Abstract: A storage device assembly includes a sealed housing having a base and a cover. A storage medium is disposed within the sealed housing. A security feature within the housing is adapted to damage at least a portion of the storage medium if the sealed housing is opened.

Abstract: A secure terminal comprises: primary means consisting of processing means, data and program storage means, security means and data input means, wherein the components of the primary means are interconnected by a first data bus; peripheral means consisting of printing means, means for reading from/writing to a card and means for accessing a telecommunications network, wherein the components of the peripheral means are interconnected by a second data bus; and power supply means connected to the primary and peripheral means. The primary means arc grouped in a main housing that cannot be dismantled without damaging at least one of the components of the primary means, and the peripheral means are grouped in at least one housing capable of being connected to the main housing.

Abstract: Techniques are disclosed for deterring theft of media recording devices. Input received from a sensor, or some portion of the input, is encrypted prior to storing a media file. A decryption key must be provided when the media file is to be played back. If the key is not provided, then the file is preferably still played back, but is played back in a degraded manner. For example, a background color or other filler may be rendered in place of the encrypted portion. Additional parts of the file may also be degraded during playback. By making the playback unpleasant for the listener/viewer, theft of the recording device will be much less desirable—yet recording can continue uninterrupted, thereby minimizing disruption to legitimate users. The disclosed techniques may also be used to deter theft of the recorded media.

Abstract: A system for granting indefinite use of inactivated software options pre-installed on a device is provided. The system includes receiving, at a remote processing facility, a recurrent use request from a user requesting access to an inactivated software option resident on the device. The system is further configured to validate the request and generate an activation key. The activation key is transmitted from the processing facility to the device automatically activating the option and granting recurrent access. The activation key or code is generated at the processing facility using data from at least one of a user identifier, a system identifier, a recurrent use identifier, and the selected option. A method to permit recurrent use of resident, yet, inactivated software of a device is also provided.

Abstract: A secured computer system includes a communication interface and an intrusion detection module. The computer system may be portable and configured for wireless communication with a user of the system. The user may activate and configure an alarm monitor, which may be triggered by motion of the computer system. If the triggered alarm is not deactivated, an alarm sequence is activated. If the alarm sequence is not cancelled, then security measures for protecting sensitive data on the computer system from unauthorized access may be executed. The security measures may include removing data or rendering a storage device inaccessible.

Abstract: The detection of devices with duplicate media access controller (MAC) addresses in a cable network. A cable network device (CND) having a MAC address is connected by the cable network to a cable modem termination system (CMTS) having a gateway interface address. A centralized storage of historical cable modem MAC address/giaddr tuple data is used to identify CNDs that report duplicate MAC addresses. The cable network tracks the CND MAC address/giaddr tuple data of all CND requests that it receives and stores the MAC address/giaddr tuple data into a datastore (such as a database). When a CND seeks to access the network, the cable network looks into the datastore to determine whether the CND MAC address of the CND has previously been stored with a different associated giaddr, which would imply that there are multiple CNDs attached to different CMTSs where the CNDs share the same MAC address. If such duplication is detected, an appropriate remedial response is taken.

Abstract: A secured computing system and container therefor may comprise: a base for receiving a computing device; a securable first cover for substantially enclosing at least part of the computing device when the first cover is in a first position in the base; a securable second cover for preventing access to the computing device when the second cover is in a secured position, wherein access to the computing device is available when the second cover is not in the secured position. The computing device may be substantially enclosed when the first cover is in the first position in the base and the second cover is in the secured position; and one or more user features of the computing device may be accessible when the first cover is not in the first position in the base. The computing device may include a computer processor or computer peripheral.

Abstract: A control unit is described for technical installations, devices and/or machines having a microprocessor, a programmable memory and a housing enclosing the microprocessor and programmable memory. Data lines lead out of the housing for connection with an external device for writing data to the programmable memory. The control unit is enclosed in the housing such that the operability of the control unit is at least partly destroyed when the housing is opened. The control unit furthermore has a check device that checks for authorization a write access by which data are written to the programmable memory over the data line, and causes the data to be written to the programmable memory only in case of a successful check of authorization.

