WO2013070222A1 - Apparatus, system, and method for protecting electronic devices in a virtual perimeter - Google Patents

Apparatus, system, and method for protecting electronic devices in a virtual perimeter Download PDF

Info

Publication number
WO2013070222A1
WO2013070222A1 PCT/US2011/060119 US2011060119W WO2013070222A1 WO 2013070222 A1 WO2013070222 A1 WO 2013070222A1 US 2011060119 W US2011060119 W US 2011060119W WO 2013070222 A1 WO2013070222 A1 WO 2013070222A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic devices
hierarchy
context
electronic device
top element
Prior art date
Application number
PCT/US2011/060119
Other languages
French (fr)
Inventor
Cristian F. BULLOKLES
Dan F. HIRSCH
Original Assignee
Intel Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corporation filed Critical Intel Corporation
Priority to CN201180074784.7A priority Critical patent/CN103917983B/en
Priority to JP2014541017A priority patent/JP6061943B2/en
Priority to EP11875454.8A priority patent/EP2776963B1/en
Priority to PCT/US2011/060119 priority patent/WO2013070222A1/en
Priority to US13/992,356 priority patent/US9069993B2/en
Publication of WO2013070222A1 publication Critical patent/WO2013070222A1/en
Priority to US14/731,831 priority patent/US9489545B2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/178Techniques for file synchronisation in file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6281Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Definitions

