Notebook security system (NBS)
First Claim
1. A multi-level security system to prevent unauthorized use of a computer, said system comprising,a program resident on said computer and implementing a user-validation procedure;
- a key device carrying a first serial number and an encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record comprising an unencrypted portion and an encrypted portion, said unencrypted portion including a copy of said first serial number and said encrypted portion including a copy of said second serial number and a user personal identification number;
means for interfacing said key device to said computer; and
means for reading said first serial number and said encryption key from said key device in order to gain authorized use of said computer;
means for removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A multi-level security system prevents unauthorized use of a computer. A program resident on the computer and implements a user-validation procedure. A key device carries a first serial number and an encryption key. A second serial number is stored in said computer, the second serial number being the serial number of a device internal to the computer. A mass storage device installed in said computer stores a validation record. The validation record comprises an unencrypted portion and an encrypted portion, the unencrypted portion including a copy of said first serial number and said encrypted portion including a copy of said second serial number and a user personal identification number. The key device is interfaced to the computer. The first serial number and the encryption key are read from said key device in order to gain authorized use of said computer. The key device may be removed from the computer after authorized use of the computer has been gained, and during operation of the computer.
163 Citations
30 Claims
-
1. A multi-level security system to prevent unauthorized use of a computer, said system comprising,
a program resident on said computer and implementing a user-validation procedure; -
a key device carrying a first serial number and an encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record comprising an unencrypted portion and an encrypted portion, said unencrypted portion including a copy of said first serial number and said encrypted portion including a copy of said second serial number and a user personal identification number;
means for interfacing said key device to said computer; and
means for reading said first serial number and said encryption key from said key device in order to gain authorized use of said computer;
means for removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer. - View Dependent Claims (2, 4, 5, 6, 7)
comparison of said first serial number from said key device to said copy of first serial number; decryption of said encrypted portion of validation record using said encryption key to produce a decrypted copy of the second serial number and a decrypted user personal identification number;
comparison of said second serial number from said internal device to said decrypted copy of second serial number; and
automatic power-down of said computer if said first serial number comparisons and said second serial number comparisons are not matches.
-
-
4. The system of claim 1 wherein s aid user-validation procedure is performed a program residing in a BIOS ROM adapter of said computer.
-
5. the system of claim 1 wherein said means for interfacing is a PS-2 port.
-
6. The system of claim 1 wherein said mean s for interfacing is a USB port.
-
7. The system of claim 1 wherein said means for interfacing is an Infrared port.
-
3. A multi-level security system to prevent unauthorized use of a computer, said system comprising,
a program resident on said computer and implementing a user-validation procedure; -
a key device carrying a first serial number and an encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record comprising an unencrypted portion and an encrypted portion, said unencrypted portion including a copy of said first serial number and said encrypted portion including a copy of said second serial number and a user personal identification number;
means for interfacing said key device to said computer; and
means for reading said first serial number and said encryption key from said key device in order to gain authorized use of said computer;
means for removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer;
means for comparison of said first serial number from said key device to said copy of first serial number;
means for decryption of said encrypted portion of validation record using said encryption key to produce a decrypted copy of the second serial number and a decrypted user personal identification number;
means for comparison of said second serial number from said internal device to said decrypted copy of second serial number;
automatic power-down of said computer if said first serial number comparison and said second serial number comparison are not matches;
means for comparison of a personal identification number manually entered by a user to said decrypted user personal identification number; and
means for automatic power-down of said computer if said personal identification number comparis on is not a match.