Abstract: An electronic device, a control method thereof and a security program are provided which are capable of preventing or suppressing the theft of the electronic device. The electronic device comprises mounting means for loading a portable recording medium and encrypted information write means for encrypting predetermined information using an encryption key unique to the electronic device and writing the encrypted information in the recording medium. The electronic device further comprises encrypted information read means for reading the encrypted information recorded in the recording medium in the case where the recording medium is loaded in the mounting means, decryption execution means for executing the decryption of the encrypted information using the encryption key, and control means for setting the electronic device in usable mode in the case where the encrypted information is decrypted by the decryption execution means.

Abstract: Methods and apparatus for providing security to Bluetooth-enabled handheld or portable devices are disclosed. According to one aspect of the present invention, a handheld security system includes a control unit and a device. The control unit is Bluetooth-enabled, and has an associated communications range. The device, which is also Bluetooth-enabled, is registered with the control unit such that the device cooperates with the control unit using Bluetooth communications to determine when the device is within the range of communications of the control unit. When it is determined that the device is within the range of communications of the control unit, the device is allowed to remain functional. Alternatively, when it is determined that the device is not within the range of communications of the control unit, the device is rendered to be substantially non-functional.

Abstract: System (10) for remotely controlling and monitoring a food refrigerator (1), and its content, of the type intended to be given in rental or in free loan from a manufacturer to a vendor of cold products, comprising a control unit (2) for checking and storing a plurality of functioning parameters of the food refrigerator (1), an RFID reader (3) intended to read data stored in a plurality of RFID tags attached to the cold products, a communication unit (4) for interconnecting an external device, the RFID reader (3) comprising means for retrieving data from said RFID tags when the cold products are still stocked inside the food refrigerator (1) and the communication unit (4) localization means for transmitting information to the external device about a geographical localization of the food refrigerator (1). System (10) according to claim 1 wherein said means produce a radio frequency signal at predetermined time intervals for activating said RFID tags.

Abstract: Electronic devices in a local area network (LAN), e.g., a DVD video recorder, plasma display, and audio controller in a home network, are protected by a security system that is networked with the devices. In one aspect, the security system periodically polls the devices to confirm that they are present in the LAN. If a device does not respond, an alarm is set. Installation of the electronic device in an unauthorized network is detected by verifying the Internet Protocol (IP) address of the device, such as when the device attempts to contact a server that provides services such as downloading new or updated software to the device, performing remote programming, and uploading diagnostic data. The devices may encrypt their messages using encryption codes that are unique individually or for a specified group of electronic devices.

Abstract: A system, method and program product that allows a set of actions being executed on a computer system to be temporally authorized for execution for a short duration. A computer system is provided comprising: an execution platform for executing program code; and an execution control system that can interrupt execution of actions encountered in the program code, wherein the execution control system includes a system for temporally authorizing execution of an encountered action.

Abstract: An apparatus associated with protecting encrypted computing platform data protection is described. One example apparatus includes a theft detection logic to identify when a computing platform has been stolen. The example apparatus also includes a theft deterrence logic to selectively manipulate encryption-related material stored in a secure data store. The theft detection logic may control the theft deterrence logic to hide, delete, or otherwise make unavailable the stored encryption-related material to protect encrypted data associated with the encryption-related material.

Abstract: According to the present invention, there is provided a system for securing data with a storage system. The system includes at least one storage device. In addition, the system includes a security mechanism for recognizing an attempt to insert or remove the storage device. Moreover, the system includes a management unit to control the insertion and removal of the storage device.

Abstract: In an embodiment, an apparatus includes a trusted cryptographic processor that includes at least one functional unit. The trusted cryptographic processor also includes a controller to receive a primitive instruction that identifies which of the at least one functional unit is to perform an operation, wherein the controller is to reduce power to the at least one functional unit that is not identified by the primitive instruction. The apparatus includes a trusted power management unit to supply the power based on control from the controller, wherein the control is independent of a processor that is not in a trusted state.

