US2012185933A1PendingUtilityA1

User account for system protection or recovery

44
Assignee: BELK ANDREW TPriority: Jan 14, 2011Filed: Apr 20, 2011Published: Jul 19, 2012
Est. expiryJan 14, 2031(~4.5 yrs left)· nominal 20-yr term from priority
G06F 2221/2111G06F 11/1469G06F 2221/2143G06F 21/6218G06F 21/88H04W 4/029H04W 4/02H04W 12/12H04W 12/126
44
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In one embodiment, a data processing system includes a guest account that is configured to assist in the protection and recovery of the data processing system when it is lost or stolen. In one embodiment, the guest account can allow Internet access and can include a web browser to allow the guest, who might be a thief, to use the system to browse the Internet. While such use occurs, the system can perform actions specified by an authorized user of the system, and such actions can include determining a location of the system and transmitting the location to the authorized user, erasing data on the system, displaying a message, capturing an image, etc.

Claims

exact text as granted — not AI-modified
1 . A machine readable tangible storage medium storing executable instructions that cause, when executed, a system to perform a method comprising:
 receiving an input to start-up or wake-up a data processing system;   receiving an input to use a guest account log in option which is presented in response to the input to start-up or wake-up;   presenting a user interface of a guest account on the data processing system;   receiving at least one signal from another data processing system, the at least one signal causing an action to be performed while the guest account is used and the action being specified by an authorized user of the data processing system.   
     
     
         2 . The medium as in  claim 1  wherein the authorized user selects the action and wherein the at least one action is one of: (a) determining information which indicates a location of the data processing system and transmitting the information to the authorized user; (b) erasing data on a data storage device of the data processing system; (c) displaying a message which requests that the data processing system be returned to the authorized user; (d) capturing an image of the user of the data processing system; (e) locking the user from logging into a user account of the authorized user; or (f) any combination of two or more of these actions. 
     
     
         3 . The medium as in  claim 2  wherein when the at least one action includes determining information which indicates the location, the data processing system determines the information from one of a network connection or a satellite positioning system or a cellular wireless radio connection and wherein the data processing system transmits the information to the authorized user through the another data processing system which is available to the authorized user; and wherein when the at least one action includes capturing the image of the user, the data processing system capturing the image through a camera coupled to the data processing system and transmitting the image to the authorized user through the another data processing system. 
     
     
         4 . The medium as in  claim 3  wherein the authorized user's account is executed through a first operating system (OS) stored on a first partition on the data storage device and the guest account is executed through a second OS stored on a second partition on the data storage device and wherein data files of the authorized user are not accessible to the user of the guest account. 
     
     
         5 . The medium as in  claim 4  wherein the second partition comprises recovery software configured to perform at least one of (a) repairing the first partition of the data storage device; (b) reinstalling the first OS on the first partition; or (c) restoring data files of the authorized user on the first partition, the restoring being performed from a backup of the data files. 
     
     
         6 . The medium as in  claim 3 , wherein the method further comprises:
 generating data to present a user interface, in the guest account mode, that is configured to allow the authorized user to exit the guest account mode and to operate in the authorized user's user account.   
     
     
         7 . The medium as in  claim 3  wherein the guest account allows the user of the guest account to use a web browser to access the Internet and wherein the at least one signal is received after the authorized user indicates the data processing system is lost or stolen and wherein the at least one signal specifies the at least one action and wherein the at least one signal is received as a result of the user using the guest account to use the web browser. 
     
     
         8 . A machine readable tangible storage medium storing executable instructions that cause, when executed, a system to perform a method comprising:
 receiving and responding to one or more inputs of a user of a data processing system;   receiving, through a network connection, a notification wherein the notification represents an indication that the use of the data processing system is not authorized;   switching, in response to the notification, the data processing system into a restricted guest account;   performing, while in the restricted guest account, at least one action specified by an authorized user of the data processing system.   
     
     
         9 . The medium as in  claim 8  wherein the at least one action is one of: (a) determining information that indicates a location of the data processing system and transmitting the information to the authorized user; (b) erasing data on a data storage device of the data processing system; (c) displaying a message which requests that the data processing system be returned to the authorized user; (d) capturing an image of the user of the data processing system; (e) locking the user from logging into a user account of the authorized user; or (f) any combination of two or more of these actions. 
     
     
         10 . The medium as in  claim 9  wherein the switching, in response to the notification, comprises rebooting the data processing system into the restricted guest account and wherein the restricted guest account allows a use of a web browser and provides access to the Internet. 
     
     
         11 . The medium as in  claim 10  wherein the switching further comprises saving user data, in one or more open applications, to a non-volatile data storage device before rebooting the data processing system. 
     
     
         12 . The medium as in  claim 11  wherein the saving of user data also saves state information including the operating state of the one or more open applications such that the authorized user can return to the operating state, with the user data saved, that existed before the data processing system was lost or stolen. 
     
     
         13 . The medium as in  claim 10  wherein the authorized user's account is executed through a first operating system (OS) stored on a first partition on a non-volatile data storage device and the restricted guest account is executed through a second OS stored on a second partition on the non-volatile data storage device and wherein files of the authorized user are not accessible to the user of the restricted guest account. 
     
     
         14 . The medium as in  claim 13  wherein the second partition comprises recovery software configured to perform at least one of (a) repairing the first partition; (b) reinstalling the first OS for the authorized user; or (c) restoring data files of the authorized user on the first partition, the restoring being performed from a backup of the data. 
     
     
         15 . The medium as in  claim 9  wherein the notification is generated in response to the authorized user indicating that the data processing system is lost or stolen and wherein the data processing system is not protected by requiring a log in password. 
     
     
         16 . A machine readable tangible storage medium storing executable instructions that cause, when executed, a system to perform a method comprising:
 determining, at start-up or wake-up of a data processing system, whether the data processing system has an encrypted storage device;   booting into a restricted guest account in response to determining the data processing system has an encrypted storage device and in response to a user's selection of the guest account, the restricted guest account providing a web browser and Internet access;   receiving at least one signal from another data processing system, the at least one signal causing an action to be performed, while the guest account is used, to protect data on the data processing system or recover the data processing system, and wherein the action is specified by an authorized user of the data processing system.   
     
     
         17 . The medium as in  claim 16  wherein a user of the restricted guest account is locked out of an authorized user's account unless the authorized user's account is enabled with the entry of a security code. 
     
     
         18 . A machine implemented method comprising:
 receiving an input to start-up or wake-up a data processing system;   receiving an input to use a guest account log in option which is presented in response to the input to start-up or wake-up;   presenting a user interface of a guest account on the data processing system;   receiving at least one signal from another data processing system, the at least one signal causing an action to be performed while the guest account is used and the action being specified by an authorized user of the data processing system.   
     
     
         19 . The method as in  claim 18  wherein the at least one action is one of: (a) determining information which indicates a location of the data processing system and transmitting the information to the authorized user; (b) erasing data on a data storage device of the data processing system; (c) displaying a message which requests that the data processing system be returned to the authorized user; (d) capturing an image of the user of the data processing system; (e) locking the user from logging into a user account of the authorized user; or (f) any combination of two or more of these actions. 
     
     
         20 . The method as in  claim 19  wherein the authorized user's account is executed through a first operating system (OS) stored on a first partition of the data storage device and the guest account is executed through a second OS stored on a second partition of the data storage device and wherein data files of the authorized user are not accessible to the user of the guest account. 
     
     
         21 . The method as in  claim 20  wherein the second partition comprises recovery software configured to perform at least one of (a) repairing, when authorized by the authorized user, the first partition of the data storage device; or (b) reinstalling, when requested by the authorized user, the first OS on the first partition; or (c) restoring, when requested by the authorized user, data files of the authorized user on the first partition, the restoring being performed from a backup of the data files; and wherein the method further comprises:
 generating data to present a user interface, in the guest account, that is configured to allow the authorized user to exit the guest account and to log in to the authorized user's user account. 
 
     
     
         22 . A machine implemented method comprising:
 receiving and responding to one or more inputs of a user of a data processing system;   receiving, through a network connection, a notification, wherein the notification represents an indication that the use of the data processing system is not authorized;   switching, in response to the notification, the data processing system into a restricted guest account;   performing, while in the restricted guest account, at least one action specified by an authorized user of the data processing system.   
     
     
         23 . The method as in  claim 22  wherein the at least one action is one of: (a) determining information that indicates a location of the data processing system and transmitting the information to the authorized user; (b) erasing data on a data storage device of the data processing system; (c) displaying a message which requests that the data processing system be returned to the authorized user; (d) capturing an image of the user of the data processing system; (e) locking the user from logging into a user account of the authorized user; or (f) any combination of two or more of these actions. 
     
     
         24 . The method as in  claim 23  wherein the switching, in response to the notification, comprises rebooting the data processing system into the restricted guest account and wherein the restricted guest account allows a use of a web browser and provides access to the Internet; and wherein the switching further comprises saving user data, in one or more open applications, to a non-volatile data storage device before rebooting the data processing system; and wherein the saving of user data also saves state information including the operating state of the one or more open applications such that the authorized user can return to the operating state, with the user data saved, that existed before the data processing system was lost or stolen; and wherein the authorized user's account is executed through a first operating system (OS) stored on a first partition on a non-volatile data storage device and the restricted guest account is executed through a second OS stored on a second partition on the non-volatile data storage device and wherein files of the authorized user are not accessible to the user of the restricted guest account. 
     
     
         25 . A machine readable tangible storage medium storing executable instructions that cause, when executed, a system to perform a method comprising:
 receiving an input to start-up or wake-up a data processing system;   receiving an input to use a guest account log in option which is presented in response to the input to start-up or wake-up;   presenting a user interface of a guest account on the data processing system;   performing an action at the data processing system, wherein the action is specified by an authorized user and is enabled by use of the guest account which automatically provides network access through at least one network connection.   
     
     
         26 . The medium as in  claim 25  wherein the network access includes Internet access and wherein the network access cannot be disabled when using the guest account.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.