Scheme for blocking the use of lost or stolen network-connectable computer systems
First Claim
1. Method for switching a computer system (11;
-
21;
60), which is connectable via a communication interface (64) and a network (12;
22;
62) to a server module (13;
23;
61), into a special mode of operation, the method comprising the steps;
a. exhausting step-by-step a credit of a credit counter (44) of the computer system (11;
21;
60);
b. switching the computer system (11;
21;
60) into the special mode of operation if the credit is exhausted;
c. sending an identifier (w) assigned to the computer system (11;
21;
60) via the communication interface (64) and the network (12;
22;
62) to the server module (13;
23;
61);
d. receiving a token (S) issued by the server module (13;
23;
61);
e. verifying the validity of the token (S); and
f. if the token (S) is valid, then extracting a credit (C) from the token (S) and updating the credit counter (44) with the credit (C).
2 Assignments
0 Petitions
Accused Products
Abstract
Scheme for switching a computer system (21), which is connectable via a communication interface and a network (22) to a server module (23), into a special mode of operation. The computer system (21) comprises a software component (26) for sending an identifier (w) assigned to the computer system (21) via the communication interface and the network (22) to the server module (23). In response, the software component (26) receives a token (S), issued by the server module (23), whereby the token (S) comprises a credit (C). In addition, the computer system (21) comprises a trusted hardware component (25) storing the identifier (w) and comprising a credit counter (44) with a credit which is automatically exhaustible step-by-step, and which is updateable with the credit (C) received from the server module (23). The computer system (21) has a trigger unit for switching the computer system (21) into the special mode of operation, e.g. a mode where the computer system (21) is of limited use to a user, if the credit of the credit counter is exhausted.
-
Citations
45 Claims
-
1. Method for switching a computer system (11;
-
21;
60), which is connectable via a communication interface (64) and a network (12;
22;
62) to a server module (13;
23;
61), into a special mode of operation, the method comprising the steps;a. exhausting step-by-step a credit of a credit counter (44) of the computer system (11;
21;
60);
b. switching the computer system (11;
21;
60) into the special mode of operation if the credit is exhausted;
c. sending an identifier (w) assigned to the computer system (11;
21;
60) via the communication interface (64) and the network (12;
22;
62) to the server module (13;
23;
61);
d. receiving a token (S) issued by the server module (13;
23;
61);
e. verifying the validity of the token (S); and
f. if the token (S) is valid, then extracting a credit (C) from the token (S) and updating the credit counter (44) with the credit (C). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
21;
-
15. Method in a system (13;
-
23;
61) that is connectable via a network interface (67) and a network (12;
22;
62, 66, 68) to a computer system (11;
21;
60), the method comprising the steps;receiving an identifier (w) from the computer system (11;
21;
60) via the network (12;
22;
62, 66, 68) and the network interface (67);
comparing the identifier (w) with a list (14;
24) of identifiers (w) to determine whether the identifier (w) originates from a computer system (11;
21;
60) that was reported lost or stolen;
if the identifier (w) originates from a computer system (11;
21;
60) that was not reported lost or stolen, then generating a token (S) which comprises the identifier (w) and a credit C, signing the token (S) using a cryptographic key to create a signed token (S), and sending the signed token (S) via the network interface (67) and the network (12;
22;
62, 66, 68) to the computer system (11;
21;
60). - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
23;
-
26. Apparatus comprising:
-
a communication interface (64) for connecting the apparatus (11;
21;
60) via a network (12;
22;
62) to a server module (13;
23;
61),a software component (26;
50) for sending an identifier (w) assigned to the apparatus (11;
21;
60) via the communication interface (64) and the network (12;
22;
62) to the server module (13;
23;
61), and for receiving a token (S), issued by the server module (13;
23;
61), whereby the token (S) comprises a credit (C);
a trusted hardware component (25;
40) storing the identifier (w) and comprising a credit counter (44) with a creditwhich is automatically exhaustible step-by-step by the apparatus (11;
21;
60); and
which is updateable with the credit (C);
a trigger unit (25;
47) for switching the apparatus (11;
21;
60) into a special mode of operation if the credit of the credit counter (44) is exhausted. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
