US005748084A
`[11] Patent Number:
`United States Patent 19
`[45] Date of Patent:
`Isikoff
`
`
`5,748,084
`May 5, 1998
`
`[54] DEVICE SECURITY SYSTEM
`
`[76]
`
`Inventor:
`
`Jeremy M.Isikoff. 5840 Cameron Run
`Terr., #1527. Alexandria, Va. 22303
`
`Primary Examiner—Jetfery Hofsass
`Assistant Examiner—Benjamin C. Lee
`Attorney, Agent, or Firm—Lahive & Cockfield. LLP
`[57]
`ABSTRACT
`
`[56]
`
`4,494,114
`4,742,357
`4,818,998
`4,908,608
`4,908,629
`4,954,836
`4,985,695
`
`..
`
` 5,021,794—G/N99L Lawrence ...--oerveereseeeeensensens 342/457
`
`An object tacking, communication, and management sys-
`(21) Appl. No.: 751,842
`tem for a laptop computer or similar device. wherein a
`4.
`beaconortransceiver in the computer implements file integ-
`[22] Filed:
`Nov. 18, 1996
`tity or device recovery steps. The beacon protects data, or
`[51] Et, CLe cececcscccssscccceseseenesseesensecenseetons GO8B 13/14
` ‘tTansmits files or data from computer storage back to the
`[52] US. CD. cessnineieenscsnene 340/568; 340/571; 340/539,
`
`owner or authorized party, cither automatically or in
`340/825.31; 395/182.04; 395/182.13; 395/489;
`response to a request for data recovery, and may broadcast
`395/186; 395/187.01
`2 Signal for tracking and recovery of the computer after a
`[58] Field of Search ..ccsssccusnsneneesue 340/571, 568,
`theft. Preferably the system also operates in a normal mode
`340/825.31. 691, 539: 395/182.04 182. 13.
`© provide or acquirefiles or data, to or from a remote
`ee 489 186 187 01
`oo location, as either requested by the operator or by a third.
`References Cited
`calling or transmitting party, or automatically. for normal
`communications or data upkeep. Whenactivated as a secu-
`U.S. PATENT DOCUMENTS
`rity device it implements strategic machine controlincluding
`11985 Kash secsssnueernenenesen 340782531
`Babling, disabling. or modifying functionsof the computer
`5/1988 Rackley ssecsessnssssersussersene 342/457
`and communication of data. The system includes a beacon
`
`4/1989 Apsell etal.
`. 342/44
`with preferably both a transmitter and a receiver, internal
`3/1990 Reinke et al.
`..
`340/571
`security logic, and external system elements for locating the
`
`
`3/1990 Apsell et al.
`...
`vere 342/457
`beacon via either RF tracking or the communication ofits
`9/1990 Sakuma..............
`wes 342/450
`position coordinates back to the ownervia the transmitter. A
`1/1991 Wilkinson et al.
`.
`.. 340/571
`combination of hardware and/or software within the beacon
`and the host system initiates and coordinates operation of the
`cee see aforementioned communications or security features.
`5798lis ew wycot etal.
`“340571
`Tamper detection logic implemented in software or hard-
`3317304
`5/1994. Choi...
`340/387
`ware responds to tampering or removal of the beacon or
`5,327.144
`7/994 Stilp etal.
`wm 370/18
`Other components by alerting via the transmitter and/or
`5,365,516
`11/1994 Jandrell
`......
`$406,261
`471995 GHeMn .sccsscssccsccossccnsenreevseneeeees 340/571
`disabling functionality of the host. Preferably low level
`seen 342/357
`codes operate at the bios level to assure effective operation
`§,418,537
`5/1995 Bird ...........
`.. 342/457
`even when higher level software or plug-in components
`5,485,163
`1/1996 Singeret al.
`3/1996 Fast 00...ccsssscsesenencnsenssennenees 340/988
`have been overridden or removed.
`5,497,149
`5,508,708
`4/1996 Ghosh et al.
`wee 342/457
`5,578,991
`11/1996 Scholder .......csssescsescoescnsseseesses 340/571
`
`~
`
`18 Claims, 6 Drawing Sheets
`
`le
`
`Files, Faxes, Email,
`Commands, Voice
`
`YY
`”
`socnsniees ET
`Y
`soonmae
`
`<r
`
`120
`
`Direction Finding
`or Other Location
`Equipment
`
`To Network
`|e
`
`US Patent No. 6,411 941
`
`HTC EX. 1016
`HTC v. Ancora
`
`Page 1
`
`Page 1
`
`HTC EX. 1016
`HTC v. Ancora
`US Patent No. 6,411,941
`
`

