction.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The system of claim 8, wherein said system employs a procedure in said firmware program, to specify the data, files and objects in secondary storage, that are to be overwritten or deleted from said computer file system upon said intrusion.
  - 10. The system of claim 8 wherein said power supply is a battery, sized to provide several minutes of operation of said computer system and all its integrated secondary storage devices.
  - 11. The system of claim 8, wherein said intrusion detection mechanism is a spring-loaded switch within said computer system which is maintained in the electrically open position by the shear weight of said computer system, and when said computer is moved or relocated, said switch closes, triggering said intrusion detection mechanism.
  - 12. The system of claim 11 wherein the detection of the unauthorized removal of the covers of said computer system, triggers said intrusion detection mechanism.
  - 13. The system of claim 8 wherein
- 14. The system of claim 8 wherein an optional processor may be provided within said computer system to take over the execution of an equivalent process in the event the central processing unit is inoperable.
- 15. The system of claim 8 wherein once said intrusion mechanism is triggered, it causes said system to be powered by the self contained power supply causing said computer to reset;
  - andsaid ROM-based firmware program to take control and determine that an intrusion event occurred, thus erasing all data in said system and secondary storage.

16. A computer based security method to prevent unauthorized access to computer-stored information, comprising the steps of:
- providing a mechanism for detecting an intrusion into said computer;
  
  employing a self contained power supply to provide sufficient operation time for said computer to execute specific protective actions;
  
  resetting said central processing unit of said computer, responsive to said intrusion detection; and
  
  switching to said self contained power supply responsive to said intrusion detection mechanism; and
  
  resetting said central processing unit of said computer responsive to said intrusion detection mechanism;
  
  providing a ROM-based firmware program containing a procedure in said firmware program, to specify the data, files and objects in secondary storage, that are to be overwritten or deleted from said computer file system upon said intrusion, and upon said intrusion, said system immediately executes specific protection actions against sensitive data objects contained in a security priority list of data structures.
- View Dependent Claims (17, 18, 19, 21, 22, 23, 24)
- - 17. The system of claim 16 further including the steps of:
18. The method of claim 17, further including the steps of:
- providing said intrusion detection mechanism as a spring-loaded switch, within said computer system, which is maintained in the electrically open position by the shear weight of said computer system and when said computer is moved or relocated, said switch closes, triggering said intrusion detection mechanism.
19. The method of claim 18 further including the steps of:
- detecting the unauthorized removal of the covers of said computer system, triggers said intrusion detection mechanism.
21. The method of claim 16, further including the steps of:
- providing said intrusion detection mechanism as a magnetic coupling of the continued proximity of the floor or table upon which said computer system rests.
22. The method of claim 16, further including the steps of:
- providing an optional processor within said computer system, to take over the execution of an equivalent process in the event the central processing unit is inoperable.
23. The method of claim 16, further including the steps of:
- triggering said intrusion mechanism, causes said system to be powered by the self contained power supply causing said computer to reset; and
  
  said ROM-based firmware program to take control and determine that an intrusion event occurred, thus erasing all data in said system and secondary storage.
24. The method of claim 16, further including the steps of:
- personalizing said firmware, by means of tables stored in non-private RAM, to erase various user critical data first to assure their destruction.

20. The method of 16, further including the steps of:
- providing said power supply in the form of a battery, sized to provide several minutes of operation of the computer system and all its integrated secondary storage devices.

25. A computer based security method to prevent unauthorized access to computer-stored information, comprising the steps of:
- detecting an intrusion into said computer or of the unauthorized removal of the covers of said computer system, triggers an intrusion detection mechanism;
  
  providing a self contained power supply to provide sufficient operation time for said computer to execute specific protective actions;
  
  resetting the central processing unit of said computer, responsive to said intrusion detection;
  
  switching to said self contained power supply responsive to said intrusion detection mechanism;
  
  resetting said central processing unit of said computer responsive to said intrusion detection mechanism;
  
  providing a ROM-based firmware program containing a procedure in said firmware program, to specify the data, files and objects in secondary storage, that are to be overwritten or deleted from said computer file system upon said intrusion, and upon said intrusion, said system immediately executes specific protection actions against sensitive data objects contained in a security priority list of data structures;
  
  providing a processor within said computer system to take over the execution of an equivalent process in the event the central processing unit is inoperable; and
  
  triggering said intrusion mechanism,which causes said system to be powered by the self contained power supply causing said computer to reset; and
  
  said ROM-based firmware program takes control and determine that an intrusion event occurred, thus erasing all data in said system and secondary storage; and
  
  erasing various user critical data first, to assure their destruction by means of said firmware which is personalized by means of tables stored in non-private RAM.
- View Dependent Claims (26)
- - 26. The method of claim 25, further including the steps of:

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Original Assignee
International Business Machines Corporation
Inventors
Rawson, Andrew R.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US09/095,185
Time in Patent Office

965 Days
Field of Search

713/200, 713/201, 713/164, 713/165, 713/194, 705/51
US Class Current

726/22
CPC Class Codes

G06F 1/24   Resetting means

G06F 1/263   Arrangements for using mult...

G06F 21/87   by means of encapsulation, ...

Method and apparatus for preventing unauthorized access to computer-stored information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for preventing unauthorized access to computer-stored information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others