US20170193048A1 - Method for determining identification of an electronic device - Google Patents
Method for determining identification of an electronic device Download PDFInfo
- Publication number
- US20170193048A1 US20170193048A1 US15/408,257 US201715408257A US2017193048A1 US 20170193048 A1 US20170193048 A1 US 20170193048A1 US 201715408257 A US201715408257 A US 201715408257A US 2017193048 A1 US2017193048 A1 US 2017193048A1
- Authority
- US
- United States
- Prior art keywords
- data points
- electronic device
- server
- record
- data point
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G06F17/30477—
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
-
- G06F17/30312—
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
Definitions
- the present invention relates to identification of an electronic device electronically by remote access.
- IT information technology
- Individuals, systems, organizations, and other business assets are interconnected in this emerging economic web, and as this IT landscape grows increasingly complex, so does the need to efficiently manage IT assets, including both physical assets and data.
- individuals and organizations alike are now, more than ever, are recognizing the need to take control of, manage and secure their computer asset base, in order to preserve their IT investments.
- the present invention provides a utility to determine identity of an electronic device electronically, by running a device attribute collection application that collects key attributes in the form of data points of the electronic devices and a device identification application that uses these key data points to link the electronic device to a specific owner or entity.
- Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use.
- the device identification application intelligently tracks changes in key data points associated with the device. Even if the data points change, the device identification application can still identify the device and associate it back to the original owner or entity. This enables consistent tracking of the device over its lifecycle.
- the device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device) based on collected data points of the device.
- the device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
- the device attribute collection application and the identification application may be embodied in software, hardware, firmware, or a combination of such.
- FIG. 1 is a schematic diagram depicting representative communication links including networks by which asset tracking may be implemented in accordance with one embodiment of the present invention.
- FIG. 2 is a schematic functional block diagram illustrating logic flow of processes undertaken by the device identification application, in accordance with one embodiment of the present invention.
- FIG. 3 is a schematic functional block diagram illustrating logic flow of processes undertaken in determining massive change in the data points of a device.
- FIG. 4 is a schematic block diagram illustrating the interaction between a device and a server, to undertake device data collection and identification.
- the present invention determines identity of the client device by running a device attribute collection application that collects key data points of the electronic devices and a device identification application that uses these key data points to link the electronic device to a specific owner or entity.
- Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use.
- the device identification application intelligently tracks changes in key data points associated with the device. Even if the data points change, the device identification application can still identify the device and associate it back to the original owner or entity. This enables consistent tracking of the device over its lifecycle.
- the device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device) based on collected data points of the device.
- the device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
- the device attribute collection application and the device identification application may be embodied in software, hardware, firmware, or a combination of such.
- the device identification utility of the present invention may be deployed as a component of existing asset tracking applications.
- the device identification utility may be deployed as a component of the AbsoluteTrack, a product developed by Absolute Software Corporation, the assignee of the present invention.
- Absolute Software has developed and is marketing Computrace, a product and service that securely tracks assets and recovers lost and stolen assets, and AbsoluteTrack, a secure asset tracking, and inventory management, solution powered by the Computrace technology platform.
- Computrace deploys a stealth agent, which is a software client that resides on the hard drive of client computers.
- Absolute Software Corporation further improved on the original agent platform by providing an improved tamper resistant servicing Agent for enabling, supporting and/or providing various services relating to management and protection of assets (including without limitation hardware, firmware, software, data, etc.), including services such as data delete, firewall protection, data encryption, location tracking, message notification, and software deployment and updates.
- the servicing functions can be controlled by a remote server.
- the technology underlying various Computrace products and services have been disclosed and patented in the U.S. and other countries, which patents had been commonly assigned to Absolute Software Corporation. See, for example, U.S. Pat. Nos.
- AbsoluteTrack Secure Computer Asset Tracking Solution, a white paper, published Apr. 25, 2003. These documents are fully incorporated by reference as if fully set forth herein.
- device data collection and identification may take advantage of the persistent agent, to be deployed as a service by the persistent agent.
- the device attribute collection application of the present invention may be deployed by or made part of the Agent. Once installed, the device attribute collection application automatically contacts a monitoring center on a regular or scheduled basis transmitting location information and all auto-discovered asset data points.
- the device identification application of the present invention may be deployed as one of or part of the servicing functions at the remote server.
- the device identification utility i.e., data point collection and device identification
- Asset tracking function is an example of the services that can be enabled with, supported by and/or provided with the device identification application of the present invention.
- the asset tracking system in accordance with one embodiment of the present invention involves a client/server architecture, which may comprise the following main components: (a) client device A consisting of, for example, any one of the electronic devices shown which have been implanted with a persistent Agent.
- the Agent software runs on the client devices for the purpose of reporting deploying applications including reporting information to and receiving instructions from a remote server to program the Agent to support and execute a desired function.
- a communication link B such as an information exchange network, which may include switched communications networks, the Internet, private and public intranet, radio networks, satellite networks, and cable networks; and
- a host monitoring system C which include a host monitoring server 3 that monitors the communications between the client device A and the host monitoring system C, which is contacted on a regular or scheduled basis by the client devices records information from the client devices.
- the monitoring server also provides instructions to the client on what actions to perform, including what actions the client is to perform, what data to collect and the clients next scheduled call time.
- the host monitoring system C is implemented with the device identification application, which remotely determines the identity of the client devices being monitored, by evaluating the data points collected using the device attribute collection application residing in the client devices (e.g., either a separate application or part of the Agent).
- the client devices contact the monitoring server via the communication link B (e.g., an IP connection or via a dial-up telephone connection).
- the host monitoring system C may include a reporting and administration portal, which provides customers, administrators and asset tracking service providers the ability to view data and manage the functions of the monitoring server and the client devices.
- useful client devices A that can be identified with the device identification application in accordance with the present invention (and in which the persistent servicing Agent can be implemented) include, but are not limited to, general or specific purpose digital processing, information processing and/or computing devices, which devices may be standalone devices or a component part of a larger system (e.g., a mass storage device), portable, handheld or fixed in location.
- client devices may be in the form of desktop client computing devices, portable computing devices (e.g., laptop and notebook computers), or hand-held devices (e.g., cell phones, PDAs (personal digital assistants)), personal electronics (e.g., personal digital media players, personal gaming devices), etc.), which have the ability to communicate to an external server, as further explained below.
- the client devices may be selectively operated, activated or configured by a program, application, routine and/or a sequence of instructions and/or logic stored in the devices, in addition to the operating systems resident in the devices.
- use of the methods described and suggested herein is not limited to a particular processing configuration.
- the present invention is described in reference to examples of deployments and implementations in reference to a laptop or notebook computer as the client device A (computer Al is schematically represented as a desktop device, but may instead comprise a portable computing device).
- FIG. 1 is a schematic representation of the communication links B in the form of information exchange networks in which the present invention may be deployed for asset identification and tracking.
- the information exchange network accessed by the device identification application in accordance with the present invention may involve, without limitation, distributed information exchange networks, such as public and private computer networks (e.g., Internet, Intranet, WAN, LAN, etc.), value-added networks, communications networks (e.g., wired or wireless networks), broadcast networks, cable networks, radio networks, and a homogeneous or heterogeneous combination of such networks.
- distributed information exchange networks such as public and private computer networks (e.g., Internet, Intranet, WAN, LAN, etc.), value-added networks, communications networks (e.g., wired or wireless networks), broadcast networks, cable networks, radio networks, and a homogeneous or heterogeneous combination of such networks.
- the networks include both hardware and software and can be viewed as either, or both, according to which description is most helpful for a particular purpose.
- the network can be described as a set of hardware nodes that can be interconnected by a communications facility, or alternatively, as the communications facility, or alternatively, as the communications facility itself with or without the nodes.
- a communications facility or alternatively, as the communications facility, or alternatively, as the communications facility itself with or without the nodes.
- the line between hardware, firmware and software is not always sharp, it being understood by those skilled in the art that such networks and communications facility, and the components of the persistent agent technology platform, involve software, firmware and hardware aspects.
- each client device A has attributes that are collected and delivered by the client device A to the host monitoring station C.
- the present invention provides a further means of identifying the identity of the tracked client device, without solely relying on the device identification number(s) assigned, by providing an application to determine identity of the client device electronically using such attributes.
- the general approach includes:
- the present invention determines identity of the client device by running a device attribute collection application that collects key data points of the electronic devices.
- the device identification application e.g., residing at a remote server
- the device attribute collection application may be embodied as a service enabled and supported by the persistent agent, in accordance with one embodiment of the present invention.
- the device identification scheme according to the present invention would be less susceptible to malicious tampering attempts to mask the device identity.
- the data is gathered and delivered when the persistence agent calls the monitoring server.
- a specific device attribute collection application program 12 e.g., in the form of a DLL (dynamic link libraries)
- DLL dynamic link libraries
- This application gathers the data points (e.g., using the mechanisms listed on the right column of Table 1 below).
- the DLL is not limited by the mechanisms listed; it can be extended to include additional mechanisms as may be available in standard API's (Application Program Interfaces) or custom built to collect existing data points more reliably or to collect additional data points.
- the device attribute collection application may be deployed in the server, to remotely obtain device attributes.
- the data points collected and applied to device identification may include the following:
- Table 1 An embodiment of a full list of data collected and to be stored as an inventory record by the device identification application at the server is included in Table 1 below, for a computer as an example of a device being tracked. Also listed in Table 1 are the respective mechanisms to collect these data by the device attribute collection application.
- MAPMEM driver e.g., developed by Absolute
- WMI call fails. Otherwise information from WMI may be used instead. Should S.M.A.R.T API fails (i.e., SN is returned empty), WMI may be used to get HDDSerialNumber.
- S.M.A.R.T API fails (i.e., SN is returned empty), WMI may be used to get HDDSerialNumber.
- Some of the data points may be specific for certain makes and/or models of devices (e.g., GatewayString data is specific for GATEWAY brand of computers only).
- the inventory record is a record of all specific data points collected at one instance that constitutes a device's unique identification or characteristics (e.g., an embodiment of an inventory record is show in Table 1). These inventory records are logged to create a history of the asset's key data points. The function to identify the device would be enhanced by using these additional data points, as they provide a more comprehensive and dynamic profile of the device (i.e., accommodating continuous changes to the device over the life history of the device), which can be tracked over the device's life history.
- DLL creates a file in XML format that is uploaded to the server 20 (or another server different from the server 20 ) and parsed into the database to form an inventory record.
- the server 20 includes a device identification application 22 , which receives the XML file from the device attribute collection application 12 residing in the device 10 .
- New and existing inventory records may be stored in an inventory record database 24 .
- the format of the XML file is shown by a sample in Table 2.
- the data point collection application is configured to use these key data points in the inventory records, match it with data that is reported during the agent call, and link the device to a specific owner or entity. Data points of the device change over time for reasons such as reconfiguration, repair or normal maintenance. The application intelligently handles changes in key data points. Even if the data points change, the application can still identify the device and link it back to the original owner or entity. This enables consistent tacking of the device over its lifecycle. In case of theft or loss, the device can be identified remotely with software. The details of the device identification application are described below.
- FIG. 2 is a functional block diagram illustrating the logic flow of the device identification application 22 residing at, for example, a monitoring server 20 in FIG. 4 .