`

`U.S. Patent
`
`May5, 1998
`
`Sheet 1 of 6
`
`5,748,084
`
`Ol
`ye
`
`\\
`
`
`
`‘Trew‘saxe‘Safty
`
`
`
`dd10A.‘SPUBUIWOT)
`
`YIOMIONOL
`
`—_—____—_——_
`
`O@T
`
`{7
`
`duto7)dod(7=.mroeWS0,
`—,
`
`
`
`BUIPULUOT}OOIIC
`
`
`
`IN|UOTILIO’TJOIO10
`
`juaudinbg
`
`Jams]
`
`Page 2
`
`Page 2
`
`
`

`

`US. Patent
`
`May5, 1998
`
`Sheet 2 of 6
`
`5,748,084
`
`Page 3
`
`Figure2
`
`tn
`™——
`
`No
`
`m)S|
`
`101
`
`—
`
`Page 3
`
`

`

`U.S. Patent
`
`May5, 1998
`
`Sheet 3 of 6
`
`5,748,084
`
`JamodgWaysks
`
`wapoyyBed
`
`
`
`Ofa1807Or
`
`
`
`[oo0}01gJOATQOSURI|pure
`qeqny[ap
`
`
`
`a1807]AyInsas
`
`
`
`Jossas01doss
`
`
`
`our]ou0ud
`
`aoeplequy
`
`suoydoio1ypy
`
`
`
`JovJIOIU]Jaywads
`
`
`
`yoerauoud
`
`euuauy
`
`09
`
`
`
`Joyndusoz0}syeusigjoUO7)randui07)0}Beq
`
`
`
`
`
`€ans]
`
`Page 4
`
`Page 4
`
`
`
`
`
`
`
`
`

`

`U.S. Patent
`
`May 5, 1998
`
`Sheet 4 of 6
`
`5,748,084
`
`VIDWOdTLYOSSAOOUd
`SLOTSwonon
`
`
`TlSLYOdAGNVHOVAYALNIAVTdSId
` |awowan|
`
`AYHLIVE
`
`GOJoNSIC
`
`HATad
`
`“
`OOT
`
`pamsiy
`
`Page 5
`
`Page 5
`
`
`
`
`

`

`U.S. Patent
`
`May 5, 1998
`
`Sheet 5 of 6
`
`5,748,084
`
`
`
`Page 6
`
`Page 6
`
`

`

`U.S. Patent
`
`May5, 1998
`
`Sheet 6 of 6
`
`5,748,084
`
`002
`
`SOT
`
`UOTJVATIOV
`Iapooeq
`[090101
`JOATOIOY
`
`902
`
`re
`
`9ashy
`
`Z0¢
`
`Page 7
`
`Page 7
`
`
`
`
`
`

