Notebook security system (NBS)
First Claim
1. A multi-level security system to prevent unauthorized use of a computer, said system comprising:
- a program resident on said computer and implementing a user-validation procedure;
a key device to be inserted into the computer by the user to gain use of the computer, and carrying a first serial number and an optional encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record including an unencrypted portion and an encrypted portion, said unencrypted portion including a copy of said first serial number and said encrypted portion including a copy of said second serial number;
means for interfacing said key device to said computer;
a protocol initiated by said computer that is recognized by said key device to transmit said first serial number and said encryption key;
means for reading said first serial number and said encryption key from said key device, and for matching the key device and the validation record, and means for allowing use of the computer only if said matching exists.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer security system is described. Each authorized user is provided with a key device that holds a serial number and an encryption key. A validation record stored on the computer'"'"'s hard disk contains an unencrypted key device serial number and an encrypted hard disk serial number. The user connects the key device to the computer prior to power-up or reset. A program implements a user validation procedure. The procedure permits entry past a first security level if the key device serial number matches the unencrypted number in the validation record. If the first level validation is successful, the procedure then uses the encryption key to decrypt the hard drive serial number found in the stored validation record. The procedure permits entry past a second security level if the validation record is properly decrypted and the hard disk serial number matches the decrypted number. Failure in any step powers down the computer and renders it useless.
-
Citations
10 Claims
-
1. A multi-level security system to prevent unauthorized use of a computer, said system comprising:
-
a program resident on said computer and implementing a user-validation procedure;
a key device to be inserted into the computer by the user to gain use of the computer, and carrying a first serial number and an optional encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record including an unencrypted portion and an encrypted portion, said unencrypted portion including a copy of said first serial number and said encrypted portion including a copy of said second serial number;
means for interfacing said key device to said computer;
a protocol initiated by said computer that is recognized by said key device to transmit said first serial number and said encryption key;
means for reading said first serial number and said encryption key from said key device, and for matching the key device and the validation record, and means for allowing use of the computer only if said matching exists. comparison of said first serial number from said key device to said copy of first serial number;- View Dependent Claims (2, 3)
-
2. decryption of said encrypted portion of validation record using said encryption key to produce a decrypted copy of the second serial number;
3. comparison of said second serial number from said internal device to said decrypted copy of second serial number; and
4. automatic power-down of said computer if said first serial number comparison and said second serial number comparisons are not matches.
-
3. The system of claim 1 wherein said user-validation procedure is performed by a program residing in a BIOS ROM adapter of said computer.
-
-
4. A multi-level security system to prevent unauthorized use of a computer, said system comprising,
a program resident on said computer and implementing a user-validation procedure; -
a key device to be inserted into the computer by the user to gain use of the computer, and carrying an access code, a first serial number and an encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record comprising an unencrypted portion and an encrypted portion, said unencrypted portion including copies of said access code and said first serial number and said encrypted portion including a copy of said second serial number;
means for interfacing said key device to said computer;
means for writing said copy of access code to said key device comprising means for comparing said access code to said copy of access code; and
means for reading said first serial number and said encryption key from said key device. - View Dependent Claims (5, 6)
1. transmission of said copy of access code to said key device for access code verification;
2. transmission of said first serial number and said encryption key from said key device if said access code is verified;
3. comparison of said first serial number from said key device to said copy of first serial number;
4. decryption of said encrypted portion of validation record using said encryption key to produce a decrypted copy of the second serial number;
5. comparison of said second serial number from said internal device to said decrypted copy of second serial number; and
6. automatic power-down of said computer if said first serial number comparison and said second serial number comparisons are not matches.
-
-
6. The system of claim 4 wherein said user-validation procedure is performed by a program residing in a BIOS ROM adapter of said computer.
-
7. A multi-level security system to prevent unauthorized use of a computer, said system comprising:
-
a key device to be inserted into the computer by the user to gain use of the computer and carrying a first serial number;
a device installed in said computer and storing a validation record, said validation record having a copy of said first serial number;
an interface to connect said key device to said computer and to provide a pathway to read said first serial number;
a computer program to compare said first serial number from said key device to said copy of said first serial number; and
,means for automatically powering down said computer if said first serial number and said copy of said first serial number do not match. - View Dependent Claims (8)
said key device has an electrical contact interface to contact internals of the computer when inserted into the computer by the user to gain use of the computer and carries an encryption key;
said computer has a device to store a copy of a second serial number;
said validation record has an encrypted portion, said encrypted portion carrying an encrypted copy of said second serial number;
said computer program to decrypt said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number, and to compare said decrypted version of said second serial number with said copy of said second serial number; and
,means for automatically powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match.
-
-
9. A method for securing a computer comprising the steps of:
-
carrying a first serial number and an encryption key in a key device;
inserting said key device by a user into the computer to gain use of the computer;
storing a copy of a second serial number in a device in said computer;
storing a validation record in at least one storage device installed in said computer, said validation record having a copy of said first serial number, and having an encrypted version of said second serial number;
providing a pathway to read said first serial number and said encryption key through an interface connecting said key device to said computer;
comparing said first serial number from said key device to said copy of said first serial number;
decrypting said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number;
comparing said decrypted version of said second serial number with said copy of said second serial number;
powering down said computer if said first serial number and said copy of said first serial number do not match; and
,powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match. - View Dependent Claims (10)
carrying an access code in said key device (key device access code);
carrying a copy of said access code in said validation record (validation access code);
writing said validation access code to said key device, said key device comparing said key device access code to said validation access code; and
,powering down said computer if said key device access code and said validation access code do not match.
-
Specification