- the application performs at least the following primary functions:
- an inventory record is created and a unique identifier (ESN) is assigned in the inventory record database 24 and also written on the device hard drive 14 .
- ESN unique identifier
- the ESN written on the device hard drive is matched to the inventory record in the inventory record database 24 , and the other key data points are updated.
- the device attribute collection application 12 e.g., an inventory DLL
- an inventory DLL is run to collect the inventory data, and an ESN, if that may have been previously written on the device hard drive 14 , is retrieved.
- ESN has not been assigned to the computer (i.e., the last 4 digits are 0's), (or if an earlier assigned ESN is misidentified, e.g., as a result of tampering), it means that either it is a new installation, or the hard drive has been wiped and the persistence algorithm from BIOS has restored the agent. If ESN assignment is needed, the right hand side of the flow diagram in FIG. 2 is undertaken, and an ESN activation process is executed. For example, in case of a stolen device, the ESN written on the hard drive my have been erased or tampered with, so a reverse lookup is done using the key data points and an ESN is found and re-written to the hard drive.
- This reverse lookup is also used to match the device to its rightful owner.
- the inventory record is validated against the existing inventory records stored in the inventory record database 24 .
- the Inventory Record Validation insert in FIG. 2 the following device data points by the current attribute collection process are matched against those in the previously stored inventory records in the following order, for example:
- an exception table is looked up to see if the data point is in the exception table. This is to ensure known non-unique data points are not used in ESN determination.
- Some generic no-name devices are known to have either blank serial numbers or a non-unique serial number that exists on multiple devices. A list of these known non-unique identifiers is maintained in the exception table. If there is an exception, the data point is ignored, and the next item of data point is matched. If a particular data point item is not on the exception list, a determination is made as to how many existing inventory records are found having such data point item. If instead no existing inventory record or multiple existing inventory records are found, that particular data point item is ignored and the next item matched.
- any multiple records found in the process may be “cleaned” to remove or reduce issues for future inventory record validation. If only one existing inventory record is found, then the inventory record corresponding to the collected data point item is deemed to be found and a match of the device in relation to such existing inventory record is deemed to have been achieved.
- the ESN of the existing inventory record is checked to determine if it is in a holding account. If not in the holding account, such ESN is assigned to the device (e.g., written to the device hard-drive) and the inventory record for the device is updated.
- the client device is instructed to call back to that monitoring center.
- a specific host monitoring center e.g., an enterprise account managed by an associated monitoring center
- the client device is instructed to call back to that monitoring center.
- the current Parent i.e., ID which can be used to identify the account into which an ESN should be assigned
- MID i.e., media ID; unique identifier assigned when the installation media is created
- the current Parent i.e., ID which can be used to identify the account into which an ESN should be assigned
- MID i.e., media ID; unique identifier assigned when the installation media is created
- the most recently created inventory record i.e., the one comprising the currently collected device attributes
- the current Parent and MID are used to create a new ESN (i.e., “Parent”+MID become the prefix for the new ESN).
- a new inventory record is created. If not an enterprise account, the new ESN is assigned to the device and the inventory record database is updated. If an enterprise account, the device is redirected to contact the associated or designated server for further handling.
- the calling agent provides an existing ESN (i.e., the last 4 digits are not 0's) that was retrieved from the device (e.g., stored on the device hard drive)
- the device can already be uniquely identified (unless it is an invalid ESN, in which case it would be treated as though an ESN does not exist, and the earlier described ESN assignment process is undertaken).
- the application checks for validity of the ESN.
- the ESN on the hard drive can be invalid for a number of reasons, such as:
- the application first checks if the calling agent has an activated (non zero) ESN. If yes, the ESN is searched to see if it is stolen. This is because the calling device's ESN is not reassigned or changed if it is stolen, to retain the consistency and to keep the historical tracking history intact. If the ESN is not flagged stolen, then a known duplicate list is searched for automatic resolution. This may include assigning a new ESN to one or both of the duplicate records, for example using the ESN activation process earlier described.
- the inventory record of the ESN in the inventory record database is matched with the inventory record created based on device data points collected during the current contact. (For enterprise ESN, the device is redirected, as noted above.) If less than a predetermined number of data points (e.g., two or less) have changed, then the inventory record in the inventory record database is updated for checks during subsequent contacts. This process distinguishes routine maintenance activities if the number of changes detected in a single contact is within the predetermined number, from massive changes if the number of changes in a single contact is more than the predetermined number.
- a predetermined number of data points e.g., two or less
- FIG. 3 is a schematic function block diagram illustrating the processes undertaken to implement massive change determination, in accordance with one embodiment of the present invention.
- Various checks are undertaken to determine the number of data points of the device (e.g., those discussed earlier above) have experienced changes.
- a difference counter keeps track of the number of data points that have changed, by incrementing from an initial zero count. In the illustrated embodiment, if the difference counter has a value that is equal or greater than “2” (or some other threshold value), massive change status is determined to have occurred.
- the application treats it as a new device, and assigns it a new ESN from the same customers account.
- the application switches to the right hand side of the logic flow diagram, and the ESN activation process earlier described is undertaken.
- the inventory record in the inventory record database matches the data points collected during that contact, and the ESN in the inventory record database matches the ESN written on the device hard drive. This repositions the device for future inventory record checking, which may be according to a predetermined schedule, such as that described in the patent publications identified herein regarding asset tracking.
- the inventory record may be relied upon to link the client device to its owner (an individual or entity), for example based on prior established owners information in relation to the inventory records stored in the inventory record database.
- the embodiment described above effectively and uniquely identifies a device.
- the logic described above can be extended to include more data points, to collect data points using different mechanism, and using varying matching mechanisms, not limited to the application processes and data described above, without departing from the scope and spirit of the present invention.
- the device identification application of the present invention should be considered extensible and not bound by the specific algorithms, data points, data collection mechanism or usage of specific limited number of data points by the application.
- Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use.
- the device identification application intelligently tracks changes in key data points associated with the device. Even if the data points change, the device identification application can still identify the device and associate it back to the original owner or entity. This enables consistent tracking of the device over its lifecycle.
- the device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device).
- the device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
Abstract
A utility to determine identity of an electronic device electronically, by running a device attribute collection application that collects key data points of the electronic devices and a device identification application that uses these key data points to link the electronic device to a specific owner or entity. Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use. The device identification application intelligently and consistently tracks changes in key data points associated with the device, even if the data points change over its lifecycle. The device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device) based on the collected data points. The device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
Description
- This application is a continuation of U.S. patent application Ser. No. 11/726,352, filed Mar. 20, 2007, now U.S. Pat. No. 9,547,780, which claims the priority of U.S. Provisional Application No. 60/784,195, filed Mar. 20, 2006. These documents and other publications referenced herein are fully incorporated by reference as if fully set forth herein.
- 1. Field of the Invention
- The present invention relates to identification of an electronic device electronically by remote access.
- 2. Description of Related Art
- In today's competitive business environment, information technology (IT) is playing an increasingly important role in the exchange of knowledge in day-to-day business as well as personal functions. Individuals, systems, organizations, and other business assets are interconnected in this emerging economic web, and as this IT landscape grows increasingly complex, so does the need to efficiently manage IT assets, including both physical assets and data. As a result, individuals and organizations alike are now, more than ever, are recognizing the need to take control of, manage and secure their computer asset base, in order to preserve their IT investments. It becomes more challenging to protect IP assets with the increase in processing power for mobile computing devices, where more and more individuals have opted for mobile computing devices, either as replacements to their desktop units, or as additional devices for home or small business networks.
- Most IT departments will support the statement that conventional asset management solutions can't accurately account for the ever-increasing population of remote and mobile users. In fact, a typical organization will lose up to 15% of its PC assets over a two year period due to PC drift—where assets are not necessarily lost or stolen, but they simply cannot be accounted for due to the many times they've changed owners or departments since first being provisioned. On average, most organizations can only accurately identify 65% of their actual PC asset base when asked to do an inventory. Best practices demand that IT know where at least 90% of PC assets are located at all times. In a response to recent corporate accounting scandals, identity theft and malicious hacking, governments are establishing regulations that force businesses to protect and be accountable for all sensitive digital information. If organizations do not effectively identify and track all of their computing assets there could be severe regulatory concerns.
- For an asset tracking and/or configuration management application to undertake its tracking function, not only should it be able to resist certain level of tampering by an unauthorized user, it must also be able to accurately identify the physical electronic asset being tracked. Attempts to identify, track, manage and update PC assets and their configurations are further challenged in view of the fact that during a PC's lifecycle it will undergo hardware, software and image changes including: break/fix repairs, configuration changes, operating system reinstalls, hard-drive reformats/replacements, system crashes and user-driven configuration changes. Many of these changes will require a reinstallation of the operating system whereby the original footprint or identification of the PC asset can be disabled or removed. This change, if not diligently recorded and tracked, is the beginning of a PC asset drifting from a known state into an unknown state. These routine PC life cycle operating requirements can increase the complexity and challenge of identifying and tracking PC assets, especially those that are remote and mobile. The challenges in achieving reliable asset identification further create uncertainties in deployment of certain asset control operations, such as undertaking remote data deletion operation to remove sensitive data in a target mobile computer.
- Heretofore, some computer assets have been identified by relying on firmware serial numbers. This approach is simple and relatively reliable, but hardware changes could cause misidentification. Other computer assets have been identified by software-assigned identifiers, such as serial numbers and/or names. While this approach is also relatively reliable and the identifiers can be easily assigned, it also creates opportunities for reassignment of the identifiers, such as when the device operating system is reinstalled and/or upon a hardware change, either by an authorized user or by tampering by an unauthorized user.
- It is therefore desirable to develop a method for intelligently and accurately determining identification of electronic devices electronically.
- The present invention provides a utility to determine identity of an electronic device electronically, by running a device attribute collection application that collects key attributes in the form of data points of the electronic devices and a device identification application that uses these key data points to link the electronic device to a specific owner or entity. Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use. The device identification application intelligently tracks changes in key data points associated with the device. Even if the data points change, the device identification application can still identify the device and associate it back to the original owner or entity. This enables consistent tracking of the device over its lifecycle. The device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device) based on collected data points of the device. The device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
- In one embodiment, the device attribute collection application and the identification application may be embodied in software, hardware, firmware, or a combination of such.
- For a fuller understanding of the nature and advantages of the present invention, as well as the preferred mode of use, reference should be made to the following detailed description read in conjunction with the accompanying drawings. In the following drawings, like reference numerals designate like or similar parts throughout the drawings.
-
FIG. 1 is a schematic diagram depicting representative communication links including networks by which asset tracking may be implemented in accordance with one embodiment of the present invention. -
FIG. 2 is a schematic functional block diagram illustrating logic flow of processes undertaken by the device identification application, in accordance with one embodiment of the present invention. -
FIG. 3 is a schematic functional block diagram illustrating logic flow of processes undertaken in determining massive change in the data points of a device. -
FIG. 4 is a schematic block diagram illustrating the interaction between a device and a server, to undertake device data collection and identification. - The present description is of the best presently contemplated mode of carrying out the invention. This description is made for the purpose of illustrating the general principles of the invention and should not be taken in a limiting sense. The scope of the invention is best determined by reference to the appended claims. The present invention can find utility in a variety of implementations without departing from the scope and spirit of the invention, as will be apparent from an understanding of the principles that underlie the invention. For purpose of illustrating the features of the device identification application of the present invention, reference is made to asset tracking as one example of the services in conjunction with which the present invention may be deployed. It is understood that the device identification application may be used for other services, such as computer management, backup and recovery applications, remote data deletion operations, etc., without departing from the scope and spirit of the present invention.
