`US007260835B2
`
`c12) United States Patent
`Bajikar
`
`(IO) Patent No.:
`(45) Date of Patent:
`
`US 7 ,260,835 B2
`Aug. 21, 2007
`
`(54) BLUETOOTH™ BASED SECURITY SYSTEM
`
`(75)
`
`Inventor: Sundeep M. Bajikar, Sunnyvale, CA
`(US)
`
`(73) Assignee: Intel Corporation, Santa Clara, CA
`(US)
`
`( *) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 693 days.
`
`(21) Appl. No.: 09/883,403
`
`(22) Filed:
`
`Jun. 19, 2001
`
`(65)
`
`(51)
`
`(52)
`(58)
`
`(56)
`
`Prior Publication Data
`
`US 2002/0194500 Al
`
`Dec. 19, 2002
`
`Int. Cl.
`H04L 9100
`(2006.01)
`G06F 15116
`(2006.01)
`G06F 21120
`(2006.01)
`U.S. Cl. ................................. 726/4; 726/1; 726/14
`Field of Classification Search ........ 713/200-202;
`705/56; 340/568.1, 571, 426.18, 426.19
`See application file for complete search history.
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,963,134 A *
`6,317,028 Bl*
`6,418,533 B2 *
`6,433,685 Bl *
`6,574,455 B2 *
`6,609,656 Bl *
`6,647,497 Bl*
`6,771,933 Bl*
`6,772,331 Bl*
`6,778,809 B2 *
`6,785,542 Bl *
`
`10/1999 Bowers et al. ........... 340/572.1
`11/2001 Valiulis ..................... 340/10.l
`712002 Angelo et al. .............. 713/202
`8/2002 Struble et al.
`.............. 340/571
`6/2003 Jakobsson et al. ......... 455/41.2
`8/2003 Elledge ...................... 235/382
`11/2003 Cromer et al. .............. 713/200
`8/2004 Eng et al. .................. 455/41.2
`8/2004 Hind et al.
`................. 713/151
`8/2004 Morimoto .................. 455/11.1
`8/2004 Blight et al. ............. 455/426.l
`
`2003/0051052 Al*
`2003/0092383 Al*
`2003/0095524 Al*
`2004/0109441 Al*
`2005/0057370 Al*
`2005/0076242 Al*
`2005/0283645 Al*
`2006/0236364 Al *
`
`3/2003 Shteyn et al. ............... 709/245
`5/2003 Moles et al. .................. 455/41
`5/2003 Stephens et al. ............ 370/338
`6/2004 Hur et al. ................... 370/352
`3/2005 Warrior et al .......... 340/870.01
`412005 Breuer ....................... 713/201
`12/2005 Turner et al. .................. 714/4
`10/2006 Suni et al. ..................... 726/1
`
`OTHER PUBLICATIONS
`
`Gehmann, "Bluetooth Security White Paper", Apr. 19, 2004,
`Bluetooth SIG Security Expert Group, p. 1-46.*
`Miller, "Mapping Salutation Architecture APis to Bluetooth Service
`Discovery Layer", Jul. 1, 1999, Bluetooth Special Interest Group, p.
`1-26.*
`Johansson et al, "JUMP Mode-A Dynamic Window-Based Sched(cid:173)
`uling Framework for Bluetooth Scatternets", Oct. 2001, ACM, p.
`204-211.*
`* cited by examiner
`Primary Examiner--Christopher Revak
`(74) Attorney, Agent, or Firm-Cyndi M. Wheeler
`
`(57)
`
`ABSTRACT
`
`AB!uetooth based security system utilized to provide ad-hoc
`security services to secured assets. Such a Bluetooth based
`security system comprises a secured device (SD) equipped
`with Bluetooth (BT) technology; a plurality of Bluetooth
`Access Points (BTAPs) located at designated points to
`establish a BT link with the secured device (SD); and a
`security server (SS) connected to all BTAPs and arranged to
`provide access control and security services for the secured
`device (SD), wherein the security server (SS) obtains
`attribute information of the secured device (SD), including
`an unique device identification (ID) and a last known
`location of the secured device (SD), activates a lock with the
`secured device (SD), and sends location information of a
`designated BTAP and an unlock code to the secured device
`(SD), via the designated BTAP.
`
`30 Claims, 6 Drawing Sheets
`
`CENTRAL
`SECURITY
`SERVER
`
`BTAP2
`
`1 BTAP1- . ''
`, .
