WO2009133554A2 - A system, device and method for deleting data from a remote electronic apparatus - Google Patents

A system, device and method for deleting data from a remote electronic apparatus Download PDF

Info

Publication number
WO2009133554A2
WO2009133554A2 PCT/IL2009/000450 IL2009000450W WO2009133554A2 WO 2009133554 A2 WO2009133554 A2 WO 2009133554A2 IL 2009000450 W IL2009000450 W IL 2009000450W WO 2009133554 A2 WO2009133554 A2 WO 2009133554A2
Authority
WO
WIPO (PCT)
Prior art keywords
data
electronic apparatus
theft device
security server
theft
Prior art date
Application number
PCT/IL2009/000450
Other languages
French (fr)
Other versions
WO2009133554A3 (en
Inventor
David Yiftach
Original Assignee
Rdd Data Security Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Rdd Data Security Ltd. filed Critical Rdd Data Security Ltd.
Publication of WO2009133554A2 publication Critical patent/WO2009133554A2/en
Publication of WO2009133554A3 publication Critical patent/WO2009133554A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss

Definitions

  • the present invention relates generally to the field of data protection, and specifically to a system, device and method for deleting data from a remote electronic apparatus using an intermediate data security server and an anti- theft device associated with the remote electronic apparatus.
  • Laptop theft is a significant threat to users of laptop computers. Many methods to protect the data and to prevent theft have been developed, including alarms, laptop locks, and visual deterrents such as stickers or labels. Victims can lose hardware, software, and essential data that have not been backed up. Thieves also may have access to sensitive data and personal information. Some systems authorize access based on credentials stored on the laptop including MAC addresses, web cookies, cryptographic keys and stored passwords. With the onset of the information age, laptops have become an invaluable resource to individuals and companies everywhere. The nature of portable laptops allows users to be productive while allowing for mobility. However, laptop theft has been on the rise, and as a result many organizations have found themselves victims of potential data breaches that affect their employees, their customers, and their reputations.
  • a stolen laptop often means loss of sensitive data stored on that machine, which is likely to lead to a risk of identity theft. According to the FBI, losses due to laptop theft totaled more than $6.7 million dollars in 2005. The Computer Security Institute/FBI Computer Crime & Security Survey found the average theft of a laptop to cost a company $89,000.
  • Additional electronic devices which may become lost or stolen include cellular phones, and digital cameras.
  • cellular phones and digital cameras.
  • lack of proper security precautions allows a thief to easily acquire such information as personal bookkeeping files, documents containing passwords, addresses, as well as employee and customer information stored on company laptops.
  • the present invention provides a system, device and method for remotely erasing data from an electronic device.
  • electronic apparatus from which data may be remotely erased using the invention, refers herein to any electrical device which may store data in digital format. The term is meant to include, but is not limited to, cellular phones, PDAs, desktop and laptop computers, and digital cameras.
  • the invention may be utilized to remotely erase data stored upon a hard drive, a Solid State Drive (also termed SSD or a RAM-drive), or other memory storage means associated with an electronic apparatus.
  • SSD Solid State Drive
  • RAM-drive RAM-drive
  • the system may include an anti-theft device and a data security server, which data security server may be adapted to (1) receive from a user a request to remotely delete data from a electronic apparatus and (2) send data to the anti-theft device, which data may trigger an erasure process of data on the electronic apparatus.
  • the anti-theft device may reside inside or outside the remote electronic apparatus.
  • the anti- theft device may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module.
  • the anti-theft device may be connected to the electronic apparatus's power source and to the electronic apparatus's storage devices (e.g. hard disk(s)).
  • the anti- theft device may receive data from a data security server data, which data may be initiating an erasure process.
  • the anti-theft device may initiate and operate an erasure process, which erasure process may erase the data permanently and with no option to restore the data.
  • the anti- theft device may check and monitor the status of the erasure process. Upon completion or failure of the erasure process the anti- theft device may notify the data security server of the erasure process status.
  • the anti- theft device may use the electronic apparatus's power source (i.e. battery) as its power source or may use its own power source (e.g. secondary power source).
  • the communication module may include a micro controller and a cellular module, which cellular module may include an antenna and a SIM card.
  • the received data from a data security server data may be an SMS, which SMS may be received and decoded by the cellular module.
  • the communication module may be adapted to send SMS's to the security data server.
  • the data security server may include: (1) a controller, (2) a web server, (3) a user interface module, (4) an SMS messaging server and (5) an authentication module.
  • the data security server may be adapted to receive from a user a request to delete data from a remote electronic apparatus.
  • the data security server may be adapted to send to the anti-theft device data, which data may initiate a data erasure process in the remote electronic apparatus.
  • the data security server may be adapted to receive from the anti-theft device a message indicating the status of the erasure process, upon receiving this message the data security server may inform the user of the completion/ failure of the erasure process.