- The detailed descriptions that follow are presented largely in terms of methods or processes, symbolic representations of operations, functionalities and features of the invention. These method descriptions and representations are the means used by those skilled in the art to most effectively convey the substance of their work to others skilled in the art. A software implemented method or process is here, and generally, conceived to be a self-consistent sequence of steps leading to a desired result. These steps require physical manipulations of physical quantities. Often, but not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It will be further appreciated that the line between hardware and software is not always sharp, it being understood by those skilled in the art that software implemented processes may be embodied in hardware, firmware, or software, in the form of coded instructions such as in microcode and/or in stored programming instructions.
- The present invention determines identity of the client device by running a device attribute collection application that collects key data points of the electronic devices and a device identification application that uses these key data points to link the electronic device to a specific owner or entity. Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use. The device identification application intelligently tracks changes in key data points associated with the device. Even if the data points change, the device identification application can still identify the device and associate it back to the original owner or entity. This enables consistent tracking of the device over its lifecycle. The device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device) based on collected data points of the device. The device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
- In one embodiment, the device attribute collection application and the device identification application may be embodied in software, hardware, firmware, or a combination of such.
- The device identification utility of the present invention may be deployed as a component of existing asset tracking applications. For example, the device identification utility may be deployed as a component of the AbsoluteTrack, a product developed by Absolute Software Corporation, the assignee of the present invention. Absolute Software has developed and is marketing Computrace, a product and service that securely tracks assets and recovers lost and stolen assets, and AbsoluteTrack, a secure asset tracking, and inventory management, solution powered by the Computrace technology platform. Computrace deploys a stealth agent, which is a software client that resides on the hard drive of client computers. Absolute Software Corporation further improved on the original agent platform by providing an improved tamper resistant servicing Agent for enabling, supporting and/or providing various services relating to management and protection of assets (including without limitation hardware, firmware, software, data, etc.), including services such as data delete, firewall protection, data encryption, location tracking, message notification, and software deployment and updates. The servicing functions can be controlled by a remote server. The technology underlying various Computrace products and services have been disclosed and patented in the U.S. and other countries, which patents had been commonly assigned to Absolute Software Corporation. See, for example, U.S. Pat. Nos. 5,715,174; 5,764,892; 5,802,280; 6,244,758; 6,269,392; 6,300,863; and 6,507,914; and related foreign patents. Details of the persistent agent are disclosed in co-pending U.S. patent application Ser. No. 11/093,180, filed Mar. 28, 2005 (now published U.S. Patent Publication No. US2005-0216757; which corresponds to PCT Application Publication No. WO 2006/102399) and U.S. patent application Ser. No. 11/386,040, filed Mar. 20, 2006 (now published U.S. Patent Publication No. US2006-0272020). Further information concerning AbsoluteTrack has been published by Absolute Software Corporation (e.g., AbsoluteTrack—Secure Computer Asset Tracking Solution, a white paper, published Apr. 25, 2003). These documents are fully incorporated by reference as if fully set forth herein.
- In one embodiment of the present invention, device data collection and identification may take advantage of the persistent agent, to be deployed as a service by the persistent agent. The device attribute collection application of the present invention may be deployed by or made part of the Agent. Once installed, the device attribute collection application automatically contacts a monitoring center on a regular or scheduled basis transmitting location information and all auto-discovered asset data points. The device identification application of the present invention may be deployed as one of or part of the servicing functions at the remote server. For purpose of completeness, the device identification utility (i.e., data point collection and device identification) of the present invention will be described below in reference to asset tracking function, as elaborated below.
- Asset tracking function is an example of the services that can be enabled with, supported by and/or provided with the device identification application of the present invention. Referring to
FIG. 1 , the asset tracking system in accordance with one embodiment of the present invention involves a client/server architecture, which may comprise the following main components: (a) client device A consisting of, for example, any one of the electronic devices shown which have been implanted with a persistent Agent. The Agent software runs on the client devices for the purpose of reporting deploying applications including reporting information to and receiving instructions from a remote server to program the Agent to support and execute a desired function. (b) a communication link B, such as an information exchange network, which may include switched communications networks, the Internet, private and public intranet, radio networks, satellite networks, and cable networks; and (c) a host monitoring system C, which include ahost monitoring server 3 that monitors the communications between the client device A and the host monitoring system C, which is contacted on a regular or scheduled basis by the client devices records information from the client devices. The monitoring server also provides instructions to the client on what actions to perform, including what actions the client is to perform, what data to collect and the clients next scheduled call time. - In accordance with the present invention, the host monitoring system C is implemented with the device identification application, which remotely determines the identity of the client devices being monitored, by evaluating the data points collected using the device attribute collection application residing in the client devices (e.g., either a separate application or part of the Agent). The client devices contact the monitoring server via the communication link B (e.g., an IP connection or via a dial-up telephone connection). The host monitoring system C may include a reporting and administration portal, which provides customers, administrators and asset tracking service providers the ability to view data and manage the functions of the monitoring server and the client devices.
- With the exception of the device identification application, each of these components has been fully disclosed in the copending U.S. patent application Ser. No. 11/386,040, filed Mar. 20. 2006 (now U.S. Patent Application Publication No. US2006-0272020; which corresponds to PCT Application Publication No. WO 2006/102399).
- Referring to
FIG. 1 , useful client devices A that can be identified with the device identification application in accordance with the present invention (and in which the persistent servicing Agent can be implemented) include, but are not limited to, general or specific purpose digital processing, information processing and/or computing devices, which devices may be standalone devices or a component part of a larger system (e.g., a mass storage device), portable, handheld or fixed in location. Different types of client devices may be in the form of desktop client computing devices, portable computing devices (e.g., laptop and notebook computers), or hand-held devices (e.g., cell phones, PDAs (personal digital assistants)), personal electronics (e.g., personal digital media players, personal gaming devices), etc.), which have the ability to communicate to an external server, as further explained below. The client devices may be selectively operated, activated or configured by a program, application, routine and/or a sequence of instructions and/or logic stored in the devices, in addition to the operating systems resident in the devices. In short, use of the methods described and suggested herein is not limited to a particular processing configuration. By way of example and not limitation, the present invention is described in reference to examples of deployments and implementations in reference to a laptop or notebook computer as the client device A (computer Al is schematically represented as a desktop device, but may instead comprise a portable computing device).FIG. 1 is a schematic representation of the communication links B in the form of information exchange networks in which the present invention may be deployed for asset identification and tracking. The information exchange network accessed by the device identification application in accordance with the present invention may involve, without limitation, distributed information exchange networks, such as public and private computer networks (e.g., Internet, Intranet, WAN, LAN, etc.), value-added networks, communications networks (e.g., wired or wireless networks), broadcast networks, cable networks, radio networks, and a homogeneous or heterogeneous combination of such networks. As will be appreciated by those skilled in the art, the networks include both hardware and software and can be viewed as either, or both, according to which description is most helpful for a particular purpose. For example, the network can be described as a set of hardware nodes that can be interconnected by a communications facility, or alternatively, as the communications facility, or alternatively, as the communications facility itself with or without the nodes. It will be further appreciated that the line between hardware, firmware and software is not always sharp, it being understood by those skilled in the art that such networks and communications facility, and the components of the persistent agent technology platform, involve software, firmware and hardware aspects. - In the co-pending U.S. patent application Ser. No. 11/386,040, one of the important functions of the Agent is to contact the host monitoring system C to report information relating to its associated client device A. The present invention provides an improvement to the earlier embodiments. According to one embodiment disclosed therein, each client device A has attributes that are collected and delivered by the client device A to the host monitoring station C. The present invention provides a further means of identifying the identity of the tracked client device, without solely relying on the device identification number(s) assigned, by providing an application to determine identity of the client device electronically using such attributes.
- The general approach includes:
-
- 1) Attribute collection.
- 2) Collected attributes transmitted to the server (optionally with optimization to only upload them if the CRC for the XML document has changed), and inventory record maintained.
- 3) ESN (Electronic Serial Number) assignment process and storage of changed attributes.
- 4) Optionally storing the extended history of the attribute changes.
a. Device Attribute Collection Application
- The present invention determines identity of the client device by running a device attribute collection application that collects key data points of the electronic devices. The device identification application (e.g., residing at a remote server) considers these key data points to link the electronic device to a specific owner or entity. For example, the device attribute collection application may be embodied as a service enabled and supported by the persistent agent, in accordance with one embodiment of the present invention. The device identification scheme according to the present invention would be less susceptible to malicious tampering attempts to mask the device identity.
- In one embodiment, the data is gathered and delivered when the persistence agent calls the monitoring server. Referring to
FIG. 4 , in one embodiment, during the call, a specific device attribute collection application program 12 (e.g., in the form of a DLL (dynamic link libraries)) is downloaded from aserver 20 into a memory in the device 10 by the agent therein, and the agent invokes a function in this inventory DLL. This application gathers the data points (e.g., using the mechanisms listed on the right column of Table 1 below). The DLL is not limited by the mechanisms listed; it can be extended to include additional mechanisms as may be available in standard API's (Application Program Interfaces) or custom built to collect existing data points more reliably or to collect additional data points. (Alternatively, the device attribute collection application may be deployed in the server, to remotely obtain device attributes.) - The data points collected and applied to device identification may include the following:
-
- i. Device's Make, Model
- ii. Device's Motherboard Serial Number
- iii. Device's UUID (Universal Unique Identifier)
- iv. Hard drive Serial Number
- v. Mac address of multiple network cards
- vi. Ram serial number
- vii. Battery Serial number
- The list above is an example of a subset of data points collected during the interaction with a device. An embodiment of a full list of data collected and to be stored as an inventory record by the device identification application at the server is included in Table 1 below, for a computer as an example of a device being tracked. Also listed in Table 1 are the respective mechanisms to collect these data by the device attribute collection application.
-
TABLE 1 Full list of Data points collected and stored in an inventory record. Data Point Data Gathering Mechanism ComputerMakeWMI WMI API ComputerModelWMI WMI API ComputerSerialWMI WMI API ComputerMake MAPMEM driver; Read DMI info ComputerModel MAPMEM driver; Read DMI info ComputerSerial MAPMEM driver; Read DMI info ComputerAsset0 WMI API ComputerAsset1 WMI API SystemSMBIOSVersion Windows Registry SystemBiosVersion Windows Registry SystemBiosDate Windows Registry BaseBoardVersion WMI API HDDSerialNumber0 S.M.A.R.T API HDDSerialNumber1 S.M.A.R.T API HDDSerialNumber2 S.M.A.R.T API HDDSerialNumber3 S.M.A.R.T API ComputerName WIN API MACAddress0 SNMP, if fails NetBIOS MACAddress1 SNMP, if fails NetBIOS OSProductKey From ″encrypted″ MS value in registry IBMComputraceStatus Computrace driver BatteryDeviceID WMI API ComputerUUID MAPMEM driver; Read DMI info Gateway String0 MAPMEM driver; Read DMI info Gateway String1 MAPMEM driver; Read DMI info Gateway String2 MAPMEM driver; Read DMI info DELLCT Status Computrace driver DELLInterface Status Computrace driver RAMSerialNumber WMI API Inventory Version # Inserted by Inventory DLL - It is noted that MAPMEM driver (e.g., developed by Absolute) may only be required if serial number is less than a minimum number of characters (e.g., five characters,) or WMI call fails. Otherwise information from WMI may be used instead. Should S.M.A.R.T API fails (i.e., SN is returned empty), WMI may be used to get HDDSerialNumber. Some of the data points may be specific for certain makes and/or models of devices (e.g., GatewayString data is specific for GATEWAY brand of computers only).
