Abstract: A method is provided for prompting a user to perform PIM-related acts based on dynamic location data. The user's current location is received and a PIM item is selected from the user's PIM system. The user's current location is compared to the location of the selected PIM item. Based on the comparison, a suggested user fulfillment action for the PIM item is suggested to the user.

Abstract: A hardware-based security module is used to protect an electronic device, especially a portable electronic device. The security module may determine either via timeout of a watchdog timer or via an explicit message to encrypt selected data on the electronic device. In addition, the electronic device may enter a limited function mode that only allows display of simplistic messages and supports network traffic with a recovery service. The recovery service may be able to use the network traffic to locate the electronic device. The security module may include a secure memory, a cryptographic function, a timer, and support for direct display of data on a monitor.

Abstract: A computer is adapted for pay-for-use operation by adding a isolated computing environment to a standard computer. The isolated computing environment may include a trusted non-volatile memory, a digital signature verification capability, a clock or timer and a logic circuit for triggering execution of a validation program responsive to the clock or timer. The isolated computing environment may be protected from tampering by physical or cryptographic mechanisms, or both. The validation program measures or monitors for non-compliant states of the computer and may enforce sanctions when non-compliant states of the computer are detected.

Abstract: A navigation device includes a communication subsystem and a navigation subsystem. The communication subsystem communicates with a remote navigation database via a gateway using variable-size data payloads. Each variable-size data payload is accompanied by a content-identifier and a size-identifier. The navigation subsystem determines a current position of the navigation device and encodes the current position of the navigation device as one or more position payloads that are sent from the communication subsystem to the remote navigation database via the gateway. Each position payload is sent with an accompanying content-identifier and size-identifier.

Abstract: A processing unit for use in an electronic device includes standard instruction processing and communication interfaces and also includes functional capability in addition to or in place of those found in an operating system. A secure memory within the processing unit may contain a hardware identifier, policy data, and subsystem functions such as a secure clock, policy management, and policy enforcement. Data in functions within the secure memory are not accessible from outside the processing unit.

Abstract: A pay-per-use or pay-as-you-go computer uses a secure memory to store individual unique program identifiers. Each unique program identifier is associated with a particular hardware or software component, or service, or the entire computer available to a user. By combining the unique program identifier with a computer hardware identifier uniquely identified transactions may be tracked for both billing and reconciliation. Certificates associated with each unique program identifier, and coupled to the hardware identifier, provide a cryptographic basis for mutual verification of messages, requests, configuration instructions, and provisioning.

Abstract: A method is provided for prompting a user to perform PIM-related acts based on dynamic location data. The user's current location is received and a PIM item is selected from the user's PIM system. The user's current location is compared to the location of the selected PIM item. Based on the comparison, a suggested user fulfillment action for the PIM item is suggested to the user.

Abstract: A computer or other electronic device uses a cryptographic capability and hardware identifier to verify a provisioning packet for changing the mode of operation of the device or a licensed component. A secure memory stores the provisioning packet for future reference. A sequence number may be used to limit replay attacks. An exemplary use is conversion of a computer from metered use during a subscription period to unlimited use when the subscription terms have been satisfied.

Abstract: A navigation device includes a communication subsystem and a navigation subsystem. The communication subsystem communicates with a remote navigation database via a gateway using variable-size data payloads. Each variable-size data payload is accompanied by a content-identifier and a size-identifier. The navigation subsystem determines a current position of the navigation device and encodes the current position of the navigation device as one or more position payloads that are sent from the communication subsystem to the remote navigation database via the gateway. Each position payload is sent with an accompanying content-identifier and size-identifier.

Abstract: A pay-per-use or metered-use computer uses directives from an operating system or other software component to determine whether to meter or not. Because such directives may not be trustworthy, a metering system may determine a state of the computer to verify that the metering state complies with a policy. If the metering system determines that the power state is not in keeping with the metering state, the metering system may invoke a sanction, such as restarting metering or placing some or all of the computer in a standby power mode.

