Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for program control, e.g. control units
  • G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
  • G06F9/44—Arrangements for executing specific programs
  • G06F9/4401—Bootstrapping
  • G06F9/4406—Loading of operating system
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
  • G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
  • G06F21/575—Secure boot
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/60—Protecting data
  • G06F21/606—Protecting data by securing the transmission between two devices or processes

Definitions

• the present invention basically relates to a device designed to recreate virtually a desktop of its own once the device has been connected up to any PC and to connect up to a remote server through the Internet, irrespective of the possible Internet connection of the host PC.
• the invention regards a portable pocket device, basically constituted by a USB pendrive that integrates a flash memory with a circuit designed to enable connection to the Internet via the UMTS protocol.
• a GNU/Linux operating system capable of being loaded in the bootstrapping step and of running live on any PC.
• Said operating system contains software that runs autonomously at a local level not only software that enables saving on a remote server of the data modified during the session launched via a host machine but also running of the applications necessary to the user on said remote server.
• connection to the remote server is obtained via a tunnel encrypted with SSL, TSL cryptography or the like with a hardware key present in the device itself.
• the device according to the present invention for the first time integrates together :
• - a flash memory preferably of up to eight gigabytes
• said host PC could even be without an operating system and have the hard disk completely devoid of data in so far as it is necessary and sufficient that during bootstrapping it can access via USB the device according to the invention.
• the present invention envisages just one pendrive of small dimensions that can be used both as mass- storage device (preferably up to 8 GB) and as device for connection to the Internet. Integration between said two devices is obtained in an extremely simple way via a USB hub.
• Figure 1 shows the interaction between device, server, and client PC
• FIG. 2 is a block diagram that shows an example of hardware solution of the invention
• FIG. 3 is a block diagram that shows an example of software solution of the invention
• Figure 4 is a block diagram that shows an example of Web OS architecture of a known type
• Figure 5 is a block diagram that shows an example of Web OS architecture according to the present invention .
• FIG. 6 is a block diagram that shows the steps of exchange of data between client and server according to the present invention.
• the hardware of the device 1 has all the components supported by the GNU/Linux Ubuntu operating system, which is the basic platform for the software developed.
• the compatibility of the hardware has been checked for in the Hardware Compatibility Lists supplied by the company Canonical Ltd., which distributes Ubuntu Linux.
• a second peculiar characteristic of the invention is the self-sufficiency of the device 1.
• an operating system capable of running live on the client PC or host PC is envisaged.
• the minimum requisites of the client PC or host PC are that :
• i386 or later architecture including the 64-bit architectures of the families x86_64, amd64, etc. ; - at least 512 MB of RAM;
• a video processor (with corresponding monitor) capable of guaranteeing a graphic resolution of at least 800 x 600 pixels.
• the operating system has been created starting from an ISO 9960 image based upon GNU/Linux Live, which has subsequently been personalized.
• an ext3/4 filesystem was created, hosted by the flash memory of the device, containing the operating system resulting from the modifications. Part of the software will be loaded using the RAM of the client, delegating execution of the software to the processor of the host machine. As already mentioned, another part of the filesystem of the device is used for the nonvolatile memory (storage) .
• the (client and server) software products which are respectively installed on the device 1 and on the remote server, are created with PHP, BASH programming language, preferably using the MySQL relational database and is executed on Apache web server installed as software component of a Linux operating system.
• a peculiar characteristic of the invention which is crucial in relation to any GNU/Linux Live distribution, is the creation of the encrypted tunnel. Via connection to the Internet it is hence possible to save one's own data not only on the limited flash memory integrated in the device itself but also on a remote server. The storage capacity is consequently virtually unlimited in so far as each user may purchase the amount that he needs on the remote server .
• the softwares necessary for creation of the tunnel are :
• the samba and nfs servers also enable sharing of the data with other operating systems.
• the softwares previously listed it is possible to synchronize the data stored in the local storage on the flash memory of the device with the data stored in the remote server via encrypted protocol.
• a series of scripts and softwares enable integration between the device and the data contained therein, enabling use thereof irrespective of the geographical location of the user.
• an integrated service in the form of software with a simple graphic interface, which enables direct download from an appropriate website or else request for new applications in the form of RIAs, if they are not already on the market.
• Forming an integral part of the invention is the provision of a respective web space and a respective second-level domain on the Internet, whereby each of the users can reach the web applications by using a purposely provided browser.
• the web space is integrated also in a database that is indispensable for guaranteeing operation of the software product. Said web space and said database can preferably be rented by the user and associated to the specific device of the user himself via said hardware encryption key.
• the remote server system in which the web space is hosted must respect the following requirements:
• USB device 1 designed to make available to the user a true virtual PC via which he has access to his own desktop, to his own data, and to his own applications, without thereby leaving any trace of his own activities on the PC host, which could also be without an operating system and has the sole function of providing via its own BIOS during the bootstrapping sequence, a processor, a RAM, and a video card capable of launching the live operating system present in the device.
• Figure 2 contains a UMTS modem that enables setting- up of a connection to the Internet without using the host PC or the possible Internet connection associated thereto .
• storage of the data on the remote server and use of the applications thereon are performed using an encrypted VPN tunnel via username, password, and hardware key present in the device.
• the operating system provided in the device according to the invention is launched in the bootstrapping step of the host PC and is located in the flash memory of the device itself.
• the software configuration of the disclosure envisages an operating system installed on the device that is an innovative version of Linux purposely modified to enable storage of information and modifications of the virtual desktop of the user.
• Said Linux operating system exploits the CPU and the RAM of the host PC to provide the user with the possibility of accessing his own data and of using his own applications that are present in the flash memory of the device and/or in the remote server which the user accesses via the same device, by means of an encrypted tunnel that provides a secure connection with the server itself and a basically unlimited data storage capacity in so far as it is a function of the memory available in the server.
• the fact that the operating system of the present invention is live eliminates the possibility that via the host PC or other devices there may occur attacks of computer viruses or of spyware that can allow third parties to monitor the activities of the user.
• the present invention envisages a device that does not use the operating system of the client PC or host PC, in so far as it is launched directly in the step of bootstrapping of said PC, which could even be altogether without its own operating system and data of any other type.
• the sole reason for the presence of the client PC is to make available its own CPU, its own RAM, and its own user-interface means, namely, keyboard, display, and mouse, to make them available for the live operating system present in the device according to the invention .

Landscapes

• Engineering & Computer Science (AREA)
• Software Systems (AREA)
• Theoretical Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• General Engineering & Computer Science (AREA)
• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Computer Hardware Design (AREA)
• Health & Medical Sciences (AREA)
• Bioethics (AREA)
• General Health & Medical Sciences (AREA)
• Information Transfer Between Computers (AREA)

Applications Claiming Priority (1)

Publications (1)

Family

ID=44653369

Family Applications (1)

Country Status (2)

Families Citing this family (7)

Family Cites Families (1)

• 2011
  • 2011-07-08 EP EP11757938.3A patent/EP2729873A1/de not_active Withdrawn
  • 2011-07-08 WO PCT/IB2011/053059 patent/WO2013008058A1/en active Application Filing

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events