WO2014005004A1 - Système de sécurité conscient d'une proximité pour une électronique portable avec une authentification d'utilisateur à multiples facteurs et une vérification d'identité de dispositif sécurisé - Google Patents

Système de sécurité conscient d'une proximité pour une électronique portable avec une authentification d'utilisateur à multiples facteurs et une vérification d'identité de dispositif sécurisé Download PDF

Info

Publication number
WO2014005004A1
WO2014005004A1 PCT/US2013/048542 US2013048542W WO2014005004A1 WO 2014005004 A1 WO2014005004 A1 WO 2014005004A1 US 2013048542 W US2013048542 W US 2013048542W WO 2014005004 A1 WO2014005004 A1 WO 2014005004A1
Authority
WO
WIPO (PCT)
Prior art keywords
pcd
token
tracking device
user
display
Prior art date
Application number
PCT/US2013/048542
Other languages
English (en)
Inventor
Andrew Keith RICHARDS
Original Assignee
Techlok, Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Techlok, Llc filed Critical Techlok, Llc
Publication of WO2014005004A1 publication Critical patent/WO2014005004A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent

Definitions

  • the invention relates to security and anti-theft systems, and more particularly, to systems for preventing loss and/or theft of portable electronic devices.
  • the invention also relates to anti-theft and user authentication systems, and more particularly, to multi-factor user authentication systems and to systems for preventing loss and/or theft of portable electronic devices.
  • One approach is to attach a small, self-powered, wireless-enabled security device such as a Bluetooth-enabled dongle to the PCD, so that the dongle can periodically transmit signals to a separate monitoring device even when the PCD is off or in standby mode.
  • a small, battery-powered dongle equipped with Bluetooth can be connected to a USB port on a laptop and paired with a user's cell phone. When the laptop is on or charging, the dongle battery is recharged. When the laptop is off or in standby mode, the dongle continues to operate using its battery and periodically sends a signal to the cell phone using Bluetooth. If the cell phone and dongle are separated beyond a certain range, then an application on the cell phone alerts the user, and hopefully the user is able to retrieve the laptop before it is picked up by someone else.
  • a weak Bluetooth or other wireless signal can be tracked and triangulated to help find the missing laptop.
  • the laptop can further be programmed to be disabled if the dongle is removed, or the cell phone or other tracking device is out of range.
  • the dongle can be location-aware, for example by including GPS capability, and can be programmed to issue alerts only when it is not in a "safe" location such as the user's home or office , or to vary the rate of transmission between itself and the monitoring device depending on the location.
  • the dongle can be attached to the charging port of the device, which typically includes power and a communications interface.
  • a thief can access the BIOS of a laptop during boot-up, and instruct the BIOS to boot the system to a separate operating system on a CD or DVD. Or the thief can simply remove the hard drive and access it as a secondary drive from some other device, without using the installed operating system.
  • a dongle attached to the charging port can extend significantly beyond the outlines of the device, and can thereby be subject to catching on surrounding items such as the user's clothes, as well as being broken off or knocked off. Such a dongle would also interfere with using the charging port for charging the PCD, and/or for any other functions typically performed by the charging port.
  • passwords can often be guessed, electronically hacked (for example by brute-force attack), key-logged by malware, snooped over an unsecure wireless connection, fraudulently obtained by "phishing” or a similar method, compromised by a "man-in-the-middle attack,” or obtained by "social engineering.”
  • Careless users often make it even easier to obtain their password, by writing it down in an unsecure location, using an easily guessed word or name, using the same password on many systems, and/or failing to periodically change the password.
  • a password is fraudulently obtained, it can be freely used by the unauthorized person, often without the awareness of the legitimate user, depending on the actions carried out by the unauthorized person.
  • KAF knowledge-based authentication factors
  • PAF physical authentication factors
  • BAF biometric authentication factors
  • Typical examples of a KAF would be a password, a mother's maiden name, a pet's name, the name of a favorite grammar school teacher, and so forth.
  • Typical examples of a PAF would be an ATM card, a smart card, a security token, or a metal key to open the door to your home.
  • Multi-factor authentication can be made more secure by requiring a plurality of authentication factors belonging to more than one factor category.
  • One example is a specific computer that contains a private key belonging to a legitimate user whose digital signature has been recorded on a secure server. If the legitimate user logs onto the network and seeks to access data over the internet using the "known" computer, then three authentication factors from two-factor categories may be required, namely possession of a computer containing the private key (PAF), a password (KAF) to gain access to the known computer, and a password (KAF) to gain access to the remote server hosting the data.
  • PAF private key
  • KAF password
  • KAF password
  • Another approach is to provide the user's cell phone, pager, or similar telephone number to the system that is hosting the sensitive data.
  • KAF correct password
  • the host system then sends a second, temporary password to the user using an out-of-band channel such as via a text message to his cell phone, pager, or to a similar device (PAF) that the user maintains possession of.
  • Access to the sensitive data is granted only when the second, temporary password is entered.
  • FIG. 1A presents an example 101 of a time-synchronized hardware security token that is available from RSA.
  • the token is approximately the size of a keychain fob, and indeed can be used as such.
  • the RSA device 101 displays a simple numeric password 103 on a built-in display that is updated on a periodic basis, such as every minute. Similar devices include input keypads and require that a user input a PIN number or similar knowledge-based password before the time synchronized password is displayed.
  • the system should also assist in attempts to locate the missing PCD, and should enable protection of sensitive data on the PCD even if the PCD is off or in standby mode.
  • What is also needed is a user authentication system that provides increased security against hackers while minimizing the burden placed on legitimate users.
  • This invention relates to certain systems and methods for protecting, monitoring, authenticating, and tracking PCDs.
  • the PCD's may be secured by means of wireless communication between the PCD and a monitoring device.
  • the communication may be directly between the PCD and the monitoring device, or a separate device, such as a dongle, may be employed by the PCD to establish communications with the monitoring device.
  • One general aspect of the present invention is a system for alerting a user if the user becomes separated from a portable computing device (PCD) such as a laptop or computing tablet, even when the PCD is off or in standby mode.
  • PCD portable computing device
  • Embodiments include a battery-powered tracking device or a monitored computing device (MCD) attached to the PCD and in wireless communication with a "smart" cell phone or other monitoring device carried by the user.
  • the PCD periodically wakens from sleep to attempt to communicate wirelessly with the monitoring device.
  • An MCD differs from a PCD, in that a MCD is a module that is capable of being interacted with, but can only monitor, protect, track or authenticate other devices in a limited capacity unless connected to a PCD.
  • the monitoring device is able to issue an alarm to the user when the tracking device is separated from the monitoring device by more than a specified distance.
  • the wireless communication is limited in range, and the monitoring system issues the alarm when the wireless signal strength falls below a specified level and/or when the wireless communication link is lost.
  • the battery of the tracking device is recharged when the PCD is in operation or charging, and if the rechargeable battery of the tracking device becomes low or nearly depleted, the tracking device issues a low- battery message to the monitoring device and/or activates a visible indication on the tracking device.
  • the tracking device can operate for at least one day without recharging before its battery is depleted.
  • the present invention uses digital signatures to provide secure identity recognition between all members of a linked group of PCD's and MCD's.
  • public key cryptography such as RSA and digital signatures are used. Attempts to re-pair the tracking device with a substitute monitoring device are thereby frustrated, because a substitute monitoring device will fail the digital signature process and will not be recognized by the tracking device.
  • the PCD will refuse to recognize a substitute tracking device, and vice-versa.
  • the monitoring device will also reject any attempt to replace both the PCD and the tracking device with substitutes, because even if the tracking device recognizes the PCD, the monitoring device will not recognize the substitute tracking device.
  • Embodiments of the tracking device include a non-volatile memory that stores the tracking device software, the public and private cryptography keys for the tracking device, the public keys from those devices it establishes secure connections with, symmetric keys for continued communication with devices once a secure connection is established each session, the digital signature of each device with which it is paired, and the digital signature of each administrator who is authorized to add or delete device pairings, upgrade the software, and/or perform other administrative tasks.
  • a software application is included on the PCD that disables the PCD if an alert condition occurs, for example if the tracking device is removed, if a disabling command is received from the monitoring device, and/or if the wireless connection to the monitoring device is lost.
  • the PCD is automatically re-enabled if the alert condition ends, for example if the tracking device is once again within range of the monitoring device.
  • an explicit password or other command must be issued either directly to the PCD or by the monitoring device before the PCD is re- enabled.
  • the user can use the monitoring device to issue a disabling command to the PCD.
  • the disabling command can be issued by simply pressing a button on the monitoring device.
  • the tracking device is externally attached to the PCD, and in some of these embodiments the tracking device is a dongle.
  • the dongle is installed in a USB port of the PCD.
  • the dongle is installed in a HDMI port, a "Thunderbolt" port, or in another externally accessible port of the PCD.
  • the tracking device is internally installed within the PCD, either permanently, on the motherboard, a connected module, or elsewhere, or in an externally accessible internal location such as an expansion card bay, memory slot, SSD, or battery area.
  • the tracking device is attached to the PCD by an attachment mechanism that requires a tool for detachment, thereby inhibiting removal of the tracking device by an unauthorized person unless the unauthorized person is in possession of the required tool.