-
-
8. A multi-level security system to prevent unauthorized use of a computer, said system comprising,
a program resident on said computer and implementing a user-validation procedure; -
a key device carrying an access code, a first serial number and an encryption key;
means for storing in said computer a second serial number, said second serial number being the serial number of a device internal to said computer;
a mass storage device installed in said computer and storing a validation record;
said validation record comprising an unencrypted portion and an encrypted portion, said unencrypted portion including copies of said access code and said first serial number and said encrypted portion including a user personal identification number and a copy of said second serial number;
means for interfacing said key device to said computer;
means for writing said copy of access code to said key device, said key device comprising means for comparing said access code to said copy of access code; and
means for reading said first serial number and said encryption key from said key device in order to gain authorized use of said computer;
means for removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer. - View Dependent Claims (9, 10, 11, 12, 13, 14)
transmission of said copy of access code to said key device for access code verification; comparison of said first serial number from said key device to said copy of first serial number;
decryption of said encrypted portion of validation record using said encryption key to produce a decrypted copy of the second serial number and a decrypted user personal identification number;
comparison of said second serial number from said internal device to said decrypted copy of second serial number; and
automatic power-down of said computer if said first serial number comparison and said second serial number comparison are not matches.
-
-
10. The system of claim 9 wherein the user-validation procedure comprises the additional steps of
comparison of a personal identification number manually entered by a user to said decrypted user personal identification number; - and
automatic power-down of said computer if said personal identification number comparison is not a match.
- and
-
11. The system of claim 8 wherein said user-validation procedure is performed by a program residing in a BIOS ROM adapter of said computer.
-
12. The system of claim 8 wherein said means for interfacing is a PS-2 port.
-
13. The system of claim 8 wherein said means for interfacing is a USB port.
-
14. The system of claim 8 wherein said means for interfacing is an infrared port.
-
15. A multi-level security system to prevent unauthorized use of a computer, said system comprising:
-
a key device carrying a first serial number;
a device installed in said computer and storing a validation record, said validation record having a copy of said first serial number;
an interface to connect said key device to said computer and to provide a pathway to read said first serial number;
a computer program to compare said first serial number from said key device to said copy of said first serial number, and to power down said computer if said first serial number and said copy of said first serial number do not match, in order to gain authorized use of said computer; and
,means for removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer. - View Dependent Claims (16, 18, 19, 20, 21, 22, 23, 24)
said key device carrying an encryption key;
said computer having a device to store a copy of a second serial number;
said validation record having an encrypted portion, said encrypted portion carrying an encrypted copy of said second serial number;
said computer program to decrypt said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number, and to compare said decrypted version of said second serial number with said copy of said second serial number; and
,means for automatically powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match.
-
-
18. The security system of claim 15 further comprising:
-
said validation record carrying a personal identification number (validation record PIN);
a keyboard for a user to enter an entered version of a PIN (entered PIN);
a computer program to compare said validation PIN with said entered PIN;
means for automatically powering down said computer if said validation PIN and said entered PIN do not match.
-
-
19. A security system as in claim 15 further comprising:
-
said key device carrying an encryption key;
said computer having a device to store a copy of a second serial number;
said validation record having an encrypted portion, said encrypted portion carrying an encrypted copy of said second serial number and an encrypted version of a user personal identification number (encrypted PIN);
said computer program to decrypt said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number, and to compare said decrypted version of said second serial number with said copy of said second serial number, said computer program to decrypt said encrypted PIN t o produce a decrypted PIN;
a keyboard for a user to enter an entered version of a PIN (entered PIN); and
,means for automatically powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match OR said decrypted PIN and said entered PIN do not match.
-
-
20. The security system of claim 15 further comprising:
-
said key device carrying an access code (key device access code);
said validation record having a copy of said access code (validation access code);
means for writing said validation access code to said key device, said key device having means for comparing said key device access code to said validation access code; and
,means for automatically powering down said computer if said key device access code and said validation access code do not match.
-
-
21. The security system of claim 15 wherein said computer program resides in a BIOS ROM adapter of said computer.
-
22. The system of claim 15 wherein said interface is a PS-2 port.
-
23. The system of claim 15 wherein said interface is a USB port.
-
24. The system of claim 15 wherein said interface is an Infrared port.
-
17. A multi-level security system to prevent unauthorized use of a computer, said system comprising:
-
a key device carrying a first serial number and an encryption key;
at least one device installed in said computer and storing a validation record, said validation record having a copy of said first serial number and said validation record having an encrypted portion, said encrypted portion carrying an encrypted copy of a second serial number;
an interface to connect said key device to said computer and to provide a pathway to read said first serial number and said encryption key;
a computer program to compare said first serial number from said key device to said copy of said first serial number;
said computer having a device to store a copy of a second serial number;
said computer program to decrypt said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number, and to compare said decrypted version of said second serial number with said copy of said second serial number in order to gain authorized use of said computer;
means for automatically powering down said computer if said first serial number and said copy of said first serial number do not match; and
,means for removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer.