Abstract: An electronic anti-theft system utilizes CAN bus for authorizing vehicle components. The electronic anti-theft system includes a central authorization module storing at least one first identifier code, at least one electronic functional module and a CAN bus. Each of the electronic functional modules includes a vehicle electrical system identifier (VESI) device, which stores a second identifier code. The VESI device compares the second identifier code thereof with an associated first identifier code, and issues an acknowledgement signal when the comparison is matched. The central authorization module activates the electronic functional module for normal operation when receiving the acknowledgement signal from the VESI device for the electronic functional module. The electronic functional module includes vehicle crucial components such as trip computer module and infotainment module.

Abstract: In an embodiment, an apparatus includes a trusted cryptographic processor that includes at least one functional unit. The trusted cryptographic processor also includes a controller to receive a primitive instruction that identifies which of the at least one functional unit is to perform an operation, wherein the controller is to reduce power to the at least one functional unit that is not identified by the primitive instruction. The apparatus includes a trusted power management unit to supply the power based on control from the controller, wherein the control is independent of a processor that is not in a trusted state.

Abstract: A monitoring method and apparatus applied to a computer system having a computer case, a controller and a register for changing the power state of the computer system according to the assembling state of the computer case is disclosed. The method comprises steps of detecting whether the computer case of the computer system is disassembled, generating a trigger signal to the controller when the computer case of the computer system is disassembled, generating a power management signal in response to the trigger signal for changing a system power state indicator of the register, and polling the system power state indicator and driving the computer system into a hibernation mode according to the change of the system power state indicator.

Abstract: A prioritized address decoder has been disclosed. One embodiment of the prioritized address decoder includes a first comparator to compare a destination device address of data with a first address range associated with a first device and a second comparator coupled to the first comparator to compare the destination device address with a second address range associated with a second device, wherein the data is sent to the second device in response to a first output of the first comparator and a second output of the second comparator.

Abstract: A burglarproof method for portable computer devices is disclosed. When a portable computer device is activated, an IC thereof registers user data to a data server using an internal network device thereof and creates and uploads a hardware data table generated based on detection results by a BIOS to the data server. The hardware data table comprises an IP and a status field representing a use status of the portable computer device. When the status field represents “stolen”, the IC activates a stolen display function to lock a screen of the portable computer device to be incapable of performing any operations by users and performs a corresponding operation.

Abstract: The invention is directed to systems and methods for detecting the loss, theft or unauthorized use of a device and/or altering the functionality of the device in response. In one embodiment, a device monitors its use, its local environment, and/or its operating context to determine that the device is no longer within the control of an authorized user. The device may receive communications or generate an internal signal altering its functionality, such as instructing the device to enter a restricted use mode, a surveillance mode, to provide instructions to return the device and/or to prevent unauthorized use or unauthorized access to data. Additional embodiments also address methods and systems for gathering forensic data regarding an unauthorized user to assist in locating the unauthorized user and/or the device.

Abstract: The invention is directed to systems and methods for detecting the loss, theft or unauthorized use of a device and/or altering the functionality of the device in response. In one embodiment, a device monitors its use, its local environment, and/or its operating context to determine that the device is no longer within the control of an authorized user. The device may receive communications or generate an internal signal altering its functionality, such as instructing the device to enter a restricted use mode, a surveillance mode, to provide instructions to return the device and/or to prevent unauthorized use or unauthorized access to data. Additional embodiments also address methods and systems for gathering forensic data regarding an unauthorized user to assist in locating the unauthorized user and/or the device.