`,
`x.y,z
`\~ ~· Unlock code
`
`I
`I BTAP1
`
`120A-_/' D
`'"'"1
`1. Unique device 10'--:::.::,
`2. Last x,y.z
`
`LGE-1016 / Page 1 of 15
`LGE v. Fundamental
`
`
`
`U.S. Patent
`
`Aug. 21, 2007
`
`Sheet 1 of 6
`
`US 7,260,835 B2
`
`Oi
`~!
`
`°'\
`
`~
`"
`(!)
`......... u....
`
`0
`
`cc
`0
`N
`\
`(;
`
`N
`Q_
`:d'.:
`I-' cc
`
`z
`0
`N
`\
`,,.,;
`(
`
`N
`(I)
`;:>:, u
`.. 0
`>< (.)
`
`ow
`WO
`~-::; > ow
`
`WO
`(/)
`
`N
`(l) ~
`:::::; x
`er_..
`·;:: ~
`::::i _J
`
`LGE-1016 / Page 2 of 15
`
`
`
`tit = N
`0--, = Oo w
`
`'N
`-....l
`rJl
`d
`
`O'I
`0 .....
`N
`.....
`1J1 =(cid:173)
`
`('D
`('D
`
`-....J
`0
`0
`N
`
`N .... ~
`~
`~
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`COMPLEX
`ANTENNA
`
`COMPLEX
`ANTENNA
`
`362
`
`RECEiVER
`
`GPS
`
`370
`
`,_.)
`
`SUBSYSTEMS
`
`iiO
`
`TRANSCEIVER
`BLUETOOTH
`
`CHIPSET
`
`__)
`350
`
`360
`
`OS I SOFTWARE
`
`MEMORY
`
`DISPLAY
`GRAPHICSi
`
`,_)
`330
`
`130
`
`r-----
`
`..)
`
`I 320
`
`I
`SUBSYSTEM
`PROCESSOR
`
`•
`
`340
`
`_)
`310
`
`FIG~ 3
`
`!
`·SOFTWARE ,~208
`
`h 220A
`
`i
`DATABASE
`
`'
`
`~
`220
`
`l
`
`I
`
`I
`
`I
`
`250 I SUBSYSTEM·
`PROCESSOR
`I
`
`DE\/ICE
`OUTPUT
`
`'
`I
`~
`210
`
`'
`
`'
`
`DEVICE
`INPUT u
`
`240
`
`~
`
`1JQ_
`
`FIG~ 2
`
`LGE-1016 / Page 3 of 15
`
`
`
`tit = N
`0--, = Oo w
`
`'N
`-....l
`rJl
`d
`
`O'I
`0 .....
`
`(.H
`
`.....
`1J1 =(cid:173)
`
`('D
`('D
`
`-....J
`0
`0
`N
`
`N .... ~
`~
`~
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`BLUETOOTH
`r-
`E
`
`RF UNIT
`
`GPS
`
`~
`
`~
`
`RAD!O
`
`,,.
`l/F
`
`( _ _)
`620
`
`·~
`
`TRACKiNG
`
`UNiT
`
`GPS
`
`...
`
`a
`
`~
`
`...
`
`DATA PROCESSOR
`BLUETOOTH/GPS
`
`.)
`630
`
`.)
`640
`
`FIGR 6
`
`UNIT
`RF
`
`1
`
`._
`
`BASEBAND 14
`
`UNIT
`
`DATA PROCESSOR
`
`GPS
`
`)
`510
`
`)
`
`520
`
`530
`
`,rJ
`2 ]Q_
`
`~5
`
`Fl
`
`UNIT
`RF
`
`1111>!
`
`BASEBAND 14
`
`UNIT
`
`DA TA PROCESSOR
`
`BLUETOOTH
`
`rj
`410
`
`I./
`l
`420
`
`J _;
`430
`
`,rJ
`
`3_6_Q
`
`FIGR 4
`
`LGE-1016 / Page 4 of 15
`
`
`
`tit = N
`0--, = Oo w
`
`'N
`-....l
`rJl
`d
`
`O'I
`0 .....
`
`.i;...
`
`.....
`1J1 =(cid:173)
`
`('D
`('D
`
`......:i
`0
`0
`N
`
`N .... ~
`~
`~
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`./
`840
`
`/
`730
`
`SD POWERS DOWN
`
`SD STORES UNLOCK CODE
`
`STORES SD DEVICE ID, LAST KNOWN SD ~J
`830
`
`SS CREATES LOG ENTRY IN CENTRAL DATABASE!
