SE515488C2 - Method and system for theft protection of data in a PDA - Google Patents

Abstract

A Personal Digital Assistant is a portable computer that is so small that it can be held in the hand at use. Such Personal Digital Assistants will be extensively used both for data processing and registration, and by that data will be stored in the Personal Digital Assistant. In order to handle registered data, Personal Digital Assistants normally include functionality for setup to central computer via mobile telecommunications network. The present invention relates to a protection against theft of information from Personal Digital Assistants that have integrated functionality for mobile telecommunication. The Personal Digital Assistant is so adapted that it is not possible to activate without it connecting itself to the mobile telecommunications network. If the terminal is stolen and reported to central register for protection against theft, the terminal can lock itself against access to data, change to a state where it is unusable, and delete stored information according to specification. By that, the stored information will be inaccessible, even if the whole Personal Digital Assistant falls into wrong hands.

Description

10 15 20 25 30 515 488 2 Documents D2-D7 describe systems and devices whose main purpose is to prevent the use of a stolen a mobile terminal is used in order to protect the rightful owner from incurring costs for its use. mobile terminal.

Documents D2 and D3 describe ways to prevent the use of a lost or stolen portable terminal in that the owner, upon discovery that the terminal is lost or stolen, can use the public telephone network and initiate the transmission of a signal from a terminal to the lost terminal.

The terminal which receives the signal will thereby delete certain internal information such as subscription information, which is essential for the terminal's use in the telecommunication network.

This prevents the stolen terminal from being used by unauthorized persons.

Documents D4, D6 and D7 describe portable terminals, which are arranged with an automatic procedures for checking that use is permitted by a check of a code or a list, which is transmitted from each base station. The terminal goes out of service if the code or list indicates that use is not permitted, for example by checking the IMEI code.

There are also examples (document D5) of a database being arranged to indicate the position of a lost portable terminal, which is set for use. If the terminal is stolen, use of the terminal can also be prevented by interrupting the connection in the mobile network.

Only one of the documents found, D1, reports a solution, which is intended to protect a mobile terminal against disclosure of stored data. A portable terminal is arranged so that the owner, upon discovery that the terminal is lost or stolen, can use the public telephone network and initiate encryption of stored information from a telephone. When the encryption is completed, the information stored in the terminal to perform the encryption is deleted.

None of the documents that emerged in the investigation explicitly or in combination include the solution described in the present patent application.

TECHNICAL PROBLEM A PDA, which is used to record data, will store large amounts of information. The stored information may include both newly registered information and information that has been registered previously, but has not yet been deleted, as well as documentation to facilitate registration, application programs and other software. The PDA may therefore contain information which is of a different degree of confidentiality and which for various reasons is important to keep secret. Built-in readings in the PDA, such as keyboard locks and screen savers or mechanical access protection, provide limited protection, but such readings can be forced and in many cases more effective protection is required against unauthorized access to stored data. This is especially important in connection with laptops and PDAs as the possibilities for revealing stored information are great in that the computer can be removed and thoroughly examined and even disassembled.

In the case of business operations, information concerning the operations is registered. The information may apply to, among other things, stock size, product range and price information, which information shall not. Information may also apply to parts of in which case the customer is not disclosed to competitors. or tender documents, in any circumstances shall come across the information.

When visiting a doctor in a hospital, previously registered information about patients can be stored as identity information (eg social security number), information about previous illnesses, medication, diagnosis and measured values. During the rounding, additional information can be added. It is extremely important that such information is not made accessible to unauthorized persons primarily in the interests of the patient but also in order to preserve the reputation of the caregiver and to meet legal requirements.

If information on an operator's operating activities is published in such a way that competitors receive information on, for example, total capacity or currently available capacity, the current price picture can be affected by the competitive advantages that one party can obtain by knowing information important to the operation. This is made especially clear in a brokerage business or stock exchange trading where large transactions are often carried out in a short time and with current data as a basis.

The user can use the PDA as a meeting calendar and keep meeting notes or make private or work-related notes of a sensitive nature.

In addition to these examples, handhelds will be used in many other applications.

If an unauthorized person comes across the PDA, there is therefore a risk of great damage if the PDA is not arranged so that it is possible to prevent the stored information from being revealed. A lock of the key lock / window lock or a mechanical lock provides a More effective protection is obtained if stored data cannot be interpreted as useful information. For limited protection against disclosure. To achieve this, there are two possibilities: 0 Effective encryption of stored information supplemented with good protection of means that achieve decryption or other interpretation of the information. 0 Deletion of the stored information, the disclosure of which inadvertently leads to damage.

A solution using the first of the above possibilities is presented in the above-mentioned document, Dl.

The invention according to the present patent application solves the problem of protecting the information according to the second of the above two possibilities. .. u. -. ... ..

