US20010011352A1 - Geographic location receiver based computer system security - Google Patents
Geographic location receiver based computer system security Download PDFInfo
- Publication number
- US20010011352A1 US20010011352A1 US09/052,992 US5299298A US2001011352A1 US 20010011352 A1 US20010011352 A1 US 20010011352A1 US 5299298 A US5299298 A US 5299298A US 2001011352 A1 US2001011352 A1 US 2001011352A1
- Authority
- US
- United States
- Prior art keywords
- location
- authorized
- current location
- database
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
Definitions
- the present invention relates to computer security, and more specifically, to using a geographic location for computer security.
- Local identification systems provide a geographic location for a location identification system.
- One known location identification system is a the global positioning system.
- GPS Global Positioning System
- the Global Positioning System is a “constellation” of 24 satellites that orbit the Earth and make it possible for people with ground receivers to pinpoint their geographic location.
- the location accuracy is anywhere from 100 to 10 meters for most equipment. Accuracy can be pinpointed to within one meter with special military-approved equipment or by using differential GPS.
- Differential GPS uses a fixed location receiver in addition to a GPS satellite, to determine the exact location of the receiver.
- GPS equipment is widely used in science and has now become sufficiently low-cost so that almost anyone can own a GPS receiver.
- the GPS is owned and operated by the U.S. Department of Defense but is available for general use around the world.
- the system encompasses twenty-one GPS satellites and three spare satellites in orbit at 10,600 miles above the Earth.
- the satellites are spaced so that from any point on Earth, four satellites will be above the horizon.
- Each satellite contains a computer, an atomic clock, and a radio. With an understanding of its own orbit and the clock, it continually broadcasts its changing position and time.
- any GPS receiver contains a computer that “triangulates” its own position by getting bearings from three of the four satellites.
- the result is provided in the form of a geographic position —longitude and latitude. If the receiver is also equipped with a display screen that shows a map, the position can be shown on the map. If a fourth satellite can be received, the receiver/computer can figure out the altitude as well as the geographic position. If the receiver is moving, the receiver may also be able to calculate its speed and direction of travel and provide an estimated time of arrival to a specified destination.
- GPS receivers are becoming consumer products. In addition to their outdoor use (hiking, cross-country skiing, ballooning, flying, and sailing), one prior art use of GPS receivers is in cars to relate the driver's location with traffic and weather information.
- FIG. 1 illustrates a prior art security system for vehicles.
- a GPS system 120 and a cellular telephone 130 are in the vehicle 110 .
- the user notifies a monitoring station which includes a monitoring system 150 .
- the monitoring system 150 includes an alert system 160 , an information receiving unit 170 for receiving GPS information transmitted by the vehicle 110 , and a tracking mechanism 180 that includes a GPS receiver.
- the information receiving unit 170 the dials into the cellular telephone 130 in the stolen vehicle 110 .
- the GPS system 120 on the stolen vehicle 110 transmits details of the vehicle's 110 location via the cellular telephone 130 . These longitude and latitude details are displayed on the tracking mechanism 180 of the monitoring system 150 . This permits the monitoring system 150 to direct the police to recover the vehicle.
- FIG. 1 illustrates a prior art security system for an automobile.
- FIG. 4 is a flowchart illustrating one embodiment of the process of location verification.
- FIG. 2 is a block diagram of the computer system 200 in which an embodiment of the present invention can be implemented.
- Computer system 200 comprises a bus 201 or other communication means for communicating information, and a processor 202 coupled with bus 201 for processing information.
- Computer system 200 also comprises a read only memory (ROM) and/or other static storage device 206 coupled to bus 201 for storing static information and instructions for processor 202 .
- ROM read only memory
- the computer system 200 further comprises a main memory 203 , a dynamic storage device for storing information and instructions to be executed.
- Main memory 203 also may be used for storing temporary variables or other intermediate information during execution of instructions.
- the main memory 203 is dynamic random access memory (DRAM).
- Computer system 200 can also be coupled via I/O bus 230 to a display device 205 , such as a cathode ray tube (CRT) or liquid crystal display (LCD) screen, for displaying information to a computer user.
- a display device 205 such as a cathode ray tube (CRT) or liquid crystal display (LCD) screen
- An input device 206 is typically coupled to I/O bus 230 for communicating information and command selections to processor 202 .
- cursor control device 206 such as a mouse, a trackball, trackpad, or cursor direction keys for communicating direction information and command selections to processor 202 and for controlling cursor movement on display device 205 .
- other input devices 206 such as a stylus or pen can be used to interact with the display.
- the computer system 200 may further be coupled via the I/O bus 230 to a network device 210 for communicating with other computers.
- the network device 210 may be a modem, a network card, or other device to communicate between the computer system 200 and other systems or networks.
- a comparator 340 is further included.
- the comparator 340 receives the current location information from the location receiver 320 , and compares the current location to a list of authorized locations in the database 360 .
- the comparator transmits a yes/no response, indicating whether or not the current location is an authorized location to the response unit 350 .
- the security system of the present invention is different from prior art security systems in that it is self-contained.
- Prior art systems generally require outside participation.
- the automobile security system described above requires a user to alert a monitoring station, which then can receive location data from the vehicle.
- the vehicle itself does not respond to the theft.
- the prior art response is merely permitting monitoring of the location of the vehicle, rather than an affirmative response, as in the present system.
- FIG. 4 is a flowchart illustrating one embodiment of the process of location verification.
- the process starts.
- the process tests whether timer 335 has expired. The timer may have expired because a certain period of time has expired or another event occurred. If the timer is not expired, the process loops back to block 415 , to query again. For one embodiment, this system is an interrupt driven system. The process does not continuously query the timer, rather when the timer expires, the timer sends an interrupt to the processor to initiate the process illustrated in FIG. 4. For one embodiment, the entire process runs in the background, without alerting the user. If, at block 415 , the timer has expired, the process continues to block 420 .
