IL275558B2

IL275558B2 - Software stores all of the patients' medical details

Info

Publication number: IL275558B2
Application number: IL275558A
Authority: IL
Original assignee: Shareef Nader Daana
Priority date: 2020-06-22
Filing date: 2020-06-22
Publication date: 2025-12-01
Also published as: IL275558A; IL275558B1

Description

LifeSaver EPI(Emergency Patient Information) AbstractA USB-based computer security system is disclosed for authenticating software execution using an immutable authentication token derived from a multi-factor device signature. The signature includes parameters such as vendor ID, product ID, serial number, volume label, and file system metadata, which are processed through a secure digest algorithm. The system incorporates an intelligent data exfiltration interceptor with decoy injection, real-time alerting, secure USB ejection, and a concealed background watchdog process. Upon detection of unauthorized access, it initiates multi-stage security responses including account reset via encrypted URL, database erasure, source code obfuscation, and stealth file generation. In one embodiment, the system is deployed as LifeSaver EPI (Emergency Patient Information), a secure medical records application that stores encrypted personal health data on a portable USB flash device. The device is intended for use in eme rgency situations, allowing authorized access to critical patient information while preventing unauthorized duplication or modification. Drawings (41) Description FIELD OF THE INVENTION

[001] The present invention relates to the field of data security and device authentication systems. More particularly, it provides an Anti-Theft Algorithm designed to prevent unauthorized use, duplication, or access of software residing on USB (Universal Serial Bus) storage devices. The system employs a hardware-bound identifier, here referred to as the Integrated Device Marker ID (IDMID) , automated security triggers, and tamper-resistant techniques to protect sensitive medical and software data from piracy, cloning, or forensic recovery.

BACKGROUND OF THE INVENTION

[002] In emergency medical situations, immediate access to accurate patient information can be critical for saving lives. Portable USB devices have become a practical tool for storing such data offline, eliminating reliance on network access during crises. For example, LifeSaver EPI (Emergency Patient Information) is a solution designed to store encrypted medical histories, medications, and emergency contact details on a personal USB drive for use by first responders or hospital personnel.

[003] However, most existing solutions rely on conventional security approaches, such as password protection, file-level encryption, or hardware serial number checks. These methods are often inadequate against modern threats, including USB device cloning, bypass of software-level protections, and extraction of data using mobile devices or forensic recovery tools.

[004] Prior art such as D5 (US2009/0172406) and D7 (US2015/0372825) disclose authentication systems u sing device-specific attributes like Vendor ID (VID), Product ID (PID), or hardware serial numbers. While such identifiers can restrict usage to a single device, they are susceptible to spoofing and do not provide continuous monitoring or dynamic security responses. They also lack anti-tamper mechanisms, clipboard surveillance, or stealth-based reactivity against offline copying or unauthorized process injection.

[005] Accordingly, there is a recognized need for an advanced, hardware-bound software security system that not only restricts execution to registered USB devices but also introduces layered defense mechanisms. These may include immutable authentication tokens, AI-powered clipboard monitoring, automatic secure ejection, real-time alerts, source code obfuscation, and autonomous background processes capable of detecting and responding to unauthorized duplication, forensic attacks, or system bypass attempts. Such a system may be applied to secure, offline, and tamper-resistant data access scenarios including—but not limited to—emergency medical applications such as LifeSaver EPI, addressing the limitations of prior art by integrating physical USB attributes with intelligent, automated, and persistent defense layers.

SUMMARY OF THE INVENTION The invention provides a hardware-integrated Anti-Theft Algorithm that binds software execution to specific USB devices using an immutable authentication token , thereby preventing unauthorized copying, cloning, or execution of critical software or data. This token, referred to as the Integrated Device Marker ID (IDMID), is generated from a combination of device-specific and file system parameters, such as the USB device’s Vendor ID (VID), Product ID (PID), serial number, volume label, and file system metadata.