  • the tracking device is installed in a charging port of the PCD.
  • the dongle replicates the charging port, so that the functions of the charging port remain accessible while the dongle is attached.
  • Various embodiments further include a case configured to contain the PCD with the tracking device attached, to obscure recognition of the tracking device, and to protect the tracking device from being damaged, broken, dislodged, or removed.
  • the case is durable and rigid, and difficult or time-consuming to remove, thereby inhibiting rapid removal of the tracking device, for example during the initial stages of a theft when the tracking device is attempting to contact the user and/or to protect data stored on the PCD.
  • the case can be locked with a key or combination lock, preventing removal of the tracking device until the security case is unlocked and detached.
  • certain embodiments include a universal security slot that allows the security case to be physically secured to an anchoring point by a computer lock.
  • the tracking device is able to take action if an alert condition occurs due to loss of contact with the monitoring device, due to an alert command received from the monitoring device, due to removal of the tracking device from the PCD, or due to any other reason.
  • the tracking device boosts the strength of its wireless communication in an attempt to re-acquire communication with the monitoring device.
  • the tracking device includes a second form of wireless communication such as WIFI or cellular capability, and attempts to use one of these to contact the user.
  • the tracking device will instruct the PCD to disable its display and any other visible functions, so that it will operate in "stealth mode" whereby it appears to remain off or in sleep mode. The tracking device will then wake up the PCD so that the PCD can take emergency steps as programmed. In certain embodiments, the tracking device is able to provide emergency battery power to the PCD if the battery of the PCD is fully discharged or is removed.
  • the PCD will attempt to communicate with the user, such as by seeking access to any available wireless internet (WIFI) nodes, and/or by using 3G or 4G cellular communication.
  • WIFI wireless internet
  • the PCD is location aware, for example by including GPS capability, and will attempt to communicate its location to the user.
  • the PCD software application will activate a built-in camera, so as to record images of the surroundings and possibly of the person currently in possession of the PCD. If communication is re-established with the user, the software application will then transmit these time-stamped images to the user to assist the user in retrieving the PCD. If wireless networks are available, the PCD can simultaneously upload these time-stamped images along with location information obtained by GEO-IP, GPS, inertial navigation, or similar methods to a secure server to assist recovery. If available, this location information will be transmitted to the monitoring device as well.
  • the PCD software application takes steps to secure data stored on the PCD, such as by backing the data up to a server, encrypting the data, and/or securely deleting the data.
  • One of these alerts occurs if the PCD was turned off or was asleep when the tracking device was removed, such as if the tracking device was removed before it could 'wake up' the PCD. If a tracking device is plugged into the PCD when it turns off or falls asleep, but it is not still plugged into the PCD when the PCD turns on or wakes up, it will cause an alert.
  • the software application then causes an audible alarm to be issued either by the PCD or by the tracking device itself.
  • either the monitoring device or the tracking device is location aware, for example due to inclusion of GPS capability.
  • the user is able to specify two or more categories of location, and the actions of the tracking device and of the PCD application software are adjusted accordingly. If the monitoring device is location aware, it can transmit commands to the tracking device to select which mode is activated.
  • the location categories range from "safe,” for example at the user's home, to "high risk,” for example in an airport. In certain embodiments, one or more intermediate categories are included, for example when the tracking device is at the user's office.
  • the tracking device increases or decreases how frequently the proximity of the tracking device to the monitoring device is verified, possibly suppressing the proximity checking altogether when the tracking device is at a "safe" location.
  • a "safe" location can be defined in which proximity checking is disabled, but alarms triggered by movement of the PCD remain active. This allows a PCD to be left for example at an office under the assumption that the owner will not be present, while still protecting the PCD from unauthorized movement or removal.
  • embodiments of the present invention further provide remote access and/or operation of the PCD by means of the monitoring device and tracking device.
  • the tracking device is able to awaken the PCD from a sleep mode, standby, or off status, and is further able to share an internet connection, and transfer files and/or statistical data between the PCD and the monitoring device. Similar embodiments are able to provide remote operation of the PCD by means of the monitoring device and the tracking device.
  • the communication between the tracking device and the monitoring device is securely encrypted using public key cryptography such as RSA.
  • the tracking device includes WIFI and/or cellular capability
  • the tracking device is able to function during normal operating conditions as a communications gateway or mobile internet "hotspot,” providing internet access from the monitoring device to the PCD, from the PCD to the monitoring device, and/or from the tracking device itself to the PCD and/or the monitoring device.
  • the tracking device and/or the tracking device are configured to:
  • monitoring device logs information regarding the remote access and/or operation of the PCD, either locally or to a server. This can be helpful if the user or the user's employer wishes to monitor and/or maintain a record of the user's activities.
  • the tracking device further includes RFID capability, whereby its location can be momentarily sensed if it passes near a compatible RFID sensing device, as are commonly found near doorways and in other locations in many hospitals, businesses, and warehouses.
  • a WIFI mesh network spread over a location such as a building or town could be used to triangulate location of the tracking device and provide a secure medium for communication between the tracking device and the server.
  • Another general aspect of the present invention is a user authentication system that provides increased security against hackers while minimizing the burden placed on legitimate users includes two physically distinct hardware security tokens that are paired with each other and work together to provide a synchronous dynamic password, either to the user or directly to a local device.
  • the two security tokens are referred to herein as the "generating" token and the "display" token.
  • the generating token uses a dynamic password generating method known in the art for generating single-use dynamic passwords, time synchronized dynamic passwords, and/or other types of dynamic passwords. Unlike security tokens of the prior art, however, the generating token of the present invention does not provide the generated dynamic password directly to the user or to the device where the sensitive data is stored. Instead, the generating token communicates the dynamic password to the display token, which then either displays it to the user or directly communicates it to a local device such as a computer being used by the user.
  • the two security tokens use digital signatures to provide secure mutual identity recognition, thereby preventing foreign devices from being substituted. Possession of both of the specifically paired security tokens is necessary before the dynamic password can be generated and used.
  • the security tokens
  • the generating token and/or the display token includes a non-volatile memory that stores the necessary software, public and private cryptographic keys for the device itself, public keys from the paired security token, digital signatures of the paired security token, and the digital signature and public key of each administrator who is authorized to add or delete device pairings, upgrade the software, and/or perform other administrative tasks.
  • one of the security tokens is a portable computing device (PCD) such as a "smart" cellular telephone, that includes software for generating and recognizing digital signatures.
  • PCD portable computing device
  • one of the security tokens is a local computer, which in various embodiments is used to access data over a network or the internet.
  • one of the security tokens is a locking device that is also used to physically anchor a local computing device to a desk or other structure, thereby enhancing physical security as well as user authentication.
  • At least one of the security tokens is location- aware, using either cellular data, GPS, Geo-IP, or some other location-determining technology.
  • the security token consults a locally stored table of authorized geographic locations and/or communicates securely with a server using digital signatures and public key cryptography to verify that the security tokens are authorized for their current geographic location. If not, the generating token does not generate the security pass code and/or the display token does not show the security passcode. This prevents security credentials from being used in areas where the assigned user is not authorized. Similarly, if the user's login name, password, and security passcode are intercepted by hackers who are not in an authorized location, the hackers are prevented from using the intercepted information to gain unauthorized access.
  • at least one of the security tokens scans an embedded NFC chip on the user's nametag or on a wall or other structure located in the user's workspace for verification before displaying the security passcode to the user.
  • At least one of the security tokens requires biometric verification before the security passcode is generated and/or displayed.
  • the biometric verification can include voice analysis of a recording of the user speaking into a microphone included in one of the security tokens, fingerprint analysis of a picture of one of the user's fingers or thumbs taken by a camera included in one of the security tokens, gait analysis of the user's walking pattern, or facial recognition of an image of the user's face taken by a camera included in one of the security tokens and operating in either picture or video mode.
  • any paired combination of a generating token and a display token that authenticate each other's identities using digital signatures and communicate with each other using public key cryptography fall within the scope of the present invention, so long as the data to be accessed is not resident on either of the security tokens.
  • a laptop computer can be used as one of the security tokens if the laptop computer is to be used to access sensitive data remotely stored on a server, but not if the data is locally stored on the laptop computer itself.
  • accessible data is ranked according to a degree of sensitivity, and access to data with a specified degree of sensitivity requires using certain combinations of BAF, KAF, and security tokens. For example, access to certain highly sensitive data may be restricted when using a publically accessible computer, even when using two security tokens of the present invention.
