TWI223938B - Method and apparatus for preventing access to information stored at a node - Google Patents

Abstract

In one implementation of the present invention, a cellular network for wireless communications (e.g. a cellular telephone network) receives a transmission including an identification token from a mobile unit (e.g. a telephone). Via a service provider, the network also receives a command to prevent access to information stored at the mobile unit. Upon detecting a correspondence between the identification token and the command to prevent access to information stored at the mobile unit, the network instructs the mobile unit to prevent access to local information, which information may include a directory of telephone numbers and other personal and/or confidential items.

Description

1223938 A7 B7 V. DESCRIPTION OF THE INVENTION (BACKGROUND FIELD OF THE INVENTION The present invention relates to communication systems. More specifically, the present invention relates to information access control. BACKGROUND OF THE INVENTION

A communication system includes a communication network and a group of nodes that can communicate with the network. The communication link between the network and the node may be wired and / or wireless. The network can also communicate with other networks, so that a node can communicate with an entity in the network, with other nodes connected to the network, and / or with an entity and / or a node on other networks. communication. Binding

An example of a line-to-communication network is a local area network (LAN), in which individuals within the network may include one or more feeders' and the individual nodes may include workstations, personal computers, and / or peripheral devices, Examples include storage units and printers. Another example of a communication network is a wireless communication cellular network, in which an individual in the network may include one or more base stations (with base station transceivers or "BTSs"), and a management unit ( For example, base station controllers (BSCs) 'Mobile Service Exchange Centers (MSCs), and headquarters and visitor location registers (HLRS and VLRs, respectively), and the individual nodes can be mobile units (also called "mobiles" Station "), which can communicate with one or more base stations on a wireless link. A mobile unit can be a cellular phone, a computer or other processing device connected to a wireless modem, and a wireless local loop (WLL) station, or a wireless personal digital assistant (pDA). Via the base station 'the mobile units can communicate with each other and / or with devices on other networks' such as the Internet and / or The public exchange electricity -4-

1223938 A7 B7 V. Description of the invention (2-phone network (PSTN). If a mobile unit, such as a cellular telephone, is lost or stolen, the owner or account holder may instruct the service provider to reject the mobile unit. Attempt to access the network. This action helps prevent an unauthorized user from being used and is billed to the service account associated with the unit. However, the mobile unit may include semiconductor flash random access memory ( Or "flash RAM") 'which can hold confidential information, such as phone numbers. So the trend is toward combining cellular phone capabilities with other capabilities in the same portable device (such as email communications, personal notes, and web browsing), The flash RAM can store additional confidential information, such as email addresses and messages, voicemail messages, scheduling and personal contact information, passwords, and / or bank or credit account numbers, even if the mobile unit can be lost or stolen Access to the network was denied at times, and confidential information stored on the mobile unit could maintain access to an intruder and be misused. SUMMARY OF THE INVENTION In a method according to a specific embodiment of the present invention, a node is instructed to prevent access to information stored in the node. This indication is detected on the one hand to prevent access to information stored in the node ( Or at least a part of this instruction), and on the other hand a consistency that is combined with the identification of the node. The drawings are briefly illustrated in the drawings. The same reference number represents the entire copy in several drawings. A similar part of the invention, of which ... Figure 1 shows a formula of a communication system according to a specific embodiment of the present invention.-This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210 X 297 public love).

Packing

Line I223938

V. Description of the invention (A7 B7

Block diagram; FIG. 2 shows a command for preventing access to information stored in the node 100; FIG. 3 shows a block diagram of a communication system according to a specific embodiment of the present invention; FIG. 4 shows a block diagram according to the present invention; A flowchart of a method of a specific embodiment of the invention; FIG. 5 shows a block diagram of a network 150 according to a specific embodiment of the invention; FIG. 6 shows a wireless communication 1 5 2 according to a specific embodiment of the invention Block diagram of a cellular network; FIG. 7 shows a block diagram of a network 15a according to a specific embodiment of the present invention; FIG. 8 shows a cellular network of a wireless communication 152a according to a specific embodiment of the present invention FIG. 9 shows a flowchart of a method according to a specific embodiment of the present invention; FIG. 10 shows a block diagram of a node according to a specific embodiment of the present invention; FIG. 11 shows FIG. 12 is a block TSJ diagram of a node 100 according to a specific embodiment of the present invention. FIG. 12 shows a block rgi of a node 100a according to a specific embodiment of the present invention. FIG. 13 shows a block rgi according to the present invention. A specific embodiment of the method flowchart; shown in Figure 14 A flowchart of a method according to a specific embodiment of the present invention; FIG. 15 shows a flowchart of a method according to a specific embodiment of the present invention; and FIG. 16 shows a flowchart of a method according to a specific embodiment of the present invention Illustration. -6- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)