  • the anti- theft device may be adapted to delete data from the associated electronic apparatus by bypassing a substantial portion of the electronic apparatus's operating system and not accessing directly the designated sectors to be deleted.
  • FIG. 1 is a schematic view of a system for remotely deleting data from an electronic apparatus in accordance with some embodiments of the present invention
  • Fig. 2A is a schematic block diagram of an anti-theft device connected to a computer and adapted to communicate with a messaging server in accordance with some embodiments of the present invention
  • Fig. 2B is a schematic block diagram of a communication module which may be adapted to communicate with a messaging server in accordance with some embodiments of the present invention
  • Fig. 3 is yet another schematic block diagram of an anti-theft device connected to a computer and adapted to communicate with a messaging server in accordance with some embodiments of the present invention
  • Fig. 4 is a schematic block diagram of a data security server adapted to authenticate a user and initiate a data erasure procedure on a remote computer in accordance with some embodiments of the present invention
  • Fig. 5 is a flow chart depicting the steps of an embodiment of the present invention which may be executed by a system for deleting data from a remote computer;
  • Fig. 6A and 6B are flow charts depicting the steps of an embodiment of the present invention which may be executed by an anti-theft device adapted to erase data from an associated computer upon receiving a message from a data security server;
  • Fig. 7 is a flow chart depicting the steps of an embodiment of the present invention which may be executed by a data security server adapted to transmit to an anti-theft device data which may initiate an erasure process.
  • Fig. 8 (8A-8R) comprises source codes exemplifying processes of the invention, including applications for the drive manager, and drive handler manager. It will be appreciated that for simplicity and clarity of illustration, elements shown in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity. Further, where considered appropriate, reference numerals may be repeated among the figures to indicate corresponding or analogous elements.
  • Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs) electrically programmable read-only memories (EPROMs), electrically erasable and programmable read only memories (EEPROMs), magnetic or optical cards, or any other type of media suitable for storing electronic instructions, and capable of being coupled to a computer system bus.
  • ROMs read-only memories
  • RAMs random access memories
  • EPROMs electrically programmable read-only memories
  • EEPROMs electrically erasable and programmable read only memories
  • magnetic or optical cards or any other type of media suitable for storing electronic instructions, and capable of being coupled to a computer system bus.
  • the system may include an anti-theft device and a data security server, which data security server may be adapted to (1) receive from a user a request to remotely delete data from a electronic apparatus and (2) send data to the anti-theft device, which data may trigger an erasure process of data on the electronic apparatus.
  • the anti- theft device may reside inside or outside the remote electronic apparatus.
  • the anti- theft device may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module.
  • a controller may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module.
  • a secondary power source e.g. backup power source
  • the anti-theft device may be connected to the electronic apparatus's power source and to the electronic apparatus's storage devices (e.g. hard disk(s)).
  • the anti- theft device may receive data from a data security server data, which data may be initiating an erasure process.
  • the anti-theft device may initiate and operate an erasure process, which erasure process may erase the data permanently and with no option to restore the data.
  • the number of erasure cycles performed by the invention is configurable upon installation of the device. In one presently preferred embodiment, the number of erasure cycles is within the range of 7-25 cycles. This number of erasure cycles ensures permanent erasure. In contrast, erasure programs known in the art do not ensure permanent erasure of data, and tend to perform 1-2 erasure cycles.
  • the anti-theft device may check and monitor the status of the erasure process. Upon completion or failure of the erasure process the anti- ⁇ theft device may notify the data security server of the erasure process status.
  • the anti-theft device may use the electronic apparatus' power source (i.e. battery) as its power source or may use its own power source (e.g. secondary power source). Inclusion of a secondary power source in the device, allows remote erasure of the data, independent of the operational status of the electronic apparatus. Namely, remote erasure may be triggered using the software and hardware of the device, whether the electronic apparatus is powered on or not.
  • the communication module preferably includes software and hardware allowing communication with the owner of the laptop, independent of whether the electronic apparatus is powered on by the thief.
  • the communication module may include a micro controller and a cellular module, which cellular module may include an antenna and a SIM card.
  • the received data from a data security server data may be an SMS, which SMS may be received and decoded by the cellular module.
  • the communication module may be adapted to send SMS's to the security data server.
  • the data security server may include: (1) a controller, (2) a web server, (3) a user interface module, (4) an SMS messaging server and (5) an authentication module.
