What technology area does this patent fall under?

Primary CPC classification G06F21/88. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Oct 03 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Apparatus, system, and method for detecting theft of network devices

US9779271B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9779271-B2
Application number	US-201514733399-A
Country	US
Kind code	B2
Filing date	Jun 8, 2015
Priority date	Jun 8, 2015
Publication date	Oct 3, 2017
Grant date	Oct 3, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The disclosed apparatus may include a secure storage device that securely stores an initial geographic location of a network device that facilitates network traffic within a network. This apparatus may also include a processing unit communicatively coupled to the secure storage device. The processing unit may determine a current geographic location of the network device. The policy-enforcement unit may then detect evidence of theft of the network device by (1) comparing the current geographic location of the network device with the initial geographic location of the network device and (2) determining, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device. Finally, the processing unit may perform at least one security action in response to detecting the evidence of theft of the network device.

First claim

Opening claim text (preview).

What is claimed is: 1. An apparatus comprising: a secure storage device that securely stores an initial geographic location of a network device that facilitates network traffic within a network; and a processing unit communicatively coupled to the secure storage device, wherein the processing unit: determines a current geographic location of the network device that facilitates network traffic within the network; detects evidence of theft of the network device by: determining that the network device is experiencing an unexpected power outage; in response to determining that the network device is experiencing the unexpected power outage, comparing the current geographic location of the network device with the initial geographic location of the network device securely stored in the secure storage device; and determining, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device; and in response to detecting the evidence of theft of the network device, protects the network device from threats of theft by: utilizing a dying gasp capacitor within the network device to alert an administrator of the network device about both the unexpected power outage and the current geographic location of the network device; and directing the network device to operate within a restricted mode of operation until determining that the administrator has entered, into the network device, authentication credentials that enable the network device to return to a normal mode of operation. 2. The apparatus of claim 1 , wherein the secure storage device comprises a Trusted Platform Module (TPM) chip. 3. The apparatus of claim 1 , wherein the processing unit determines the current geographic location of the network device using a Global Positioning System (GPS) of the network device. 4. The apparatus of claim 1 , wherein the processing unit further determines the current geographic location of the network device on a periodic basis. 5. The apparatus of claim 1 , wherein the processing unit determines that the current geographic location of the network device is beyond a certain distance from the initial geographic location of the network device. 6. The apparatus of claim 1 , wherein the processing unit directs the network device to operate within the restricted mode of operation by at least one of: preventing the network device from facilitating network traffic; preventing any changes from being made to a configuration of the network device; and preventing access to data stored within the network device. 7. The apparatus of claim 1 , wherein the processing unit further determines the current geographic location of the network device in response to detecting a boot up operation of the network device. 8. The apparatus of claim 7 , wherein the processing unit: compares the current geographic location of the network device with the initial geographic location of the network device in response to detecting the boot up operation of the network device; determines, based at least in part on the comparison, that the current geographic location of the network device does not match the initial geographic location of the network device; and detects additional evidence of theft of the network device based at least in part on the current geographic location not matching the initial geographic location. 9. The apparatus of claim 8 , wherein the processing unit prevents the network device from completing the boot up operation in response to detecting the additional evidence of theft of the network device. 10. The apparatus of claim 9 , wherein: the secure storage device stores the initial geographic location of the network device within a register accessed during the boot up operation; and the processing unit prevents the network device from completing the boot up operation by binding the register with the boot up operation such that the boot up operation fails in response to the current geographic location of the network device not matching the initial geographic location stored in the register. 11. A system comprising: a Trusted Platform Module (TPM) chip that securely stores an initial geographic location of a router that facilitates network traffic within a network; and a processing unit communicatively coupled to the TPM chip, wherein the processing unit: determines a current geographic location of the router that facilitates network traffic within the network; detects evidence of theft of the router by: determining that the router is experiencing an unexpected power outage; in response to determining that the router is experiencing the unexpected power outage, comparing the current geographic location of the router with the initial geographic location of the router securely stored in the TPM chip; and determining, based at least in part on the comparison, that the current geographic location of the router does not match the initial geographic location of the router; and in response to detecting the evidence of theft of the router, protects the router from threats of theft by: utilizing a dying gasp capacitor within the router to alert an administrator of the router about both the unexpected power outage and the current geographic location of the router; and directing the router to operate within a restricted mode of operation until determining that the administrator has entered, into the router, authentication credentials that enable the router to return to normal mode of operation. 12. The system of claim 11 , wherein the processing unit directs the router to operate within the restricted mode of operation by at least one of: preventing the router from facilitating network traffic; preventing any changes from being made to a configuration of the router; and preventing access to data stored within the router. 13. The system of claim 11 , wherein the processing unit further determines the current geographic location of the router in response to detecting a boot up operation of the router. 14. The system of claim 13 , wherein the processing unit: compares the current geographic location of the router with the initial geographic location of the router in response to detecting the boot up operation of the router; determines, based at least in part on the comparison, that the current geographic location of the router does not match the initial geographic location of the router; and detects additional evidence of theft of the router based at least in part on the current geographic location not matching the initial geographic location. 15. The system of claim 14 , wherein the processing unit prevents the router from completing the boot up operation in response to detecting the additional evidence of theft of the router. 16. The system of claim 15 , wherein: the TPM chip stores the initial geographic location of the router within a register accessed during the boot up operation; and the processing unit prevents the router from completing the boot up operation by binding the register with the boot up operation such that the boot up operation fails in response to the current geographic location of the router not matching the initial geographic location stored in the register. 17. A method comprising: determining a current geographic location of a network device; detecting evidence of theft of the network device by: determining that the network device is experiencing an unexpected power outage; in response to determining that the network device is experiencing t

Assignees

Juniper Networks Inc

Inventors

Classifications

H04L41/0677
Localisation of faults · CPC title
H04L63/107
wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals · CPC title
G06F21/88Primary
Detecting or preventing theft or loss · CPC title
H04L41/28
Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration · CPC title
G06F2221/2149
Restricted operating environment · CPC title

Patent family

Related publications grouped by family.

View patent family 55024732

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9779271B2 cover?: The disclosed apparatus may include a secure storage device that securely stores an initial geographic location of a network device that facilitates network traffic within a network. This apparatus may also include a processing unit communicatively coupled to the secure storage device. The processing unit may determine a current geographic location of the network device. The policy-enforcement …
Who is the assignee on this patent?: Juniper Networks Inc
What technology area does this patent fall under?: Primary CPC classification G06F21/88. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Oct 03 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).