Loading. Order

Line 1223938 A7 B7

Detailed description In some systems, the connection between a node and a network is temporary. For example, in a cellular telephone network or wireless LAN, the connection between a mobile unit and the network does not exist when the mobile unit is not powered on. Even after such a connection is made, its location and characteristics about the network can be moved within the range when the mobile unit is located within the range of a network terminal (such as a base station and its section) to another And something changed. Therefore, it is impossible for this network to identify nodes connected in this way simply by using a static location or address. ’In other systems, a connection between a node and a network may be short but static. Such a network may contain one or more terminals for nodes ^ to connect on a temporary basis. An example includes a personal computer (possibly connected to a LAN) that can be connected to one or more PD or similar devices via a serial or parallel port. Although a network terminal connected to a node in this manner may be fixed, more than one node may be connected to the network through the terminal (for example at different times) and / or a single node may be connected through different terminals (for example at different times) ) Connected to the network, making it impossible for the network to identify a node using only a static location or address. Several important network functions can identify or locate a node based on its capabilities. Examples of such functions include locating special nodes for call purposes (such as notifying a cellular phone of an incoming call), and combining an active node with a known identity or profile for billing, message delivery, service differentiation, and data synchronization化 etc. An identification mark is a mechanism that can be used to identify the connection through a temporary link. This paper size is suitable for financial ® ® Standards (CNS) A4 (· χ 297 公 董) 1223938

AT B7 V. Description of Invention (5) To a node of a network. In an example system using this mechanism, the node stores at least one such tag, and the network stores the consistency between the tag and a network identifier (in some cases, the network may have assigned the tag to The node). During an initial transmission, the node transmits the tag to the network over a communication link. The network receives the tag, performs identification, and combines the corresponding network identification with the mobile unit. This combination can continue even if the link changes characteristics in the network (for example, a cellular telephone delivery situation). This node identification combination can also be followed by re-validation (for example, periodically and / or at specified events). Cellular communication is performed in a CDMA (Divided Code Multi-Directional Proximity) system, which conforms to Interim Standard-95B (or “IS-95B”) and is named “MOBILE STATION-BASE STATION COMPATIBILITY STANDARD FOR DUAL-MODE WIDEBAND SPREAD SPECTRUM CELLULAR SYSTEMS ", Which was issued by the Telecommunications Industry Association / Electronics Industries Association (TIA / EIA) on February 3, 1999) or complies with Interim Standard_2000 (or" IS-2000 "), a six-part standard, which was developed by TIA / EIA in (Issued July 1999), for example, a mobile unit is programmed to store identification information, which is a 10-digit mobile identification number (MIN). The MIN contains 4 bits of the unique electronic serial number (ESN) from the mobile unit and 6 bits from an identification string known to the network. The M IN can be stored in a non-volatile memory in the mobile unit, such as read-only memory (,, ROM ,,), Programmable ROM (" PROM "), and PROM (· 'EPROM "), And / or electronic EPROM ("EEPROM, ') (such as flash memory). -8-This paper size applies to Chinese National Standard (CNS) A4 (210X 297 mm) 1223938 A7