`
`LCOATION (XYZ}, TIME, UNLOCK CODE, ETC.
`
`-020
`
`SD---+ SS
`
`Unloc~ Code ~
`AFxyz
`SS---+ SD h 810
`
`-../
`
`720
`
`\../
`
`EXCHM~GE PARAMETERS
`
`FOR LOCK!NG
`
`FIG~ 8
`
`720
`
`720
`
`BT Ll~JK IS KEPT ALIVE
`
`SD PO\NERS DOWN
`
`last xyz
`Device !D
`
`SD__,.. SS
`
`Unlock code
`BTAP xyz
`
`SS__,.. SD
`
`EXCHANGE PARAMETERS
`
`ACTIVATE LOCK
`
`FIG~ 7
`
`LGE-1016 / Page 5 of 15
`
`
`
`tit = N
`0--, = Oo w
`
`'N
`-....l
`rJl
`d
`
`O'I
`0 .....
`Ul
`.....
`1J1 =(cid:173)
`
`('D
`('D
`
`....:i
`0
`0
`N
`
`N .... ~
`~
`~
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`'J
`1050
`
`RECOVERED STOLEN SD
`
`1040
`
`..---..,.._,./
`
`NO
`
`NOTIFY RECOVERY TEAM
`
`CAPTURE LOCATION OF
`
`STOLEN SD.
`
`YES
`
`1020
`
`-"'-../
`
`/
`1010
`
`LAUNCH NETWORK WIDE SEARCH
`
`NOTIFY SD ow~~ER
`
`AND ARREST
`
`UPDATE SS LOG TO INDICATE
`
`SD STOLEN
`
`920
`
`SEARCH AND
`
`ARREST
`
`FIGm 10
`
`SEARCH AND
`
`ARREST
`
`(..J
`)
`920
`
`740
`
`·...._/
`
`MAINTAIN LOCK
`
`NO
`
`740
`
`MAINTAIN LOCK
`
`FIG~ 9
`
`LGE-1016 / Page 6 of 15
`
`
`
`U.S. Patent
`
`Aug. 21, 2007
`
`Sheet 6 of 6
`
`US 7,260,835 B2
`
`FIG~ 11
`
`DEACTIVATION OF LOCK
`TRIGGERED
`
`1i10
`/
`
`PROMPT USER TO INPUT
`UNLOCK CODE
`
`1120
`'-.._.,...I
`
`VERIFY USER SUPPUED
`UNLOCK CODE WITH SS
`
`,_/
`1130
`
`NO
`
`YES
`
`920
`(sEARCH AND ARREST)"'-/
`
`YES
`
`c UNLOCK CD )"'-../
`
`1150
`
`LGE-1016 / Page 7 of 15
`
`
`
`2
`circuits, control logic, memory and an antenna (and a battery
`in the case of active tags) mounted to a substrate for
`providing remote identification. However, such RFID sys(cid:173)
`tems require dedicated wireless communications, and con(cid:173)
`tain no general wireless data communications capabilities.
`Another drawback is that the user has purchase the RFID
`tags, the tag reader, and setup the environment specifically
`for the RFID service. RFID tags can also be cost prohibitive
`as each RFID tag can vary from 50 cents to $150 based on
`10 the desired capabilities.
`Accordingly, there is a need for a new type of asset
`security and wireless tracking system for electronic devices
`such as portable computers that can be easily and effectively
`implemented with an industry standard communications
`wireless technology such as Bluetooth™ to provide access
`control, tracking and security services of varying complexity
`without any additional hardware overheads.
`
`15
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`US 7,260,835 B2
`
`1
`BLUETOOTH™ BASED SECURITY SYSTEM
`
`TECHNICAL FIELD
`
`The present invention relates to a security system, and
`more particularly, relates to an adhoc security system for
`electronic devices such as portable computers equipped with
`Bluetooth™ for providing access control, tracking and secu(cid:173)
`rity services of varying complexity without any additional
`hardware overheads.
`
`BACKGROUND
`
`Electronics devices such as notebook and laptop comput(cid:173)
`ers have become increasingly compact and portable and, as
`a result, increasingly vulnerable to unauthorized use, theft or
`loss. This is because these portable computers are small,
`expensive and may contain very valuable information.
