WO1991001065A1 - Layered protection system for computer's hard disk - Google Patents

Layered protection system for computer's hard disk Download PDF

Info

Publication number
WO1991001065A1
WO1991001065A1 PCT/US1990/003865 US9003865W WO9101065A1 WO 1991001065 A1 WO1991001065 A1 WO 1991001065A1 US 9003865 W US9003865 W US 9003865W WO 9101065 A1 WO9101065 A1 WO 9101065A1
Authority
WO
WIPO (PCT)
Prior art keywords
disk drive
disk
protected
access
switch means
Prior art date
Application number
PCT/US1990/003865
Other languages
French (fr)
Inventor
Gilbert Wayne Morrison
Trygre Chatham Myhre
Original Assignee
Martin Marietta Energy Systems, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Martin Marietta Energy Systems, Inc. filed Critical Martin Marietta Energy Systems, Inc.
Publication of WO1991001065A1 publication Critical patent/WO1991001065A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B19/00Driving, starting, stopping record carriers not specifically of filamentary or web form, or of supports therefor; Control thereof; Control of operating function ; Driving both disc and head
    • G11B19/02Control of operating function, e.g. switching from recording to reproducing
    • G11B19/04Arrangements for preventing, inhibiting, or warning against double recording on the same blank or against other recording or reproducing malfunctions
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00094Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised record carriers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress

Definitions

  • This invention relates to the field of computer disk security and more particularly concerns a multilevel system and device for preventing unauthorized access to such a computer disk.
  • microcomputers equipped with nonremovable "hard” disks are approved for handling sensitive information only in secured areas because sensitive information could be stored intentionally or inadvertently on the nonremovable "hard” disks. As a result, the sensitive information could be obtained by unauthorized individuals. Also, information that is legitimately stored on these nonremovable "hard” disks needs protection from inadvertent erasure or alteration. The effort of maintaining computers in an environment free from such undesirable occurrences as these naturally hampers productivity. However, productivity could be significantly increased if microcomputer's central processor could be accessed while verifiably preventing unauthorized access to the information stored on the computer's disk drives. Similar problems could also exist for computer users in private industry.
  • a layered protection system for a computer disk wherein both read and write access to the hard disk of a computer are controlled and can be prevented on multiple cooperating levels.
  • the layered protection system for a computer disk includes a hardware layer, wherein certain of the electrical wires which connect the computer to the disk controller are physically interrupted with a switching device inserted therebetween to reestablish the electrical connections only under controlled conditions.
  • Maintaining administrative control of the key for the security switch comprises another cooperating level of controlling the access to the hard disk memory.
  • four operating modes are established.
  • the first such operating mode is a "NORMAL" mode, wherein an operator can both read from and write to the hard disk memory of a computer.
  • the second is a "READ ONLY” mode, wherein an operator can read from the hard disk but cannot write to it.
  • the third mode is for "WRITE ONLY", wherein an operator can write data into the hard disk memory of a computer but cannot read from it.
  • there is a “NEITHER” mode wherein an operator can neither read from nor write to the hard disk memory, but can still utilize all the other functions of the affected computer.
  • the layered protection system also includes a software layer that verifies that the hardware is both functioning and in use.
  • This software "locks up” the system in the event of a failure on the part of the hardware.
  • the software also initiates and maintains a status log for security audit purposes. Administrative controls require the computer to be started with a "boot” disk which contains the software layer.
  • the software functions as a "Terminate and Stay Resident” (TSR) program. This allows the software to verify that the hardware is functioning and prevent unauthorized access to the hard disk while the operator is using the computer. When the computer user is finished working in a classified environment the software is again utilized to verify that the protected disks have not been written to and to update the security audit status log.
  • TSR Terminate and Stay Resident
  • Figures 1A, IB, and 1C are pictorial views of the components of an access restricting system.
  • FIG. 2 is a pictorial diagram of a typical switching device constructed in accordance with various features of the present invention.
  • Figure 3 is a general schematic diagram of the electrical system of the access restricting system pictured in Figure 1.
  • FIG. 4 is a detailed schematic diagram of the electrical system of the present invention.
  • Figure 5 illustrates a flow diagram of the operational steps of the software layer of the invention during the start-up in which the software verifies that the hardware is functioning prior to allowing the user access to the computer.
  • Figure 6 illustrates a flow diagram of operational steps of the software in TSR mode and the steps in the "QUIT" portion of the software that verifies that no unauthorized changes have been made to the protected disks during the period of the operator's use.
  • FIG. 1A A layered protection system for a computer disk is illustrated pictorially in Figures 1A, IB, and lC.
  • Figure 1A illustrates a key 34 and a lock means 28 that cooperate with a security switch 18 illustrated in Figure IB. These elements are shown as representing the "hardware" portion of the layered protection system for a computer disk.
  • lock and switch means are well known in the art and are typical of the multiple-pole, multiple-throw locking electrical switch that can be obtained "off the shelve". Of importance is the manner, described herein, that the locking electrical switch is interfaced with the computer. It will be recognized by those skilled in the art that the switch 18, with its key 34 and lock 28, can also be installed directly within the computer 30 or within a housing for fixed disk drive. The choice of location will depend upon the particular installation play for the present invention, the important feature being to interrupt the communication between the hard disk and the computer.
  • FIG. 22 A perspective view of a typical embodiment of this hardware portion of the administrative control level is shown at 22 in Figure 2.
  • This includes a housing 20 for the enclosure of the switch 18 (not shown in this figure) , this switch accepting the aforementioned key 34 and lock 28.
  • Illustrated are the various electrical cables 12, 14 that connect the switch with a disk drive controller and the disk drive itself.
  • FIG. 3 A general schematic diagram of the system of the present invention is illustrated in Figure 3.
  • the cables 12, 14 are used to connect the hardware portion 22 of the administrative control level to a drive controller in a computer 30, or it can be a separate unit if desired.
  • the switch 18 within the enclosure 20 is illustrated for convenience as a double- pole switch; however, as illustrated in both Figure IB and Figure 4, this is a multi-pole, multi-throw switch.
  • only a portion of the electrical leads between the drive controller and the disk drive needs to be interrupted by the switch.
  • the remaining electrical leads are designated at 40 in Figure 3. These leads 40 can either bypass the housing 20 or can be routed therethrough.
  • FIG. 4 A detailed schematic diagram of the hardware system of the administrative control of the present invention is shown in Figure 4.
  • the switch 18 is typically a multi-pole, multi-throw type.
  • the switch has an indicator 80 which will indicate the position of the switch in the following positions, which are discussed below: "NORMAL”, “READ ONLY”, “WRITE ONLY”, AND “NEITHER".
  • the key-out position i.e., the only position in which the key can be removed, is the neither position.
  • the specific wires to be interrupted by being connected to switch 18 include the wires to at least a "Drive Select”, a “Write Gate”, a “Write Enable”, a “Read Gate”, and two "Write Data” lines, in which the total travel distance added by the switching device 22 and input and output leads for data transmission between the computer 30 and the hard disk 32 drive are preferably of equal length and preferably no longer than five feet, in order to maintain correct timing for data transmitted through the switching device 22.
  • FIGs. 6 and 7 illustrate the operation of the software system in the preferred embodiment.
  • the operator disengages the computer from any and all unclassified connections, e.g. a network, and the key 34 is removed from the switch 18 as indicated at 120 "configure for protective mode".
  • the operator then inserts the boot disk which contains the software level of the security system and turns the computer on.
  • the "autoexec.bat” file contained on the boot disk activates the "protect” program.
  • the "protect” program can be initiated to protect all drives, all drives except a given drive, or any specifically designated drive(s). For purposes of illustration the flow diagram designates drive “n” as any given drive.
  • the program then initiates the status log record at 125.
  • the audit record status is set at zero (0) at 126 and the keyboard is locked at 127. While the audit record status can be designated as any given set of values, in the preferred, illustrated embodiment the values shown in Table 1 are used. Value Meaning
  • the system then identifies the first protected drive and determines if that drive is indeed protected at 130. In the event that the drive is not protected, this result is displayed at 135 and the audit record status is updated to one (1) . The operator is prompted to reconfigure for protected mode and instructed that the software will reboot the system in a preselected amount of time. In the illustrated preferred embodiment the system reboots in about fifteen (15) seconds. This causes the "Protect" program to be reactivated at 124. If drive "n" passes the initial test at 130, that result is displayed and the program repeats 130 for each protected drive. When the last protected drive passes the initial test at 130, the audit record status is updated to two (2) and the display notifies the user that the test of the protected drives is complete.
  • the boot record, the File Allocation Table (FAT) and the checksums of each protected drive is copied to the boot disk at 140.
  • the protect program enters a "terminate and stay resident" (TSR) mode and the key board is unlocked at 145.
  • TSR terminal and stay resident
  • the TSR protect program continually monitors at 150 any attempt to write to a protected disk. When such an attempt is detected at 155, the operator is prompted to reinsert the boot disk, the audit record status is updated to 3. The operator is prompted to reconfigure for protected mode and instructed that the software will reboot the system in a preselected amount of time. In the illustrated preferred embodiment the system reboots in about fifteen (15) seconds. This reinitiates the "Protect" program at 124.
  • the “Quit” program compares the current boot record, the current FAT, and the current checksums with those saved on the boot disk. If the records are the same, the audit record status is updated to nine (9) .
  • the system locks the keyboard and displays the test results at 164. In the preferred embodiment, the system displays:
  • the audit record status is updated to five (5) .
  • the keyboard is locked and the system notifies the user of the failure.
  • the system displays:
  • the layered protection system for a computer disk provides a multilayered system incorporating hardware and software which verifiably prevents undesirable access to a computer's hard disk, and if warranted the system further prevents undesirable access to a computer's floppy disk drive(s) , while allowing an operator to use the computer's central processor.
  • the system maintains a status log of all protected disk checks and activities for purposes of routine security audit checks. It will be obvious to those skilled in the art that while in the protected mode the system also prevents "virus" contamination of protected drives.

Abstract

A system (10) and device (18) for controlling access to the hard disk memory portion of a computer on both hardware and software levels, with associated administrative control. A switching device (18) is inserted in the wiring between the hard disk controller and the hard disk (32), requiring the application of a key (34) or other suitable electronic or digital access means for operation of the switch allowing an unprotected mode, a mode wherein a disk (24) in a protected disk drive may be read from but not written to; a mode wherein a disk (24) in a protected disk drive may be written to but not read from and a mode wherein a disk (24) in a disk drive may neither be read from nor written to and a software program verifying the functioning of the hardware and providing means to detect an attempted access of a protected drive and maintaining a status log for security audit purposes. The key (34) and the software program being administratively controlled.

Description

LAYERED PROTECTION SYSTEM FOR COMPUTER'S HARD DISK
This application in part discloses and claims subject matter disclosed in our earlier filed pending application, Serial Number 07/378,549, filed July 10, 1989.
The U.S. Government has rights in this invention pursuant to Contract No. DE-AC05-84OR21400 awarded by the U.S. Department of Energy contract with Martin Marietta Energy Systems, Inc.
Technical Field
This invention relates to the field of computer disk security and more particularly concerns a multilevel system and device for preventing unauthorized access to such a computer disk.
Background Art
In establishments using proprietary or classified information, especially in the government and military environments, microcomputers equipped with nonremovable "hard" disks are approved for handling sensitive information only in secured areas because sensitive information could be stored intentionally or inadvertently on the nonremovable "hard" disks. As a result, the sensitive information could be obtained by unauthorized individuals. Also, information that is legitimately stored on these nonremovable "hard" disks needs protection from inadvertent erasure or alteration. The effort of maintaining computers in an environment free from such undesirable occurrences as these naturally hampers productivity. However, productivity could be significantly increased if microcomputer's central processor could be accessed while verifiably preventing unauthorized access to the information stored on the computer's disk drives. Similar problems could also exist for computer users in private industry.
The prior art made of record in the parent case is herein incorporated by reference. While some of the above referenced art addresses the problem of controlling access to the computer, the prior art relies on physical obstructions to the external openings to the drive bays or to keyed "on-off" switches. The art does not offer or suggest a system that simultaneously offers access to the processing capabilities of the computer while verifiably preventing access to the information stored in the protected disk drives.
Accordingly, it is an object of this invention to provide a multilayered system incorporating hardware and software which verifiably prevents undesirable access to a computer's hard disk memory while allowing an operator to use the computer's central processor.
It is another object of the present invention to provide a multilayered system incorporating hardware and software which also prevents undesirable access to a computer's floppy disk drive(s) if such protection is warranted.
It is another object of this invention to provide a multilayered security system which maintains a status log of all protected disk checks and activities for purposes of routine security audit checks.
It is another object of this invention to provide a multilayered security system which prevents "virus" contamination of protected drives.
Other objects and advantages over the prior art will become apparent to those skilled in the art upon reading the detailed description together with the drawings as described as follows. Disclosure of the Invention
In accordance with various features of the present invention, a layered protection system for a computer disk is provided wherein both read and write access to the hard disk of a computer are controlled and can be prevented on multiple cooperating levels. The layered protection system for a computer disk includes a hardware layer, wherein certain of the electrical wires which connect the computer to the disk controller are physically interrupted with a switching device inserted therebetween to reestablish the electrical connections only under controlled conditions.
Maintaining administrative control of the key for the security switch comprises another cooperating level of controlling the access to the hard disk memory. Within the multilevel protection program of the preferred embodiment of the present invention, four operating modes are established. The first such operating mode is a "NORMAL" mode, wherein an operator can both read from and write to the hard disk memory of a computer. The second is a "READ ONLY" mode, wherein an operator can read from the hard disk but cannot write to it. The third mode is for "WRITE ONLY", wherein an operator can write data into the hard disk memory of a computer but cannot read from it. Finally, there is a "NEITHER" mode, wherein an operator can neither read from nor write to the hard disk memory, but can still utilize all the other functions of the affected computer.
The layered protection system also includes a software layer that verifies that the hardware is both functioning and in use. This software "locks up" the system in the event of a failure on the part of the hardware. The software also initiates and maintains a status log for security audit purposes. Administrative controls require the computer to be started with a "boot" disk which contains the software layer. The software functions as a "Terminate and Stay Resident" (TSR) program. This allows the software to verify that the hardware is functioning and prevent unauthorized access to the hard disk while the operator is using the computer. When the computer user is finished working in a classified environment the software is again utilized to verify that the protected disks have not been written to and to update the security audit status log.
Brief Description of the Drawings
The above mentioned features of the invention will become more clearly understood from the following detailed description of the invention read together with the drawings in which:
Figures 1A, IB, and 1C are pictorial views of the components of an access restricting system.
Figure 2 is a pictorial diagram of a typical switching device constructed in accordance with various features of the present invention.
Figure 3 is a general schematic diagram of the electrical system of the access restricting system pictured in Figure 1.
Figure 4 is a detailed schematic diagram of the electrical system of the present invention.
Figure 5 illustrates a flow diagram of the operational steps of the software layer of the invention during the start-up in which the software verifies that the hardware is functioning prior to allowing the user access to the computer.
Figure 6 illustrates a flow diagram of operational steps of the software in TSR mode and the steps in the "QUIT" portion of the software that verifies that no unauthorized changes have been made to the protected disks during the period of the operator's use. Best Mode For Carrying Out The Invention
A layered protection system for a computer disk is illustrated pictorially in Figures 1A, IB, and lC. Figure 1A illustrates a key 34 and a lock means 28 that cooperate with a security switch 18 illustrated in Figure IB. These elements are shown as representing the "hardware" portion of the layered protection system for a computer disk.
The mechanical components of the lock and switch means are well known in the art and are typical of the multiple-pole, multiple-throw locking electrical switch that can be obtained "off the shelve". Of importance is the manner, described herein, that the locking electrical switch is interfaced with the computer. It will be recognized by those skilled in the art that the switch 18, with its key 34 and lock 28, can also be installed directly within the computer 30 or within a housing for fixed disk drive. The choice of location will depend upon the particular installation play for the present invention, the important feature being to interrupt the communication between the hard disk and the computer.
A perspective view of a typical embodiment of this hardware portion of the administrative control level is shown at 22 in Figure 2. This includes a housing 20 for the enclosure of the switch 18 (not shown in this figure) , this switch accepting the aforementioned key 34 and lock 28. Illustrated are the various electrical cables 12, 14 that connect the switch with a disk drive controller and the disk drive itself.
While a mechanical key and lock have been described and illustrated, it will of course be understccd that an electronic or a digital security switch, which are well known in the art, will also provide a suitable means for preventing or allowing access.
A general schematic diagram of the system of the present invention is illustrated in Figure 3. Here it can be seen that the cables 12, 14 are used to connect the hardware portion 22 of the administrative control level to a drive controller in a computer 30, or it can be a separate unit if desired. The switch 18 within the enclosure 20 is illustrated for convenience as a double- pole switch; however, as illustrated in both Figure IB and Figure 4, this is a multi-pole, multi-throw switch. As discussed in greater detail hereinafter, only a portion of the electrical leads between the drive controller and the disk drive needs to be interrupted by the switch. The remaining electrical leads are designated at 40 in Figure 3. These leads 40 can either bypass the housing 20 or can be routed therethrough.
A detailed schematic diagram of the hardware system of the administrative control of the present invention is shown in Figure 4. As stated above, the switch 18 is typically a multi-pole, multi-throw type. The switch has an indicator 80 which will indicate the position of the switch in the following positions, which are discussed below: "NORMAL", "READ ONLY", "WRITE ONLY", AND "NEITHER". In the preferred embodiment, the key-out position, i.e., the only position in which the key can be removed, is the neither position.
The specific wires to be interrupted by being connected to switch 18 include the wires to at least a "Drive Select", a "Write Gate", a "Write Enable", a "Read Gate", and two "Write Data" lines, in which the total travel distance added by the switching device 22 and input and output leads for data transmission between the computer 30 and the hard disk 32 drive are preferably of equal length and preferably no longer than five feet, in order to maintain correct timing for data transmitted through the switching device 22.
Referring next to the schematic diagram of Figure 4, it will be observed that in the "NORMAL" operating position, the hard disk memory can be both written to and read from so that the full and complete capabilities of the computer and its associated hard disk memory are available to the operator. When key 34 is inserted and switch 18 operated to the "READ ONLY" mode, the line labelled "WRITE DATA +" is open-circuited by contacts 1 and 2, the line labelled "WRITE DATA -" is open-circuited by contacts 3 and 4 and the "WRITE GATE" line is open- circuited between contacts 7 and 9 of switch 18A, precluding any possibility of writing to (storing data on) the hard disk memory. In the "WRITE ONLY" position of the switch 18, the "READ GATE" lines are open- circuited by contacts 5 and 6 of section B of switch 18, as shown, so that no data stored on the hard disk memory can be read. In the "NEITHER" position of the switch, the three lines labeled "WRITE FAULT", "DRIVE SELECT 1", and "DRIVE SELECT 2" are disabled by being electrically connected through contacts 7 and 8 of switch 18A to the "WRITE GATE" line through isolating diodes 38.
It will be recognized by those skilled in the art that this is necessary to avoid the pick-up or generation of noise in the open leads. Simultaneously, the "WRITE GATE" line is again open-circuited between contacts 7 and 9 of switch 18A as described above.
Of course, it will also be apparent to those skilled in the art that, in another embodiment of the present invention, existing cables to a computer to be modified with the present invention can be replaced by wholly fabricated replacement cables with the switching device of the present invention manufactured in place as an integral part of such replacement cables. Furthermore, as has already been mentioned, security switch 18 or its equivalent can be mounted or attached in some location other than that exemplified, such as directly on the circuit board of the controller or disk drive, for instance. In the preferred embodiment, the software layer of the present invention is utilized to verify that the hardware is functioning to disable the disk controller. This layer verifies that a protected disk is indeed protected.
The flow diagrams depicted in Figs. 6 and 7 illustrate the operation of the software system in the preferred embodiment.
While the flow diagrams can be easily read by those skilled in the art, the system operation based on the rules depicted in the diagrams will be discussed. However, it will be noted that the flow diagrams depict preferred operational embodiments. The specific references are enclosed as examples only, and are not intended to limit the scope of the invention.
Initially, the operator disengages the computer from any and all unclassified connections, e.g. a network, and the key 34 is removed from the switch 18 as indicated at 120 "configure for protective mode". The operator then inserts the boot disk which contains the software level of the security system and turns the computer on. The "autoexec.bat" file contained on the boot disk activates the "protect" program. The "protect" program can be initiated to protect all drives, all drives except a given drive, or any specifically designated drive(s). For purposes of illustration the flow diagram designates drive "n" as any given drive.
The program then initiates the status log record at 125. The audit record status is set at zero (0) at 126 and the keyboard is locked at 127. While the audit record status can be designated as any given set of values, in the preferred, illustrated embodiment the values shown in Table 1 are used. Value Meaning
0 Start-up not completed; Quit not run.
1 Failure during start-up.
2 Start-up successfully run; Quit not run.
3 Write attempt to protected drive during operation.
4 Test failure during operation.
5 Test failure during running Quit.
9 Quit successfully run at session end; there were no anomalies.
Table I
The system then identifies the first protected drive and determines if that drive is indeed protected at 130. In the event that the drive is not protected, this result is displayed at 135 and the audit record status is updated to one (1) . The operator is prompted to reconfigure for protected mode and instructed that the software will reboot the system in a preselected amount of time. In the illustrated preferred embodiment the system reboots in about fifteen (15) seconds. This causes the "Protect" program to be reactivated at 124. If drive "n" passes the initial test at 130, that result is displayed and the program repeats 130 for each protected drive. When the last protected drive passes the initial test at 130, the audit record status is updated to two (2) and the display notifies the user that the test of the protected drives is complete. The boot record, the File Allocation Table (FAT) and the checksums of each protected drive is copied to the boot disk at 140. The protect program enters a "terminate and stay resident" (TSR) mode and the key board is unlocked at 145. Those skilled in the art will recognize that the locking of the keyboard at 127 and the unlocking of the keyboard at 145 is an internal feature of the software and is not to be confused with the locking electrical switch described above.
At this point the operator has complete use of the processing capabilities of the computer. The TSR protect program continually monitors at 150 any attempt to write to a protected disk. When such an attempt is detected at 155, the operator is prompted to reinsert the boot disk, the audit record status is updated to 3. The operator is prompted to reconfigure for protected mode and instructed that the software will reboot the system in a preselected amount of time. In the illustrated preferred embodiment the system reboots in about fifteen (15) seconds. This reinitiates the "Protect" program at 124.
When the user is finished operating in a classified environment the user must reinsert the boot disk and execute the "Quit" program. The "Quit" program compares the current boot record, the current FAT, and the current checksums with those saved on the boot disk. If the records are the same, the audit record status is updated to nine (9) . The system locks the keyboard and displays the test results at 164. In the preferred embodiment, the system displays:
Checksum test complete. Sanitize the system; be sure to power down and remove all classified materials. At this time the system must be powered down.
If the current records are different than the records saved on the boot disk, the audit record status is updated to five (5) . The keyboard is locked and the system notifies the user of the failure. In the preferred embodiment, the system displays:
FAILURE: Drive "n" failed the checksum [boot, or FAT] test. CONTACT YOUR DIVISION COMPUTER SECURITY OFFICER (CSO) IMMEDIATELY. At this +-.ime the system must be powered down.
From the foregoing description, it will be recognized by those skilled in the art that a layered protection system for a computer disk offering advantages over the prior art has been provided. Specifically, the layered protection system for a computer disk provides a multilayered system incorporating hardware and software which verifiably prevents undesirable access to a computer's hard disk, and if warranted the system further prevents undesirable access to a computer's floppy disk drive(s) , while allowing an operator to use the computer's central processor. The system maintains a status log of all protected disk checks and activities for purposes of routine security audit checks. It will be obvious to those skilled in the art that while in the protected mode the system also prevents "virus" contamination of protected drives.
While a preferred embodiment has been shown and described, it will be understood that it is not intended to limit the disclosure, but rather it is intended to cover all modifications and alternate methods falling within the spirit and the scope of the invention as defined in the appended claims.

Claims

Having thus described the aforementioned invention. We claim:
1. A layered protection system for controlling access to a hard disk memory system from a disk drive controller of a computer system, which comprises: a switch means connected between said disk drive controller and said disk memory system, said switch means having contact means connected to selected electrical circuits joining said disk drive controller to said disk memory system, and having means for selectively accessing selected of said contact means; lock means associated with said switch means to selectively inhibit access to a protected disk drive's operation via said switch means; and means for selectively operating said lock means for administrative control of accessing said disk memory system from said disk drive controller.
2. The layered protection system of Claim 1 wherein said switch means and said lock means associated with said switch means are mounted in a housing separate from said disk drive controller and said hard disk memory system.
3. The layered protection system of Claim 1 wherein said switch means and said lock means associated with said switch means are mounted on the same printed circuit board as other electronic components of said disk drive controller.
4. The layered protection system of Claim 1 wherein said switch means and said lock means associated with said switch means are mounted in a housing containing said hard disk memory system.
5. The layered protection system of Claim 1 wherein said switch means is a rotary switch member having a plurality of selected rotary positions whereby said means for accessing said contacts is a rotary shaft carrying moving contacts whereby, at a given rotary position, a selected number of said rotary contacts interact with a selected number of said contact means for selectively connecting selective of said electrical circuits joining said hard disk memory system and said disk drive controller.
6. The layered protection system of Claim 5 wherein said plurality of rotary positions provides for at least operation in an unprotected mode wherein a disk in said protected disk drive may be read from and written to; operation in a mode allowing a disk in said protected disk drive to be read from but not written to; operation in a mode allowing a disk in said protected disk drive to be written to but not read from and operation in a mode wherein a disk in said disk drive can neither be read from nor written to.
7. A layered protection system for controlling access to a computer's disk memory system from a disk drive controller of a computer system, which comprises: a switch means connected between said disk drive controller and said disk memory system, said switch means having contact means connected to selected electrical circuits joining said disk drive controller to said disk memory system, and having means for selectively accessing selected of said contact means; locv means associated with said switch means to selectively inhibit access to a protected disk drive's operation via said switch means; means for selectively operating said lock means for administrative control of accessing said disk memory system from said disk drive controller; hardware verification means whereby said switch means is tested to insure that said switch means is selectively operated to disallow access to said protected disk drive and is operable; protected disk drive selection means for selectively controlling which said disk drive is to be protected; and protected disk drive identification means for determining which of said computer's said disks are protected.
8. The layered protection system of Claim 7 wherein said layered system further comprises: status audit means whereby security status of said protected disks is recorded for security audit purposes.
9. The layered protection system of Claim 7 wherein said layered system further comprises: access inhibiting means whereby unauthorized attempts to access said protected disk drive are obstructed.
10. The layered protection system of Claim 7 wherein said layered system further comprises: non-access verification means whereby said layered protection system can verify that no access to said protected disk drives has been allowed.
11. A layered protection system for controlling access to a computer's disk memory system from a disk drive controller of a computer system, which comprises: a switch means connected between said disk drive controller and said disk memory system, said switch means having contact means connected to selected electrical circuits joining said disk drive controller to said disk memory system, and having means for selectively accessing selected of said contact means; lock means associated with said switch means to selectively inhibit access to a protected disk drive's operation via said switch means; means for selectively operating said lock means for administrative control of accessing said disk memory system from said disk drive controller; hardware verification means whereby said switch means is tested to insure that said switch means is selectively operated to disallow access to said protected disk drive and is operable; protected disk drive selection means for selectively controlling which said disk drive is to be protected; protected disk drive identification means for determining which of said computer's said disk drives are protected; status audit means whereby security status of said protected disk drives is recorded for security audit purposes; access inhibiting means whereby unauthorized attempts to access said protected disk drive are obstructed; and non-access verification means whereby said layered protection system can verify that no access to said protected disk drives has been allowed.
PCT/US1990/003865 1989-07-10 1990-07-10 Layered protection system for computer's hard disk WO1991001065A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US37854989A 1989-07-10 1989-07-10
US378,549 1989-07-10

Publications (1)

Publication Number Publication Date
WO1991001065A1 true WO1991001065A1 (en) 1991-01-24

Family

ID=23493569

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1990/003865 WO1991001065A1 (en) 1989-07-10 1990-07-10 Layered protection system for computer's hard disk

Country Status (4)

Country Link
EP (1) EP0485417A4 (en)
JP (1) JPH04506428A (en)
CA (1) CA2055606A1 (en)
WO (1) WO1991001065A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2279163A (en) * 1993-06-15 1994-12-21 Boxware Limited Computer security device which disables a disc drive
EP0713168A1 (en) * 1994-11-15 1996-05-22 Compaq Computer Corporation Computer resource regulation
EP0789908A4 (en) * 1995-03-10 1997-09-24
GB2330682A (en) * 1997-10-22 1999-04-28 Calluna Tech Ltd Password access to an encrypted drive
US6724554B1 (en) 1995-03-10 2004-04-20 Iomega Corporation Read/write protect scheme for a disk cartridge and drive
KR100475381B1 (en) * 2001-12-06 2005-03-10 (주) 미석이노텍 Apparatus for securing recording medium drive

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4589549B2 (en) * 2001-03-02 2010-12-01 株式会社リコー Storage device, information processing device and data theft prevention system
JP2005115807A (en) * 2003-10-10 2005-04-28 Chugoku Electric Power Co Inc:The Apparatus and method for controlling recording media

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4634822A (en) * 1985-11-15 1987-01-06 Fort Lock Corporation Multiple operation switch lock
US4685312A (en) * 1985-01-24 1987-08-11 Lama Tool Company Disk drive locking device
US4890006A (en) * 1987-07-15 1989-12-26 Huang Chao Kuei Rotary lock swtich for switching and resetting a computer
US4907111A (en) * 1988-11-09 1990-03-06 Derman Jay S Locking device for floppy disk drives

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5455410A (en) * 1977-10-12 1979-05-02 Nec Corp Magnetic disc device
DE3606383C1 (en) * 1986-02-27 1987-08-06 Mcs Microprofi Comp Systeme Ve Security device with security key for personal and workplace computers
JPS6355782A (en) * 1986-08-26 1988-03-10 Mitsubishi Electric Corp Information storage unit
WO1990013864A1 (en) * 1989-04-28 1990-11-15 Christopher William Cowsley Improved security for machine-writeable data storage systems

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4685312A (en) * 1985-01-24 1987-08-11 Lama Tool Company Disk drive locking device
US4634822A (en) * 1985-11-15 1987-01-06 Fort Lock Corporation Multiple operation switch lock
US4890006A (en) * 1987-07-15 1989-12-26 Huang Chao Kuei Rotary lock swtich for switching and resetting a computer
US4907111A (en) * 1988-11-09 1990-03-06 Derman Jay S Locking device for floppy disk drives

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP0485417A4 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2279163A (en) * 1993-06-15 1994-12-21 Boxware Limited Computer security device which disables a disc drive
EP0713168A1 (en) * 1994-11-15 1996-05-22 Compaq Computer Corporation Computer resource regulation
US6097385A (en) * 1994-11-15 2000-08-01 Compaq Computer Corporation Computer resource regulation
EP0789908A4 (en) * 1995-03-10 1997-09-24
US5949601A (en) * 1995-03-10 1999-09-07 Iomega Corporation Read/write protect scheme for a disk cartridge and drive
US6104561A (en) * 1995-03-10 2000-08-15 Iomega Corporation Read/write protect scheme for a disk cartridge and drive
EP1132910A2 (en) * 1995-03-10 2001-09-12 Iomega Corporation Read/write protect scheme for a disk cartridge and drive
EP1132910A3 (en) * 1995-03-10 2003-01-29 Iomega Corporation Read/write protect scheme for a disk cartridge and drive
US6724554B1 (en) 1995-03-10 2004-04-20 Iomega Corporation Read/write protect scheme for a disk cartridge and drive
GB2330682A (en) * 1997-10-22 1999-04-28 Calluna Tech Ltd Password access to an encrypted drive
KR100475381B1 (en) * 2001-12-06 2005-03-10 (주) 미석이노텍 Apparatus for securing recording medium drive

Also Published As

Publication number Publication date
EP0485417A1 (en) 1992-05-20
CA2055606A1 (en) 1991-01-11
EP0485417A4 (en) 1992-08-12
JPH04506428A (en) 1992-11-05

Similar Documents

Publication Publication Date Title
US5542044A (en) Security device for a computer, and methods of constructing and utilizing same
US5287519A (en) LAN station personal computer system with controlled data access for normal and unauthorized users and method
CA2082916C (en) Personal computer system with security features and method
US5574786A (en) Securing trusted personal computer system against unauthorized movement
US5555373A (en) Inactivity monitor for trusted personal computer system
KR970006392B1 (en) Trusted personal computer system with identification
US5918007A (en) Trusted personal computer system with limited accessibility
EP0689690B1 (en) Hardware protection control for computer storage devices
US5712973A (en) Wireless proximity containment security
US20020095557A1 (en) Virtual data storage (VDS) system
US5970227A (en) Wireless proximity detector security feature
US5432939A (en) Trusted personal computer system with management control over initial program loading
US5835700A (en) SCSI-coupled module for monitoring and controlling SCSI-coupled raid bank and bank environment
US5859968A (en) Data security device for controlling access to external data drives
US20040243734A1 (en) Information processing apparatus, method of controlling the same, control program, and storage medium
US6009518A (en) Computer system for providing improved security for stored information
JP4445669B2 (en) Protected storage device for computer system
US20120099219A1 (en) Secure data storage device
EP0485417A4 (en) Layered protection system for computer's hard disk
US6982871B2 (en) Computer switch box
WO2000022497A1 (en) A method of protecting data stored in the memory device of a computer system and equipment to carry out this method
US20050216626A1 (en) Computer switch box
IL125696A (en) Computer security system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): CA JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB IT LU NL SE

WWE Wipo information: entry into national phase

Ref document number: 2055606

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 1990911217

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1990911217

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1990911217

Country of ref document: EP