The Mi N (or part of it) that exists when a remote mobile unit communicates with the network, allowing the network to combine the special mobile unit with a known identity or profile, which may include information about service options , Billing plan, region, etc. In an IS-95B or IS_2000 compatible system, this process is called "registration". This combination also allows the network to properly direct transmissions (eg phone calls), which are terminated at the mobile unit. Once the node is combined to read a known identification or profile, the combination can continue, and the connection between the networks is moved from one terminal (eg, a base. That is, the node to the station or its section) to another. At least part of the main book processing, which may start at the moment the child mobile unit is powered on, may be repeated when the link is established (e.g. regularly and / or in the TIA / EIA document above) Other events specified). Figure 1 shows a block diagram of a system according to a specific embodiment of the present invention. Node 100 transmits an identification mark to the network i 50 via the communication link 140. On top of the control link 160, the network The channel 150 also receives a command to prevent access to the information stored in the node. The communication link i 4 and / or the control link 160 can be performed through an intermediary and can also be wired and / or wireless (ie, bearer). At one or more wireless and / or optical frequencies). In the example shown in Figure 2, the instruction to prevent access to the information stored in the node 100 includes an operation code (or "opcode"), which corresponds to When the instruction acts and the identification corresponding to a node 100. When a consistency between the identification mark and at least a part of the instruction (such as the identification) is detected, the network 501 sends a Instruction to the node 100 to prevent access to local information. In an exemplary implementation of this system, as shown in Figure 3, the network 1 5 0-9- This paper standard applies Chinese National Standard (CNS) A4 Specifications (210X ^ 7 ^ 7 1223938 A7 B7

Receiving the instruction to prevent access to the information stored in the node 100 via the public switched telephone network (ρ§ΤΝ). In a special implementation, the access prevention instruction is connected to the network using a transmission system 7 (SS7) protocol (e.g., detailed in ITU_T Q.701.Q.741, Internatlalnal Telec. Leg job

Umon, Geneva, Switzerland). In an application, the instruction is connected to the network 150 by a service provider in response to a report from a user that a node has been lost or stolen. FIG. 4 shows a flowchart of a method according to a specific embodiment of the present invention, which can be executed in the network 150. In an implementation, the method shown in FIG. 4 is executed when an access request or a random event occurs, such as described in Section 6.65 (“Registration” described in one of the above-mentioned TIA / EIA CDMA standard documents) ") (such as when a mobile unit is powered on, the timer expires, or the area of a mobile unit changes). In another example, the method shown in Figure 4 is an attempt to register a node without When using the network (such as making a phone call) to perform. In the command receiving task P110, the network 150 receives a command to prevent access to the information stored in the point 100. As described above, this command may include an operation Code and an identification, which may correspond to the node 100. In the label receiving work P 120, 'network 1 50 receives an identification label from a node via a communication link 1 40. This label may be received as a transmitted one. Part, such as an access request or a registration request. The identification tag contains information from the network, which uniquely identifies the node, and is based on the identification information stored on the node. The corresponding detection task is P 130 , The network 1 50 0 decides from the node i 〇 〇 Consistency between the identification mark and at least part of the directive received to prevent -10- This paper size applies the Chinese National Standard (CNS) A4 specification (210X 297 mm) 1223938 A7 B7

Access to information stored in the node 100 (such as the identification). In a specific embodiment, the decision is based on at least a portion of the identification mark (for example, the first 6 bits of a MIN) and the consistency between the marks. Because there are more than _ instructions to prevent access, it can wait in the network 丨 〇, it may work P 1 3 0 can be repeated to determine between the identification mark and part of other examples of an instruction Consistency to prevent access.

Equipment-if the decision in work P130 is successful (for example, if the identification mark and the identification correspond) 'then in the instruction transmission work pi 40, the network 1 50 sends an instruction to the node 1 ο 0 to prevent Access to local information. If the decision in job P130 fails, the method can terminate the tag received in job P120, although jobs P12 and pi30 can be repeated for other identifying tags.

FIG. 5 is a block diagram of a network i 50 according to a specific embodiment of the present invention. In an exemplary application of such a network, the terminal 21 receives an identification mark from the node 100 on the communication connection 140. The control unit 230 receives a command to prevent the information stored on the node 100 from being accessed on the control link 160. The identification mark is received by the terminal 210 and the control unit 230. When detecting the consistency between the identification mark and at least a part of the instruction to prevent access, the control unit sends an instruction to prevent access to local information to the terminal 2 1 0 for transmission to the node 1 0. 〇. FIG. 6 is a block diagram of a cellular network according to an exemplary implementation of the wireless communication 15 2 of the network 150. In this implementation, the terminal 2 1 2 contains one or more base station transceivers (BTSs) 3 10, which communicate with the mobile unit over a wireless link. The control unit 2 3 2 contains a base station controller (b s C) -11-This paper ruler, national standard (CNS) M size m X X 297 mm) 1223938 V. Description of the invention (A7 B7