  • Embodiments of the invention relate generally to the field, of data and device security. More particularly, embodiments of the invention relate to apparatus, system, and method for protecting for protecting electronic devices through the creation of a virtual perimeter among the electronic devices.
  • Companion devices of a person because they are closely associated with the person. Many of these devices are mobile devices and travel with their owners moving around different types of contexts, some private contexts and some public contexts. Examples of private contexts are home, car, office, etc. Examples of public contexts are bar, gym, airport, etc.
  • FIG. 1 illustrates various top devices assigned in different contexts, according to one embodiment of the invention.
  • Fig. 2 is a method flowchart performed by an electronic device to provide or contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
  • Fig, 3 is an electronic device with logic to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
  • Fig. 4 is a server or central processing unit, coupled to multiple electronic devices, to administer the one or more secure perimeters for multiple devices, according to one embodiment of the invention.
  • Fig. 5 is a secure system to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
  • Embodiments of the invention relate to an apparatus, system, and method for protecting electronic devices through the creation of a virtual perimeter among the electronic devices.
  • the embodiments herein create dynamic hierarchies among electronic devices based on their context,
  • the method performed by an electronic device comprises: identifying a current context; receiving a role, according to the current context, in a hierarchy of multiple electronic devices, and operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherein the hierarchy includes a system of security checks based on context information.
  • the embodiments herein also include at least one machine-readable storage medium having computer executable instructions stored, thereon that, w r hen executed, cause a processor to perform the method discussed herein.
  • the electronic device comprises: a logic unit to identify a current context; and. a security agent capable of performing a role of a top element in a hierarchy of multiple electronic devices in the current context identified by the logic, wherein the hierarchy includes a system of security checks based on context information to form a secure perimeter in the current context around the multiple electronic devices,
  • a server comprises: a security manager module to: register multiple electronic devices; define one or more contexts for the registered multiple electronic devices for providing a secure perimeter in the one or more contexts around the multiple electronic devices; and define a hierarchy for the multiple electronic devices according to the one or more contexts, wherein the security manager module is communicatively coupled, to a security agent of an electronic device from among the multiple electronic devices in the hierarchy.
  • Embodiments of the invention relate to an apparatus, system, and method for protecting for protecting electronic devices through the creation of a virtual perimeter among the electronic devices.
  • the embodiments herein create dynamic hierarchies among electronic devices based on their context.
  • contexts refers to the environment surrounding the electronic devices.
  • electronic devices in a house are part of the home context
  • electronic devices in a bar are part of the bar context
  • electronic devices in a car are part of the car context, etc. in one embodiment, contexts can be
  • contexts can be identified from the type of the Wi-Fi network (private, work, public) or its security enabled system (unsecured. Wi-Fi Protected Access (WPA), etc), in one embodiment, Near Field Communications (NFC), which enables exchange of data within four inches, can also be used to determine proximity between the electronic devices in the hierarchy.
  • Wi-Fi network private, work, public
  • WPA Wi-Fi Protected Access
  • NFC Near Field Communications
  • a system of security checks is logically implemented on top of the dynamic hierarchies created among a set of electronic devices. In one embodiment, the system of security checks is based on context variables.
  • Context variables' " or “context information” herein refers to one or more of physical proximity between electronic devices, from among the multiple electronic devices, in the hierarchy: logical location of the electronic devices, from among the multiple electronic devices, in the hierarchy; movement of an electronic device relative to other electronic devices from among the multiple electronic devices, in the hierarchy; strength of wireless internet connectivity of an electronic device relative to other electronic devices from among the multiple electronic devices, in the hierarchy; an event detected by soft or hard sensors of an electronic device from among the multiple electronic devices, in the hierarchy; a message received from another electronic device from among the multiple electronic devices, in the hierarchy, the message to indicate an event in the current context, or any other context information that may assist with identifying the safety of the electronic device within the hierarchy.
  • Location can refer to physical absolute location (e.g., location based on global positioning system) or logical location like the service set identifier (SSID) of a wireless network the electronic device is connected with. Proximity among electronic devices can be calculated from location information including comparison of signal strength in a Wi-Fi network or when two electronic devices are connected to different networks.
  • SSID service set identifier
  • an electronic device identifies a current context and receives a role, according to the current context, in a hierarchy of multiple electronic devices which includes the electronic device.
  • the multiple electronic devices in the context identify one or more electronic devices as a top element of the hierarchy.
  • the top element plays the role of a leader in the hierarchy and administers any breach of the secure perimeter for the multiple electronic devices in the hierarchy.
  • the electronic devices in the hierarchy periodically check conformity with one or more context rules established for the hierarchy.
  • rule activations refers to rules and conditions for triggering an event if a rule or condition is activated. If a rule is activated, a sequence of events is triggered impacting, at least, the electronic device where the security agent (304 of Fig. 3) is located. When possible, rule activations are also informed to the top element, and may include events among electronic devices (e.g., high-speed synchronization among electronic devices) and/or with the cloud when possible.
  • a context rale for a smart TV in a house where the house is the current context, may be a phy sical distance of the smart TV relative to a predetermined position (e.g., front door of the house).
  • a rale may be expressed as: Rulel : if Condition 1 (is satisfied) then (execute/trigger) Event 1. For example, Rule: If devices are more than 3 meters away from each other then activate E ent2.
  • the top element may trigger an event when a context rale, from among the one or more context rules, is activated for that hierarchy, in one embodiment, if the context rale is activated for the top element, then all electronic devices in the hierarchy are considered in danger and all the electronic devices may be shut down. In other embodiments, if a context rule is activated for one of the electronic device (which is not the top element) then the top element may shut down that electronic device and take precautionary measures to secure the other electronic devices in the hierarchy.
  • signals are represented with lines. Some lines may be thicker, to indicate more constituent signal paths, and/or have arrows at one or more ends, to indicate primary information flow direction. Such indications are not intended to be limiting.
  • any represented signal may actually comprise one or more signals that may travel in either direction and may be implemented with any suitable type of signal scheme.
  • Coupled and its derivatives may be used.
  • the term “coupled” herein refers to two or more elements which are in direct contact (physically, electrically, magnetically, optically, etc.).
  • the term “coupled” herein may also refer to two or more elements that are not in direct contact with each other, but still cooperate or interact with each other.
  • Fig. 1 is a scenario 100 with various top electronic devices assigned in different co texts, according to one embodiment of the invention.
  • scenario 00 contexts for the electronic devices associated with a user change as the user moves from home to the office.
  • the scenario 100 comprises of three contexts, home 101, car 102, and office 103. While the embodiments herein describe these three contexts, the essence of the invention may be used with any context, for example, airport, bar, gym, shopping mall, etc.
  • a user may have multiple electronic devices including a desktop computer 104, a smart-phone 105, a laptop computer 06, a tablet PC 07, a digital camera 108, a smart TV 1 10, etc.
  • a hierarchy of the multiple electronic devices is generated.
  • the multiple devices have logic which polls ail the devices and decides which device or devices should, take the role of the top element in the hierarchy.
  • the electronic devices in the context e.g., home
  • a server e.g., a cloud server
  • the electronic devices communicate with one another and elect the top element from among the multiple electronic devices.
  • the electronic device may compare a set of criteria for each electronic device and determine which electronic device should be the top element in that hierarchy for that context. For example, in the home 101 , the desktop computer 104 is least likely to be stolen and has the most computing power (e.g., bigger memory, easy access to the Internet through wired and wireless means, etc) compared to the digital camera 108 and other electronic devices in the context home 101.
  • the electronic devices may elect the desktop computer 104 to be the top element.
  • the electronic devices in a context execute, in view of the context, a leader election algorithm to identify the top element.
  • Leader election algorithm is a process of designating a single process as the organizer of some task distributed among several computers
  • the context changes and so the hierarchy of the multiple electronic devices in the new context, i.e. car context 102, may change accordingly.
  • the on board computer system in the car 109 may become the top element.
  • the top element may be assigned by the user, elected by mutual consent among the electronic devices in the context, or selected by means of executing a leader election algorithm.
  • the car 109 is the top element and the hierarchy comprises of the car 109, the smart-phone 105, laptop 106, and the tablet PC 107.
  • the context rule dictates when an event is triggered.
  • a context rule may be activated and an event triggered by the top element indicating that the user has left behind its smart-phone 105 while the user took with it the other electronic devices (the laptop 106 and the tablet PC 107).
  • the top element triggers an event (according to the defined context rale) that may shut down the car, lock its doors, and windows, turn off all electronic devices in the hierarchy of the car context 102, synchronize data from all the electronic devices with the home desktop 104 or a cloud computer (not shown).
  • the hierarchy of the electronic devices is dynamically modified.
  • the term "dynamic" herein refers to an automatic event which takes place in real-time, for example, a few seconds.
  • the laptop 106 may be the top element of the hierarch comprising the laptop 106, smart-phone 105, and tablet PC 107.
  • the laptop 106 is the most likely device to be the top element because it is least likely to be lost.
  • all electronic devices in the hierarchy of the office context 103 are disabled.
  • Fig. 2 is a method flowchart performed by an electronic device to provide or contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
  • the blocks in the flowchart 200 are shown in a particular order, the order of the actions can be modified.
  • the illustrated embodiments can be performed in a different order, and some actions/blocks may be performed in parallel. Additionally, one or more actions/blocks can be omitted in various embodiments for providing a secure perimeter for multiple electronic devices.
  • the flowchart of Fig. 2 is illustrated with reference to the embodiments of Fig. I and Figs. 3-5.
  • the electronic device identifies a current context for multiple electronic devices including the electronic device.
  • the context of the multiple electronic devices changes as the user of those multiple electronic devices moves from one context to another. For example, as the user moves from the home context 101 to the office context 103, the types of multiple electronic devices associated with the user change and so the hierarchy of those electronic devices changes.
  • the electronic device receives a role, according to the current context, in a hierarchy of the multiple electronic devices, wherein the hierarchy includes a system of security checks based, on context information to form a secure perimeter in the current context around the multiple electronic devices.
  • the role may be a role of a top element or a role of a subordinate element (which is not the top element) in the hierarchy.
  • the electronic device identifies, as a top element of the hierarchy, one or more electronic devices from among the multiple electronic devices. As discussed above, identifying the top element of the hierarchy comprises performing at least one of: electing, as the top element, one or more electronic devices from among the multiple electronic devices; or executing, in view of the current context, a leader election algorithm to identify the top element. In one embodiment, the electronic devices may receive a notification of identity of the top element from another electronic device such as a server. The method further comprises operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherein the hierarchy includes a system of security checks based on context information,
