|Publication number||US20050026595 A1|
|Application number||US 10/631,126|
|Publication date||Feb 3, 2005|
|Filing date||Jul 31, 2003|
|Priority date||Jul 31, 2003|
|Also published as||US8320881, US8521134, US8750833, US20060252411, US20130078955, US20130344846|
|Publication number||10631126, 631126, US 2005/0026595 A1, US 2005/026595 A1, US 20050026595 A1, US 20050026595A1, US 2005026595 A1, US 2005026595A1, US-A1-20050026595, US-A1-2005026595, US2005/0026595A1, US2005/026595A1, US20050026595 A1, US20050026595A1, US2005026595 A1, US2005026595A1|
|Original Assignee||Huckins Jeffrey L.|
|Export Citation||BiBTeX, EndNote, RefMan|
|Patent Citations (2), Referenced by (8), Classifications (13), Legal Events (1)|
|External Links: USPTO, USPTO Assignment, Espacenet|
This invention relates generally to processor-based systems.
Processor-based systems may be wired or wireless, portable and less portable. Wired devices may be connected by physical wires to one another and to electrical connections. A portable device may be coupled by wireless signals to other devices and may use a battery as a source of power. Portable processor-based systems include, for example, laptop computers, cellular telephones, handheld devices, and personal digital assistants.
Processor-based systems are subject to two security concerns. The first concern relates to the security of the data actually stored on the processor-based system. The second security concern relates to the potential theft of the processor-based system. Particularly with portable processor-based systems, theft is easy.
Thus, there is a need for better ways to provide security for processor-based systems.
The wireless protocol 15 may be a short range wireless protocol having a range, for example, on the order of about ten feet. One such protocol having such a range is described as the Bluetooth Specification V.1.OB (2003). The range of the protocol 15 is indicated by the arrow A. So long as the handheld device 14 is within the distance A of the processor-based system 12, wireless communication is possible. If the device 14 strays into the region B, wireless communication may no longer be established.
Thus, a network 10 may be formed of the devices 12, 14, and 16, as well as other devices. The range of the wireless network 10 may be limited by the range of the various wireless protocols 13 and 15 that may be utilized.
The processor-based device 12 may be a laptop computer in one embodiment of the present invention. Laptop computers are particularly prone to being stolen. However, the processor-based device 12 may be any processor-based device.
In one embodiment of the present invention, the user may carry the handheld device 14 on his or her person, for example in the user's pocket or it may be held in the user's hand. Thus, the handheld device 14 is closely associated with the location of a user. That same user may own a processor-based system 12. When the user strays beyond the distance A, wireless communication with the processor-based system 12 is discontinued. This may be used as an indication that someone who is attempting to use the processor-based system 12 is unauthorized. Since it can be determined that the authorized user is not proximate to the processor-based system 12, the system 12 may determine that it is not appropriate to allow the person attempting to use the processor-based system to have access. This may provide data security, preventing the unauthorized user from accessing the computer. It may also provide physical security since there is no incentive to steal the processor-based system 12 if it can never be used.
Thus, in one embodiment of the present invention, the system 12 determines whether the user is proximate by attempting to establish wireless communications with the handheld device 14. If such communications are not possible, the processor-based system 12 implements a security protocol that may include denying access, initiating a phone call to the user or others, initiating an alarm, or simply turning the processor-based system 12 permanently off.
In accordance with another embodiment of the present invention, shown in
In accordance with one embodiment of the present invention, the handheld device 14 may include the software 22 shown in
In another embodiment, a distance measurement solution may be used. For example, a signal strength indication (SSI) may be used to determine whether the user is farther from the system 12 than a predetermined distance.
The bus 42 may also be coupled to a storage device 45 and in one embodiment of the present invention may be a hard disk drive and in another embodiment of the present invention may be a semiconductor memory. The storage 45 may store the access control software 20 a and 20 b.
Any suitable authentication protocol on the processor-based device 12 and the handheld device 14 may be utilized for exchanging credentials. As an example, an 802.1X supplicant on a handheld device 14 and an 802.1X authenticator on the processor-based system 12 may be used to exchange credentials using the Bluetooth personal area network (PAN) profile. For example, the 802.1X protocol may be the IEEE 802.11 protocols currently specified or their successors. See IEEE 802.11 (1999) specification available from IEEE, New York, N.Y. (ISBN 0-7381-2315-3; Product No.: SH94842-TBR). Security credentials may be stored on the handheld device 14 and a subscriber information module (SIM) 52 to perform the 802.1X authentication of user and processor-based system 12 to the network 10. In this way, a single SIM 52 in the user's handheld device 14 serves multiple functions, including user authentication to the handheld device by a personal identification number protected access, user and handheld device authentication to the processor-based system 12, user and processor-based system 12 authentication to a network 10, for example via 802.1X, and verification of user possession of the processor-based system 12. An 802.1X supplicant on the processor-based system 12 may then use these credentials to respond to an 802.1X authentication protocol from an 802.11 access point 16.
While the present invention has been described with respect to a limited number of embodiments, those skilled in the art will appreciate numerous modifications and variations therefrom. It is intended that the appended claims cover all such modifications and variations as fall within the true spirit and scope of this-present invention.
|Cited Patent||Filing date||Publication date||Applicant||Title|
|US6230002 *||Nov 19, 1997||May 8, 2001||Telefonaktiebolaget L M Ericsson (Publ)||Method, and associated apparatus, for selectively permitting access by a mobile terminal to a packet data network|
|US20050009469 *||Dec 20, 2002||Jan 13, 2005||Sakari Kotola||Client software download in bluetooth device bonding|
|Citing Patent||Filing date||Publication date||Applicant||Title|
|US8146153||Dec 31, 2007||Mar 27, 2012||Sandisk Technologies Inc.||Method and system for creating and accessing a secure storage area in a non-volatile memory card|
|US8428649||Aug 20, 2008||Apr 23, 2013||Sandisk Technologies Inc.||Memory device upgrade|
|US8984645||Aug 20, 2008||Mar 17, 2015||Sandisk Technologies Inc.||Accessing memory device content using a network|
|US8997214||Feb 21, 2012||Mar 31, 2015||Sandisk Technologies Inc.||Method and system for creating and accessing a secure storage area in a non-volatile memory card|
|US9031534 *||Oct 29, 2013||May 12, 2015||Avaya Inc.||Proximity-based authorization|
|US20050239505 *||Mar 29, 2005||Oct 27, 2005||Alcatel||Wireless telecommunication terminal with at least two different communication interfaces and method for operating the same|
|US20130340073 *||Jun 14, 2012||Dec 19, 2013||Shinoj Bhaskaran||Identification to Access Portable Computing Device|
|US20140051389 *||Oct 29, 2013||Feb 20, 2014||Avaya Inc.||Proximity-Based Authorization|
|U.S. Classification||455/411, 380/243|
|International Classification||H04L29/06, H04W12/08, H04W4/02|
|Cooperative Classification||H04L63/10, H04L63/0492, H04W12/06, H04W4/02, H04W12/08|
|European Classification||H04L63/04B16, H04L63/10, H04W12/08|
|Jul 31, 2003||AS||Assignment|
Owner name: INTEL CORPORATION, CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HUCKINS, JEFFREY L.;REEL/FRAME:014365/0156
Effective date: 20030729