3 3 3, which can perform link management functions, such as handover control, and a mobile service switching center (MSC) 336, which communicates with one or more BSCs, management units 'and / or other networks' such as (and / or Through) the PSTN to perform higher-level functions, such as dial-up settings and management and user authorization. Although this feature is not explicitly shown in Figures 5 or 6, a network as described herein may also be coupled to other networks through a communication link, such as the Internet. This communication link may include one or more wired and / or wireless links, such as microwave or satellite links, and information (such as a command to prevent access to information stored at node 100), which may be transmitted over the communication link As one or more analog and / or digital signals. In a general implementation in a specific embodiment of the present invention, the identification mark may be any suitable for identifying the node 100 to the network 500. In one example, the identification tag is self-contained, which provides all the information necessary to uniquely characterize the point 100 (for example, the unique E s N of a mobile unit). In another implementation, the COSCO identification mark can provide a part of this information, which is the network 150 that must be used to uniquely characterize the node 100. For example, for a node communicating with a CDMA network, the identification mark may include or part of the MIN, as described above. In a special implementation, the identification mark includes the first 6 bits of the M IN. For nodes communicating with a network that complies with a GS M standard, the identification mark may include all or an identified part, such as the current IMSI or TMSI (respectively international or temporary mobile station identification) or MSRN of the mobile unit, respectively. (Mobile roaming number). Other conditions similar to the above examples and corresponding appropriate labels are possible for other networks and / or other specific embodiments or changes in the node 100. Please note that under certain conditions, an action -12- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)

Packing

k

1223938 A7

The identification tag, which includes an intruder interception unit, such as a cellular phone, does not need to transmit a part containing the ESN (for example, to prevent the ESN from being heard). m According to a network " in a specific embodiment of the present invention. a square! In an implementation of this kind of network, the database 240 receives the identifier from the control and returns _identification to v-shares suitable for the command to prevent access to the information stored in the node 1GG (for example, by your Control link 160 received). In another implementation of such a network, the database 240 receives at least part of the instruction to prevent access to the information stored in the node 100 (such as the identification shown in FIG. 2) and returns an identification Suitable for comparison with the identification mark. A network 'according to one of these implementations may preferably support user mobility and / or management identification related functions, such as security, authentication, billing, and the like.

FIG. 8 shows a block diagram of a cellular network based on a specially implemented wireless communication 152 & according to the network 15a. In this implementation, the database 242 includes a home location register (HLR) 340 and / or a visitor location register (VLR) 3 50. HLR 340 stores a master copy of the identity between the identification mark and the identity (for example, for a user's mobile unit existing near that geographic location) 'while the VLR 350 stores a temporary copy of this consistency (for example, near the geographic location) An active unit of action whose users can exist elsewhere). In order to cooperate with one or more HLR 340 and VLR 350, the MSC 336a receives the identification mark 'and obtains a corresponding identification, which may be suitable for comparison with identification from a command to prevent access (such as receiving on the control link 160). of). In another implementation, one or two HLR 340 and VLR 350 can be integrated into MSC -13- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)

Loading. Order

Line 1223938 A7 B7 V. Description of the invention (11 336a ° Figure 9 shows a flowchart of a method according to the implementation of a method shown in Figure 3, which can be implemented in an implementation of the network 150a. In one implementation, The method shown in FIG. 9 is executed as described above when an access request occurs or a registration event, for example, in section 6.6.5 ("Registration") of one of the TIA / EIA CDMA standard documents mentioned above (" (Such as the activation of a mobile unit, the expiration of a timer, or the change of the area of a mobile unit). In another implementation, the method shown in Figure 9 is when an unregistered node attempts to use the network. Execute (for example, call). In this implementation, the consistency detection job p 13〇 includes two sub-jobs P150 and P160. In the query sub-job pi50, one corresponds to the identification mark received in job P120. The second identification can be obtained (for example, by referring to the database 24 above as described above). In the comparison sub-work pi6〇 *, the first identification can be compared with the identification received in the work ρ 10 (as an instruction Part to prevent access to the node 〇〇 the information). If a match is detected, then in the command transmission work? 14, a command to prevent access to local information is transmitted to the node i QQ. If no match is detected, then the The method can terminate with respect to the markers received at job pi20 *, although jobs P12O & P130 can be repeated for other identifying markers.