  • the definition of the top element depends on the context of the multiple electronic devices.
  • the top element is a device (or a set of devices) that has the least probability to be lost or stolen in a context.
  • the desktop computer 104 may be identified as a top element, versus the laptop 106 or the smart-phone 105, etc.
  • a game console or a smart TV may be considered as a top element in the home context 101.
  • the laptop 106 may be the top element versus the smart-phone 105 or the tablet PC 107.
  • the smart-phone 105 may be a better candidate for being the top element versus the laptop 106 because the smart-phone 105 is most likely to remain in the user's pocket while the laptop 106 is more likely to be stored, in a bag that has higher risk of being stolen from the vehicle.
  • all devices in the hierarchy know which electronic device is the top element.
  • other devices, nearby, that are not part of the hierarchy may be known by their peer electronic devices for proximity identification.
  • each electronic device sends an acknowledgment message to other electronic devices, among the multiple electronic devices in the hierarchy, to confirm that all the electronic devices among the multiple electronic devices are part of the hierarchy. In one embodiment, this handshake procedure confirms the boundaries of the secure perimeter for a particular context.
  • each electronic device periodically checks conformity with the one or more context rales. The term "periodically" herein refers to regular intervals e.g., every 5 seconds.
  • the system of security checks comprises one or more context rules for each of electronic device among the multiple electronic devices.
  • an electronic device within the hierarchy may trigger an event when a context rule, from among the one or more context rules, is activated.
  • the event comprises performing a security shut down where the electronic device locks itself and if possible informs the top device of its shut down.
  • security shut down is akin to activating a panic button.
  • the electronic device securely shuts down itself or at least one of the electronic devices from among the multiple electronic devices in the hierarchy that causes the triggering of the event.
  • the event comprises high-speed, synchronization in which data is synchronized with another machine.
  • the other machine is a cloud computing uni
  • synchronizing with the other machine comprises copying data from the electronic devices to the cloud computing unit to secure the data in these devices.
  • all electronic devices, among the multiple electronic devices are shut down when the top element triggers an event indicating that the top element is outside the secure perimeter.
  • the event comprises a hierarchy shut down in which all the multiple electronic devices in the hierarchy are shut down. For example, if a top element is not detected by the electronic devices in the hierarchy then all electronic devices in the hierarchy shut down themselves.
  • the event comprises hierarchy lock-in in which when an electronic device in the hierarchy cannot detect all other electronic devices of the hierarchy in the specific context, then a security breach has occurred and the electronic device that triggered the event is shut down.
  • the event comprises activating anti-theft protocol for the device that triggered the event or for at least one of the electronic devices from among the multiple electronic devices in the hierarchy.
  • the above list of events is not meant to be an exclusive list of events; other events can be triggered to inform the user that a security breach has occurred, against an electronic device within a hierarchy in the context.
  • a top element is identified and all electronic devices in the hierarchy of that context acknowledge participating in the development of the secure perimeter among each other in the hierarchy.
  • the electronic devices continuously check against context rules.
  • the term "continuous” herein refers to uninterrupted check against context rules.
  • the electronic devices periodically check against context rales. If a rule is activated, for example, a smart-phone is unexpectedly moved away from a laptop (the top element), an event is triggered, and a sound alarm is fired off or a complete shutdown of the smart-phone is performed.
  • Fig. 3 is an electronic device 300 with logic to provide or to contribute towards a establishing a context-aware secure virtual perimeter of multiple devices, according to one embodiment of the invention, '
  • the electronic device 300 comprises a processing unit 302 coupled to a display unit 301.
  • the processing unit 302 is coupled to at least one machine-readable storage medium, such as machine-readable storage medium 309, having instructions to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
  • Elements of embodiments are provided as a machme-readable medium 309 for storing the computer-executable instructions (e.g., instructions to implement the flowchart of Fig. 2 and any other processes discussed herein).
  • the machine-readable medium 309 may include, but is not limited to, flash memory, optical disks, CD-ROMs, DVD ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, or other type of machine-readable media suitable for storing electronic or computer-executable instructions.
  • embodiments of the invention may be downloaded as a computer program (e.g., BIOS) which may be transferred from a remote computer (e.g., a server) to a requesting computer (e.g., a client) byway of data signals via a communication link (e.g., a modem or network connection) or from an AppStore®, for example, AppUp from Intel ⁇ , Android® market place, iTunes®, etc.,
  • BIOS e.g., BIOS
  • inventions of the invention can be deployed in multiple form factors and types of connected devices, i.e. the electronic devices that include communication capabilities for them to interact with other electronic devices.
  • embodiments of the invention can be deployed in a desktop computer, a laptop computer, a net-book, a tablet, a notebook computer, a personal digital assistant (PDA), a server, a workstation, a cellular telephone, a mobile computing device, a smart-phone, an e-book reader, an Internet appliance or any other type of eo neetable device.
  • PDA personal digital assistant
  • the system 300 comprises a network interface
  • the network interface 305 to interact (by wired or wireless means) with other electronic devices in the virtual perimeter.
  • the network interface 305 is implemented by any type of well known network interface standard including, but not limited to. an Ethernet interface, a universal serial bus (USB) interface, a Peripheral Component Interconnect (PCI) Express interface, a wireless interface and/or any other suitable type of interface.
  • the wireless interface operates in accordance with, but is not limited to, the IEEE 802.1 1 standard and its related family, Wi-Fi, HomePlug AV (HPAV), Ultra Wide Band (UWB), Bluetooth, WiMAX, Near Field, or any form of wireless communica tion protocol .
  • modules shown in Fig. 3 are depicted as separate blocks within the system 300, the functions performed by some of these blocks may be integrated within a single semiconductor circuit or may be implemented using two or more separate integrated circuits.
  • the memory 309 is depicted as a separate block in the system 300, it can be incorporated into the processing unit 302.
  • the system 300 may include more than one processing unit within the processing unit 302.
  • the network interface 305 is operable to access other devices in the hierarchy.
  • the electronic device 300 includes a speaker 306 that is operable to sound an alarm upon triggering of an event.
  • the processing unit 302 has logic (software or hardware) to provide or to contribute towards a establishing a context-aware secure perimeter of multiple electronic devices.
  • the logic is a security agent 304.
  • each electronic device in the hierarchy includes a security agent.
  • the security agent includes the logic 307 to become or select a top element.
  • top elements are dynamically defined by the user or automatically detected by the electronic devices in the hierarchy based on context awareness.
  • the security agent 304 includes enough intelligence to provide some context data to the top element (e.g., its logical or absolute location) and react upon events triggered by the context rules.
  • the security agent 304 comprises a context awareness engine 308.
  • the context awareness engine 308 is capable of generating and receiving information related to device location and proximity of members of the same hierarchy.
  • the context awareness engine 308 includes the context mles that trigger different types of events based on the context information and/or configuration of the security manager, where the security manager resides in another machine, for example, a cloud.
  • a rule when a rule is activated a sequence of events is triggered affecting, at least, the electronic device where the security agent is located.
  • Fig. 4 is a server system 400 for coupling to multiple electronic devices to administer the one or more secure perimeters for multiple electronic devices in one or more hierarchies, according to one embodiment of the invention.
  • the server system 400 comprises a server 401 (hardware cornputing/connectable device) including the security manager 402.
  • the security manager 402 communicates with the security agents (e.g., security agent 304 of Fig. 3 ⁇ of multiple electronic devices in different contexts.
  • the security manager 402 allows the configuration of a secure perimeter by defining contexts, hierarchies associated to contexts, and. the rules that trigger different types of events (e.g., fast synchronization among devices, firing of an alarm, device shutdown, etc.).
  • the security manager 402 is in charge of configuration of the security agent of each electronic device. In one embodiment, the security manager 402 resides in the cloud and may be administered from a top element in a hierarchy of a context. In one embodiment, the security manager 402 is implemented as hardware logic coupled to a processor of the serv er 401 or included in the processor of the server 401. In other embodiments, the security manager 402 is implemented as software modules executed by a processor in the server 401. [0059] In one embodiment, the server 401 couples to a database storage unit
  • the security manager 402 (also called security manager module) is operable to: register multiple electronic devices; define one or more contexts for the registered multiple electronic devices for providing a secure perimeter in the one or more contexts around, the multiple electronic devices; and. define a hierarchy for the multiple electronic devices according to the one or more contexts.
  • the security manager module 402 defines the hierarchy by registering one or more electronic devices among the multiple electronic devices as a top element in the hierarchy.
  • the security manager module 402 is operable to register one or more electronic devices as the top element by performing at least one of: assigning one or more electronic devices, from among the multiple electronic device, as the top element; receiving an input from one or more electronic devices, among the multiple electronic devices, that elected the top element from among the multiple electronic devices; or executing, in view of the context, a leader election algorithm to identify the top element.
  • Fig. 5 is a secure system 500 to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
  • the secure system 500 shows one or more electronic devices 108, 107, and 106 that are communicatively coupled to one another by means of a hierarchy link.
  • the electronic devices 108, 107, and 106 are also communicatively coupled to the security manager 402 because the top element role can dynamically change and so all the electronic devices in a hierarchy may have the ability to communicate with the security manager 402,
  • the electronic devices 108, 107, and 106 may have the ability to connect to the security manager 402, but to avoid communication overhead or due to device limitations (e.g. a photo camera), not all electronic devices 108, 107, and 106 in the hierarchy may choose to connect directly to the security manager 402 in the cloud.
  • device limitations e.g. a photo camera
  • the only device connecting to the security manager 402 is the top element while the rest of the electronic devices communicate with the top element though the hierarchy communication links.
  • proximity keys are incorporated, in the electronic devices so that the proximity keys need to be close in distance to electronic devices to enable them to work. In the event the electronic device is moved away from the proximity key by a predetermined threshold distance, an event is triggered.
  • high-speed synchronization storage systems are Wi-Fi enabled, and in case of an event, can synchronize with one or more electronic devices through high speed protocols.
  • synchronization storage systems can be hidden from plain view and if somebody moves a laptop, a device of the hierarchy, when the owner of the home is on vacation, the high-speed synchronization storage system may send a message to the owner that its laptop is being moved.
  • house alarm systems can be modified so that when an event is triggered, the user's home (home context) alarm is also triggered in addition to the high speed synchronization with the top element.
  • additional hardware/software features may be added to the electronic devices to enable them to trigger events even when the electronic devices are in sleep mode.
  • sleep mode herein refers to a low power consumption mode when the electronic device is not completely off, but most of its high power consuming logics and processors are turned off or operating on a low power supply level to conserve energy-.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Telephone Function (AREA)
  • User Interface Of Digital Computer (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Alarm Systems (AREA)

