Embedded self-contained security commands

US 8,380,988 B2
Filed: 08/01/2008
Issued: 02/19/2013
Est. Priority Date: 08/08/2007
Status: Active Grant

First Claim

Patent Images

1. A method for modifying security parameters of an electronic device, the method comprising:

receiving a first command at the electronic device, the first command comprising a data portion;

extracting from the data portion a security rights modification command set comprising at least a command for initiating a secure session at the electronic device and for closing the secure session, wherein initiating of the secure session comprises authentication, and wherein the security rights modification command set is provided for modifying security parameters of the electronic device during the secure session, some of the security parameters modifiable only during a secure session; and

automatically executing the security rights modification command set with a processor of the electronic device, absent other security rights commands being executed during execution of the security rights modification command set;

wherein the security rights modification command set comprises a command for logging into a secure session and a command for logging off the secure session; and

wherein automatically executing the security rights modification command set comprises executing the security rights modification command set to log into the secure session, to modify security rights and to log out of the secure session, the secure session occurring absent execution of intervening commands other than the commands in the security rights modification command set.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A set of commands is provided to a system for execution in order to modify a security related aspect of the system. The system executes the set of commands absent an intervening command being executed, for example by receiving a first command comprising a data portion, extracting a security rights modification command set comprising commands for initiating a secure session and for closing the secure session, and automatically executing the security rights modification command set with a processor, absent other security rights commands being executed. Initiating the secure session may comprise authentication, and the security rights modification command set may provide for security parameters modifiable only during a secure session.

9 Citations

View as Search Results

24 Claims

1. A method for modifying security parameters of an electronic device, the method comprising:
- receiving a first command at the electronic device, the first command comprising a data portion;
  
  extracting from the data portion a security rights modification command set comprising at least a command for initiating a secure session at the electronic device and for closing the secure session, wherein initiating of the secure session comprises authentication, and wherein the security rights modification command set is provided for modifying security parameters of the electronic device during the secure session, some of the security parameters modifiable only during a secure session; and
  
  automatically executing the security rights modification command set with a processor of the electronic device, absent other security rights commands being executed during execution of the security rights modification command set;
  
  wherein the security rights modification command set comprises a command for logging into a secure session and a command for logging off the secure session; and
  
  wherein automatically executing the security rights modification command set comprises executing the security rights modification command set to log into the secure session, to modify security rights and to log out of the secure session, the secure session occurring absent execution of intervening commands other than the commands in the security rights modification command set.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. A method according to claim 1 wherein, automatically executing comprises restricting the processor to a single process prior to executing the security rights modification command set.
  - 3. A method according to claim 2 wherein, automatically executing comprises releasing the restriction to the processor after execution of the security rights modification command set.
  - 4. A method according to claim 1 wherein, automatically executing comprises suspending all other processes in execution by the processor prior to executing the security rights modification command set.
  - 5. A method according to claim 1 wherein, initiating a secure session comprises logging into an administrator account.
  - 6. A method according to claim 5 wherein, closing the secure session comprises logging out of the administrator account.
  - 7. A method according to claim 1 wherein, extracting the security rights modification command set is performed automatically upon processing of the first command.
  - 8. A method according to claim 1 wherein, modifying security parameters comprises modifying security parameters for affecting data access rights.
  - 9. A method according to claim 1 wherein, modifying security parameters comprises modifying at least an application installed on a computer comprising the processor, the application requiring administrator privileges to be modified.
  - 10. A method according to claim 1 wherein, receiving the first command comprises receiving the first command from a communications network.
  - 11. A method according to claim 1 wherein, receiving the first command comprises receiving the first command from a peripheral memory storage device.
  - 12. A method according to claim 1 wherein, modifying security parameters comprises at least one of terminating and suspending a process currently in execution.
  - 13. A method according to claim 1 wherein, the security rights process comprises at least one of a ciphering process, a digital certificate generating process, a digital certificate issuing process, a firewall process, an anti-virus process, a user verification process, a biometric measurement process, an intrusion detection process, a digital rights management process, and an access rights management process.
  - 14. A method according to claim 1 comprising;
    - deleting the first command after execution of the security rights modification command set.
  - 15. A method according to claim 1 wherein, the first command comprises user authentication data.

16. A device comprising:
- a port for receiving a first command, the first command comprising a security rights modification command set for initiating a secure session at the device, for modifying security parameters of the device during the secure session, some of the security parameters modifiable only during a secure session, and for closing the secure session; and
  
  a processor for extracting the security rights modification command set from the first command, for establishing a processor environment wherein during a secure session commands other than those within the security rights modification command set are not executed, and for executing the security rights modification command set absent other security rights commands being executed during execution of the security rights modification command set;
  
  wherein the security rights modification command set comprises a command for logging into a secure session and a command for logging off the secure session; and
  
  wherein executing the security rights modification command set comprises executing the security rights modification command set to log into the secure session, to modify security rights and to log out of the secure session, the secure session occurring absent execution of intervening commands other than the commands in the security rights modification command set.
- View Dependent Claims (17, 18, 24)
- - 17. A device according to claim 16 comprising;
    - an operating system having different user levels, an administrator user level required for security parameter modification.
  - 18. A device according to claim 16 wherein, the port is for receiving digital data from at least one of a communications network, a removable memory storage medium, a USB memory device, a portable non-volatile memory and a user input device.
  - 24. A device according to claim 16, wherein the processor is configured to disable one or more of a keyboard, microphone or mouse input device when automatically executing the security rights modification command set.

19. A method comprising:
- receiving a plurality of security rights modification commands each comprising serialization data for at least one of identifying said security rights modification command and ordering said security rights modification command within the plurality of security rights modification commands;
  
  storing the security rights modification commands within a memory;
  
  receiving a first command comprising an indication of a set of security rights modification commands within the plurality of security rights modification commands;
  
  extracting the indication from the first command; and
  
  automatically executing the set of security rights modification commands in dependence of the extracted indication, the set of security rights modification commands for initiating a secure session, for modifying security parameters during the secure session, some of the security parameters for being modified only during a secure session, and, for closing the secure session absent at least one of another security rights command being executed and another secure session being initiated during the secure session.
- View Dependent Claims (20, 21, 22, 23)
- - 20. A method according to claim 19 wherein, the serialization data comprises a serial number for identifying uniquely a security rights modification command of the plurality of security rights modification commands.
  - 21. A method according to claim 19 comprising, decoding a data field associated with the first command for extracting the indication therefrom.
  - 22. A method according to claim 19 wherein, the serialization data comprises data for linking a security rights modification command associated therewith and at least another security rights modification command of the plurality of security rights modification commands.
  - 23. A method according to claim 19 wherein, a number of received security rights modification commands within the plurality of security rights modification commands is significantly higher than a number of security rights modification commands within the set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kingston Digital, Inc. (Kingston Technology Corporation)
Original Assignee
Imation Corporation (Glassbridge Enterprises, Inc.)
Inventors
Krahn, Darren, Hamid, Laurence
Primary Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US12/184,480
Publication Number

US 20090044250A1
Time in Patent Office

1,663 Days
Field of Search

None
US Class Current

713/167
CPC Class Codes

G06F 21/31 User authentication

Embedded self-contained security commands

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Embedded self-contained security commands

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links