Abstract: A virtual machine monitor provides a trusted operating environment for a software usage metering application when a qualified virtual machine monitor is loaded as part of trusted boot and when all other programs and operating systems run in containers managed by the virtual machine monitor. The virtual machine monitor may also host a locking application for limiting the functionality of the computer if contractual terms of use are not met. Both the metering and locking applications run at a higher privilege level than ring 0, at the same level as the virtual machine monitor.

Abstract: A hardware-based security module is used to protect an electronic device, especially a portable electronic device. The security module may determine either via timeout of a watchdog timer or via an explicit message to encrypt selected data on the electronic device. In addition, the electronic device may enter a limited function mode that only allows display of simplistic messages and supports network traffic with a recovery service. The recovery service may be able to use the network traffic to locate the electronic device. The security module may include a secure memory, a cryptographic function, a timer, and support for direct display of data on a monitor.

Abstract: A computer or other electronic device requiring physical integrity of its components, for example, a pay-per-use computer may use a master security device in communication with a plurality of slave security devices, known as security beans. Each security bean may be given a cryptographic key or keys for use in authenticating communication with the master security device. Each security bean may be coupled to an associated component and may have the ability to disable that associated component. In one embodiment, security bean has an analog switch that may be configured to block or attenuate a critical signal used by the associated component. The security bean may start up in the disable mode and respond to a verified signal from the master security device to enable its corresponding component.

Abstract: In a pay-per-use computer environment, particularly when network access is limited, self-monitoring tools on a pay-per-use computer may require special support from a host/server. The host/server must be able to respond to requests quickly and efficiently and yet maintain full information required to service requests and updates. A key management table and a device management table provide critical information required to service requests. Use of SQL notifications allows local database caches to remain current but quickly accessible.

Abstract: A hardware-based security module is used to protect an electronic device, especially a portable electronic device. The security module may determine either via timeout of a watchdog timer or via an explicit message to encrypt selected data on the electronic device. In addition, the electronic device may enter a limited function mode that only allows display of simplistic messages and supports network traffic with a recovery service. The recovery service may be able to use the network traffic to locate the electronic device. The security module may include a secure memory, a cryptographic function, a timer, and support for direct display of data on a monitor.

Abstract: A computer or other electronic device may be used in one of several selectable modes of operation. Computer resources, such as a processor, memory, or a graphics controller, are individually settable for operation at different levels of performance. A mode of operation or performance level is determined by the combination of individual settings for the various resources. Pay-per-use operation is charged at a rate determined by the mode of operation or performance level. Operation in a gaming mode may be charged at a higher rate than operation in web-browsing mode. A metering agent may be associated with each scalable use resource to securely set the performance level and to securely report on metered operation of the resource.

Abstract: In a pay-per-use computer environment, particularly when network access is limited, self-monitoring tools on a pay-per-use computer may require special support from a host/server. The host/server must be able to respond to requests quickly and efficiently and yet maintain full information required to service requests and updates. A key management table and a device management table provide critical information required to service requests. Use of SQL notifications allows local database caches to remain current but quickly accessible.

Abstract: A computer with scalable performance level components and selectable software and service options has a user interface that allows individual performance levels to be selected. The scalable performance level components may include a processor, memory, graphics controller, etc. Software and services may include word processing, email, browsing, database access, etc. To support a pay-per-use business model, each selectable item may have a cost associated with it, allowing a user to pay for the services actually selected and that presumably correspond to the task or tasks being performed. An administrator may use a similar user interface to set performance levels for each computer in a network, allowing performance and cost to be set according to a user's requirements.

Abstract: A virtual machine monitor provides a trusted operating environment for a software usage metering application when a qualified virtual machine monitor is loaded as part of trusted boot and when all other programs and operating systems run in containers managed by the virtual machine monitor. The virtual machine monitor may also host a locking application for limiting the functionality of the computer if contractual terms of use are not met. Both the metering and locking applications run at a higher privilege level than ring 0, at the same level as the virtual machine monitor.

Abstract: A computer or other electronic device requiring physical integrity of its components, for example, a pay-per-use computer may use a master security device in communication with a plurality of slave security devices, known as security beans. Each security bean may be given a cryptographic key or keys for use in authenticating communication with the master security device. Each security bean may be coupled to an associated component and may have the ability to disable that associated component. In one embodiment, security bean has an analog switch that may be configured to block or attenuate a critical signal used by the associated component. The security bean may start up in the disable mode and respond to a verified signal from the master security device to enable its corresponding component.

Abstract: A pay-per-use business model relies on an accurate, or at least, un-tampered, time reference for the administration of prepaid usage time, e.g. hours, or subscription expiration dates. A protocol for provisioning usage requires that any electronic device request for provisioning includes current time at the device. A server responding to the request may evaluate the time at the device and send an updated time when the current time at the device is outside a variance limit. If the electronic device repeatedly sends requests with inaccurate time, the server may cease sending time updates and block the electronic device from further updates for suspected tampering.

Abstract: A metered-use computer is operable in a number of states or modes to accommodate manufacture, test, operation and end-of-life. During manufacturing, a security module may be set to a non-metered mode, where no measurements are taken. At the end of the manufacturing process, the security module may be set to an active mode where metering and measurement of the computer are enforced. When terms of a purchase contract or other user agreement are satisfied, the computer may be set to a non-enforcement state where all metering and metering-related security are disabled. A one-time reset of the active mode is supported to allow end-of-line quality assurance testing.

Abstract: A management console may be used to monitor available usage on a pay-per-use electronic device, such as a pay-per-use computer. When the management console determines that any of tie monitored electronic devices has reached a trigger level the management console may re-charge the electronic device with value. The value may be taken from a local pool of value stored at the management console or the an add-value transaction may be generated at the management console on behalf of the pay-per-use electronic device. In an Internet cafe or similar environment, the use of the management console shields individual users from usage purchase transactions for individual pay-per-use electronic devices.