CA2187855A1 - Method and device for securing computers - Google Patents
Method and device for securing computersInfo
- Publication number
- CA2187855A1 CA2187855A1 CA002187855A CA2187855A CA2187855A1 CA 2187855 A1 CA2187855 A1 CA 2187855A1 CA 002187855 A CA002187855 A CA 002187855A CA 2187855 A CA2187855 A CA 2187855A CA 2187855 A1 CA2187855 A1 CA 2187855A1
- Authority
- CA
- Canada
- Prior art keywords
- computer
- password
- microcontroller
- security
- bios
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/1097—Boot, Start, Initialise, Power
Abstract
A device for securing computers is in the form of an internally installed computer card. The computer card plugs into an ISA bus slot in a PC. The computer card includes a computer interface and microcontroller.
The microcontroller has inputs for motion, power and tamper sensors and communicates with an on-board basic input/output system (BIOS) EEPROM
for storing a BIOS security program and a serial EEPROM for storing security parameters and access passwords. The computer card includes a power circuit with NiCd batteries and a recharger for operating the device while the computer is off. The computer card is given a unique physical device address prior to installation. When the computer is powered up, the computer card is addressed by the computer during its BIOS start-up routine. The internal BIOS security program is then initialized, requiring a password before start-up continues. A password hierarchy provides for multiple levels of access to the security capabilities.
The microcontroller has inputs for motion, power and tamper sensors and communicates with an on-board basic input/output system (BIOS) EEPROM
for storing a BIOS security program and a serial EEPROM for storing security parameters and access passwords. The computer card includes a power circuit with NiCd batteries and a recharger for operating the device while the computer is off. The computer card is given a unique physical device address prior to installation. When the computer is powered up, the computer card is addressed by the computer during its BIOS start-up routine. The internal BIOS security program is then initialized, requiring a password before start-up continues. A password hierarchy provides for multiple levels of access to the security capabilities.
Claims (20)
1. A device for securing a computer comprising:
means for interfacing with the computer via a bus internal to the computer;
means for monitoring status of the computer and for establishing an alarm condition responsive to a change in status;
means for powering the device during intervals where the computer is in an off state;
means for interrupting normal start-up of the computer during a basic input/output system portion thereof; and means for accepting a password from a user to continue normal start-up of the computer.
means for interfacing with the computer via a bus internal to the computer;
means for monitoring status of the computer and for establishing an alarm condition responsive to a change in status;
means for powering the device during intervals where the computer is in an off state;
means for interrupting normal start-up of the computer during a basic input/output system portion thereof; and means for accepting a password from a user to continue normal start-up of the computer.
2. A device as claimed in claim 1 wherein the means for monitoring includes means for sensing a plurality of conditions of the computer and means for enabling the means for sensing.
3. A device as claimed in claim 1 wherein the means for interrupting normal start-up includes address decoding means for providing a physical device address to the computer during start-up.
4. A device as claimed in claim 1 wherein the means for interrupting normal start-up includes program storage means for storing a basic input and output system (BIOS) program whereby addressing of the device by the computer during start-up initiates the BIOS program.
5. A device as claimed in claim 1 wherein the means for accepting a password includes a non-volatile memory means for storing the password to be compared to the password entered by the user.
6. A device as claimed in claim 5 wherein the non-volatile memory means cannot be read by a user of the computer.
7. A device as claimed in claim 1 wherein the means for powering includes rechargeable battery means.
8. A device as claimed in claim 1 wherein the means for powering includes battery charger means.
9. A method of securing a computer comprising the steps of:
providing storage for a stored password;
during start-up of the computer, upon addressing by the computer, initiating a program requesting input of the password;
comparing the password input to the stored password; and allowing completion of start-up of the computer to continue if the password input matches the password stored.
providing storage for a stored password;
during start-up of the computer, upon addressing by the computer, initiating a program requesting input of the password;
comparing the password input to the stored password; and allowing completion of start-up of the computer to continue if the password input matches the password stored.
10. A method as claimed in claim 9 further comprising the step of prompting a user of the computer to change the stored password, prior to the step of allowing completion of start-up of the computer.
