FR2764408A1 - Secure computer system - Google Patents

Abstract

The system has a rewritable memory and a micro-chip card reader. It is fitted with a secure logic unit (6) which requires for operation the permanent presence of the micro-chip card (7) in the reader. The micro-chip card is a specific card for the computer and uses a user access control code, and which controls the exchange of data from and top the permanent rewritable computer memory, and encrypting the data before inscribing it into memory. The data is decrypted after being read from the memory by means of a decryption code which requires a key figure which is memorised in the micro-chip card together with the user access code.

Description

 The present invention relates to securing access to information stored in a permanent rewritable computer memory such as the hard disk of a portable personal computer to protect their confidentiality.

 Some computers are secured by software that filters access to files and their directories on the hard drive, using passwords that may be hierarchical, and that ensures a certain level of confidentiality by encrypting the contents of files and directories as well as the FAT file allocation table (s) locating the files on the hard disk.

These security systems have a reliability linked to the degree of confidentiality of their passwords and are defeated by any unauthorized user having knowledge of the passwords. They are also relatively fragile by the fact that the keys to their encryption process must be stored in an unencrypted area of the hard drive of the computer they protect.
To counter an unauthorized user who knows the passwords, it is known to provide a computer with an access control system using the services of a smart card to authenticate a user. At each start-up, the computer runs, during its initialization, a control program which checks the presence of a specific smart card for access control in the smart card reader, asks the user for a access control code, verifies that it coincides with that stored in the smart card and does not actually start the computer unless there is a favorable outcome of the verification. Thanks to such an access control by smart card, one protects oneself against unauthorized use of a computer by an individual deprived of the smart card necessary for its starting up. However, you do not protect yourself against an attack on your hard drive which, even if encrypted, is likely to be read with another computer, by the simple fact that it contains somewhere, in an unencrypted area, its encryption key.

 The present invention aims to combat the above risk and thus improve the level of protection of the confidentiality of sensitive data written in a permanent rewritable memory of a computer.

 Its object is a secure computer with a rewritable permanent memory, provided with a smart card reader and security software requiring to operate the permanent presence, in the smart card reader, of a smart card. specific which uses a user access control code, taking control of exchanges with the rewritable permanent memory from the start of the computer, encrypting the data before writing it to the rewritable permanent memory and decrypting it after reading it in the permanent memory rewritable using an encryption code requiring at least one encryption / decryption key stored in the smart card with the user access control code.

 Advantageously, the user access control code of the smart card is part of a set of access control codes having different levels of privileges allowing access to certain data and not to others.

 Advantageously, in a computer provided with a rewritable permanent memory organized in files addressed by means of at least one file allocation table, the security software also proceeds to an encryption of the file allocation tables of permanent memory rewritable using an encryption code requiring at least one encryption / decryption key from the file allocation table stored in the smart card already containing the user access control code and one data encryption and decryption, said encryption / decryption keys for data and file allocation tables may be identical.

 Advantageously, the rewritable permanent memory is divided into several independent partitions, some being encrypted, others non-encrypted, the security software intervening only for the encryption and the decryption of the encrypted partitions, so that the computer can operate freely, without the presence of the specific smart card for access control, with the only unencrypted partitions of its rewritable permanent memory.

 Advantageously, part of the security software, for example relating to the encryption-decryption process, is stored in the smart card with user access control code and called each time the computer is started, after verification of the access control cede .

This reinforces the secret of the nature of encryption in the event of an attempt to analyze the rewritable permanent memory outside the secure computer equipped with its smart card.

 Other characteristics and advantages of the invention will emerge from the description after an embodiment given by way of example.

This description will be made with reference to the drawing in which a single figure shows a flowchart illustrating the progress of a procedure for starting a secure computer according to the invention.
The computer that is proposed to be secured is a conventional personal computer, for example of the portable type, whose permanent rewritable memory is a hard disk storing data in the form of file trees. In addition to its usual components: central processing unit with microprocessor with RAM, read only memory
ROM, PROM, EPROM or EEPROM and interface circuits for input-output ports, and peripherals such as: keyboard, screen, and hard drive, it is equipped with a smart card reader and provided with software security operating in the background.

When the computer starts, its microprocessor, after initialization (RESET) 1, conventionally executes a first program called
BIOS 2 (Basic Input Output System in Anglo-Saxon language) of short length, stored in a read only memory of type EEPROM. This program
BIOS 2 constitutes a first logical layer ensuring a certain standardization making it possible to overcome the disparities of the material constituting a personal computer. It makes an inventory of the material present in a conventional manner in a computer, which generally excludes the smart card reader, determines configuration parameters adapted to the detected material which it stores in random access memory RAM, installs, in random access memory
RAM, first level management routines of the equipment detected in the equipment then hands over.

 After its execution, the BIOS 2 program gives control to a larger permanent memory capacity than that of the read-only memory which it occupies, for example, to a floppy disk provided with a boot sector known as BOOT sector or by default to the hard drive if it is itself provided with a BOOT sector.

 In the present case, it is assumed that the computer starts without a floppy disk thanks to a classic BOOT sector 3 written in its hard disk. This sector of BOOT 3 contains, as usual, an installation program in RAM, a kernel of operating system constituting a second logical layer and configuration files executable once the operating system installed.