`Many computers, especially portable computers, have
`been secured from unauthorized use, theft or loss by mecha- 20
`nisms based on principles of prevention, deterrence or
`A more complete appreciation of exemplary embodiments
`recovery. Prevention mechanisms may include physical
`of the present invention, and many of the attendant advan(cid:173)
`locking devices which lock portable computers to docking
`tages of the present invention, will become readily apparent
`stations. Deterrence mechanisms may include myriad alarm
`as the same becomes better understood by reference to the
`systems which employ various deterrence methods, includ- 25
`following detailed description when considered in conjunc(cid:173)
`ing sound and visual alarms to deter an unauthorized person
`tion with the accompanying drawings in which like refer(cid:173)
`or a thief from stealing the portable computers. Recovery
`ence symbols indicate the same or similar components,
`mechanisms may include various systems for providing
`wherein:
`automatic disabling of portable computers and/or for locat(cid:173)
`ing and tracking stolen portable computers for recovery via 30
`FIG. 1 illustrates an example Bluetooth™ based security
`existing radio communication infrastructures or existing
`system according to an embodiment of the present inven(cid:173)
`cellular network infrastructures.
`tion;
`One typical example of computer tracking systems for
`FIG. 2 illustrates an example system platform of a secu(cid:173)
`locating stolen computers is the use of a software (location
`rity server (SS) according an embodiment of the present
`tracking program) installed to instruct the computer to call 35 invention;
`a third party monitoring service at regular intervals. When
`FIG. 3 illustrates an example system platform of a secured
`the computer calls the monitoring service, the computer
`device (SD) such as a portable computer according an
`establishes a data link and transmits data to the monitoring
`embodiment of the present invention;
`service that identifies the computer. When the monitoring
`FIG. 4 illustrates an example Bluetooth transceiver of the
`service receives a call from the user's computer, the moni- 40
`secured device (SD) according to an embodiment of the
`taring service is able to determine the location of the
`present invention;
`computer by utilizing Caller ID. The location of the com(cid:173)
`FIG. 5 illustrates an example GPS receiver (sensor) of the
`puter may then be forwarded to a law enforcement agency
`secured device (SD) according to an embodiment of the
`so that the lost or stolen computer can be retrieved by the law
`45 present invention;
`enforcement agency.
`Alternatively, the location tracking program may also be
`FIG. 6 illustrates an example Bluetooth and GPS sub(cid:173)
`installed to identify if an e-mail is being sent from the lost
`system of the secured device (SD) according to an embodi(cid:173)
`or stolen computer and compare a sender address to a
`ment of the present invention;
`predetermined owner address. If the sender address matches
`FIG. 7 illustrates an example lock activation procedure
`the owner address, the e-mail is sent unimpeded. However, 50
`between a security server (SS) and a secured device (SD) of
`if the sender address does not match with the sender address,
`the Bluetooth™ based security system according to an
`then the e-mail is redirected to a third party such as a law
`embodiment of the present invention;
`enforcement agency to notify that the computer may have
`FIG. 8 illustrates an example parameter exchange proce(cid:173)
`been stolen. However, such location tracking systems are not
`dure for locking between a security server (SS) and a
`optimal because a third party monitoring service is required. 55
`secured device (SD) of the Bluetooth™ based security
`Another example location tracking systems are known as
`system according to an embodiment of the present inven(cid:173)
`Radio Frequency Identification (RFID) systems which are
`tion;
`available to uniquely identify and track devices equipped
`FIG. 9 illustrates an example lock maintenance procedure
`with RFID tags as disclosed, for example, in U.S. Pat. No.
`of the Bluetooth™ based security system according to an
`6,232,870 for Applications For Radio Frequency Identifica- 60
`embodiment of the present invention;
`tion Systems issued to Garber et al., U.S. Pat. No. 6,100,804
`FIG. 10 illustrates an example search and arrest procedure
`for Radio Frequency Identification System issued to Brady
`of the Bluetooth™ based security system according to an
`et al., U.S. Pat. No. 5,963,134 for Inventory System Using
`embodiment of the present invention; and
`Articles With RFID Tags issued to Bowers et al., and U.S.
`Pat. No. 5,838,253 for Radio Frequency Identification Label 65
`FIG. 11 illustrates an example lock deactivation proce(cid:173)
`issued to Wurz et al. A typical RFID tag (also known as
`dure of the Bluetooth™ based security system according to
`transponder) consists of a semiconductor chip having RF
`an embodiment of the present invention.
