Subsystem authenticity and integrity verification (SAIV)
First Claim
Patent Images
1. A computer implemented method for determining authenticity and integrity of a subsystem of a notebook computer, the method comprising:
- communicating, from a security station, with a security token within a replaceable subsystem of the notebook computer to perform a challenge/response operation with the security token using a first secret stored in the security token, without powering on the notebook computer, thereby receiving a first response, formed using the first secret, from the security token, the notebook computer being separate from the security station;
communicating, from the security station, with a remote secret store in an authenticated communication session over a public computer network to perform a challenge/response operation with the remote secret store using a second secret stored in the remote secret store, thereby receiving a second response, formed using the second secret, from the remote secret store, the remote secret store being separate from the notebook computer and the security station;
comparing the first response with the second response for correspondence; and
responsive to the comparison, generating a failure alarm if the comparison indicates no correspondence between the first secret and the second secret, and generating a pass indication if the comparison indicates correspondence between the first secret and the second secret.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for enhancing anti-terrorism public safety measures, by more securely determining whether explosives or other contraband have been inserted into notebook computer batteries or other large, replaceable subsystems of electronic devices. Because notebook computers typically require large, heavy batteries, they present attractive containers for smugglers and terrorists attempting to bring explosives onto an airplane. The disclosed security testing system provides more reliable results than many current tests, and does not require that the device under test be powered on. The systems and methods disclosed use out-of-band authentication for added security.
4 Citations
5 Claims
-
1. A computer implemented method for determining authenticity and integrity of a subsystem of a notebook computer, the method comprising:
-
communicating, from a security station, with a security token within a replaceable subsystem of the notebook computer to perform a challenge/response operation with the security token using a first secret stored in the security token, without powering on the notebook computer, thereby receiving a first response, formed using the first secret, from the security token, the notebook computer being separate from the security station; communicating, from the security station, with a remote secret store in an authenticated communication session over a public computer network to perform a challenge/response operation with the remote secret store using a second secret stored in the remote secret store, thereby receiving a second response, formed using the second secret, from the remote secret store, the remote secret store being separate from the notebook computer and the security station; comparing the first response with the second response for correspondence; and responsive to the comparison, generating a failure alarm if the comparison indicates no correspondence between the first secret and the second secret, and generating a pass indication if the comparison indicates correspondence between the first secret and the second secret. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeTenet 3, LLC
-
Original AssigneeJeff Hughes, Kelce Wilson
-
InventorsHughes, Jeff, Wilson, Kelce
-
Primary Examiner(s)Barron, Jr., Gilberto
-
Assistant Examiner(s)ALMEIDA, DEVIN E
-
Application NumberUS12/754,592Publication NumberTime in Patent Office1,002 DaysField of Search713/168, 380/46US Class Current713/168CPC Class CodesG06F 21/81 by operating on the power s...G06F 21/86 Secure or tamper-resistant ...H04L 9/32 including means for verifyi...H04L 9/3271 using challenge-responseH04L 9/3278 using physically unclonable...
