Device function restricting method and system in specific perimeters
First Claim
Patent Images
1. A device function restriction monitoring system comprising:
- a communication system which provides a location-limited communication channel to detect whether a device entering a perimeter is in an area for device inspection;
a server which provides a credential and a security policy to the device and receives a report on whether the device violates the security policy through the location-limited communication channel; and
an alarm system which triggers a security alarm if the device violates the security policy;
wherein the device comprises a system memory having the credential, the security policy, a reference state which indicates a state of the resources of the device when the security policy is applied, and a current state which indicates a state of the resources of the device after use of the device;
wherein the device sends the reference state and the current state to the server, the server storing the reference state and current state; and
wherein the server compares the reference state and the current state to determine if the device has violated the security policy.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus and method for restricting the functions of a device are provided. A restriction monitoring system includes a communication system that provides a location-limited communication channel that detects whether a device entering a perimeter is in an area for device inspection, a server that provides a credential and a security policy to the device and receives a report on whether the device violates the security policy through the location-limited communication channel, and an alarm system which triggers a security alarm when the device violates the security policy.
31 Citations
21 Claims
-
1. A device function restriction monitoring system comprising:
-
a communication system which provides a location-limited communication channel to detect whether a device entering a perimeter is in an area for device inspection; a server which provides a credential and a security policy to the device and receives a report on whether the device violates the security policy through the location-limited communication channel; and an alarm system which triggers a security alarm if the device violates the security policy; wherein the device comprises a system memory having the credential, the security policy, a reference state which indicates a state of the resources of the device when the security policy is applied, and a current state which indicates a state of the resources of the device after use of the device; wherein the device sends the reference state and the current state to the server, the server storing the reference state and current state; and wherein the server compares the reference state and the current state to determine if the device has violated the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A device comprising:
-
a system memory which stores a credential and a security policy received from a monitoring system located in a perimeter and stores control software carrying out the security policy, and further stores a reference state which indicates a state of the resources of the device when the security policy is applied, and a current state which indicates a state of the resources of the device after use of the device; a device processor which controls execution of the control software; and an input/output (I/O) system which performs communications with a monitoring system; wherein the device processor reports a change in current state to the monitoring system through the I/O system; and wherein the monitoring system compares the reference state and the current state to determine if the device has violated the security policy. - View Dependent Claims (9, 10, 11)
-
-
12. A device function restriction method comprising:
-
(a) receiving a credential and a security policy from a monitoring system, and transmitting a reference state with the security policy applied to source resources in a state that a device enters a perimeter to the monitoring system; and (b) controlling, by a processor of the device, use of the source resources according to the security policy, and reporting content transformation of a device state to the monitoring system, in a state that the device is located in the perimeter; wherein the content transformation of the device state is compared to the reference state to determine if the device has violated the security policy. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A device function restricting method comprising:
-
(a) providing, by a monitoring system, a credential and a security policy to a device entering a perimeter; (b) receiving, from the device, a reference state with the security policy applied to source resources; (c) receiving, from the device, a report on content transformation of the reference state; and (d) restricting, by the device, specific functions or prohibiting use of the source resources according to the reported state of the device; wherein (c) comprises transforming the reference state into a previous state by control software when the device violates the security policy, and receiving a report on the previous state from the device; and wherein the report on content transformation is compared to the reference state to determine if the device has violated the security policy. - View Dependent Claims (19, 20, 21)
-
Specification