  • the generating security token generates a plurality of synchronous dynamic passwords, all of which must be used to obtain access to certain data. For example, in some embodiments a first dynamic password is used to log onto a user's personal or company-assigned local computer, and a second dynamic password is then used to log onto a server computer over a network or over the internet using the local computer.
  • the two security tokens communicate at very low power during initial pairing, so that they must be physically close to each other, thereby avoiding "man in the middle" attacks. In some of these embodiments the tokens must be within five feet of each other. In various embodiments the digital signature algorithm must use at least 5000 bits for the key. In some embodiments, the two security tokens communicate with each other wirelessly, and in some of these embodiments the communication is via Bluetooth. In certain embodiments, the two security tokens must be within 10 feet of each other during normal use so as to communicate with each other, and in some embodiments they must be within five feet of each other. In various embodiments the communication occurs via Near Field Communication (“NFC”), and the security tokens must be within one foot of each other.
  • NFC Near Field Communication
  • At least one of the security tokens includes a mechanical trigger by which it is activated, after which it remains active for only a short time, such as one minute, thereby extending its battery life.
  • At least one of the security tokens maintains a log of status and/or usage information such as battery status, frequency of usage, and failed attempts at pairing, and reports the information to a user or to an
  • At least one of the security tokens reports logged information to the user, to an administrator, or to both using WIFI or cellular communication either directly or via a secure server.
  • employee access to company-owned devices such as laptops and smart phones using the present invention can be terminated remotely by an employer.
  • One general aspect of the present invention is a system for alerting a user if a portable computing device (PCD) becomes separated from a monitoring device carried by the user.
  • the system includes a tracking device attached to the PCD; a rechargeable battery included in the tracking device; a limited range wireless communication module included in the tracking device and configured to communicate with the monitoring device using a wireless communication signal; a processor and non-volatile memory included in the tracking device; tracking device software operable on the tracking device, the software including secure device identification based on digital signatures and secure communication using public key cryptography; PCD software operable on the PCD and configured to establish secure identity recognition with the tracking device using digital signatures and secure communication with the tracking device using public key cryptography; monitoring device software operable on the monitoring device and configured to receive the wireless signal from the tracking device and to establish a communication link with the tracking device, the monitoring device software being further configured to establish secure identity recognition with the tracking device using digital signatures and secure communication with the tracking device using public key cryptography, the monitoring device software being further configured to alert the user
  • the tracking device is externally attached to the PCD.
  • the tracking device is a dongle.
  • the tracking device is attached to an externally accessible port of the PCD.
  • the externally accessible port is a USB port, a HDMI port, or a Thunderbolt port.
  • the tracking device is attached to a charging port of the PCD. And in some of these embodiments the tracking device replicates the charging port of the PCD. [0063] In some embodiments where the tracking device is externally attached to the PCD, a tool is required to remove the tracking device from the PCD.
  • the tracking device is installed in an internal accessory bay of the PCD. In other embodiments the tracking device is installed permanently in the PCD.
  • the PCD itself functions as the tracking device.
  • the battery in the tracking device is rechargeable, and is recharged when the PCD is in at least one of an operational mode and a charging mode.
  • the tracking device at least one of notifies the monitoring device and activates a perceptible indication if the remaining charge in the tracking device battery is below a specified threshold.
  • the wireless communication module in the tracking device is a Bluetooth module
  • the wireless communication signal is a
  • the secure communication between the tracking device, the PCD, and the monitoring device is based on RSA public key cryptography and digital signatures.
  • the group of alert conditions includes loss of the communication link between the tracking device and the monitoring device.
  • the PCD software is configured to disable the PCD if an alert condition occurs. And in some of these embodiments the PCD is automatically re-enabled if the alert condition ends.
  • Other embodiments further include a case configured to contain the PCD and the tracking device, the case being configured to obscure the presence of the tracking device, the case including a lock configured to inhibit its unauthorized removal. And some of these embodiments further include a universal security slot that enables the case to be physically secured to an anchoring point by a computer lock. In other of these embodiments, a tool, combination, or key is required to remove the PCD from the case.
  • the tracking device further includes an RFID module.
  • At least one of the PCD and the tracking device includes an accelerometer. And in some of these embodiments the group of alert conditions includes conditions arising from at least one of a degree of
  • the tracking device software and the PCD software are configured to perform at least one of the following steps if an alert condition occurs: boost the power of the wireless communication module in the tracking device; disable visible indications of operation of the PCD, causing the PCD to appear to be inactive; Provide additional power from the tracking device to the PCD if required to activate and operate the PCD; activate the PCD; attempt to connect to an available WIFI or cellular network; if communication is established with an available WIFI or cellular network, attempt to backup critical data to a remote server; if communication is established with an available WIFI or cellular network, send information to the user regarding a current location of the PCD; if communication is established with an available WIFI or cellular network, activate a camera included in the PCD and transmit images obtained thereby to the user or to a server; encrypt or delete sensitive data stored on the PCD; and activate an alarm that is perceptible to persons located near the PCD.
  • the software operable on the PCD, the tracking device, and the monitoring device is configured to enable transfer of files between the monitoring device and the PCD via the tracking device whether or not an alert condition has occurred.
  • the software operable on the PCD the tracking device and the monitoring device is configured to enable remote operation of the PCD whether or not an alert condition has occurred.
  • the software operable on the PCD, the tracking device, and the monitoring device is configured to enable activation of the PCD if the PCD is off or in a standby or sleep mode, whether or not an alert condition has occurred.
  • the software operable on the tracking device and the PCD is configured to enable the tracking device to serve as a wireless communication gateway for the PCD and the monitoring device, whether or not an alert condition has occurred.
  • the monitoring device is able to issue a disabling command to the PCD even if an alert condition has not occurred.
  • the monitoring device includes a manual control that, when activated by the user, causes the monitoring device to issue the disabling command to the PCD.
  • At least one of the generating token and the display token logs information pertaining to at least one of its status and its usage, and reports the information to at least one of the user and an administrator.
  • the logged information includes information pertaining to failed pairing attempts.
  • the logged information includes information pertaining to patterns of physical attachment of the generating token to a computing device.
  • Another general aspect of the present invention is a secure, multi-factor user authentication system for granting access to sensitive data stored on a data storage device.
  • the system includes a generating security token configured to generate a synchronous dynamic password that must be presented to the data storage device before access to the sensitive data is granted; a displaying security token that is able to pair with the generating token, receive the synchronous dynamic password from the generating token, and present the synchronous dynamic password to at least one of the user and the data storage device; a communication module included in the generating token and configured to communicate with the display token; and software operating on the generating token and the display token to establish secure mutual device identification between the generating token and the display token based on digital signatures and secure communication therebetween using public key cryptography, wherein neither the generating token nor the display token is the data storage device.
  • the synchronous dynamic password is a single use password.
  • the synchronous dynamic password is a time- sensitive password.
  • the generating token is physically and securely attachable to a computing device, cooperative with a security tether and an anchoring base, and thereby configured for preventing the computing device from being physically removed from the anchoring base.
  • the generating token is a portable computing device.
  • the generating token is a smart cellular telephone.
  • the display token is a personal computer in network communication with the data storage device. And in other embodiments, the display token is a portable computing device.
  • the display token is a smart cellular telephone.
  • the communication module is a Bluetooth module.
  • the communication module is a NFC module. In other words,
  • the secure communication is based on RSA public key
  • the data storage device is a computer that is directly accessible to the user. In certain embodiments, the data storage device is accessible over a network. In some embodiments, the data storage device is accessible over the internet. In other embodiments, at least one of the generating token, the display token, and the data storage device requires entry of a user- remembered password before it can be used to access the sensitive data.
  • the generating token and the display token are
  • a first of the valid synchronous dynamic passwords is required for access to a locally available computing device, and a second of the valid synchronous dynamic passwords is required for access to the data storage device that is in remote communication with the locally available computing device.
  • the communication module provides wireless communication with the display token, and during a setup process a power level of the wireless communication is configured to require that the generating token and the display token be separated by no more than five feet.