:HRS-. - ... .. '. . . .. Ä 1. ' V * ~ »« - _ 'u ... c. ,. , _, '. I I '' '' Û - ~. x lO 15 20 25 30 515 488. . . . . .

TECHNICAL SOLUTION A packet data transmission data service such as GPRS offers improved possibilities for creating protection for data stored in PDAs, which are equipped with a terminal function for mobile communication.

A PDA, which is equipped with an integrated function for mobile communication, can be arranged so that it is not possible to activate it without it itself connecting to the mobile telecommunication network. If the terminal is stolen and reported to the Central Anti-Theft Register (EIR), the terminal can be locked against access to data, enter a state where it is unusable and delete certain stored information. As a result, the stored information will become inaccessible even if the entire PDA ends up in the wrong hands.

In addition, the PDA can be arranged so that register control via EIR is a condition for access to certain data. In the same way, the PDA's information will be protected if the terminal is found to be reported stolen.

BENEFITS If the user has lost the PDA and suspects that it may have fallen into the wrong hands, he can easily initiate protection of the stored information. Immediately when the PDA is activated, an automatic process will check if the PDA is registered as stolen. If this is the case, some specified information will be deleted and the PDA will be placed in a state where it is unusable before the user has the opportunity to interact with the PDA. In this way, the information provides effective protection against disclosure. During deletion, registered data that has not yet been sent to central storage is lost. The amount of data that can be lost during deletion can be limited by frequently transferring data to central storage to avoid large amounts of data not being backed up. This is also essential to protect recorded data against loss caused by technical errors in the PDA or by interference.

In connection with deleting data, it is also possible to delete stored programs and other routines so that misuse of licenses (program copying) can be avoided.

If the software distributor has particularly high protection requirements for the software, requirements can be made that the software is well protected against disclosure. In such cases, the present invention may provide an opportunity to use programs which would not otherwise be permitted in PDAs or other laptops.

At the same time as information protection is effected, the PDA is placed in a state so that it becomes significantly less useful, among other things by preventing misuse of services connected to the PDA, for example subscribed services in telecommunication networks. This reduces the value of unauthorized use, which means that the PDA also becomes less prone to theft.

LIST OF FIGURES Figure 1 shows a block diagram of the communication procedure when activating the PDA.

Figure 2 shows activation of the PDA and activities in the PDA in connection with blocking.

DEFINITIONS | EAR (Equipment Identification Register) Theft protection register, which stores serial numbers (IMEI) on stolen communication equipment for mobile telephony. By using the register, blocking of stolen equipment is made possible.

IMEI (International Mobile Equipment Identity) International serial number for communication equipment 10 15 20 25 30 515 488 a §.I =% ff = '=' for mobile telephony. Each such communication equipment is thereby uniquely identified.

GPRS (Generalized Packet Radio Service) Packet transfer data service for GSM.

GSM (Global System for Mobile communication).

PDA, Personal Digital Assistant (PDA) Laptop that is so small that it can be held in the hand during use.

DETAILED DESCRIPTION The description below refers to the figures in the drawing appendix.

HANDDOWER PDAs Handheld computers are used in many different contexts, such as by service and sales teams, in the transport industry, industry and retail. Common applications are inbound and outbound deliveries, inventory and picking of orders. The PDA may also contain the user's meeting calendar as well as meeting notes and private or work-related notes of a sensitive nature.

The use of handhelds will be developed and they will be used in new areas. Examples of possible new areas are within values, which places great demands on the protection of information.

With the PDA, the data capture is faster and the information that is registered becomes more accurate than with the use of conventional registration. Using a handheld computer therefore saves both time and costs. The software for the PDA can be customized, but there are also standard programs for simpler routines.

When using the handheld, stored data about the objects to be processed is used. Data is entered and stored in the PDA for later handling or storage in central systems. Transmission of data to central systems can be done by 10 15 20 25 30 515 488 g transmission via mobile telephony which this invention deals with. STOLE PROTECTION REGISTERS An anti-theft register, such as EIR, of mobile telecommunications terminals is maintained by a trusted organization.

The register contains a list of reported stolen / lost terminals, which must be protected against unauthorized use. Notified terminals are identified by the serial number IMEI. The invention relates to a laptop computer, which includes functionality for connection to a central computer via a mobile telecommunication network. The connection to the central computer is used, for example, for transferring data registered in the PDA or for receiving data or other data from the central computer. When connected to the telecommunications (23) mobile phone reported as stolen. If this is not the case, the network is checked in the theft protection register to see if connection to the network and the computer is started in normal operation.

The computer is arranged so that in connection with activation (21) it connects to the mobile telecommunication network (22) in a procedure which cannot be interrupted. To prevent unauthorized use of the PDA before the theft protection takes effect, the connection to the mobile telecommunication network is made before security-protected functions and data in the PDA are made available to the user. This can be achieved, for example, by not activating the human-machine interface in the PDA until the connection to the mobile telecommunication network has been completed.