  • the data security server may be adapted to receive from a user a request to delete data from a remote electronic apparatus.
  • the data security server may be adapted to send to the anti-theft device data, which data may initiate a data erasure process in the remote electronic apparatus.
  • the data security server may be adapted to receive from the anti-theft device a message indicating the status of the erasure process, upon receiving this message the data security server may inform the user of the completion/ failure of the erasure process.
  • the system may include a data security server, and one or more electronic apparatus which include an anti-theft device.
  • FIG. 1 several examples of electronic apparatus containing the anti-theft device of the invention are shown on the lower half of the figure. These include a desktop computer, a PDA, a mobile phone and a digital camera. A laptop computer is additionally shown at upper left of figure. A data security server (center of Figure) is included in the system of the invention, and may be contacted by a user via his cellular phone, in order to request deletion of sensitive data from a stolen or lost electronic apparatus. The functionality of the device and system shown in Fig.1 may best be described in conjunction with Fig.5.
  • FIGs. 2-7 refer to remote erasure of data from a stolen computer, this is merely for illustrative purposes, and there is no intention to limit the scope of the invention to this type of electronic apparatus. Rather, the invention may be utilized to remotely erase data from any electronic apparatus with which it is associated (electrically connected or installed therein).
  • a user may request a data security server to delete data from a remote computer (step 5000), an exemplary scenario may be when the user knows that his computer was stolen and wishes to deny access to secure data on the computer.
  • the data security server may send data to the anti-theft device of the remote computer, which data may trigger an erasure process within the remote computer (step 5100).
  • the anti-theft device may initiate a data erasure process (step 5200), which data erasure process may permanently erase secure data on the remote computer.
  • Secure data may be data which was predefined by the user as data that the anti- theft device has access to.
  • the anti theft device may constantly check and monitor the status of the erasure process and upon determining whether the erasure process was successful or failed, the anti-theft device may send to the data security server data (e.g. SMS) indicating the status of the erasure process (step 5300).
  • the data security server may notify (e.g. via SMS, email, phone call etc.) the user of the erasure process status.
  • the anti-theft device may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module.
  • the anti-theft device may be connected to the computer's power source and to the computer's storage devices (e.g. hard disk(s)).
  • the functionality of the block diagram in Fig's 2A and 3 may best be understood in conjunction with Fig's 6A and 6B.
  • Fig. 6A there is shown a flow chart depicting the steps of an anti-theft device in accordance with some embodiments of the present invention.
  • the anti- theft device may receive data from a data security server data, which data may trigger an erasure process (step 6000).
  • the anti-theft device may initiate and operate an erasure process, which erasure process may erase the data permanently and with no option to restore the data (step 6100).
  • the anti-theft device may check and monitor the status of the erasure process (step 6200). Upon completion or failure of the erasure process the anti- theft device may notify the data security server of the erasure process status (step 6300).
  • the anti-theft device may use the computers power source (i.e. battery) as its power source or may use its own power source (e.g. secondary power source).
  • the anti-theft device may include a sensing module which may sense parameters indicating whether the computer was stolen (step 6500), the sensing module may use different sensors such as motion sensors, shock sensors, GPS etc.
  • the anti-theft device may send data to a secured server (e.g. security data server) indicating that the computer was stolen (step 6600), and indicating the present location (GPS coordinates) of the computer.
  • a secured server e.g. security data server
  • the communication module may include a micro controller and a cellular module which includes an antenna and a SIM card.
  • the received data from a data security server data may be an SMS, which SMS may be received and decoded by the cellular module.
  • the communication module may be adapted to send SMS's to the security data server.
  • Fig. 4 there is shown an exemplary block diagram of a data security server in accordance with some embodiments of the present invention.
  • the data security server may include: (1) a controller, (2) a web server, (3) a user interface module, (4) an SMS messaging server and (5) an authentication module.
  • the functionality of the data security server may be described in conjunction with Fig. 7, there is shown a flow chart depicting the steps of an exemplary data security server in accordance with some embodiments of the present invention.
  • the data security server may be adapted to authenticate a user's details (step 7000) and receive a request to delete data from a remote computer (step 7100).
  • the data security server may be adapted to send to the anti- theft device data, which data may initiate a data erasure process in the remote computer (step 7200).
  • the data security server may be adapted to receive from the anti-theft device a message ("confirmation message") indicating the status of the erasure process, upon receiving this message the data security server may inform the user of the completion/ failure of the erasure process.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Telephone Function (AREA)
  • Storage Device Security (AREA)