`

`5,748,084
`
`1
`DEVICE SECURITY SYSTEM
`
`FIELD OF THE INVENTION
`
`This invention relates to a system for locating. commu-
`nicating with and managing expensive assets and in particu-
`lar laptop computers and other portable electronic devices
`that include a microprocessor and memory.
`BACKGROUND
`
`10
`
`2
`neither readily detected nor easily removable. In that posi-
`tion it includes or controls a communications link which is
`preferably a two-way RF link, such as a cellular phone link.
`and a security module operates or controls the device to
`initiate or perform object location and file integrity or data
`security functions.
`The security module includes file (i.e., data) security and
`device security functions, which are initiated upon receipt of
`an actuation signal indicating theft of the computer, and
`which thereafter utilize battery power from the laptop’s
`power pack and available resources to preferentially imple-
`mentfile integrity and tracking/alarm functions. Preferably
`it disables certain portions of the computer to conserve
`power to effect a set of priority tasks. The actuation signal
`is preferably a broadcast signal. sent over a regional area
`once the owner learns that the computer has been stolen;
`however actuation may also be triggered by an internal
`alarm condition, for example a signal indicative that the user
`has failed to enter a required code or has attempted to
`remove or disable a component. The file integrity or
`tracking/alarm functions preferably include at least one and
`preferably more of the operations of broadcasting outcritical
`files, destroying or encrypting files. and transmitting a
`tracking RF signal such as a cellular phone signal with a
`code or message identifying the stolen computer.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`15
`
`235
`
`30
`
`As computers and other expensive consumer electronic
`devices become smaller and more portable, the risk of their
`being stolen increases dramatically. Of particular concern is
`the rising rate of laptop computer theft. Recent reports
`indicate that laptop computers are being stolen at the rate of
`1500a dayin the United States alone, and account for almost
`a billion dollars in losses annually. Even more important
`than the actual dollar value of losses posed by this trend is
`the potentially devastating loss of the crucial information
`and data files contained on the stolen computers. Presently.
`business people store everything from addresses to corporate
`secrets on their laptop computers, and loss of this data can
`be of a magnitude to maketheloss of the computer hardware
`itself seem insignificant. It has even been reported that
`foreign governments hire spies to steal the laptops of For-
`tune 500 employces in order to obtain corporate secrets.
`Solutions are needed for this and related theft problems.
`Unfortunately the approaches that have in the past been
`directed to the recovery of stolen items have proved too
`FIG.1 illustrates a beacon-equipped laptop computer in
`impractical to be effective against this problem. Solutions
`accordance with the present invention;
`like those offered for automobiles, incorporating large trans-
`FIG. 2 illustrates a physical layout of the beacon in one
`mitters or GPS receivers and position data transmitters, are
`embodiment of the invention;
`too unwieldy for incorporation in a laptop, or their imple-
`FIG.3 illustrates a preferred laptop embodiment of the
`mentation would be economically prohibitive, or result in
`invention communicating via cellular telephone;
`35
`poor performance when located within a building.
`FIG.4 illustrates interconnection of the beacon inalaptop
`A number of security systems designed particularly for
`computer and its interconnections with various parts of the
`laptop computers have not been effective. Alarms and
`host computer system;
`motion sensors are susceptible to false alarms which may
`FIG. 5 shows a cut-away view of a laptop computer with
`quickly frustrate the user into not using them. Additionally,
`the beacon and an antennainside; and
`these devices do nothing after the computer is stolen.
`FIG. 6 illustrates another embodiment of the invention
`Software solutions which control the computer to automati-
`configured to perform security and recovery within a paging
`cally dial up a predetermined number have shownlimited
`network.
`effectiveness, probably because they can easily be removed
`or because they simply do not function if the stolen com-
`puter is not plugged into a phone line.
`
`45
`
`DETAILED DESCRIPTION
`
`SUMMARY OF THE INVENTION
`
`These and other problems are addressed by the system
`and devices of the present invention for the location, com-
`munication with, and management of small electronic
`devices, especially laptop computers but also other
`microprocessor-containing devices or instruments. For sim-
`plicity laptop embodiments are discussed. A tamperproof
`beacon unit including a transponder or transceiver is placed
`within the laptop computer. Under normal circumstances the
`beacon implements a standard communication function for
`the general communications needs of the device such as
`e-mail, voice, data, fax, internet or other communication
`task. When theft of the computer occurs, however,
`the
`beacon is activated with a security control program to secure
`crucial data in the computer’s storage, to enable or disable
`functions of the computer, and to either transmit or destroy
`or hide sensitive data. The beacon’s transmission signal is
`preferably also trackable to locate and recover the stolen
`computer.
`In one embodiment the device resides in a laptop com-
`puter andis largely incorporated in the mother boardsoit is
`
`50
`
`35
`
`65
`
`invention
`The preferred embodiment of the present
`addresses the foregoing problems using an existing cellular
`telephone network to provide a novel and cost-effective
`solution to the problem of laptop theft while at the same time
`providing a complete two-way mobile communications and
`asset management system. In this embodiment, a beacon
`comprised of a cellular transceiver and a modem is installed
`in the laptop computer or electronic device which is to be
`protected, in such a way that removal or disabling of its
`operative elements is difficult or will impair the normal or
`useful operation of the computer. The transceiver is config-
`ured in a manner knownin the art to send and receive data
`or programs, so as to implement the general communica-
`tions and management needs of the end-user under normal
`circumstances; butit is also configured as described further
`below for data recovery or the tracking of the computer after
`a theft, in which case it operates to expedite return of the
`stolen computer and preferably also transmit important data
`to the rightful owner; to protect the integrity of the data
`contained on the machine; to assist in the capture of the
`thief; and to serve as a deterrent against theft. This operation
`substantially enhances value, yet is achieved at little addi-
`
`Page 8
`
`Page 8
`
`