- b. Inventory Record for Device Identification
- During each interaction with the persistent agent, an inventory record is created with this data by the device identification application. The inventory record is a record of all specific data points collected at one instance that constitutes a device's unique identification or characteristics (e.g., an embodiment of an inventory record is show in Table 1). These inventory records are logged to create a history of the asset's key data points. The function to identify the device would be enhanced by using these additional data points, as they provide a more comprehensive and dynamic profile of the device (i.e., accommodating continuous changes to the device over the life history of the device), which can be tracked over the device's life history.
- Referring to
FIG. 4 , in one embodiment, DLL creates a file in XML format that is uploaded to the server 20 (or another server different from the server 20) and parsed into the database to form an inventory record. Theserver 20 includes adevice identification application 22, which receives the XML file from the deviceattribute collection application 12 residing in the device 10. New and existing inventory records may be stored in aninventory record database 24. The format of the XML file is shown by a sample in Table 2. -
TABLE 2 Sample XML file with inventory data <?xml version=“1.0” encoding=“UTF-8” ?> - <CT:data version=“1.00” xmlns:CT=“http://www.absolute.com/atinfo/persistence”> - <CT:section name=“MachineInfo”> <CT:setting name=“ComputerMakeWMI” value=“DELL COMPUTER CORPORATION~INTEL CORPORATION~DELL COMPUTER CORPORATION” /> <CT:setting name=“ComputerModelWMI” value=“XPST500~SE440BX-3~” /> <CT:setting name=“ComputerSerialWMI” value=“~0005335T1246196D021X~” /> <CT:setting name=“ComputerMake” value=“DELL COMPUTER CORPORATION~INTEL CORPORATION~DELL COMPUTER CORPORATION” /> <CT:setting name=“ComputerModel” value=“XPST500~SE440BX-3~” /> <CT:setting name=“ComputerSerial” value=“~0005335T1246196D021X~” /> <CT:setting name=“ComputerAsset0” value=“1REW5” /> <CT:setting name=“ComputerAsset1” value=“” /> <CT:setting name=“SystemSMBIOSVersion” value=“” /> <CT:setting name=“SystemBiosVersion” value=“” /> <CT:setting name=“SystemBiosDate” value=“04/22/99” /> <CT:setting name=“BaseBoardVersion” value=“” /> <CT:setting name=“HDDSerialNumber0” value=“F3H8X5VC” /> <CT:setting name=“HDDSerialNumber1” value=“” /> <CT:setting name=“HDDSerialNumber2” value=“” /> <CT:setting name=“HDDSerialNumber3” value=“” /> <CT:setting name=“ComputerName” value=“FRANK-S10XQAIFU” /> <CT:setting name=“MACAddress0” value=“0080C6F1FD17” /> <CT:setting name=“MACAddress1” value=“005345000000” /> <CT:setting name=“OSProductKey” value=“DJP4J-WQMCC-X7DGK-W9WBV-XF3CG” /> <CT:setting name=“IBMComputraceStatus” value=“FFFFFFFF” /> <CT:setting name=“BatteryDeviceID” value=“” /> <CT:setting name=“InventoryVersion” value=“1.0” /> <CT:setting name=“ComputerUUID” value=“” /> <CT:setting name=“GatewayString0” value=“” /> <CT:setting name=“GatewayString1” value=“” /> <CT:setting name=“GatewayString2” value=“” /> <CT:setting name=“DELLCTStatus” value=“00000000” /> <CT:setting name=“DELLInterfaceStatus” value=“FFFFFFFF” /> <CT:setting name=“RAMSerialNumber” value=“” /> </CT:section> </CT:data> - The data point collection application is configured to use these key data points in the inventory records, match it with data that is reported during the agent call, and link the device to a specific owner or entity. Data points of the device change over time for reasons such as reconfiguration, repair or normal maintenance. The application intelligently handles changes in key data points. Even if the data points change, the application can still identify the device and link it back to the original owner or entity. This enables consistent tacking of the device over its lifecycle. In case of theft or loss, the device can be identified remotely with software. The details of the device identification application are described below.
- c. Device Identification Application
-
FIG. 2 is a functional block diagram illustrating the logic flow of thedevice identification application 22 residing at, for example, amonitoring server 20 inFIG. 4 . The application performs at least the following primary functions: -
- i. matching the key data points gathered from the device to the unique identifier number (e.g., Electronic Serial Number—ESN) assigned to the device.
- ii. handles new devices to create a baseline inventory record.
- iii. recognizing the device after subsequent changes in hardware components.
- On an initial contact with a new device, an inventory record is created and a unique identifier (ESN) is assigned in the
inventory record database 24 and also written on the devicehard drive 14. On subsequent contacts, the ESN written on the device hard drive is matched to the inventory record in theinventory record database 24, and the other key data points are updated. When an agent contacts themonitoring server 20, the device attribute collection application 12 (e.g., an inventory DLL) is run to collect the inventory data, and an ESN, if that may have been previously written on the devicehard drive 14, is retrieved. Below are possible scenarios. - If an ESN has not been assigned to the computer (i.e., the last 4 digits are 0's), (or if an earlier assigned ESN is misidentified, e.g., as a result of tampering), it means that either it is a new installation, or the hard drive has been wiped and the persistence algorithm from BIOS has restored the agent. If ESN assignment is needed, the right hand side of the flow diagram in
FIG. 2 is undertaken, and an ESN activation process is executed. For example, in case of a stolen device, the ESN written on the hard drive my have been erased or tampered with, so a reverse lookup is done using the key data points and an ESN is found and re-written to the hard drive. This reverse lookup is also used to match the device to its rightful owner. In connection with the ESN activation process, using the data points collected by the device attribute collection application, the inventory record is validated against the existing inventory records stored in theinventory record database 24. According to the embodiment illustrated in the Inventory Record Validation insert inFIG. 2 , the following device data points by the current attribute collection process are matched against those in the previously stored inventory records in the following order, for example: -
- i. RealSerial+HDDSerial
- ii. Serial number (if the serial numbers for particular makes/models are poorly formatted, reformatting of the serial number may be undertaken)
- iii. RealSerial (SN˜SN˜SN; BIOS-motherboard-system enclosure serial number)
- iv. UUID
- v. HDD Serial
- vi. MAC address
- vii. RAM serial number
- viii. Battery serial number
- Specifically, prior to matching the data points, an exception table is looked up to see if the data point is in the exception table. This is to ensure known non-unique data points are not used in ESN determination. Some generic no-name devices are known to have either blank serial numbers or a non-unique serial number that exists on multiple devices. A list of these known non-unique identifiers is maintained in the exception table. If there is an exception, the data point is ignored, and the next item of data point is matched. If a particular data point item is not on the exception list, a determination is made as to how many existing inventory records are found having such data point item. If instead no existing inventory record or multiple existing inventory records are found, that particular data point item is ignored and the next item matched. Any multiple records found in the process may be “cleaned” to remove or reduce issues for future inventory record validation. If only one existing inventory record is found, then the inventory record corresponding to the collected data point item is deemed to be found and a match of the device in relation to such existing inventory record is deemed to have been achieved. The ESN of the existing inventory record is checked to determine if it is in a holding account. If not in the holding account, such ESN is assigned to the device (e.g., written to the device hard-drive) and the inventory record for the device is updated. If in a holding account, and if it is an account that has been pre-designated to be monitored by a specific host monitoring center (e.g., an enterprise account managed by an associated monitoring center), the client device is instructed to call back to that monitoring center. If not an enterprise account, the current Parent (i.e., ID which can be used to identify the account into which an ESN should be assigned) and MID (i.e., media ID; unique identifier assigned when the installation media is created) are used to create a new ESN (i.e., “Parent”+MID become the prefix for the new ESN).
- If instead no unique existing inventory record or multiple existing inventory records are found after all the device data point items had been checked during the inventory record validation process, then the most recently created inventory record (i.e., the one comprising the currently collected device attributes) for purpose of ESN assignment. The current Parent and MID are used to create a new ESN (i.e., “Parent”+MID become the prefix for the new ESN).
- Once the new ESN has been created in accordance with either of the above logic flow, a new inventory record is created. If not an enterprise account, the new ESN is assigned to the device and the inventory record database is updated. If an enterprise account, the device is redirected to contact the associated or designated server for further handling.
- In the case where the calling agent provides an existing ESN (i.e., the last 4 digits are not 0's) that was retrieved from the device (e.g., stored on the device hard drive), the device can already be uniquely identified (unless it is an invalid ESN, in which case it would be treated as though an ESN does not exist, and the earlier described ESN assignment process is undertaken). In this case, the application checks for validity of the ESN. The ESN on the hard drive can be invalid for a number of reasons, such as:
-
- i. The device has an image of another device on the hard drive. Some IT departments create a master system, create a software image of the master systems and deploy these images on multiple devices.
- ii. A hard disk has been swapped from one device to another, during normal maintenance activities. These problems can be automatically detected and resolved.
- The application first checks if the calling agent has an activated (non zero) ESN. If yes, the ESN is searched to see if it is stolen. This is because the calling device's ESN is not reassigned or changed if it is stolen, to retain the consistency and to keep the historical tracking history intact. If the ESN is not flagged stolen, then a known duplicate list is searched for automatic resolution. This may include assigning a new ESN to one or both of the duplicate records, for example using the ESN activation process earlier described.
-
- 3. Massive Change
- If activated ESN is calling and the stolen/duplicate checks did not flag the device as being stolen, then the inventory record of the ESN in the inventory record database is matched with the inventory record created based on device data points collected during the current contact. (For enterprise ESN, the device is redirected, as noted above.) If less than a predetermined number of data points (e.g., two or less) have changed, then the inventory record in the inventory record database is updated for checks during subsequent contacts. This process distinguishes routine maintenance activities if the number of changes detected in a single contact is within the predetermined number, from massive changes if the number of changes in a single contact is more than the predetermined number. In this example, if three or more data points are different between the recorded inventory record and calling data points, then a ‘massive change’ situation is triggered, where the ESN is not considered valid. This is because enough data points are different that it cannot be considered the same device. It is assumed that either the ESN on the device was duplicated or otherwise tampered with, or substantial maintenance on the device took place, and the original constituent parts are considered to be the original device, and thus to be a new device.
