Abstract: A security memory device includes a memory cell array that stores a plurality of contents, including a mine, which is stored as a portion of the plurality of contents. The mine is triggered when it is accessed, typically such that the mine erases the memory contents. Also, control logic is included that controls access to the plurality of contents. In one aspect, the memory cell array can include a protected-cell zone and a free-cell zone. In this aspect, the security memory device can further include a lock that provides protection for contents stored in the protected-cell zone from access and a key that is capable of unlocking the lock.

Abstract: A computer includes a processor, position determining means for determining the location of the computer, and control means for controlling the operation of the processor. The control means are in communication with the position determining means and control the operation of the processor in response to location information provided to the control means by the position determining means.

Abstract: An electronic device prior to entering a distribution channel is equipped with a Loss Prevention Client which permits limited use of the device until correct authentication is provided by a legitimate purchaser. By permitting limited use before authentication, the device remains both useful to a legitimate purchaser and valuable to a thief. While allowing operation in the possession of a thief, options can be provided to permit tracking of the device or to allow proper purchase of the device.

Abstract: A theft control system may be implemented between a server and a client. The server may provide a certificate which must be periodically renewed. Execution of the certificate may be controlled by a trusted platform module on the client under control of a theft control controller.

Abstract: A security apparatus and method is provided for a portable computer, wherein a solenoid within the portable computer is controlled by a specified program running on the computer. Activation of the solenoid is usefully enabled by a password or computer security chip. One embodiment, comprising a security apparatus, includes a locking mechanism such as a conventional manually operated USS locking device having a locking element. The security apparatus further includes a component positioned proximate to a slot disposed to receive the locking element, the component being adjustable to vary a dimension of the slot entrance between hold and release modes. The component is coupled to the solenoid and is actuated to adjust the slot entrance dimension, from the hold mode to the release mode, when the solenoid is energized in response to a command generated by the specified program running on the computer.

Abstract: A security system for preventing unauthorised removal of a portable electronic device, such as a portable X-ray detector (106) or the like, from a docking station (100). The docking station (100) is provided with an electromagnetic lock (102) which is activated by means of a software command (112) issued by a screensaver function (110) running on a remote host PC (108). When triggered after some predetermined period of user inactivity, the screensaver function (110) locks the screen and keyboard of the host PC (108) to prevent unauthorised use thereof, and also issues the above-mentioned software command (112) to activate the electromagnetic lock (102) and prevent removal of the detector (106) from the docking station (100).

Abstract: Techniques are disclosed for deterring theft of media recording devices. Input received from a sensor, or some portion of the input, is encrypted prior to storing a media file. A decryption key must be provided when the media file is to be played back. If the key is not provided, then the file is preferably still played back, but is played back in a degraded manner. For example, a background color or other filler may be rendered in place of the encrypted portion. Additional parts of the file may also be degraded during playback. By making the playback unpleasant for the listener/viewer, theft of the recording device will be much less desirable—yet recording can continue uninterrupted, thereby minimizing disruption to legitimate users. The disclosed techniques may also be used to deter theft of the recorded media.

Abstract: Systems and methods are disclosed according to the implementations of the present disclosure for determining whether a cable modem has been placed in an unauthorized location. One system, among others, comprises a first cable modem and a second cable modem. The first cable modem is configured to transfer data between a first subscriber device and a headend facility and is intended to be used in a first residence. The second cable modem is configured to transfer data between a second subscriber device and the headend facility and is also intended to be used in the first residence. The first cable modem sends first information, corresponding to at least one parameter of the first cable modem, to the second cable modem. The second cable modem compares the first information with second information corresponding to at least one parameter associated with the second cable modem.

Abstract: A system and/or method to control access to secured compartments in a facility. Computers positioned throughout the facility are interfaced to respective locking mechanisms to operate the locking mechanism in response to access codes, which may be transmitted over the network. Additional steps may involve programming an authorization computer for providing access codes in whole or part for use with the computers. One or more access points may be functionally coupled to a computer system and/or to the locking mechanism and accessible to users for entry of requests for access to the secured compartment.