  • Other embodiments further include an administrator computer configured for managing device pairing and other administrative functions applicable to the generating token and the display token, the administrator computer including software operable for establishing secure mutual device identification based on digital signatures and secure communication using private key/public key cryptography between the administrator computer and both the generating token and the display token.
  • At least one of the generating token and the display token includes a mechanical trigger by which it is activated, after which it remains active for a limited time, thereby extending its battery life so that it can be used for at least 10 years without the battery being recharged or replaced. And in some of these embodiments the limited time is one minute.
  • the digital signatures are recognized by a digital signature authentication algorithm using at least 5000 bits for the key.
  • the communication module provides wireless communication with the display token, and during normal operation a power level of the wireless communication is configured to require that the generating token and the display token be separated by no more than ten feet.
  • the communication module provides wireless communication with the display token, and during normal operation a power level of the wireless communication is configured to require that the generating token and the display token be separated by no more than five feet.
  • At least one of the generating token and the display token is location aware.
  • the security token is location aware due to at least one of cellular data, GPS technology, and Geo-IP technology.
  • at least one of the generating token and the display token is configured to enable user authentication only when it is in an authorized location.
  • at least one of the generating token and the display token stores a list of authorized locations in an internal memory.
  • at least one of the generating token and the display token is able to communicate with a server that has access to a list of authorized locations.
  • At least one of the generating token and the display token is configured to enable user authentication only after it has verified biometric information provided by the user.
  • the biometric information is one of a recording of the user's voice obtained using a microphone included in one of the generating token and the display token; a picture of a fingerprint of the user obtained using a camera included in one of the generating token and the display token; a picture of the user's face obtained using a camera included in one of the generating token and the display token and operating in either picture or video mode; and a recording of the user's gate by an accelerometer included in one of the security tokens.
  • at least one of the generating token and the display token is configured to enable user authentication only after it has scanned and verified an NFC chip embedded in an object carried by the user or in a structure located near the user.
  • Still another general aspect of the present invention is a method for securely authenticating the identity of a user and granting the user access to sensitive data stored on a data storage device.
  • the method includes authenticating by a generating security token of an identity of a display security token using digital signatures and secure communication between the generating token and the display token that employs public key cryptography; authenticating by the display security token of an identity of the display security token using digital signatures and secure communication between the generating token and the display token that employs public key cryptography; using the generating token to generate a synchronous dynamic password; communicating the synchronous dynamic password to the display token using the secure communication; using the display token to at least one of transmit the synchronous dynamic password to the data storage device and display the synchronous dynamic password to the user so that the user can enter the synchronous dynamic password into the data storage device or into a device in communication with the data storage device; and providing to the user by the data storage device of access to the sensitive data.
  • Figure 1A is a perspective view of a security token of the prior art configured to generate and display time-sensitive dynamic synchronous
  • Figure IB is a block diagram of an embodiment of the present invention.
  • Figure 2A is a close-up perspective view of a USB tracking device for a laptop computer in an embodiment of the present invention
  • Figure 2B is a scale drawing of an embodiment similar to Figure 2 A;
  • Figure 3 A is a front view of a tablet computing device with a tracking device installed in its charging port;
  • Figure 3B is a perspective view of the tablet and tracking device of Figure 3A;
  • Figure 4A is close-up perspective front view of the tracking device of Figure 3A;
  • Figure 4B is close-up perspective rear view of the tracking device of Figure 4A;
  • Figures 4C and 4D are rear and side views respectively of an
  • MCD monitored computing device
  • Figure 5A illustrates the steps that are used in embodiments of the present invention to initialize the pairing of the tracking device with the PCD and the monitoring device;
  • Figure 5B illustrates the pairing steps that occur in embodiments when the tracking device comes into range of the monitoring device;
  • Figure 5C illustrates the pairing steps that occur when the tracking device is attached to the PCD;
  • Figure 6 A is a flow diagram indicating steps that are taken in an embodiment of the present invention when an alert condition occurs
  • Figure 6B is a flow diagram indicating the steps that are taken when the PCD is turned on in an embodiment of the present invention.
  • Figure 6C is a flow diagram that describes a process for adding and saving locations in an embodiment of the present invention.
  • Figure 6D illustrates the definition of three location zones in an embodiment of the present invention
  • Figure 6E illustrates a location-limited embodiment in which a PCD or MCD is not allowed to leave a certain building (or some other defined area or zone) under any circumstances;
  • Figure 6F illustrates a location-limited embodiment in which a PCD or MCD is only allowed to leave a certain building (or some other defined area or zone) if a monitoring device is attached;
  • Figure 6G is a flow diagram that illustrates the steps taken in an embodiment by software to protect and attempt to recover a PCD when an alert is triggered by an accelerometer recording a velocity that is greater than a first threshold velocity;
  • Figure 7 is a front view of a case containing the tablet computing device and tracking device of Figure 3 A;
  • Figure 8 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a local computer, the generating token and the display token being in secure wireless communication with each other via Bluetooth or NFC;
  • Figure 9 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a remote data storage device;
  • Figure 10 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a remote data storage device where the display token is a local computer in network communication with the remote data storage device;
  • Figure 1 1 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a remote data storage device where the display token is a local computer in network communication with the remote data storage device and the generating token is a smart cellular telephone;
  • Figure 12 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a remote data storage device where the display token is a local computer in network communication with the remote data storage device and the generating token is a dongle that is physically attached to a USB port of the display token, the generating token and the display token being in wired USB communication;
  • Figure 13A is a logic diagram illustrating configuration of the generating token and the display token by an administrator computer
  • Figure 13B illustrates an embodiment in which all or some of the data required for authentication of a PCD through use of an application, a browser, or a terminal is stored on a separate PCD or MCD in an encrypted data file;
  • Figure 14 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a remote data storage device where the display token is a smart cellular telephone and the generating token is a physical security device that is configured to attach a local computer to a tether and thereby to anchor the local computer to a desk;
  • Figure 15 is a logic diagram illustrating an embodiment of the present invention used to obtain access to data stored on a remote data storage device where the display token is a local computer in network communication with the remote data storage device and the generating token is a physical security device that is configured to attach the local computer to a tether and thereby to anchor the local computer to a desk;
  • Figures 16A through 16C are illustration of PCD user interface screens corresponding to various modes of an embodiment of the present invention.
  • Figure 17 illustrates that there are many embodiments of the present invention that include various configurations in which devices monitor, track, protect, and authenticate other devices.
  • one general aspect of the present invention is a system for alerting a user if the user becomes separated from a portable computing device (PCD) 100 such as a laptop or computing tablet, even when the PCD is off or in standby mode.
  • the system includes a battery- powered tracking device 102 attached to the PCD 100 and in wireless
  • the monitoring device 104 is able to issue an audible alarm to the user when an alert is triggered, for example if the tracking device 102 is separated from the monitoring device 104 by more than a specified distance, or if the tracking device 102 detects that it is rapidly moving.
  • an alert also causes the PCD 100 to emit an audible alarm, so as to make it easier to locate the PCD and also to possibly to deter a thief or alert someone who has picked up the PCD 100 by accident.
  • the audible alarm sounded by the monitoring device 104 and/or by the PCD 100 can initially emit a soft sound and gradually increase in volume
  • the wireless communication 106 is limited in range, and an alert is triggered when the wireless signal strength 106 falls below a specified level or is lost.
  • a plurality of factors is used to determine if an alarm should be triggered. For example, accelerometer information can be considered when the wireless communication link is lost to determine if an alert is justified, or if the loss of the wireless communication link is simply due to local interference or to some other "natural" circumstance that does not justify an alert.
  • the battery of the tracking device 102 is recharged when the PCD 100 is in operation or charging, and if the rechargeable battery of the tracking device 102 becomes nearly depleted, the tracking device 102 issues a low-battery message to the monitoring device 104 and/or activates a visible indication on the tracking device 102.
  • Embodiments of the present invention use digital signatures to provide secure identity recognition between the tracking device and the PCD 108, and between the tracking device and the monitoring device 106.
