Security method and apparatus for controlling the data exchange on handheld computers
First Claim
1. A method for preventing unauthorized transfer of data between a portable computer system and systems of data storage and communication including another computer, said method comprising:
- a) automatically receiving identification authentication information for said portable computer system at a communication interface device embodied as a cradle for said portable computer system, wherein said authentication information comprises a unique identity for said portable computer system and wherein said authentication information is embedded in said portable computer system;
b) comparing at said communication interface device said identification authentication information with a list of authorized portable computer system identities corresponding to said system of data storage;
c) determining at said communication interface device whether said portable computer system identity is authorized based on said identification authentication information and said unique identity;
d) enabling at said communication interface device communication between said portable computer system and said other computer provided said identity is authorized and disabling said communication if said identity is not authorized; and
e) enabling at said communication interface device decryption of encrypted data and synchronization with said systems of data storage from said portable computer system provided said identity is authorized and disabling decryption if said identity is not authorized.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for protecting portable computer data from unauthorized transfer or using portable computers to download unauthorized data. The invention is applicable to any computer capable of transferring data, but in one embodiment a portable computer is described. Authorization is enabled by an interface permitting synchronization of the portable computer with a host computer by authentication of the particular portable computer identity. For instance, in one embodiment, when a portable computer is docked with a compatible interface connected to a host desktop computer, it is sensed and identified by the interface. If the particular portable computer identity is authenticated as authorized for that desktop, then synchronization will be enabled by the interface. The computers may then transfer data. However, if the identity is not an authorized one, then authentication will not occur, synchronization is correspondingly disabled, and data transfer is prevented. Various systems can enable the identity authentication.
188 Citations
25 Claims
-
1. A method for preventing unauthorized transfer of data between a portable computer system and systems of data storage and communication including another computer, said method comprising:
-
a) automatically receiving identification authentication information for said portable computer system at a communication interface device embodied as a cradle for said portable computer system, wherein said authentication information comprises a unique identity for said portable computer system and wherein said authentication information is embedded in said portable computer system; b) comparing at said communication interface device said identification authentication information with a list of authorized portable computer system identities corresponding to said system of data storage; c) determining at said communication interface device whether said portable computer system identity is authorized based on said identification authentication information and said unique identity; d) enabling at said communication interface device communication between said portable computer system and said other computer provided said identity is authorized and disabling said communication if said identity is not authorized; and e) enabling at said communication interface device decryption of encrypted data and synchronization with said systems of data storage from said portable computer system provided said identity is authorized and disabling decryption if said identity is not authorized. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for preventing unauthorized transfer of data between a portable computer system and a host system, comprising:
-
a) a portable computer device capable of synchronizing with said host; b) an interface device separate from said portable computer device and said host, compatible to receive said portable computer device and capable of facilitating communication, authentication, and synchronization between said portable computer device and said host system; c) an identification authenticating component embedded into said interface device and providing a unique identification signal corresponding to the unique identity thereof; and d) an identification authorizing component embedded into said interface device capable of determining if said unique identity is authorized for synchronization with said host system, and for correspondingly enabling and disabling synchronization between said portable computer and said host system, wherein decryption of encrypted data from said portable computer device is enabled provided said unique identity is authorized and wherein said decryption is disabled if said unique identity is not authorized. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for preventing unauthorized transfer of data between a portable computer system and a system of data storage and communication, comprising:
-
a) a portable computer device capable of synchronizing with said system of data storage and communication; b) an interface device separate from said portable computer device and said system of data storage and communication, compatible to receive said portable computer device and coupled with said system of data storage and communication and capable of facilitating communication between said portable computer device and said system of data storage, authentication, and communication; c) an identification authenticating tagging and data encryption keying component embedded into said interface device and providing a unique identification signal and an encryption key cipher value corresponding to the unique identity thereof; d) an identification authentication reading component capable of sensing and reading said unique identification signal, said identification authentication reading embedded into said interface device; e) an identification authorizing component embedded into said interface device receiving input from said reading component and incorporated into the same one of said devices as said reading component, capable of determining if said unique identity is authorized for communication with said system of data storage, said identification authorizing component corresponding to said system of data storage, and synchronization and of correspondingly enabling and disabling synchronization between said portable computer and said system of data storage and communication; and f) an identification authorizing component further capable of enabling deciphering of encrypted communication from said portable computer device if said unique identity is authorized and disabling decryption if said unique identity is unauthorized. - View Dependent Claims (19, 20)
-
-
21. A communication system comprising:
-
a host computer system comprising a communication port; a portable electronic device comprising a communication port and an identity reference, said identity reference embedded into said portable electronic device; and a communication interface module separate from said host computer system for coupling and synchronization between said communication ports of said portable electronic device and said host computer system, said communication interface module comprising; an authentication device for authenticating said identity reference; and a communication interface circuit coupled to said authentication device and for allowing direct communication between said portable electronic device and said host computer system provided said authentication device indicates a proper authentication of said identity reference with said host system, said communication interface circuit corresponding to said host system, and, otherwise, for disallowing communication between said portable electronic device and said host computer system, wherein decryption of encrypted data from said portable computer device is enabled provided said unique identity is authorized and wherein said decryption is disabled if said unique identity is not authorized. - View Dependent Claims (22, 23, 24, 25)
-
Specification