Abstract: An asset bring-out management system includes a brought out asset, a managing system, an encryption determining unit, and a brought out information registering unit. The managing system manages bring-out of the brought out asset to the outside of a management area. The encryption determining unit determines whether or not encryption processing has been executed on the brought out asset. The brought out information registering unit registers brought out asset information in the managing system if the encryption processing has been executed on the brought out asset.

Abstract: Various methods for detecting the removal of a processing unit, such as a microprocessor or a microcontroller, form a printed circuit board in a secure printing system, such as a postage metering system are provided. The methods utilize one or more of a real time clock provided internal to the processing unit, a CMOS device provided on the printed circuit board external to the processing unit, and CMOS memory internal to the processing unit to detect the removal of the processing unit and therefore an attack.

Abstract: A method for preventing denial of service attacks against Hypertext Transfer Protocol (HTTP) servers includes receiving a HTTP request from a subscriber using a first communication network coupled to at least one other communication network, receiving a profile for the subscriber, filtering the request to determine whether the subscriber is authorized to make the request based upon the profile and forwarding the request to the other communication network when the subscriber is authorized to make the request. An apparatus capable of preventing denial of service attacks against HTTP servers includes a profile request generator capable of generating a profile request based upon a HTTP request received from a subscriber using a first communication network, a filter capable of determining whether the request is authorized based upon the requested profile and an authorizer capable of allowing the request to be forwarded on at least one other communication network coupled to the first communication network.

Abstract: A system and method for securing and tracking an electronic device. The system includes hardware, software and firmware components that cooperate to allow tracking, disabling, and other interaction with the stolen electronic device. The system includes an application component, non-viewable component and Basic Input/Output Subsystem (BIOS) component that are present on the electronic device. The BIOS component maintains the secured environment of the application and non-viewable components. If only the application component was provided, a simple low level format of the hard disk drive would remove the application and bypass the security features. The system implements an “application and BIOS” based solution to electronic device security.

Abstract: An electronic device is provided, the electronic device having an anti-theft interface. If damage to the anti-theft interface is detected, the electronic device enters a user authentication mode.

Abstract: A controller of the computerized device monitors a configuration state of the computerized device by maintaining a record of the hardware or software configuration of the computerized device and recording, between user sessions, any detectable attachments or detachments of peripheral devices relative to the computerized device. The controller provides a two-level login procedure for the computerized device that ensures the user's high-security credentials are not presented to the controller until after the user has had the opportunity to be warned of detected configuration changes with respect to the computerized device. The controller provides a first login query to a user for a password. Upon reception of a successful first login response, the controller displays a warning screen that indicates, for example, whether the controller has detected any change to the hardware or software configuration of the computer since the user's last session.

Abstract: A management device of a license management system acquires a usage request of a content from an SD card or a printer via a relay device, analyzes the acquired usage request, acquires usage environment information of the SD card or the printer from the relay device, analyzes the acquired usage environment information, generates license information including a usage rule corresponding to the analysis results of the usage request and the usage environment information, generates instruction information indicating how to handle the license information in the relay device based on the analysis result of the usage environment information, embeds the generated instruction information in the license information, and sends the license information to the relay device.

Abstract: For securing a portable device, a first input is received to determine whether a security feature is enabled. A second input is received from a sensor to determine a presence of a physical lock for securing the portable device. A prompt for a password is output in response to determining an absence of the physical lock. A third input is received to verify the password. Upon verifying the password, the portable device is enabled, otherwise it is disabled. The prompt for the password is bypassed and the portable device is enabled if the physical lock is present.

Abstract: To alert a user to an abnormal performance, such as motion/vibration, a loss of power, or a loss of a signal indicating theft of an apparatus, such as a liquid crystal display or a plasma display, an anti-theft function of the apparatus is initiated, and when the abnormal performance of the apparatus is detected, an alarm is triggered.