The node shown in FIG. -10 according to a specific embodiment of the present invention includes a receiver 110, which is used to receive information from a network ... on a communication link 140, and is combined to --- Consistency detector 120. First store the identification information storage area 13 (for example, a Mm and / or _ES which is also compatible with the consistency detector 12. Consistency detector i2〇 detection base -14. SS furniture (CNS x 297 public € Ϊ 223938 A7 ____B7 V. Description of the invention (12) Consistency between a mark identifying the information and the word rate based on the information received from the network i 5 0. Figure 1 i As shown, a comparator 1 2 2 can be used to implement a consistency detector 丨 2 in a node 1 100 example 1. If consistency is detected, access to the second storage area 1 can be prevented Information in 3.2. (Please note the operation in other specific embodiments of node 100 (such as shown in Figure 14). The consistency detector 丨 2 〇 may not be needed, where access to the second storage The information in area 1 3 2 can be prevented based on the information received by the receiver (10). Please note that one or both of the first storage area 130 and the second storage area 132 can be used with other components of node 100. Found in different physical locations. For example, an implementation of node 100 may include a connection to a wireless Modem laptop. In this example, components of one or more nodes 100 can be found in the wireless modem (eg, receiver 1 丨 〇), while the first storage area 130 and the first storage One or both of the areas 132 may be found in the laptop (for example on the hard drive of the computer). Figure 12 shows an implementation of a node 100, which includes A node transceiver 110a, a processor noa, and a memory 134. The node transceiver 110a 'includes a transmitter 1 12 which allows the node 1 10a to transmit on the communication link 140 Information to the network 5 0. The node transceiver i 10a also includes a receiver 1 1 4 that allows the node 100a to receive information from the network 150 on the communication link 4 4. This kind of communication The transmission and reception information on the link 140 can be performed using the same or different data rates, communication protocols, carrier frequencies, and / or modulation methods. Similarly, the operation of the transmitter 1 12 and the receiver 114 And / or the circuit architecture can be completely independent of each other, or another -15- This paper size applies to China Associate (CNS) A4 size (210 X 297 male directors)

Pack-order

Line A7 B7 V. Description of the invention (13) Partially or completely integrated. Processor 120a, which may include one or more micro-processors, and a new controller, a micro-controller; a "controller array" to control the operation of the node, 1 series Data can be stored (A) in the memory 134 or in the town's " storage device, (B) input by the user through the interface, such as a data registration device (ie, a keyboard) (not shown), ' ,, S, d) 'AK) is received by the network 150 on the communication link 140. $ 己 忆 体 134' It may include read-only memory (ROM), random access memory (RAM) , And / or non-volatile memory, which can store programmable parameters, and can also store information 'which contains executable instructions, non-programmable parameters, and' or other information 'such as phone numbers, passwords, account numbers, personal contact information Etc. (eg, executable instructions, which define a method as shown in one or more of FIGS. 13_16, which can be stored in memory 134 for execution by processor 120). Identification information can also be stored in memory 134, and / or may exist elsewhere in point 100a. At node 100a In the implementation example, 'receive a command to prevent access to local information (and determine that the command is directed to node 100a), which causes node 100a to prevent access to the memory 1 3 4 Information of area 1 35. In an exemplary implementation, node 1000 is a mobile unit, such as a cellular phone that communicates with a network 150 on a communication link 140, which can meet the above-mentioned requirements. One of the CDMA standards. In another implementation, the communication link 140 conforms to a TDMA (Time Division Multiple Direction Proximity) standard, such as GSM (Global System for Mobile Communications, which was proposed by the European Telecommxmications Standards Institute (ETSI), which Located in Sophie Antipolis, -16- This paper size applies to Chinese National Standard (CNS) A4 (210X297 mm) Binding 1223938 A7 _______B7 V. Description of the invention (14)

France), or a FDMA (Frequency Division Multiple Direction Proximity) standard, such as the Advanced Telephone System (AMPS). In another implementation, the node 丨 〇 〇 can receive and transmit information according to the wireless Bluetooth ™ (as defined in the Bluetooth specification, ver. 1.0B, by the Bluetooth Special Interest Group, New

