MOBILE AND SECURE NETWORK SYSTEM AND DEVICE
Patent Information
- Authority / Receiving Office
- MX · MX
- Patent Type
- Patents
- Current Assignee / Owner
- SECURKART LLC
- Filing Date
- 2022-09-26
- Publication Date
- 2026-05-19
AI Technical Summary
Mobile computing devices are vulnerable to theft due to their portable nature, lacking enhanced security measures found in traditional data centers, which are typically locked and contained in secure rooms.
A physically and electronically secured mobile security system and device that includes a housing for computing devices, with access control mechanisms, a security module for authentication, a local cache for authorized users, and a kill switch to prevent unauthorized access, and can synchronize with a remote network for enhanced security.
Provides secure network access and data protection, allowing deployment in remote locations without internet connectivity, with built-in logical and physical security, and the ability to be completely portable.
Smart Images

Figure MX433890B0
Abstract
Description
SECURE MOBILE NETWORK SYSTEM AND DEVICE Cross-reference to related applications This application claims priority to U.S. Non-Provisional Application No. 16 / 833,396, filed on March 27, 2020, the full disclosure of which is incorporated herein by reference. Field of invention This disclosure relates to a secure mobile networking system and device, more specifically, to a physically and electronically protected mobile system for hosting a computer network, providing a secure extension of the computer network from a remote home network. Background of the invention Data centers that house computer networks for the remote storage, processing, and / or distribution of large amounts of data are well-known in the field. These data centers are configured according to user requirements or for specific purposes, such as processing financial transactions, storing enterprise data, or global communications, to name a few. The computer networks housed in data centers store and transmit information essential to the user's operations. Data center security is a familiar issue for those experienced in the field and is achieved by limiting and monitoring physical access to the data centers.Because data centers house valuable information about computer networks, most data centers contain lockable doors, cabinets, and / or shelving to limit access to the network components and power supplies supported within them. The security and monitoring of racks and / or shelving in data centers hasn't changed much over the years. Traditionally, racks and / or cabinets are locked with a manual key. They can also be accessed with a key code in addition to, or instead of, a traditional key, and can utilize card reader technology to provide electronic access through smart locks that validate a user's credentials with a central server, responding with a signal to unlock the cabinet, or unlocking it remotely when instructed by an authorized user. An audit log of users who have accessed the data center can also be maintained for tracking purposes. Brief description of the invention While security measures for data centers are generally effective because they are locked, difficult to move, and contained in large, secure rooms, mobile or portable server racks do not enjoy enhanced security since their mobile nature makes them vulnerable to theft. Mobile computing devices that can be used in various locations Remote RnnQQn / zznz / q / uili are desirable for a variety of industries and reasons. Many industries send workers to remote areas where there is no network connectivity, or to customer locations where customer internet access is undesirable for security or other reasons. Therefore, a mobile security system and device that provides security and accountability for the use of the computer network and equipment contained within the mobile security system, wherever it is located, is desirable. This document discloses a physically and electronically protected mobile security system and device for housing a computer, providing a secure extension of a remote home network to the computer's current location. The mobile security system uses a logistical and physical access control system identical to that of the parent installation. The mobile system includes an enclosure that supports the computer and has a door for accessing it. It may also include a backup power supply, a wireless router (also supported by the enclosure) to provide wireless network access to the remote home network, an access control mechanism to secure the door to the enclosure, and a security module to protect data stored on the computer and provide authentication for accessing the enclosure. In one configuration, the security module includes a local cache of users authorized to unlock the premises. The local cache can also be configured to track users who have accessed the credential reader. The security module can be configured to synchronize the local cache with a cache located on the remote home network. The local cache can also be used to cache data determined by a data center as unnecessary for synchronization with the remote home network. In another configuration, the access control mechanism is set to deny access to the premises if the security module fails to synchronize the local cache with the cache located on the remote home network. The mobile and secure network device may include an emergency switch to