  • public key cryptography such as RSA, and digital signatures are used. Attempts to re -pair the tracking device 102 with a substitute monitoring device are thereby frustrated, because a substitute monitoring device will fail the digital signature process and will not be recognized by the tracking device 102. Similarly, the PCD 100 will refuse to recognize a substitute tracking device, and vice-versa.
  • the monitoring device 104 will also reject any attempt to replace both the PCD 100 and the tracking device 102 with substitutes, because even if the tracking device 102 recognizes the PCD 100, the monitoring device 104 will not recognize the substitute tracking device 102. In other embodiments, the PCD 100 will not boot up if the tracking device 102 has been tampered with, for example either removed or destroyed.
  • the PCD 100 when the digital signal process fails, the PCD 100 produces a response.
  • the response is refusing to turn on (or awake) the PCD 100, alerting the monitoring device 104, alerting a server, alerting an administrator, displaying a stealth mode 604 on the PCD 100, or any combination thereof.
  • a stealth mode 604 on the PCD can, for example, permit an unauthorized user to access, for example, the least sensitive information and programs on the PCD 100, while at the same time the PCD 100 can, for example, alert a user.
  • the PCD 100 can alert another entity, such as the user's company, service provider, or emergency contact. This is advantageous in some embodiments because the unauthorized user (or thief) may not know that the PCD 100 is issuing an alert to the user.
  • Embodiments of the tracking device include a non-volatile memory that stores the tracking device software, the public and private cryptography keys for the tracking device, the public keys from those devices it establishes secure connections with, symmetric keys for continued communication with devices once a secure connection is established each session, the digital signature of each device with which it is paired, and the digital signature of each administrator who is authorized to add or delete device pairings, upgrade the software, and/or perform other administrative tasks.
  • a software application 108 is included on the PCD 100 that disables the PCD 100 if an alert condition occurs, for example if the tracking device 102 is removed, if the tracking device 102 is damaged, if the tracking device detects unpermitted movement through an accelerometer, if a disabling command is received from the monitoring device 104, and/or if the wireless connection 106 to the monitoring device 104 is lost.
  • an alert condition for example if the tracking device 102 is removed, if the tracking device 102 is damaged, if the tracking device detects unpermitted movement through an accelerometer, if a disabling command is received from the monitoring device 104, and/or if the wireless connection 106 to the monitoring device 104 is lost.
  • the PCD 100 is automatically re-enabled if the alert condition ends, for example if the tracking device 102 is once again brought into range of the monitoring device 104.
  • an explicit password or other command must either be directly entered into the PCD 100 or transmitted to the tracking device 102 by the monitoring device 104 before the PCD 100 is re- enabled.
  • the user if the user wishes to disable the PCD 100 for any reason, even when an alert has not been issued (e.g. the PCD 100 is not in the process of being lost or stolen), the user can use the monitoring device 104 to issue a disabling command to the PCD 100. In some of these embodiments the disabling command can be issued by simply pressing a button on the monitoring device 104.
  • the tracking device 102 is externally attached to the PCD 100, and in some of these embodiments the tracking device 102 is a dongle.
  • the dongle 102 includes a USB adapter 202 and is installed in a USB port of the PCD 100.
  • the dongle is installed in a HDMI port, a "Thunderbolt" port, or in another externally accessible port of the PCD 100.
  • the dongle includes an attachment mechanism that can attach the dongle to a HDMI port, a USB port, a "Thunderbolt” port, or another externally accessible port so as to make it more difficult to remove (thus increasing the security of the PCD).
  • the tracking device 102 is internally installed within the PCD, either permanently, on the motherboard, on a connected module, or elsewhere, or in an externally accessible internal location such as an expansion card bay or memory expansion slot.
  • the tracking device can be placed in any space located within the PCD.
  • some PCD devices have a space located next the PCD's hard drive.
  • a button 206 on the tracking device is used for pairing the tracking device with PCD's and monitoring devices.
  • the tracking device 102 is attached to the PCD 100 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment, thereby inhibiting removal of the tracking device 102 by an attachment mechanism 204 that requires a tool for detachment,
  • the tracking device is a dongle 102 and the attachment mechanism that secures the dongle to the USB port of the PCD 100 is an Allen screw 204, where the Allen screw 204 is inserted into the dongle 102 and requires an Allen wrench of the proper size for removal.
  • other types of screw are used to secure the tracking device 102.
  • Figure 2B is a scale drawing of a similar embodiment.
  • While disengaging the attachment mechanism may ultimately not be difficult, it can be a step that a thief is unlikely to attempt while fleeing through an airport, and can serve to keep the dongle 102 attached to the PCD 100 at least until the thief feels safe enough to stop and use the proper tool for removal of the dongle 102. This can provide sufficient time for the tracking device 102 and/or the PCD 100 to complete pre-programmed emergency steps, as outlined in more detail below.
  • the tracking device 102 is a dongle that is installed in a charging port of the PCD 100.
  • the PCD 100 is a tablet computing device that does not provide a USB port, but does provide a charging port 300 that includes power and also enables data communication with the tablet 100.
  • the dongle 102 replicates the charging port 300, so that the functions of the charging port 300 remain accessible while the dongle 102 is attached.
  • the dongle 102 extends the length of the tablet 100 by only a small percentage, but the dongle 102 is nearly as wide as the tablet 100, thereby providing sufficient volume in the dongle 102 to include a long-lasting battery, as well as Bluetooth, GPS, WIFI, and 4G in some embodiments.
  • Figure 4A is a close-up front perspective view of the dongle 102 of Figure 3A and Figure 3B, and clearly shows the adapter 400 that is inserted into the charging port of the tablet 100.
  • Figure 4B is a close-up rear perspective view of the dongle 102 of Figure 4A, and clearly shows the replicated charging port 300 that replicates the charging port of the tablet 100.
  • Figures 4C and 4D are rear and side views respectively of an
  • a monitored computing device MCD
  • an optional charging port adaptor is provided that replicates the charging port of the adaptor and draws power to charge the MCD when the PCD is charged.
  • Figure 5A illustrates the steps that are used in embodiments of the present invention to initialize the pairing of the tracking device 102 with the PCD 100 and the monitoring device 104.
  • appropriate software is loaded on each of the three devices 500.
  • public and private keys are generated for each of the three devices, and each device receives both its private key and its public key 502.
  • Digital signatures are then exchanged 504 between the tracking device 102 and the monitoring device 104, and between the tracking device 102 and the PCD 100.
  • Figure 5B illustrates the pairing steps that occur in embodiments when the tracking device 102 comes into range of the monitoring device
  • Figure 5C illustrates the pairing steps that occur when the tracking device 102 is attached to the PCD 100.
  • FIG. 6A is a flow diagram illustrating some of the actions that are taken by the tracking device 102 and/or the software application 108 on the PCD 100 in various embodiments if an alert condition occurs.
  • An alert condition can be triggered, for example, due to loss of contact with the monitoring device 104, or due to an alert command received from the monitoring device 104. If a separate tracking device is used, an alert condition can be triggered due to removal of the tracking device 102 from the PCD 100, due to the tracking device 102 being substantially destroyed, or due to the tracking device 102 recognizing unpermitted movement with an accelerometer. In some embodiments the tracking device will boost its output power and try to reestablish contact with the tracking device 602.
  • the tracking device will instruct the PCD 100 to disable its display and any other visible functions, so that it will operate in a "stealth" mode whereby it appears to remain off or asleep 604.
  • This stealth mode can occur even with the lid closed on the laptop or other PCD 100.
  • the stealth mode allows an unauthorized user limited access to the PCD 100. While the unauthorized user is using the PCD 100 the PCD 100 or the tracking device 102 may issue an alert, backup data, or trigger any other response.
  • the tracking device 102 will then wake up the PCD 606.
  • the tracking device 102 will provide emergency battery power to the PCD 100 if the battery of the PCD 100 is fully discharged or is removed, so that the PCD 100 can function long enough to take at least some emergency steps such as those illustrated in Figure 6.
  • the tracking device 102 and/or the software application 108 on the PCD 100 will begin to seek various means 608 to communicate either directly with the monitoring device or with a server via the internet. These attempts may include Bluetooth, WIFI, and cellular
  • the PCD application 108 will attempt to backup critical data to a server 612, after which it will securely encrypt or securely delete any sensitive data 614 stored locally. If GPS capability is available either on the PCD 100 or installed in the tracking device 102, then the system will attempt to send location information to the user 616 to aid in recovery of the PCD 100. This can also be accomplished without GPS if, for example, the PCD can contact a cellular or WIFI network through the use of GEO-IP, and using that medium for location information.
  • the application software 108 may also turn on a camera installed in the PCD 100 and transmit still pictures and/or video to the user 618 to further aid in identifying the thief and pinpointing the location of the PCD 100.
  • the still pictures and/or video contain location data, so that the pictures can also provide information regarding the location of the PCD 100.
  • the PCD can upload these time- stamped images along with location information obtained by GEO-IP, GPS or similar methods to a secure server to assist recovery. Even if contact with a server or with the user is not established, the system in embodiments will still proceed to securely encrypt or securely delete sensitive data 614.
  • the system in various embodiments will initiate an audible and/or visible alarm and/or other perceptible indication 620 in a further attempt to assist the user and/or the authorities in locating the missing PCD 100.
  • FIG. 6B is a flow diagram illustrating steps that are taken in an embodiment by the tracking device when the PCD 100 is turned on.
  • a PCD device is turned on 622.
  • the PCD 100 or the software 108 checks to see if the tracking device 102 is plugged in 624.
  • the tracking device 102 is, for example, a dongle. If the tracking device 102 is not plugged in then the PCD 100 or Software 108 can take any of several different routes according to the embodiment. One potential route would be to deny access to the user 626. An alternative route would be to enter into stealth mode 628. In various similar embodiments, some other action is taken, such as sending an alert 630 or alerting the user's employer 632.
