Computers and other related electronic devices have become important tools for the creation, manipulation, transmission and storage of sensitive information. Security mechanisms to prevent unauthorized use of computers or access to the information stored therein have accordingly seen increased use. The most common way of protecting unauthorized access to a computer and the information stored therein is by use of user accounts and passwords. In such systems, use of the physical machine or access to some or all data which may be accessed by the machine is prevented if the user is unable to enter the appropriate user account name and password.
A further popular security mechanism for computers is a screen saver program. Such programs, which were originally developed to prevent xe2x80x9cburn-inxe2x80x9d on Cathode Ray Tubes (CRT) have evolved into security mechanisms which prevent unauthorized use of a computer. Other security programs employing passwords are also available to protect against unauthorized use of a computer. Although programs requiring entry of passwords are the most popular and inexpensive form of protection for computers, other security mechanisms such as physical locks which prevent use of the computers input/output devices have also been developed.
Typically, screen saver or password type security programs, when activated, are invoked after passage of a certain amount of time when there has been no activity by the user (i.e. no inputs via input devices such as the keyboard or mouse) with respect to the computer. When invoked, the screen saver program typically replaces the image on the computer display with a moving image selectable by the user. In addition, the amount of time required to elapse before the screen saver is invoked is typically adjustable by the user. When the user later wishes to use the computer, an input device such as a keyboard or mouse may be used to cause the generation of an input region on the display into which the user enters an authorized password (typically the account name/number is automatically filled in). If the proper password is entered, the screen saver terminates and the image displayed prior to invocation of the screen saver is regenerated on the display, allowing full access to the device.
In using a password type security program to protect against unauthorized use of a computer, a user must make a decision between security and convenience. For the highest level of security, the time interval of inactivity required for invocation of the security program must be very small. However, a very small interval is highly inconvenient as most users are not constantly entering input into the computer. If a small interval is selected, the user will have to enter an input to prevent the security program from being activated, or will have to reenter the required password every time the passage of the small selected interval of time causes invocation of the security program.
Selection of a large time interval is more convenient but allows greater opportunity for unauthorized access to the computer. Consequently, a significant security/convenience trade-off must be made in the use of a conventional password type security program. This trade-off may be acceptable in environments where the users have physically enclosed spaces such as individual offices or cubicles where unauthorized individuals are less likely to enter. The trade-off may also be acceptable in environments where it is immaterial if information on a computer screen is viewed by others. However, in certain environments security is more crucial. For example, computers located on trading floors, banks or hospitals often contain sensitive and confidential information and are located in high traffic areas used by many unauthorized individuals. In such instances, security is of much greater concern. Moreover, often times users in such environments are less likely to have the time required to actively take security measures to protect against unauthorized use of secure machines or data.
As can be seen, there exists a need for an improved security system for electronic devices such as computers to protect against unauthorized use of the machine or access to the data accessible by the machine. It would be desirable for such a security system to prevent unauthorized access yet minimize inconvenience to or involvement by the user.
The present invention advantageously provides a security system for an electronic device which involves minimal routine involvement by the user of the device to invoke the protection provided by the security system. In a principle aspect, embodiments of the present invention employ a proximity sensor to detect the presence of a user at the secured device. When the proximity sensor detects that the user has left the device, the security system is armed to prevent unauthorized use.
Embodiments employing the principles of the present invention advantageously provide security with minimal involvement by the user. Such embodiments may be used in confidential environments such as trading floors, banks or hospitals where private or high-security information may be inadvertently displayed. Devices in home environments may also benefit by limiting access to certain electronic devices by children.
In a preferred embodiment, the security system takes the form of a system which protects against unauthorized use of a personal computer. The security system includes a proximity sensor to detect the presence and/or absence of a user at the device. A controller receives the output of the proximity sensor, filters the received signal according to a sensitivity setting and transmits an appropriate signal to the personal computer to invoke certain security measures such as clearing the screen of the information being displayed, invoking a screen saver and/or ignoring input from input devices such as keyboard or pointing device.
In certain embodiments, the security system receives inputs from audio and video devices to control operation of the system or to detect unauthorized use. In such embodiments, image or voice recognition programs are used to determine whether an individual in proximity to the protected device is an authorized user. Other embodiments contain reporting functions to allow reporting of security violations to other remotely located devices, to building security systems or to security personnel. Certain embodiments make extensive use of hardware and software contained in a personal computer, such as audio and video input and output devices, network connections, modems and system and application software. Other embodiments are more self-contained to provide the necessary hardware and software to implement a security system for devices which do not already contain the required components.
These and other features and advantages of the present invention may be better understood by considering the following detailed description of a preferred embodiment of the invention. In the course of this description, reference will frequently be made to the attached drawings.