`
`LGE-1016 / Page 8 of 15
`
`
`
`US 7,260,835 B2
`
`3
`DETAILED DESCRIPTION
`
`The present invention is applicable for use with all types
`of electronic devices, including mobile devices and portable
`computers using all forms of radio networks. Examples of
`such radio networks may include Bluetooth™ based radio
`systems and IEEE 802.llb standard based radio systems
`designed for connecting a variety of mobile devices in a
`secure ad-hoc fashion. However, for the sake of simplicity,
`discussions will concentrate mainly on an example Blue(cid:173)
`tooth™ based radio system for providing ad-hoc security
`services of varying complexity for electronic devices
`equipped with Bluetooth technology, although the scope of
`the present invention is not limited thereto.
`As set forth in the "Specification of the Bluetooth System"
`by the Bluetooth Special Interest Group (SIG) at http://
`www.bluetooth.com/, Bluetooth™ wireless technology is a
`lowcost, low-power, short-range radio link for mobile
`devices and for WAN/LAN access points to offer fast and
`reliable digital transmissions of both voice and data over the
`globally available 2.4 GHz ISM (Industrial, Scientific and
`Medical) band without the need for a central network.
`Current Bluetooth™ based systems may provide up to
`100-meter range capability (but extendable to more than 100
`meters) and an asymmetric data transfer rate of 721 kb/sec
`between mobile devices and fixed voice/data access points
`(known as Bluetooth Access Points "BTAPs").
`The Bluetooth™ protocol supports a maximum of three
`voice channels for synchronous, CVSD-encoded transmis(cid:173)
`sion at 64 kb/sec, and treats all radios as peer units identified 30
`by unique 48-bit addresses in compliance with the Bluetooth
`specification. At the start of any connection, the initiating
`device is a temporary master. This temporary assigmnent,
`however, may change after initial communications are estab(cid:173)
`lished. Each master device may have active connections of 35
`up to seven slave devices. Such a connection between a
`master device and one or more slave devices forms a
`"piconet." Link management allows communication
`between piconets, thereby forming "scattemets." Typical
`Bluetooth™ master devices include cordless phone base 40
`stations, local area network (LAN) access points, laptop
`computers, or bridges to other networks. Bluetooth™ slave
`devices may include cordless handsets, cell phones, head(cid:173)
`sets, personal digital assistants, digital cameras, or computer
`peripherals such as printers, scanners, fax machines and 45
`other electronic devices.
`Bluetooth™ protocol also utilizes time-division duplex
`(TDD) to support bi-directional communications between
`mobile devices and BTAPs. Frequency hopping spread(cid:173)
`spectrum technology accommodating frequency diversity 50
`permits operation in noisy environments and permits mul(cid:173)
`tiple piconets to exist in close proximity. This is so since
`frequency diversity is inherent in frequency hopping, espe(cid:173)
`cially when it is wide, as in the case of Bluetooth™ (spread
`over a band of about 80 MHz). The frequency hopping 55
`transmission hops at a rate of 1600 hops per second over
`791-MHz channels between 2402 MHz and 2480 MHz.
`Various error-correcting schemes permit data packet protec(cid:173)
`tion by 113- and 2/3-rate forward error correction.
`Attention now is directed to the drawings and particularly 60
`to FIG. 1, an example Bluetooth™ based security system
`according to an embodiment of the present invention is
`illustrated. Such a Bluetooth™ based security system may
`be installed in a designated area such as a company site, a
`school, a building or an industry complex to provide ad-hoc
`security services for electronic devices such as portable
`computers equipped with Bluetooth (BT) without the need
`
`4
`for cables, chains or other mechanical components. The
`Bluetooth™ based security system serves to control and
`monitor the status of all secured devices or assets remotely,
`through the Internet or other networks whenever possible.
`As shown in FIG. 1, the Bluetooth™ based security
`system 100 comprises a central security server (SS) (also
`known as "security provider") 110, a network of Bluetooth
`(voice/data) Access Points (BTAPs) 120A-120N and one or
`more secured devices (SD) 130 equipped with Bluetooth™
`10 technology. All BTAPs 120A-120B may be strategically
`located at designated points where users are most likely to
`secure BT equipped devices temporarily (or permanently).
`The BTAPs 120A-120N may server to connect a secured
`device (SD) 130 to a communicating device via a secure
`15 (private) wireless link. For example, a secured device (SD)
`130 such as a portable computer equipped with Bluetooth™
`technology may link to a mobile phone (for example) that
`uses Bluetooth™ technology to connect to the Internet to
`access e-mail. Each BTAP 120A-120N may be installed at
`20 a pre-surveyed (known) location to establish a BT link for
`communication with the secured device (SD) 130 and
`enabling the secured device (SD) 130 to access the security
`server (SS) 110 and the Internet, for example.