The LifeSaver software uses this unique IDMID to authenticate the USB device before execution. If the USB device is unrecognized, altered, or cloned, the algorithm triggers a multi -layered defense protocol that includes:  Immediate authentication failure handling  Secure erasure of internal databases  Source code obfuscation  Generation of hidden or decoy files  Forensic evasion and self-sanitization In one embodiment, the invention is applied to a secure, offline medical data product named LifeSaver EPI (Emergency Patient Information). When the authorized USB device is inserted into a host computer, the software auto-launches, validates authenticity through IDMID verification, and only then allows access to sensitive information. Upon proper exit, the syste m securely ejects the USB device to prevent post-session file access. Even if physical access is used to copy files via external tools (e.g., mobile phone, tablet), the Anti-Theft Algorithm continues to provide protection through persistent background monitoring and autonomous security responses.

DETAILED DESCRIPTION OF THE INVENTION A. Overview of Hardware-Bound Authentication 1. Integrated Device Marker ID (IDMID) The IDMID functions as an immutable authentication token that uniquely identifies the authorized USB device. Unlike traditional device validation methods relying solely on fixed identifiers (e.g., serial numbers), the IDMID is generated by combining multiple physical and logical attributes from the USB device and applying a secure hash function, making it highly resistant to cloning or duplication. (a) IDMID Generation Process The IDMID is computed using the following steps: 1. Parameter Collection The system collects a combination of device-specific and file system attributes, which may include: o Vendor ID (VID) o Product ID (PID) o USB Serial Number (if available) o Volume Label or Volume UUID o File system metadata (e.g., format timestamp, cluster size) o Contents of a hidden configuration or authentication file (e.g., "auth.key") 2. Concatenation These values are concatenated into a single input string. Example: input_string = "04B80202SN-12457-ALIFESAVER_USB2025-01-01T10:23:00Z" 3. Secure Digest Generation A secure hash function such as SHA-256 is applied to the input string to produce the IDMID. Example: IDMID = SHA-256(input_string) 4. Resulting Example For the above input string, the SHA-256 hash may result in: e3f41c18f30b24d7293c89e723cb3d4cd4d17b3624ddef6fa42813434a17b05. Storage and Usage The resulting IDMID is stored in the LifeSaver software’s secure database during the initial registration of the USB device. This stored value is used during all future authentication attempts. (b) IDMID Validation Each time the software attempts to launch, it recalculates the IDMID using the above process and compares it to the stored, authorized value.

 Match: The software is permitted to launch, and all protected features are made accessible.  Mismatch: Execution is denied, and the Anti-Theft Algorithm initiates the following security actions: o Database erasure o Clipboard surveillance and clearing o Code obfuscation o Decoy file deployment o Optional stealth behavior via background watchdog processes This method ensures that only uniquely fingerprinted USB devices can execute the software, and even a full clone of the files to another USB drive would fail authentication.

B. Anti-Theft Algorithm and Security Measures 1. Automated Initialization and Secure Ejection Upon insertion of the authorized USB, the software ( LifeSaver EPI , in one embodiment) auto-runs and checks whether the USB is registered. If registered, access is granted. When the authorized user completes the session and properly exits, the system automatically initiates a secure USB ejection process, ensuring that protected files remain inaccessible. This precludes unauthorized copying even if the USB device remains physically connected or if the session is left unattended. 2. Unauthorized Access Detection and Response If an unregistered USB device is detected, the Anti-Theft Algorithm initiates a multi-stage security response. This background module is always vigilant and includes a built-in AI-driven component to monitor file operations and clipboard activity. 1. Authentication Resets o The system resets or invalidates authentication tokens or software keys to block further attempts at unauthorized usage. 2. Database Erasure o Sensitive data is wiped from the USB device, including overwriting deleted sectors to prevent forensic recovery. 3. File Obfuscation o Protected files are renamed with random identifiers and relocated to hidden directories (e.g., alternate data streams, uncommon system folders). 4. Process Termination o The main executable process is forcibly ended; its encrypted source code is erased or replaced to thwart reverse engineering.