Abstract

Described herein are apparatus, system, and method for protecting electronic devices through the creation of a virtual perimeter among the electronic devices. The virtual perimeter may be generated by the electronic devices themselves. The method performed by an electronic device comprises: identifying a current context; receiving a role, according to the current context, in a hierarchy of multiple electronic devices, and operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherein the hierarchy includes a system of security checks based on context information.

Description

APPARATUS, SYSTEM, AND METHOD FOR PROTECTING ELECTRONIC DEVICES IN A VIRTUAL PERIMETER
FIELD OF THE INVENTION
[0001 ] Embodiments of the invention relate generally to the field, of data and device security. More particularly, embodiments of the invention relate to apparatus, system, and method for protecting for protecting electronic devices through the creation of a virtual perimeter among the electronic devices.
BACKGROUND
[0002] These days many people go through their daily activities interacting with, a myriad of devices they own, for example, smart-phones, tablet PCs, net- books, laptops, desktop computers, smart televisions (TVs), car onboard systems, photo cameras, infotainment systems, etc. These devices are also called
"companion devices" of a person because they are closely associated with the person. Many of these devices are mobile devices and travel with their owners moving around different types of contexts, some private contexts and some public contexts. Examples of private contexts are home, car, office, etc. Examples of public contexts are bar, gym, airport, etc.
[0003] Handling multiple devices, especially in public places, gives rise to high risk of losing one of the devices a de vice may be stolen or the owner may- forget one of the multiple devices at a certain place. For example, a common scene in a bar is people working on their laptops while their smart-phones are on the table. In such a scenario, people may walk away from the bar leaving their smart-phone on the table. Likewise, during business travel a person waiting for a flight may try to catch up work and leave behind their laptop in a hurry to find, the best seat in the plane. Another example is that during a security check at the airport a person may leave behind their laptop or smart-phone near the X-ray machines trying to run to catch their flight,
[0004] One way to protect the data on these devices left behind, is to regularly backup data or to synchronize data with previous data versions. However,
I such methods do not preclude the device from being stolen or lost. Neither do these methods avoid possible access to the data on these devices and u sage of the d evices.
BRIEF DESCRIPTION OF THE DRAWINGS
[Θ005] Embodiments of the invention will be understood more fully from the detailed description given belo and from the accompanying drawings of various embodimeiUs of the invention, which, however, should not be taken to limit the invention to the specific embodiments, but are for explanation and
understanding only.
[0006] Fig. 1 illustrates various top devices assigned in different contexts, according to one embodiment of the invention.
[0007] Fig. 2 is a method flowchart performed by an electronic device to provide or contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
[0008] Fig, 3 is an electronic device with logic to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
[0009] Fig. 4 is a server or central processing unit, coupled to multiple electronic devices, to administer the one or more secure perimeters for multiple devices, according to one embodiment of the invention.
[0010] Fig. 5 is a secure system to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
SUMMARY
[0011] The following presents a simplified summary of the embodiments of the invention in order to provide a basic understanding of some aspects of the embodiments. This summary is not an extensive overview of the embodiments of the invention. It is intended to neither identify key or critical elements of the embodiments nor delineate the scope of the embodiments. Its sole purpose is to present some concepts of the embodiments of the invention in a simplified form as a prelude to the more detailed description that is presented later. [0012] Embodiments of the invention relate to an apparatus, system, and method for protecting electronic devices through the creation of a virtual perimeter among the electronic devices. The embodiments herein create dynamic hierarchies among electronic devices based on their context,
[0013] In one embodiment, the method performed by an electronic device comprises: identifying a current context; receiving a role, according to the current context, in a hierarchy of multiple electronic devices, and operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherein the hierarchy includes a system of security checks based on context information. The embodiments herein also include at least one machine-readable storage medium having computer executable instructions stored, thereon that, wrhen executed, cause a processor to perform the method discussed herein.
[0014] In one embodiment, the electronic device comprises: a logic unit to identify a current context; and. a security agent capable of performing a role of a top element in a hierarchy of multiple electronic devices in the current context identified by the logic, wherein the hierarchy includes a system of security checks based on context information to form a secure perimeter in the current context around the multiple electronic devices,
[0015] In one embodiment, a server comprises: a security manager module to: register multiple electronic devices; define one or more contexts for the registered multiple electronic devices for providing a secure perimeter in the one or more contexts around the multiple electronic devices; and define a hierarchy for the multiple electronic devices according to the one or more contexts, wherein the security manager module is communicatively coupled, to a security agent of an electronic device from among the multiple electronic devices in the hierarchy.
[0016] The following description and. the annexed drawings set forth in detail certain illustrative aspects of the embodiments of the invention. These aspects are indicative, however, of but a few of the various ways in which the principles of the embodiments of the invention may be employed. The
embodiments of the invention are intended to embrace all equivalents in the form of alternatives, modifications, and variations that fall within the broad scope of the appended claims. Other advantages and novel features of the embodiments of the invention will become apparent from the following detailed description of the embodiments of the invention when considered in conjunction with the drawings.
DETAILED DESCRIPTION
10017] Embodiments of the invention relate to an apparatus, system, and method for protecting for protecting electronic devices through the creation of a virtual perimeter among the electronic devices. The embodiments herein create dynamic hierarchies among electronic devices based on their context.
[0018] The term "context" herein refers to the environment surrounding the electronic devices. For example, electronic devices in a house are part of the home context, electronic devices in a bar are part of the bar context, electronic devices in a car are part of the car context, etc. in one embodiment, contexts can be
identified/defined by a user or automatically selected by the electronic device. For example, contexts can be identified from the type of the Wi-Fi network (private, work, public) or its security enabled system (unsecured. Wi-Fi Protected Access (WPA), etc), in one embodiment, Near Field Communications (NFC), which enables exchange of data within four inches, can also be used to determine proximity between the electronic devices in the hierarchy.
[0019] These context-aware dynamic hierarchies reduce the risk of burglary and information loss on these electronic devices. In one embodiment, a system of security checks is logically implemented on top of the dynamic hierarchies created among a set of electronic devices. In one embodiment, the system of security checks is based on context variables.
[0020] The term "context variables'" or "context information" herein refers to one or more of physical proximity between electronic devices, from among the multiple electronic devices, in the hierarchy: logical location of the electronic devices, from among the multiple electronic devices, in the hierarchy; movement of an electronic device relative to other electronic devices from among the multiple electronic devices, in the hierarchy; strength of wireless internet connectivity of an electronic device relative to other electronic devices from among the multiple electronic devices, in the hierarchy; an event detected by soft or hard sensors of an electronic device from among the multiple electronic devices, in the hierarchy; a message received from another electronic device from among the multiple electronic devices, in the hierarchy, the message to indicate an event in the current context, or any other context information that may assist with identifying the safety of the electronic device within the hierarchy.
10021 j Location can refer to physical absolute location (e.g., location based on global positioning system) or logical location like the service set identifier (SSID) of a wireless network the electronic device is connected with. Proximity among electronic devices can be calculated from location information including comparison of signal strength in a Wi-Fi network or when two electronic devices are connected to different networks.
[0022] In one embodiment, an electronic device identifies a current context and receives a role, according to the current context, in a hierarchy of multiple electronic devices which includes the electronic device. In one embodiment, the multiple electronic devices in the context identify one or more electronic devices as a top element of the hierarchy. The top element plays the role of a leader in the hierarchy and administers any breach of the secure perimeter for the multiple electronic devices in the hierarchy. In one embodiment, the electronic devices in the hierarchy periodically check conformity with one or more context rules established for the hierarchy.
[0023] The term "context rules," "rules," or "agent rule" herein refers to rules and conditions for triggering an event if a rule or condition is activated. If a rule is activated, a sequence of events is triggered impacting, at least, the electronic device where the security agent (304 of Fig. 3) is located. When possible, rule activations are also informed to the top element, and may include events among electronic devices (e.g., high-speed synchronization among electronic devices) and/or with the cloud when possible. For example, a context rale for a smart TV in a house, where the house is the current context, may be a phy sical distance of the smart TV relative to a predetermined position (e.g., front door of the house). A rale may be expressed as: Rulel : if Condition 1 (is satisfied) then (execute/trigger) Event 1. For example, Rule: If devices are more than 3 meters away from each other then activate E ent2. [0024] In one embodiment, the top element may trigger an event when a context rale, from among the one or more context rules, is activated for that hierarchy, in one embodiment, if the context rale is activated for the top element, then all electronic devices in the hierarchy are considered in danger and all the electronic devices may be shut down. In other embodiments, if a context rule is activated for one of the electronic device (which is not the top element) then the top element may shut down that electronic device and take precautionary measures to secure the other electronic devices in the hierarchy.
[0025] In the following description, numerous details are discussed to provide a more thorough explanation of embodiments of the present invention. It will be apparent, however, to one skilled in the art, that embodiments of the present invention may be practiced without these specific details. In other instances, well- known structures and devices are shown in block diagram form, rather than in detail, in order to avoid obscuring embodiments of the present invention.
[0026] Note that in the corresponding drawings of the embodiments, signals are represented with lines. Some lines may be thicker, to indicate more constituent signal paths, and/or have arrows at one or more ends, to indicate primary information flow direction. Such indications are not intended to be limiting.
