November 17, 2009 12:00 PM (EDT)
Ronald J. DeHaas announces provisional patent pending status on his following
A System and Method for selecting security parameters based on presence of a USB computer device:
Recognizing that security issues on a computer communicatively connected to the Internet are a growing problem, many software applications have been implemented to detect security violations, and either block access to the Internet, or to notify a security guardian that a security violation has occurred. Security concerns and violations could include instant messaging, web surfing, email, or any other Internet protocol, including how they are used, the content thereof, or even the very access to one or more of those protocols. In a business or professional environment, there also are applications that are proprietary, or utilize proprietary information. However, there is a growing utilization of laptops and other mobile computer devices which have USB ports, and there is a desire to establish a means of establishing security rules that may vary according to the user, when that user carries (or otherwise has access to) a specific USB flash drive (or thumb drive or jump drive, herein referred to as a USB computer device). For instance, security at an office environment may be totally established, controlled, and monitored through a corporate proxy system, but when a laptop is taken from the office environment to another location, such as home or a coffee shop, the office security and proxy connection may not be able to be applied. Or, when multiple users have access to use of a laptop or other mobile computing device, the computer may contain information, software, or access to specific protocols for one user which must be secure from access by another user. There is therefore a need to to establish a "handshake" between a mobile computing device and the user in order to establish security criteria.
Therefore, the current invention includes the following claims:
1. A system and method for a "handshake" between software installed on a computing device and a USB computer device, in other words identifying the specific USB computer device attached to a computing device through a USB port, the identification of which establishes criteria by which the computing device may function; the functions thereby limited may include access to the Internet, access to certain software contained on the computer, access to certain files on the computer, access to certain protocols, access to (or prevented from) specific domains or URL's, specific strings of keyboard strikes to be passed through the Internet, access to email, etc. and, depending on the handshake being completed, establishing security criteria for that computer device, including (but not limited to): web surfing (access, or what may be added to interactive sites, or a whitelist, or a blacklist), instant messaging (access, or control of who may be included as correspondents, or content), filesharing (access, or control of content, or a whitelist, or a blacklist), email (content, who should be included as correspondents, length, etc.), and time constraints (either time of day or total time per day or other time unit), newsgroups (access, content, whitelist, or blacklist) or any or all internet protocols.
2. The system and method of claim 1, wherein the system and method of completing the handshake is through a combination of software contained on the computing device and the USB computer device;
3. The system and method of claim 1, wherein the system and method of completing the handshake is through a combination of software contained on the computing device, the USB computer device, and on a server remotely connected either through the Internet or a VPN;
4. The system and method of claim 1, wherein tampering or disabling of the USB computer device, or the software of claim 2 or 3 is considered as a security violation;
5. The system and method of claim 1, wherein other security rules are established, the circumvention or disabling of which is considered a security violation;
6. The system and method of claim 1, wherein any security violation triggers a notification report to another party, by telephone, internet, or other communication process;
7. The system and method of claim 6, wherein said report is accessible by a third party recipient through a web interface or other communication process;
8. The system and method of claim 1, wherein a report is provided to a security guardian that provides information on current user/enabled USB computer device of monitored computers;
9. The system and method of claim 9 wherein said report is available through a web interface or other communication process;
10. The system and method of claim 1 wherein a security guardian can change the security settings through a web interface or other communication process;
11. The system and method of claim 1 wherein groups of users may be established that have different security rules;
12. The system and method of claim 11 wherein a security guardian can change the security settings for a group through a web interface or other
13. The system and method of claim 8 wherein said report provides an analysis of security violations as to priority of impact to business operations, legal ramifications, etc.
14. The system and method of claim 1 wherein specified security violations result in specified action or actions implemented via software installed on the computing device, actions which could include permanent deletion or altering of specified files, software, or other data contained therein, or the re-initializing of the drives of the computer.