Abstract

There is provided a system, device and method for permanently erasing data from a remote electronic apparatus. The system may include an anti-theft device and a data security server, which data security server may be adapted to (1) receive from a user a request to remotely delete data from a electronic apparatus and (2) send data to the anti-theft device, which data may trigger an erasure process of data on the electronic apparatus.

Description

A System, Device and Method for Deleting Data from a Remote Electronic Apparatus
FIELD OF THE INVENTION The present invention relates generally to the field of data protection, and specifically to a system, device and method for deleting data from a remote electronic apparatus using an intermediate data security server and an anti- theft device associated with the remote electronic apparatus.
BACKGROUND
Data theft is a growing problem primarily perpetrated by office workers with access to technology such as desktop computers and hand-held devices capable of storing digital information such as flash drives, iPods and even digital cameras. Since employees often spend a considerable amount of time developing contacts and confidential and copyrighted information for the company they work for they often feel they have some right to the information and are inclined to copy and/or delete part of it when they leave the company, or misuse it while they are still in employment. While most organizations have implemented firewalls and intrusion-detection systems very few take into account the threat from the average employee that copies proprietary data for personal gain or use by another company. A common scenario is where a sales person makes a copy of the contact database for use in their next job. Typically this is a clear violation of their terms of employment. Laptop theft is a significant threat to users of laptop computers. Many methods to protect the data and to prevent theft have been developed, including alarms, laptop locks, and visual deterrents such as stickers or labels. Victims can lose hardware, software, and essential data that have not been backed up. Thieves also may have access to sensitive data and personal information. Some systems authorize access based on credentials stored on the laptop including MAC addresses, web cookies, cryptographic keys and stored passwords. With the onset of the information age, laptops have become an invaluable resource to individuals and companies everywhere. The nature of portable laptops allows users to be productive while allowing for mobility. However, laptop theft has been on the rise, and as a result many organizations have found themselves victims of potential data breaches that affect their employees, their customers, and their reputations. A stolen laptop often means loss of sensitive data stored on that machine, which is likely to lead to a risk of identity theft. According to the FBI, losses due to laptop theft totaled more than $6.7 million dollars in 2005. The Computer Security Institute/FBI Computer Crime & Security Survey found the average theft of a laptop to cost a company $89,000.
Additional electronic devices which may become lost or stolen include cellular phones, and digital cameras. Depending on what is kept on a particular electronic device (such as a cellular phone, a digital camera or a laptop), lack of proper security precautions allows a thief to easily acquire such information as personal bookkeeping files, documents containing passwords, addresses, as well as employee and customer information stored on company laptops.
A number of computer security measures have emerged that aim at protecting intellectual data. The Kensington Security Slot along with a locking cable provides physical security against thefts of opportunity. Passwords provide a basic security measure for files stored on a laptop, though combined with disk encryption software they can reliably protect data against unauthorized access. Remote Laptop Security (RLS) is available to confidently secure data even when the laptop is not in the owner's possession. With Remote Laptop Security, the owner of a laptop can deny access rights to the stolen laptop from any computer with Internet access.
Another possible approach to limiting the consequences of laptop theft is to issue thin client devices to field employees instead of conventional laptops, so that all data will reside on the server and therefore may be less liable to loss or compromise. If a thin client is lost or stolen, it can easily and inexpensively be replaced. However, a thin client depends on network access to the server, which is not available aboard airliners or any other location without network access.
There is a need in the field of data security for an improved and efficient method and system for deleting data from a stolen electronic device.
SUMMARY OF THE INVENTION
The present invention provides a system, device and method for remotely erasing data from an electronic device. The term "electronic apparatus" from which data may be remotely erased using the invention, refers herein to any electrical device which may store data in digital format. The term is meant to include, but is not limited to, cellular phones, PDAs, desktop and laptop computers, and digital cameras. The invention may be utilized to remotely erase data stored upon a hard drive, a Solid State Drive (also termed SSD or a RAM-drive), or other memory storage means associated with an electronic apparatus.
According to some embodiments of the present invention, the system may include an anti-theft device and a data security server, which data security server may be adapted to (1) receive from a user a request to remotely delete data from a electronic apparatus and (2) send data to the anti-theft device, which data may trigger an erasure process of data on the electronic apparatus. According to some embodiments of the present invention, the anti-theft device may reside inside or outside the remote electronic apparatus. According to some embodiments of the present invention, the anti- theft device may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module. According to some embodiment of the present invention, the anti-theft device may be connected to the electronic apparatus's power source and to the electronic apparatus's storage devices (e.g. hard disk(s)). According to some embodiments of the present invention, the anti- theft device may receive data from a data security server data, which data may be initiating an erasure process. According to yet further embodiments of the present invention, the anti-theft device may initiate and operate an erasure process, which erasure process may erase the data permanently and with no option to restore the data. The anti- theft device may check and monitor the status of the erasure process. Upon completion or failure of the erasure process the anti- theft device may notify the data security server of the erasure process status. According to some embodiments of the present invention, the anti- theft device may use the electronic apparatus's power source (i.e. battery) as its power source or may use its own power source (e.g. secondary power source).
According to some embodiment of the present invention, the communication module may include a micro controller and a cellular module, which cellular module may include an antenna and a SIM card. According to some embodiments of the present invention, the received data from a data security server data may be an SMS, which SMS may be received and decoded by the cellular module. According to yet further embodiments of the present invention, the communication module may be adapted to send SMS's to the security data server.