- the system tests that the location receiver is present in the system.
- the system queries whether the location receiver was found in the system. If the location receiver was found, the process continues to block 445 .
- the location receiver is queried for the current location of the computer system.
- the location receiver is a GPS receiver, and the GPS receiver determines a current latitude and longitude, and possibly altitude.
- the current location is compared with location information in the database.
- the process tests whether the current location corresponds to an “authorized location” within the database. As will be discussed below, the locations within the database identify those areas to which the computer system may be moved.
- a dialog is displayed indicating that the computer is outside of the area for which its use is authorized. For an alternative embodiment, no such dialog is displayed. The process then continues to block 435 .
- the response mechanism is activated.
- the response mechanism responds to the computer system being outside of the authorized locations.
- the specific responses may be any of a range of responses, including turning off the computer, deleting files, etc. The responses will be described in more detail below.
- the system determined whether the location receiver was present in the system. If no receiver is found, the process continues to block 430 . At block 430 , the user is informed of the absence of the receiver, for one embodiment. For an alternative embodiment, no such notification is provided. The process then continues to block 435 , where the response mechanism is activated. From there, the process returns to block 415 , to wait for the timer to expire again.
- the system tests whether the user has selected a response mechanism.
- the user may select one of a set of responses to the failure of the location testing. This selection mechanism is protected via known security techniques. For one embodiment, the user has to enter a password in order to select a response. For one embodiment, after a set number of attempts, the preset mechanism is locked, preventing a thief from breaking into the preset mechanism. Alternative protection for the selection mechanism may be used. For an alternative embodiment, the preset response may not be modified by the user. If the user did not select a response, the system proceeds to block 525 . At block 525 , the response is set to a default response. If the user selected a response, the system proceeds to block 520 . At block 520 , the response is set to the user's selected response. The chart then illustrates some of the possible routes. The system may implement any or all of the responses illustrated.
- the system is turned off.
- the system may turn off and set the timer such that next time the system is turned on, it tests the location prior to doing anything else. For one embodiment, only part of the system is turned off, such as the input devices.
- the system is locked. Locking the system prevents access to the system, without turning off the system. This may be useful, for example, if the system were simultaneously sounding an alert, for which the system needs to be turned on.
- the system is automatically unlocked when the computer is returned to the designated area.
- the system can only be unlocked by using a special unlocking device such as a key, card, password, or similar system.
- the user does not own this special unlocking device. Rather, for example, the system administrator may hold the unlocking device.
- the user is warned that the system is not in an authorized location.
- This may include an audio as well as a visual warning.
- the “authorized location” is indicated to the user.
- the warning may read “This computer system is only authorized to be used within location X.”
- the system deletes sensitive files marked for deletion in the event the system is removed from the authorized area.
- the system on which this security system is implemented may include highly sensitive files. These sensitive files may be marked for automatic deletion if the system is taken out of the designated geographic area.
- the deletion permits recovery, once the system is returned to the appropriate location.
- such a deletion is permanent.
- Any one or combination of the responses listed in blocks 530 - 550 may be implemented in the present system. Alternative mechanisms may be used to protect the system from removal from a designated geographic location.
- the system tests whether the security check is correct. That is, the system tests whether the user attempting to access the database is authorized to do so. If the security check fails, the system returns to block 620 . If the security check is correct, the system continues to block 640 .
- a map is displayed.
- this map is of the United States.
- this is a map of the world.
- the user can select the map area to be displayed from a menu or via user entry.
- the map information is translated into the appropriate information for the location receiver.
- the location receiver is a GPS system, and the appropriate format is latitude and longitude information.
- a different system may be used. For one embodiment this step may be skipped, and the information about the current location may be translated during the testing process illustrated in FIG. 4.
- the security system 310 may be implemented in a wide variety of systems.
- the security system 310 may be included in a portable computer.
- the system 310 may be included in systems that have an authorized area of use, such as rental cars/vans. For example, some rental car companies prohibit removing the vehicle from the state or country. This could be monitored using the security system.
- Other transportable goods which may have an authorized set of locations, for example freight being transported, may also include the security system 310 . This may prevent theft of such goods.
- the security system 310 may be implemented on the primary chip or motherboard.
- the security system 310 may be included in expensive stereos, video camcorders, high end audio equipment, military systems, defense/military items, kiosks, multimedia systems, mainframes, PBX systems, server systems, routers & hubs, super computers, etc.
- the security system 310 may further be included in any organizer that includes sensitive information. Additionally, the system 310 may be incorporated into sensitive equipment—f.e. systems under development. Other uses for the security system may be found as well.
Abstract
A method and apparatus using a location receiver for computer security is provided. A system includes a processor and a bus coupled to the processor. The system further includes a location receiver for receiving a current location of the system, and a database including at least one authorized location for the system. The system further includes a comparator for comparing the current location with the authorized location. The system also includes a response unit for responding if the current location does not correspond to the authorized location.
Description
- The present invention relates to computer security, and more specifically, to using a geographic location for computer security.
- Local identification systems provide a geographic location for a location identification system. One known location identification system is a the global positioning system.
- The Global Positioning System (GPS) is a “constellation” of24 satellites that orbit the Earth and make it possible for people with ground receivers to pinpoint their geographic location. The location accuracy is anywhere from 100 to 10 meters for most equipment. Accuracy can be pinpointed to within one meter with special military-approved equipment or by using differential GPS. Differential GPS uses a fixed location receiver in addition to a GPS satellite, to determine the exact location of the receiver.
