Abstract: A pay-per-use computer, or other electronic device that uses local security, may use a security module or other circuit for monitoring and enforcement of a usage policy. To help prevent physical attacks on the security module, or the circuit board near the security module, a second circuit may be mounted over the security module to help prevent access to the security module. Both circuits may be mounted on a interposer and the interposer mounted to the circuit board, creating a stack including the first circuit, the interposer, the security module, and a main PC board. When the PC board includes dense signal traces under the security module a three dimensional envelope is created around the security module. When the first circuit is a high value circuit, such as a Northbridge, the risk/reward of attacking the security module is increased substantially and may deter all but the most determined hackers.

Abstract: A security module for a pay-per-use computer supplies an appropriate BIOS for a given mode of operation. A power manager in the security module powers only essential circuits until the BIOS is operational to help prevent substitution of a non-authorized BIOS. The security module also includes a capability to monitor and restrict data lines on a bus between a main computer processor and computer system memory. When the computer is operating in a restricted use mode, data lines may be restricted to allow only minimal access to the computer system memory. Bus transactions may be monitored to ensure that only valid transactions are occurring and are within the designated memory space.

Abstract: A display device for use with a computer adapted for operation in an unrestricted use mode and a limited function mode and a method for enforcing a limited function mode display is disclosed. The display device enters a limited function mode when a condition of non-compliance with an operating policy is discovered by the computer. Additionally, the display device may also enter a limited function mode upon powering up or when connections to the computer and/or selected components of the display are disabled or disconnected. When in the limited function mode, the display may support a limited function interface for use in correcting the condition of non-compliance.

Abstract: A pay-per-use computer, or other electronic device that uses local security, may use a security module or other circuit for monitoring and enforcement of a usage policy. To help prevent physical attacks on the security module, or the circuit board near the security module, a second circuit may be mounted over the security module to help prevent access to the security module. Both circuits may be mounted on a interposer and the interposer mounted to the circuit board, creating a stack including the first circuit, the interposer, the security module, and a main PC board. When the PC board includes dense signal traces under the security module a three dimensional envelope is created around the security module. When the first circuit is a high value circuit, such as a Northbridge, the risk/reward of attacking the security module is increased substantially and may deter all but the most determined hackers.

Abstract: An SPI switch allows selection of a BIOS memory transparent to a Southbridge chipset component. The SPI switch provides address translation to a selected BIOS memory area under the control of a security module processor. The SPI switch also provides command filtering to prevent commands that represent a security risk such as bulk erase commands. Because the SPI switch allows transparent redirection between BIOS programs, booting in different operating modes may be supported without any changes to the basic computer architecture or major chipset components.

Abstract: A display device for use with a computer adapted for operation in an unrestricted use mode and a limited function mode and a method for enforcing a limited function mode display is disclosed. The display device enters a limited function mode when a condition of non-compliance with an operating policy is discovered by the computer. Additionally, the display device may also enter a limited function mode upon powering up or when connections to the computer and/or selected components of the display are disabled or disconnected. When in the limited function mode, the display may support a limited function interface for use in correcting the condition of non-compliance.

Abstract: A security module for a pay-per-use computer supplies an appropriate BIOS for a given mode of operation. A power manager in the security module powers only essential circuits until the BIOS is operational to help prevent substitution of a non-authorized BIOS. The security module also includes a capability to monitor and restrict data lines on a bus between a main computer processor and computer system memory. When the computer is operating in a restricted use mode, data lines may be restricted to allow only minimal access to the computer system memory. Bus transactions may be monitored to ensure that only valid transactions are occurring and are within the designated memory space.