physically disable access to the premises by deactivating the credential reader after a predetermined number of attempts by an unauthorized user whose credentials do not match a user in the local cache of authorized users. In another configuration, when the emergency switch is triggered, it also clears the local cache and disables access to the remote home network. Upon activation of the emergency switch, whether by an unauthorized user attempt or a forced physical breach, a failsafe device sends a signal to clear the local cache and disable remote access to the home network.The computing device may also include a global positioning system supported by the hosting so that the secure network device can be tracked remotely, as desired, in the event of a breach. The Mobile Secure Network System and Device is a physically secure network device that allows anyone to extend their network to any location in the world with access to power. Caching and bandwidth optimization within the router enable the system to function as a complete local data center environment in a remote location, even with very slow internet, as bandwidth optimization can synchronize the local cache as usage allows, while authorization requests are sent directly to the originating data center as high-priority traffic. The Mobile Secure Network System and Device can be deployed in areas without internet access and can be self-sufficient and secure. The Mobile Secure Network System and Device has built-in logical and physical security and is fully portable. Brief description of the drawings Various aspects of at least one embodiment are discussed below with reference to the accompanying figures, which are not necessarily drawn to scale, but rather emphasize the illustration of the principles disclosed herein. The figures are included to provide illustration and further understanding of the various aspects and embodiments and are incorporated into and form part of this specification, but are not intended to define the limits of any particular embodiment. The figures, together with the rest of the specification, serve only to explain principles and operations of the aspects and embodiments described and claimed, but should not be construed as limiting embodiments. In the figures, each identical or nearly identical component illustrated in the various figures is represented by a similar number.For clarity purposes, not all components may be labeled in all figures. Figure 1 is a perspective view of the secure mobile network device according to a first modality; Figure 2 is a schematic view of the secure mobile network system and device from Figure 1; Figure 3 is a flowchart illustrating one modality of a security module and locking mechanism to secure the mobile network device in accordance with the modalities disclosed herein; Figure 4 is a flowchart illustrating one mode of the security module for synchronizing the local cache with the remote network according to modes disclosed in this document; and Figure 5 is a schematic view of the secure mobile network device according to Figure 1. Detailed description of the exemplary modalities The examples of the system and device discussed here are not limited in their application to the construction details and component arrangement described below or illustrated in the accompanying drawings. Anyone skilled in the art will understand that the system and device are capable of implementation in other ways and can be practiced or carried out in different forms. The examples of specific configurations provided herein are for illustrative purposes only and are not intended to be limiting. Likewise, the wording and terminology used herein are descriptive and should not be considered restrictive.Any reference to examples, realizations, components, elements, or acts of the system and device referred to herein in the singular may also encompass realizations that include a plurality, and any reference in the plural to any realization, component, element, or act referred to herein may also encompass realizations that include only a singularity (or unitary structure). Singular or plural references are not intended to limit the system and device herein disclosed, its components, actions, or elements. As used herein, the singular forms “a,” “an,” “one,” “the,” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise.The use of including, comprising, includes, having, containing, implying, and their variations in the specification is intended to encompass the elements listed below and their equivalents, but does not exclude the presence or addition of one or more features or elements. References to “or” may be interpreted inclusively so that any term described using “or” may indicate any one, more than one, or all of the terms described. As will be appreciated by anyone experienced in the subject matter, the system and device aspects disclosed herein may be incorporated as a system, method, or device. Accordingly, the aspects of this disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, microcode, etc.), or an embodiment that combines software and hardware aspects, which may generally be referred to herein as a circuit, module, or system. In addition, some aspects of this disclosure may take the form of a computer program product embodied in one or more computer-readable media containing computer-readable program code. Any combination of one or more computer-readable media may be used.A computer-readable