- GPS equipment is widely used in science and has now become sufficiently low-cost so that almost anyone can own a GPS receiver. The GPS is owned and operated by the U.S. Department of Defense but is available for general use around the world. The system encompasses twenty-one GPS satellites and three spare satellites in orbit at 10,600 miles above the Earth. The satellites are spaced so that from any point on Earth, four satellites will be above the horizon. Each satellite contains a computer, an atomic clock, and a radio. With an understanding of its own orbit and the clock, it continually broadcasts its changing position and time. On the ground, any GPS receiver contains a computer that “triangulates” its own position by getting bearings from three of the four satellites.
- The result is provided in the form of a geographic position —longitude and latitude. If the receiver is also equipped with a display screen that shows a map, the position can be shown on the map. If a fourth satellite can be received, the receiver/computer can figure out the altitude as well as the geographic position. If the receiver is moving, the receiver may also be able to calculate its speed and direction of travel and provide an estimated time of arrival to a specified destination.
- GPS receivers are becoming consumer products. In addition to their outdoor use (hiking, cross-country skiing, ballooning, flying, and sailing), one prior art use of GPS receivers is in cars to relate the driver's location with traffic and weather information.
- FIG. 1 illustrates a prior art security system for vehicles. A
GPS system 120 and acellular telephone 130 are in thevehicle 110. When avehicle 110 including theGPS system 120 andcellular telephone 130 is stolen, the user notifies a monitoring station which includes amonitoring system 150. Themonitoring system 150 includes analert system 160, aninformation receiving unit 170 for receiving GPS information transmitted by thevehicle 110, and atracking mechanism 180 that includes a GPS receiver. When the user alerts themonitoring system 150, theinformation receiving unit 170 the dials into thecellular telephone 130 in the stolenvehicle 110. TheGPS system 120 on the stolenvehicle 110 transmits details of the vehicle's 110 location via thecellular telephone 130. These longitude and latitude details are displayed on thetracking mechanism 180 of themonitoring system 150. This permits themonitoring system 150 to direct the police to recover the vehicle. - A method and apparatus for a location based security system is described. The system includes a processor and a bus coupled to the processor. The system further includes a location receiver for receiving a current location of the system, and a database including at least one authorized location for the system. The system further includes a comparator for comparing the current location with the authorized location. The system also includes a response unit for responding if the current location does not correspond to the authorized location.
- The present invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which:
- FIG. 1 illustrates a prior art security system for an automobile.
- FIG. 2 illustrates a computer system on which the present invention may be implemented.
- FIG. 3 illustrates a block diagram of one embodiment of the security system of the present invention.
- FIG. 4 is a flowchart illustrating one embodiment of the process of location verification.
- FIG. 5 is a flowchart illustrating one embodiment of the selection of the response.
- FIG. 6 is a flowchart illustrating one embodiment of the process of adding authorized locations to the present system.
- A method and apparatus for a computer security system is described.
- FIG. 2 is a block diagram of the
computer system 200 in which an embodiment of the present invention can be implemented.Computer system 200 comprises abus 201 or other communication means for communicating information, and aprocessor 202 coupled withbus 201 for processing information.Computer system 200 also comprises a read only memory (ROM) and/or otherstatic storage device 206 coupled tobus 201 for storing static information and instructions forprocessor 202. - The
computer system 200 further comprises amain memory 203, a dynamic storage device for storing information and instructions to be executed.Main memory 203 also may be used for storing temporary variables or other intermediate information during execution of instructions. In one embodiment themain memory 203 is dynamic random access memory (DRAM). -
Computer system 200 can also be coupled via I/O bus 230 to adisplay device 205, such as a cathode ray tube (CRT) or liquid crystal display (LCD) screen, for displaying information to a computer user. Aninput device 206 is typically coupled to I/O bus 230 for communicating information and command selections toprocessor 202. Another type ofuser input device 206 iscursor control device 206, such as a mouse, a trackball, trackpad, or cursor direction keys for communicating direction information and command selections toprocessor 202 and for controlling cursor movement ondisplay device 205. Alternatively,other input devices 206 such as a stylus or pen can be used to interact with the display. - The
computer system 200 may further be coupled via the I/O bus 230 to anetwork device 210 for communicating with other computers. Thenetwork device 210 may be a modem, a network card, or other device to communicate between thecomputer system 200 and other systems or networks. - The
computer system 200 further includes asecurity system 220 for determining the geographic location of thecomputer system 200. For one embodiment, thesecurity system 220 is coupled to thecomputer system 200 via themain bus 201. For another embodiment, thesecurity system 220 is coupled to thecomputer system 200 via the I/O bus 230 or the PCI bus. Alternatively, thesecurity system 220 may be included in theprocessor 202. - FIG. 3 illustrates a block diagram of one embodiment of the security system of the present invention. The
security system 310 includes alocation receiver 320. For one embodiment, the location receiver is a global positioning system (GPS)receiver 320. For another embodiment, the location receiver may be based on cellular telephone cell locations. Alternative systems that determine a current location may also be used. - The
security system 310 further includes adatabase 360. Thedatabase 360 stores authorized locations for the system. For one embodiment, thedatabase 360 includes auser interface 365 that permits a user to modify the list of authorized locations. Furthermore, thedatabase 360 includes adatabase security unit 370 that restricts access to modifying thedatabase 360, as will be described below. For one embodiment, thedatabase 360 is located on a flash memory device, and theuser interface 365 is a flashmemory user interface 365. - A
testing unit 330 initiateslocation receiver 320 to test the current location. Thetesting unit 330 is initialized by atimer 335. Thetimer 335 may include multiple functions. For one embodiment, thetimer 335 simply tests the time expired since the location was last determined. For an alternative embodiment, thetimer 335 tests whether the computer has been off since the last time the location was tested. For yet another embodiment, thetimer 335 tests whether the computer has been in the standby state since the last time the location was tested. Alternatively, a combination of the above testing conditions, or other conditions, may be used to indicate that a new test is appropriate. - A
comparator 340 is further included. Thecomparator 340 receives the current location information from thelocation receiver 320, and compares the current location to a list of authorized locations in thedatabase 360. The comparator transmits a yes/no response, indicating whether or not the current location is an authorized location to theresponse unit 350. - The