Abstract: A hardware-based security module is used to protect an electronic device, especially a portable electronic device. The security module may determine either via timeout of a watchdog timer or via an explicit message to encrypt selected data on the electronic device. In addition, the electronic device may enter a limited function mode that only allows display of simplistic messages and supports network traffic with a recovery service. The recovery service may be able to use the network traffic to locate the electronic device. The security module may include a secure memory, a cryptographic function, a timer, and support for direct display of data on a monitor.

Abstract: A computer or other electronic device may be used in one of several selectable modes of operation. Computer resources, such as a processor, memory, or a graphics controller, are individually settable for operation at different levels of performance. A mode of operation or performance level is determined by the combination of individual settings for the various resources. Pay-per-use operation is charged at a rate determined by the mode of operation or performance level. Operation in a gaming mode may be charged at a higher rate than operation in web-browsing mode. A metering agent may be associated with each scalable use resource to securely set the performance level and to securely report on metered operation of the resource.

Abstract: A computer with scalable performance level components and selectable software and service options has a user interface that allows individual performance levels to be selected. The scalable performance level components may include a processor, memory, graphics controller, etc. Software and services may include word processing, email, browsing, database access, etc. To support a pay-per-use business model, each selectable item may have a cost associated with it, allowing a user to pay for the services actually selected and that presumably correspond to the task or tasks being performed. An administrator may use a similar user interface to set performance levels for each computer in a network, allowing performance and cost to be set according to a user's requirements.

Abstract: A metered-use computer is operable in a number of states or modes to accommodate manufacture, test, operation and end-of-life. During manufacturing, a security module may be set to a non-metered mode, where no measurements are taken. At the end of the manufacturing process, the security module may be set to an active mode where metering and measurement of the computer are enforced. When terms of a purchase contract or other user agreement are satisfied, the computer may be set to a non-enforcement state where all metering and metering-related security are disabled. A one-time reset of the active mode is supported to allow end-of-line quality assurance testing.

Abstract: A security module manages authorization of additional computing resources, either additional processing power in a server, or additional servers in a server enclosure responsive to an authorized message. The authorized message may be generated at a management node and may include a provisioning license for use by the security module to set a duration for use of the additional computing resources. A baseboard management controller may be house the security module or each controllable resource may house an associated security module. The baseboard management controller may store the authorized message when the security module is not active and forward the message after the security module has been activated.

Abstract: A management console may be used to monitor available usage on a pay-per-use electronic device, such as a pay-per-use computer. When the management console determines that any of tie monitored electronic devices has reached a trigger level the management console may re-charge the electronic device with value. The value may be taken from a local pool of value stored at the management console or the an add-value transaction may be generated at the management console on behalf of the pay-per-use electronic device. In an Internet cafe or similar environment, the use of the management console shields individual users from usage purchase transactions for individual pay-per-use electronic devices.

Abstract: A pay-per-use business model relies on an accurate, or at least, un-tampered, time reference for the administration of prepaid usage time, e.g. hours, or subscription expiration dates. A protocol for provisioning usage requires that any electronic device request for provisioning includes current time at the device. A server responding to the request may evaluate the time at the device and send an updated time when the current time at the device is outside a variance limit. If the electronic device repeatedly sends requests with inaccurate time, the server may cease sending time updates and block the electronic device from further updates for suspected tampering.

Abstract: A method and apparatus for saving, retrieving, and adjusting metering data uses information about the period between saves of the metering data to non-volatile memory and other information, for example, a number of recovery events experienced by the computer. The retrieved metering data may be adjusted according to the number of recovery events so that more frequent power interruptions cause metering data adjustments to favor a service provider. The time between data saves may be altered to increase the difficulty of timing attacks. Information about the time between saves, or the period of the save cycle, may also be stored with the metering data for use in the metering data restoration process.

Abstract: To put developers or other user or administrative personnel on notice that IP rights exist corresponding to an interprocess message, a trademarked or copyrighted value may be included in an interprocess message and validated by a receiving process before acceptance of the message.