Rather, the lines are used in connection with one or more exemplary embodiments to facilitate easier understanding of a circuit or a logical unit. Any represented signal, as dictated by design needs or preferences, may actually comprise one or more signals that may travel in either direction and may be implemented with any suitable type of signal scheme.
[0027] In the following description and claims, the term "coupled" and its derivatives may be used. The term "coupled" herein refers to two or more elements which are in direct contact (physically, electrically, magnetically, optically, etc.). The term "coupled" herein may also refer to two or more elements that are not in direct contact with each other, but still cooperate or interact with each other.
[0028] As used herein, unless otherwise specified the use of the ordinal adjectives "first," "second," and "third," etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking or in any other manner.
[0029] Fig. 1 is a scenario 100 with various top electronic devices assigned in different co texts, according to one embodiment of the invention. For example, in the scenario 00, contexts for the electronic devices associated with a user change as the user moves from home to the office. The scenario 100 comprises of three contexts, home 101, car 102, and office 103. While the embodiments herein describe these three contexts, the essence of the invention may be used with any context, for example, airport, bar, gym, shopping mall, etc.
[0030] At home 101. which is a private context, a user may have multiple electronic devices including a desktop computer 104, a smart-phone 105, a laptop computer 06, a tablet PC 07, a digital camera 108, a smart TV 1 10, etc. In one embodiment, to generate a secure perimeter around the context home 101 for the multiple electronic devices in the home 101, a hierarchy of the multiple electronic devices is generated. In one embodiment, the multiple devices have logic which polls ail the devices and decides which device or devices should, take the role of the top element in the hierarchy.
[0031 ] In one embodiment, the electronic devices in the context (e.g., home
101) are pre-assigned with roles in a hierarchy for that context. In one embodiment, a server (e.g., a cloud server) may assign one or more electronic devices, from among the multiple electronic devices, as the top element. In one embodiment, the electronic devices communicate with one another and elect the top element from among the multiple electronic devices. In such an embodiment, the electronic device may compare a set of criteria for each electronic device and determine which electronic device should be the top element in that hierarchy for that context. For example, in the home 101 , the desktop computer 104 is least likely to be stolen and has the most computing power (e.g., bigger memory, easy access to the Internet through wired and wireless means, etc) compared to the digital camera 108 and other electronic devices in the context home 101. In such an embodiment, the electronic devices may elect the desktop computer 104 to be the top element. In one embodiment, the electronic devices in a context execute, in view of the context, a leader election algorithm to identify the top element. [0032] "Leader election algorithm" is a process of designating a single process as the organizer of some task distributed among several computers
(electronic devices, or nodes). Before the task is initiated, all network nodes are unaware which node will serve as the "leader," or coordinator, of the task. After a leader election algorithm has been executed, however, each electronic device throughout the hierarchy recognizes a particular, unique electronic device (or set of electronic devices) as the task leader, i.e. top element.
[0033] In one embodiment, as the user moves from the home context 101 to a car context 102, the context changes and so the hierarchy of the multiple electronic devices in the new context, i.e. car context 102, may change accordingly. For example, in the car context 102 the on board computer system in the car 109 may become the top element. As mentioned above, the top element may be assigned by the user, elected by mutual consent among the electronic devices in the context, or selected by means of executing a leader election algorithm. In this example, the car 109 is the top element and the hierarchy comprises of the car 109, the smart-phone 105, laptop 106, and the tablet PC 107.
[0034] In one embodiment, the context rule dictates when an event is triggered. In one embodiment, when the user leaves the car and forgets its smart- phone 105 in the car, a context rule may be activated and an event triggered by the top element indicating that the user has left behind its smart-phone 105 while the user took with it the other electronic devices (the laptop 106 and the tablet PC 107). I one embodiment, if the car is stolen then the top element triggers an event (according to the defined context rale) that may shut down the car, lock its doors, and windows, turn off all electronic devices in the hierarchy of the car context 102, synchronize data from all the electronic devices with the home desktop 104 or a cloud computer (not shown).
[Θ035] In one embodiment, as the user moves from the car context 102 to the office context 103, the hierarchy of the electronic devices is dynamically modified. The term "dynamic" herein refers to an automatic event which takes place in real-time, for example, a few seconds. At the office context 103, the laptop 106 may be the top element of the hierarch comprising the laptop 106, smart-phone 105, and tablet PC 107. In the office context 103, the laptop 106 is the most likely device to be the top element because it is least likely to be lost. However, if the laptop 106 is lost in the office context 103 (e.g., due to a burglary), then in one embodiment all electronic devices in the hierarchy of the office context 103 are disabled.
[0036] Fig. 2 is a method flowchart performed by an electronic device to provide or contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention. Although the blocks in the flowchart 200 are shown in a particular order, the order of the actions can be modified. Thus, the illustrated embodiments can be performed in a different order, and some actions/blocks may be performed in parallel. Additionally, one or more actions/blocks can be omitted in various embodiments for providing a secure perimeter for multiple electronic devices. The flowchart of Fig. 2 is illustrated with reference to the embodiments of Fig. I and Figs. 3-5.
[0037] At block 201 , the electronic device (e.g., laptop 106) identifies a current context for multiple electronic devices including the electronic device. As discussed with reference to Fig, 1, the context of the multiple electronic devices changes as the user of those multiple electronic devices moves from one context to another. For example, as the user moves from the home context 101 to the office context 103, the types of multiple electronic devices associated with the user change and so the hierarchy of those electronic devices changes. At block 202, the electronic device receives a role, according to the current context, in a hierarchy of the multiple electronic devices, wherein the hierarchy includes a system of security checks based, on context information to form a secure perimeter in the current context around the multiple electronic devices.
[0038] In one embodiment, the role may be a role of a top element or a role of a subordinate element (which is not the top element) in the hierarchy. At block 203, the electronic device identifies, as a top element of the hierarchy, one or more electronic devices from among the multiple electronic devices. As discussed above, identifying the top element of the hierarchy comprises performing at least one of: electing, as the top element, one or more electronic devices from among the multiple electronic devices; or executing, in view of the current context, a leader election algorithm to identify the top element. In one embodiment, the electronic devices may receive a notification of identity of the top element from another electronic device such as a server. The method further comprises operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherein the hierarchy includes a system of security checks based on context information,
[Θ039] The definition of the top element depends on the context of the multiple electronic devices. The top element is a device (or a set of devices) that has the least probability to be lost or stolen in a context.
[0040] For example, at the home context 101, the desktop computer 104 may be identified as a top element, versus the laptop 106 or the smart-phone 105, etc. In one embodiment, a game console or a smart TV may be considered as a top element in the home context 101. In other home contexts such as vacation home, or rental home, or when the owner of the house is on vacation, the context reality changes and so the hierarchy of the multiple electronic devices may change too. At a bar, the laptop 106 may be the top element versus the smart-phone 105 or the tablet PC 107. On the road during travel, the smart-phone 105 may be a better candidate for being the top element versus the laptop 106 because the smart-phone 105 is most likely to remain in the user's pocket while the laptop 106 is more likely to be stored, in a bag that has higher risk of being stolen from the vehicle.
[0041] In the embodiments discussed herein, all devices in the hierarchy know which electronic device is the top element. In one embodiment, other devices, nearby, that are not part of the hierarchy may be known by their peer electronic devices for proximity identification.
[0042] At block 204, each electronic device sends an acknowledgment message to other electronic devices, among the multiple electronic devices in the hierarchy, to confirm that all the electronic devices among the multiple electronic devices are part of the hierarchy. In one embodiment, this handshake procedure confirms the boundaries of the secure perimeter for a particular context. At block 205, each electronic device periodically checks conformity with the one or more context rales. The term "periodically" herein refers to regular intervals e.g., every 5 seconds. As mentioned above, the system of security checks comprises one or more context rules for each of electronic device among the multiple electronic devices. At block 205, an electronic device within the hierarchy may trigger an event when a context rule, from among the one or more context rules, is activated.
[0043] In one embodiment, the event comprises performing a security shut down where the electronic device locks itself and if possible informs the top device of its shut down. In one embodiment, security shut down is akin to activating a panic button. In one embodiment, the electronic device securely shuts down itself or at least one of the electronic devices from among the multiple electronic devices in the hierarchy that causes the triggering of the event.
[0044] In one embodiment, the event comprises high-speed, synchronization in which data is synchronized with another machine. In one embodiment, the other machine is a cloud computing uni In one embodiment, the process of
synchronizing with the other machine comprises copying data from the electronic devices to the cloud computing unit to secure the data in these devices. In one embodiment, all electronic devices, among the multiple electronic devices, are shut down when the top element triggers an event indicating that the top element is outside the secure perimeter.
[0045] In one embodiment, the event comprises a hierarchy shut down in which all the multiple electronic devices in the hierarchy are shut down. For example, if a top element is not detected by the electronic devices in the hierarchy then all electronic devices in the hierarchy shut down themselves.
[0046] In one embodiment, the event comprises hierarchy lock-in in which when an electronic device in the hierarchy cannot detect all other electronic devices of the hierarchy in the specific context, then a security breach has occurred and the electronic device that triggered the event is shut down.
[0047] In one embodiment, the event comprises activating anti-theft protocol for the device that triggered the event or for at least one of the electronic devices from among the multiple electronic devices in the hierarchy. The above list of events is not meant to be an exclusive list of events; other events can be triggered to inform the user that a security breach has occurred, against an electronic device within a hierarchy in the context.
[0048] In one embodiment, after identifying the current context and defining the hierarchy among the electronic devices, a top element is identified and all electronic devices in the hierarchy of that context acknowledge participating in the development of the secure perimeter among each other in the hierarchy.