11. A method as claimed in claim 9 further comprising the steps of providing security monitoring sensors and providing storage for security parameters for configuring the security monitoring sensors; and prompting a user of the computer to change the security parameters prior to the step of allowing completion of start-up of the computer.
12. A device for securing a computer comprising:
a microcontroller;
a plurality of security sensors connected to the microcontroller;
an alarm output connected to the microcontroller;
an interface connected to the microcontroller for communicating with an internal bus in the computer;
a basic input and output system (BIOS) program store connected to the microcontroller and the interface;
a memory decoder connected to the interface, the microcontroller and the BIOS program store;
a non-volatile store for security parameters and passwords; and a power circuit for powering the device during intervals when the computer is off.
a microcontroller;
a plurality of security sensors connected to the microcontroller;
an alarm output connected to the microcontroller;
an interface connected to the microcontroller for communicating with an internal bus in the computer;
a basic input and output system (BIOS) program store connected to the microcontroller and the interface;
a memory decoder connected to the interface, the microcontroller and the BIOS program store;
a non-volatile store for security parameters and passwords; and a power circuit for powering the device during intervals when the computer is off.
13. A device as claimed in claim 12 wherein the microcontroller includes an analog to digital converter.
14. A device as claimed in claim 12 wherein the plurality of security sensors includes a tilt and motion sensor.
15. A device as claimed in claim 12 wherein the plurality of security sensors includes a low battery sensor.
16. A device as claimed in claim 12 wherein the plurality of security sensors includes a battery voltage sensor.
17. A device as claimed in claim 12 wherein the plurality of security sensors includes a computer chassis tamper sensor.
18. A device as claimed in claim 12 wherein the plurality of security sensors includes a peripheral tamper sensor.
19. A device as claimed in claim 12 wherein the alarm output includes a piezo transducer.
20. A device as claimed in claim 12 wherein the alarm output includes an external alarm system connection.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US57076395A | 1995-12-12 | 1995-12-12 | |
| US08/570,763 | 1995-12-12 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2187855A1 true CA2187855A1 (en) | 1997-06-13 |
Family
ID=24280965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002187855A Abandoned CA2187855A1 (en) | 1995-12-12 | 1996-10-15 | Method and device for securing computers |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2187855A1 (en) |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000042489A2 (en) * | 1999-01-19 | 2000-07-20 | Dan Tudor Vuza | Isa extension card and method for protection of ibm-pc and compatible computers against unauthorized persons use |
| EP1055990A1 (en) * | 1999-05-28 | 2000-11-29 | Hewlett-Packard Company | Event logging in a computing platform |
| EP1085396A1 (en) * | 1999-09-17 | 2001-03-21 | Hewlett-Packard Company | Operation of trusted state in computing platform |
| US6988250B1 (en) | 1999-02-15 | 2006-01-17 | Hewlett-Packard Development Company, L.P. | Trusted computing platform using a trusted device assembly |
| US7076655B2 (en) | 2001-06-19 | 2006-07-11 | Hewlett-Packard Development Company, L.P. | Multiple trusted computing environments with verifiable environment identities |
| US7159210B2 (en) | 2001-06-19 | 2007-01-02 | Hewlett-Packard Development Company, L.P. | Performing secure and insecure computing operations in a compartmented operating system |
| US7353531B2 (en) | 2001-02-23 | 2008-04-01 | Hewlett-Packard Development Company L.P. | Trusted computing environment |
| CN100435062C (en) * | 2005-11-15 | 2008-11-19 | 广达电脑股份有限公司 | Computer system and its confidential method |