According to some embodiments of the present invention, the data security server may include: (1) a controller, (2) a web server, (3) a user interface module, (4) an SMS messaging server and (5) an authentication module. According to some embodiments of the present invention, the data security server may be adapted to receive from a user a request to delete data from a remote electronic apparatus. According to yet further embodiments of the present invention, the data security server may be adapted to send to the anti-theft device data, which data may initiate a data erasure process in the remote electronic apparatus. According to yet further embodiments of the present invention, the data security server may be adapted to receive from the anti-theft device a message indicating the status of the erasure process, upon receiving this message the data security server may inform the user of the completion/ failure of the erasure process. According to some embodiments of the present invention, the anti- theft device may be adapted to delete data from the associated electronic apparatus by bypassing a substantial portion of the electronic apparatus's operating system and not accessing directly the designated sectors to be deleted.
BRIEF DESCRIPTION OF THE DRAWINGS
The subject matter regarded as the invention is particularly pointed out and distinctly claimed in the concluding portion of the specification. The invention, however, both as to organization and method of operation, together with objects, features, and advantages thereof, may best be understood by reference to the following detailed description when read with the accompanying drawings in which: Fig. 1 is a schematic view of a system for remotely deleting data from an electronic apparatus in accordance with some embodiments of the present invention;
Fig. 2A is a schematic block diagram of an anti-theft device connected to a computer and adapted to communicate with a messaging server in accordance with some embodiments of the present invention;
Fig. 2B is a schematic block diagram of a communication module which may be adapted to communicate with a messaging server in accordance with some embodiments of the present invention; Fig. 3 is yet another schematic block diagram of an anti-theft device connected to a computer and adapted to communicate with a messaging server in accordance with some embodiments of the present invention; Fig. 4 is a schematic block diagram of a data security server adapted to authenticate a user and initiate a data erasure procedure on a remote computer in accordance with some embodiments of the present invention; Fig. 5 is a flow chart depicting the steps of an embodiment of the present invention which may be executed by a system for deleting data from a remote computer;
Fig. 6A and 6B are flow charts depicting the steps of an embodiment of the present invention which may be executed by an anti-theft device adapted to erase data from an associated computer upon receiving a message from a data security server;
Fig. 7 is a flow chart depicting the steps of an embodiment of the present invention which may be executed by a data security server adapted to transmit to an anti-theft device data which may initiate an erasure process.
Fig. 8 (8A-8R) comprises source codes exemplifying processes of the invention, including applications for the drive manager, and drive handler manager. It will be appreciated that for simplicity and clarity of illustration, elements shown in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity. Further, where considered appropriate, reference numerals may be repeated among the figures to indicate corresponding or analogous elements.
DETAILED DESCRIPTION
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the present invention. Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "processing", "computing", "calculating", "determining", or the like, refer to the action and/or processes of a computer or computing system, or similar electronic device, that manipulate and/or transform data represented as physical, such as electronic, quantities within the electronic device's system's registers and/or memories into other data similarly represented as physical quantities within the computing system's memories, registers or other such information storage, transmission or display devices. Embodiments of the present invention may include apparatuses for performing the operations herein. This apparatus may be specially constructed for the desired purposes, or it may comprise general purpose electronic hardware selectively activated or reconfigured by a computer program stored in the electronic device. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs) electrically programmable read-only memories (EPROMs), electrically erasable and programmable read only memories (EEPROMs), magnetic or optical cards, or any other type of media suitable for storing electronic instructions, and capable of being coupled to a computer system bus. The processes and displays presented herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct a more specialized apparatus to perform the desired method. The desired structure for a variety of these systems will appear from the description below. In addition, embodiments of the present invention are not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the inventions as described herein. According to some embodiments of the present invention, there is provided a system, device and method for remotely erasing data from an electronic apparatus. According to some embodiments of the present invention, the system may include an anti-theft device and a data security server, which data security server may be adapted to (1) receive from a user a request to remotely delete data from a electronic apparatus and (2) send data to the anti-theft device, which data may trigger an erasure process of data on the electronic apparatus. According to some embodiments of the present invention, the anti- theft device may reside inside or outside the remote electronic apparatus.
According to some embodiments of the present invention, the anti- theft device may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module.
According to some embodiment of the present invention, the anti-theft device may be connected to the electronic apparatus's power source and to the electronic apparatus's storage devices (e.g. hard disk(s)). According to some embodiments of the present invention, the anti- theft device may receive data from a data security server data, which data may be initiating an erasure process.
According to yet further embodiments of the present invention, the anti-theft device may initiate and operate an erasure process, which erasure process may erase the data permanently and with no option to restore the data. Optionally, the number of erasure cycles performed by the invention is configurable upon installation of the device. In one presently preferred embodiment, the number of erasure cycles is within the range of 7-25 cycles. This number of erasure cycles ensures permanent erasure. In contrast, erasure programs known in the art do not ensure permanent erasure of data, and tend to perform 1-2 erasure cycles.
The anti-theft device may check and monitor the status of the erasure process. Upon completion or failure of the erasure process the anti- δ theft device may notify the data security server of the erasure process status. According to some embodiments of the present invention, the anti-theft device may use the electronic apparatus' power source (i.e. battery) as its power source or may use its own power source (e.g. secondary power source). Inclusion of a secondary power source in the device, allows remote erasure of the data, independent of the operational status of the electronic apparatus. Namely, remote erasure may be triggered using the software and hardware of the device, whether the electronic apparatus is powered on or not. Similarly, the communication module preferably includes software and hardware allowing communication with the owner of the laptop, independent of whether the electronic apparatus is powered on by the thief. According to some embodiment of the present invention, the communication module may include a micro controller and a cellular module, which cellular module may include an antenna and a SIM card. According to some embodiments of the present invention, the received data from a data security server data may be an SMS, which SMS may be received and decoded by the cellular module. According to yet further embodiments of the present invention, the communication module may be adapted to send SMS's to the security data server.