If the computer is stolen or otherwise lost, the loss is reported to the anti-theft register by notifying the terminal's identity, for example by notifying the IMEI, whereby the terminal is protected against use in the mobile telecommunications network.

The anti-theft function in the mobile telephone network means that if the said check shows that a terminal requesting a connection to the telecommunication network has been registered as stolen, the connection will not be carried out. The terminal will also go into blockade.

In this way, according to the invention, a mobile telephone / PDA which has been registered as stolen will be prevented from connecting to the mobile telecommunication network. The terminal will then enter a protected state. This means that such data, which is stored in the PDA and which is judged to be in (24). the privacy protection is selected so that it corresponds to the needs depending on the need for confidentiality protection, the scope of the computer's design and the protection need for the data being handled are deleted. In some uses of the PDA, only entered data is deleted, while in other uses also stored data, databases, programs and control sequences etc. are deleted. Encryption of some or all data can be an alternative or complement to data deletion.

In order to obtain better continuity in theft monitoring, checking (23) in the theft protection register whether the mobile phone has been reported as stolen can also be done on other occasions than activating the computer, eg in connection with data transmission online or after a certain time. Control (23) in anti-theft register can also be initiated in connection with file access. In the event of a theft report found in this way, the PDA will be protected in a corresponding manner by, among other things, deleting stored data and blocking as well as preventing the transmission of data via the telecommunications network.

Completed deletion can possibly be signaled over the mobile telecommunications network to the instance with a monitoring function for the PDA. Such a monitoring body may be the above-mentioned central computer or an alarm center. After deletion, the computer enters the blocked state (25). Connection to the 10 15 20 25 30 35 515 488 queue telecommunication network can be maintained as long as the computer is turned on to facilitate location as an aid to retrieving the computer.

In the embodiments described below, the description is based on the use of the packet data network GPRS. Alternatively, other packet-switched telecommunication networks can be used. The invention can also be used under certain conditions on telecommunication networks without packet data transmission.

PREFERRED EMBODIMENT A PDA intended for use mobile, for example to register data such as inventory inventory, is equipped with an integrated GPRS terminal. The computer is loaded with programs and data files required for the registration operation and has storage space for the data to be registered. The computer has also been provided with functions for managing the GPRS terminal and functions for protecting stored data. The memory areas, which may contain information to be protected against disclosure, shall be specified. If the functions for protection of stored data are activated, then these specified data areas will be protected against disclosure by deletion.

When the computer is activated, a connection to the GSM network is made through a GPRS attach and the GPRS terminal assumes the READY state. In the GSM network, it is examined whether the terminal / computer is registered as stolen by checking the terminal's IMEI in EIR. If the terminal / PDA is not reported stolen, GPRS attach is performed and the GPRS terminal becomes available. Thereafter, the terminal / PDA is activated and can be used as intended.

If the terminal / computer is found to be reported stolen, the PDA will be notified via GPRS to enter a blocked state.

In this case, all human-machine communication will be blocked and specified data areas will be deleted. At the same time, connection to the GSM network will be blocked so that the GPRS terminal cannot be used. This means that it is not possible to read data from the terminal, either via the keyboard and monitor or via the GPRS service. Because the data areas are deleted where classified information may have been stored, all sensitive data will be inaccessible even if the PDA is disassembled.

ALTERNATIVE TWO EMBODIMENTS Some computers are found in environments and situations where it is black to create a satisfactory theft protection. Examples of such situations are laptops and computers located in public places or trade fairs. A computer that is judged to be exposed to a greater risk of theft is equipped with an integrated GPRS terminal.

The computer is loaded with programs and data files required for the business and has storage space for data to be registered. Depending on privacy requirements, the computer may be provided with storage space, which allows efficient erasure of memory contents. The computer has also been provided with functions for managing the GPRS terminal and functions for protecting stored data.

When the computer is activated, an automatic connection to the GSM network takes place and a check is made as to whether the terminal / computer has been reported stolen. If the terminal / computer is found to be registered as stolen, the computer receives a GPRS message to protect stored data and enter a blocked state. Depending on the situation, different degrees of protection can be applied. Human-machine communication can be interrupted and selected memory areas can be deleted.

With the help of a time monitor, the GPRS terminal can make detach and then immediately make attach. An activated / switched on computer can thus obtain effective protection against data theft.

The same protection can be obtained by using packet data transmitting telecommunication networks other than GPRS, eg UMTS.

By using text messaging, confidentiality protection can also work in mobile telecommunications networks without packet data transmission. 515 488 m] The invention is not limited to the embodiments described above but can in addition be subjected to modifications within the scope of the appended claims and the inventive concept.

Claims (5)

1. 0 15 120 25 515 488. . - = | »- -» ~ - - - PATENT REQUIREMENTS l. said terminal, integrated in said computer, reported as stolen and by said laptop being arranged so that in connection with activation (21) it connects to telecommunication network (22) for mobile telecommunication before security protected functions and data stored in said computer made available to the user. A method according to claim 1, characterized in that if said check shows that said terminal has been registered as stolen, the connection is not carried out. A method according to any one of the preceding claims, characterized in that the procedure for said connection to (22) telecommunication network can not be interrupted without the computer being deactivated. A method according to any one of the preceding claims, characterized in - (23) in anti-theft register can be initiated in connection with: t e c k n a d of said control 0 file access, 0 data transmission on the network, 0 after a certain time or 0 according to another criterion. A method according to any one of the preceding claims, characterized in that the terminal is registered for theft in l0 15 20 25 10. ll. 515,488 u; : u ~. IH anti-theft register when the person who has the said computer with integrated terminal no longer has the computer in his possession, for example if the computer has been stolen. A method according to any one of the preceding claims, characterized in that connection to said anti-theft register takes place by registration of the terminal's serial number, eg IMEI, and in that said anti-theft register is EIR. A method according to any one of the preceding claims, characterized in that if said check in the anti-theft register shows that said terminal has been registered as stolen: 0 specified memory areas in the computer 0 are deleted, use of the computer is blocked 0 the computer's terminal function in the telecommunication network is blocked. A method according to any one of the preceding claims, characterized in that said specified memory areas contain or may contain data or programs, the disclosure of which to unauthorized persons may lead to damage to the owner of the computer. A method according to any one of the preceding claims, characterized in that said laptop is a handheld computer. A method according to any one of the preceding claims, characterized in that packet data service in the telecommunication network is used by said integrated terminal for mobile telecommunication. A method according to claim 10, characterized in that said packet data service is GPRS. 10 15 P20 25 12. 13. 14. 15. 515 488 I = ~ - y => sl 5 A system for theft protection of information, stored in a laptop, which has an integrated terminal, characterized by 0 that said laptop is arranged so that in connection with activation (21) it connects to (22) before security-protected functions and data in the PDA mobile telecommunication network are made available to the user or the human-machine interface in the computer is activated, and connection to the telecommunication network check (23) takes place in anti-theft register if said terminal, which is integrated in said computer, is reported as stolen and 0 if said terminal is reported as stolen, communication on the telecommunication network is not made available to the user. A system according to claim 12, characterized in that the procedure for said connection to telecommunication network (22) can not be interrupted without the laptop being deactivated. A system according to any one of claims 12 or 13, characterized in - (23) in anti-theft registers may be initiated in connection with: n e t e c k n a t of said control 0 file access, 0 data transmission on the network, 0 after a certain time or 0 according to another criterion. A system according to any one of claims 12 to the preamble of said control in 15 20 25 17. 18. 19. 20.. . . c »- i I, ~ - ~ ~ n I 10 theft protection registers show that said terminal, has been registered as stolen: 0 such memory areas are deleted, which contain or may contain data or programs, the disclosure of which to unauthorized persons may lead to damage to the owner of said computer, I use of the computer is blocked and 0 the terminal function of the computer in the telecommunication network is blocked. A system according to any one of claims 12 to 15, characterized in that said laptop is a PDA. A system according to any one of claims 12 to 16, characterized in that packet data service in the telecommunication network is used by said terminal for mobile telecommunication and that said packet data service may be GPRS. A system according to any one of claims 12 to 17, characterized in that said anti-theft registers are registered in anti-theft services, which are maintained by a trusted organization and in that connection and loss reporting to said anti-theft register takes place by registering the terminal's serial number. A system according to any one of claims 12 to 18, characterized in that the terminal's serial number is IMEI and said anti-theft register is EIR. A system according to any one of claims 12 to 19, characterized in that theft of the terminal is registered in the theft protection register when the person in possession of said} lO 15 20 21.. «| ~ u 515 488 * -: åiši We laptop computer no longer has the computer in its possession, for example if the computer has been stolen. Use of EIR at a mobile telecommunications terminal, which is integrated into a PDA, whose memory areas contain or may contain data or programs, the disclosure of which may inadvertently lead to damage to the owner of the computer, in the event of theft or other loss of said terminal integrated in said PDA to register the loss so that upon activation of said PDA but before security-protected functions and data in the PDA are made available to the user, e.g. by activating the human-machine system, via packet data service in mobile telecommunication network has been lost or stolen and protects specified data or programs stored in said PDA upon detection of such registration, against disclosure by unauthorized persons by blocking connection of said terminal to the telecommunication network, deleting specified memory areas in said PDA and blocking use of the computer.