1. Field of the Invention
This invention relates to computer operating systems, and more particularly, to a method and apparatus for disabling operation of one or more computer system components when a predetermined event occurs and re-enabling operation of the computer system components when a predetermined condition is met.
2. Description of the Related Art
When a computer system is leased either indefinitely or for a specific amount of time, it is desirable to have the capability to disable the system in the event a client defaults on lease payments or breaches other terms in the lease contract. Further, it is desirable to have the capability to restore system operability once the client becomes current on payments or fulfills other contractual obligations.
In the prior art, there are systems and methods available for disabling operation of unlicensed software programs after a trial period or a predetermined number of uses. Other systems and methods are available to disable licensed software programs when a user attempts to transport and operate licensed software on an unlicensed computer system. Still other systems and methods are known for permitting access to a basic set of features in a software program while disabling advanced features unless and until the user agrees to license the advanced capability. Capability for disabling any software from running on a system based on whether an unauthorized change to the hardware has been detected is also available.
None of the known systems or methods provide the capability to completely disable use of the computer system""s hardware and software components when the user violates a term of authorized use. Further, the known systems do not provide a mechanism for re-enabling the computer system once the user complies with the terms of a usage agreement.
In accordance with one embodiment of the present invention, there is provided a method for disabling operation of a computer system that includes a data processor, a read only memory, a security timer, and a basic input/output operating system (BIOS). The method includes storing a first portion of the BIOS in the read only memory that includes program instructions for initializing the system, updating the security timer, determining whether the security timer has expired, and disabling the computer system when the security timer has expired.
In a further embodiment, the computer system includes a clock, and updating the security timer includes reading the clock, determining the amount of time since the clock was last read, and updating the security timer based on the amount of time since the clock was last read.
In a further embodiment, the security timer is updated by decrementing the security timer at a fixed time interval.
In a further embodiment, a notice is published advising the user that the amount of time authorized for using the computer system has expired.
A further embodiment includes determining when to increment the security timer by an authorized extension of time.
In a further embodiment, the computer system is re-enabled by incrementing the security timer when an extension of time is authorized and the computer system is then initialized for operation.
In a further embodiment, determining whether the security timer should be incremented includes utilizing a cryptographic message system to improve the authenticity of an authorization for an extension of time. Another security feature that may be included is the ability to disable the computer system when it is determined that the system clock or security timer has been tampered.
A further embodiment includes publishing a notice when the security timer has a predetermined amount of time remaining.
In another embodiment, the present invention also provides a security system for enabling and disabling operation of a computer system that includes a central processing unit, a memory, and program instructions for initializing and controlling operation of the computer system. The security system includes a security timer for measuring the amount of time the computer system has been utilized, a first set of program instructions for comparing an amount of time authorized for utilizing the computer system to the amount of time the computer system has been utilized, and a second set of program instructions for at least partially halting operation of the computer system when the amount of time the computer system has been utilized exceeds the amount of time authorized for utilizing the computer system.
Another feature of the present invention includes a third set of program instructions for re-enabling operation of the computer system when an authorized extension of time for utilizing the computer system is detected. To protect the security timer from tampering, the security timer may be implemented so that it resides in write protected, and/or a hidden area of memory. The system may also include a data encryption and decryption system for receiving and authenticating updates to the security timer.
Another feature is a set of program instructions for publishing a notice at a predetermined time before the security timer expires.
To further improve security, the present invention may include a set of program instructions for determining whether the security timer reading is valid.
To keep accurate track of the amount of time the system is utilized, another set of program instructions may be included for generating a system interrupt at fixed time intervals and decrementing the time remaining on the security timer by the fixed time interval. An alternate embodiment for tracking the time remaining includes using a system clock and a third set of program instructions to compare the expiration time for authorized use of the computer system on the security timer to the current time of the system clock.
Another feature of the present invention includes at least partially disabling the computer system when the time on the security timer or the system clock is invalid. This is to prevent users from tampering with the timer or clock to gain unauthorized use of the computer system.
The present invention may also be distributed as a computer program product for enabling and disabling operation of a computer system that includes a first set of program instructions for measuring the amount of time the computer system has been utilized, a second set of program instructions for comparing an amount of time authorized for utilizing the computer system to the amount of time the computer system has been utilized, and a third set of program instructions for at least partially halting operation of the computer system when the amount of time the computer system has been utilized exceeds the amount of time authorized for utilizing the computer system.
Additional features may be included by providing program instructions for re-enabling operation of the computer system when an authorized extension of time for utilizing the computer system is detected, encrypting and decrypting updates to the security timer, publishing a notice at a predetermined time before the security timer expires, determining whether the security timer reading is valid, generating a system interrupt at a fixed time interval and decrementing the time remaining on the security timer by the fixed time interval, checking the validity of the time on the security timer; and at least partially disabling the computer system when the time on the security timer is invalid.
The foregoing has outlined rather broadly the objects, features, and technical advantages of the present invention so that the detailed description of the invention that follows may be better understood.