According to some embodiments of the present invention, the data security server may include: (1) a controller, (2) a web server, (3) a user interface module, (4) an SMS messaging server and (5) an authentication module. According to some embodiments of the present invention, the data security server may be adapted to receive from a user a request to delete data from a remote electronic apparatus. According to yet further embodiments of the present invention, the data security server may be adapted to send to the anti-theft device data, which data may initiate a data erasure process in the remote electronic apparatus. According to yet further embodiments of the present invention, the data security server may be adapted to receive from the anti-theft device a message indicating the status of the erasure process, upon receiving this message the data security server may inform the user of the completion/ failure of the erasure process.
Turning now to Fig.1 , there is shown a schematic diagram of a system for remotely deleting data from an electronic apparatus in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the system may include a data security server, and one or more electronic apparatus which include an anti-theft device.
Referring to Fig. 1 , several examples of electronic apparatus containing the anti-theft device of the invention are shown on the lower half of the figure. These include a desktop computer, a PDA, a mobile phone and a digital camera. A laptop computer is additionally shown at upper left of figure. A data security server (center of Figure) is included in the system of the invention, and may be contacted by a user via his cellular phone, in order to request deletion of sensitive data from a stolen or lost electronic apparatus. The functionality of the device and system shown in Fig.1 may best be described in conjunction with Fig.5.
Though Figs. 2-7 refer to remote erasure of data from a stolen computer, this is merely for illustrative purposes, and there is no intention to limit the scope of the invention to this type of electronic apparatus. Rather, the invention may be utilized to remotely erase data from any electronic apparatus with which it is associated (electrically connected or installed therein).
Referring now to Fig. 5, there is shown a flow chart depicting the steps of an exemplary system for remotely erasing data on a computer in accordance with some embodiments of the present invention. According to some embodiments of the present invention, a user may request a data security server to delete data from a remote computer (step 5000), an exemplary scenario may be when the user knows that his computer was stolen and wishes to deny access to secure data on the computer. According to further embodiments of the present invention, the data security server may send data to the anti-theft device of the remote computer, which data may trigger an erasure process within the remote computer (step 5100). According to some embodiments of the present invention, the anti-theft device may initiate a data erasure process (step 5200), which data erasure process may permanently erase secure data on the remote computer. Secure data may be data which was predefined by the user as data that the anti- theft device has access to. According to yet further embodiments of the present invention, the anti theft device may constantly check and monitor the status of the erasure process and upon determining whether the erasure process was successful or failed, the anti-theft device may send to the data security server data (e.g. SMS) indicating the status of the erasure process (step 5300). According to some embodiments of the present invention, upon receiving the status of the erasure process the data security server may notify (e.g. via SMS, email, phone call etc.) the user of the erasure process status.
Turning now to Figures 2A and 3 there are shown block diagrams of a system for remotely deleting data from a computer including a messaging server, a computer and an anti-theft device in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the anti-theft device may include: (1) a controller, (2) a communication module, (3) an erasure module, (4) a secondary power source (e.g. backup power source) and (5) a sensing module.
According to some embodiment of the present invention, the anti-theft device may be connected to the computer's power source and to the computer's storage devices (e.g. hard disk(s)). The functionality of the block diagram in Fig's 2A and 3 may best be understood in conjunction with Fig's 6A and 6B. Turning now to Fig. 6A, there is shown a flow chart depicting the steps of an anti-theft device in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the anti- theft device may receive data from a data security server data, which data may trigger an erasure process (step 6000). According to yet further embodiments of the present invention, the anti-theft device may initiate and operate an erasure process, which erasure process may erase the data permanently and with no option to restore the data (step 6100). The anti-theft device may check and monitor the status of the erasure process (step 6200). Upon completion or failure of the erasure process the anti- theft device may notify the data security server of the erasure process status (step 6300). According to some embodiments of the present invention, the anti-theft device may use the computers power source (i.e. battery) as its power source or may use its own power source (e.g. secondary power source). Turning now to Fig. 6B, there is shown a flow chart depicting the steps of an exemplary anti-theft device in accordance with yet further embodiments of the present invention. According to some embodiments of the present invention, the anti-theft device may include a sensing module which may sense parameters indicating whether the computer was stolen (step 6500), the sensing module may use different sensors such as motion sensors, shock sensors, GPS etc. according to yet further embodiments of the present invention, the anti-theft device may send data to a secured server (e.g. security data server) indicating that the computer was stolen (step 6600), and indicating the present location (GPS coordinates) of the computer.
Turning now to Fig.2B, there is shown an exemplary block diagram of a communication module which is a part of an anti-theft device in accordance with some embodiments of the present invention. According to some embodiment of the present invention, the communication module may include a micro controller and a cellular module which includes an antenna and a SIM card. According to some embodiments of the present invention, the received data from a data security server data may be an SMS, which SMS may be received and decoded by the cellular module. According to yet further embodiments of the present invention, the communication module may be adapted to send SMS's to the security data server. Turning now to Fig. 4, there is shown an exemplary block diagram of a data security server in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the data security server may include: (1) a controller, (2) a web server, (3) a user interface module, (4) an SMS messaging server and (5) an authentication module. The functionality of the data security server may be described in conjunction with Fig. 7, there is shown a flow chart depicting the steps of an exemplary data security server in accordance with some embodiments of the present invention. According to some embodiments of the present invention, the data security server may be adapted to authenticate a user's details (step 7000) and receive a request to delete data from a remote computer (step 7100). According to yet further embodiments of the present invention, the data security server may be adapted to send to the anti- theft device data, which data may initiate a data erasure process in the remote computer (step 7200). According to yet further embodiments of the present invention, the data security server may be adapted to receive from the anti-theft device a message ("confirmation message") indicating the status of the erasure process, upon receiving this message the data security server may inform the user of the completion/ failure of the erasure process.
While certain features of the invention have been illustrated and described herein, many modifications, substitutions, changes, and equivalents will now occur to those skilled in the art. It is, therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the true spirit of the invention.