response unit 350 responds to an affirmative answer by resetting thetimer 335. Theresponse unit 350 responds to a negative answer by one of a variety of possible responses. These responses are described in more detail with respect to FIG. 5 below. - The security system of the present invention is different from prior art security systems in that it is self-contained. The database included in the security system and the
location receiver 320 together act as a complete system. Prior art systems generally require outside participation. The automobile security system described above requires a user to alert a monitoring station, which then can receive location data from the vehicle. The vehicle itself does not respond to the theft. Additionally, the prior art response is merely permitting monitoring of the location of the vehicle, rather than an affirmative response, as in the present system. - FIG. 4 is a flowchart illustrating one embodiment of the process of location verification. At
block 410 the process starts. Atblock 415, the process tests whethertimer 335 has expired. The timer may have expired because a certain period of time has expired or another event occurred. If the timer is not expired, the process loops back to block 415, to query again. For one embodiment, this system is an interrupt driven system. The process does not continuously query the timer, rather when the timer expires, the timer sends an interrupt to the processor to initiate the process illustrated in FIG. 4. For one embodiment, the entire process runs in the background, without alerting the user. If, atblock 415, the timer has expired, the process continues to block 420. - At
block 420, the system tests that the location receiver is present in the system. Atblock 425, the system queries whether the location receiver was found in the system. If the location receiver was found, the process continues to block 445. - At
block 445, the location receiver is queried for the current location of the computer system. For one embodiment, the location receiver is a GPS receiver, and the GPS receiver determines a current latitude and longitude, and possibly altitude. - At
block 450, the current location, as determined by the location receiver, is compared with location information in the database. Atblock 455, the process tests whether the current location corresponds to an “authorized location” within the database. As will be discussed below, the locations within the database identify those areas to which the computer system may be moved. - If at
block 455, it is determined that the current location is in the database, the process returns to block 415, waiting for timer to expired. - If, however, at
block 455, it is determined that the current location is not in the database, the process continues to block 460. - At
block 460, for one embodiment, a dialog is displayed indicating that the computer is outside of the area for which its use is authorized. For an alternative embodiment, no such dialog is displayed. The process then continues to block 435. - At
block 435, the response mechanism is activated. The response mechanism responds to the computer system being outside of the authorized locations. The specific responses may be any of a range of responses, including turning off the computer, deleting files, etc. The responses will be described in more detail below. After the response mechanism is activated, atblock 435, the process returns to block 415, waiting for the timer to expire. - At
block 425, the system determined whether the location receiver was present in the system. If no receiver is found, the process continues to block 430. Atblock 430, the user is informed of the absence of the receiver, for one embodiment. For an alternative embodiment, no such notification is provided. The process then continues to block 435, where the response mechanism is activated. From there, the process returns to block 415, to wait for the timer to expire again. - FIG. 5 is a flowchart illustrating one embodiment of the selection of the response. This flowchart is initiated when the response mechanism is activated, in
block 435 of FIG. 4. Returning to FIG. 5, the process starts atblock 510. - At
block 515, the system tests whether the user has selected a response mechanism. The user may select one of a set of responses to the failure of the location testing. This selection mechanism is protected via known security techniques. For one embodiment, the user has to enter a password in order to select a response. For one embodiment, after a set number of attempts, the preset mechanism is locked, preventing a thief from breaking into the preset mechanism. Alternative protection for the selection mechanism may be used. For an alternative embodiment, the preset response may not be modified by the user. If the user did not select a response, the system proceeds to block 525. Atblock 525, the response is set to a default response. If the user selected a response, the system proceeds to block 520. Atblock 520, the response is set to the user's selected response. The chart then illustrates some of the possible routes. The system may implement any or all of the responses illustrated. - At
block 530, the system is turned off. The system may turn off and set the timer such that next time the system is turned on, it tests the location prior to doing anything else. For one embodiment, only part of the system is turned off, such as the input devices. - At
block 535, the system is locked. Locking the system prevents access to the system, without turning off the system. This may be useful, for example, if the system were simultaneously sounding an alert, for which the system needs to be turned on. For one embodiment, the system is automatically unlocked when the computer is returned to the designated area. For an another embodiment, the system can only be unlocked by using a special unlocking device such as a key, card, password, or similar system. For one embodiment, the user does not own this special unlocking device. Rather, for example, the system administrator may hold the unlocking device. - At
block 540, the user is warned that the system is not in an authorized location. This may include an audio as well as a visual warning. For one embodiment, the “authorized location” is indicated to the user. Thus, for example, the warning may read “This computer system is only authorized to be used within location X.” - At
block 545, an alert is sounded. Two types of alerts may be sounded. One may be an audible alert similar to a car alarm, indicating to surrounding persons that the system was stolen. In addition, or alternatively, a silent alarm may be transmitted to a predetermined site. For one embodiment, the system may include a cellular telephone or a similar means of communicating with the outside world. In that instance, a telephone alert number may be included within the system to alert the user, the owner of the system, the police, the manufacturer, or another number that the system has been taken outside the authorized area. For an alternative embodiment, if wireless modem is included in the system, the alert may be via e-mail, or other means. - At
block 550, the system deletes sensitive files marked for deletion in the event the system is removed from the authorized area. For one embodiment the system on which this security system is implemented may include highly sensitive files. These sensitive files may be marked for automatic deletion if the system is taken out of the designated geographic area. For one embodiment, the deletion permits recovery, once the system is returned to the appropriate location. For another embodiment, such a deletion is permanent. - Any one or combination of the responses listed in blocks530-550 may be implemented in the present system. Alternative mechanisms may be used to protect the system from removal from a designated geographic location.
