Patent Application
20080238614
IBM® is a registered trademark of International Business Machines Corporation, Armonk, N.Y., U.S.A. Other names used herein may be registered trademarks, trademarks or product names of International Business Machines Corporation or other companies.
1. Field of the Invention
This invention relates generally to wireless communication devices, and more particularly to a method, apparatus, and system for remotely configuring, activating, and deactivating a wireless communication device's security features for facilitating return of the device, as well as securing data stored within the device.
2. Description of the Related Art
The spread of wireless communication devices throughout societies around the world continues unabated. What started out as simple wireless phones in the 1970's have evolved into the sophisticated wireless information appliances that are now available today. Present day wireless information appliances include sophisticated cellular phones with data capabilities, Internet access, video and picture taking capabilities, advanced alphanumeric pagers, personal digital assistants (PDA), global positioning satellite (GPS) location devices, and portable computers. Even with the increased functionality of today's wireless devices, their size and ease of portability has continued to improve. Advancements in microprocessors, software, memory, power management/power cells, and display technology have allowed for smaller wireless devices.
The reduction of wireless device size has increased the chances for device loss or theft. The unauthorized use of a wireless device can lead to calls and services being charged to a user/owner account. More importantly, the party in possession of the device can access sensitive personal or business related data of the user/owner.
Solutions exist today that allow a user to secure their wireless device by permanently disabling data access within the device. However, this solution does not allow for reuse of the wireless device by the owner if the device is recovered. Therefore there is a need to remotely secure/disable a misplaced or stolen wireless device, while still allowing for restored functionality if the device is found by its owner, or the potential return of the wireless device by an honest individual.
Embodiments of the present invention include a method and system for securing a wireless device wherein the method includes: receiving, from a subscriber, a request to activate one or more security features and recovery functions of a missing wireless device of the subscriber; determining whether the missing wireless device is powered on; setting, in the event the missing wireless device is not powered on, a flag in an account of the subscriber to activate the requested one or more security features and recovery functions upon determining the missing wireless device is powered on; activating, upon determining the missing wireless device is powered on, the requested one or more security features and recovery functions by blowing at least one of a series of electrically programmable fuses included within the wireless device; and deactivating, in the event of receiving another request from the subscriber, the one or more security features and recovery functions; wherein deactivating the one or more security features and recovery functions is facilitated by blowing at least another of a series of electrically programmable fuses included within the wireless device so as to reinstate a set of standard operating features of the wireless device.
A system for securing a wireless device, the system includes: subscriber wireless devices equipped with a series of electrically programmable fuses; a wireless provider network comprised of base stations and computer servers with storage capabilities; wherein the wireless provider network can remotely activate the wireless device's security and recovery features upon receiving, from a subscriber, a request to activate one or more security features and recovery functions of a missing wireless device of the subscriber, and deactivating, in the event of receiving another request from the subscriber, the one or more security features and recovery functions; wherein activating the wireless device's security and recovery features is facilitated by blowing at least one of the series of electrically programmable fuses included within the wireless device; wherein the blowing of at least one of the series of electrically programmable fuses results in a logic redirection from a set of standard device operating features to a restricted set of software functions intended to secure and potentially recover the lost wireless device; and wherein deactivating the wireless device's security and recovery features is facilitated by blowing at least another of a series of electrically programmable fuses to reinstate the wireless device's set of standard operating features.
Additional features and advantages are realized through the techniques of the present invention. Other embodiments and aspects of the invention are described in detail herein and are considered a part of the claimed invention. For a better understanding of the invention with advantages and features, refer to the description and to the drawings.
As a result of the summarized invention, a solution is technically achieved for remotely configuring, activating, and deactivating a wireless communication device's security features for facilitating return of the device as well as securing data stored within the device.
The subject matter that is regarded as the invention is particularly pointed out and distinctly claimed in the claims at the conclusion of the specification. The foregoing and other objects, features, and advantages of the invention are apparent from the following detailed description taken in conjunction with the accompanying drawings in which:
The detailed description explains the preferred embodiments of the invention, together with advantages and features, by way of example with reference to the drawings.