Abstract: A method and apparatus are disclosed for detecting the removal of a device connected to a network. The present invention generates an alarm on a protected device when an unauthorized user disconnects the device from a network connection. The network connection is monitored and an alarm is generated if the protected device is disconnected from the network connection without proper notification to the theft protection utility. A number of fail-safe features can optionally be employed to ensure that the theft protection aspects of the present invention are not bypassed. For example, the theft protection utility process can employ speaker, volume and/or power control features to ensure that the alarms generated by the present invention, or the theft protection feature itself, cannot be bypassed.

Abstract: The invention disclosed herein is an in-circuit security system for electronic devices. The in-circuit security system incorporates identity credential verification, secure data and instruction storage, and secure data transmission capabilities. It comprises a single semiconductor chip, and is secured using industry-established mechanisms for preventing information tampering or eavesdropping, such as the addition of oxygen reactive layers. This invention also incorporates means for establishing security settings, profiles, and responses for the in-circuit security system and enrolled individuals. The in-circuit security system can be used in a variety of electronic devices, including handheld computers, secure facility keys, vehicle operation/ignition systems, and digital rights management.

Abstract: Consumers may utilize computing devices to assist in the purchase and/or loyalty process, and in particular, the consumer may utilize a PDA to facilitate the purchase and/or loyalty process. During the purchase and/or loyalty process, the consumer may need to insure that any content downloaded or used in association with the PDA is secure in how it is collected, assembled, and delivered to the PDA device. This system and method secures the data from its source to when it is actually viewed or used by the authorized user. The PDA may have direct access to an Internet web site portal that offers secure personal content from a content provider, such as, for example, an on-line banking or financial institution. Using the web site portal, the content provider may offer personal or confidential data, such as financial information, to PDA users in a secure (e.g., encrypted) environment.

Abstract: A system and method for authenticating document processing transactions wherein the transaction is rejected if the user is not within a selected geographical region. A transaction request is first received representing a request for the completion of a selected transaction associated with a selected user. Preauthorized geographic region data, associated with the selected user, is then received indicating from where the associated user is allowed to request transactions. Location data representing the source of the transaction request is then received and tested against the preauthorized geographic region data. The result of this testing determines whether the requested transaction is authorized.

Abstract: Apparatus and system for tracking computer hardware consisting of a network interface card configured in promiscuous mode capable of passively listening for OSI layer 2 network traffic on a medium for use in the recovery or location of lost or stolen devices. The device of interest, one located, can then be tracked via signal strength. GPS may also be used to track locations where devices of interest have been located.

Abstract: In a television receiver having a decryption unit and a video display unit which are stored in one casing, copyright protection is given to an encrypted digital video signal or analog video signal. When an encrypted digital video signal is inputted to a digital video signal input terminal, the signal is decrypted by a decoding circuit to obtain an after-decryption video signal that is copiable, and thereafter, the signal is visualized by a video display unit. When a casing cover is opened, a decoding control circuit converts a parameter that is needed for decryption, such as an encryption key, into a meaningless parameter, and outputs it to the decoding circuit, whereby the after-decryption video signal becomes a video signal that is not decrypted. On the other hand, during maintenance, a predetermined code is inputted from a button group (18) to output a regular decryption parameter to the decoding circuit (13).

Abstract: A portable electronic device comprises a physical security component configured to be in a retracted position and an extended position relative to a housing of the portable electronic device, the physical security component having at least two differently shaped openings enabling at least two different types of locking devices to be coupled to the at least two differently shaped openings.

Abstract: The invention relates to a method for protecting against manipulation of a controller for at least one motor vehicle component, the control device (1) comprising at least one microcomputer (?C) and at least one memory module (2, 3), at least one of the memory modules (2, 3) constituting a reversible read-only memory (3), characterized in that the reversible read-only memory (3) stores data which have been encrypted by an encryption process, and the key used in the encryption process comprises at least one part of at least one original identifier (ID) of at least one of the modules (?C, 2, 3) of the control device, which identifier is specific to the module.

Abstract: A method and system for recovering a lost or stolen electronic device is provided. The method includes determining trace information to trace a present user of the electronic device, and obtaining an authentication information to determine whether or not the present user of the electronic device is a valid user of the electronic device. The method further includes sending the trace information to another user who had been previously determined to be the valid user of the electronic device, if it is determined that the present user is not the valid user of the electronic device.

