Abstract: A system for binding a subscription-based computer to an internet service provider (ISP) may include a binding module and a security module residing on the computer. The binding module may identify and authenticate configuration data from peripheral devices that attempt to connect to the computer, encrypt any requests for data from the computer to the ISP, and decrypt responses from the ISP. If the binding module is able to authenticate the configuration data and the response to the request for data from the ISP, then the security module may allow the communication between the computer and the ISP. However, if either the configuration cycle or the response cannot be properly verified, then the security module may degrade operation of the computer.

Abstract: Architecture that provides programmatic association of a device (e.g., removable) to a currently logged-in user, and restricts access to the drive only to that particular logged-in user. When active, the architecture detects when devices are added to the system, determines which logged-in user a given device (or devices) should be assigned, modifies the security settings for the device(s), and makes a per-user drive letter mapping to that device such that only the logged-in user can see the mapped device. In the context of serially attachable peripheral devices such as USB (universal serial bus) devices (and IEEE 1394 devices), for example, access can be restricted to a user based on the USB hub into which the device is connected. This prevents the operating system from assigning a global drive letter to a device or device volume (for drives) when the device is added.

Abstract: Architecture that allows programmatic association of devices to sessions and redirects input to the desired session. When the solution is active, input from the devices is not realized by the standard operating system input stack, thereby allowing even reserved key sequences such as Ctrl-Alt-Del to be intercepted and redirected to a desired session. Moreover, in addition to redirecting input to a specific session, the architecture facilitates the filtering of input from unwanted/unmapped devices, the interception and filtering or redirection of reserved key sequences such as Ctrl-Alt-Del, and the maintenance of input state for each session.

Abstract: A system for managing a subscription-based computer independent of an operating system of the computer may include a security module that accesses, decrements, and stores subscription data during operation of the subscription-based computer. Additionally, the system may include a network module in communication with the security module and comprising a network stack, a web server, and a user interface in an operating system independent format. A web browser of the computer may request the user interface from the network stack. The interface may be populated with the subscription data, and a network driver may retrieve the populated user interface from the network module. The populated interface may then be sent to the web server to be served back to the requesting web browser.

Abstract: Architecture that provides programmatic association of a device (e.g., removable) to a currently logged-in user, and restricts access to the drive only to that particular logged-in user. When active, the architecture detects when devices are added to the system, determines which logged-in user a given device (or devices) should be assigned, modifies the security settings for the device(s), and makes a per-user drive letter mapping to that device such that only the logged-in user can see the mapped device. In the context of serially attachable peripheral devices such as USB (universal serial bus) devices (and IEEE 1394 devices), for example, access can be restricted to a user based on the USB hub into which the device is connected. This prevents the operating system from assigning a global drive letter to a device or device volume (for drives) when the device is added.

Abstract: Architecture that allows programmatic association of devices to sessions and redirects input to the desired session. When the solution is active, input from the devices is not realized by the standard operating system input stack, thereby allowing even reserved key sequences such as Ctrl-Alt-Del to be intercepted and redirected to a desired session. Moreover, in addition to redirecting input to a specific session, the architecture facilitates the filtering of input from unwanted/unmapped devices, the interception and filtering or redirection of reserved key sequences such as Ctrl-Alt-Del, and the maintenance of input state for each session.

Abstract: A system for binding a subscription-based computer to an internet service provider (ISP) may include a binding module and a security module residing on the computer. The binding module may identify and authenticate configuration data from peripheral devices that attempt to connect to the computer, encrypt any requests for data from the computer to the ISP, and decrypt responses from the ISP. If the binding module is able to authenticate the configuration data and the response to the request for data from the ISP, then the security module may allow the communication between the computer and the ISP. However, if either the configuration cycle or the response cannot be properly verified, then the security module may degrade operation of the computer.

Abstract: A system for binding a subscription-based computer to an internet service provider (ISP) may include a binding module and a security module residing on the computer. The binding module may identify and authenticate configuration data from peripheral devices that attempt to connect to the computer, encrypt any requests for data from the computer to the ISP, and decrypt responses from the ISP. If the binding module is able to authenticate the configuration data and the response to the request for data from the ISP, then the security module may allow the communication between the computer and the ISP. However, if either the configuration cycle or the response cannot be properly verified, then the security module may degrade operation of the computer.

Abstract: A system for managing a subscription-based computer independent of an operating system of the computer may include a security module that accesses, decrements, and stores subscription data during operation of the subscription-based computer. Additionally, the system may include a network module in communication with the security module and comprising a network stack, a web server, and a user interface in an operating system independent format. A web browser of the computer may request the user interface from the network stack. The interface may be populated with the subscription data, and a network driver may retrieve the populated user interface from the network module. The populated interface may then be sent to the web server to be served back to the requesting web browser.

Abstract: A system for binding a subscription-based computer to an internet service provider (ISP) may include a binding module and a security module residing on the computer. The binding module may identify and authenticate configuration data from peripheral devices that attempt to connect to the computer, encrypt any requests for data from the computer to the ISP, and decrypt responses from the ISP. If the binding module is able to authenticate the configuration data and the response to the request for data from the ISP, then the security module may allow the communication between the computer and the ISP. However, if either the configuration cycle or the response cannot be properly verified, then the security module may degrade operation of the computer.