- FIG. 6 is a flowchart illustrating one embodiment of the process of adding authorized locations to the present system. The system includes a database of authorized locations. These locations may be as narrow as a particular building, or as broad as all of the United States. For one embodiment, the location is defined by a latitude and longitude information. At
block 610, the process starts. - At
block 620, security is queried for the database. Adding authorized locations to the database is restricted. Otherwise, a thief could simply access the database and add the whole world as authorized area. For one embodiment, the security is a password. For one embodiment, the security is encrypted by a public key of the user, requiring the user's private key to decrypt. For one embodiment, the security includes a hardware device, such as a flash memory device, making it harder to break. Other means of ensuring that only those authorized to alter the database are permitted to access it may be used. For one embodiment, the security check includes testing whether the computer is in an authorized location at the time of access. If the computer is not in an authorized location, the security check fails. - At
block 630, the system tests whether the security check is correct. That is, the system tests whether the user attempting to access the database is authorized to do so. If the security check fails, the system returns to block 620. If the security check is correct, the system continues to block 640. - At
block 640, for one embodiment a map is displayed. For one embodiment, this map is of the United States. For another embodiment, this is a map of the world. For a third embodiment, the user can select the map area to be displayed from a menu or via user entry. - At
block 650, for one embodiment the user is prompted to select an area of the map. This step may be repeated until the map is of sufficient detail to permit the user to select the actual location or locations for authorization. - At block660, the user is prompted to identify actual valid area. For one embodiment, this is done by marking an area within the displayed map. For an alternative embodiment, the steps illustrated in
blocks block 630, the user can directly enter latitude and longitude information. For yet another embodiment, the user may add names of designated areas, such as cities, counties, countries, etc. Alternative methods of adding information about a geographic location may be used. - At
block 670, the map information is translated into the appropriate information for the location receiver. For one embodiment, the location receiver is a GPS system, and the appropriate format is latitude and longitude information. For another embodiment, a different system may be used. For one embodiment this step may be skipped, and the information about the current location may be translated during the testing process illustrated in FIG. 4. - At
block 680, the information is stored in the database. The system then returns to block 610, the starting position. The user may continue adding locations, or in the alternative, end the location addition. For one embodiment, the location addition mechanism is automatically terminated after a certain number of idle minutes. - The
security system 310 may be implemented in a wide variety of systems. For example, thesecurity system 310 may be included in a portable computer. For another embodiment thesystem 310 may be included in systems that have an authorized area of use, such as rental cars/vans. For example, some rental car companies prohibit removing the vehicle from the state or country. This could be monitored using the security system. Other transportable goods which may have an authorized set of locations, for example freight being transported, may also include thesecurity system 310. This may prevent theft of such goods. For one embodiment, thesecurity system 310 may be implemented on the primary chip or motherboard. - For yet another embodiment, the
security system 310 may be included in expensive stereos, video camcorders, high end audio equipment, military systems, defense/military items, kiosks, multimedia systems, mainframes, PBX systems, server systems, routers & hubs, super computers, etc. Thesecurity system 310 may further be included in any organizer that includes sensitive information. Additionally, thesystem 310 may be incorporated into sensitive equipment—f.e. systems under development. Other uses for the security system may be found as well. - In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be evident that various modifications and changes may be made thereto without departing from the broader spirit and scope of the invention as set forth in the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.
Claims (24)
1. A system coupled to a device, the system comprising:
a location receiver for receiving a current location of the system;
a database in the memory including at least one authorized location for the system;
a comparator for comparing the current location with the authorized location; and
a response unit for responding if the current location does not correspond to the authorized location.
2. The system of , wherein the response unit further includes means for disabling the device to which the system is coupled if the current location does not correspond to the authorized location.
claim 1
3. The system of , wherein the response unit is further includes means for sending a warning to a user.
claim 1
4. The system of , wherein the response unit is further includes means for alerting authorities if the current location does not correspond to the authorized location.
claim 1
5. The system of , wherein the response unit is further includes means for deleting files.
claim 1
6. The system of , wherein the response unit is further includes means for locking the computer system until the current location corresponds to the authorized location.
claim 1
7. The system of , further comprising a timer for triggering a comparison by the comparator of the current location and the authorized location on a periodic basis.
claim 1
8. The system of , wherein the location receiver comprises a global positioning system (GPS) receiver.
claim 1
9. The system of , further comprising:
claim 1
a user interface for adding authorized locations to the database.
10. The system of , wherein access to the user interface is protected by a security mechanism.
claim 9
11. The system of , wherein the security mechanism is a password system.
claim 10
12. The system of , wherein the database is on a flash memory card, and wherein the user interface is a flash memory user interface.
claim 9
13. The system of , wherein the user interface further comprises:
claim 9
a map display mechanism for displaying a map; and
a selection mechanism for selecting an area within the map as an authorized location.
14. The system of , further comprising a translation mechanism for translating the area to geographic coordinates for the location receiver.
claim 13
15. A method of security for an item including a processor and a database, the method comprising the computer implemented steps of:
periodically receiving a location information corresponding to a current geographic coordinates of the item from a location receiving unit;
comparing the current location of the item with an authorized location in a database of authorized locations;
reacting if the current location of the item does not correspond to an authorized location.
