Secure information handling system
First Claim
1. A method for enabling a function of an information handling system configured for communication with a central system via a communication link, the method comprising the steps of:
- providing communication between the information handling system and the central system via the communication link;
requesting authentication via the communication link from the central system for enabling the function on the information handling system; and
upon receipt of the authentication from the central system, enabling the function to be performed independent of the communication link with the central system, the authentication comprising an encrypted token passed between the central system and the information handling system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is disclosed for enabling functions of an information handling system such as startup (i.e., boot), loading of an operating system or execution of a software application, by requiring authentication of the information handling system. A client information handling system establishes a communication link with a central system or server via a network such as a Local Area Network (LAN) or the Internet. A request for authentication is then sent to the central system by the information handling system via the communication link. The central system, upon receiving the authentication request from the information handling system, determines if the authentication request is valid, and, if valid, provides authentication of the information handling system via one or more encrypted tokens passed from the central system to the information handling system, thereby allowing the information handling system to provide or continue to provide the function, even when disconnected from the network.
-
Citations
64 Claims
-
1. A method for enabling a function of an information handling system configured for communication with a central system via a communication link, the method comprising the steps of:
-
providing communication between the information handling system and the central system via the communication link;
requesting authentication via the communication link from the central system for enabling the function on the information handling system; and
upon receipt of the authentication from the central system, enabling the function to be performed independent of the communication link with the central system, the authentication comprising an encrypted token passed between the central system and the information handling system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
receiving the authentication request from the information handling system in the central system;
determining if the authentication request is valid; and
upon validating the authentication request, providing authentication to the information handling system.
-
-
5. The method as recited in claim 4, further comprising the step of encrypting the authentication.
-
6. The method as recited in claim 4, further comprising the step of:
upon determining that the authentication request is invalid, denying authentication.
-
7. The method as recited in claim 1, further comprising the step of:
upon failure to receive authentication from the central system, disabling the function.
-
8. The method as recited in claim 7, wherein the authentication requesting step is repeated a predetermined number of times before disabling the function.
-
9. The method as recited in claim 1, further comprising the step of terminating the communication link prior to executing at least a part of the function.
-
10. The method as recited in claim 9, further comprising the step of disabling
the function after usage of a predetermined number of functions enabled by the authentication has been reached. -
11. The method as recited in claim 1, wherein the function comprises starting the information handling system.
-
12. The method as recited in claim 11, wherein starting the information handling system comprises executing a basic input/output system (BIOS).
-
13. The method as recited in claim 1, wherein the token allows provision of the function independent of the location of the information handling system relative to the central system.
-
14. The method as recited in claim 1, wherein the token allows provision of the function only from a predetermined location with regard to the communication link between the central system and the information handling system.
-
15. The method as recited in claim 1, wherein the token allows for execution of a predetermined number of functions from a remote location.
-
16. The method as recited in claim 1, wherein the function comprises loading an operating system.
-
17. The method as recited in claim 1, wherein the function comprises executing a software application.
-
18. The method as recited in claim 17, wherein each authentication received allows execution of the software application for a predetermined period of time.
-
19. The method as recited in claim 1, further comprising:
-
ending the communication between the information handling system and the central system via the communication link after receipt of the authentication; and
thereafter, performing the function.
-
-
20. A program of instructions storable on a medium readable by an information handling system for implementing a method enabling the information handling system to execute a function, said information handling system being configured to communicate with a central system via a communication link, the steps comprising:
-
providing communication between the information handling system and the central system via the communication link;
requesting authentication via the communication link from the central system for enabling the function on the information handling system;
receiving the authentication request from the information handling system in the central system;
determining if the authentication request is valid;
upon validating the authentication request, providing authentication to the information handling system; and
upon receipt of the authentication from the central system, enabling the function to be performed independent of the communication link with the central system. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
upon determination that the authentication request is invalid, denying authentication.
-
-
25. The program of instructions as recited in claim 20, further comprising the step of:
upon failure to receive authentication from the central system, disabling the function.
-
26. The program of instructions as recited in claim 25, wherein the authentication requesting step is repeated a predetermined number of times before disabling the function.
-
27. The program of instructions as recited in claim 20, further comprising the step of terminating the communication link prior to executing at least a part of the function.
-
28. The program of instructions as recited in claim 27, further comprising the step of disabling the function after usage of a predetermined number of functions enabled by the authentication has been reached.
-
29. The program of instructions as recited in claim 20, wherein the function comprises starting the information handling system.
-
30. The program of instructions as recited in claim 29, wherein starting the information handling system comprises executing a basic input/output system (BIOS).
-
31. The program of instructions as recited in claim 20, wherein the function comprises loading an operating system.
-
32. The program of instructions as recited in claim 20, wherein the function comprises executing a software application.
-
33. The program of instructions as recited in claim 32, wherein each authentication received allows execution of the software application for a predetermined period of time.
-
34. The program of instructions as recited in claim 20, further comprising the steps of:
-
ending the communication between the information handling system and the central system via the communication link after receipt of the authentication; and
thereafter, performing the function.
-
-
35. An information handling system comprising:
-
a processor for executing a program of instructions on the information handling system;
a memory coupled to the processor for storing the program of instructions executable by the processor; and
a communication device coupled to the processor for establishing a communication link between the information handling system and a central system via a network;
said program of instructions being capable of configuring the information handling system to request authentication from the central system via the communication link for enabling a function, and upon receipt of authentication from the central system, enabling the function, wherein the program of instructions is capable of configuring the information handling system to terminate the communication link prior to execution of at least part of the function, the function being performed independently of the central system. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
-
-
50. An information handling system comprising:
-
means for executing a program of instructions on the information handling system;
means, coupled to the executing means, for storing the program of instructions executable by the executing means;
means, coupled to the executing means, for establishing a communication link with a central system via a network;
said program of instructions being capable of configuring the information handling system to request authentication from the central system via the communication link for enabling a function, and upon receipt of authentication from the central system, enabling the function, wherein the program of instructions is capable of configuring the information handling system to terminate the communication link prior to execution of at least part of the function, the function being performed independently of the central system. - View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
-
Specification