`

`5,748,084
`
`3
`tional premium over the cost of the basic communications
`hardware. Implementation of such security features takes
`several forms in different embodiments of the invention
`described below.
`FIG. 1 shows a beacon equipped laptop computer 100 of
`the present invention configured for operating within a
`terrestrial cellular network, represented by relay station 116.
`Mobile communicationsofall types are relayed between the
`laptop computer and the local cellular transceiver. Such
`communications may consist of voice, data, faxes, e-mail.
`pages. file transfers etc. and may be initiated by either the
`laptop computer user or a calling party. Thus in this
`embodiment,
`the computer contains a cellular phone
`transceiver, and this transceiver is activated by various
`voluntary or automated applications,
`to effect the above-
`enumerated communications functions in a manner known
`in the art. That is, it may be manually initiated by a user
`calling out, connecting to another computer or network, and
`sending or receiving data, or it may include software of a
`type knownin the art to effect automatic file transfer and
`data backup with a remote host or network, at scheduled
`intervals. The substantial functionality implementedin this
`embodiment of the invention allows the major hardware
`components to be subsumed under the cost of a necessary
`hardware accessory application, such as a cell modem file
`saver, for which the high cost is acceptable for many users
`and the marginal cost of the security-specific hardware and
`software for implementing the invention, described further
`below, is low.
`As noted, the security system includes a cellular phone RF
`communications assembly. This device transmits radio
`waves so that an external tracking circuit may pinpoint the
`location of the device by suitable detection e.g., using a
`two-point mobile receiver/signal comparator such as a direc-
`tional finder mounted in a police vehicle. For a cellular-
`based system such tracking can be effected largely auto-
`matically using existing cellular technology which monitors
`broadcast i.d, and signal strength in each cell, supplemented
`with the detailed signal evaluation such as is employed for
`example for tiangulating from cells to pinpoint the source
`of emergency (911) cellular telephone calls. FIG. 1 also
`illustrates a tracking apparatus 120 for locating the laptop
`computer by monitoring its RF transmissions emanating
`from the beacon. These RF signals may be followed to track
`the computerto its new location.
`if the computer is stolen the beacon is advantageously
`also activated to secure its data. This is done in one or more
`of several ways; it operates to recover or destroy important
`data, or to disable the computer. The particular security
`measures to be effected may be set in advance, or may be
`controlled by an external communication, in which case the
`user or law-enforcement authorities may make the decision
`as to which of these steps is appropriate.
`A physical design of the preferred embodimentis illus-
`trated in FIG. 2. Key aspects of this design are the integra-
`tion of device components, having small size and low-
`profile packaging into the layout of existing laptop computer
`designs. FIG. 2 illustrates a small hybrid-packaged beacon
`101 using a loop antenna 102 integrated into the computer
`housing.
`In general, a cellular embodiment of the beacon is com-
`prised ofthe various circuit elements shownin FIG. 3. These
`include a cellular transceiver 10, a data modem 20, a
`back-up battery 25, a microprocessor 30, memory 40, addi-
`tional security logic 45, a phone line interface 50, a micro-
`phone and speaker interface 55, an antenna 66, and connec-
`
`4
`tions 70, 72 to the host computer and its phone and
`microphone jacks 81, 82.
`The beacon may be implemented in a removable package
`that communicates with the laptop processor or various
`sybsystems thereof via a cryptographic exchange, to effec-
`tively prevent unauthorized removal or bypassing of its
`security logic. As discussed more fully below, various power
`or device control signals may be routed through or from the
`beacon, such that it disables parts of the laptop when the
`device is stolen, for example by erasing the hard disc,
`removing the drive power, or otherwise. It may alsoinitiate
`a locally detectable alarm, such as an alarm soundor a theft
`message displayed on the screen.
`As shown in FIG. 4 and FIG. 5 the beaconis built-in to
`the computer 100 and hasaccessto various system resources
`such as the hard drive 102 and the battery 104. Preferably,
`as shown, the battery powerfor the laptop is routed through
`the beacon, which controls a switch to cut power to the
`computer 100 or various subsections thereof. The beacon
`communicates with the computer via the I/O logic 108 and
`the beacon has connectionsto the interface ports 112 of the
`computer,¢.g., to the phone jack and microphone jack on the
`back of the computer. In addition, as shown in FIG.5, the
`antenna 60 for the beacon 101 is incorporated into the design
`for the computer allowing many possibilities for different
`antenna configurations. In particular. the antenna may be
`formed by suitably-dimensioned conductive paths on a flex
`circuit or by metal tape adhered to the laptop housing or
`cover, or otherwise positioned to enhance its sensitivity
`and/or improve its reception or operation. Preferably, a
`simple circuit coupled to the antenna confirms antenna
`integrity, ie., provides an internally-detected alarm indica-
`tion if the antenna is cut or removed.
`It is envisioned that the beacon itself be permanently
`attached to the computer, however it is possible that for the
`purposes of upgradingits functionality it may be made as a
`removable chip or assembly.
`Jn either case, additional security is preferably achieved
`by configuring the beacon such that the computer docs not
`function properly withoutthe beacon in place. The invention
`contemplates several ways of implementing this operation,
`including logic verification of hard-wired connection or
`function of critical components, such as by an antenna check
`circuit as described above. In an alternative embodiment of
`the invention,
`the beacon is contained in a removable
`PCMCIA card or other upgradable type of package in
`combination with firmware or other logic which assures that
`only authorized users can removeit or change it. In such an
`embodiment. when the PCMCIA or other upgradable pack-
`age is removed by an unauthorized person, the computer
`ceases to function, rendering it valueless. Such operation
`may be implemented by using access control software which
`informs the computer through password verification that an
`authorized person is removing or upgrading the beacon. The
`beacon may also contain a serial number or other identifi-
`cation mechanism to inform the host computer ofits identity.
`In other or further tamper protection implementations, when
`the beacon determines that the antenna has been destroyed
`or tampered with, it actuates its various internal security
`protocols described below.
`In additional embodiments, the invention contemplates a
`system wherein an external operation stimulus is provided to
`ensure that the beacon is in place and operating normally.
`This external stimulus may be, for example. a periodic radio
`or telephone message from outside which resets or enables
`the computer for twenty-four hours. In that case, when the
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`65
`
`Page 9
`
`Page 9
`
`

`

`5,748,084
`
`5
`this external message is
`computer is reported stolen,
`withheld, and failure to receive the message initiates the
`complete disabling of the computer; i... the beacon shuts
`the computer down whenit has not received an authorization
`call via cellular telephone within a twenty four hour interval.
`In other embodiments, the security device may also be
`triggered by actual receipt of a message broadcast by the
`user indicating theft. A similar triggering condition may be
`implemented by use of the CDPD network to require a user
`to log on to the laptop and acquire session tickets. as with the
`KERBEROSsystem. for example.
`In addition to the hardware communications beacon, the
`system also includesinterface software present on the laptop
`computer which provides the user interface with the com-
`munications and management features of the beacon and
`provides a meansfor the user to accessall of the features of
`the beacon. Certain aspects of the software are preferably
`incorporated into the laptop computer’s built in firmware for
`reasons of security, as described further below.
`This beacon operation is as follows: incoming commu-
`nications signals are received through the antenna by the
`cellular transceiver circuitry. This circuitry passes on the raw
`received signals to the protocol logic and data modem. The
`protocol logic and data modem determine what type of
`signal is being received and hence which mode the beacon
`should be operating in. The wireless modes of operation
`include an incoming voice telephonecall, an incoming fax,
`an incoming data modem call, or an incoming CDPD packet.
`This information is passed onto the microprocessor which
`determines what actions need to be taken within the beacon,
`and what signals need to be sent to the host computer. The
`laptop computer preferably relays, or passes the information
`to, the beacon interface software for processing.
`For an incoming Voice call the microprocessor alerts the
`host computer via an interrupt or other hardware notification
`route. The interface software determines the appropriate
`response depending upon the state of the computer and the
`user’s settings. If the computer is in use, the beacon interface
`software may provide a visual indication that an incoming
`voice call has been detected and request that the user either
`answer the call or passit on to a voice messaging system. If
`the computer is not in use, an audio alert can be generated
`or the call passed on to an automatic messaging system.
`In the event of an incoming data or fax call the micro-
`processor instructs the data modem to connect and then
`waits for the modem to produce data. Once data begins to be
`received, the microprocessor temporarily stores the data in
`memory and alerts the host computer. The host computer
`passes the data to the beacon interface software which
`queries the beacon as to what kind of data it is. Depending
`on the type of data, an alert is generated for the user
`displaying information about the data, its origin, and the
`length of the transfer. For faxes and e-mail, applications may
`automatically open for the user to view the data or to
`immediately respondvia the already established connection.
`This conventional communications operation is altered
`when the security functions becomeactive.
`In that case, when an external communication is a post-
`theft call to initiate security operation, the incoming data call
`preferably also contains low-level beacon control com-
`mands which are interpreted by the beacon prior to the
`alerting or passing of the data to the computer. Such codes,
`for example, may be present in a header which the beacon
`reads and strips before passing the remaining data onto the
`beacon interface software on the computer. In a practical
`embodiment of one aspect of the invention these low-level
`
`6
`least some of the security
`control codes implement at
`features of the device. Such features may include the dis-
`abling or interruption of power to all or to specific parts of
`the computer, the sounding of an alarm, or the erasure of the
`hard drive. The invention also contemplates the provision of
`other security codes which instruct the beacon to initiate a
`file-transfer call, in which case the microprocessor stores in
`memory the namesortypesoffiles to be transferred and the
`telephone number, fax number or e-mail address to which
`the files are to be transferred, as well as the time for the
`transfer to take place. The microprocessor then signals the
`host computer’s low level beacon interface software to
`initiate the transfers. Some of the low level security code
`functions are performed by the security logic which may
`implement power switching and other simple hardware
`controls.
`By “low level security codes” we distinguished from
`other higher level codesthat are interpreted by the high-level
`beaconuser interface. The purpose of the low-level codes is
`to perform the emergency functions under extreme circum-
`stances. This includes the event that the high-level user-
`interface software is removed. Thatis, the low-level instruc-
`tions are executed at a level in the computer at which the
`removal of the means of interpreting and executing instruc-
`tions would cause the computer to cease to function atall.
`A preferred location for these instructions to be handled is
`within the computer’s on-board bios. In this manner, the
`low-level security features are made secure against tamper-
`ing; for example they are not impaired if a thief erases the
`hard disk, or changes an accessory board.
`The higher level codes perform functions which are less
`critical and may be passed by the microprocessorto the user
`interface software. These codes may include signals that an
`automatic transfer is taking place and that the user need not
`be alerted, or codes for other such secondary functions. It is
`envisioned that many functions which ideally would be
`executed by Low-level security codes may in fact be required
`to operate through calls to higher level security codes due to
`the constraints of the operating system. For example many,
`if not all, file access functions may be dependent on the
`operating system present on the hard disk. The removal of
`the operating system would render any access to files
`virtually impossible both for the thief and the beacon. This
`limitation may be avoided by protecting vital files automati-
`cally from being removed. When the beaconis activated in
`theft mode it might disable all write access to the hard drive
`to protect the operating system, thus assuringitself access to
`the files which need to be transmitted. As long as thefile
`system remains in place then the beacon can perform its
`tasks. The protection of the operating system or of certain
`files may also be achieved in one embodimentby controlling
`the file, permissions of each file to change certain files to
`read-only or archive status in order to protect them until
`transmission.
`Another type of incoming data is that of CDPD cellular
`packets. Such packets may contain e-mail, pages, etc. and
`might also contain low and high level control codes. These
`packets are examined by the microprocessor and passed on
`to the user interface software.
`Another function of the microprocessor is to arbitrate
`between incoming cellular transceiver data and the phone
`line interface. It is possible that
`the computer may be
`plugged into a phone line and receive a cellular call at the
`same time. Several actions may have to take place. If the
`incoming cellular call is a voice call then the protocol logic
`alerts the microprocessor which may signal the host com-
`puter and establish a connection. If the incoming call is a
`
`10
`
`15
`
`25
`
`35
`
`45
`
`35
`
`65
`
`Page 10
`
`Page 10
`
`

`

`5,748,084
`
`7
`cellular data call. the protocol logic tells the microprocessor
`whether the modem is already in use on the phoneline. If
`this is the case, since there is only one modem, a decision
`must be made whether to disconnect the phone connection
`and reconnect onthe cellular. This decision may be preset by
`user preferences in the high level software or may beset in
`the microprocessoritself. In any case only one data call can
`be maintained at a time. This limitation may be remedied by
`the inclusion of a second modem in the beacon. The same
`problem arises if the cellular modem is in operation and an
`incoming call arrives via the phoneline. Again the protocol
`logic and the microprocessor arbitrate between the cellular
`transceiver and the phone line. It will be understood that
`incoming land-line calls can contain voice. data, fax, file
`transfers and security codes just as in the case of cellular
`calls described above.
`The microprocessor also arbitrates and controls all out-
`going calls. Outgoing calls from the beacon may beinitiated
`by the user in a conventional manner through the user
`interface software, for example by entering an e-mail and
`clicking “SEND”, or they may beinitiated in the high-level
`user interface software or the low-level security software
`automatically. When the microprocessor receives data from
`the computerto transmit, it determines the most appropriate
`method of transmission and initiates a call. This determina-
`tion mayalso be tagged in the higher-level software but must
`be agreed upon by the microprocessor according to the state
`of the beacon. In most circumstances the microprocessor
`preferably is set
`to choose the phone line interface.
`if
`present, for the outgoing call due to its generally higher
`bandwidth and lower rates of charge. If the phoneline is in
`use by the user or another machine, the microprocessor
`judges the urgency of the transmission and may choose to
`either wait for the phoneline to be free or to transmit the data
`via the cellular phone.If the beacon determines that the unit
`is not plugged into the phone line, then all operations are
`performed via the cellular connection.
`The types of transmission possible are the same for
`outgoing calls as those described above for incoming trans-
`missions. Faxes, e-mails, files, internet connection and voice
`calls can all be initiated either by the user or automatically
`for transmission. Voice, e-mails and faxes, and internet
`connection calls are generally user initiated while automatic
`transmissions may include some e-mails and some file
`transfers such as automatic back up file transfers, and the
`security transfers described below.
`It is envisioned that the automatic file transfers will be
`useful for both emergency and non-emergency situations.
`Non-emergency file transfers are transfers such as routine
`back up offiles either back to the user’s home computer or
`corporate network, or to a commercial data warehousing
`facility for protective storage. The automatic back up func-
`tions determine which files to tansmit in the same manner
`as for emergencyfile transfers, as described below,including
`transfer based on modification date and type of file as
`determined bythe file extension, as well as any specfic files
`or directories specified by the user through application
`software.
`It
`is envisioned that a certain user might for
`instance desire to back up all word processing documents
`every three days automatically, whether connected to a
`phone or a network or not. If there is no other method
`available at the time. the back up software then compresses
`the files to be backed up and sends them over a dial-up
`connection using the cell modem. Preferences may be set as
`to whenthe transfers would take place so as to minimize the
`calling charges. Other management functions are available
`through the use of additional software and the cell modem
`beacon.
`
`8
`With this operation.information system managers become
`able to inventory the software and hardware configurations
`of all their company’s machines, regardless of their location
`at the time. They can also update software automatically
`overnight or provide realtime systems support by logging
`onto the portable machine remotely and taking control ofits
`functions. A good use might be the collection and redistri-
`bution of shared databasefiles at the end of the day such as
`with a program like LOTUS NOTES. In this case, the
`databasefiles would be transmitted by all mobile machines
`back to a central computer, whichcollates them and retrans-
`mits updated databasefiles to the mobile machinesvia their
`cell modem beacons.
`Under normal circumstances the beacon functions as the
`general communications provider for the host computer.
`When the computer is stolen however, the beacon operates
`at a concealed level as a special system controller and
`security broadcast beacon, thus providing the means to
`recover important data and track the stolen computer. These
`functions are implemented by the low-level security codes
`as described above.
`Briefly, when the computer is stolen, the user determines
`whether there are anycritical files which must be recovered
`whether the machine is found or not. The user sends a
`broadcastto initiate transfer of these files. This is done either
`through a central clearing house service center, which may
`for example be operated by a computer security company
`that provides broad-area RF/cell phone coverage to receive
`and temporarily store such data, or through the use of
`additional software e.g., emergency communications soft-
`ware present on another machine. This additional software
`may be included with the user interface software for instal-
`lation on the users non-mobile computer and configured to
`carry out automatic back up and other management func-
`tions of the mobile computer.
`In any case in a theft/
`notification mode the user determines which files need to be
`recovered and a request in proper format is sent via the
`cellular netw