Abstract: An apparatus, system, and method are disclosed for autonomically disposing a computer such as a workstation. The computer's local persistent storage medium is configured with pre-boot image which is configured with a set of functional modules that facilitate disposal or recycling of the computer to the next user. The disposal and recycle methods are automated, require minimal user intervention, and facilitate moving configuration options and data to a different computer. The entire process may execute from the pre-boot image on the computer's local persistent storage medium without ever booting the primary operating system.

Abstract: A security apparatus within a smart card includes a plurality of security blocks with at least one shared component. Each security block that when activated generates a respective output signal indicating whether a respective detected parameter is within a respective acceptable range. A selecting unit couples the shared component to the activated one of the security blocks for minimized area and cost of the security apparatus.

Abstract: An anti-thief electronic device capable of confirming respective existing statuses of a plurality of apparatuses coupled thereto and method thereof is disclosed. The anti-thief electronic device includes a first table, a second table, a micro control unit and an alert device. The first table stores respective initial existing statuses of the apparatuses coupled to the anti-thief electronic device as regular existing statuses. The second table stores respective existing statuses of the apparatuses periodically. The micro control unit periodically compares the second table with the first table to confirm whether the respective existing statuses of the apparatuses are changed or not. The alert device generates an alert if the respective existing statuses of the apparatuses are changed. Specifically, the micro control unit periodically queries an extended display identification data from the display for detecting the removal of the display.

Abstract: A protection method is used in a portable communication device. The protection method comprises the steps of generating a specific command, and storing the specific command into the portable communication device; the portable communication device waiting and receiving a message; determining whether the message received by the portable communication device comprises the specific command; and performing a protection mechanism for protecting the important information contained in the portable communication device when the message comprises the specific command.

Abstract: A method, system, and computer-usable medium for laptop security. In a preferred embodiment of the present invention, a security manager establishes a desired network topology with a collection of laptops, wherein each of the collection of laptops communicates with other laptops within the collection of laptops utilizing a wireless connection. In response to establishing the desired network topology, the security manager causes the plurality of laptops to enter a lock down state. In response to detecting that a disruption in communication has occurred, the security manager issues an alarm.

Abstract: A system for disabling a device. An embedded identifier contained within a cable security system is read in response to enabling a cable security mechanism within the device. The device is disabled if the embedded identifier is not found.

Abstract: Security tools are described that provide different security policies to be enforced based on a location associated with a network environment in which a mobile device is operating. Methods for detecting the location of the mobile device are described. Additionally, the security tools may also provide for enforcing different policies based on security features. Examples of security features include the type of connection, wired or wireless, over which data is being transferred, the operation of anti-virus software, or the type of network adapter card. The different security policies provide enforcement mechanisms that may be tailored based upon the detected location and/or active security features associated with the mobile device. Examples of enforcement mechanisms are adaptive port blocking, file hiding and file encryption.

Abstract: An anti-theft device for a computer device, including a main body having at least one protrusion portion which protrudes from the computer device when the body is connected to the computer device, an acceleration sensor provided in the main body and configured to detect impact, a detection processing unit positioned in the main body and configured to output a signal based on the impact detected by the acceleration sensor, a first memory unit including a driver program which facilitates communication between the detection processing unit and the personal computer, a program transfer unit which temporarily installs the driver program in the computer device, a connector configured to attach the body to the computer device and facilitate electrical connection between the computer device and detection processing unit, and an indicator configured to provide indication according to the signal.

Abstract: Integral electronic security is provided for a remotely placed network device to reduce the risk of theft, vandalism, or tampering. Sensors monitor the environment surrounding the remotely placed network device. When tampering is detected, a message is sent to a monitoring station. Optionally, the network device can clear its own configuration to prevent the loss of sensitive data.

Abstract: A method and system for wireless intrusion detection, prevention and security management. The method and system provides autonomous wireless intrusion detection and prevention, with minimal or no operator intervention. The method and system integrates a physical layer (e.g., OSI layer 1) a smart wireless radio frequency (RF) antenna subsystem with a data-link layer (e.g., OSI layer 2) wireless security system management platform.