-
FIG. 3 is a schematic function block diagram illustrating the processes undertaken to implement massive change determination, in accordance with one embodiment of the present invention. Various checks are undertaken to determine the number of data points of the device (e.g., those discussed earlier above) have experienced changes. A difference counter keeps track of the number of data points that have changed, by incrementing from an initial zero count. In the illustrated embodiment, if the difference counter has a value that is equal or greater than “2” (or some other threshold value), massive change status is determined to have occurred. - In this scenario, the application treats it as a new device, and assigns it a new ESN from the same customers account. In this case, the application switches to the right hand side of the logic flow diagram, and the ESN activation process earlier described is undertaken.
-
- 4. Exit
- At the logical exit of the processes illustrated in
FIG. 2 , the inventory record in the inventory record database matches the data points collected during that contact, and the ESN in the inventory record database matches the ESN written on the device hard drive. This repositions the device for future inventory record checking, which may be according to a predetermined schedule, such as that described in the patent publications identified herein regarding asset tracking. At this point, the inventory record may be relied upon to link the client device to its owner (an individual or entity), for example based on prior established owners information in relation to the inventory records stored in the inventory record database. -
- 5. Further Enhancements
- The embodiment described above effectively and uniquely identifies a device. The logic described above can be extended to include more data points, to collect data points using different mechanism, and using varying matching mechanisms, not limited to the application processes and data described above, without departing from the scope and spirit of the present invention. Hence the device identification application of the present invention should be considered extensible and not bound by the specific algorithms, data points, data collection mechanism or usage of specific limited number of data points by the application.
- Data points of the device may change over time for reasons such as reconfiguration, repair or normal daily use. The device identification application intelligently tracks changes in key data points associated with the device. Even if the data points change, the device identification application can still identify the device and associate it back to the original owner or entity. This enables consistent tracking of the device over its lifecycle. The device may be identified remotely with the device identification application (e.g., in the event of theft or loss of the device). The device identification application may be deployed in conjunction with services that may include asset tracking, asset recovery, data delete, software deployment, etc.
- The process and system of the present invention has been described above in terms of functional modules in block diagram format. It is understood that unless otherwise stated to the contrary herein, one or more functions may be integrated in a single physical device or a software module in a software product, or one or more functions may be implemented in separate physical devices or software modules at a single location or distributed over a network, without departing from the scope and spirit of the present invention.
- It is appreciated that detailed discussion of the actual implementation of each module is not necessary for an enabling understanding of the invention. The actual implementation is well within the routine skill of a programmer and system engineer, given the disclosure herein of the system attributes, functionality and inter-relationship of the various functional modules in the system. A person skilled in the art, applying ordinary skill can practice the present invention without undue experimentation.
- While the invention has been described with respect to the described embodiments in accordance therewith, it will be apparent to those skilled in the art that various modifications and improvements may be made without departing from the scope and spirit of the invention. For example, the information extraction application can be easily modified to accommodate different or additional processes to provide the user additional flexibility for web browsing. Accordingly, it is to be understood that the invention is not to be limited by the specific illustrated embodiments, but only by the scope of the appended claims.
Claims (20)
1. A method of identifying an electronic device, comprising:
obtaining, using an attribute collection application residing at the electronic device, a plurality of data points of the electronic device;
transmitting the data points to a server having access to records of a plurality of electronic devices;
determining, by the server, for a first data point in the plurality of data points, whether one or other than one records have the first data point;
when only one record has the first data point, the server deeming the one record to be the unique record;
when other than one records have the first data point, the server determining whether there is only one record having a second data point in the plurality of data points, and, when there is, the server deeming the record having the second data point to be the unique record;
when there is no unique record, the server creating a unique record corresponding to the electronic device; and
writing an identifier from the unique record to the electronic device.
2. The method of claim 1 , further comprising:
subsequently obtaining the plurality of data points and the identifier from the electronic device using the attribute collection application, and
searching, by the server, the records based on the identifier to subsequently identify the unique record, wherein:
the server determines the identity of the electronic device from the unique record when it determines that less than a predetermined number of subsequently obtained data points are different from corresponding data points in the unique record; or
the server determines the electronic device to be a new electronic device when the predetermined number of subsequently obtained data points are different from corresponding data points in the unique record, and assigns a new identifier to the new electronic device.
3. The method as in claim 2 , comprising comparing the plurality of subsequently obtained data points with corresponding data points stored in the records.
4. The method of claim 2 , comprising comparing each subsequently obtained data point in sequence, against correspond data points stored in the records.
5. The method as in claim 1 , further comprising, prior to determining that either one or other than one records have the first data point, the server:
looking up said first data point in an exception table of blank and non-unique data points; and
determining that said first data point is not in the exception table.
6. The method as in claim 5 , further comprising, if other than one records have said first data point, and prior to determining that there is only one record having said second data point, the server:
looking up said second data point in the exception table; and
determining that said second data point is not in the exception table.
7. The method as in claim 1 , wherein the identifier comprises an Electronic Serial Number (ESN).
8. The method of claim 1 , wherein the plurality of data points include data points relating to hardware and/or software deployed in the electronic device.
9. The method of claim 8 , wherein the data points include at least two of:
ix. Device Make and/or Model;
x. Device Motherboard Serial Number;
xi. Device UUID (Universal Unique Identifier);
xii. Hard drive Serial Number;
xiii. MAC address of multiple network cards;
xiv. RAM serial number; and
xv. Battery Serial number.
10. The method as in claim 1 , further comprising the server linking the electronic device to a specific owner or entity upon subsequently identifying that the electronic device is that of the unique record.
11. A system for identifying an electronic device connected to a network, comprising:
an electronic device comprising hardware and/or software, wherein the hardware includes a data storage device, motherboard, BIOS, memory and network interface; and
an attribute collection application residing in the electronic device and interacting with the hardware and/or software, wherein the attribute collection application:
collects a plurality of data points including data points relating to the hardware and/or software; and
transmits the data points to a server; and
the server, connected to the network and configured to:
receive the plurality of data points from the attribute collection application;
determine, for a first data point in the plurality of data points, that either one or other than one records have the first data point;
when only one record has the first data point, deem the one record to be the unique record;
when other than one records have the first data point, determine whether there is only one record having a second data point in the plurality of data points, and, when there is, deem the record having the second data point to be the unique record;
when there is no unique record, create a unique record corresponding to the electronic device; and
transmit an identifier from the unique record to the electronic device,
wherein the electronic device receives the identifier from the server and writes the identifier to the electronic device.
12. The system of claim 11 , wherein the electronic device subsequently transmits to the server the plurality of data points and the identifier, and
wherein the server then searches the records based on the identifier to subsequently identify the unique record, wherein:
the server determines the identity of the electronic device from the unique record when it determines that less than a predetermined number of subsequently obtained data points are different from corresponding data points in the unique record; or
the server determines the electronic device to be a new electronic device when the predetermined number of subsequently obtained data points are different from corresponding data points in the unique record, and assigns a new identifier to the new electronic device.
13. The system as in claim 12 , wherein the server compares the plurality of subsequently obtained data points with corresponding data points stored in the records.
14. The system of claim 12 , wherein the server compares each subsequently obtained data point in sequence, with corresponding data points stored in the records.
15. The system as in claim 11 , wherein the server is configured, prior to determining that either one or other than one records have the first data point, to:
look up said first data point in an exception table of blank and non-unique data points; and
determine that said first data point is not in the exception table.
16. The system as in claim 15 , wherein, if other than one records have said first data point, the system is further configured, prior to determining that there is only one record having said second data point, to:
look up said second data point in the exception table; and
determine that said second data point is not in the exception table.
17. The system as in claim 11 , wherein the identifier comprises an Electronic Serial Number (ESN).
18. The system of claim 11 , wherein the plurality of data points include data points relating to hardware and/or software deployed in the electronic device.
19. The system of claim 18 , wherein the data points include at least two of:
i. Device Make and/or Model;
ii. Device Motherboard Serial Number;
iii. Device UUID (Universal Unique Identifier);
iv. Hard drive Serial Number;
v. MAC address of multiple network cards;
vi. RAM serial number; and
vii. Battery Serial number.
