Subsystem Authenticity and Integrity Verification (SAIV)
Abstract
Systems and methods are disclosed for enhancing anti-terrorism public safety measures, by more securely determining whether explosives or other contraband have been inserted into notebook computer batteries or other large, replaceable subsystems of electronic devices. Because notebook computers typically require large, heavy batteries, they present attractive containers for smugglers and terrorists attempting to bring explosives onto an airplane. The disclosed security testing system provides more reliable results than many current tests, and does not require that the device under test be powered on. The systems and methods disclosed use out-of-band authentication for added security.
Claims
exact text as granted — not AI-modifiedWe claim:
1 . A method of ascertaining authenticity or integrity of a battery operated electronic computing apparatus, the method comprising:
coupling a security station with the battery operated electronic computing apparatus, the battery operated electronic computing apparatus being a device under test (DUT); issuing a challenge from the security station to the DUT; receiving, by the security station, a response from the DUT; establishing an authenticated session with a first remote secret store through a network; communicating, from the security station, information about the DUT response to the first remote secret store; receiving, by the security station, a response from the first remote secret store regarding the DUT, the response from the first remote secret store including a remotely made pass/fail determination; and responsive to receiving the response from the first remote secret store, generating a local pass/fail indication at the security station.
2 . The method of claim 1 further comprising:
selecting, outside of the DUT, a secret index number;
selecting, by the security station and responsive to the value of the number, the first remote secret store from a plurality of remote secret stores.
3 . The method of claim 2 wherein the security station selects the secret index number.
4 . The method of claim 1 wherein communicating information about the DUT response to the first remote secret store comprises forwarding the DUT response to the first remote secret store.
5 . The method of claim 1 further comprising:
establishing an authenticated session with a second remote secret store through the network;
communicating, from the security station, information about a DUT response to the second remote secret store;
receiving, by the security station, a response from the second remote secret store regarding the DUT, the response from the second remote secret store including a remotely made pass/fail determination; and
wherein generating a local pass/fail indication at the security station comprises determining the local pass/fail indication responsive to the responses from both the first remote secret store and the second remote secret store.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.