Abstract: A method for deterring unauthorized use of an electronic device is described. The method includes installing security data in a protected storage area, installing a security routine operable to check for the security data, and prompting a user for identity information if the security data is found, before permitting use of the device. In an implementation, the device is shut down if the identity information is incorrect, and manufacturer contact information may be displayed before shutting down. But if the user responds correctly, the activation process is continued to enable normal operation of the device.

Abstract: To secure the confidentiality of data stored in data storage devices, a position determination system is mechanically coupled to the data storage devices and continuously determines a position thereof. A processor, provided with an authorized location for the data storage devices, facilitates transfer of data to and from the data storage devices. Specifically, when the position of the data storage devices matches the authorized location, the processor facilitates transfer of data from the data storage devices without any modification of the data. However, when the position of the data storage means does not match the authorized location, the processor inflates the data by dispersing it in a very large set of irrelevant data.

Abstract: A system and method are disclosed for controlling access to an access-protected unit. A pair of coordinates may be read from a base, such as a card, using a digital pen. The system may then check if the pair of coordinates are within a coordinate area belonging to an authorized user. If so, access may be granted to the authorized user to the access-protected unit or to specific programs or functions of the access-protected unit.

Abstract: One or more embodiments of the invention provide a method, apparatus, system, and article of manufacture for monitoring components of a digital cinema system. A digital cinema system utilizes an exhibitor system (that has one or more components) to display media content. A configuration of the exhibitor system is stored in the exhibitor system. The integrity of the configuration is then determined by querying each of the components. Software agents on each of the components respond to the query. Based on the configuration and the responses received, the integrity of the exhibitor system is determined.

Abstract: Consumers may utilize computing devices to assist in the purchase and/or loyalty process, and in particular, the consumer may utilize a PDA to facilitate the purchase and/or loyalty process. During the purchase and/or loyalty process, the consumer may need to insure that any content downloaded or used in association with the PDA is secure in how it is collected, assembled, and delivered to the PDA device. This system and method secures the data from its source to when it is actually viewed or used by the authorized user. The PDA may have direct access to an Internet web site portal that offers secure personal content from a content provider, such as, for example, an on-line banking or financial institution. Using the web site portal, the content provider may offer personal or confidential data, such as financial information, to PDA users in a secure (e.g., encrypted) environment.

Abstract: A method and apparatus for performing secure online transactions provides a user interface that is intuitive and easily to understand. The invention integrates an online wallet service with credit card issuers that provide online credit card authentication services. The method provides a keypad interface for PIN entry, or an interface that resembles an offline transaction receipt. The apparatus that stores personal information and credit card information uses a level-two authentication password to protect the user's credit card information. The invention integrates with the credit card issuer when a personal identification number is required for the user to perform online transactions by the credit card issuer. The embodiments include integrations when the level-two authentication password is equivalent to the personal identification number and that when they or not equivalent.

Abstract: In a security module and a method for protecting a security module, wherein security-relevant data are stored in a memory in the module, proper insertion of the security module on a device motherboard is monitored with a first function unit and a second function in the security module. The first function unit signals the status of the security module. The second function unit detects improper use or improper replacement of the security module, and upon detection of improper use or improper replacement, the second function unit causes the security-relevant data to be erased.

Abstract: When a security server detects an abnormality in the building by a sensor, the security server sends an abnormality notification mail that has embedded a link to image information shot by a supervision camera upon detection of an abnormality and a mail address of the security server to a portable telephone terminal and in case neither access from the portable telephone terminal to the image information nor a response mail is confirmed, determines that the abnormality mail is not confirmed by the user and notifies occurrence of the abnormality to a security center.

