Subsystem authenticity and integrity verification (SAIV)
First Claim
1. A computer implemented method for determining authenticity and integrity of a subsystem of a notebook computer, the method comprising:
- communicating, from a security station, with a security token within a replaceable subsystem of the notebook computer to perform a challenge/response operation with the security token using a first secret stored in the security token, without powering on the notebook computer, thereby receiving a first response, formed using the first secret, from the security token, the notebook computer being separate from the security station;
communicating, from the security station, with a remote secret store in an authenticated communication session over a public computer network to perform a challenge/response operation with the remote secret store using a second secret stored in the remote secret store, thereby receiving a second response, formed using the second secret, from the remote secret store, the remote secret store being separate from the notebook computer and the security station;
comparing the first response with the second response for correspondence; and
responsive to the comparison, generating a failure alarm if the comparison indicates no correspondence between the first secret and the second secret, and generating a pass indication if the comparison indicates correspondence between the first secret and the second secret.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for enhancing anti-terrorism public safety measures, by more securely determining whether explosives or other contraband have been inserted into notebook computer batteries or other large, replaceable subsystems of electronic devices. Because notebook computers typically require large, heavy batteries, they present attractive containers for smugglers and terrorists attempting to bring explosives onto an airplane. The disclosed security testing system provides more reliable results than many current tests, and does not require that the device under test be powered on. The systems and methods disclosed use out-of-band authentication for added security.
4 Citations
5 Claims
-
1. A computer implemented method for determining authenticity and integrity of a subsystem of a notebook computer, the method comprising:
-
communicating, from a security station, with a security token within a replaceable subsystem of the notebook computer to perform a challenge/response operation with the security token using a first secret stored in the security token, without powering on the notebook computer, thereby receiving a first response, formed using the first secret, from the security token, the notebook computer being separate from the security station; communicating, from the security station, with a remote secret store in an authenticated communication session over a public computer network to perform a challenge/response operation with the remote secret store using a second secret stored in the remote secret store, thereby receiving a second response, formed using the second secret, from the remote secret store, the remote secret store being separate from the notebook computer and the security station; comparing the first response with the second response for correspondence; and responsive to the comparison, generating a failure alarm if the comparison indicates no correspondence between the first secret and the second secret, and generating a pass indication if the comparison indicates correspondence between the first secret and the second secret. - View Dependent Claims (2, 3, 4, 5)
-
Specification