York, NY). Please note, however, that a code line is not required for communication link 140. In a further implementation, for example, the node 100 may include a portable device (such as a laptop or a PDA), which can establish a wired, but temporary communication link 140 to the network 150, thereby connecting to a network 15〇 terminal (for example, conforms to standards such as Universal Serial Bus (USB) versión 1 "or 2.0, FireWire (IEEE 1394), or RS-232). FIG. 13 is a flowchart of a method according to another embodiment of the present invention. This method can be performed in a node 100, as described above. In work P3 10, a command is received to prevent access to local information (e.g., from a network 150 via a communication link 140). This command may be transmitted in response to an access request or a registration event, such as in section 6.6.5 ("Registration ") of one of the tia / eia CDMA standard documents mentioned above (such as the startup of a mobile unit, timer Expired, or the area of a mobile unit is changed). In addition, the command to prevent access to local information can be received during the normal use of the node (for example, a dedicated control on an ongoing cellular phone call) Channel). In different implementations of a cellular phone or similar network, the instruction to prevent access to local information may be received on a non-exclusive channel, such as a call channel or broadcast channel. The instruction prevents Access to local information includes identification of a node (or a specified node group), and may have a form as shown in Figure 2. -17- This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210X297 Mm) 1223938

As mentioned above, this instruction may be related to the S message existing in the second storage area 1 J 2 of the node 100, which may be implemented as a pre-footing area 1 of the memory on the node 100a. 3 5. In an exemplary implementation, the second storage area [32] is non-volatile | ± (for example, Bexun remains in area 1 32 even after removing a power supply).

In work P320, an identification mark can be received by the first storage area 130, which can be implemented as a part of the memory 314 in a node 100a or a separate storage element. In one example, the identification mark includes the first 6 digits of the MIN. At work P33〇 *, the consistency between the identification and the identification mark can be determined (for example, by the consistency detector 12o, it can be implemented at a node 100a to become a processor 2o).

If consistency is detected in job P330, then access to local information (such as the information stored in the second storage area 丨 3 2 'or in the memory 1 3 4 area 1 3 is prevented in work p34〇. 5). This prevention can be accomplished by one or more techniques. For example, the information can be erased (eg, deleted) or otherwise changed. This operation may include overwriting the information. In addition, the area where the information is stored can be changed, making it impossible to store information. ’In another example, access to information can be prevented by changing the mechanism for locating that information. For example, in a storage system containing an operating system, access to information can be prevented by erasing or otherwise changing the green registration of the information. Access to information can also be prevented by changing a stored reference password in a password protected storage system. In a further example, the information accessed can be erased or changed.-18-This paper size applies Chinese National Standard (CNS) A4 (210 X 297 mm) '--------- 1223938 A7 B7 V. Invention Description (16) code or decryption mechanism to prevent, where the information is converted to a smart or another useful form. For example, a key that must be used to decode the stored information (e.g., a string of symbols about the consistency between the stored information and an unencrypted form of the stored information) can be erased or otherwise changed. In an implementation, the processor 12 prevents the memory from being stored in the area of the memory 3, 4 by overwriting the information with the preset data (such as the value 0).

Information. If the decision in work p33o fails, the method is terminated.

Fig. 14 shows a flow chart of a method according to another embodiment of the present invention, which can be executed in the above-mentioned node. In work p3 i5, that is, on a dedicated channel (for example, a dedicated control card for an ongoing cellular telephone call), a command is received to prevent access to local information (for example, via a communication link 1 4 0 and From a network 丨 5 〇). This instruction may be transmitted subsequently by an access request (for example, by a node), or in response to an access request or a registration event, such as 6 6 Section 5 ("Registration") (such as the activation of a mobile unit, the expiration of a timer, or the change of area of a mobile unit). In a CDMA system, for example, the dedicated channel may be partially unfolded by one or more transmitters of the instruction (eg, network 5) and receivers of the instruction (eg, node 10 0) as known and / Or coverage code to partially define it. Since the dedicated channel is established, the consistency between the instruction and a receiving node already exists, thereby avoiding the need to re-establish this consistency, and / or the need to include information identifying the node in the instruction. In task p34〇, access to local information (such as stored in the second storage area 3 2 or in memory -19-