16. The method of , wherein said step of reacting comprises the step of disabling a computer system.
claim 15
17. The method of , further comprising the step of preventing the computer system from being enabled until the current location corresponds to an authorized location.
claim 16
18. The method of , wherein said authorized location may be a plurality of authorized locations, and said step of comparing the current location comprises the step of comparing each of the plurality of authorized locations with the current location.
claim 15
19. The method of , further comprising the steps of:
claim 15
receiving a request for changing the database of authorized locations;
verifying an authorization to change the database of authorized locations; and
if an authorization is received, enabling a user to add additional authorized locations to the database of authorized locations.
20. The method of , wherein said step of enabling a user to add additional authorized locations comprises the steps of:
claim 19
displaying a map;
prompting the user to select a new authorized location on the map.
21. The method of , further comprising the step of translating the new authorized location into a set of location coordinates.
claim 20
22. The method of , wherein said step of displaying a map comprises the steps of displaying a plurality of increasingly detailed maps based on the user's selections.
claim 20
23. A system comprising:
a processor;
a bus;
a memory coupled to the processor and the bus, the memory including a database including at least one authorized location for the system;
a location receiver for receiving a current location of the system;
the processor for comparing the current location with the authorized location; and
a response unit for responding if the current location does not correspond to the authorized location.
24. The system of , wherein the response unit is further for disabling the processor if the current location does not correspond to the authorized location.
claim 23
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/052,992 US6457129B2 (en) | 1998-03-31 | 1998-03-31 | Geographic location receiver based computer system security |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/052,992 US6457129B2 (en) | 1998-03-31 | 1998-03-31 | Geographic location receiver based computer system security |
Publications (2)
Publication Number | Publication Date |
---|---|
US20010011352A1 true US20010011352A1 (en) | 2001-08-02 |
US6457129B2 US6457129B2 (en) | 2002-09-24 |
Family
ID=21981216
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09/052,992 Expired - Lifetime US6457129B2 (en) | 1998-03-31 | 1998-03-31 | Geographic location receiver based computer system security |
Country Status (1)
Country | Link |
---|---|
US (1) | US6457129B2 (en) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020198848A1 (en) * | 2001-06-26 | 2002-12-26 | Michener John R. | Transaction verification system and method |
US20030162527A1 (en) * | 2000-02-03 | 2003-08-28 | Claus Dorenbeck | System for securing data on a data carrier |
US20050010786A1 (en) * | 2001-03-30 | 2005-01-13 | Michener John R. | Trusted authorization device |
US20050096936A1 (en) * | 2003-10-30 | 2005-05-05 | Thomas Lambers | System for distributing and vending data |
EP1594098A1 (en) * | 2004-05-06 | 2005-11-09 | ArboProfit | Anti-theft location check device |
US20050250440A1 (en) * | 2000-06-30 | 2005-11-10 | Zhou Peter Y | Systems and methods for monitoring and tracking |
US20080065908A1 (en) * | 2006-09-08 | 2008-03-13 | Samsung Electronics Co., Ltd. | Method and system for managing the functionality of user devices |
US7689621B1 (en) * | 2000-11-06 | 2010-03-30 | Navteq North America, Llc | Multi-dimensional spatial index for a geographic database |
US20100175116A1 (en) * | 2009-01-06 | 2010-07-08 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US20100293590A1 (en) * | 2009-05-12 | 2010-11-18 | Sankarlingam Dandabany | Location determined network access |
US20140013420A1 (en) * | 2000-03-21 | 2014-01-09 | Gregory A. Picionielli | Secure portable computer and security method |
DE102005016070B4 (en) * | 2004-04-07 | 2016-01-07 | Denso Corporation | Navigation system with licensing function |
US9639899B1 (en) * | 2013-12-04 | 2017-05-02 | Drivetime Automotive Group, Inc. | Vehicle repossession utilizing tracking device information |
JPWO2020095884A1 (en) * | 2018-11-05 | 2021-09-30 | 株式会社Queen Bee And Drone | Aerial mobile beehive extermination device and beehive extermination method |
WO2022175527A3 (en) * | 2021-02-22 | 2022-11-24 | Marbeuf Conseil Et Recherche | Method for certifying the geolocation of a receiver |
WO2022175528A3 (en) * | 2021-02-22 | 2022-11-24 | Marbeuf Conseil Et Recherche | Method for geolocating a receiver |
US11823199B2 (en) | 2020-04-29 | 2023-11-21 | Capital One Services, Llc | System, method and computer-accessible medium for fraud detection based on satellite relays |
Families Citing this family (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7107612B1 (en) | 1999-04-01 | 2006-09-12 | Juniper Networks, Inc. | Method, apparatus and computer program product for a network firewall |
US6701432B1 (en) * | 1999-04-01 | 2004-03-02 | Netscreen Technologies, Inc. | Firewall including local bus |
US6618810B1 (en) * | 1999-05-27 | 2003-09-09 | Dell Usa, L.P. | Bios based method to disable and re-enable computers |
GB0012445D0 (en) * | 2000-05-24 | 2000-07-12 | Hewlett Packard Co | Location-based equipment control |
US7802291B2 (en) * | 2000-09-08 | 2010-09-21 | United States Postal Service | Systems and methods for providing zip code linked web sites |