-
-
34. Apparatus comprising:
-
a network interface (67) for connecting the apparatus (13;
23;
61) via a network (12;
22;
62, 66, 68) to a computer system (11;
21;
60);
a processor (71);
a memory (72) with code which, when being executed by the processor (71), performs the steps;
receiving an identifier (w) from the computer system (11;
21;
60) via the network (12;
22;
62, 66, 68) and the network interface (67);
comparing the identifier (w) with a list (14;
24) of identifiers (w) to determine whether the identifier (w) originates from a computer system (11;
21;
60) that was reported lost or stolen; and
if the identifier (w) originates from a computer system (11;
21;
60) that was not reported lost or stolen, then generating a token (S) which comprises the identifier (w) and a credit (C), signing the token (S) using a cryptographic key to create a signed token (S), and sending the signed token (S) via the network interface (67) and the network (12;
22;
62, 66, 68) to the computer system (11;
21;
60). - View Dependent Claims (35, 36, 37, 38, 39)
-
-
40. A computer program product comprising a computer readable medium, having thereon:
computer program code means, when said program is loaded in a computer system (11;
21;
60), which comprises a communication interface (64) for connection via a network (12;
22;
62) to a server module (13;
23;
61), execute procedure toa. exhaust step-by-step a credit of a credit counter (44) of the computer system (11;
21;
60);
b. switch the computer system (11;
21;
60) into the special mode of operation if the credit is exhausted;
c. send an identifier (w) assigned to the computer system (11;
21;
60) via the communication interface (64) and the network (12;
22;
62) to the server module (13;
23;
61);
d. receive a token (S) issued by the server module (13;
23;
61);
e. verify the validity of the token (S); and
f. if the token (S) is valid, then extract a credit (C) from the token (S) and updating the credit counter (44) with the credit (C). - View Dependent Claims (41, 42)
-
43. A computer program element comprising:
computer program code means to make a computer system (11;
21;
60), which comprises a communication interface (64) for connection via a network (12;
22;
62) to a server module (13;
23;
61), execute procedure toa. exhaust step-by-step a credit of a credit counter (44) of the computer system (11;
21;
60);
b. switch the computer system (11;
21;
60) into the special mode of operation if the credit is exhausted;
c. send an identifier (w) assigned to the computer system (11;
21;
60) via the communication interface (64) and the network (12;
22;
62) to the server module (13;
23;
61);
d. receive a token (S) issued by the server module (13;
23;
61);
e. verify the validity of the token (S); and
f. if the token (S) is valid, then extract a credit (C) from the token (S) and updating the credit counter (44) with the credit (C).
-
44. A computer program product comprising a computer readable medium, having thereon:
computer program code means, when said program is loaded in a server (11;
21;
60), which comprises a network interface (67) for connection via a network (12;
22;
62, 66, 68) to a computer system (11;
21;
60), execute procedure toreceive an identifier (w) from the computer system (11;
21;
60) via the network (12;
22;
62, 66, 68) and the network interface (67);
compare the identifier (w) with a list (14;
24) of identifiers (w) to determine whether the identifier (w) originates from a computer system (11;
21;
60) that was reported lost or stolen;
if the identifier (w) originates from a computer system (11;
21;
60) that was not reported lost or stolen, then generating a token (S) which comprises the identifier (w) and a credit C, signing the token (S) using a cryptographic key to create a signed token (S), and sending the signed token (S) via the network interface (67) and the network (12;
22;
62, 66, 68) to the computer system (11;
21;
60).
-
45. A computer program element comprising:
computer program code means to make a server (11;
21;
60), which comprises a network interface (67) for connection via a network (12;
22;
62, 66, 68) to a computer system (11;
21;
60), execute procedure toreceive an identifier (w) from the computer system (11;
21;
60) via the network (12;
22;
62, 66, 68) and the network interface (67);
compare the identifier (w) with a list (14;
24) of identifiers (w) to determine whether the identifier (w) originates from a computer system (11;
21;
60) that was reported lost or stolen;
if the identifier (w) originates from a computer system (11;
21;
60) that was not reported lost or stolen, then generating a token (S) which comprises the identifier (w) and a credit C, signing the token (S) using a cryptographic key to create a signed token (S), and sending the signed token (S) via the network interface (67) and the network (12;
22;
62, 66, 68) to the computer system (11;
21;
60).
Specification