| US7457951B1 (en) | 1999-05-28 | 2008-11-25 | Hewlett-Packard Development Company, L.P. | Data integrity monitoring in trusted computing entity |
| US7467370B2 (en) | 2001-11-22 | 2008-12-16 | Hewlett-Packard Development Company, L.P. | Apparatus and method for creating a trusted environment |
| US7865876B2 (en) | 2001-06-19 | 2011-01-04 | Hewlett-Packard Development Company, L.P. | Multiple trusted computing environments |
| US7877799B2 (en) | 2000-08-18 | 2011-01-25 | Hewlett-Packard Development Company, L.P. | Performance of a service on a computing platform |
| US8218765B2 (en) | 2001-02-23 | 2012-07-10 | Hewlett-Packard Development Company, L.P. | Information system |
| US8219496B2 (en) | 2001-02-23 | 2012-07-10 | Hewlett-Packard Development Company, L.P. | Method of and apparatus for ascertaining the status of a data processing environment |
| US8539587B2 (en) | 2005-03-22 | 2013-09-17 | Hewlett-Packard Development Company, L.P. | Methods, devices and data structures for trusted data |
| WO2015196450A1 (en) * | 2014-06-27 | 2015-12-30 | Microsoft Technology Licensing, Llc | System for data protection in power off mode |
| US9633206B2 (en) | 2000-11-28 | 2017-04-25 | Hewlett-Packard Development Company, L.P. | Demonstrating integrity of a compartment of a compartmented operating system |
| GB2559831A (en) * | 2017-02-21 | 2018-08-22 | Google Llc | Integrated second factor authentication |
| CN105518700B (en) * | 2014-06-27 | 2019-07-16 | 微软技术许可有限责任公司 | System for the data protection in shutdown mode |
| US10372937B2 (en) | 2014-06-27 | 2019-08-06 | Microsoft Technology Licensing, Llc | Data protection based on user input during device boot-up, user login, and device shut-down states |
| US10423766B2 (en) | 2014-06-27 | 2019-09-24 | Microsoft Technology Licensing, Llc | Data protection system based on user input patterns on device |
-
1996
- 1996-10-15 CA CA002187855A patent/CA2187855A1/en not_active Abandoned
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000042489A3 (en) * | 1999-01-19 | 2000-12-07 | Dan Tudor Vuza | Isa extension card and method for protection of ibm-pc and compatible computers against unauthorized persons use |
| WO2000042489A2 (en) * | 1999-01-19 | 2000-07-20 | Dan Tudor Vuza | Isa extension card and method for protection of ibm-pc and compatible computers against unauthorized persons use |
| US7444601B2 (en) | 1999-02-15 | 2008-10-28 | Hewlett-Packard Development Company, L.P. | Trusted computing platform |
| US6988250B1 (en) | 1999-02-15 | 2006-01-17 | Hewlett-Packard Development Company, L.P. | Trusted computing platform using a trusted device assembly |
| US7194623B1 (en) | 1999-05-28 | 2007-03-20 | Hewlett-Packard Development Company, L.P. | Data event logging in computing platform |
| EP1055990A1 (en) * | 1999-05-28 | 2000-11-29 | Hewlett-Packard Company | Event logging in a computing platform |
| WO2000073880A1 (en) * | 1999-05-28 | 2000-12-07 | Hewlett-Packard Company | Data event logging in computing platform |
| US7457951B1 (en) | 1999-05-28 | 2008-11-25 | Hewlett-Packard Development Company, L.P. | Data integrity monitoring in trusted computing entity |
| EP1085396A1 (en) * | 1999-09-17 | 2001-03-21 | Hewlett-Packard Company | Operation of trusted state in computing platform |
| US7302698B1 (en) | 1999-09-17 | 2007-11-27 | Hewlett-Packard Development Company, L.P. | Operation of trusted state in computing platform |
| WO2001027722A1 (en) * | 1999-09-17 | 2001-04-19 | Hewlett-Packard Company | Operation of trusted state in computing platform |
| US7877799B2 (en) | 2000-08-18 | 2011-01-25 | Hewlett-Packard Development Company, L.P. | Performance of a service on a computing platform |
| US9633206B2 (en) | 2000-11-28 | 2017-04-25 | Hewlett-Packard Development Company, L.P. | Demonstrating integrity of a compartment of a compartmented operating system |
| US7353531B2 (en) | 2001-02-23 | 2008-04-01 | Hewlett-Packard Development Company L.P. | Trusted computing environment |
| US8219496B2 (en) | 2001-02-23 | 2012-07-10 | Hewlett-Packard Development Company, L.P. | Method of and apparatus for ascertaining the status of a data processing environment |
| US8218765B2 (en) | 2001-02-23 | 2012-07-10 | Hewlett-Packard Development Company, L.P. | Information system |