Abstract: A safe including a safe controller coupled to a data transfer port is provided. The safe controller is configured to selectively enable device data to pass through the data transfer port when a valid code is received by the safe controller. A system for controlling data communications with an internal device in a safe is also provided. The system includes an external computing device configured to execute a series of instructions, and a safe. The safe includes a data transfer port coupled to the external computing device and the internal device. The safe also includes a safe controller coupled to the data transfer port, wherein the safe controller is configured to selectively enable communication between the external computing device and the internal device when a valid code is received by the safe controller.

Abstract: The invention relates to an electronic device for cryptographic processing, having at least two electronic circuits (IC, CC, CP) coupled via a connection means, wherein the connection means is arranged for transferring data signals between the two electronic circuits. The electronic device further has a monitoring circuit (401) arranged to monitor a deviation in the capacitance of the connection means. In case the deviation exceeds a predetermined value an alert signal (411) is generated.

Abstract: A modular device formed with USB connectors. The USB can be used for connecting different kinds of devices, for example memories, user interfaces and the like. The USB devices can be piggybacked. In an embodiment, the USB devices can be located in a cavity formed inside the computer. Another embodiment forms a modular cellular telephone.

Abstract: Methods, systems, IC packages, and electrical devices for providing data security for ICs. A substrate-on-substrate connector grid array package with an electrical shield can protect sensitive information in a secure IC from being accessed by physical attacks. A current flow in the electrical shield can be monitored for disturbances which can indicate an attack on the IC package.

Abstract: A process is provided for protection against theft of electronic payment terminals utilized in a group including at least two electronic payment terminals organized as a network. The process includes the following steps: mutual detection of the presence of each of the terminals of the group; and transmission of absence information if at least one of the terminals is not detected.

Abstract: A security apparatus using a telecommunication device is disclosed. A telephone microprocessor is used for sending a predefined security message to a security telephone number preprogrammed in the telecommunication device. A sensing device associated with the telecommunication device is used for detecting an undesired activity around or in association with the telecommunication device. The sensing device directs the telephone microprocessor to send the predefined security message to alert the undesired activity.

Abstract: A CPU holder 10 comprising a top member 12, a height adjustable side member 14, a support member 16 and retaining arms 36, and a movably mounted side arm 18. The height of the side member 14 and the length of the retaining arms 36 may be adjusted to accommodate computer cases of differing height and depth. The height and length can only be adjusted when no computer case is present. The position of the side arm 18 on the top member 12 can be adjusted according to the width of the computer case. The side arm 18 is locked in position on the top member 12 via a key operated locking arm 50 and a lock box 48. The CPU holder 10 is thereby fully size adjustable, but the height and length adjustment is secure and tamper proof when a computer case is present, so only a single external lock is required.

Abstract: A manageability engine of a processor based device and a host theft-deterrence agent of the processor based device, jointly implement a theft-deterrence protocol with a theft-deterrence service, remotely disposed from the processor based device, to deter theft of the processor based device. The host theft-deterrence agent is configured to operate in a processor operated application execution environment of the processor based device, and the manageability engine is configured to operate outside the application execution environment.

Abstract: This invention provides a method and apparatus to eliminate the theft of various types of electronic equipment through the use of an existing telephonic connection. The method includes steps of determining an apparent theft, contacting a local police or security authority and providing a means of discovering the location of the stolen equipment. The method further allows the apparatus to eliminate the need for excessive hardware components by utilizing pre-existing infrastructure. In utilizing preexisting infrastructure, the invention allows operation in a plurality of locations through its stand-alone capabilities and location identification capabilities.

Abstract: Electric equipment, and a method and a program for preventing the unauthorized use of same, by which it is possible to prevent the theft of electric equipment installed in an environment where the electric equipment is available for the use of an unspecified number of users and the stealing of information stored in the electric equipment.