-
-
25. A multi-level security system to prevent unauthorized use of a computer, said system comprising:
-
a key device which is to be inserted into the computer by the user to gain use of the computer and carrying at least a first serial number;
a mass storage device installed in said computer and storing a validation record, said validation record having a copy of said first serial number;
an interface to connect said key device to said computer and to provide a pathway to read said first serial number;
a computer program to compare said first serial number from said key device to said copy of said first serial number;
means for automatically powering down said computer if said first serial number and said copy of said first serial number do not match;
said key device carrying an encryption key;
said computer having a device to store a copy of a second serial number;
said validation record having an encrypted portion, said encrypted portion carrying an encrypted copy of said second serial number;
said computer program to decrypt said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number, and to compare said decrypted version of said second serial number with said copy of said second serial number;
means for automatically powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match;
said validation record carrying a personal identification number (validation record PIN);
a keyboard for a user to enter an entered version of a PIN (entered PIN);
a computer program to compare said validation PIN with said entered PIN;
means for automatically powering down said computer if said validation PIN and said entered PIN do not match;
said key device carrying a key device access code;
said validation record having a copy of said validation access code;
means for writing said validation access co de to said key device, said key device having means for comparing said key device access code to said validation access code; and
,means for automatically powering down said computer if said key device access code and said validation access code do not match.
-
-
26. A method for securing a computer comprising the steps of:
-
carrying at least a first serial number and an encryption key in a key device;
inserting the key device in the computer by a user to gain use of the computer by the user;
storing a copy of a second serial number in a device in said computer;
storing a validation record in at least one storage device installed in said computer, said validation record having a copy of said first serial number, and having an encrypted version of said second serial number;
providing a pathway to read said first serial number and said encryption key through an interface connecting said key device to said computer;
comparing said first serial number from said key device to said copy of said first serial number;
decrypting said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number;
comparing said decrypted version of said second serial number with said copy of said second serial number;
powering down said computer if said first serial number and said copy of said first serial number do not match; and
,powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match. - View Dependent Claims (27, 28, 29)
carrying a personal identification number (validation record PIN) in said validation record;
entering an entered version of a PIN (entered PIN) into said computer by a user;
comparing said validation PIN with said entered PIN;
powering down said computer if said validation PIN and said entered PIN do not match.
-
-
28. A method as in claim 26 further comprising:
-
carrying an encryption key in said key device;
storing a copy of a second serial number in said computer;
carrying an encrypted copy of said second serial number and an encrypted version of a user personal identification number (encrypted PIN) in said validation record;
decrypting said second serial number from said validation record using said encryption key, to produce a decrypted version of said second serial number;
comparing said decrypted version of said second serial number with said copy of said second serial number, decrypting said encrypted PIN to produce a decrypted PIN;
entering an entered version of a PIN (entered PIN) by a user; and
,powering down said computer if said copy of said second serial number and said decrypted copy of said second serial number do not match OR said decrypted PIN and said entered PIN do not match.
-
-
29. The method of claim 26 further comprising:
-
carrying a key device access code in said key device;
carrying a copy of said validation access code in said validation record;
writing said validation access code to said key device when the key device is inserted into the computer, said key device comparing said key device access code to said validation access code; and
,powering down said computer if said key device access code and said validation access code do not match.
-
-
30. A method for securing a computer comprising the steps of:
-
carrying a validation number in a key device;
storing a validation record in a mass storage device installed in said computer, said validation record having a copy of said validation number;
providing a pathway to read said validation number through an interface to connect said key device to said computer;
comparing said validation number from said key device to said copy of said validation number by a computer program in order to gain authorized use of said computer; and
,powering down said computer if said validation number and said copy of said validation number do not match; and
,removing said key device from said computer after authorized use of said computer has been gained, and during operation of said computer.
-
Specification