medium can be either a computer-readable signaling medium or a computer-readable storage medium. Program code embodied on a computer-readable medium can be transmitted using any appropriate means, including, but not limited to, wireless connection, fiber optic cable, radio frequency, etc., or any suitable combination thereof. The aspects of this disclosure are described below with reference to flowchart illustrations and / or block diagrams of methods, devices (systems), and computer program products as realized in the disclosure. It is understood that each block in the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. When referring to the flowchart illustrations and / or block diagrams, the functions annotated in the block may occur out of the order shown in the figures. For example, two blocks shown in succession may, in fact, execute substantially at the same time, or blocks may sometimes execute in reverse order, depending on the functionality / actions involved.Each block in the block diagrams and / or flowchart illustration, and combinations of blocks in the block diagrams and / or flowchart illustration, can be implemented by systems based on special-purpose hardware that perform the specified functions or acts, or combinations of special-purpose hardware and computing instructions. Referring initially to figures 1 and 2, this disclosure is directed to a system RnnQQn / zznz / q / uli and a physically and electronically protected mobile security device 10 to house a computing appliance 12, providing a secure extension of a remote home network 14 to the actual location of the computing appliance. As used herein, the term “computing appliance” refers to electronic equipment housed within the mobile security device for use with the home network, including, but not limited to, servers, patch panels, routers, and switches. The mobile security system 10 includes an enclosure, i.e., a housing 16 that encloses the computing appliance 12 with a door 18 for accessing the computing appliance 12, an access control mechanism 24 for securing the door 18 in a closed position with respect to the housing 16, and a security control module 25 for protecting data stored on the computing appliance 12 and providing authentication for accessing the enclosure 16.Housing 16 may also include support members, for example, shelving 11 including rails to secure the computing apparatus within housing 16 and which can be slid in, a backup power supply 20 supported by housing 16, and a wireless router 22 to provide wireless network access to the remote home network 14. In this configuration, the access control mechanism 24 communicates with the remote home network 14 to validate requests to unlock door 18. The access control mechanism 24 may include a credential reader 26 and a locking device 28. The credential reader 26 may be communicatively connected to door 18, and the locking device 28 may be any of a variety of locking devices, including a traditional lock 30. The security control module 25 communicates with the credential reader 26 and the access control mechanism 24 to allow access to the computing device 12 by unlocking the lock 30 after credential verification via the home network 14. In one configuration, as illustrated in Figure 3, the security control module 25 includes the locally cached database 32 of users authorized to unlock the locker 16. To gain access to the locker 16, the credentials read by the credential reader 26 can be checked against the locally cached database of authorized users. If the user's identity matches those in the locally cached database 32, the card is validated and the door 18 is unlocked. If the user's identity does not match those in the locally cached database 32, the card is invalid, and an alert is stored in the local cache and can also be communicated and stored on the remote home network 14. In this way, unauthorized attempts to gain access to the system and mobile security device 10 can be recorded in an audit log.The local cache 32 can also be configured to track users who have accessed the credential reader 26 and similarly store those who have accessed the system and mobile security device 10 in an audit log, either locally or remotely. As illustrated in Figure 4, the security control module 25 can also be configured to synchronize the local cache 32 with a cache 34 located on the remote home network 14. The local cache 32 can also be used to cache data deemed unnecessary for synchronization with the remote home network 14. The access control mechanism 24 can also be configured to deny access to the accommodation 16 if the security module 26 fails to synchronize. RnnoQn / zznz / q / uili the local cache 32 with the cache 34 located on the remote home network 14. If access is denied by the security control module 25 after a predefined occurrence, such as lack of authorization or a local cache synchronization failure 32, a shutdown protocol can be initiated. The mobile security system 10 can include an emergency switch 36 to physically disable access to the host 16 by disabling the credential reader 26 (for example, after a set number of attempts by a user that does not match a user in the local user cache 32 or if synchronization fails). In one mode, when the emergency switch 36 is activated, it also erases (i.e., wipes, deletes, destroys) the data stored in the local cache 32 and disables access to the remote home network 14. A failsafe device 38 can