Abstract: Disclosed is a hardware based secure multi-domain computer system. The system comprises a housing enclosing multiple separate, secure computer devices. The housing is preferably the size of a standard computer tower. It is preferred that at least three computer devices are disposed within the housing. Each of the computer devices operate on significantly less power than a standard computer. Preferably, each computer operates on no more than 50 Watts of power, more preferably on less than 35 Watts of power.

Abstract: A process for integrity check of lots of individual package units which comprises combining at least one RFID tag and a container which contains a large number of individual package units wherein each of the individual package units is marked with a marking code, the information of these codes of all individual package units is combined, and a hash code is generated based on the combined information of all marking codes of all individual package units, which combined hash code is stored in an RFID tag which is affixed to the container, this combined hash code together with the individual hash codes for the individual package units being stored in the data base of the SENDER site where the container is packed and sealed, the individual hash codes then being transmitted to the RECIPIENT of the said container, the information collected from the RFID tag being compared to the combined hash code which is calculated at the RECIPIENT site from the information received by the SENDER of the said container including al

Abstract: A hardware-based security module is used to protect an electronic device, especially a portable electronic device. The security module may determine either via timeout of a watchdog timer or via an explicit message to encrypt selected data on the electronic device. In addition, the electronic device may enter a limited function mode that only allows display of simplistic messages and supports network traffic with a recovery service. The recovery service may be able to use the network traffic to locate the electronic device. The security module may include a secure memory, a cryptographic function, a timer, and support for direct display of data on a monitor.

Abstract: A wireless module security system and method is provided which includes, in one embodiment providing security data to a wireless module. The security data including a security code provided to the wireless module after the wireless module has been activated. The method for providing the security code includes encrypting the security code after establishing a wireless module account, issuing the security code through wireless transmission to the wireless module, and decrypting and storing the security code inside the wireless module. The security system and method also utilizes user authorized associated peripheral devices which may be connected to the wireless module to provide further combinations of security data. In one embodiment, the wireless module is provided with an electronic serial number and that electronic serial number is stored to the peripheral device for a security measure.

Abstract: A burglarproof device and method are presented for preventing an electronic device from being used by an unauthorized user. The burglarproof device includes an anti-theft module and an authentication device. The anti-theft module and the authentication device can communicate with each other by wireless communication, in which the anti-theft module is mounted internally within the electronic device and the authentication device is mounted externally to the electronic device. The anti-theft module can send an authentication activation signal to the authentication device upon the activation of a power switch of the electronic device. The authentication device can be actuated upon the reception of the authentication activation signal and send an encoded signal generated by encoding an authentication code retained in the authentication device to the anti-theft module. The anti-theft module can decode the encoded signal and check whether the decoded signal is a legitimate authentication code.

Abstract: An electronic device comprises a first interface operable to receive from a user a selection of a first data set and a processor coupled to the first interface. The processor is operable to access the selected first data set, determine if the user is authorized to receive the first data set, and store the first data set on a memory device.

Abstract: An intrusion-resistant apparatus may include a magnetic memory array disposed with an enclosure. The magnetic memory may include a plurality of magnetic memory elements, each adapted to store a binary value only in the presence of a predetermined bias magnetic field having a magnetic field strength and direction within predetermined limits. Means for providing the predetermined bias magnetic field and an encryption/decryption engine may be disposed within the enclosure. An encryption/decryption key may be stored in the magnetic memory array. The encryption/decryption key may be used by the encryption/decryption engine to encrypt and decrypt data.

Abstract: A recording medium is provided which is protected against unauthorized use and has heightened security. The recording medium stores storage authentication information that authenticates a user, and has an area that corresponds to the storage authentication information. The recording medium further includes a tamper-resistant authentication unit that judges whether or not received authentication information that authenticates a user matches the storage authentication information. The authentication unit is prevented from being decoded or tampered by third parties. In addition, it is possible to restrict access to the area according to the content of authentication.