20. The system as in claim 11 , wherein the server is further configured to link the electronic device to a specific owner or entity upon subsequently identifying that the electronic device is that of the unique record.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/408,257 US20170193048A1 (en) | 2006-03-20 | 2017-01-17 | Method for determining identification of an electronic device |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US78419506P | 2006-03-20 | 2006-03-20 | |
US11/386,040 US8418226B2 (en) | 2005-03-18 | 2006-03-20 | Persistent servicing agent |
US11/726,352 US9547780B2 (en) | 2005-03-28 | 2007-03-20 | Method for determining identification of an electronic device |
US15/408,257 US20170193048A1 (en) | 2006-03-20 | 2017-01-17 | Method for determining identification of an electronic device |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/726,352 Continuation US9547780B2 (en) | 2005-03-28 | 2007-03-20 | Method for determining identification of an electronic device |
Publications (1)
Publication Number | Publication Date |
---|---|
US20170193048A1 true US20170193048A1 (en) | 2017-07-06 |
Family
ID=38561114
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/726,352 Active 2029-07-26 US9547780B2 (en) | 2005-03-28 | 2007-03-20 | Method for determining identification of an electronic device |
US15/408,257 Abandoned US20170193048A1 (en) | 2006-03-20 | 2017-01-17 | Method for determining identification of an electronic device |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/726,352 Active 2029-07-26 US9547780B2 (en) | 2005-03-28 | 2007-03-20 | Method for determining identification of an electronic device |
Country Status (1)
Country | Link |
---|---|
US (2) | US9547780B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109933598A (en) * | 2019-03-12 | 2019-06-25 | 北京奇虎科技有限公司 | A kind of data base processing method, system and storage medium |
Families Citing this family (55)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8359278B2 (en) | 2006-10-25 | 2013-01-22 | IndentityTruth, Inc. | Identity protection |
CA2674635C (en) | 2007-01-16 | 2016-03-22 | Absolute Software Corporation | A security module having a secondary agent in coordination with a host agent |
CA2689944C (en) * | 2007-05-29 | 2017-03-14 | Absolute Software Corporation | Offline data delete with false trigger protection |
US8150948B2 (en) * | 2007-06-22 | 2012-04-03 | Microsoft Corporation | Complex software deployment |
US8249935B1 (en) | 2007-09-27 | 2012-08-21 | Sprint Communications Company L.P. | Method and system for blocking confidential information at a point-of-sale reader from eavesdropping |
US9883381B1 (en) | 2007-10-02 | 2018-01-30 | Sprint Communications Company L.P. | Providing secure access to smart card applications |
US8126806B1 (en) | 2007-12-03 | 2012-02-28 | Sprint Communications Company L.P. | Method for launching an electronic wallet |
US8055184B1 (en) | 2008-01-30 | 2011-11-08 | Sprint Communications Company L.P. | System and method for active jamming of confidential information transmitted at a point-of-sale reader |
US8374968B2 (en) * | 2008-02-22 | 2013-02-12 | Uniloc Luxembourg S.A. | License auditing for distributed applications |
US9886599B2 (en) | 2008-04-02 | 2018-02-06 | Yougetitback Limited | Display of information through auxiliary user interface |
US9576157B2 (en) * | 2008-04-02 | 2017-02-21 | Yougetitback Limited | Method for mitigating the unauthorized use of a device |
US20090253406A1 (en) * | 2008-04-02 | 2009-10-08 | William Fitzgerald | System for mitigating the unauthorized use of a device |
US8248237B2 (en) * | 2008-04-02 | 2012-08-21 | Yougetitback Limited | System for mitigating the unauthorized use of a device |
US9881152B2 (en) * | 2008-04-01 | 2018-01-30 | Yougetitback Limited | System for monitoring the unauthorized use of a device |
US9838877B2 (en) | 2008-04-02 | 2017-12-05 | Yougetitback Limited | Systems and methods for dynamically assessing and mitigating risk of an insured entity |
US9031536B2 (en) * | 2008-04-02 | 2015-05-12 | Yougetitback Limited | Method for mitigating the unauthorized use of a device |
US8719909B2 (en) * | 2008-04-01 | 2014-05-06 | Yougetitback Limited | System for monitoring the unauthorized use of a device |
US20090249443A1 (en) * | 2008-04-01 | 2009-10-01 | William Fitzgerald | Method for monitoring the unauthorized use of a device |
US8932368B2 (en) | 2008-04-01 | 2015-01-13 | Yougetitback Limited | Method for monitoring the unauthorized use of a device |
US20140200929A1 (en) * | 2008-04-02 | 2014-07-17 | Yougetitback Limited | Systems and methods for dynamically assessing and mitigating risk of an insured entity |
US9916481B2 (en) | 2008-04-02 | 2018-03-13 | Yougetitback Limited | Systems and methods for mitigating the unauthorized use of a device |
US8655310B1 (en) | 2008-04-08 | 2014-02-18 | Sprint Communications Company L.P. | Control of secure elements through point-of-sale device |
US8848924B2 (en) * | 2008-06-27 | 2014-09-30 | University Of Washington | Privacy-preserving location tracking for devices |
US8600405B2 (en) | 2008-08-12 | 2013-12-03 | Apogee Technology Consultants, Llc | Location-based recovery device and risk management system for portable computing devices and data |
US20100064046A1 (en) * | 2008-09-10 | 2010-03-11 | Absolute Software Corporation | Management of communications from stolen devices |
US8706588B1 (en) | 2008-10-20 | 2014-04-22 | Sprint Communications Company L.P. | System and method of provisioning confidential information via a mobile device |
US20100104105A1 (en) * | 2008-10-23 | 2010-04-29 | Digital Cinema Implementation Partners, Llc | Digital cinema asset management system |
US8200582B1 (en) | 2009-01-05 | 2012-06-12 | Sprint Communications Company L.P. | Mobile device password system |
US8060449B1 (en) | 2009-01-05 | 2011-11-15 | Sprint Communications Company L.P. | Partially delegated over-the-air provisioning of a secure element |
US8768845B1 (en) * | 2009-02-16 | 2014-07-01 | Sprint Communications Company L.P. | Electronic wallet removal from mobile electronic devices |
US20100325150A1 (en) * | 2009-06-22 | 2010-12-23 | Joseph Martin Mordetsky | System and Method for Tracking Application Usage |
US9129097B2 (en) * | 2009-06-24 | 2015-09-08 | Uniloc Luxembourg S.A. | Systems and methods for auditing software usage using a covert key |
US8316421B2 (en) * | 2009-10-19 | 2012-11-20 | Uniloc Luxembourg S.A. | System and method for device authentication with built-in tolerance |
US20110093503A1 (en) * | 2009-10-19 | 2011-04-21 | Etchegoyen Craig S | Computer Hardware Identity Tracking Using Characteristic Parameter-Derived Data |
US9652802B1 (en) | 2010-03-24 | 2017-05-16 | Consumerinfo.Com, Inc. | Indirect monitoring and reporting of a user's credit data |
GB2484268A (en) | 2010-09-16 | 2012-04-11 | Uniloc Usa Inc | Psychographic profiling of users of computing devices |
US8817984B2 (en) | 2011-02-03 | 2014-08-26 | mSignia, Inc. | Cryptographic security functions based on anticipated changes in dynamic minutiae |
US11063920B2 (en) | 2011-02-03 | 2021-07-13 | mSignia, Inc. | Cryptographic security functions based on anticipated changes in dynamic minutiae |
CA2827478C (en) | 2011-02-18 | 2020-07-28 | Csidentity Corporation | System and methods for identifying compromised personally identifiable information on the internet |
AU2011101296B4 (en) | 2011-09-15 | 2012-06-28 | Uniloc Usa, Inc. | Hardware identification through cookies |
US8819793B2 (en) | 2011-09-20 | 2014-08-26 | Csidentity Corporation | Systems and methods for secure and efficient enrollment into a federation which utilizes a biometric repository |
US11030562B1 (en) | 2011-10-31 | 2021-06-08 | Consumerinfo.Com, Inc. | Pre-data breach monitoring |
US8923817B2 (en) | 2012-08-06 | 2014-12-30 | Google Inc. | Mobility device security |
US8812387B1 (en) | 2013-03-14 | 2014-08-19 | Csidentity Corporation | System and method for identifying related credit inquiries |
AU2013100802B4 (en) | 2013-04-11 | 2013-11-14 | Uniloc Luxembourg S.A. | Device authentication using inter-person message metadata |
US8695068B1 (en) * | 2013-04-25 | 2014-04-08 | Uniloc Luxembourg, S.A. | Device authentication using display device irregularity |
US9363863B2 (en) | 2014-06-12 | 2016-06-07 | Biozone Scientific International, Inc. | Electromagnetic radiation emitter identification apparatus and associated methods |
US10339527B1 (en) | 2014-10-31 | 2019-07-02 | Experian Information Solutions, Inc. | System and architecture for electronic fraud detection |
US11151468B1 (en) | 2015-07-02 | 2021-10-19 | Experian Information Solutions, Inc. | Behavior analysis using distributed representations of event data |
US20210200853A1 (en) * | 2016-04-06 | 2021-07-01 | Hewlett-Packard Development Company, L.P. | Portable device identifiers determination |
US10528739B2 (en) | 2016-04-20 | 2020-01-07 | Sophos Limited | Boot security |
US10699028B1 (en) | 2017-09-28 | 2020-06-30 | Csidentity Corporation | Identity security architecture systems and methods |
US10580004B2 (en) * | 2017-09-29 | 2020-03-03 | AO Kaspersky Lab | System and method of identifying new devices during a user's interaction with banking services |
US10896472B1 (en) | 2017-11-14 | 2021-01-19 | Csidentity Corporation | Security and identity verification system and architecture |
CN110096685B (en) * | 2019-04-28 | 2023-06-20 | 新华三信息安全技术有限公司 | Equipment identifier generation method and device |
Citations (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4284985A (en) * | 1980-03-03 | 1981-08-18 | Vernon G. Heger | Stolen equipment recovery device |
US6032257A (en) * | 1997-08-29 | 2000-02-29 | Compaq Computer Corporation | Hardware theft-protection architecture |
US6031894A (en) * | 1997-05-23 | 2000-02-29 | Micron Electronics, Inc. | Method and apparatus for locating a stolen electronic device using automatic number identification |
US6244758B1 (en) * | 1994-11-15 | 2001-06-12 | Absolute Software Corp. | Apparatus and method for monitoring electronic devices via a global network |
US6269392B1 (en) * | 1994-11-15 | 2001-07-31 | Christian Cotichini | Method and apparatus to monitor and locate an electronic device using a secured intelligent agent |
US6300863B1 (en) * | 1994-11-15 | 2001-10-09 | Absolute Software Corporation | Method and apparatus to monitor and locate an electronic device using a secured intelligent agent via a global network |
US20020112052A1 (en) * | 2001-02-13 | 2002-08-15 | Peter Brittingham | Remote computer capabilities querying and certification |
US20030084075A1 (en) * | 2001-11-01 | 2003-05-01 | Verisign, Inc. | Method and system for updating a remote database |
US20040031030A1 (en) * | 2000-05-20 | 2004-02-12 | Equipe Communications Corporation | Signatures for facilitating hot upgrades of modular software components |
US20040122931A1 (en) * | 2002-12-19 | 2004-06-24 | Microsoft Corporation | Generating globally unique device identification |
US20040268370A1 (en) * | 2003-06-26 | 2004-12-30 | Microsoft Corporation | Exception handling |
US20050033833A1 (en) * | 2003-08-05 | 2005-02-10 | International Business Machines Corporation | Method, system, and program product fo rmanaging device identifiers |
US20050086502A1 (en) * | 2003-10-16 | 2005-04-21 | Ammar Rayes | Policy-based network security management |
US20050204162A1 (en) * | 2004-03-09 | 2005-09-15 | Rayes Mark A. | Isolation approach for network users associated with elevated risk |
US6950946B1 (en) * | 1999-03-30 | 2005-09-27 | International Business Machines Corporation | Discovering stolen or lost network-attachable computer systems |
US20060161750A1 (en) * | 2005-01-20 | 2006-07-20 | Matsushita Electric Industrial Co., Ltd. | Using hardware to secure areas of long term storage in CE devices |