Embodiments of the invention provide a means for remotely configuring, activating, and deactivating a wireless communication device's security features for facilitating return of the device as well as securing data stored within the device.
Embodiments of the invention use IBM's eFuse technology to provide remote field programmable low cost logic redirection from standard communication device operating features to a restricted set of software functions intended to secure and potentially recover a lost wireless communication or wireless computing device. The software configuration of a sequence of alternate, restricted functions is activated upon notifying a wireless communication service provider of a lost device. The restricted functions include display of a pre-specified text message, restriction of outgoing communication to a single destination, conversion of an alert to an audible ring tone, recording of the geographic location of the lost device by the service provider, securing access to data on the lost device, and encryption and upload of specified data files to a service provider. The use of firmware modification of a device's logic path via eFuse to lock out standard features, allows for re-activation of the devices full capabilities and access to stored user data if the missing device is located or returned.
An IBM eFuse is an electrically programmable, silicided polysilicon fuse that is embedded into a chip layer as an integrated portion of the chip manufacturing process. With the eFuse's microscopic size, hundreds of eFuses can be embedded into a very small portion of a chip, for use in programming/reprogramming chip circuit sections, thereby providing control over chip function and capability. The eFuse is the element that is “blown” by a sensing/control program, which causes an electro migration event within the eFuse. The blowing of an eFuse does not involve a physical rupture of the fuse element. The eFuse is blown with the application of a higher-than-nominal voltage in the logic circuit. eFuses provide several compelling advantages over laser fuses and/or conventional metallic fuses. The eFuse blow process does not risk damage to adjacent devices, since eFuses are blown by a logic process instead of a physical destruction of an element/filament. When a higher-than-nominal voltage is applied to a specific eFuse, electro migration of the silicide layer occurs, causing a substantial increase in resistance. This increase in resistance is sensed as a blown fuse in the eFuse sensing circuit.
As reflected in block 118, the wireless mobile devices security and recovery functions include one or more of the following features:
Continuing with the flow diagram of
The computer program may be resident on a storage medium local to the remote devices 202 and 204, or maybe stored on the server system 206 or cellular base station 210. The server system 206 may belong to a public service. The remote devices 202 and 204, and desktop device 205 may be coupled to the server system 206 through multiple networks (e.g., intranet and Internet) so that not all remote devices 202, 204, and desktop device 205 are coupled to the server system 206 via the same network. The remote devices 202, 204, desktop device 205, and the server system 206 may be connected to the network 208 in a wireless fashion, and network 208 may be a wireless network. In an exemplary embodiment, the network 208 is a LAN and each remote device 202, 204 and desktop device 205 executes a user interface application (e.g., web browser) to contact the server system 206 through the network 208. Alternatively, the remote devices 202 and 204 may be implemented using a device programmed primarily for accessing network 208 such as a remote client.
The capabilities of the present invention can be implemented in software, firmware, hardware or some combination thereof.
As one example, one or more aspects of the present invention can be included in an article of manufacture (e.g., one or more computer program products) having, for instance, computer usable media. The media has embodied therein, for instance, computer readable program code means for providing and facilitating the capabilities of the present invention. The article of manufacture can be included as a part of a computer system or sold separately.
Additionally, at least one program storage device readable by a machine, tangibly embodying at least one program of instructions executable by the machine to perform the capabilities of the present invention can be provided.
The flow diagrams depicted herein are just examples. There may be many variations to these diagrams or the steps (or operations) described therein without departing from the spirit of the invention. For instance, the steps may be performed in a differing order, or steps may be added, deleted or modified. All of these variations are considered a part of the claimed invention.
While the preferred embodiments to the invention has been described, it will be understood that those skilled in the art, both now and in the future, may make various improvements and enhancements which fall within the scope of the claims which follow. These claims should be construed to maintain the proper protection for the invention first described.