1223938 A7 B7 V. Description of the invention (information on node i 〇 〇 in area 1 35 of 17 body 1 3 4), which can be prevented according to this instruction. FIG. 15 shows a flowchart of a method 400 according to another embodiment of the present invention. In work P340 of this method, access to local information can be prevented as described above. In job P332, receiving an instruction (such as the aforementioned job P315) or detecting consistency (such as the aforementioned job P3 30), both of which occur to cause the execution of the job P34 through the logical OR job P480. However, this method also includes another mechanism that can be caused by performing task P340 (through logic OR task P480). In the example of Fig. 15, the execution of job P340 may be caused when a timer expires. According to an example, a timer may be implemented as a position in a memory, which may be periodically updated (eg, decremented) until the content of the memory position reaches a predetermined value (eg, zero). In work P470, the amount of time remaining is tested to determine whether the pre-foot period has expired. In work P450, the amount of time remaining is reset to a start or preset value. In another implementation of the method of FIG. 15, a timer tracks the occurrence of other events (such as the number of times a device is powered on), rather than just elapsed time. The method shown in Figure 15 can be used to provide a limited period of access to local information. For example, before a business trip, a user may store information in a node 100 by synchronizing with a fixed computer (such as an office desktop or laptop), such as a PD or a cellular phone. When the information is now portable, it can also be hacked if the nodes where it exists are lost or stolen. The method shown in FIG. 15 can be used to prevent access to the information after a specified period of time, even if the node has not found a missing bite. ) 4 secrets (21 () χ 297g g 'a_

n

1223938 A7 B7 V. Description of Invention (18) Theft. Figure 16 shows a flowchart of a method according to another embodiment of the invention. In this method, the amount of time remaining for the reset is performed only after a verification procedure. A string of symbols is entered in work P 4 10 (for example by a button pad or keyboard of node 100). In work P420, the consistency between the input string and a stored verification string is tested (e.g. by a comparator). If consistency is detected, the remaining amount of time is reset to the start or preset value in work P450. Otherwise, the verification failure is recorded in work P430 (for example, by updating a failure count value). In job P440, the number of failures is compared to a predetermined threshold T. If this threshold is exceeded, work P340 is executed (via logical OR work P480). Otherwise, further verification is allowed in work P4 10. In another implementation, the verification test P420 may include comparing parameters to characterize a user's voice, corneal pattern, fingerprints, or one or more other identifying features to store parameter values. The timing and verification operations described here (such as work P420, P430, P440, P450, and P470) can be performed by an array of one or more logic elements, such as processor 120a, which may be combined with other work. The foregoing description of specific embodiments is provided to those skilled in the art to make or use the present invention. It is possible to modify these specific embodiments, and the basic principles disclosed herein can also be applied to other specific embodiments. For example, the present invention can be partially or entirely implemented as a hardware circuit, such as a circuit architecture fabricated in a specific application integrated circuit, or a firmware program loaded into non-volatile memory, or a The software program is loaded or obtained from a data storage medium into a machine-readable code, which can be read by a logic element-21-This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)

Claims (1)