C. AI-Driven Clipboard Monitoring The invention includes an intelligent, AI-powered monitoring module that operates continuously—both during authorized sessions and when an attacker attempts to bypass the system. This module focuses on clipboard activities, especially file paths associated with protected data, and expands on basic detection with a more detailed operational framework. 1. Detection of Unauthorized Copying  If the system detects copying of sensitive file paths (e.g., paths from secure directori es or known critical files), it immediately clears or encrypts the clipboard contents.  In one embodiment, the AI module uses a combined rule-based and heuristic or machine- learning approach, maintaining a database of known protected folders, file names, or partial paths associated with the LifeSaver software. When newly copied text on the clipboard partially or wholly matches these entries, the system flags the activity as suspicious. Heuristic parameters may also track the frequency of clipboard events to identify potentially malicious copying sprees. 2. Real-Time Notifications  An automated alert is sent to the authorized user or system administrator whenever a suspicious copy event is detected, indicating potential data theft activity.  Alerts may be dispatched via email, system pop-ups, or a secure dashboard. The system also logs the incident, including timestamps and the detected file path, for later review or forensic analysis. 3. Insertion of Decoy Data  The module can optionally insert misleading file paths or dummy data into the clipboard to confuse unauthorized users. This measure not only disrupts the immediate copying but also masks the real directory structure, adding another layer of protection. 4. Concealed AI Watchdog  If LifeSaver EPI is bypassed, a hidden DOS-based AI tool—e.g., “AI WatchHawk”—runs independently at the operating system level.  AI WatchHawk is installed via non-descriptive process names, hidden registry entries, or other low-level startup hooks, ensuring it auto-runs and remains active even if the main software is not legally launched.  This concealed watchdog monitors file operations and clipboard activities in real time; if any malicious attempt is detected, it triggers the same protective measures (clipboard clearing, data obfuscation, notifications, etc.).  Self-monitoring routines restart the watchdog if forcibly terminated and can escalate to more severe anti-theft actions if repeated tampering is detected.

D. Detailed Protective Actions via DOS Scripts Upon detecting a security trigger (e.g., USB mismatch, unauthorized copying, or abnormal software termination), the Anti-Theft Algorithm launches an automated series of DOS-based scripts —notably labelled “wiper” and “Secure”—to perform the following steps: 1. Secure Account Reset o A secure URL is automatically generated to reset the user’s associated online account credentials, updating the password to a manufacturer-secure variant. o This URL is stored within an encrypted DOS file labelled “Secure,” ensuring that only the rightful owner can later retrieve it if needed. 2. Data Eradication o The USB’s local software database is thoroughly wiped to protect confidential information. o Overwriting techniques ensure minimal chance of recovery by standard forensic tools. 3. Software Process Termination o The LifeSaver EPI or similar main application is forcibly stopped. o The executable file is opened in an internal text-editor interface, destroying the encrypted source code or replacing it with random text, thus impeding reverse -engineering. 4. File Obfuscation and Concealment o A DOS file labelled “Stealth Mode” is generated and subjected to random renaming and extension alteration (e.g., from .exe to .dat or .jpg). o The file is relocated to obscure directories or hidden file system streams, preventing detection by typical user interfaces or forensic scanning.

E. Advantages Over Conventional Security Methods Feature Traditional Security Present Invention Password Protection Vulnerable to brute-forcing Hardware-tied, reset upon unauthorized use Software Licensing Keys Can be shared or cracked Executes only on pre-registered USB hardware Encryption-Based Locking High computation overhead Lightweight arithmetic-based authentication File Deletion Generally recoverable via forensics Irreversible, includes advanced obfuscation and overwriting The combination of hardware-bound IDs , AI surveillance , secure ejection , and stealth obfuscation offers a layered security approach far more resilient than conventional methods.

In certain embodiments, the modules described herein operate in a coordinated and interdependent manner, whereby detection by one module—such as unauthorized clipboard activity—can trigger responsive actions from others, including decoy injection, source obfuscation, secure ejection, or watchdog reinitialization. This layered architecture ensures that the system responds dynamically and cohesively to a range of threat scenarios, offering persistent protection even under advanced offline or forensic attack conditions.

Conclusion This invention introduces a robust, hardware-bound Anti-Theft Algorithm that enhances software and data security. Following this, Figure 41 presents the daring implementation and graphical representation of the algorithm in action, illustrating its effectiveness in real-world scenarios.