be provided to signal a forced breach of the mobile and secure network device 10 and activate the emergency switch.The fail-safe device 38 can be any known device that triggers a signal after a physical breach, including for example a glass break sensor, a lock sensor, and / or a power sensor. In case of an emergency, when removal of computer unit 12 from housing 16 is required, an emergency key can be provided that allows for the removal of computer unit 12. The emergency key in this modality is a physical key, which can be stored remotely from the housing in a secure location, and can be used to access a lock located at the rear of the housing should the electronic lock fail. Accessing housing 16 from the rear allows the user to enter the housing to remove the side panel and / or dismantle computer unit 12, which is mounted on the rack from the inside out. When access is granted when the housing is entered from the front using credential reader 26 and locking device 28, removal of computer unit 12 is not easily feasible.Additionally, a tamper indicator, such as tamper-evident tape or a pressure sensor, can be provided to indicate subsequent access to the housing, which can then be reset electronically and / or physically. For example, if a pressure sensor is used, it would first need to be returned to its original position and then reset electronically. If tamper-evident tape is used, it would need to be physically replaced. Consequently, it would be evident when the emergency key is used. The computing appliance 12 may include a server 40 that communicates with the remote home network 14 via a secure network channel, such as a VPN channel or a local wireless network. The local wireless network may include a Wi-Fi network, a cellular network, and / or a mesh network, or a similar network. The computing appliance may further include a global positioning system 42 supported by the hosting 16 so that the secure network device 10 can be remotely tracked, as desired. The Mobile Security System 10 provides a secure network device that allows anyone to extend their network anywhere in the world with access to power. Caching and bandwidth optimization within the router enable the system to function as a complete local data center environment in a remote location, even with very slow internet, as bandwidth optimization can synchronize the local cache as usage allows, while authorization requests are sent directly to the originating data center as high-priority traffic. The mobile security system can be deployed in an area without internet access and can be self-sufficient and secure. The mobile device has built-in logical and physical security and is fully portable. Those experienced in the field will appreciate that the concept on which this disclosure is based can easily be used as a basis for designating other products without departing from the substance and scope of the invention as defined by the appended claims. Therefore, the claims should not be limited to the specific examples represented herein. For example, the features of one example disclosed above can be used with the features of another example. Furthermore, various modifications and rearrangements of the parts can be made without departing from the substance and scope of the underlying inventive concept. Therefore, the details of these components as set forth in the examples described above should not limit the scope of the claims. Furthermore, the purpose of the abstract is to enable the United States Patent and Trademark Office, the general public, and especially scientists, engineers, and technical professionals unfamiliar with patent or legal terminology or phraseology, to quickly determine, from a cursory inspection, the nature and substance of the technical disclosure in the application. The abstract is not intended to define the claims of the application, nor is it intended to be limiting of the claims in any way.
Claims
1. A secure mobile network system comprising: a computing appliance configured to extend a remote home network to a current location of the network appliance such that one or more endpoint devices at the current location of the network appliance can join the remote home network; an enclosure supporting the computing appliance and including a door for accessing the computing appliance, the enclosure being constructed and accommodated for mobile transport and including a backup power supply supported thereon; an access control mechanism for securing the enclosure including a credential reader communicatively connected to the door and a locking device for securing the door in a locked position, the locking device being movable between a locked and unlocked position to permit access to the computing appliance;a security control module communicatively connected to the access control mechanism and constructed and accommodated to deny access to the premises after the occurrence of one or more predefined events; and wherein when access to the accommodation is denied by the security control module, a shutdown protocol is initiated to secure the computing apparatus.
2. The system according to claim 1, wherein the predefined occurrences are selected from the group that includes unverified users attempting to gain access to the computing apparatus through the access control module, failure to synchronize a local cache with a remote cache on the parent network, a physical breach of the enclosure, and loss of power.