[0049] In one embodiment, the electronic devices continuously check against context rules. The term "continuous" herein refers to uninterrupted check against context rules. In one embodiment, the electronic devices periodically check against context rales. If a rule is activated, for example, a smart-phone is unexpectedly moved away from a laptop (the top element), an event is triggered, and a sound alarm is fired off or a complete shutdown of the smart-phone is performed.
[0050] Fig. 3 is an electronic device 300 with logic to provide or to contribute towards a establishing a context-aware secure virtual perimeter of multiple devices, according to one embodiment of the invention, 'The electronic device 300 comprises a processing unit 302 coupled to a display unit 301. In one embodiment, the processing unit 302 is coupled to at least one machine-readable storage medium, such as machine-readable storage medium 309, having instructions to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention.
[0051 ] Elements of embodiments are provided as a machme-readable medium 309 for storing the computer-executable instructions (e.g., instructions to implement the flowchart of Fig. 2 and any other processes discussed herein). The machine-readable medium 309 may include, but is not limited to, flash memory, optical disks, CD-ROMs, DVD ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, or other type of machine-readable media suitable for storing electronic or computer-executable instructions. For example, embodiments of the invention may be downloaded as a computer program (e.g., BIOS) which may be transferred from a remote computer (e.g., a server) to a requesting computer (e.g., a client) byway of data signals via a communication link (e.g., a modem or network connection) or from an AppStore®, for example, AppUp from Intel©, Android® market place, iTunes®, etc.,
[0052] The embodiments of the invention can be deployed in multiple form factors and types of connected devices, i.e. the electronic devices that include communication capabilities for them to interact with other electronic devices. For example, embodiments of the invention can be deployed in a desktop computer, a laptop computer, a net-book, a tablet, a notebook computer, a personal digital assistant (PDA), a server, a workstation, a cellular telephone, a mobile computing device, a smart-phone, an e-book reader, an Internet appliance or any other type of eo neetable device.
|Θ053] In one embodiment, the system 300 comprises a network interface
305 to interact (by wired or wireless means) with other electronic devices in the virtual perimeter. In one embodiment, the network interface 305 is implemented by any type of well known network interface standard including, but not limited to. an Ethernet interface, a universal serial bus (USB) interface, a Peripheral Component Interconnect (PCI) Express interface, a wireless interface and/or any other suitable type of interface. In one embodiment, the wireless interface operates in accordance with, but is not limited to, the IEEE 802.1 1 standard and its related family, Wi-Fi, HomePlug AV (HPAV), Ultra Wide Band (UWB), Bluetooth, WiMAX, Near Field, or any form of wireless communica tion protocol .
[0054] While the modules shown in Fig. 3 are depicted as separate blocks within the system 300, the functions performed by some of these blocks may be integrated within a single semiconductor circuit or may be implemented using two or more separate integrated circuits. For example, although the memory 309 is depicted as a separate block in the system 300, it can be incorporated into the processing unit 302. In one embodiment, the system 300 may include more than one processing unit within the processing unit 302.
[0055] In one embodiment, the network interface 305 is operable to access other devices in the hierarchy. In one embodiment, the electronic device 300 includes a speaker 306 that is operable to sound an alarm upon triggering of an event. In one embodiment, the processing unit 302 has logic (software or hardware) to provide or to contribute towards a establishing a context-aware secure perimeter of multiple electronic devices. In one embodiment, the logic is a security agent 304.
[0056] In one embodiment, each electronic device in the hierarchy includes a security agent. In one embodiment, the security agent includes the logic 307 to become or select a top element. As discussed above, top elements are dynamically defined by the user or automatically detected by the electronic devices in the hierarchy based on context awareness. In one embodiment, for electronic devices that have limited computational ability, e.g., photo camera, the security agent 304 includes enough intelligence to provide some context data to the top element (e.g., its logical or absolute location) and react upon events triggered by the context rules.
[0057] In one embodiment, the security agent 304 comprises a context awareness engine 308. In one embodiment, the context awareness engine 308 is capable of generating and receiving information related to device location and proximity of members of the same hierarchy. In one embodiment the context awareness engine 308 includes the context mles that trigger different types of events based on the context information and/or configuration of the security manager, where the security manager resides in another machine, for example, a cloud. In one embodiment, when a rule is activated a sequence of events is triggered affecting, at least, the electronic device where the security agent is located.
[0058] Fig. 4 is a server system 400 for coupling to multiple electronic devices to administer the one or more secure perimeters for multiple electronic devices in one or more hierarchies, according to one embodiment of the invention. In one embodiment, the server system 400 comprises a server 401 (hardware cornputing/connectable device) including the security manager 402. In one embodiment, the security manager 402 communicates with the security agents (e.g., security agent 304 of Fig. 3} of multiple electronic devices in different contexts. In one embodiment, the security manager 402 allows the configuration of a secure perimeter by defining contexts, hierarchies associated to contexts, and. the rules that trigger different types of events (e.g., fast synchronization among devices, firing of an alarm, device shutdown, etc.). In one embodiment, the security manager 402 is in charge of configuration of the security agent of each electronic device. In one embodiment, the security manager 402 resides in the cloud and may be administered from a top element in a hierarchy of a context. In one embodiment, the security manager 402 is implemented as hardware logic coupled to a processor of the serv er 401 or included in the processor of the server 401. In other embodiments, the security manager 402 is implemented as software modules executed by a processor in the server 401. [0059] In one embodiment, the server 401 couples to a database storage unit
403 to store data of the electronic devices of a hierarchy when an event is triggered. In one embodiment, the security manager 402 (also called security manager module) is operable to: register multiple electronic devices; define one or more contexts for the registered multiple electronic devices for providing a secure perimeter in the one or more contexts around, the multiple electronic devices; and. define a hierarchy for the multiple electronic devices according to the one or more contexts. In one embodiment, the security manager module 402 defines the hierarchy by registering one or more electronic devices among the multiple electronic devices as a top element in the hierarchy.
[0060] In one embodiment, the security manager module 402 is operable to register one or more electronic devices as the top element by performing at least one of: assigning one or more electronic devices, from among the multiple electronic device, as the top element; receiving an input from one or more electronic devices, among the multiple electronic devices, that elected the top element from among the multiple electronic devices; or executing, in view of the context, a leader election algorithm to identify the top element.
[0061 ] Fig. 5 is a secure system 500 to provide or to contribute towards a context-aware secure perimeter of multiple devices, according to one embodiment of the invention. The secure system 500 shows one or more electronic devices 108, 107, and 106 that are communicatively coupled to one another by means of a hierarchy link. The electronic devices 108, 107, and 106 are also communicatively coupled to the security manager 402 because the top element role can dynamically change and so all the electronic devices in a hierarchy may have the ability to communicate with the security manager 402,
[0062] In one embodiment, the electronic devices 108, 107, and 106 may have the ability to connect to the security manager 402, but to avoid communication overhead or due to device limitations (e.g. a photo camera), not all electronic devices 108, 107, and 106 in the hierarchy may choose to connect directly to the security manager 402 in the cloud.. In one embodiment, when a top element is defined there may be implementation solutions where the only device connecting to the security manager 402 is the top element while the rest of the electronic devices communicate with the top element though the hierarchy communication links.
[0063] Reference in the specification to "an embodiment," "one
embodiment," "some embodiments," or "other embodiments" means that a particular feature, structure, or characteristic described in connection with the embodiments is included in at least some embodiments, but not necessarily all embodiments. The various appearances of "an embodiment," "one embodiment," or "some
embodiments" are not necessarily all referring to the same embodiments. If the specification states a component, feature, structure, or characteristic "may," "might," or "could" be included, that particular component, feature, structure, or
characteristic is not required to be included. If the specification or claim refers to "a" or "an" element, that does not mean there is only one of the elements. If the specification or claims refer to "an additional" element, that does not preclude there being more than one of the additional element.
[0064] While the invention has been described in conjunction with specific embodiments thereof, many alternatives, modifications and variations of such embodiments will be apparent to those of ordinar skill in the art in light of the foregoing description. For example, specialized hardware may be coupled to the electronic devices to provide a more robust secure perimeter around a hierarchy of electronic devices in a context.
[0065] In one embodiment, proximity keys are incorporated, in the electronic devices so that the proximity keys need to be close in distance to electronic devices to enable them to work. In the event the electronic device is moved away from the proximity key by a predetermined threshold distance, an event is triggered. In one embodiment, high-speed synchronization storage systems are Wi-Fi enabled, and in case of an event, can synchronize with one or more electronic devices through high speed protocols.
[0066] In one embodiment, in a home context, the high-speed
synchronization storage systems can be hidden from plain view and if somebody moves a laptop, a device of the hierarchy, when the owner of the home is on vacation, the high-speed synchronization storage system may send a message to the owner that its laptop is being moved. In one embodiment, house alarm systems can be modified so that when an event is triggered, the user's home (home context) alarm is also triggered in addition to the high speed synchronization with the top element. In one embodiment, additional hardware/software features may be added to the electronic devices to enable them to trigger events even when the electronic devices are in sleep mode. The term "sleep mode" herein refers to a low power consumption mode when the electronic device is not completely off, but most of its high power consuming logics and processors are turned off or operating on a low power supply level to conserve energy-.
[0067] The embodiments of the invention are intended to embrace all such alternatives, modifications, and variations as to fell within the broad scope of the appended claims,
[0068] An abstract is provided that will allow the reader to ascertain the nature and gist of the technical disclosure. The abstract is submitted with the understanding that it will not be used to limit the scope or meaning of the claims. The following claims are hereby incorporated into the detailed description, with, each claim standing on its own as a separate embodiment.