1223938 A BCD No. 090127528 patent application in the Chinese version of the patent application replacement (March 1993) 6. Patent application scope: ~-1 · A method of instructing a node to prevent access to information stored in the node, the method includes : Detect (1) a first identification of the node and (2) consistency between parts of at least one instruction to prevent access to the information stored in the node: and instruct the Node to prevent access to that information. 2. The method according to item 1 of the patent application scope, wherein the node is instructed to occur on at least a part of a wireless communication link. 3. The method according to item 1 of the patent application scope, wherein the node is instructed to occur on at least a part of a wireless communication link of a cellular network regarding wireless communication. 4. The method according to item 1 of the scope of patent application, wherein the node is instructed to be executed by at least a part of a cellular network of wireless communication. 5. The method according to item 1 of the patent application scope, wherein the information includes a series of phone numbers stored through a device, which are set and configured to communicate with a wireless cellular network through a wireless communication link. 6. If the method of claim 1 is applied, the method further comprises: before the detecting, receiving a transmission from the node, wherein the transmission includes an identification mark, and wherein the identification mark is related to the first identification Related. 7. The method of claim 6, wherein receiving a transmission from one of the nodes includes receiving a request for access to one of a cellular network. 8. The method of claim 6 wherein receiving a transmission from one of the nodes includes receiving a registration request to a cellular network for wireless communication. -1-O: \ 74 \ 74883-930309. DOC This paper is suitable for financial purposes 0_1 __ (⑽) A4_21G x 297 male i _ '1223938 A8 B8 C8 D8_ VI. Scope of patent application ^ ---- 9 · If the method of patent scope item 6 is applied, 'The identification mark is based at least in part on an identification code assigned to a mobile unit and communicates with the wireless A honeycomb network related. 10. The method according to claim 6 of the patent scope, wherein the identification mark is based on at least a serial number of the node. 11. The method according to item 1 of the scope of patent application, wherein the instruction to prevent access to the information stored in the node includes a second identification, and wherein the detection consistency includes comparing the first identification and the second identification 〇12 · —A method for preventing access to information stored in a node, the method includes: sending a request from the node to a network; receiving a response to the request, the response including a command to prevent access to the storage in Information of the node; and preventing a response to the information according to the receiving, wherein the request includes an identification mark. 13. The method according to claim 12 of the patent scope, wherein the network includes a cellular network of wireless communication. 14. The method of claim 2 in the scope of patent application, wherein the request includes at least one of requesting access to the network and a registration request. 15. The method according to item 12 of the scope of patent application, wherein the instruction for preventing access to the information stored in the node includes information corresponding to the node. 16. The method according to item 12 of the scope of patent application, wherein the instruction for preventing access to the information stored in the node includes information corresponding to the identification information stored in the node. -2- O: \ 74 \ 74883-930309.DOC © This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) Scope of patent application 17. The method according to item 12 of the patent application scope, wherein the instruction for preventing access to the information stored in the node is received through at least a part of the wireless communication link. 18. The method of claim 12 in the scope of patent application, wherein preventing access to the information includes changing the information. 19. The method according to item 8 of the patent application scope, wherein the changing the information includes overwriting at least a part of the information. 20. The method of claim 12 in the scope of patent application, wherein preventing access to the information includes changing at least one directory entry regarding the information. 21. The method of claim 12, wherein preventing access to the information includes changing a key, where the key is about the consistency between the storage of the information and the ungilded form. 22 · —A method for preventing access to information stored at a node, the method comprising: receiving an instruction to prevent access to information stored at the node; and preventing access to the information according to the receiving, wherein preventing access to The information command is received through a cellular network connected to the wireless communication through at least a part of the wireless communication. 23. The method of claim 22, wherein the instruction includes a first identification, and the method further includes detecting the consistency between the first identification and an identification mark stored in the node. 24. The method of claim 23 in the scope of patent application, wherein the preventing access to the information occurs after the detection. 25. If the method of the 22nd item of the scope of patent application is applied, the access to the information is to be prevented ) 1223938 AB c D 6. The scope of patent application includes changes to this information. 26 · —A device for preventing positive access to information stored at a node, including: a receiver 'whose settings and arrangements receive command information through a communication link; a first storage area whose settings and arrangements store identification information; A consistency detector coupled to the receiver and the first storage area; and a second storage area, wherein the consistency detector is set and arranged to detect (A) based at least in part on the identification information A mark of, and (B) at least partly based on the consistency between a string of the information received through the communication link, and in which access to the first Information in the storage area. 27. The device as claimed in claim 26, wherein the consistency detector comprises a first comparator. 28. The device according to item 27 of the scope of patent application, the device further includes a second comparator, which is arranged and arranged to detect the consistency between an input word and a stored word content, where the consistency At least one of the detection by the detector and the detection by the second comparator will prevent access to the information in the second storage area. 29. The device according to item 27 of the scope of patent application, the device further includes a timer, wherein the detection by the consistency detector, the detection by the second comparator, and the expiration of the timer are at least one of them. After one, access to the information in the second storage area is avoided. O: \ 74 \ 74883-930309.DOC ©. 4-This paper size is applicable to China National Standard (CNS) A4 (210 X 297 public envy) 1223 93 8r: Repair AB c D -5- Application for patent scope 30. · If the device in the 26th scope of the patent application, the device further includes a ~ timer, in which the access will be avoided after the consistency detector detects and at least one of the timer expires. Information in the storage area 03L—A device for preventing access to information stored in a node, including: a receiver, which is arranged and arranged to receive a command from a cellular network from wireless communication; a memory , At least a part of the memory has information; and a processor, which is arranged and arranged to respond to the instruction to prevent a user from accessing the information. 32. The device according to item 31 of the scope of patent application, the device further includes a transmitter configured and arranged to transmit a request to the wireless cellular network, wherein the instruction is received in response to the request. 33. The device according to item 32 of the scope of patent application, wherein the request includes a request for accessing the wireless communication of the cellular network and a pull request to one of ^ ". O: \ 74 \ 74883 -930309.DOC © This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)