Claims

What is claimed:
1. A system for permanently deleting data from a remote electronic apparatus, said system comprising a data security server and an anti- theft device, wherein the anti-theft device is adapted to delete data from an associated electronic apparatus.
2. The system according to claim 1 , wherein the anti-theft device is adapted to delete data from an associated electronic apparatus based on an initiating message received from the data security server.
3. The system according to claim 1 , wherein the anti-theft device is further adapted to detect the theft of the associated electronic apparatus.
4. The system according to claim 2, wherein the initiating message is triggered by a user.
5. The system according to claim 3, wherein the anti-theft device is adapted to transmit a message to the data security server indicating of the detected theft.
6. The system according to claim 1 , wherein the data security server comprises a controller, a web server, an authentication module and a user interface module.
7. The system according to claim 1 , wherein the anti-theft device comprises a controller, a communication module, a secondary power source, a sensing module and an erasure module.
8. The system according to claim 7, wherein the anti-theft device operates on power supplied only by the secondary power source.
. The system according to claim 1 , wherein the anti-theft device operates on power supplied only by the electronic apparatus's power source.
10. The system according to claim 1 , wherein the anti-theft device is adapted to delete data from an associated electronic apparatus by bypassing a substantial portion of the electronic apparatus's operating system.
11.The system according to claim 1 , wherein said electronic apparatus is selected from one of the following: a desktop computer, a laptop computer, a mobile phone, a PDA (personal digital assistant), or a digital camera.
12. An anti-theft device for permanently deleting data from a remote electronic apparatus, wherein the anti-theft device is adapted to delete data from an associated electronic apparatus.
13. The device according to claim 12, wherein the anti-theft device is adapted to delete data from an associated electronic apparatus based on an initiating message received from a data security server.
14. The device according to claim12, wherein the anti-theft device is further adapted to detect the theft of the associated electronic apparatus.
15. The device according to claim 13, wherein the initiating message is triggered by a user.
16. The device according to claim 14, wherein the anti-theft device is adapted to transmit a message to a data security server indicating of the detected theft.
17. The device according to claim 12, further comprising a controller, a communication module, a secondary power source, a sensing module and an erasure module.
18. The device according to claim 17, wherein the anti-theft device operates on power supplied only by the secondary power source.
19. The device according to claim12, wherein the anti-theft device operates on power supplied only by the electronic apparatus's power source.
20. A method for permanently deleting data from a remote electronic apparatus, comprising the steps of: a. transmitting a request to a data security server; b. transmitting an initiating message to an anti-theft device; c. initiate data erasure process; and d. notifying the data security server of the erasure process status.
21. The method according to claim 20, further comprising the step of monitoring the data erasure process.
22. The method according to claim 20, further comprising the steps of: a. sensing parameters which may indicate that the electronic apparatus is stolen; and b. notifying a data security server.
23. The method according to claim 20, wherein said data erasure process initiated in step (c) comprises multiple erasure cycles for ensuring permanent erasure.
24. The method according to claim 23, wherein the number of said erasure cycles is configurable.
25. The method according to claim 23, wherein the number of said erasure cycles is 7-25 cycles.
6. Computer readable storage medium comprising software capable of performing the method of claim 20.
PCT/IL2009/000450 2008-05-01 2009-04-27 A system, device and method for deleting data from a remote electronic apparatus WO2009133554A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IL191204 2008-05-01
IL191204A IL191204A0 (en) 2008-05-01 2008-05-01 A system device and method for deleing data from a remote computer

Publications (2)

Publication Number Publication Date
WO2009133554A2 true WO2009133554A2 (en) 2009-11-05
WO2009133554A3 WO2009133554A3 (en) 2010-03-18

Family

ID=41255502

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2009/000450 WO2009133554A2 (en) 2008-05-01 2009-04-27 A system, device and method for deleting data from a remote electronic apparatus

Country Status (2)

Country Link
IL (1) IL191204A0 (en)
WO (1) WO2009133554A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103809967A (en) * 2012-11-08 2014-05-21 国际商业机器公司 Application and data removal system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5987609A (en) * 1996-10-03 1999-11-16 Kabushiki Kaisha Toshiba System for remotely securing/locking a stolen wireless device via an Email message
US6370606B1 (en) * 1998-11-05 2002-04-09 Compaq Computer Corporation System and method for simulating hardware interrupts in a multiprocessor computer system
US20020130769A1 (en) * 2001-03-13 2002-09-19 Junichi Yamagishi Vehicle management system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5987609A (en) * 1996-10-03 1999-11-16 Kabushiki Kaisha Toshiba System for remotely securing/locking a stolen wireless device via an Email message
US6370606B1 (en) * 1998-11-05 2002-04-09 Compaq Computer Corporation System and method for simulating hardware interrupts in a multiprocessor computer system
US20020130769A1 (en) * 2001-03-13 2002-09-19 Junichi Yamagishi Vehicle management system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103809967A (en) * 2012-11-08 2014-05-21 国际商业机器公司 Application and data removal system
CN103809967B (en) * 2012-11-08 2017-03-01 国际商业机器公司 Application data removes system

Also Published As

Publication number Publication date
IL191204A0 (en) 2009-08-03
WO2009133554A3 (en) 2010-03-18

Similar Documents

Publication Publication Date Title
US11917397B2 (en) Method and apparatus for protecting data in a portable electronic device
EP2223253B1 (en) Systems, methods, and apparatuses for erasing memory on wireless devices
US8995668B2 (en) Privacy management for tracked devices
EP3161645B1 (en) Fast data protection using dual file systems
US8688980B2 (en) Trust verification schema based transaction authorization
US20100090831A1 (en) Electronic device with radio frequency identification (RFID) technology
US20130191887A1 (en) Social network based trust verification Schema
CN107533624B (en) Detecting and preventing illegal use of devices
US20140059671A1 (en) Device identification for externalizing password from device coupled with user control of external password service
WO2012170489A2 (en) Situation aware security system and method for mobile devices
US20090251318A1 (en) Anti-theft system of mobile device
JP2014521269A (en) Method and apparatus for detecting and handling lost electronic devices
US20110093958A1 (en) Secure Data Storage Apparatus and Method
US20150094023A1 (en) Retroactively Securing a Mobile Device From a Remote Source
WO2009094213A1 (en) Secure platform management device
EP2243238A2 (en) System and method for contextual and behavioral based data access control
CN110402440B (en) Segmented key authentication system
US20120023589A1 (en) Recovering Data In A Storage Medium Of An Electronic Device That Has Been Tampered With
US20140354398A1 (en) Authenticating and Tracking a Valuable Asset Within the Confines of a Safe
WO2009133554A2 (en) A system, device and method for deleting data from a remote electronic apparatus
Bhomia et al. Anti-theft hybrid solution for tracking & locating mobile devices with data security
US20140189857A1 (en) Method, system, and apparatus for securely operating computer
Bărbuceanu et al. Data Protection Device
KR101238818B1 (en) System and method for dealing with a robbery of a mobile terminal using two numbers
TW200812332A (en) Alarm protecting system and method for guarding against burglary

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09738567

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09738567

Country of ref document: EP

Kind code of ref document: A2