Claims

CLAIMS We claim:
1. A method performed by an electronic device, the method comprising:
identifying a current context;
receiving a role, according to the current context, in a hierarchy of multiple electronic devices; and
operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherein the hierarchy includes a system of security checks based on context information.
2. The method of claim 1 further comprising:
identifying, as a top element of the hierarchy, one or more electronic devices from among the multiple electronic devices.
3. The method, of claim 2, wherein identifying the top element of the hierarchy comprises performing one ore more of:
receiving assignment as the top element;
electing, as the top element, one or more electronic devices from among the multiple electronic devices; or
executing, in view of the current context, a leader election algorithm to ide tify the top element.
4. The method of claim 2 further comprising:
sending an acknowledgment message to other electronic devices, among the multiple electronic devices in the hierarchy, to confirm that all the electronic devices among the multiple electronic devices are part of the hierarchy.
5. The method of claim 1, wherein the system of security cheeks comprises one or more context rales for each of electronic device among the multiple electronic devices.
6. The method of claim 5 further comprising:
periodically checking conformity with the one or more context rules; and
triggering an event when a context rule, from among the one or more context rales, is activated.
7. The method of claim 6, wherein the event comprises performing one or more of:
securely shutting down itself or at least one of the electronic devices in the hierarchy that causes triggering of the event;
synchronizing data with another machine;
shutting down all the multiple electronic devices in the hierarchy; locking- in itself or at least one of the electronic device in the hierarchy that causes triggering of the event; or
activating anti-theft protocol for itself or for at least one of the electronic device in the hierarchy.
8. The method, of claim 7, wherein the other machine is a cloud computing unit, and wherein synchronizing with the other machine comprises copying data to the cloud computing unit.
9. The method of claim 2, wherein all electronic devices, among the multiple electronic devices, are shut down when the top element triggers an event indicating that the top element is outside the secure perimeter.
10. The method, of claim 1 , wherein the context information comprises one or more of:
physical proximity between electronic devices in the hierarchy; logical location of the electronic devices in the hierarchy;
movement of an electronic device relative to other electronic devices in the hierarchy;
strength of wireless internet connectivity of an electronic device relative to other electronic devices in the hierarchy;
an event detected by soft or hard sensors of an electronic device in the hierarchy; or
a message received from another electronic device in the hierarchy, the message to indicate an event in the current context.
1 1. An electronic device comprising:
a logic unit to identify a current context; and
a security agent capable of performing a role of a top element in a hierarchy of multiple electronic devices in the current context identified by the logic,
wherein the hierarchy includes a system of securit}' checks based on context information to form a secure perimeter in the current context around the multiple electronic devices.
12. The electronic device of claim 11 , wherein the security agent comprises a context awareness engine for receiving context information from other electronic devices among the multiple electronic devices,
13. The electronic device of claim 12, wherein the context information
comprises one or more of:
physical proximity between electronic devices i the hierarchy; logical location;
movement relative to other electronic devices in the hierarchy; strength of wireless internet connectivity relative to other electronic devices in the hierarchy;
an event detected by soft or hard sensors; or a message received from another electronic device in the hierarchy, the message to indicate an event in the current context.
14. The electronic device of claim 12, wherein the context awareness engine includes an agent rule to cause an event to trigger when the agent rule is activated.
15. The electronic device of claim 14, wherein the event, triggered when the agent rule is activated, comprises one or more of:
secure shut down of itself or at least one of the electronic device from among the multiple electronic devices in the hierarchy that causes the triggering of the event;
synchronize data with another machine:
shut down all the multiple electronic devices in the hierarchy;
lock-in of itself or at least one of the electronic device from among the multiple electronic devices in the hierarchy that causes the triggering of the event; or
activate anti-theft protocol for itself or at least one of the electronic device from among the multiple electronic devices in the hierarchy.
A server comprising:
a security manager module to:
register multiple electronic devices:
define one or more contexts for the registered multiple electronic devices for providing a secure perimeter in the one or more contexts around the multiple electronic devices; and
define a hierarchy for the multiple electronic devices according to the one or more contexts,
wherein the security manager module is communicatively coupled to a security agent of an electronic device from among the multiple electronic devices in the hierarchy.
17. The server of claim 16, wherein the security manager module to:
define context rales for triggering an event by each of the electronic devices among the multiple electronic devices.
18. The server of claim 17, wherein the security manager module to define the hierarchy by;
registering one or more electronic devices among the multiple electronic devices as a top element in the hierarchy.
19. The server of claim 18, wherein the security manager module is
communicatively coupled to a security agent of the electronic device which is the top element of the hierarchy.
20. The server of claim 18, wherein the security manager module to:
receive data from the electronic device, which is the top element of the hierarchy, in response to triggering of an event.
21. The server of claim 18, wherein the security manager module to register one or more electronic devices as the top element by performing one or more of: assigning one or more electronic devices, from among the multiple electronic device, as the top element;
receiving an input from one or more electronic devices, among the multiple electronic devices, that elected the top element from among the multiple electronic devices; or
executing, in view of the context, a leader election algorithm to identify the top element.
22. The server of claim 18, wherein the security agent in each of the electronic devices having logic to perform a function of the top element.
23. The server of claim 16, wherein the security agent includes a context awareness engine for receiving context information from other electronic devices among the multiple electronic devices.
24. The server of claim 23, wherein the context information comprises one or more of:
physical proximity between electronic devices in the hierarchy; logical location of the electronic devices in the hierarchy; movement of an electronic device relative to other electronic devices in the hierarchy;
strength of wireless internet connectivity of an electronic device relative to other electronic devices in the hierarchy;
an event detected by soft or hard sensors of an electronic device in the hierarchy; or
a message received from another electronic device in the hierarchy, the message to indicate an event in the current context.
25. The server of claim 16, wherein the security agent includes an agent rule to cause an event to trigger when the agent rule is activated.
26. The server of claim 24, wherein the security manager to perform, in response to the event triggered when the agent rale is activated, one or more of:
securely shutting down at least one of the electronic device in the hierarchy that causes the triggering of the event;
synchronizing data with anot er machine;
shutting down all the multiple electronic devices in the hierarchy; locking- in at least one of the electronic device in the hierarchy that causes the triggering of the event; or
activating anti-theft protocol for at least one of the electronic device in the hierarchy.
27. The server of claim 16, wherein the security manager module to:
2.3 receive data for registering and administering configuration of the multiple electronic devices,
28. At least one machine-readable storage medium having computer executable instructions stored thereon that, when executed, cause a processor to perform a method comprising:
identifying a current context;
receiving a role, according to the current context, in a hierarchy of multiple electronic devices; and
operating in accordance with the role in the hierarchy within a secure perimeter in the current context around the multiple electronic devices, wherem the hierarchy includes a system of security checks based on context information.
29. The machine-readable storage medium of claim 28, having farther computer executable instructions that, when executed, cause the processor to perform a further method comprising:
identifying, as a top element of the hierarchy, one or more electronic devices from among the multiple electronic devices.
30. The machine-readable storage medium of claim 29, wherein identifying the top element of the hierarchy comprises performing one or more of:
receiving assignment as the top element;
electing, as the top element, one or more electronic devices from among the multiple electronic devices; or
executing, in view of the current context, a leader election algorithm to identify the top element.
2.4
PCT/US2011/060119 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter WO2013070222A1 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
CN201180074784.7A CN103917983B (en) 2011-11-10 2011-11-10 For protecting the device of the electronic equipment in virtual boundary, system and method
JP2014541017A JP6061943B2 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices within a virtual boundary
EP11875454.8A EP2776963B1 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter
PCT/US2011/060119 WO2013070222A1 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter
US13/992,356 US9069993B2 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter
US14/731,831 US9489545B2 (en) 2011-11-10 2015-06-05 Apparatus, system, and method for protecting electronic devices in a virtual perimeter

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2011/060119 WO2013070222A1 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US13/992,356 A-371-Of-International US9069993B2 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter
US14/731,831 Continuation US9489545B2 (en) 2011-11-10 2015-06-05 Apparatus, system, and method for protecting electronic devices in a virtual perimeter

Publications (1)

Publication Number Publication Date
WO2013070222A1 true WO2013070222A1 (en) 2013-05-16

Family

ID=48290417

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2011/060119 WO2013070222A1 (en) 2011-11-10 2011-11-10 Apparatus, system, and method for protecting electronic devices in a virtual perimeter

Country Status (5)