US20060276175A1 (en) * | 2004-12-03 | 2006-12-07 | Samsung Electronics Co., Ltd. | Method of tracking stolen mobile device connected to wireless or wired network |
US20070072620A1 (en) * | 2005-09-29 | 2007-03-29 | Levitan Benjamin C | System and method for recovering a lost or stolen wireless device |
US7509116B2 (en) * | 2005-03-30 | 2009-03-24 | Genx Mobile Incorporated | Selective data exchange with a remotely configurable mobile unit |
US20130198522A1 (en) * | 2010-04-08 | 2013-08-01 | Tadayoshi Kohno | Systems and methods for file access auditing |
Family Cites Families (131)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3357020A (en) * | 1966-04-04 | 1967-12-05 | Jr William M Slifter | Method and apparatus for locating and visually indicating the position of a vehicle |
US3568161A (en) * | 1968-09-04 | 1971-03-02 | Elwyn Raymond Knickel | Vehicle locator system |
US3665312A (en) * | 1969-10-06 | 1972-05-23 | Goldman Paul | Radio alarm system |
US3987246A (en) * | 1970-07-21 | 1976-10-19 | Electromitor, Inc. | Apparatus for automatically sending data over a telephone system from a remote station to a central station |
US3694579A (en) * | 1971-08-06 | 1972-09-26 | Peter H Mcmurray | Emergency reporting digital communications system |
US3824469A (en) * | 1972-06-16 | 1974-07-16 | M Ristenbatt | Comprehensive automatic vehicle communication, paging, and position location system |
US3925763A (en) * | 1973-09-13 | 1975-12-09 | Romesh Tekchand Wadhwani | Security system |
US4006460A (en) * | 1974-12-10 | 1977-02-01 | Westinghouse Electric Corporation | Computer controlled security system |
US4023163A (en) * | 1975-09-19 | 1977-05-10 | Johnson Controls, Inc. | High security alarm transmission system |
US4020477A (en) * | 1975-11-10 | 1977-04-26 | American District Telegraph Company | Radio central station alarm system |
US4068105A (en) * | 1976-05-28 | 1978-01-10 | American District Telegraph Company | Central station system transmission apparatus |
US4187497A (en) * | 1978-03-22 | 1980-02-05 | Harless Orville F | Portable vehicle alarm system |
US4465904A (en) * | 1978-09-29 | 1984-08-14 | Gottsegen Ronald B | Programmable alarm system |
US4228424A (en) * | 1978-10-16 | 1980-10-14 | Baker Protective Services, Incorporated | Central station alarm |
US4375637A (en) * | 1981-02-24 | 1983-03-01 | Firecom, Inc. | Integrated alarm, security, building management, and communications system |
US5355371A (en) * | 1982-06-18 | 1994-10-11 | International Business Machines Corp. | Multicast communication tree creation and control method and apparatus |
GB2128453A (en) * | 1982-10-08 | 1984-04-26 | Philips Electronic Associated | System identification in communications systems |
US4562572A (en) * | 1983-01-11 | 1985-12-31 | International Telephone And Telegraph Corporation | Cellular mobile radio service telephone system |
US4596988A (en) * | 1983-06-10 | 1986-06-24 | Wanka James T | Remote controlled tracking transmitter and tracking support system |
US4577182A (en) * | 1984-04-10 | 1986-03-18 | Peter Miller | Alarm system |
US4689786A (en) * | 1985-03-21 | 1987-08-25 | Apple Computer, Inc. | Local area network with self assigned address method |
US4652859A (en) * | 1985-04-22 | 1987-03-24 | Ntc Electronics, Inc. | Alarm reporting system |
US4651157A (en) * | 1985-05-07 | 1987-03-17 | Mets, Inc. | Security monitoring and tracking system |
JPS6247762U (en) | 1985-09-13 | 1987-03-24 | ||
US4692742A (en) * | 1985-10-21 | 1987-09-08 | Raizen David T | Security system with correlated signalling to selected satellite stations |
US4818998A (en) * | 1986-03-31 | 1989-04-04 | Lo-Jack Corporation | Method of and system and apparatus for locating and/or tracking stolen or missing vehicles and the like |
US4908629A (en) * | 1986-03-31 | 1990-03-13 | Lo-Jack Corporation | Apparatus for locating and/or tracking stolen or missing vehicles and the like |
US4728935A (en) * | 1986-04-11 | 1988-03-01 | Adt, Inc. | Integrity securing monitor and method for a security installation |
US4819053A (en) * | 1986-05-09 | 1989-04-04 | Halavais Richard A | Single-point locating system |
US4696027A (en) * | 1986-08-01 | 1987-09-22 | Motorola, Inc. | Handoff apparatus and method with interference reduction for a radio system |
US4742357A (en) * | 1986-09-17 | 1988-05-03 | Rackley Ernie C | Stolen object location system |
JP2679983B2 (en) * | 1987-03-06 | 1997-11-19 | 株式会社日立製作所 | Control information transmission method in communication network |
US4754261A (en) * | 1987-03-30 | 1988-06-28 | Pittway Corporation | Security system |
US4855906A (en) * | 1987-10-23 | 1989-08-08 | Allen-Bradley Company, Inc. | System for handling unsolicited messages from lower-tier controllers |
US4972367A (en) * | 1987-10-23 | 1990-11-20 | Allen-Bradley Company, Inc. | System for generating unsolicited messages on high-tier communication link in response to changed states at station-level computers |
US4951029A (en) * | 1988-02-16 | 1990-08-21 | Interactive Technologies, Inc. | Micro-programmable security system |
JPH0644242B2 (en) * | 1988-03-17 | 1994-06-08 | インターナショナル・ビジネス・マシーンズ・コーポレーション | How to solve problems in computer systems |
US4891650A (en) * | 1988-05-16 | 1990-01-02 | Trackmobile Inc. | Vehicle location system |
US5055851A (en) * | 1988-05-16 | 1991-10-08 | Trackmobile, Inc. | Vehicle location system |
JPH0213040A (en) * | 1988-06-30 | 1990-01-17 | Toshiba Corp | System for registering/searching address information in network system |
US4949248A (en) * | 1988-07-15 | 1990-08-14 | Caro Marshall A | System for shared remote access of multiple application programs executing in one or more computers |
US4926162A (en) * | 1988-10-28 | 1990-05-15 | Honeywell Inc. | High security communication line monitor |
US5077788A (en) * | 1989-07-06 | 1991-12-31 | Taro, Inc. | System and method for processing telephone communication |
US5003317A (en) * | 1989-07-11 | 1991-03-26 | Mets, Inc. | Stolen vehicle recovery system |
US4999621A (en) * | 1989-07-27 | 1991-03-12 | Idx Technologies, Inc. | Tone code identification system |
US4935951A (en) * | 1989-11-27 | 1990-06-19 | Ek-Ris Enterprises, Inc. | Emergency telephone actuated signal light or the like device and method |
US5210748A (en) * | 1990-02-09 | 1993-05-11 | Hitachi, Ltd. | Address filter unit for carrying out address filter processing among plurality of networks and method thereof |
EP0461408B1 (en) * | 1990-06-14 | 1996-04-17 | Mitsubishi Denki Kabushiki Kaisha | Network address managing method and system |
US5043736B1 (en) * | 1990-07-27 | 1994-09-06 | Cae Link Corp | Cellular position location system |
JPH0486564U (en) | 1990-11-30 | 1992-07-28 | ||
CA2036131A1 (en) | 1991-02-12 | 1992-08-13 | Maureen B. Hines | Monitored auto protection system (maps) |
JP2777496B2 (en) * | 1991-02-28 | 1998-07-16 | インターナショナル・ビジネス・マシーンズ・コーポレイション | Uses when profiling multi-processes in computer systems |
US5406269A (en) * | 1991-07-05 | 1995-04-11 | David Baran | Method and apparatus for the remote verification of the operation of electronic devices by standard transmission mediums |
US5272465A (en) * | 1991-11-13 | 1993-12-21 | Telemessaging Devices, Inc. | Automatic alarm code converter |
US5223844B1 (en) * | 1992-04-17 | 2000-01-25 | Auto Trac Inc | Vehicle tracking and security system |
US5783989A (en) * | 1992-05-22 | 1998-07-21 | Issa; Darrell E. | Alarm sensor multiplexing |
US5515419A (en) * | 1992-06-01 | 1996-05-07 | Trackmobile | Tracking system and method for tracking a movable object carrying a cellular phone unit, and integrated personal protection system incorporating the tracking system |
US5218367A (en) * | 1992-06-01 | 1993-06-08 | Trackmobile | Vehicle tracking system |
JP2826416B2 (en) * | 1992-06-05 | 1998-11-18 | 日本電気株式会社 | Connection router between local area networks |
US5583517A (en) * | 1992-08-20 | 1996-12-10 | Nexus 1994 Limited | Multi-path resistant frequency-hopped spread spectrum mobile location system |
US5311596A (en) | 1992-08-31 | 1994-05-10 | At&T Bell Laboratories | Continuous authentication using an in-band or out-of-band side channel |
US5566339A (en) * | 1992-10-23 | 1996-10-15 | Fox Network Systems, Inc. | System and method for monitoring computer environment and operation |
JPH06188829A (en) | 1992-12-16 | 1994-07-08 | Pioneer Commun Corp | Telephone system |
US5410543A (en) * | 1993-01-04 | 1995-04-25 | Apple Computer, Inc. | Method for connecting a mobile computer to a computer network by using an address server |
US5363369A (en) * | 1993-03-31 | 1994-11-08 | At&T Bell Laboratories | System for inter packet community communication |
EP0702820B1 (en) * | 1993-06-09 | 1997-08-13 | Minnesota Mining And Manufacturing Company | Vehicle tracking system |
AU7172194A (en) * | 1993-06-23 | 1995-01-17 | David H. Feinberg | An integrated telephone, intercom, security and control system for a multi-unit building |
US5444850A (en) * | 1993-08-04 | 1995-08-22 | Trend Micro Devices Incorporated | Method and apparatus for controlling network and workstation access prior to workstation boot |
US5479482A (en) * | 1993-08-30 | 1995-12-26 | At&T Corp. | Cellular terminal for providing public emergency call location information |
US5548637A (en) * | 1993-09-09 | 1996-08-20 | Precision Tracking Fm, Inc. | Method and apparatus for locating personnel and objects in response to telephone inquiries |
US5511109A (en) * | 1993-10-01 | 1996-04-23 | Sur-Gard Security Systems Ltd. | Security system using call display |
DE4334601C1 (en) | 1993-10-11 | 1995-03-09 | Rinsch Hartmut Dipl Kaufm | Procedures for the protection of property of watercraft |
US5708417A (en) * | 1993-12-16 | 1998-01-13 | Phone Alert Corp. | Monitoring system for remote units |
ES2191020T3 (en) * | 1994-03-28 | 2003-09-01 | British Telecomm | SECURITY SYSTEM. |
US5483244A (en) * | 1994-04-05 | 1996-01-09 | Motorola, Inc. | Method and apparatus of determining location of an unauthorized communication unit |
US5912888A (en) | 1994-06-09 | 1999-06-15 | U.S. Robotics Access Corp. | Digital network access server |
US5848373A (en) | 1994-06-24 | 1998-12-08 | Delorme Publishing Company | Computer aided map location system |
US5537460A (en) * | 1994-07-08 | 1996-07-16 | Holliday, Jr.; Robert O. | Method and apparatus for determining the precise location of a modified cellular telephone using registration messages and reverse control channel transmission |
GB9414683D0 (en) | 1994-07-21 | 1994-09-07 | Kang Baljit S | Enhancing security of electrical appliances |
US6061505A (en) | 1994-07-22 | 2000-05-09 | Nortel Networks Corporation | Apparatus and method for providing topology information about a network |
US5644782A (en) * | 1994-10-17 | 1997-07-01 | Motorola, Inc. | System with virtual update capable read-only memory |
US5715174A (en) | 1994-11-15 | 1998-02-03 | Absolute Software Corporation | Security apparatus and method |
US5758257A (en) | 1994-11-29 | 1998-05-26 | Herz; Frederick | System and method for scheduling broadcast of and access to video programs and other data using customer profiles |
US5576716A (en) * | 1994-12-07 | 1996-11-19 | Sadler; Kermit M. | Owner oriented system for locating lost or stolen property |
US5848413A (en) | 1995-01-13 | 1998-12-08 | Ricoh Company, Ltd. | Method and apparatus for accessing and publishing electronic documents |
US5655081A (en) * | 1995-03-08 | 1997-08-05 | Bmc Software, Inc. | System for monitoring and managing computer resources and applications across a distributed computing environment using an intelligent autonomous agent architecture |
EP0740037A1 (en) | 1995-04-28 | 1996-10-30 | Hewlett-Packard Company | Security device |
US5588005A (en) * | 1995-06-07 | 1996-12-24 | General Electric Company | Protocol and mechanism for primary and mutter mode communication for asset tracking |