  • the PCD 100 or Software 108 can proceed to another step.
  • This step is the first password verification 634.
  • the PCD 100 or Software 108 checks the password stored with the dongle 634.
  • the user may or may not have access to this password. In some embodiments, for example, the password is unknown to the user. If that first password is incorrect, then in embodiments the PCD 100 or Software 108 will deny access to the user. In similar embodiments, the PCD 100 or Software 108 will display stealth mode.
  • the PCD 100 or Software 108 will display a login screen 636. Then the user will have the opportunity to input a second password 638.
  • the second password is a password known to the user, a biometric password, or any other kind of password.
  • the PCD or software checks if the second password is correct 640. If the second password is incorrect, then in embodiments the PCD 100 or Software 108 will not permit the user access. In similar embodiments, the PCD 100 or Software 108 will display stealth mode. However, if the second password is correct then in embodiments the PCD 100 or Software 108 will permit access 642 to the PCD 100. Note that, while only two passwords are verified in the embodiment of Figure 6B, in other embodiments more than two passwords are verified.
  • FIG. 6C is a flow diagram that describes a process for adding and saving locations in an embodiment of the present invention.
  • the monitoring device is location aware, it can transmit commands to the tracking device to select which mode is activated. In some of these
  • the location categories range from "safe,” for example at the user's home, to "high risk,” for example in an airport.
  • one or more intermediate categories are also included, for example when the tracking device 102 is at the user's office.
  • Figure 6D illustrates the definition of three location zones in an embodiment, which are "proximate,” “near,” and “OOD” (out of range).
  • location zones are customizable, and allow different operations depending on where the user is located. For example, in certain embodiments exceeding a set distance at a "remembered place” has a different outcome than doing the same in a "public” place, such as an airport.
  • Figure 6E illustrates a location-limited embodiment in which a PCD or MCD is not allowed to leave a certain building (or some other defined area or zone) under any circumstances.
  • Figure 6F illustrates a location-limited
  • the tracking device 102 increases or decreases how frequently the proximity of the monitoring device 104 is verified, possibly suppressing the security features altogether when the tracking device is at a "safe" location. And in some embodiments user authentication is simplified when the PCD or MCD is in a "safe" location, for example requiring only a single password or eliminating the requirement for a password altogether.
  • the tracking device 102 also contains an accelerometer.
  • the tracking device is able to communicate with the PCD 100 and use information gathered by an accelerometer in the PCD 100.
  • the tracking device 102 senses movement using the accelerometer, the tracking device 102 sends an alert.
  • the "unpermitted" type of movement that triggers an alert can include, for example, a horizontal movement, a vertical movement, a z-axis movement, or a movement in any direction.
  • the tracking device 102 or the PCD 100 can manage the data received from the accelerometer to determine if it is moving at a certain rate or in an unexpected direction. If, for example, the rate of movement is greater than a set value, or if the PCD and tracking devices are moving in different directions, then the tracking device 102 will initiate a specified response, such as issuing an alert, sounding an alarm, and/or starting a backup of the data.
  • Figure 6G is a flow diagram that illustrates the steps taken in an embodiment by software to protect and attempt to recover a PCD when an alert is triggered by an
  • accelerometer recording a velocity that is greater than a first threshold velocity.
  • both the tracking device 102 or PCD 100 and the monitoring device 104 have an accelerometer
  • the monitoring device 104 is moving at a first given rate and the tracking device 102 or the PCD 100 is moving at a second rate that is a different rate than the first given rate
  • an alert and/or a response is triggered. For example, if the user is just leaving a taxi- cab and forgets his or her PCD 100, there will be a first rate (the user's walking rate) and a second rate (the taxi-cab's rate). In embodiments, the difference between these two rates (deemed an unpermitted movement) will trigger the monitoring device 104 to issues an alert to the user allowing the user to know that he or she has forgotten the PCD 100.
  • various embodiments further include a case 700 configured to contain the PCD 100 with the tracking device 102 attached.
  • the case 700 can serves to obscure the tracking device so that a thief does not easily recognize that it is there.
  • the case 700 can also serve to protect the tracking device 102 from being damaged, broken, dislodged, or removed during normal use of the PCD 100.
  • the case 600 is durable and rigid, and difficult or time-consuming to remove (in certain embodiments requiring a tool for removal thereof), thereby inhibiting rapid removal of the tracking device 102 from the PCD 100, for example during the initial stages of a theft when the tracking device 102 is attempting to take some or all of the steps illustrated in Figure 6A.
  • the case can be locked with a key or combination lock, preventing removal of the tracking device until the security case is unlocked and detached.
  • certain embodiments include a universal security slot that allows the security case to be physically secured to an anchoring point by a computer lock.
  • the case 700 provides an access 702 to the replicated charging port 300 of the PCD 100.
  • the tracking device 102 further includes RFID capability, whereby its location can be momentarily sensed if it passes near a compatible RFID sensing device, as are commonly found near doorways and in other locations in facilities such as hospitals, businesses, and warehouses.
  • a WIFI mesh network spread over a location such as a building or town could be used to triangulate location of the tracking device and provide a secure medium for communication between the tracking device and the server.
  • a first tracking device 102 can use the internet connection device of a second tracking device 102. For example, if a tracking device 102 does not itself have an established connection to a WIFI network, the tracking device 102 can communicate with a second tracking device 102 which has a connection to a WIFI or cellular network. In other embodiments, if the second tracking device has some other type of connection, for example, Bluetooth to a PCD 100, the first tracking device is able to make use of that connection.
  • the tracking device 102 can use other tracking devices 102 to, for example, establish a connection to send an alert, taking the form of a peer-to-peer or mesh network.
  • a tracking device 102 when a tracking device 102 is communicating with, for example, a second tracking device 102, the communication may take place in the form of a peer-to-peer network.
  • a first tracking device 102 is the first node and a second tracking device 102 is the second node.
  • a PCD 100 and/or monitoring device 104 can be a node in the peer-to-peer network.
  • embodiments of the present invention further provide remote access and/or operation of the PCD 100 by means of the monitoring device 104 and tracking device 102. In some of these embodiments, upon receiving an
  • the tracking device 102 is able to awaken the PCD 100 from standby or off status, and is further able to share an internet connection, transfer files and/or statistical data between the PCD 100 and the monitoring device 104. Similar embodiments are able to provide remote operation of the PCD 100 by means of the monitoring device 104 and the tracking device 102.
  • the communications between the tracking device 102 and the monitoring device 104 are securely encrypted using public key cryptography such as RSA, so that files and other data and
  • the tracking device 102 and/or the monitoring device 104 logs information regarding the remote access and/or operation of the PCD 100, either locally or to a server. This can be helpful if the user or the user's employer wishes to monitor and/or maintain a record of the user's activities.
  • the tracking device 102 is also able to function during normal operating conditions as a communications gateway or mobile internet "hotspot," providing internet access from the monitoring device 104 to the PCD 100, from the PCD 100 to the monitoring device 104, and/or from the tracking device 102 itself to the PCD 100 and/or the monitoring device 104.
  • a communications gateway or mobile internet "hotspot” providing internet access from the monitoring device 104 to the PCD 100, from the PCD 100 to the monitoring device 104, and/or from the tracking device 102 itself to the PCD 100 and/or the monitoring device 104.
  • Another general aspect of the present invention is a user authentication system that provides increased security against hackers while minimizing the burden placed on legitimate users.
  • the system includes two physically distinct security tokens 800, 802 that are paired with each other and work together to provide at least one synchronous dynamic password, either to the user or directly to a local device 804.
  • the two security tokens 800, 802 are referred to herein as the "generating" token 800 and the "display" token 802.
  • the generating token 800 uses a dynamic password generating method known in the art for generating single-use dynamic passwords, time synchronized dynamic passwords, and/or other types of dynamic password. Unlike security tokens 100 of the prior art, however, the generating token 800 of the present invention does not provide the generated dynamic password directly to the user. Instead, the generating token communicates the dynamic password 806 to the display token 802, which then either displays it to the user or directly communicates it to a local user device 804 such as a computer being used by the user.
  • the two security tokens use digital signatures to securely verify each other's presence and to prevent foreign devices from being substituted, since any attempt to re-pair the generating or display token with a substitute device will fail the digital signature verification process.
  • the security tokens then communicate with each other using public key cryptography and an algorithm such as RSA, to encrypt communication between them. Possession of both of the specifically paired tokens 800, 802 is therefore necessary before the dynamic password can be generated and used.
  • the generating token 800 and/or the display token 802 includes a non-volatile memory that stores the necessary software, public and private cryptographic keys for the device itself, public keys from the paired security token, digital signatures of the paired security token, and the digital signature and public key of each administrator who is authorized to add or delete device pairings, upgrade the software, and/or perform other administrative tasks.
  • one of the security tokens 800, 802 is a portable computing device (PCD) such as a computing tablet or a "smart" cellular telephone.
  • PCD portable computing device
  • one of the security tokens 800, 802 is a local computer, which in some embodiments is used to access data over a network or the internet.
  • one of the security tokens 800, 802 is a locking device that is also used to physically anchor a local computing device to a desk or other structure, thereby enhancing physical security as well as user authentication.
  • At least one of the security tokens 800, 802 is location-aware, using ether cellular data, GPS, Geo-IP, or some other location- determining technology.
  • the security token 800, 802 consults a locally stored table of authorized geographic locations and/or communicates securely with a server using digital signatures and public key cryptography to verify that the security tokens 800, 802 are authorized for their current geographic location. If not, the generating token 800 does not generate the security pass code and/or the display 802 token does not show the security passcode. This prevents security credentials from being used in areas where the assigned user is not authorized. Similarly, if the user's login name, password, and security passcode are intercepted by hackers who are not in an authorized location, the hackers are prevented from using the intercepted information to gain
  • At least one of the security tokens scans an embedded NFC chip on the user's nametag or on a wall or other structure located in the user's workspace for verification before displaying the security passcode to the user.
  • At least one of the security tokens 800, 802 requires biometric verification before the security passcode is generated and/or displayed.
  • the biometric verification can include voice analysis of a recording of the user speaking into a microphone included in one of the security tokens 800, 802, gait recognition sensed by an accelerometer in one of the security tokens 800, 802, fingerprint analysis of a picture of one of the user's fingers or thumbs taken by a camera included in one of the security tokens 800, 802, or facial recognition of an image of the user's face taken by a camera included in one of the security tokens 800, 802 and operating in either picture or video mode.
  • any paired combination of a generating security token 800 and a display security token 802 that authenticate each other's identities using digital signatures and communicate with each other using a public key protocol fall within the scope of the present invention, so long as the data to be accessed is not resident on either of the security tokens 800, 802.
  • a laptop computer can be used as one of the security tokens 800, 802 if the laptop computer is to be used to access sensitive data remotely from a server, but not if the data is locally stored on the laptop computer itself.
  • security tokens 800, 802 biometric authentication factors (BAF), and knowledge authentication factors (KAF) that are within the scope of the present invention provide higher security than others.
  • accessible data is ranked according to a degree of sensitivity, and access to data with a specified degree of sensitivity requires using certain combinations of BAF, KAF, and security tokens 800, 802. For example, access to certain highly sensitive data may be restricted when using a publically accessible computer, even when using two security tokens 800, 802 of the present invention.
  • the generating security token 800 generates a plurality of synchronous dynamic passwords, all of which must be used to obtain access to certain data. For example, in some embodiments a first dynamic password is used to log onto a user's personal or company-assigned local computer, and a second dynamic password is then used to log onto a server computer over a network or over the internet using the local computer.
  • the generating token 800 is a small device configured as a keychain fob, and the display token 802 is a "smart" cellphone that that includes compatible software for generating and recognizing digital signatures.
  • the generating token 800 generates at least one dynamic password, and the display token displays the generated dynamic password 808 on its built-in display.
  • the user then enters 810 the dynamic password into the local computer 804. Access to data stored on the local computer is thereby granted.
  • a separate user login and password is also needed to gain access to the smart phone 802, and a separate login and password is needed to gain access to the local computer 804, thereby increasing the security of the stored data.
  • the generating token 800 includes a mechanical trigger 812 by which it is activated, after which it remains active for only a short time, such as one minute, thereby extending its battery life. Some of these embodiments can function for 10 years or more without replacement of the battery.
  • the sensitive data is not stored on the local computer 804, but is located on a server 900 and is accessible via a network 902 or via the internet.
  • dynamic passwords are generated and displayed as in Figure 8, but after a first dynamic password is entered to gain access to the laptop itself 804, a second dynamic password is entered and forwarded to the server 900 so that access to the data on the server is granted.
  • the local computer 804 is a public computer that is not secure and only a single dynamic password is generated and transmitted to the server 900. This is not as secure a configuration as when using a trusted local computer 804, and in some embodiments access is only granted under such circumstances to data having a specified degree of sensitivity that is below a certain limit.
  • FIG. 10 The embodiment of Figure 10 is similar to the embodiment of Figure 9, except that the smart phone is omitted and the local computer (belonging to the user or to the user's employer) serves as the display token 802. In this
  • the laptop although acting as the "display" token 802, does not actually display the dynamic synchronous password, because there is no need for the user to re-enter it 810. Instead, the laptop computer 802 simply forwards the dynamic synchronous password via the network 902 to the server 900. Note that, since the sensitive data resides on the server 900 and not on the local computer 802, this embodiment falls within the scope of the present invention.
  • FIG. 1 1 The embodiment of Figure 1 1 is similar to the embodiment of Figure 10, except that a smart phone 800 is used as the generating token. Note that the smart phone 800 in this embodiment serves as the generating token, while a similar smart phone is used in the embodiments of Figures 8 and 9 as the display token.
  • the embodiment of Figure 12 is similar to the embodiment of Figure 10, except that the generating token 800 is a dongle that physically plugs into a USB port on the local computer 802. Although the communication between the two security tokens 800, 802 is not wireless, they still use digital signatures to verify each other's identities.
  • the dongle 800 is normally carried by the user separately from the computer 802, and is only plugged into the computer 802 when access to sensitive data on the server 900 is needed.
  • the two security tokens 800, 802 are set to communicate 1300 with each other wirelessly at very low power during initial pairing, so that they must be physically close to each other and to the administrative computer 1302, thereby avoiding "man in the middle" attacks. In some of these embodiments they must be within five feet of each other. In various embodiments the digital signature authentication must employ an algorithm using at least 5000 bits for the key. In some embodiments, the two security tokens 800, 802 communicate with each other wirelessly, and in the embodiment of Figure 13A the communication 806 is via Bluetooth.
  • the two security tokens 800, 802 must be within 10 feet of each other during normal use so as to communicate with each other, and in some embodiments they must be within five feet of each other. In certain embodiments the communication is via Near Field Communication (“NFC”), and the security tokens 800, 802 must be no more than one foot apart.
  • NFC Near Field Communication
  • all or some of the data required for authentication of a PCD through use of an application, a browser, or a terminal is stored on a separate PCD or MCD in an encrypted data file.
  • the data file is protected by a trip switch that transfers to the application, browser, or terminal following authentication to populate it for use.
  • this populated information is backed up on a server, after which the information leaves the PCD application, browser, or terminal following use.
  • the security tokens 800, 802 also use secure digital signature identification and public key cryptographic communication with the computer 1302 used by an administrator who is authorized to create and delete pairings, update software, and perform any other administrative tasks.
  • the generating token 800 is also used to physically secure the local computer 804 by means of a tether 1400 to an anchor 802 on a desk or other fixed structure.
  • At least one of the security tokens 800, 802 maintains a log of status and/or usage information such as battery status, frequency of usage, and failed attempts at pairing, and reports the information to a user or to an administrator. In various embodiments, at least one of the security tokens 800, 802 reports the logged information to a secure server using WIFI or cellular communication. In the embodiment of Figure 15, the generating token 800 logs the frequency of use of the physical security feature and reports that information as well. This can be of value in tracking employee usage of the physical security feature, as well as setting insurance rates and defending against liability claims.
  • employee access to company-owned devices such as laptops and smart phones using the present invention can be terminated remotely by an employer.
  • Figures 16A through 16C are illustration of PCD user interface screens corresponding to various modes of an embodiment of the present invention.
  • Figure 17 illustrates that there are many embodiments of the present invention that include various configurations in which devices monitor, track, protect, and authenticate other devices.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Un système pour éviter la perte d'ordinateurs portables et d'autres dispositifs informatiques portables (PCD) attache un dispositif de suivi alimenté par batterie (TD) au PCD et utilise Bluetooth ou d'autres moyens à courte portée pour lier le TD à un dispositif de surveillance (MD) porté par l'utilisateur. Le MD émet alors une alerte si le TD et le PCD sont déplacés hors de portée, même si le PCD est arrêté. Pendant une alerte, le PCD peut être désactivé et le TD peut tenter de contacter l'utilisateur en amplifiant la puissance du Bluetooth et/ou en cherchant des réseaux WiFi et/ou cellulaires à proximité. Un système d'authentification d'utilisateur à multiples facteurs pour obtenir un accès à un dispositif de stockage de données comprend la génération et l'affichage de jetons de sécurité qui se reconnaissent et communiquent de manière sécurisée l'un avec l'autre. Le jeton de génération génère un mot de passe synchrone dynamique et le communique au jeton d'affichage pour un affichage à l'utilisateur et/ou pour une transmission directe au dispositif de stockage de données.
PCT/US2013/048542 2012-06-29 2013-06-28 Système de sécurité conscient d'une proximité pour une électronique portable avec une authentification d'utilisateur à multiples facteurs et une vérification d'identité de dispositif sécurisé WO2014005004A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201261666055P 2012-06-29 2012-06-29
US61/666,055 2012-06-29
US201261671173P 2012-07-13 2012-07-13
US61/671,173 2012-07-13

Publications (1)

Publication Number Publication Date
WO2014005004A1 true WO2014005004A1 (fr) 2014-01-03

Family

ID=49783901

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/048542 WO2014005004A1 (fr) 2012-06-29 2013-06-28 Système de sécurité conscient d'une proximité pour une électronique portable avec une authentification d'utilisateur à multiples facteurs et une vérification d'identité de dispositif sécurisé

Country Status (1)

Country Link
WO (1) WO2014005004A1 (fr)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016040886A1 (fr) * 2014-09-12 2016-03-17 StoryCloud, Inc. Procédé et appareil pour accès contrôlé en réseau à des espaces physiques
US9449165B2 (en) 2014-02-06 2016-09-20 Untethered Labs, Inc. System and method for wireless proximity-based access to a computing device
WO2017005961A1 (fr) * 2015-07-09 2017-01-12 Nokia Technologies Oy Authentification à base de jeton
US9576255B2 (en) 2014-09-12 2017-02-21 Storycloud Incorporated Method and apparatus for network controlled ticket access
USD818854S1 (en) 2016-10-11 2018-05-29 Milwaukee Electric Tool Corporation Tracking device
EP3444736A1 (fr) * 2017-08-18 2019-02-20 Vestel Elektronik Sanayi ve Ticaret A.S. Dispositif et procédé pour stocker et accéder à des données user-authentication secrète
US10368186B2 (en) 2016-10-31 2019-07-30 Milwaukee Electric Tool Corporation Tool tracking system
CN110190960A (zh) * 2019-06-28 2019-08-30 深圳市永达电子信息股份有限公司 一种基于双因子动态密码的安全路由器登录验证方法和系统
US10430567B2 (en) 2017-01-18 2019-10-01 International Business Machines Corporation Customizable firmware based on access attributes
USD867909S1 (en) 2018-08-23 2019-11-26 Milwaukee Electric Tool Corporation Tracking device
US10691789B2 (en) 2017-12-19 2020-06-23 International Business Machines Corporation Authentication/security using user activity mining based live question-answering
CN112385307A (zh) * 2018-07-04 2021-02-19 韩国烟草人参公社 用于与气溶胶生成装置发送和接收数据的方法及装置
CN112948305A (zh) * 2014-08-07 2021-06-11 伊诺卡姆公司 智能连接机制
US20220070667A1 (en) 2020-08-28 2022-03-03 Apple Inc. Near owner maintenance
US11282351B2 (en) 2012-10-24 2022-03-22 Apple Inc. Devices and methods for locating accessories of an electronic device
US11606669B2 (en) 2018-09-28 2023-03-14 Apple Inc. System and method for locating wireless accessories
US11863671B1 (en) 2019-04-17 2024-01-02 Apple Inc. Accessory assisted account recovery
US11928478B2 (en) 2019-10-29 2024-03-12 Hewlett-Packard Development Company, L.P. Tracking device state transitions

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5796338A (en) * 1997-02-03 1998-08-18 Aris Mardirossian, Inc. System for preventing loss of cellular phone or the like
WO2006075893A1 (fr) * 2005-01-13 2006-07-20 Samsung Electronics Co., Ltd. Procede permettant de deplacer un objet de droits entre des dispositifs, procede et dispositif permettant d'utiliser un objet de contenu fondes sur le procede de deplacement, et dispositif
KR100853039B1 (ko) * 2007-07-09 2008-08-19 안대근 노트북 컴퓨터의 도난 방지 시스템
KR20090039684A (ko) * 2006-05-24 2009-04-22 노키아 코포레이션 휴대용 원격통신 장치
US20100250957A1 (en) * 2005-09-09 2010-09-30 University Of South Florida Method of Authenticating a User on a Network
US20110113235A1 (en) * 2009-08-27 2011-05-12 Craig Erickson PC Security Lock Device Using Permanent ID and Hidden Keys

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5796338A (en) * 1997-02-03 1998-08-18 Aris Mardirossian, Inc. System for preventing loss of cellular phone or the like
WO2006075893A1 (fr) * 2005-01-13 2006-07-20 Samsung Electronics Co., Ltd. Procede permettant de deplacer un objet de droits entre des dispositifs, procede et dispositif permettant d'utiliser un objet de contenu fondes sur le procede de deplacement, et dispositif
US20100250957A1 (en) * 2005-09-09 2010-09-30 University Of South Florida Method of Authenticating a User on a Network
KR20090039684A (ko) * 2006-05-24 2009-04-22 노키아 코포레이션 휴대용 원격통신 장치
KR100853039B1 (ko) * 2007-07-09 2008-08-19 안대근 노트북 컴퓨터의 도난 방지 시스템
US20110113235A1 (en) * 2009-08-27 2011-05-12 Craig Erickson PC Security Lock Device Using Permanent ID and Hidden Keys

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11282351B2 (en) 2012-10-24 2022-03-22 Apple Inc. Devices and methods for locating accessories of an electronic device
US9449165B2 (en) 2014-02-06 2016-09-20 Untethered Labs, Inc. System and method for wireless proximity-based access to a computing device
CN112948305A (zh) * 2014-08-07 2021-06-11 伊诺卡姆公司 智能连接机制
WO2016040886A1 (fr) * 2014-09-12 2016-03-17 StoryCloud, Inc. Procédé et appareil pour accès contrôlé en réseau à des espaces physiques
US9508207B2 (en) 2014-09-12 2016-11-29 Storycloud Incorporated Method and apparatus for network controlled access to physical spaces
US9576255B2 (en) 2014-09-12 2017-02-21 Storycloud Incorporated Method and apparatus for network controlled ticket access
WO2017005961A1 (fr) * 2015-07-09 2017-01-12 Nokia Technologies Oy Authentification à base de jeton
US11206533B2 (en) 2015-07-09 2021-12-21 Nokia Technologies Oy Token based authentication
USD818854S1 (en) 2016-10-11 2018-05-29 Milwaukee Electric Tool Corporation Tracking device
US10368186B2 (en) 2016-10-31 2019-07-30 Milwaukee Electric Tool Corporation Tool tracking system
US11778414B2 (en) 2016-10-31 2023-10-03 Milwaukee Electric Tool Corporation Tool tracking system
US11218833B2 (en) 2016-10-31 2022-01-04 Milwaukee Electric Tool Corporation Tool tracking system
US10430567B2 (en) 2017-01-18 2019-10-01 International Business Machines Corporation Customizable firmware based on access attributes
EP3444736A1 (fr) * 2017-08-18 2019-02-20 Vestel Elektronik Sanayi ve Ticaret A.S. Dispositif et procédé pour stocker et accéder à des données user-authentication secrète
US10691789B2 (en) 2017-12-19 2020-06-23 International Business Machines Corporation Authentication/security using user activity mining based live question-answering
CN112385307A (zh) * 2018-07-04 2021-02-19 韩国烟草人参公社 用于与气溶胶生成装置发送和接收数据的方法及装置
CN112385307B (zh) * 2018-07-04 2024-05-24 韩国烟草人参公社 便携式终端及其通信方法、计算机可读记录介质
USD867909S1 (en) 2018-08-23 2019-11-26 Milwaukee Electric Tool Corporation Tracking device
US11606669B2 (en) 2018-09-28 2023-03-14 Apple Inc. System and method for locating wireless accessories
US11641563B2 (en) 2018-09-28 2023-05-02 Apple Inc. System and method for locating wireless accessories
US11863671B1 (en) 2019-04-17 2024-01-02 Apple Inc. Accessory assisted account recovery
CN110190960B (zh) * 2019-06-28 2021-07-09 深圳市永达电子信息股份有限公司 一种基于双因子动态密码的安全路由器登录验证方法和系统
CN110190960A (zh) * 2019-06-28 2019-08-30 深圳市永达电子信息股份有限公司 一种基于双因子动态密码的安全路由器登录验证方法和系统
US11928478B2 (en) 2019-10-29 2024-03-12 Hewlett-Packard Development Company, L.P. Tracking device state transitions
US20220070667A1 (en) 2020-08-28 2022-03-03 Apple Inc. Near owner maintenance
US11889302B2 (en) 2020-08-28 2024-01-30 Apple Inc. Maintenance of wireless devices

Similar Documents

Publication Publication Date Title
WO2014005004A1 (fr) Système de sécurité conscient d'une proximité pour une électronique portable avec une authentification d'utilisateur à multiples facteurs et une vérification d'identité de dispositif sécurisé
JP5032667B2 (ja) 無線デバイス上のメモリを消去するためのシステム、方法、装置
US9507918B2 (en) Always-available embedded theft reaction subsystem
US9454678B2 (en) Always-available embedded theft reaction subsystem
US9552500B2 (en) Always-available embedded theft reaction subsystem
US9619671B2 (en) Always-available embedded theft reaction subsystem
US9734359B2 (en) Always-available embedded theft reaction subsystem
US9558378B2 (en) Always-available embedded theft reaction subsystem
US9092957B2 (en) Always-available embedded theft reaction subsystem
US9507965B2 (en) Always-available embedded theft reaction subsystem
US6628198B2 (en) Security system for preventing a personal computer from being stolen or used by unauthorized people
US9378342B2 (en) Context analysis at an information handling system to manage authentication cycles
US20130275770A1 (en) Always-available embedded theft reaction subsystem
US20030199267A1 (en) Security system for information processing apparatus
US20140020123A1 (en) Always-available embedded theft reaction subsystem
US20150135021A1 (en) Context Analysis at an Information Handling System to Manage Authentication Cycles
US9520048B2 (en) Always-available embedded theft reaction subsystem
US9208359B2 (en) Always-available embedded theft reaction subsystem
US9569642B2 (en) Always-available embedded theft reaction subsystem
US20150135298A1 (en) Context Analysis at an Information Handling System to Manage Authentication Cycles
US20080256648A1 (en) Secure portable computer and security method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13810263

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13810263

Country of ref document: EP

Kind code of ref document: A1