`The central security server 110 may be connected directly
`25 or indirectly to all the BTAPs 120A-120N in the network,
`and may serve as a central point relative to the physical
`structure that houses the network of BTAPs 120A-120N.
`The central security server 110 may be connected to the
`Internet or other networks to provide security services,
`including remote monitoring and tracking of the secured
`device (SD) 130.
`FIG. 2 illustrates an example system platform of a secu-
`rity server (SS) 110 according an embodiment of the present
`invention. As shown in FIG. 2, the secured server (SS) 110
`may include, but not limited to, a processor subsystem 210,
`a data storage subsystem 220, and an I/O subsystem includ-
`ing an input device 240 and an output device 250.
`The processor subsystem 210 may include one or more
`processors or central processing units (CPUs) such as Intel®
`i386, i486, Celeron™ or Pentium® processors. The data
`storage subsystem 220 may include a volatile memory (e.g.,
`random-access-memory "RAM") for database 220A and a
`non-volatile memory (e.g., read-only-memory "ROM") for
`containing a security control software 220B to provide
`ad-hoc security services, including remote monitoring and
`tracking of secured assets (i.e., secured device 130) of the
`Bluetooth™ based security system 100, including searching
`and capturing the location of the lost or stolen secured
`device (SD) 130. The input device 240 may include a
`keyboard controller for controlling operations of an alpha(cid:173)
`numeric keyboard, a cursor control device such as a mouse,
`track ball, touch pad, joystick, and bar code reader for
`enabling an IT administrator (for example) to install the
`security control software 220B and change system settings
`and configurations. The output device 250 may include a
`printer, a display monitor, speakers and network devices for
`establishing connections with the Internet or other networks
`to provide security services, including remote monitoring
`and tracking of the secured device (SD) 130.
`FIG. 3 illustrates an example system platform of a secured
`device (SD) 130 such as a portable computer according an
`embodiment of the present invention. As shown in FIG. 3,
`the secured device (SD) 130 may include, but not limited to,
`a processor subsystem 310, a host chipset 320, a memory
`65 330 connected to the host chipset 320, a graphics/display
`subsystem 340 connected to the host chipset 320, the I/O
`subsystem 350 connected to the host chipset 320, a Blue-
`
`LGE-1016 / Page 9 of 15
`
`
`
`US 7,260,835 B2
`
`5
`tooth transceiver 360 including an antenna complex 362
`arranged to establish communication with any of the BTAPs
`120A-120N for security services and optionally, a Global
`Positioning System (GPS) receiver 370 including an antenna
`complex 372 or other satellite or land-based network 5
`arranged to provide radio positioning and navigation needs,
`including receiving information relating to the location or
`position of the secured device (SD) 130 relative to the
`BTAPs 120A-120N and determining a change in distance
`between the secured device (SD) 130 and a particular BTAP 10
`(e.g., ranging measurement from the BTAP).
`The processor subsystem 310 may also include one or
`more processors or central processing units (CPUs) such as
`Intel® i386, i486, Celeron™ or Pentium® processors.
`The memory 330 may correspond to a dynamic random- 15
`access-memory (DRAM), but may be substituted for read(cid:173)
`only-memory
`(ROM),
`video
`random-access-memory
`(VRAM) and the like. Such a memory 330 may store an
`operating system (OS) 330A such as Windows™ 95/98 and
`Windows™ 2000 for use by the processor subsystem 310, 20
`and information and instructions such as a security control
`software 330B for activating/deactivating a lock with the
`BTAPs 120A-120N of the Bluetooth™ based security sys(cid:173)
`tem 100.
`The graphics/display subsystem 240 may include, for
`example, a graphics controller, a local memory and a display
`monitor (e.g., cathode ray tube, liquid crystal display, flat
`panel display, etc.).
`The IO subsystem 250 may provide an interface with a
`variety of I/O devices and the like, such as: a Peripheral
`Component Interconnect (PCI) bus (PCI Local Bus Speci(cid:173)
`fication Revision 2.2 as set forth by the PCI Special Interest
`Group (SIG) on Dec. 18, 1998) which may have one or more
`I/O devices connected to PCI slots, an Industry Standard
`Architecture (ISA) or Extended Industry Standard Architec(cid:173)
`ture (EISA) bus option, and a local area network (LAN)
`option for communication peripherals such as telephone/fax/
`modem adapters, answering machines, scanners, personal
`digital assistants (PDAs) etc; a super I/O chip (not shown)
`for providing an interface with another group of I/O devices
`such as a mouse, keyboard and other peripheral devices; an
`audio coder/decoder (Codec) and modem Codec; a plurality
`of Universal Serial Bus (USB) ports (USB Specification,
`Revision 2.0 as set forth by the USB Special Interest Group
`(SIG) on Apr. 27, 2000); and a plurality of Ultra/66 AT
`Attachment (ATA) 2 ports (X3T9.2 948D specification;
`commonly also known as Integrated Drive Electronics (IDE)
`ports) for receiving one or more magnetic hard disk drives
`or other I/O devices.
`The USB ports and IDE ports may be used to provide an
`interface to a hard disk drive (HDD) and compact disk
`read-only-memory (CD-ROM). I/O devices may include,
`for example, a keyboard controller for controlling operations
`of an alphanumeric keyboard, a cursor control device such
`as a mouse, track ball, touch pad, joystick, etc., a mass
`storage device such as magnetic tapes, hard disk drives
`(HDD), and floppy disk drives (FDD), and serial and parallel
`ports to printers, scanners, and display devices.
`The host chipset 220 may correspond to, for example, in
`Intel® 810, Intel® 870 and 8XX series chipsets which
`include, for example, a memory controller hub (MCH) for
`controlling operations of the main memory 330 and an IO
`controller hub (ICH) for controlling operations of a variety
`of I/O devices, via standard PCI, ISA or EISA bus.
`The Bluetooth transceiver 360 contains an identification
`(ID) number unique to the secured device (SD) 130 for
`identification and lock-in communication with any one of
`
`6
`the BTAPs 120A-120N strategically located at designated
`points where the secured device (SD) 130 is most likely
`secured temporarily (or permanently). Such a Bluetooth
`transceiver 360 typically provides compatibility between the
`radio waves used in the Bluetooth™ based security system
`100. As shown in FIG. 4, the Bluetooth transceiver 360
`typically includes a radio-frequency (RF) unit 410 arranged
`to transmit/receive radio waves to/from any one of the
`BTAPs 120A-120N, via the antenna complex 362; a base(cid:173)
`band unit 420 arranged to establish link set-up (control) and
`support for link management between the secured device
`(SD) 130 and the BTAPs 120A-120N in compliance with the
`"Specification of the Bluetooth System", including user
`authentication and link authorization; and optionally, a Blue(cid:173)
`tooth data processor 430 arranged to process sample Blue(cid:173)
`tooth data, including the location of the last BTAP that the
`secured device (SD) 130 connected thereto.
`In one example embodiment, the Bluetooth transceiver
`360 can determine information relating to the location or
`position of the secured device (SD) 130 relative to the
`BTAPs 120A-120N by communicating with several BTAPs
`120A-120N.
`The GPS receiver (sensor) 370 may be part of an accurate
`three-dimensional global positioning satellite (GPS) system
`25 to provide radio positioning and navigation needs. As shown
`in FIG. 5, the GPS receiver 370 may also include a radio(cid:173)
`frequency (RF) unit 510 arranged to receive GPS data from
`a plurality of GPS satellites (not shown), via the antenna
`complex 372; a baseband unit 520 arranged to sample GPS
`30 data; and optionally, a GPS data processor 530 arranged to
`process sample GPS data relating to the location or position
`of the secured device (SD) 130 relative to the BTAPs
`120A-120N and determine a change in distance between the
`secured device (SD) 130 and a particular BTAP (e.g.,
`35 ranging measurement from the BTAP).
`More specifically, the GPS receiver 370 may track
`pseudo-random noise from a plurality of GPS satellites, via
`the antenna complex 372 and generate therefrom time-of(cid:173)
`arrival values. Thereafter, the GPS data processor 530 may
`40 sample the time-of-arrival values from the GPS constellation
`for each of the GPS satellites (not shown) and multiply the
`sample data by the speed of light to produce a plurality of
`pseudo-range measurements. The GPS data processor 530
`then adjusts these pseudo-range measurements to compen-
`45 sate for deterministic errors such as the difference between
`each satellite's clock and GPS system time, atmospheric
`distortion of GPS signals and other considerations such as
`relativity factors. The GPS data processor 530 may include
`an instruction set which gathers the information necessary to
`50 compute adjustments to the pseudo-range measurements
`from a 50 Hz digital data stream which the GPS satellites
`broadcast along with their precision and coarse acquisition
`code. After the GPS data processor 530 makes all the
`necessary adjustments to the pseudo-range measurements,
`55 the position/time solution process may then be performed to
`determine the present GPS receiver antenna position. The
`GPS data processor 530 may compute its X, Y, Z position fix
`in terms of the World Geodetic System adapted in 1984,
`which is the basis on which the GPS develops its worldwide
`60 common grid references. Generally, the X, Y, Z coordinates
`are converted to latitude, longitude and altitude map datum
`prior to output. The GPS position solution is intrinsically
`referenced to the electrical phase center of the antenna.
`Finally, the GPS data processor 520 may compute clock bias
`65 results which are one of the parameters to be considered in
`addition to the X, Y, Z coordinates. The clock bias may be
`computed in terms of the time offset of the clock in the GPS
`
`LGE-1016 / Page 10 of 15
`
`
`
`US 7,260,835 B2
`
`7
`receiver 370 versus GPS system time. Accordingly, the
`secured device (SD) 130 receives the GPS position data
`which information is processed to establish the present
`position of the secured device (SD) 130 relative to the
`BTAPs 120A-120N.
`Both the Bluetooth transceiver 360 and the GPS receiver
`370 may be integrated into the host chipset 220 as system(cid:173)
`on-chip designs that is compatible with ASIC (Application(cid:173)
`Specific Integrated Circuit) design flows. Alternatively, the
`Bluetooth subsystem 260 and the GPS subsystem 270 may 10
`be separate "plug-and-play" modules or a single "plug-and(cid:173)
`play" module, including the ASIC and passive components
`for communications over longer distances.
`FIG. 6 illustrates an example Bluetooth and GPS sub(cid:173)
`system 360 and 370 of the secured device (SD) 130 accord- 15
`ing to an embodiment of the present invention. As shown in
`FIG. 6, the Bluetooth and GPS subsystem may include, but
`not limited to, a Bluetooth/GPS radio-frequency (RF) unit
`610, a radio interface 620, a GPS tracking unit 630, and a
`Bluetooth/GPS data processor 640. The Bluetooth/GPS 20
`radio-frequency (RF) unit 610 may track both GPS data
`(pseudo-random noise form a plurality of GPS satellites) and
`Bluetooth data, via an integrated antenna complex (not
`shown) under control of the GPS tracking unit 630. The
`Bluetooth/GPS data processor 640 may then process GPS 25
`data and Bluetooth data substantially the same way as
`described with reference to FIGS. 4 and 5.
`Referring back to FIG. 1, the operation of the central
`security server (SS) 110, the BTAP 120A, for example, and
`the secured device (SD) 130 of the Bluetooth™ based
`security system 100 may be described as follows:
`When a secured device (SD) 130 equipped with Blue(cid:173)
`tooth™ (also known as "client device") makes a BT con(cid:173)
`nection with any of the BTAPs 120A-120N capable of
`providing security, two important attributes of the secured
`device (SD) 130 are captured by the BTAP 120A-120N and
`registered in the database 220A maintained at the central
`security server (SS) 1110 (see FIG. 2). These attributes
`includes (1) the unique device ID of the secured device (SD)
`130, and (2) the last known location of the secured device
`(SD). The attributes may be derived from the location of the
`last BTAP 120A-120N that the secured device (SD) 130
`connected thereto, or alternatively, may be obtained through
`an onboard GPS receiver 370.
`The BTAP 120A, for example, may in turn provide its
`own (known) location (X, Y, Z coordinates) to the secured
`device (SD) 130. The secured device (SD) 130 may choose
`to use this information (X, Y, Z coordinates) in a variety of
`different ways. One of the ways, as mentioned above, is to
`provide this information to facilitate its next connection with
`another one of the BTAPs 120A-120N.
`The central security server (SS) 110 may be configured,
`via the security control software 220B, to log the informa(cid:173)
`tion provided by the BTAPs 120A-120N, to activate and
`maintain lock with the secured device (SD) 130, and provide
`an "unlock code" (which may be randomly selected) to the
`secured device (SD) 130 upon request from the secured
`device (SD) 130 for storage for future use, and subsequently
`notify the owner (user) of the secured device (SD) 130 ifthe
`secured device (SD) 130 is lost or stolen