Browse Prior Art Database

Polling-Based Mechanism for Discovery of Stolen and Lost Network-Attachable Devices (WANTED-P)

IP.com Disclosure Number: IPCOM000014530D
Original Publication Date: 2000-May-01
Included in the Prior Art Database: 2003-Jun-19
Document File: 4 page(s) / 35K

Publishing Venue

IBM

Abstract

While the announcement of identity information in an initial mechanism relied on the fact that it could be hidden inside data exchanges with portals (steganography, etc), the mechanism proposed here does not require to be resistant to filtering at all. Instead, this new mechanism executes a polling operation to well-known portals in order to check whether a channel exists to these portals. The polling is done in such a way that it cannot be distinguished from a regular HTTP request, therefore it can only be filtered out at the expense of disturbing normal user operations at the same time. A more detailed description of the announcement of identity information in this context is given on Fig. 1: 1 2

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 1 of 4

  Polling-Based Mechanism for Discovery of Stolen and Lost Network-Attachable Devices (WANTED-P)

  While the announcement of identity information in an initial
mechanism relied on the fact that it could be hidden inside
data exchanges with portals (steganography, etc), the
mechanism proposed here does not require to be resistant to
filtering at all. Instead, this new mechanism executes a
polling operation to well-known portals in order to check
whether a channel exists to these portals. The polling is done
in such a way that it cannot be distinguished from a regular
HTTP request, therefore it can only be filtered out at the
expense of disturbing normal user operations at the same time.

A more detailed description of the announcement of identity
information in this context is given on Fig. 1:

1

Page 2 of 4

2

Page 3 of 4

The first step (100: polling mechanism) allows a WANTED-P
device residing in a protected computer to discover whether a
channel is open to some portal web-server. It is important for
the polling mechanism to bypass proxy web-caches. If for
instance the local network is disconnected from the rest of
the Internet, and the WANTED-P device receives during the
polling phase a web-page from a local proxy web-cache, then it
will wrongly assume that a channel exists to the real portal.
For this reason, the polling mechanism should request a
web-page which cannot be satisfied by a proxy web-cache. This
can be done for instance by requesting a search from

TM yahoo with some keywords, which should be always different.

The second step (200: identity announcement) assumes that the
channel is open to the web-server, even though this web-server
could be a fake web-server. A thief of a protected device
would probably not set-up a fake web-server to confuse the
polling mechanism, because otherwise it would also not have
the possibility to access the real web-server for his own
operation. At this point, the WANTED-P device sends a message
to the portal to which the channel seems to be open. The
message contains the unique ID of the device. It does not need
to be encrypted nor authenticated. Although it could be done
so in order to protect the privacy of the user. This message...