US20020161454A1 (en) * | 2001-04-26 | 2002-10-31 | Masaki Mukai | Information processing system, information processing apparatus, information terminal, and method for control thereof |
JP2003288275A (en) * | 2002-03-28 | 2003-10-10 | Fujitsu Ltd | Information security management method, program for executing it, and information security management device |
US10110632B2 (en) * | 2003-03-31 | 2018-10-23 | Intel Corporation | Methods and systems for managing security policies |
US20040248653A1 (en) * | 2003-06-05 | 2004-12-09 | Mark Barros | System and method for providing user interactive experiences according to user's physical location |
US7372839B2 (en) * | 2004-03-24 | 2008-05-13 | Broadcom Corporation | Global positioning system (GPS) based secure access |
US7437447B2 (en) * | 2004-11-12 | 2008-10-14 | International Business Machines Corporation | Method and system for authenticating a requestor without providing a key |
US20060268902A1 (en) | 2005-05-24 | 2006-11-30 | Cingular Wireless Ii, Llc | Dynamic dual-mode service access control, location-based billing, and e911 mechanisms |
US7864673B2 (en) * | 2005-05-24 | 2011-01-04 | At&T Mobility Ii Llc | Dynamic dual-mode service access control, location-based billing, and E911 mechanisms |
US9563576B1 (en) * | 2006-08-31 | 2017-02-07 | Daniel J. Horon | Area-limited software utility |
US8196169B1 (en) * | 2006-09-18 | 2012-06-05 | Nvidia Corporation | Coordinate-based set top box policy enforcement system, method and computer program product |
US7873455B2 (en) * | 2006-09-25 | 2011-01-18 | Cnh America Llc | Work vehicle access monitoring and control system |
US8189107B1 (en) | 2007-03-12 | 2012-05-29 | Nvidia Corporation | System and method for performing visual data post-processing based on information related to frequency response pre-processing |
US20080271150A1 (en) * | 2007-04-30 | 2008-10-30 | Paul Boerger | Security based on network environment |
JP5260908B2 (en) * | 2007-07-20 | 2013-08-14 | 日本電気通信システム株式会社 | Control device, communication device, control system, control method, and control program |
US10540651B1 (en) | 2007-07-31 | 2020-01-21 | Intuit Inc. | Technique for restricting access to information |
US20090222832A1 (en) * | 2008-02-29 | 2009-09-03 | Dell Products, Lp | System and method of enabling resources within an information handling system |
US20090249456A1 (en) | 2008-03-25 | 2009-10-01 | Level 3 Communications Llc | System and method for authorizing and validating user agents based on user agent location |
US20100033433A1 (en) * | 2008-08-08 | 2010-02-11 | Dell Products, Lp | Display system and method within a reduced resource information handling system |
US8863268B2 (en) * | 2008-10-29 | 2014-10-14 | Dell Products, Lp | Security module and method within an information handling system |
US8370673B2 (en) * | 2008-10-30 | 2013-02-05 | Dell Products, Lp | System and method of utilizing resources within an information handling system |
US8037333B2 (en) | 2008-10-31 | 2011-10-11 | Dell Products, Lp | Information handling system with processing system, low-power processing system and shared resources |
US8560648B2 (en) | 2010-11-10 | 2013-10-15 | Microsoft Corporation | Location control service |
US9068374B2 (en) * | 2010-12-06 | 2015-06-30 | PES School of Engineering | Vehicle management system |
US9165289B2 (en) * | 2011-02-28 | 2015-10-20 | Ricoh Company, Ltd. | Electronic meeting management for mobile wireless devices with post meeting processing |
US9411970B2 (en) * | 2011-08-19 | 2016-08-09 | Microsoft Technology Licensing, Llc | Sealing secret data with a policy that includes a sensor-based constraint |
US9031281B2 (en) | 2012-06-22 | 2015-05-12 | Microsoft Technology Licensing, Llc | Identifying an area of interest in imagery |
WO2018195804A1 (en) * | 2017-04-26 | 2018-11-01 | 深圳华大北斗科技有限公司 | Satellite navigation chip integrated with data security function and application method therefor |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4873513A (en) * | 1987-08-26 | 1989-10-10 | Geodisplay Technology Limited Partnership | Automated map display system |
US5892454A (en) * | 1993-12-21 | 1999-04-06 | Trimble Navigation Ltd. | Hybrid monitoring of location of a site confinee |
US5751245A (en) * | 1994-03-25 | 1998-05-12 | Trimble Navigation Ltd. | Vehicle route and schedule exception reporting system |
US5918222A (en) | 1995-03-17 | 1999-06-29 | Kabushiki Kaisha Toshiba | Information disclosing apparatus and multi-modal information input/output system |
US5887140A (en) | 1995-03-27 | 1999-03-23 | Kabushiki Kaisha Toshiba | Computer network system and personal identification system adapted for use in the same |
US5532690A (en) * | 1995-04-04 | 1996-07-02 | Itt Corporation | Apparatus and method for monitoring and bounding the path of a ground vehicle |
US5927240A (en) * | 1995-04-07 | 1999-07-27 | Maxon; Eric A. | Housing shared by vehicle component and disabling switch and decoder |
US5887269A (en) * | 1995-04-07 | 1999-03-23 | Delco Elecronics Corporation | Data product authorization control for GPS navigation system |
JPH09190236A (en) * | 1996-01-10 | 1997-07-22 | Canon Inc | Method, device and system for processing information |
US5825283A (en) * | 1996-07-03 | 1998-10-20 | Camhi; Elie | System for the security and auditing of persons and property |
US5870029A (en) * | 1996-07-08 | 1999-02-09 | Harris Corporation | Remote mobile monitoring and communication system |
US5878223A (en) | 1997-05-07 | 1999-03-02 | International Business Machines Corporation | System and method for predictive caching of information pages |
-
1998
- 1998-03-31 US US09/052,992 patent/US6457129B2/en not_active Expired - Lifetime
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030162527A1 (en) * | 2000-02-03 | 2003-08-28 | Claus Dorenbeck | System for securing data on a data carrier |