The invention, called LifeSaver, is a system that enables secure and convenient access to an ] 006 [ individual's medical health record online from any part of the world. The system has a custom function llows the manufacturer to set a URL link and HTML codes that autofill the identification number that aas shown of the owner, username, and password in the personal medical health record on a websiteThe custom function is designed to be . The end user saves the record in the database. in figure 37. accessible only by the manufacturer to ensure the security of the system In more detail, the system consists of a user interface that allows the end user to enter their personal medical information and save it in a database. The manufacturer can then set a custom URL link that points to the website where the end user's medical health record is stored. The manufacturer can also set HTML codes that are designed to autofill the identification number of the owner, username, and password fields on the website, thereby allowing the user to access their medical health record securely and conveniently from any part of the world.

The system is designed to be easy to use and secure, with the custom function accessible only by t he manufacturer to prevent unauthorized access. The autofill feature is designed to speed up the login process and ensure accuracy by automatically entering the required information. The system is an innovative solution that provides a convenient and secure way for individuals to access their medical health record online.

[007] The present invention, Life Saver, is a software tool for saving and viewing medical imaging data, including X-rays, CT scans, and panoramic images, as well as associated doctor descriptions. With Life Saver, end-users can easily view these images with a single click, and the tool provides additional features for enhanced viewing and analysis of the medical images.

In one embodiment, Life Saver includes a feature to change the color scheme of X-ray images as shown in figure 38, which are typically displayed in shades of black and white. This can enhance specific features or provide additional information in certain types of medical imaging. Additionally, Life Saver includes a contrast adjustment tool as shown in figure 39, which allows users to adjust the brightness and contrast levels of the X-ray image data. This can improve image clarity and help identify areas of interest.

Another feature of Life Saver is a magnification tool as shown in figure 40, which allows users to zoom in on specific areas of the X-ray image data. This can help users identify and analyse specific features or abnormalities within the image. In addition, Life Saver includes a panning tool, which enables users to move the X-ray image data on a display screen without changing the magnification level.

To aid in analysis of the X-ray image data, Life Saver also includes a measurement tool, which allows users to measure distances, angles, and other parameters within the X-ray image data. This can help users identify and track changes over time or compare different images side by side.

Finally, Life Saver includes a printing tool, which enables users to print the processed X-ray image. This can be useful for sharing the image with other medical professionals or for inclusion in a patient's medical record.

Overall, Life Saver provides a comprehensive software tool for saving and viewing medical imaging data, with additional features to enhance image analysis and diagnosis.

[008] The present invention relates to life-saving software that includes a primary interface designed to present medical notifications aimed at providing valuable assistance to paramedics and physicians in caring for their patients. Specifically, the software offers notifications that provide crucial medical information about the patient, such as vital signs, medical history, and current medication, among others. These notifications are presented in a user-friendly manner, allowing paramedics and physicians to quickly and easily access the information they need to provide the best possible care to their patients.

The primary interface of the life-saving software is designed to be intuitive and easy to navigate. The medical notifications are organized in a logical and easily understandable manner, ensuring that paramedics and physicians can access the information they need quickly and efficiently. Additionally, the software is capable of providing real-time updates on the patient's condition, allowing medical professionals to make informed decisions based on the most up-to-date information available, as shown in figure 3.

In summary, the life-saving software presented herein provides a valuable tool for paramedics and physicians, allowing them to access crucial medical information quickly and easily through a user-friendly interface. By presenting medical notifications in an organized and logical manner, the software aids medical professionals in providing the best possible care to their patients, ultimately saving lives and improving patient outcomes.

[009] The present invention relates to a software application that provides reliable backup and restore functionalities while also featuring an automated notification system that informs the software owner when the USB drive is not safely removed from the computer a certain number of times. This notification prompts the user to perform an urgent backup of the database and all other critical information to avoid potential data loss, as shown in figure 26.

In addition to the automated notification system, the backup system includes a user-friendly backup wizard that simplifies the backup process, ensuring that users can easily restore their information in case of any unexpected events. These advanced features guarantee that critical data is never lost, providing users with peace of mind and confidence in the safety and security of their data.

The software is designed to work with any Universal Serial Bus (USB) drive and can be installed on any computer running a compatible operating system. The software application is also flexible and can be customized to suit the unique backup needs of individual users.

Overall, the life Saver software is a reliable, efficient, and user-friendly backup and restore application that includes an automated notification system and a user-friendly backup wizard to ensure that critical data is never lost.

