EP0740037A1 - Security device - Google Patents

Security device Download PDF

Info

Publication number
EP0740037A1
EP0740037A1 EP19950302889 EP95302889A EP0740037A1 EP 0740037 A1 EP0740037 A1 EP 0740037A1 EP 19950302889 EP19950302889 EP 19950302889 EP 95302889 A EP95302889 A EP 95302889A EP 0740037 A1 EP0740037 A1 EP 0740037A1
Authority
EP
European Patent Office
Prior art keywords
security device
security
signal
means
device according
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP19950302889
Other languages
German (de)
French (fr)
Inventor
Graeme John Proudler
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HP Inc
Original Assignee
HP Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HP Inc filed Critical HP Inc
Priority to EP19950302889 priority Critical patent/EP0740037A1/en
Publication of EP0740037A1 publication Critical patent/EP0740037A1/en
Application status is Withdrawn legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08BSIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
    • G08B13/00Burglar, theft or intruder alarms
    • G08B13/02Mechanical actuation
    • G08B13/14Mechanical actuation by lifting or attempted removal of hand-portable articles
    • G08B13/1409Mechanical actuation by lifting or attempted removal of hand-portable articles for removal detection of electrical appliances by detecting their physical disconnection from an electrical system, e.g. using a switch incorporated in the plug connector
    • G08B13/1418Removal detected by failure in electrical connection between the appliance and a control centre, home control panel or a power supply

Abstract

A security device 16 for deterring theft of the equipment 10 into which it is incorporated is embedded in an ASIC 11 which controls many of the functions of the equipment 10. The security device periodically implements a challenge/response routine with a remote security centre 20. If the appropriate response is not received, the security device 16 disables the ASIC 11, so that the equipment 10 does not operate properly. On detecting theft of the equipment 10 the user contacts the security centre to hold the response when next challenged.

Description

    FIELD OF THE INVENTION
  • This invention relates to a security device for deterring theft of the apparatus or equipment to which it is fitted or into which it is incorporated.
  • BACKGROUND TO THE INVENTION
  • Various proposals exist to render stolen equipment inoperable and thus prevent use by the thief. Some automobile audio systems include a feature whereby on interruption of the power supply, for example due to temporary or permanent removal from the automobile, the audio system will not function properly until a code is keyed in. There also exist schemes in which an automobile is fitted with an immobiliser which is activated on receipt of an instruction from a remote security centre. Elsewhere it has been proposed to provide electronic goods such as televisions, video tape recorders, etc with a disabling unit which can be activated by a remote control station.
  • However, these latter systems all require the remote control station to issue a signal instructing immobilisation or disablement, and so are not effective if the stolen equipment is taken outside the range of the remote station, or if communication with the remote unit is deliberately or otherwise broken. Furthermore, the security of these systems may be circumvented by the reasonably knowledgeable crook by by-passing the disabling unit or immobiliser.
  • SUMMARY OF THE INVENTION
  • We have designed a system in which the equipment to which the security device is fitted periodically initiates a validation routine which, to be completed successfully, requires a specific instruction signal from a security station.
  • Accordingly, in one aspect, this invention provides a security device for use with apparatus and for allowing continued operation of said apparatus dependent on a specific instruction signal from a security station, said device including signal receiving means for receiving a specific instruction signal from said security station and interrupt means responsive to said signal receiving means in a validation routine for inhibiting, preventing, or interfering with operation of said apparatus if said specific instruction signal is not received.
  • Thus in this device, if the owner has notified the security station that the apparatus has been stolen, the security station will ensure that the appropriate instruction is not transmitted in the next validation routine and so the apparatus will not function properly thereafter. Also, if for any reason the apparatus is not in communication with the remote centre during a validation routine, it will not function properly.
  • In a simple system there may be only one-way communication from the remote centre to the security device, to provide just the required specific instruction signal, with the initiation of the validation routine being effected indirectly, perhaps by the device alerting the owner to contact the remote station by telephone. However it is preferred for this to be done automatically, with the security device including signal transmitting means for transmitting a challenge signal to request said security station to transmit said specific instruction signal.
  • The device preferably implements a challenge/response routine, whereby the specific instruction signal issued by said security station is a specific response to said challenge signal, and the security device includes means for authenticating said specific response signal.
  • The challenge and response signals are preferably encrypted on transmission and decrypted on receipt. The security device preferably includes secure memory means, such as a Write Once Read Many (WORM) memory accessible only internally by the security device for storing one or more keys for use in the encryption/decryption process. The encryption/decryption process may be any one of several suitable types, for example public key or symmetric key systems.
  • Preferably, communication between said security device and said security station is via a communications network, and said challenge signal includes data identifying the network address of said security device, whereby the security centre may determine the logical location of a security device, and send the response signal to that location.
  • The security device is preferably incorporated in an integrated circuit which in use exerts at least a major part of the control function of the equipment. As integrated circuit technology develops further, so more and more functionality is integrated into larger and larger chips, and preferred embodiments take advantage of this by incorporating the security device into an application specific integrated circuit (ASIC) together with circuits representing most of the functionality of the equipment. This provides an important level of security as it is extremely difficult, if not virtually impossible, for someone to circumvent the security device, at least at economically realistic levels.
  • A further point is that it is highly desirable that a security system does not interfere with routine maintenance and repair of equipment, for example by restricting supply of replacement chips to legitimate owners or service personnel. Thus, if the security device is securely embedded into the ASIC, ready availability of replacement ASICs should not significantly degrade security of the system, because by their design the replacement ASICs will also require periodic permission from the security station, to function properly.
  • There are various ways of ensuring that the security device checks routinely for an instruction signal from the security station. Thus, if the apparatus is connected to power permanently or for long periods, the device preferably includes a timer and initiates a validation routine each time the timer times out. Alternatively, or in addition, where the apparatus is operated for shorter periods, the device may include a non volatile counter means which increments each time the apparatus is operated or powered up, the device initiating a validation routine every time the counter means reaches a predetermined number or multiple thereof.
  • Communication between the security device and the security station may be set up in a variety of ways. For apparatus such as a video tape recorder which is semi-permanently located, communications may be via the plain old telephone system (POTS). For other applications, e.g. with mobile equipment or vehicles, communication may be via a cellular telephone network, radio, infra-red data links and so on, or combinations of these, and suitable communication systems will be apparent to those skilled in the art.
  • Whilst the invention has been described above, it extends to any inventive combination of the features set out above or in the following description.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The invention may be performed in various ways and, by way of example only, an embodiment thereof will now be described in detail, reference being made to the accompanying drawings, in which:-
  • Figure 1
    is a schematic diagram of equipment fitted with an embodiment of security device in accordance with this invention, and
    Figure 2
    is a flow chart showing the operation of the security device of Figure 1.
    DESCRIPTION OF THE PREFERRED EMBODIMENT
  • In this example, the security device 16 is incorporated in a video tape recorder (VTR) 10, semi-permanently connected to a power supply by lead 12. The VTR 10 follows conventional design except that most of the functionality of the apparatus is integrated into an application specific integrated circuit (ASIC) 11. Thus the ASIC has a collection of functional circuit elements 14 which control most of the mechanical and electrical functions such as tape and cassette transport, tuning, programming, timing, etc operations, to the extent that the VTR 10 has minimal resale value without a fully functional ASIC 11. The ASIC 11 also includes a security device 16 which is capable of disrupting operation of at least some of the functional circuit elements 14, if certain security conditions are not met, to be described in further detail below. The disruption may take the form of inhibiting some or all of the responses to controls and disabling some or all outputs of the functional circuit elements. This may be done, for example, by forcing internal signals to a quiescent state, removal of scanning waveforms, forcing incoming control signals to their quiescent state, forcing outputs to their quiescent sate, removing clock or power from certain internal circuits, or stopping a microprocessor from executing normal operations by the use of a conditional test input or interrupt input. These actions may be forced at various functional circuit elements 14 within the ASIC 11 by control signals. ASIC conductors are usually difficult to isolate and it is usually difficult to make an electrical connection to those conductors. However, in this embodiment they may be buried within the volume of the ASIC 11, so that they cannot be accessed without irreparably damaging other elements of the ASIC 11, further to enhance security.
  • There may be multiple conductors, each providing the permission signal to different functional circuit elements 14, each driven by a separate buried buffer from within the security device, so that multiple connections must be made to override the 'stop' signal. Each functional circuit element may contain a communication element for communication with the security device 16, such that each communication element may requires a waveform, rather than a simple logic level, to allow operation. Each communication element may require a different waveform so that active inputs, rather than logic levels, are required to override the 'stop' signal. Thus the level of complexity, and thus immunity to interference may be selected according to the level of perceived threat.
  • Although for ease of illustration the functional circuit elements 14 are shown discrete from the security device 16, in practice the circuit elements may be interspersed, to minimize the possibility of successfully circumventing the operation of the security device 16, as discussed above.
  • The security device 16 has a transceiver 18, capable of transmitting and receiving signals to and from a remote security centre 20, by any suitable communication medium, here the POTS system. Although shown on the ASIC 11, the transceiver 18 may be separate. The security device 16 also includes circuitry 22 for implementing a challenge/response scheme based on cryptographic techniques, and storing the associated encryption data. Such encryption systems are well known, see for example page 357 - "Peer Entity Authentication" in "Security for Computer Networks" Davies and Price, John Wiley and Sons, 2nd Edition, 1989, and ISO 9798 "Peer Entity Authentication Mechanism Using An n-bit Secret Key". There are many possible challenge/response mechanisms. They are of varying degrees of complexity, but the general basis is for the security device 16 to obtain a random number, encrypt it using a first key, K1, and send it to the remote security centre 20. This is the challenge. The remote security centre 20 decrypts the challenge with the key K1, encrypts it with a second key, K2, and sends it back to the security device. This is the response. The security device decrypts the response with key K2 and checks that the decrypted number is the same as the original random number. This proves to the security device that the message came from an entity with knowledge of the keys K1 and K2, presumed to be the remote security centre 20. The remote security centre 20 provides the response only if the security device 16 is authorized to continue operation. Thus encryption systems such as public key, symmetric key etc. may be used.
  • The security device 16 also includes power-up detect circuitry 24 which detects power up of the ASIC 11, a timer 26 and a non-volatile counter 28. The ASIC 11 contains a write once read many memory (WORM), which is preferably a fusible link device, although it could be an EPROM in a non-transparent package.
  • The remote security centre 20 serves many units in an area and includes a transceiver 27 for transmitting and receiving signals to and from the units containing the ASIC 11 via the POTS system. It also includes circuitry 30 for implementing cryptographic techniques and for storing the associated encryption data, and an operator interface 32 which allows the operator to prevent transmission of response signals to a selected unit, if that unit has been identified as stolen.
  • In operation of the system, when leaving the factory, the ASIC 11 is programmed with a key pair preferably in the WORM and the associated key pair is registered with a central agency which runs the remote security centre 20. Referring to Figure 2, when the VTR 10 is turned on, the non-volatile counter 28 is incremented and the device determines whether the counter has reached the predetermined number or a multiple thereof (Steps 40, 42).
  • If the counter 28 has reached the number or a multiple, the device initiates a validation routine by calling up the remote security centre 20, issuing a challenge and requesting a response using the encryption and decryption steps referred to above. Unless the remote security centre 20 has been advised that the VTR 10 has been stolen, the centre will respond with a response which is then checked by the security device 16 to ensure that it is as expected and, if so, the device allows the VTR 10 to continue to operate. The timer 26 and counter 28 are then reset at step 44, and the device goes into a timed routine 46.
  • If the VTR 10 has been disconnected from the communication medium, or the remote security centre 20 has been alerted not to send the response, non-arrival of the response triggers the safety device 16 at step 48 to stop normal operation of the VTR 10 using one of the disruption techniques described above, and to wait for possible manual initiation of the validation routine.
  • If on detection of power up, the counter 28 does not reach the preset number, then it goes into the timed routine 46. Here the timer 26 runs until it times out, whereupon the security device 16 initiates the validation routine by calling up the remote centre 20.
  • As soon as a legitimate owner becomes aware of the theft of equipment incorporating the security device 16, he calls up the agency running the remote security centre 20 which, after appropriate checks, instructs the remote security centre not to send any response signal to the stolen equipment. The equipment, even if connected to the appropriate communication medium, will become non-functional and of minimal resale value when the security device is triggered by non-arrival of the response signal.
  • As a development of this system, the challenge issued by the security device 16 may include data representing the identity or location of the user, such as the source network address of the security device (for example the user's telephone number, if communications are via the POTS). The remote security centre 20 would then send the response back to that same network address, possibly after a deliberate break in communication. This would allow the remote security centre 20 to monitor the logical location of the security device 16, and possibly provide a tracking facility.

Claims (11)

  1. A security device for use with apparatus and for allowing continued operation of said apparatus dependent on a specific instruction signal from a security station, said device including signal receiving means for receiving a specific instruction signal from said security station and interrupt means responsive to said signal receiving means in a validation routine for inhibiting, preventing, or interfering with operation of said apparatus if said specific instruction signal is not received.
  2. A security device according to Claim 1, wherein said security device includes signal transmitting means for transmitting a challenge signal, to request said security station to transmit said specific instruction signal.
  3. A security device according to Claim 2, wherein in use said security device and said security station communicate via a communications network, and said challenge signal includes data identifying the network address of said security device.
  4. A security device according to any preceding Claim, wherein said specific instruction signal from said security station comprises a specific response signal to said challenge signal, and said security device includes means for authenticating said specific response signal.
  5. A security device according to Claim 4, including means for encrypting said challenge signal.
  6. A security device according to Claim 4 or Claim 5, wherein said specific response is in encrypted form, and said device includes means for decrypting said specific response.
  7. A security device according to Claim 5 or Claim 6, including a secure memory for storing one or more keys for said encryption process.
  8. A security device according to any preceding Claim, wherein said interrupt means is incorporated in an integrated circuit which also contains circuitry which exerts a control function in the apparatus.
  9. A security device according to Claim 8, wherein said integrated circuit contains at least a major part of the control function of the apparatus.
  10. A security device according to any preceding Claim, wherein said security device includes timer means which, on timing out, initiates said validation routine.
  11. A security device according to any preceding Claim, wherein said security device includes power-up detection means for detecting power-up of said apparatus, and non-volatile counter means for being incremented at each power-up and for initiating said validation routine when the count on said counter means reaches a predetermined number or multiple thereof.
EP19950302889 1995-04-28 1995-04-28 Security device Withdrawn EP0740037A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP19950302889 EP0740037A1 (en) 1995-04-28 1995-04-28 Security device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP19950302889 EP0740037A1 (en) 1995-04-28 1995-04-28 Security device
JP8107191A JPH08305461A (en) 1995-04-28 1996-04-26 Security device

Publications (1)

Publication Number Publication Date
EP0740037A1 true EP0740037A1 (en) 1996-10-30

Family

ID=8221178

Family Applications (1)

Application Number Title Priority Date Filing Date
EP19950302889 Withdrawn EP0740037A1 (en) 1995-04-28 1995-04-28 Security device

Country Status (2)

Country Link
EP (1) EP0740037A1 (en)
JP (1) JPH08305461A (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998004967A1 (en) * 1996-07-25 1998-02-05 Peter David Collins Immobilisation protection system for electronic components
WO2000070564A1 (en) * 1999-04-29 2000-11-23 Uwe Luboch Method and device for interrupting the operation of a device and use of said method or said device
WO2001025884A1 (en) * 1999-10-07 2001-04-12 Critical Devices, Inc. Method and system for device tracking
US6477667B1 (en) 1999-10-07 2002-11-05 Critical Devices, Inc. Method and system for remote device monitoring
US6636983B1 (en) 1999-10-07 2003-10-21 Andrew E. Levi Method and system for uniform resource locator status tracking
US6658585B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for simple network management protocol status tracking
US6658586B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for device status tracking
US6833787B1 (en) 1999-10-07 2004-12-21 Asap Software Express, Inc. Method and system for device tracking
US6950946B1 (en) * 1999-03-30 2005-09-27 International Business Machines Corporation Discovering stolen or lost network-attachable computer systems
EP1983461A2 (en) 2007-04-18 2008-10-22 Hitachi, Ltd. External storage apparatus and method of preventing information leakage
US7945709B2 (en) 1994-11-15 2011-05-17 Absolute Software Corporation Security apparatus and method
US8601606B2 (en) 2002-11-25 2013-12-03 Carolyn W. Hafeman Computer recovery or return
US9547780B2 (en) 2005-03-28 2017-01-17 Absolute Software Corporation Method for determining identification of an electronic device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2843819B1 (en) 2002-08-21 2006-11-10 Thomson Licensing Sa Electrical apparatus Secure against theft, anti-theft system comprising such an apparatus and method for pairing electrical appliances

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0135783A2 (en) * 1983-08-18 1985-04-03 Nec Corporation Radio communication apparatus disabled on reception of a predetermined signal
US4794268A (en) * 1986-06-20 1988-12-27 Nissan Motor Company, Limited Automotive keyless entry system incorporating portable radio self-identifying code signal transmitter
DE3927024A1 (en) * 1988-08-16 1990-02-22 Nissan Motor Schluessellose preventing apparatus, in particular for locking and unlocking of kraftfahrzeugtueren
EP0387581A2 (en) * 1989-03-11 1990-09-19 Blaupunkt-Werke GmbH Arrangement for protecting vehicles against theft
GB2262640A (en) * 1991-12-21 1993-06-23 Intelligent Locking Sys Ltd Security installation and operating method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0135783A2 (en) * 1983-08-18 1985-04-03 Nec Corporation Radio communication apparatus disabled on reception of a predetermined signal
US4794268A (en) * 1986-06-20 1988-12-27 Nissan Motor Company, Limited Automotive keyless entry system incorporating portable radio self-identifying code signal transmitter
DE3927024A1 (en) * 1988-08-16 1990-02-22 Nissan Motor Schluessellose preventing apparatus, in particular for locking and unlocking of kraftfahrzeugtueren
EP0387581A2 (en) * 1989-03-11 1990-09-19 Blaupunkt-Werke GmbH Arrangement for protecting vehicles against theft
GB2262640A (en) * 1991-12-21 1993-06-23 Intelligent Locking Sys Ltd Security installation and operating method

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7945709B2 (en) 1994-11-15 2011-05-17 Absolute Software Corporation Security apparatus and method
WO1998004967A1 (en) * 1996-07-25 1998-02-05 Peter David Collins Immobilisation protection system for electronic components
US6950946B1 (en) * 1999-03-30 2005-09-27 International Business Machines Corporation Discovering stolen or lost network-attachable computer systems
WO2000070564A1 (en) * 1999-04-29 2000-11-23 Uwe Luboch Method and device for interrupting the operation of a device and use of said method or said device
US6477667B1 (en) 1999-10-07 2002-11-05 Critical Devices, Inc. Method and system for remote device monitoring
US6636983B1 (en) 1999-10-07 2003-10-21 Andrew E. Levi Method and system for uniform resource locator status tracking
US6658585B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for simple network management protocol status tracking
US6658586B1 (en) 1999-10-07 2003-12-02 Andrew E. Levi Method and system for device status tracking
WO2001025884A1 (en) * 1999-10-07 2001-04-12 Critical Devices, Inc. Method and system for device tracking
US6833787B1 (en) 1999-10-07 2004-12-21 Asap Software Express, Inc. Method and system for device tracking
US8601606B2 (en) 2002-11-25 2013-12-03 Carolyn W. Hafeman Computer recovery or return
US9547780B2 (en) 2005-03-28 2017-01-17 Absolute Software Corporation Method for determining identification of an electronic device
EP1983461A3 (en) * 2007-04-18 2008-11-19 Hitachi, Ltd. External storage apparatus and method of preventing information leakage
EP1983461A2 (en) 2007-04-18 2008-10-22 Hitachi, Ltd. External storage apparatus and method of preventing information leakage
US8065523B2 (en) 2007-04-18 2011-11-22 Hitachi, Ltd. External storage apparatus and method of preventing information leakage

Also Published As

Publication number Publication date
JPH08305461A (en) 1996-11-22

Similar Documents

Publication Publication Date Title
US6173172B1 (en) System and method for preventing the unauthorized use of a mobile communication device
US4438824A (en) Apparatus and method for cryptographic identity verification
US4962449A (en) Computer security system having remote location recognition and remote location lock-out
CA2737868C (en) A system and methods for assignation and use of media content subscription service privileges
KR101269955B1 (en) Method and apparatus for creating a remotely activated secure backup service for mobile handsets
US6026293A (en) System for preventing electronic memory tampering
US4882752A (en) Computer security system
US5708712A (en) Vehicle security device with electronic use authorization coding
CN1155171C (en) System for preventing mobile telephone from being used illegally
EP1374613B1 (en) Securing information in memory of an electronic device
US8232862B2 (en) Biometrically authenticated portable access device
EP0732850B1 (en) Functionally modifiable cable television converter system
US5398285A (en) Method for generating a password using public key cryptography
US6731195B2 (en) Tamper-resistant theft deterrent method and system
US5774550A (en) Vehicle security device with electronic use authorization coding
US5686904A (en) Secure self learning system
US6480096B1 (en) Method and apparatus for theft deterrence and secure data retrieval in a communication device
US6005943A (en) Electronic identifiers for network terminal devices
JP3995107B2 (en) Communication system and method using a vehicle identification
US20040117632A1 (en) System and method for limiting access to data
US5724426A (en) Apparatus and method for controlling access to and interconnection of computer system resources
US5767771A (en) Electronic equipment theft deterrent system
US5708710A (en) Method and apparatus for authentication in a communication system
US5457737A (en) Methods and apparatus to verify the identity of a cellular mobile phone
US6108785A (en) Method and apparatus for preventing unauthorized usage of a computer system

Legal Events

Date Code Title Description
AK Designated contracting states:

Kind code of ref document: A1

Designated state(s): DE FR GB

K1C3 Correction of patent application (complete reprint) published

Effective date: 19961030

RBV Designated contracting states (correction):

Designated state(s): DE FR GB

17P Request for examination filed

Effective date: 19970423

18W Withdrawn

Withdrawal date: 19981103