Abstract: A method for preserving digital evidence of a computer misconduct, the method including the steps of: prior to the misconduct, installing an expansion card capable of retrieving and storing a memory image and register information from a digital electrical computer in which the expansion card is installed; connecting a switch to regulate the expansion card from a location other than the computer; at the time of the misconduct, using the switch to trigger the retrieving and storing of the memory image and the register information into the expansion card; and subsequent to the misconduct, extracting the expansion card to preserve digital evidence of the computer misconduct. This method can be carried out further by subjecting the memory image and register information from the expansion card with another computer to forensic analysis.

Abstract: One or more embodiments of the invention provide a method, apparatus, system, and article of manufacture for monitoring components of a digital cinema system. A configuration of an exhibitor system (that has one or more components) of a digital cinema system is stored. Each of the one or more components is then polled (e.g., using radio frequency) based on the configuration. A determination is then made regarding the integrity of the exhibitor system based on the configuration and results of the polling. Further, a global positioning system (GPS) location and an identification (of a component) is received from an exhibitor system component. Based on the identification and the polling, a determination may be made regarding whether the identification is for an unauthorized component and consequently the location of the component for initiating enforcement action.

Abstract: In the event that an electronic apparatus having a security function is forcibly put into an inoperable state because electric power is shut off once by an operation equivalent to theft, the inoperable state can be canceled by using a code notified by the dealer by telephone, without carrying the electronic apparatus in its dealer. After electric power is supplied again, the vehicle-mounted compact disc (abbreviated as CD) reproduction apparatus is used to play back a CD, and its TOC information is used as a judgment identification code C1. When the code C1 is identical to the authorized identification code A21, the electronic apparatus is made operable. In order to cancel the inoperable state after the number of inconsistencies becomes 10 or more, the individual code A22 of an EEPROM 21 is indicated and notified to the dealer. The dealer carries out calculation by using the individual code A22, and a result B2 of the calculation is notified to the user. The user inputs the calculation result B2.

Abstract: One embodiment of present invention is a method for preventing the modification of a primary pass-phrase of an electronic system. Access to stored information such as a primary pass-phrase is disabled despite assertion of an override pin of an integrated circuit device of the electronic device when an override disable pin of the integrated circuit device is asserted prior to assertion of the override pin.

Abstract: Methods, systems, apparatuses, and arrangements enable an identifier module of a storage system to be rendered unusable upon removal from the storage system. In an exemplary identifier module implementation, the identifier module includes an identifier data space that is capable of receiving an identifier and a breakable apparatus that is adapted to break and render the identifier module unusable upon removal of the identifier module from a storage system. The identifier module may be adapted for removable attachment to the storage system. In an exemplary storage system implementation, the storage system includes one or more memory units that are capable of storing information and at least one interface that is adapted to receive an identifier module. The at least one interface includes a disrupter apparatus that is adapted to break and render unusable an identifier module upon removal of such an identifier module from the at least one interface.

Abstract: A circuit includes a capacitor formed with a dielectric including the dielectric encasing elements of the circuit. A detector detects changes in the capacitance of the capacitor.

Abstract: A technique for prohibiting access to a computer having a security function when a security device is illegally removed from the computer. The security device is a hardware component that constitutes a part of a security function for a computer. When the security device is illegally removed from the computer, access to the computer is prohibited. Data indicating that the security device is attached to the computer are stored in a nonvolatile memory. Then, when a specific event, such as a power-ON event, is used as a trigger, the procedure for prohibiting the access to the computer is initiated. Following this, based on the data stored in the memory, it is detected that the security device was once attached to the computer and that it has now been removed. If currently the security device is not attached to the computer, although it was attached before, the access to the computer is prohibited.

Abstract: A recording and/or playback apparatus having a first storage medium including a management region and a data region, an initializing device for initializing the first storage medium so that the first storage medium includes the management region and the data region, a generating device for generating a predetermined value when the initialization is performed, a second storage medium storing the predetermined value therein, a transforming device for applying a transformation to the predetermined value so as to be a different value, and a control device for controlling the output of the transforming device so as to store the output in the management region.