DRAWING FIGURES

[010] FIG. 1— License Agreement

[011] FIG. 2— Register

[012] FIG. 3— Software Main Screen and medical alerts

[013] FIG. 4— Allergies to food, Plants, and Medical Conditions

[014] FIG. 5— Medicine Allergies

[015] FIG. 6— Medical Conditions

[016] FIG. 7— Immunization

[017] FIG. 8— Rx Medications & OTC Prescribed

[018] FIG. 9— Disability/Condition

[019] FIG. 10— Devices/Equipment

[020] FIG. 11— Surgical History

[021] FIG. 12— Doctor Remarks

[022] FIG. 13— Infraction Records

[023] FIG. 14— Family History/Social History

[024] FIG. 15— Eye Diseases & Disorders

[025] FIG. 16— Diabetes Glucose Tracker

[026] FIG. 17— Laboratory Results

[027] FIG. 18— Blood Pressure History - Electrocardiogram

[028] FIG. 19— Body Mass Index - BMI

[029] FIG. 20— Haemoglobin A1c

[030] FIG. 21— Prothrombin Time and International Normalized Ratio PT/INR

[031] FIG. 22— Optics+ History

[032] FIG. 23— Medical Imaging History

[033] FIG. 24— Medical Records & Documents

[034] FIG. 25— Change Password

[035] FIG. 26— Data Backup & Restore Wizard

[036] FIG. 27— About LifeSaver – Emergency Patient Information

[037] FIG. 28— Personal Health Records Online

[038] FIG. 29— Personal Information – Identification

[039] FIG. 30— Emergency Contacts

[040] FIG. 31— Medical Contact

[041] FIG. 32— Insurance References

[042] FIG. 33- Donor References

[043] FIG. 34- Medical Online Profile

[044] FIG. 35- Software Splash Screen

[045] FIG. 36- Password Authentication

[046] FIG. 37- Developer Mode

[047] FIG. 38 – X-Ray – Color Scheme

[048] FIG. 39 – X-Ray – Change Contrast

[049] FIG. 40 – X-Ray – Magnifier & Measure

[050] FIG. 41 – Flowchart represent the algorithm in action DRAWING FIGURES DEFINED

[051] FIG. 1— An end-user license agreement is a legal contract entered into between a software developer or vendor and the user of the software.

[052] FIG.2 - Allow authorized user to register his own password and secret answer to keep his medical records secured and encrypted.

[053] FIG.3 - Main Screen of the LifeSaver EPI project gathers all services and medical alerts and also personal identification of the owner.

[054] FIG.4 - Shows if the LifeSaver EPI holder has any kind of Allergies such as food, diary and nuts and medical condition.

[055] FIG.5 - Shows if the LifeSaver EPI holder has any kind of Medicine Allergies such as penicillin, similar antibiotics, etc….

[056] FIG.6 - Shows if the LifeSaver EPI holder has any kind of Medical Conditions.

[057] FIG.7 - Shows if the LifeSaver EPI holder has any kind of Immunization.

[058] FIG.8 - Shows the doctor / hospital what medicine the patient is taking including supplements and herbs.

[059] FIG.9 - Shows the doctor / hospital what patient has Disability or Condition.

[060] FIG.10 - Shows the doctor / hospital what kind of Devices / Equipment is using during his illness

[061] FIG.11 - Shows the doctor / hospital all previous surgeries have patient occurred.

[062] FIG.12 - Shows the doctor / hospital all family doctor remarks about the patient.

[063] FIG.13 - Shows the doctor / hospital all Infraction records has been occurred.

[064] FIG.14 - Shows the doctor / hospital all patient Family History/Social History.

[065] FIG.15 - Shows the doctor / hospital all eye diseases and disorders has been occurred.

[066] FIG.16 - Shows the doctor / hospital all patient diabetes glucose daily results.

[067] FIG. 17 - Shows the doctor / hospital all patient laboratory results.

[068] FIG. 18 - Shows the doctor / hospital all patient blood pressure history – Electrocardiogram results.

[069] FIG. 19 - Calculate body mass index (BMI) for adults and shows Nutritional status.

[070] FIG. 20 - Shows the doctor / hospital all patient haemoglobin A1c results.

[071] FIG. 21 - Shows the doctor / hospital all patient prothrombin time and international normalized ratio (PT/INR) results.

[072] FIG. 22 - Shows the doctor / hospital all patient history of eye examinations results and type of lens the patient wear.

[073] FIG. 23 - Shows the doctor / hospital all patient history of medical Imaging such as x-rays, panoramic.

[074] FIG. 24 - Shows the doctor / hospital all patient medical documents from clinics or hospital that patient attached.

[075] FIG. 25 - Allow authorized user to reset his password to keep his medical data secured and encrypted.

[076] FIG. 26 - Allow authorized user to backup & restore his medical records.

[077] FIG. 27 – Shows details about LifeSaver – Emergency Patient Information.

[078] FIG. 28 – Allow authorized user to access his personal health records via web interface.

[079] FIG. 29 - Shows more of patient personal information.

[080] FIG. 30 - Shows emergency contacts details, to act on your behalf making decisions on medical treatment, or reach out to those who can (e.g. your spouse, partner or parents) is critical.

[081] FIG. 31 - Shows medical contact details, in case physicians needs more consultation about patient health.

[082] FIG. 32 - Shows hospital / medical clinic insurance references details, to compare coverage levels of different plans so you can decide on the one that fits your needs.

[083] FIG. 33 - Shows donor references, members over 18 must accept the MEDICAL DISCLAIMER.

[084] FIG. 34 - A primary goal is to allow authorized user to set his online medical records, to be able to connect his records via internet securely.

[085] FIG. 35 - Splash screen loads all modules in the background synchronously.

[086] FIG. 36 – Password Authentication screen, allows authorized user to change his password securely.

[087] FIG. 37 – Developer mode, that allows the manufacture to set the HTML codes(Hypertext Markup Language) to Autofill end user identification number + username and password that has been saved by the end user in the database in the online medical record, as shown in figure 37.

[088] FIG. 38 – The drawing depicts an x-ray feature color scheme, where different colors are used to represent different features of the x-ray image. Specifically, areas of high density are represented in red, while areas of lower density are represented in blue. This color scheme is used to highlight the different structures and elements within the x-ray image, and to aid in the interpretation and analysis of the image.

[089] FIG. 39 -The drawing depicts an X-ray image with varying levels of contrast and area contrast. In X-ray imaging, contrast refers to the difference in X-ray absorption between different tissues or materials in the body. Higher contrast images have a greater difference in X-ray absorption between different tissues, resulting in greater contrast between different parts of the image. Area contrast in X-ray imaging is a measure of the contrast between different areas or regions within the image, calculated by comparing the average X-ray absorption of two or more regions. The depicted X-ray image contains regions of high contrast and low contrast, as well as areas with varying levels of area contrast.

[090] FIG. 40 - The drawing depicts an X-ray image with features related to magnification and measurement. Magnification in X-ray imaging refers to the ability to increase the apparent size of an object or area in the image, often achieved through the use of a magnifying lens or other optical device. The depicted X-ray image includes one or more areas that have been magnified to enhance their visibility or detail. Measurement in X-ray imaging refers to the ability to determine the size or other characteristics of an object or area in the image. This can be achieved through the use of various measurement tools or techniques, such as calipers or software-based measurements. The depicted X-ray image includes one or more areas where measurements have been made to determine the size or other characteristics of an object or area.

[091] FIG. 41 – presents the daring implementation and graphical representation of the algorithm in action, illustrating its effectiveness in real-world scenarios.

CONCLUSION, RAMIFICATIONS, AND SCOPE

[092] The LifeSaver EPI stores all the medical information inside a chip. The chip is encrypted and can only be accessed by an authorized person. The information is also stored in a database that can be accessed by the LifeSaver EPI authorized person or a facility that has permission to read it. The only person that can change the data is the authorized person of the LifeSaver EPI by his own Password.

[093] LifeSaver EPI has unique function to prevent create another copy of the software in any other unregistered USB flash memory.

[094] Authorized person can only update his medical records regularly without internet connection.

[095] Many people got injured and even die, just because no one knew of your personal Medical information or medical issue in time.

[096] This Software LifeSaver EPI can safe and protect the holder from medical errors when holder get injured or he’s in critical condition.

[097] This invention protects the patient from mistakes that can happen in critical situations and it could save life’s.

[098] In case of Malfunction or failure, the owner can call the number located on LifeSaver EPI stick to seek technical support.

The drawings referred to in this description are included in a separate file accompanying this . application

Claims

LifeSaver EPI (Emergency Patent Information)

Claim 1 (Independent Claim) A computer-implemented security system embodied in a software application configured to execute exclusively from an authorized removable USB storage device, the system comprising:  a multi-factor device binding engine , configured to: o retrieve a compound device signature comprising at least a Vendor ID (VID), Product ID (PID), USB serial number, volume label, and file system metadata unique to the USB device, wherein no host machine identifiers are used. o generate an immutable authentication token secure execution token by applying a collision-resistant digest function to the compound device signature. o compare the immutable authenticationexecution token to a pre-registered reference token stored in a secure, encrypted internal database. o enable application execution only when the generated token matches the stored reference token.  a session control module , configured to: o detect insertion of the authorized USB device into a computing environment. o automatically initiate an authenticated session linked to the verified token. o monitor for USB removal or anomalous session activity, and upon such detection, securely terminate the session and eject the USB device.  an intelligent clipboard monitoring module , configured to: o analyze clipboard activity in real time using rule-based and behavior-driven heuristics. o detect patterns indicative of unauthorized access to sensitive data paths or unusual copy behavior. o in response, initiate one or more protective actions including: clearing clipboard content, injecting decoy paths, or sending alerts to a predefined administrative endpoint.  a persistent concealed watchdog process , configured to: o execute independently of the main application under an obfuscated process name. o continuously monitor for termination attempts or unauthorized manipulation. o autonomously reinitialize the application if tampering is detected.  a coordinated breach response subsystem , configured to: o activate when unauthorized execution, duplication, or device spoofing is detected. o perform a multi-layered response comprising: generating an encrypted recovery URL, deleting internal sensitive data using multi-pass overwrites, obfuscating application code artifacts, and generating decoy files with randomized attributes stored in hidden, non-indexed directories.  a termination module , configured to: o execute final containment actions upon detection of critical compromise conditions, including resetting access credentials, notifying a designated authority, and renaming system-critical files to hinder recovery or reverse engineering. wherein the components operate in an interdependent manner to provide persistent, device-bound, tamper-resistant execution control, responsive anomaly detection, and secure handling of unauthorized access attempts, independent of host-specific identifiers.
Claim 2: The system of claim 1, wherein the execution token is generated using a collision-resistant cryptographic hash function selected from the group consisting of SHA-256, SHA-3, and BLAKE2.
Claim 3: The system of claim 1, wherein the concealed watchdog process is configured to install under a randomized or non-descriptive process name, and persist across reboots using hidden registry entries, scheduled tasks, or file system hooks.
Claim 4: The system of claim 1, wherein the clipboard monitoring module utilizes a hybrid detection model comprising: (a) rule-based logic for identifying known sensitive patterns. (b) heuristic behavior profiling based on clipboard activity frequency, user access patterns, and anomaly detection. (c) adaptive learning to modify thresholds based on user context over time.
Claim 5: The system of claim 1, wherein upon detection of device spoofing or unauthorized duplication, the coordinated response subsystem performs secure multi-pass deletion of stored internal data using randomized overwrite patterns, thereby reducing the likelihood of forensic recovery.
Claim 6: The system of claim 1, wherein the decoy file generated upon breach detection is: (a) stored with a randomized name and a non-standard, non-executable extension selected from the group consisting of .dat, .tmp, and .jpg. (b) placed in a hidden directory excluded from operating system indexing. (c) timestamped and sized to mimic real sensitive files.
Claim 7: The system of claim 1, wherein the session control module is further configured to conditionally trigger automatic ejection of the USB device upon successful user logout or verified software termination, ensuring that the USB device is not left mounted during inactive or unattended sessions.
Claim 8: The system of claim 1, wherein the coordinated response subsystem remains operative and capable of enforcing protective actions even if the software is duplicated or executed in an offline environment by an external device, including removable storage or unauthorized computing hardware.