3. The system according to claim 1, further comprising a local cache supported by the hosting, the local cache including a list of users who are authorized to access the computing device.
4. The system according to claim 3, wherein the local cache further includes a record of users who have accessed the credential reader.
5. The system according to claim 3, wherein, in order to verify user credential data representing the user, it is compared with a local cache of authorized users and, upon finding a match, the door is unlocked.
6. The system according to claim 5, wherein the shutdown protocol is initiated after a predetermined number of attempts by a user who is not verified after comparison of the local cache of authorized users.
7. The system according to claim 1, wherein the security control module further comprises a local cache configured to remotely cache data that has not been synchronized with the remote home network, and the security module is configured to synchronize the data in the local cache with the remote home network.
8. The system according to claim 7, wherein, following a reduction in bandwidth, the security control module prioritizes the order in which the data in the local cache is synchronized with the home network, with high-priority activities being synchronized first and lower-priority activities being synchronized later with any remaining bandwidth.
9. The system according to claim 8, wherein synchronizing a record of users who have accessed the credential reader with the home network and authorizing users who are attempting to access the computing device are high-priority activities, and synchronizing other data stored in the local cache with the home network is a lower-priority activity.
10. The system according to claim 7, wherein the access control mechanism is configured to deny access to the premises if the security module fails to synchronize the local cache with the remote home network.
11. The system according to claim 1, further comprising an emergency switch to disable access to the accommodation by deactivating the credential reader after the shutdown protocol has been initiated.
12. The system according to claim 1, further comprising an emergency switch activated to clear the local cache and disable access to the remote home network after a signal received due to a forced breach of the mobile and secure network device from a fail-safe device.
13. The system according to claim 12, wherein the fail-safe device is selected from the group comprising a glass break sensor, a lock sensor, and a power sensor.
14. The system according to claim 1, further comprising a global positioning system supported by the host where the location of the secure network device can be tracked remotely.
15. A secure, mobile networking device comprising: a computing apparatus configured to extend a remote home network to a current location of the networking apparatus such that one or more endpoint devices at the current location of the networking apparatus can join the remote home network; a local cache of data stored by the computing apparatus; an enclosure supporting the computing apparatus and including a door for accessing the computing apparatus, the enclosure being constructed and accommodated for mobile transport and including a backup power supply supported thereon; an access control mechanism for securing the enclosure including a locking device for securing the door in a locked position, the locking device movable between a locked and unlocked position to permit access to the computing apparatus;a security control module communicatively connected to the access control mechanism and constructed and accommodated to deny access to the premises after the occurrence of one or more predefined occurrences; and wherein when access to the accommodation is denied by the security control module, a shutdown protocol is initiated to physically secure the accommodation and secure the data contained in the local cache.
16. The device according to claim 15, wherein, in order to secure the data in the local cache, the data is removed from the local cache and access to the remote home network is disabled.
17. The device according to claim 16, wherein before deleting the data from the local cache, it is transferred to the home network.
18. The device according to claim 15, wherein the predefined occurrences are selected from the group that includes unverified users attempting to gain access to the computing apparatus through the access control module, failure to synchronize a local cache with a remote cache on the home network, a physical breach of the enclosure, and loss of power.
19. The device according to claim 18, wherein the shutdown protocol is initiated after a predetermined number of attempts by a user who is not verified after comparison with the local cache which includes a list of authorized users.
20. The device according to claim 15, further comprising an emergency switch for disabling access to the accommodation by deactivating a credential reader communicatively connected to the locking device after the initiation of the shutdown protocol.
21. The device according to claim 15, further comprising a fail-safe device which, when activated, provides a signal to the security control module to clear the local cache and disable access to the remote home network.
22. The device according to claim 21, wherein the fail-safe device is selected from the group comprising a glass break sensor, a lock sensor, and a power sensor.