Country Link
US (2) US9069993B2 (en)
EP (1) EP2776963B1 (en)
JP (1) JP6061943B2 (en)
CN (1) CN103917983B (en)
WO (1) WO2013070222A1 (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10271293B2 (en) * 2011-11-18 2019-04-23 Apple Inc. Group formation within a synchronized hierarchy of peer-to-peer devices
US9516615B2 (en) 2011-11-18 2016-12-06 Apple Inc. Selection of synchronization stations in a peer-to-peer network environment
US9246935B2 (en) 2013-10-14 2016-01-26 Intuit Inc. Method and system for dynamic and comprehensive vulnerability management
US9501345B1 (en) 2013-12-23 2016-11-22 Intuit Inc. Method and system for creating enriched log data
US9323926B2 (en) 2013-12-30 2016-04-26 Intuit Inc. Method and system for intrusion and extrusion detection
US20150304343A1 (en) 2014-04-18 2015-10-22 Intuit Inc. Method and system for providing self-monitoring, self-reporting, and self-repairing virtual assets in a cloud computing environment
US9325726B2 (en) 2014-02-03 2016-04-26 Intuit Inc. Method and system for virtual asset assisted extrusion and intrusion detection in a cloud computing environment
US10757133B2 (en) 2014-02-21 2020-08-25 Intuit Inc. Method and system for creating and deploying virtual assets
US9866581B2 (en) 2014-06-30 2018-01-09 Intuit Inc. Method and system for secure delivery of information to computing environments
US9276945B2 (en) 2014-04-07 2016-03-01 Intuit Inc. Method and system for providing security aware applications
US9245117B2 (en) 2014-03-31 2016-01-26 Intuit Inc. Method and system for comparing different versions of a cloud based application in a production environment using segregated backend systems
US11294700B2 (en) 2014-04-18 2022-04-05 Intuit Inc. Method and system for enabling self-monitoring virtual assets to correlate external events with characteristic patterns associated with the virtual assets
US9374389B2 (en) 2014-04-25 2016-06-21 Intuit Inc. Method and system for ensuring an application conforms with security and regulatory controls prior to deployment
US9900322B2 (en) 2014-04-30 2018-02-20 Intuit Inc. Method and system for providing permissions management
US9330263B2 (en) 2014-05-27 2016-05-03 Intuit Inc. Method and apparatus for automating the building of threat models for the public cloud
US9473481B2 (en) 2014-07-31 2016-10-18 Intuit Inc. Method and system for providing a virtual asset perimeter
US10102082B2 (en) 2014-07-31 2018-10-16 Intuit Inc. Method and system for providing automated self-healing virtual assets
US9854445B1 (en) * 2017-01-24 2017-12-26 International Business Machines Corporation Domain-aware device protection via cross-validation among spatially-adjacent devices
US10421437B1 (en) 2018-12-19 2019-09-24 Motorola Solutions, Inc. System and method for dynamic perimeter threat detection for a movable vehicle
US10497232B1 (en) 2019-03-01 2019-12-03 Motorola Solutions, Inc. System and method for dynamic vehicular threat detection perimeter modification for an exited vehicular occupant

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020122055A1 (en) * 2000-12-22 2002-09-05 Gopal Parupudi Environment-interactive context-aware devices and methods
WO2007081533A2 (en) 2006-01-05 2007-07-19 Microsoft Corporation Ad-hoc creation of group based on contextual information
US20080094230A1 (en) * 2006-10-23 2008-04-24 Motorola, Inc. Using location capabilities of a mobile device to permit users to avoid potentially harmful interactions
JP2008243178A (en) * 2006-10-17 2008-10-09 Intel Corp Method, device and system for enabling secure location-aware platform
US20100037312A1 (en) 2008-08-08 2010-02-11 Anahit Tarkhanyan Secure computing environment to address theft and unauthorized access
US20110246612A1 (en) * 2010-03-31 2011-10-06 Bank Of America Corporation Integration of Different Mobile Device Types with a Business Infrastructure

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7013149B2 (en) * 2002-04-11 2006-03-14 Mitsubishi Electric Research Laboratories, Inc. Environment aware services for mobile devices
US7685606B2 (en) * 2002-06-27 2010-03-23 Ting-Mao Chang Power saving mobility aware system and method
JP2007019748A (en) 2005-07-06 2007-01-25 Matsushita Electric Ind Co Ltd Mobile terminal, and authentication control method and authentication control program
JP2008085786A (en) * 2006-09-28 2008-04-10 Olympus Corp Mobile apparatus system and mobile apparatus
JP2008250930A (en) * 2007-03-30 2008-10-16 Ntt Docomo Inc Data access control system, user information management device, data access determining device, mobile unit, and data access control method
US20090249443A1 (en) * 2008-04-01 2009-10-01 William Fitzgerald Method for monitoring the unauthorized use of a device
US20100229220A1 (en) * 2009-03-03 2010-09-09 Grasstell Networks Llc System and method for theft and data recovery from lost portable devices
KR101679428B1 (en) * 2009-10-16 2016-11-25 삼성전자주식회사 Apparatus and method of establishing personal network for providing cpns service

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020122055A1 (en) * 2000-12-22 2002-09-05 Gopal Parupudi Environment-interactive context-aware devices and methods
WO2007081533A2 (en) 2006-01-05 2007-07-19 Microsoft Corporation Ad-hoc creation of group based on contextual information
JP2008243178A (en) * 2006-10-17 2008-10-09 Intel Corp Method, device and system for enabling secure location-aware platform
US20080094230A1 (en) * 2006-10-23 2008-04-24 Motorola, Inc. Using location capabilities of a mobile device to permit users to avoid potentially harmful interactions
US20100037312A1 (en) 2008-08-08 2010-02-11 Anahit Tarkhanyan Secure computing environment to address theft and unauthorized access
US20110246612A1 (en) * 2010-03-31 2011-10-06 Bank Of America Corporation Integration of Different Mobile Device Types with a Business Infrastructure

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JINSHAN LIU ET AL.: "Group management for mobile Ad Hoc networks", PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON MOBILE DATA MANAGEMENT , MEM '05

Also Published As

Publication number Publication date
US9489545B2 (en) 2016-11-08
JP6061943B2 (en) 2017-01-18
CN103917983A (en) 2014-07-09
US9069993B2 (en) 2015-06-30
EP2776963A1 (en) 2014-09-17
CN103917983B (en) 2016-11-16
EP2776963B1 (en) 2018-02-14
EP2776963A4 (en) 2015-09-09
US20130276152A1 (en) 2013-10-17
US20160019403A1 (en) 2016-01-21
JP2014534784A (en) 2014-12-18

Similar Documents

Publication Publication Date Title
US9489545B2 (en) Apparatus, system, and method for protecting electronic devices in a virtual perimeter
JP6510610B2 (en) System and method for remotely initiating lost mode on a computing device
JP6338775B2 (en) Distributing biometric authentication among devices in ad hoc networks
US10129381B2 (en) Disablement of lost or stolen device
JP5955956B2 (en) Method and apparatus for detecting and handling lost electronic devices
US20140273921A1 (en) Tracking device status with respect to other devices and zones of a virtual geo-fence
US20140351934A1 (en) Method and apparatus for detecting malware and recording medium thereof
CN104956715A (en) Adaptive observation of behavioral features on a mobile device
CN105637833A (en) Pre-Identifying Probable Malicious Behavior Based on Configuration Pathways
CN103370717A (en) Always-available embedded theft reaction subsystem
US9854445B1 (en) Domain-aware device protection via cross-validation among spatially-adjacent devices
WO2015047258A1 (en) Method, apparatus and system for providing transaction indemnification
US10548015B2 (en) Mobile device security lock
CN111404993B (en) Digital key sharing method, device and equipment
TW201028883A (en) Secure platform management device
US9088982B2 (en) Beacon frame data transmission rate adjustment
WO2017177789A1 (en) Anti-theft method and device for mobile terminal
WO2017209885A1 (en) Communications security systems and methods
US10002522B2 (en) Information processing apparatus and transmission control method
CN107707872A (en) A kind of monitoring method and relevant device based on image processing techniques
WO2017111962A1 (en) System and method for securing electronic device during low power and following hardware change
WO2023024888A1 (en) Data processing method and apparatus, and device and storage medium
CN112219230B (en) Secure device operation using transferred code modules
JP2015141548A (en) Portable information terminal and portable information terminal system
JP2015046982A (en) Management system of apparatus equipped with secondary battery and apparatus equipped with secondary battery

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 13992356

Country of ref document: US

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11875454

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2014541017

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2011875454

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE