Abstract: A system and method for detecting and storing information regarding a mobile communications device within a mobile communications network. Initially, a first data record is received at a subscriber/device database comprising subscriber/device data. Next, a second data record is received at the subscriber/device database comprising additional subscriber/device data. A first data record of a subscriber may then be compared to a second data record of the same subscriber, and if the first data record is different from the second data record a service provider may be notified.

Abstract: A system and method of recovering encoded information contained in a device by storing and retrieving at least part of the necessary decoding data by setting and measuring the physical characteristics of the device. Storage and recovery options include, but are not limited to, measurement of electronic or optical characteristics of electrically or optically conductive portions of the device using a range of measurement techniques that include, but are not limited to, time-domain reflectometry.

Abstract: An electronic device, prior to entering a distribution channel, is equipped with a loss prevention client which permits limited use of the device until correct authentication is provided by a legitimate purchaser. By permitting limited use before authentication, the device remains both useful to a legitimate purchaser and valuable to a thief. While allowing operation in the possession of a thief, options can be provided to permit tracking of the device or to allow proper purchase of the device.

Abstract: The present invention relates to secure paper (1), characterized by the fact that it comprises: at least one fiber layer (2); and at least one electronic chip (3) integrated in the fiber layer (2), said chip (3) including a memory (10) in which at least a first key is stored for use in authenticating the secure paper; the chip being configured to spoil, and in particular to delete, the first key in the event of an attempt at forced access to the chip, so as to make it impossible subsequently to authenticate the secure paper (1).

Abstract: A traceability method is provided for an electronic payment terminal, in the event of a theft thereof. The method includes the following steps: detection of a lack of contact with a base and/or another terminal associated with the terminal, for a predetermined time span, generating a passage of the terminal into a stolen state; and in the stolen state, storage, in a secure memory area of the terminal, of a series of successive tracking data each associated with time stamp information, so as to enable reconstruction of a route followed by the terminal.

Abstract: A data processing apparatus includes: a determination section that is connected to a storage and determines whether or not the storage is unauthorized; and a fraud handling section that erases information in all area of the storage as a fraud handling processing if the determination section determines that the connected storage is unauthorized.

Abstract: A container security device includes a housing, electronic circuitry, and cabling. The electronic circuitry is disposed within the housing, and includes first and second microprocessor functions and an interface for accepting and providing data. The cabling is removably coupled to the housing, provides the only communicative coupling between the first microprocessor function and the second microprocessor function, and is adapted to be attached to a container latch so as to break the communicative coupling if the latch is opened. The housing includes a port for the electronic circuitry interface. A method of providing container security includes closing a container using a latch device and removably coupling the cabling to the housing so that the communicative coupling is broken if the latch is opened, providing the only communicative coupling between the first microprocessor function and the second microprocessor function.

Abstract: A wireless handset configured to be remotely accessed is described. The wireless handset comprises a user interface, a handset memory, a processor, and a software module. The user interface resident on the wireless handset is configured to enable the wireless handset to be remotely controlled with a remote lock password. The handset memory stores the remote lock password. The processor is adapted to receive a remote lock message from another electronic device. The remote lock message comprises a received password and a target phone number. The software module matches the received password with the remote lock password and then proceeds to send at least one call to the target phone number. Additionally, a method for controlling usage of the wireless handset is also described.

Abstract: An anti-tamper module is provided for protecting the contents and functionality of an integrated circuit incorporated in the module. The anti-tamper module is arranged in a stacked configuration having multiple layers. A connection layer is provided for connecting the module to an external system. A configurable logic device is provided for routing connections between the integrated circuit and the connection layer. Specifically, the configurable logic device is programmable to create logical circuits connecting at least one of the input/output connectors of the integrated circuit to at least one of the input/output connectors of the connection layer. Configuration information for programming the reconfigurable logic device is stored in a memory within the module.

Abstract: A router comprises a local network interface and routing services. The router also includes a data exchanger interface that can be configured to connect to a data exchanger. A security enclosure is configured to cover the data exchanger when the data exchanger is connected to the data exchanger interface.

Abstract: A persistent security system comprises a computing system comprising an operating system (OS), a basic input/output system (BIOS) and a hard disk drive (HDD), the OS configured to initiate a call to the BIOS to cause the BIOS to write an instance of a security routine to the HDD.

Abstract: An electronic device prior to entering a distribution channel is equipped with a Loss Prevention Client which permits limited use of the device until correct authentication is provided by a legitimate purchaser. By permitting limited use before authentication, the device remains both useful to a legitimate purchaser and valuable to a thief. While allowing operation in the possession of a thief, options can be provided to permit tracking of the device or to allow proper purchase of the device.

Abstract: A method for tracing an item may include encrypting item information using an identity-based encryption scheme with a batch number for an item as an encryption key and communicating the encrypted item information for storage on a radio frequency identification (RFID) tag for attachment to the item.

Abstract: Methods, systems, and articles of manufacture consistent with the present invention provide for administering a protected item. An anti-theft key encoded with a radio frequency identification of the user and biometric data of the user is provided. The anti-theft key is associated with the protected item such that the protected item is accessible with the anti-theft key.

Abstract: A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level. The system and method thus provide a method for securing only selected data types, depending on the authorization level of the issuer of the command.

Abstract: A theft prevention system capable of preventing theft of a target object by disabling the authorized key of the target object in the case where the authorized key has been stolen. When the authorized key is lost, a mobile telephone instructs a vehicle control device to set a warning mode. On receipt of this warning mode instruction, the vehicle control device sets warning mode, generates an electronic key, and transmits the generated electronic key to the mobile telephone, which receives and stores the electronic key. Once the warning mode is set in the vehicle, locking and unlocking are only possible using the electronic key. If the authorized key is found, the mobile telephone instructs the vehicle control device to set the normal mode. Upon receipt of this normal mode instruction, the vehicle control device sets the normal mode in the vehicle.

Abstract: Systems for providing a tune master caller identification (ID) device include a telecommunications network and a caller device configured to provide caller identification information for an incoming telephone call, and a tune master caller ID device that is coupled to a telephone device. The tune master caller ID device receives caller identification information, associates a tune with the caller identification information, and plays the tune associated with the caller identification. The telephone device coupled to the tune master caller ID device provides telephone call processing capabilities. Other systems and methods are also provided.

Abstract: Data in a portable electronic device is protected by using external and internal status detection means to determine if the device is misplaced, lost, or stolen. The device then takes, singly or in combination, one of several actions to protect the data on the device, including declaring its location to an owner or service provider, locking the device or specific functions of the device to disable all data retrieval functionality, erasing or overwriting all the stored data in the device or, where the data has been stored in the device in an encrypted format, destroying an internally-stored encryption key, thereby preventing unauthorized access to the encrypted data in the device.

Abstract: This invention discloses a system and method for selective erasure, encryption and or copying of data on a remote device if the remote device has been compromised or the level of authorization of a roaming user in charge of the remote device has been modified.

Abstract: A method and apparatus for scanning structured data from a data repository having an arbitrary data schema and for applying a policy to the data of the data repository are described. In one embodiment, the structured data is converted to unstructured text data to allow a schema-independent policy to be applied to the text data in order to detect a policy violation in the data repository regardless of the data schema used by the data repository.

Abstract: A system and methods for coordinating the operation of a client security module and a host security module on a mobile electronic device. The modules communicate with each other through a platform abstraction layer using application programming interfaces to coordinate their activities. In particular, the client security module instructs the host security module when to lock and unlock the device, and the host security module alerts the client security module to attempts by the user to lock or unlock the device.

Abstract: A portable computing system docking security system comprises a security module disposed in the portable computing system and configured to detect an undocking of the portable computing system from a docking station, the security module configured to automatically determine whether the undocking is an unauthorized undocking event.

Abstract: By attaching a connector 16 to an interface device connector 105, engaging a hook member 17 in a security slot 106, and attaching a security cable 30 to a first security slot 21, displacement of a link bar 19 is regulated by a head portion 32 of the security cable 30 and displacement of the connector 16 and the hook member 17 can be regulated. Since a computer 100 and an interface device 10 can be protected against theft by the single security cable, they can be shifted to the locked state with ease.

Abstract: In one embodiment, the present invention includes a method for executing an application to perform voice over Internet protocol (VoIP) telephony, requesting a hardware key from a line interface device, comparing the hardware key to a software key associated with the application, and enabling the VoIP telephony if the keys match.

Abstract: A system includes an integrated circuit card, a tray configured to receive the integrated circuit card, a connector, and a housing configured to receive the connector. The housing is configured to attach to a mobile communication device, the connector is configured to couple the tray and the integrated circuit card to the mobile communication device, the tray includes one or more one way snaps that are configured to lock the tray and the integrated circuit card to one or more of the connector, the housing, and the mobile communication device, and the tray includes a means for engaging and damaging one or more leads on the connector when attempts are made to disengage the tray and the integrated circuit card from the connector.

Abstract: System (10) for remotely controlling and monitoring a food refrigerator (1), and its content, of the type intended to be given in rental or in free loan from a manufacturer to a vendor of cold products, comprising a control unit (2) for checking and storing a plurality of functioning parameters of the food refrigerator (1), an RFID reader (3) intended to read data stored in a plurality of RFID tags attached to the cold products, a communication unit (4) for interconnecting an external device, the RFID reader (3) comprising means for retrieving data from said RFID tags when the cold products are still stocked inside the food refrigerator (1) and the communication unit (4) localization means for transmitting information to the external device about a geographical localization of the food refrigerator (1). System (10) according to claim 1 wherein said means produce a radio frequency signal at predetermined time intervals for activating said RFID tags.

Abstract: There is a provided a semiconductor device having a high security whose power consumption is difficult to analyze even without setting up random characteristic to the processing time. The semiconductor device includes a target circuit (14), a sub-target circuit (15) having the same circuit configuration as the target circuit (14), and a dummy bit string generation circuit (11) for generating a bit string of a dummy serial input signal to be inputted to the sub-target circuit (15) according to the bit string of the serial input signal of the target circuit (14).

Abstract: A method and system for wireless intrusion detection, prevention and security management. The method and system provides autonomous wireless intrusion detection and prevention, with minimal or no operator intervention. The method and system includes a smart wireless radio frequency (RF) antenna subsystem with an adaptive RF beamformer for adaptively and dynamically positioning RF null in a wireless RF transmission beam pattern to block one more rouge wireless network devices from accessing a wireless network such as aboard a military ship.

Abstract: A coprocessor includes a calculation unit for executing at least one command, and a securization device. The securization device includes an error detection circuit for monitoring the execution of the command so as to detect any execution error, putting the coprocessor into an error mode by default as soon as the execution of the command begins, and lifting the error mode at the end of the execution of the command if no error has been detected, an event detection circuit for monitoring the appearance of at least one event to be detected, and a masking circuit for masking the error mode while the event to be detected does not happen, and declaring the error mode to the outside of the coprocessor if the event to be detected happens while the coprocessor is in the error mode. Application in particular but not exclusively to coprocessors embedded in integrated circuits for smart cards.

Abstract: A lost or stolen computing device is recovered. A trusted server is requested to locate the computing device. The trusted server requests coarse location information from the computing device, and the computing device reports its coarse location. The trusted server then requests that the computing device transmit wireless local area networks signal so that it may be recovered.

Abstract: A method, apparatus, and system for securing data on a removable memory device, which is removably coupled to and accessible by a computing apparatus, are disclosed. Upon an attempt by a user to access the removable memory device, a manual key is recovered by a manual key interface device. This manual key is used to authenticate the identity of the user. Upon the authentication where the user identity corresponds to authorized access to the memory device, the access is enabled. Upon the authentication, where the user identity does not correspond to authorized access to the memory device, the access is prohibited.

Abstract: A theft protection for an electronic device, in particular an optionally portable computer, a mobile telephone or a PDA, includes an electrical cable (2) with a coupling connector (3) for coupling to a corresponding coupling connector of the device. Alarm elements are connected to the cable (2) which are able and adapted to generate an alarm signal in the case the device is stolen. The alarm elements (4) are accommodated in a housing (1) separate from the device. The housing is provided with fastening elements (5) for a mechanical connection of the housing to a fixed object (9). The alarm elements include detection elements which are adapted and able to detect an interruption of the electrical cable connection (2), in addition to signalling elements (4) which generate the alarm signal when the interruption is detected.

Abstract: The present invention relates to a coprocessor comprising a calculation unit for executing a command, and a securization device for monitoring the execution of the command and supplying an error signal having an active value as soon as the execution of the command begins and an inactive value at the end of the execution of the command, if no abnormal progress in the execution of the command has been detected. The coprocessor further comprises means for preventing access to at least one unit of the coprocessor, while the error signal is on the active value. Application is provided particularly but not exclusively to the protection of integrated circuits for smart cards against attacks by fault injection.

Abstract: Data stored in a portable storage device are encrypted, for example by a processor of the portable storage device itself, using a backup key and stored in a backup medium. The backup key is protected by being stored in a backup key storage medium, such as an internet server, a pocketable medium or a trusted computer, preferably after being encrypted using a password. As needed, the backup key is retrieved and used to decrypt the data from the backup medium. The decrypted data are restored to the original portable storage device or to a different portable storage device.

Abstract: Methods and apparatus are provided for configuring a device based on proximity to another device. A user device is configured by obtaining one or more configuration rules that establish one or more configuration parameters of the user device based on a proximity to one or more additional general purpose devices; determining whether one or more of the configuration rules are satisfied; and configuring the user device based on the satisfied one or more configuration rules. The configuration rules can be configured by an authorized user of the user device. The proximity comprises a predefined physical relationship between devices that is based on distance, such as a radius around a given device, or a physical relationship, such as in the same room or building, or within a communication range of a device.

Abstract: Systems and methods for personalizing devices using data objects in a manner that deters theft and provides a mechanism for finding lost devices are described. In one embodiment, one of the methods includes uniquely registering a device and an owner of the device with the system. The method further includes personalizing the registered device to include lost and found information, such as by creating an image data object to include the information or providing a text data object that includes the information. In another method, a lost and found tracking service is used to receive a report of a found device from a finder and to determine an associated owner of the found device in order to contact the owner and convey information regarding the finder.

Abstract: Network registration for a device is achieved by providing the device with an RFID chip bearing a MAC address, cryptographic capabilities and keys, and then disposing the device near a registration server (such as a home network server/server TV) to cause the information on the RFID chip to be automatically transferred to the server and thus execute registration of the device on the network automatically, relieving a person from having to enter long strings of numbers.

Abstract: A storage device system has a plurality of storage devices for storing information; a storage device control section that controls storage of information in the storage devices; and a connection unit connected to the storage device control section. Furthermore, the storage device system has a first communication control section that includes a first processor which is connected to the storage device control section via the connection unit and also connected on a first network external to the storage device system, which converts information of a first form received over the first external network into information of a second form, and which issues a request for access to the storage devices; and a second processor which accesses the storage devices via the connection unit and the storage device control section in response to the access request issued from the first processor, and which controls activation of the first processor.

Abstract: A method and apparatus for retrieving lost or stolen network devices. The network devices may be configured with loss prevention logic that may be enabled during initial setup of the network device. The loss prevention logic may detect predefined events that occur at the network device and generate messages to a server upon detecting the predefined events. The messages may include a location, for example, an IP address of the network device, which may enable authorities to locate and retrieve lost or stolen network devices. Once enabled, the loss prevention may be disabled by a predefined message received from the server.

Abstract: Multiple battery authentication security levels and procedures alert a user of counterfeit or unapproved batteries that are installed after manufacture of the wireless communication device. In an exemplary a battery authentication system, a mobile device sends a pre-stored plain text to a battery installed in the mobile device. An approved battery receives the plain text and performs an encryption algorithm on the plain text. Encrypted text is sent back to the mobile device. The mobile device compares the received encrypted text with a pre-stored encrypted text. If the received encrypted text matches the pre-stored encrypted text, then the battery is authenticated. Upon completion of the authentication of the installed battery, the mobile phone conducts normal battery and charging operation. If the received encrypted text does not match the pre-stored encrypted text, then the device enters authentication failure events that limit the use of the battery.

Abstract: Systems and methods are disclosed according to the implementations of the present disclosure for determining whether a cable modem has been placed in an unauthorized location. One system, among others, comprises a first cable modem and a second cable modem. The first cable modem is configured to transfer data between a first subscriber device and a headend facility and is intended to be used in a first residence. The second cable modem is configured to transfer data between a second subscriber device and the headend facility and is also intended to be used in the first residence. The first cable modem sends first information, corresponding to at least one parameter of the first cable modem, to the second cable modem. The second cable modem compares the first information with second information corresponding to at least one parameter associated with the second cable modem.

Abstract: A system and methods are provided for remotely recovering and purging data from a wireless device in a communications network. The system includes a wireless device capable of executing a data recovery/purge application program for receiving a message from a communications device in the network. The application program retrieves the data in the wireless device, purges the data from the wireless device, and sends a return message, including the data retrieved from the wireless device, to the communications device.

Abstract: The invention particularly relates to an electrical device for connection to a predetermined network containing at least one watchdog device. The electrical device comprises configuration means for authorizing its operation in the presence of said watchdog device, where these configuration means are based on the recording of a watchdog device public identifier in storage means of the electrical device; means for identifying at least one watchdog device when the electrical device is connected to any network containing such a watchdog device, and means for disabling the electrical device if the watchdog device identified does not correspond to the watchdog device for which it was configured or if said network does not contain a watchdog device. The invention also concerns an antitheft system and a method for pairing devices.

Abstract: A method of protecting secret key integrity in a hardware cryptographic system includes first obtaining an encryption result and corresponding checksum of known data using the secret key, saving those results, then masking the secret key and storing the masked key. When the masked key is to be used in a cryptographic application, the method checks key integrity against fault attacks by decrypting the prior encryption results using the masked key. If upon comparison, the decryption result equals valid data, then the key's use in the cryptographic system can proceed. Otherwise, all data relating to the masked key is wiped from the system and fault injection is flagged.

Abstract: A method and apparatus are described that control the supply of electrical power to one or more components of a computing device. Other embodiments are described and claimed.

Abstract: A docking system for supporting a portable electronic device with a vertical operational orientation and a horizontal operational orientation is disclosed. The docking system includes a base stand unit that has a flat top surface. Additionally, there is a device support platform that is rotatably mounted to the base stand unit. The device support platform defines a cradle portion that is engageable to the portable electronic device. The device support platform has a first position corresponding to the vertical operational orientation, and a second position corresponding to the horizontal operational orientation.

Abstract: The invention describes a method for hardening a security mechanism against physical intrusion and substitution attacks. A user establishes a connection between a network peripheral device and a network via a security mechanism. The security mechanism includes read only memory (ROM) that contains code that initiates operation of the mechanism and performs authentication functions. A persistent memory contains configuration information. A volatile memory stores user and device identification information that remains valid only for a given session and is erased thereafter to prevent a future security breach. A tamper-evident enclosure surrounds the memory elements, which if breached, becomes readily apparent to the user.

Abstract: A system and method to support identity theft protection and, in particular, to a system and method for supporting identity theft protection as part of a distributed service oriented ecosystem in information management systems (IMS) and non-IMS networks. The system includes an identity session initiation protocol (SIP) application server configured to act as a security assertion markup language (SAML) bridge, which allows an SIP enabled device or a non-SIP enabled device to attach to a telecommunications service provider network. A user may accept or reject an authorization request using the SIP enabled device or non-SIP enabled device.

Abstract: Masking a boot sequence by providing a dummy processor is provided. One of the processors of a multiprocessor system is chosen to be a boot processor. The other processors of the multiprocessor system execute masking code that generates electromagnetic and/or thermal signatures that mask the electromagnetic and/or thermal signatures of the actual boot processor. The execution of the masking code on the non-boot processors preferably generates electromagnetic and/or thermal signatures that approximate the signatures of the actual boot code execution on the boot processor. One of the non-boot processors is selected to execute masking code that is different from the other masking code sequence to thereby generate an electromagnetic and/or thermal signature that appears to be unique from an external monitoring perspective.

Abstract: Structures and methods within an integrated circuit for controlling access to secured information embedded therein. A security block embedded within an integrated circuit (e.g., an SOC) may control authorized and unauthorized access to secured information stored within a memory of the integrated circuit. The security block may combine security key techniques and structures with a counting technique and structure such that when a maximum number of unauthorized attempts are detected, all further access to the secured information will be denied thereby rendering the IC unusable. In one aspect, the counting features may be implemented using a one time programmable register comprising a plurality of one time programmable bits such that each bit may be set to indicate detection of an unauthorized access attempt. If all bits of the OTP register are so set, the maximum number of unauthorized attempts has been detected and the circuit precludes all further access attempts.