| US7076655B2 (en) | 2001-06-19 | 2006-07-11 | Hewlett-Packard Development Company, L.P. | Multiple trusted computing environments with verifiable environment identities |
| US7865876B2 (en) | 2001-06-19 | 2011-01-04 | Hewlett-Packard Development Company, L.P. | Multiple trusted computing environments |
| US7159210B2 (en) | 2001-06-19 | 2007-01-02 | Hewlett-Packard Development Company, L.P. | Performing secure and insecure computing operations in a compartmented operating system |
| US7467370B2 (en) | 2001-11-22 | 2008-12-16 | Hewlett-Packard Development Company, L.P. | Apparatus and method for creating a trusted environment |
| US8539587B2 (en) | 2005-03-22 | 2013-09-17 | Hewlett-Packard Development Company, L.P. | Methods, devices and data structures for trusted data |
| CN100435062C (en) * | 2005-11-15 | 2008-11-19 | 广达电脑股份有限公司 | Computer system and its confidential method |
| WO2015196450A1 (en) * | 2014-06-27 | 2015-12-30 | Microsoft Technology Licensing, Llc | System for data protection in power off mode |
| CN105518700A (en) * | 2014-06-27 | 2016-04-20 | 微软技术许可有限责任公司 | System for data protection in power off mode |
| CN105518700B (en) * | 2014-06-27 | 2019-07-16 | 微软技术许可有限责任公司 | System for the data protection in shutdown mode |
| US10372937B2 (en) | 2014-06-27 | 2019-08-06 | Microsoft Technology Licensing, Llc | Data protection based on user input during device boot-up, user login, and device shut-down states |
| US10423766B2 (en) | 2014-06-27 | 2019-09-24 | Microsoft Technology Licensing, Llc | Data protection system based on user input patterns on device |
| US10474849B2 (en) | 2014-06-27 | 2019-11-12 | Microsoft Technology Licensing, Llc | System for data protection in power off mode |
| GB2559831A (en) * | 2017-02-21 | 2018-08-22 | Google Llc | Integrated second factor authentication |
| GB2559831B (en) * | 2017-02-21 | 2019-11-20 | Google Llc | Integrated second factor authentication |
| US11394704B2 (en) | 2017-02-21 | 2022-07-19 | Google Llc | Integrated second factor authentication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2187855A1 (en) | Method and device for securing computers | |
| US6969970B2 (en) | Method of controlling the charging of a battery | |
| US5796239A (en) | Battery pack having a processor controlled battery operating system | |
| US20220006318A1 (en) | Device charging system | |
| US6154004A (en) | Battery/discriminating method, drycell battery pack, and electronic device | |
| EP3623776B1 (en) | Dynamic power consumption management and wake-up method and application system therefor | |
| KR100666518B1 (en) | Portable electronic device comprising common serial bus connector | |
| US5606242A (en) | Smart battery algorithm for reporting battery parameters to an external device | |
| JP2540004B2 (en) | Battery operated computer with battery monitor and cell polarity reversal protection circuit | |
| US4718776A (en) | Portable monitoring device and method | |
| JP4780620B2 (en) | Battery management system chip having a function for flexible expansion of control rules | |
| JP2003143773A (en) | Electrical machinery and apparatus, computer apparatus, and power-switching apparatus and method | |
| US5706239A (en) | Rechargeable SRAM/flash PCMCIA card | |
| US6360326B1 (en) | Password delay | |
| JP3167303B2 (en) | Personal computer | |
| US5153558A (en) | Vehicle security system with battery tampering detection | |
| CN110210260B (en) | Data self-destruction system and method | |
| JP2003173220A (en) | Electrical apparatus, computer device, intelligent battery and control method for battery | |
| US5523670A (en) | Method and apparatus for controlling power supply | |
| CN107179819B (en) | Method for preventing battery from swelling and electronic device thereof | |
| CN114201739A (en) | Electronic equipment starting method and device based on fingerprint | |
| EP3455918B1 (en) | Method and apparatus for shake awake smart battery pack | |
| CA2204268A1 (en) | Smart battery device | |
| CN103219553A (en) | Battery pack | |
| CN117458661A (en) | Charging control method and device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Dead |