US6883052B2 (en) * | 2000-02-03 | 2005-04-19 | Tele Atlas N.V. | System for securing data on a data carrier |
US10552583B2 (en) * | 2000-03-21 | 2020-02-04 | Gregory A. Piccionelli | Secure portable computer and security method |
US20140013420A1 (en) * | 2000-03-21 | 2014-01-09 | Gregory A. Picionielli | Secure portable computer and security method |
US20050250440A1 (en) * | 2000-06-30 | 2005-11-10 | Zhou Peter Y | Systems and methods for monitoring and tracking |
US7689621B1 (en) * | 2000-11-06 | 2010-03-30 | Navteq North America, Llc | Multi-dimensional spatial index for a geographic database |
US20050010786A1 (en) * | 2001-03-30 | 2005-01-13 | Michener John R. | Trusted authorization device |
US7028191B2 (en) | 2001-03-30 | 2006-04-11 | Michener John R | Trusted authorization device |
US20020198848A1 (en) * | 2001-06-26 | 2002-12-26 | Michener John R. | Transaction verification system and method |
US20050096936A1 (en) * | 2003-10-30 | 2005-05-05 | Thomas Lambers | System for distributing and vending data |
DE102005016070B4 (en) * | 2004-04-07 | 2016-01-07 | Denso Corporation | Navigation system with licensing function |
EP1594098A1 (en) * | 2004-05-06 | 2005-11-09 | ArboProfit | Anti-theft location check device |
WO2005109363A1 (en) * | 2004-05-06 | 2005-11-17 | Arboprofit | Anti-theft location check device |
US20090009283A1 (en) * | 2004-05-06 | 2009-01-08 | Arboprofit | Anti-Theft Location Check Device |
US9685055B2 (en) | 2004-05-06 | 2017-06-20 | Arboprofit | Anti-theft home location check device |
US8302150B2 (en) * | 2006-09-08 | 2012-10-30 | Samsung Electronics Co., Ltd. | Method and system for managing the functionality of user devices |
US20080065908A1 (en) * | 2006-09-08 | 2008-03-13 | Samsung Electronics Co., Ltd. | Method and system for managing the functionality of user devices |
US20100175116A1 (en) * | 2009-01-06 | 2010-07-08 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US8961619B2 (en) * | 2009-01-06 | 2015-02-24 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US9928500B2 (en) | 2009-01-06 | 2018-03-27 | Qualcomm Incorporated | Location-based system permissions and adjustments at an electronic device |
US20100293590A1 (en) * | 2009-05-12 | 2010-11-18 | Sankarlingam Dandabany | Location determined network access |
US9112879B2 (en) * | 2009-05-12 | 2015-08-18 | Hewlett-Packard Development Company, L.P. | Location determined network access |
US9639899B1 (en) * | 2013-12-04 | 2017-05-02 | Drivetime Automotive Group, Inc. | Vehicle repossession utilizing tracking device information |
JPWO2020095884A1 (en) * | 2018-11-05 | 2021-09-30 | 株式会社Queen Bee And Drone | Aerial mobile beehive extermination device and beehive extermination method |
US11823199B2 (en) | 2020-04-29 | 2023-11-21 | Capital One Services, Llc | System, method and computer-accessible medium for fraud detection based on satellite relays |
WO2022175527A3 (en) * | 2021-02-22 | 2022-11-24 | Marbeuf Conseil Et Recherche | Method for certifying the geolocation of a receiver |
WO2022175528A3 (en) * | 2021-02-22 | 2022-11-24 | Marbeuf Conseil Et Recherche | Method for geolocating a receiver |
Also Published As
Publication number | Publication date |
---|---|
US6457129B2 (en) | 2002-09-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6457129B2 (en) | Geographic location receiver based computer system security | |
US6392565B1 (en) | Automobile tracking and anti-theft system | |
US6362736B1 (en) | Method and apparatus for automatic recovery of a stolen object | |
EP1579404B1 (en) | Method and system for monitoring the location of a device | |
US20070168294A1 (en) | Digital content use right management system | |
CA1277400C (en) | Anti-theft and locating system | |
US6363254B1 (en) | System and method for enciphering and communicating vehicle tracking information | |
US8095267B2 (en) | Door-lock control system, door-lock control method | |
US20020135466A1 (en) | Vehicle security system and method | |
US20060206261A1 (en) | Systems, methods, and media for route control of a vehicle | |
US20050202830A1 (en) | Method and system for monitoring location of a cellular phone in relation to a predefined geographic area with automatic notation of boundary violations | |
US20050086391A1 (en) | Location sensitive software download | |
US20070035441A1 (en) | Simple device and method to return a user to a location | |
CN101934779A (en) | Intelligent vehicle anti-theft method and system | |
US20070200674A1 (en) | Electronic device having a location-based security feature | |
US20060293842A1 (en) | Vehicle recovery system and method | |
CA2804188A1 (en) | Automatic creation and modification of dynamic geofences | |
JPH08136639A (en) | Method for chasing stolen vehicle | |
JP2009043070A (en) | Onboard wireless reporting device, warning notification system, and program for onboard wireless reporting device | |
WO2000039602A1 (en) | Portable computer locating device | |
Usman et al. | A Model for Smart Vehicle Tracking: A Review. | |
Chandan et al. | Antitheft protection of vehicle by using Raspberry Pi & GPS with fingerprint verification | |
EP4266629A1 (en) | One-time code generation apparatus | |
Nadu et al. | Anti-theft vehicle tracking with automatic police notifying using haversine formula | |
CN111479727B (en) | Assistance method, communication device and assistance system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTEL CORPORATION, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:O'MAHONY, BARRY A.;REEL/FRAME:009169/0954 Effective date: 19980423 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
FPAY | Fee payment |
Year of fee payment: 12 |