US5682139A (en) * | 1995-06-07 | 1997-10-28 | General Electric Company | Railcar location using mutter networks and locomotive transmitter during transit |
US5737391A (en) * | 1995-09-06 | 1998-04-07 | Richard J. Dame | Alarm system backup with cut line detector |
US5826025A (en) | 1995-09-08 | 1998-10-20 | Sun Microsystems, Inc. | System for annotation overlay proxy configured to retrieve associated overlays associated with a document request from annotation directory created from list of overlay groups |
US5754111A (en) * | 1995-09-20 | 1998-05-19 | Garcia; Alfredo | Medical alerting system |
US5638302A (en) | 1995-12-01 | 1997-06-10 | Gerber; Eliot S. | System and method for preventing auto thefts from parking areas |
US5778367A (en) * | 1995-12-14 | 1998-07-07 | Network Engineering Software, Inc. | Automated on-line information service and directory, particularly for the world wide web |
US5771484A (en) * | 1996-02-28 | 1998-06-23 | Sun Microsystems, Inc. | Automated positive control traffic system for weather |
US5838910A (en) | 1996-03-14 | 1998-11-17 | Domenikos; Steven D. | Systems and methods for executing application programs from a memory device linked to a server at an internet site |
US5835896A (en) | 1996-03-29 | 1998-11-10 | Onsale, Inc. | Method and system for processing and transmitting electronic auction information |
US5635924A (en) * | 1996-03-29 | 1997-06-03 | Loral Aerospace Corp. | Travel route information monitor |
JP3216992B2 (en) | 1996-06-14 | 2001-10-09 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Connection method in network system and server machine |
US5768513A (en) * | 1996-06-27 | 1998-06-16 | At&T Corp. | Multimedia messaging using the internet |
US6075451A (en) | 1996-07-15 | 2000-06-13 | Lebowitz; Mayer M. | RF cellular technology network transmission system for remote monitoring equipment |
US5896497A (en) | 1996-08-07 | 1999-04-20 | Halstead; William D. | System for securing a computer |
US5748084A (en) * | 1996-11-18 | 1998-05-05 | Isikoff; Jeremy M. | Device security system |
US6205139B1 (en) | 1997-03-06 | 2001-03-20 | Bell Atlantic Network Services, Inc. | Automatic called party locator over internet |
US6208670B1 (en) | 1997-03-10 | 2001-03-27 | Conklin Corporation | Digital carrier system for rural telephone and data applications |
US5996011A (en) | 1997-03-25 | 1999-11-30 | Unified Research Laboratories, Inc. | System and method for filtering data received by a computer system |
US5923731A (en) | 1997-06-30 | 1999-07-13 | Command Communications, Inc. | Telephone monitoring and alarm device |
US6101499A (en) | 1998-04-08 | 2000-08-08 | Microsoft Corporation | Method and computer program product for automatically generating an internet protocol (IP) address |
US6233536B1 (en) | 1998-11-30 | 2001-05-15 | General Electric Company | Remote lifecycle monitoring of electronic boards/software routines |
US6658586B1 (en) | 1999-10-07 | 2003-12-02 | Andrew E. Levi | Method and system for device status tracking |
US6636983B1 (en) | 1999-10-07 | 2003-10-21 | Andrew E. Levi | Method and system for uniform resource locator status tracking |
US6833787B1 (en) | 1999-10-07 | 2004-12-21 | Asap Software Express, Inc. | Method and system for device tracking |
AU7750300A (en) | 1999-10-07 | 2001-05-10 | Critical Devices, Inc. | Method and system for providing technical support with user approval |
US6658585B1 (en) | 1999-10-07 | 2003-12-02 | Andrew E. Levi | Method and system for simple network management protocol status tracking |
US6477667B1 (en) | 1999-10-07 | 2002-11-05 | Critical Devices, Inc. | Method and system for remote device monitoring |
AU7755800A (en) | 1999-10-07 | 2001-05-10 | Critical Devices, Inc. | Method and system for device registration |
US6380860B1 (en) | 1999-12-14 | 2002-04-30 | Joseph R. Goetz | Portable wireless cellular fire alarm system apparatus and method |
US7047426B1 (en) | 2000-04-27 | 2006-05-16 | Warranty Corporation Of America | Portable computing device communication system and method |
US6504479B1 (en) | 2000-09-07 | 2003-01-07 | Comtrak Technologies Llc | Integrated security system |
US6826611B1 (en) | 2000-09-30 | 2004-11-30 | Fluke Corporation | Apparatus and method for automatically obtaining a valid IP configuration in a local area network |
KR20010008101A (en) | 2000-11-08 | 2001-02-05 | 제경성 | A electronic business system using an identification number of a hardware and a business method using the same |
US6947978B2 (en) | 2000-12-29 | 2005-09-20 | The United States Of America As Represented By The Director, National Security Agency | Method for geolocating logical network addresses |
US7111292B2 (en) | 2001-09-10 | 2006-09-19 | Texas Instruments Incorporated | Apparatus and method for secure program upgrade |
US7181195B2 (en) | 2002-02-14 | 2007-02-20 | International Business Machines Corporation | Method and system for tracing missing network devices using hardware fingerprints |
US7302590B2 (en) | 2003-01-06 | 2007-11-27 | Microsoft Corporation | Systems and methods for providing time-and weight-based flexibly tolerant hardware ID |
US7278131B2 (en) | 2003-03-03 | 2007-10-02 | Microsoft Corporation | Compact hardware identification for binding a software package to a computer system having tolerance for hardware changes |
US10013535B2 (en) | 2003-11-21 | 2018-07-03 | Ciena Corporation | Software configuration of module dependent on history |
US8868933B2 (en) | 2004-03-26 | 2014-10-21 | Absolute Software Corporation | Persistent servicing agent |
US8554889B2 (en) | 2004-04-21 | 2013-10-08 | Microsoft Corporation | Method, system and apparatus for managing computer identity |
US7379918B2 (en) | 2004-07-30 | 2008-05-27 | Microsoft Corporation | Method and system for single reactivation of software product licenses |
WO2006089352A1 (en) | 2005-02-22 | 2006-08-31 | United Electrical Software P/L | Method and system for monitoring computer systems |
-
2007
- 2007-03-20 US US11/726,352 patent/US9547780B2/en active Active
-
2017
- 2017-01-17 US US15/408,257 patent/US20170193048A1/en not_active Abandoned
Patent Citations (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4284985A (en) * | 1980-03-03 | 1981-08-18 | Vernon G. Heger | Stolen equipment recovery device |
US6244758B1 (en) * | 1994-11-15 | 2001-06-12 | Absolute Software Corp. | Apparatus and method for monitoring electronic devices via a global network |
US6269392B1 (en) * | 1994-11-15 | 2001-07-31 | Christian Cotichini | Method and apparatus to monitor and locate an electronic device using a secured intelligent agent |
US6300863B1 (en) * | 1994-11-15 | 2001-10-09 | Absolute Software Corporation | Method and apparatus to monitor and locate an electronic device using a secured intelligent agent via a global network |
US6031894A (en) * | 1997-05-23 | 2000-02-29 | Micron Electronics, Inc. | Method and apparatus for locating a stolen electronic device using automatic number identification |
US6032257A (en) * | 1997-08-29 | 2000-02-29 | Compaq Computer Corporation | Hardware theft-protection architecture |
US6950946B1 (en) * | 1999-03-30 | 2005-09-27 | International Business Machines Corporation | Discovering stolen or lost network-attachable computer systems |
US20040031030A1 (en) * | 2000-05-20 | 2004-02-12 | Equipe Communications Corporation | Signatures for facilitating hot upgrades of modular software components |
US20020112052A1 (en) * | 2001-02-13 | 2002-08-15 | Peter Brittingham | Remote computer capabilities querying and certification |
US20030084075A1 (en) * | 2001-11-01 | 2003-05-01 | Verisign, Inc. | Method and system for updating a remote database |
US20040122931A1 (en) * | 2002-12-19 | 2004-06-24 | Microsoft Corporation | Generating globally unique device identification |
US20040268370A1 (en) * | 2003-06-26 | 2004-12-30 | Microsoft Corporation | Exception handling |
US20050033833A1 (en) * | 2003-08-05 | 2005-02-10 | International Business Machines Corporation | Method, system, and program product fo rmanaging device identifiers |
US20050086502A1 (en) * | 2003-10-16 | 2005-04-21 | Ammar Rayes | Policy-based network security management |
US7237267B2 (en) * | 2003-10-16 | 2007-06-26 | Cisco Technology, Inc. | Policy-based network security management |
US20050204162A1 (en) * | 2004-03-09 | 2005-09-15 | Rayes Mark A. | Isolation approach for network users associated with elevated risk |
US20060276175A1 (en) * | 2004-12-03 | 2006-12-07 | Samsung Electronics Co., Ltd. | Method of tracking stolen mobile device connected to wireless or wired network |
US20060161750A1 (en) * | 2005-01-20 | 2006-07-20 | Matsushita Electric Industrial Co., Ltd. | Using hardware to secure areas of long term storage in CE devices |
US7509116B2 (en) * | 2005-03-30 | 2009-03-24 | Genx Mobile Incorporated | Selective data exchange with a remotely configurable mobile unit |
US20070072620A1 (en) * | 2005-09-29 | 2007-03-29 | Levitan Benjamin C | System and method for recovering a lost or stolen wireless device |
US7409219B2 (en) * | 2005-09-29 | 2008-08-05 | Nextel Communications Inc. | System and method for recovering a lost or stolen wireless device |
US20130198522A1 (en) * | 2010-04-08 | 2013-08-01 | Tadayoshi Kohno | Systems and methods for file access auditing |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109933598A (en) * | 2019-03-12 | 2019-06-25 | 北京奇虎科技有限公司 | A kind of data base processing method, system and storage medium |
Also Published As
Publication number | Publication date |
---|---|
US20070234427A1 (en) | 2007-10-04 |
US9547780B2 (en) | 2017-01-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20170193048A1 (en) | Method for determining identification of an electronic device | |
CA2646602C (en) | Method for determining identification of an electronic device | |
US8051298B1 (en) | Integrated fingerprinting in configuration audit and management | |
US7683787B2 (en) | Systems, methods, and media for managing electronic asset tags for asset devices | |
JP5475743B2 (en) | Persistence service provider | |
US6658586B1 (en) | Method and system for device status tracking | |
US6636983B1 (en) | Method and system for uniform resource locator status tracking | |
CN1691677B (en) | Method, system and apparatus for managing computer identity | |
US10936294B2 (en) | Blockchain-based software compliance system | |
WO2015017581A1 (en) | Centralized selective application approval for mobile devices | |
EP1864238A1 (en) | Persistent servicing agent | |
CN103827878B (en) | Automate Password Management | |
CN103413083A (en) | Security defending system for single host | |
CN100452908C (en) | System and method for preventing software and hardware with communication condition / function from being embezzled | |
CN103020542B (en) | Store the technology of the secret information being used for global data center | |
AU2015215890B2 (en) | Method for determining identification of an electronic device | |
WO2000075782A1 (en) | Security system | |
AU2014200139A1 (en) | Method for determining identification of an electronic device | |
US20240015164A1 (en) | Method for verifying security technology deployment efficacy across a computer network | |
McKinnon et al. | Novel Approach to Asset Inventory of Facility-Related Control Systems through Augmented Reality | |
KR20050074816A (en) | The method of operation real time automatic recovery system | |
KR20110047581A (en) | System and method for audit trailling user terminal in computer network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: ABSOLUTE SOFTWARE CORPORATION, CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:GARDNER, PHILIP B.;VOLODARETS, VICTOR;SIGNING DATES FROM 20070611 TO 20070612;REEL/FRAME:044486/0638 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |