Browse Prior Art Database

Personal Computer Security Device

IP.com Disclosure Number: IPCOM000039661D
Original Publication Date: 1987-Jul-01
Included in the Prior Art Database: 2005-Feb-01
Document File: 1 page(s) / 12K

Publishing Venue

IBM

Related People

Lettieri, J: AUTHOR [+2]

Abstract

This article describes a simple method to achieve a reasonable level of security when a personal computer (PC) is used in a data-sensitive environment. The objective of this invention is to minimize unauthorized access to data files stored in a PC. Data files are most vulnerable when the computer contains a diskette disk. A technically-sophisticated intruder can place his own diskette in the drive, 'boot' the system and then through the use of his programs begin to gain access to sensitive data files or tamper with security systems which may be in place. This invention describes a method which prevents an unauthorized user from loading programs or accessing data files in either the diskette or hard disk drives.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 1

Personal Computer Security Device

This article describes a simple method to achieve a reasonable level of security when a personal computer (PC) is used in a data-sensitive environment. The objective of this invention is to minimize unauthorized access to data files stored in a PC. Data files are most vulnerable when the computer contains a diskette disk. A technically-sophisticated intruder can place his own diskette in the drive, 'boot' the system and then through the use of his programs begin to gain access to sensitive data files or tamper with security systems which may be in place. This invention describes a method which prevents an unauthorized user from loading programs or accessing data files in either the diskette or hard disk drives. The key feature of this method is the use of a security ROM to prevent system boot from the diskette drive and prevent the activation of ROM basic. The security ROM is installed on the PC Base Board. During IPL, code imbedded within the security ROM pre-processes the BIOS boot code to prevent booting the system from a local diskette drive. It is assumed that the PC contains at least one diskette and one hard drive. IPL is allowed to proceed only from the hard drive. During IPL a security driver is loaded before any other driver from a CONFIG.SYS file. The security driver will initialize itself as a pre-processor to interrupt 21H. All keyboard requests for data files or programs use Interrupt 21H function calls. In this manner the security driver is aware of all file access requests to either th...