The operating system considered here is that known under the registered trademark DOS (Disk Operating System in English) but it could just as easily be of another type such as those known under the registered trademarks UNIX, OS12 or other . The internal structure of
DOS is broken down into three main elements: DOS-BIOS containing second-level device managers for the usual equipment of a personal computer (keyboard, screen, printer, floppy drive, hard drive, etc.), the core of the DOS which contains many routines independent of the machine called API (Application
Programming Interface in Anglo-Saxon language), and a command interpreter. For what interests us here, we will note more particularly, that the minimum operating system installed allows among other things, possibly with external commands, the creation and management of a partitioning of a hard disk into several independent partitions with hierarchical file systems (directory file, sub-directory files and data files), including a "system" partition intended not to be encrypted, capable of storing standard software packages and one or more other so-called "private" partitions intended to be encrypted to receive confidential information. It also makes it possible to execute configuration files 5, CONFIG.SYS and AUTOEXEC.BAT in the case of DOS, which are called after the installation of the operating system and which allow the installation of device managers individuals such as a smart card reader.

 The last configuration file ends with a call to the security software 6 which can be stored in a "system" partition of the hard disk. This security software 6 begins by installing two supplements to the operating system 3: a first complement consisting of a number of routines for accessing the hard disk supplementing the API routines for accessing the hard disk of the operating system and replacing some of them, this supplement being said routines 60 for encapsulating accesses to the hard disk, and a second complement consisting of a number of routines for managing communication with a smart card passing through the manager of the smart card reader, this supplement being called routines 61 for managing communication with a smart card. After these additions, the security software installs an encryption-decryption subroutine 62 which uses one or more encryption-decryption keys stored outside the computer in a specific smart card 7 with control code access and a subroutine 63 for testing the presence in the smart card reader of this specific smart card 7. Once these subroutines are installed, the access control and security software installs its application kernel 64 and runs it in the background.

 It begins with an initialization step during which it begins by verifying the presence of a specific smart card 7 with access control code in the smart card reader and then establishes the access rights of the user.

 When the verification of the presence of a specific smart card with access control code leads to a negative test, it admits that it is dealing with an unauthorized user who does not have access to the encrypted data and is stop her.

 When the verification of the presence of a specific smart card with access control code results in a positive test, it asks the user of the computer which has introduced the smart card for its control code d access and compares it to that stored in the smart card 7. In the event of a negative result, it asks the user again for his access control code.

After several consecutive failures, he invalidates the smart card by entering in it a particular invalidation code so that it is no longer usable even by an authorized user, then he admits dealing with a user without authorization who does not have access to the encrypted data and stops there.

In the event of a positive result, the security software continues its initialization stage with a recognition level recognition process which takes place in several stages:
- a first step which consists in decrypting the hard drive tree leading to the files accessible by the lowest level of authorization and in keeping it in RAM memory in order to use it to access an encrypted file called rights of access which contains the different possible access control codes and their authorization levels,
- a second step which consists in decrypting the access right file after having located it in the hard disk,
- a third step which consists in comparing the access control code entered by the user and confirmed by the smart card with all the access control codes of the access rights file to know its level of authorization, i.e. encrypted files accessible to the user and the use he can make of them: reading and writing, simple reading, erasing, etc., and
- a fourth step which consists in decrypting the tree structure of the hard drive leading to the files accessible at the level of authorization recognized to the user and in keeping it in random access memory to allow the user to access these files.

 Each decryption calls on the encryption-decryption subroutine 62 which involves the specific smart card for access control, via the communication management routines 61, so that it provides it with one or more encryption keys. deciphering.

 Once the rights of the user are known, these, as well as the tree structure of the files to which he has access, are stored in random access memory RAM in order to be accessible at all times to the encapsulation routines 60. The software for security then ends its initialization stage and goes into steady state.

 Under established conditions, the security software periodically tests the presence of the specific smart card in the smart card reader and operates in the background, intercepting any request for access to a file.

 It remains in the background, leaving the foreground to the usual programs fitted to the computer, for example a user interface such as that known under the trademark "windows" intervening in a third logical layer and making it possible to operate programs or software packages appearing in the fourth logical layer.

 Each time a program tries to access a file from the hard disk, the routines 60 for encapsulating the hard disk added to the operating system detect it and look for the attributes of this file relating to the access authorizations. These attributes are either normally available in the file structure of the hard disk if the file belongs to a "system" partition and is not encrypted, or available from the file structure stored in RAM memory at resulting from the level of recognition process. If the encapsulation routines 60 do not locate the desired file in the available file trees, they reject the access request. If they find it, they compare its access authorization attributes with the user's access rights to deduce the use that the user can make of the file. Then, when the use claimed is lawful for the user's level of authorization, the access request is satisfied with, if necessary, a call to an encryption-decryption process.

 The access mode to a file depends on the organization of the hard disk. It is assumed here that the hard disk is organized in the usual manner, into several levels of file structure, each level in the tree comprising a management zone and a storage zone, the storage zone of a level containing the level immediately below and being itself subdivided into as many management and storage areas as there are files at the next lower level of the tree structure.

 The first level of the tree is that of partitions. Its management area includes the BOOT sector and a table of partitions that are not encrypted. The partition table allows to know the "system" or "private" nature of each partition as well as to locate each partition within the hard disk. Its storage area contains the different partitions of the hard drive.

 The second level of the tree is that of each partition. For a partition, it consists of a range of the first level storage area, itself subdivided into a management area and a storage area. A second level management area is occupied by a block for managing a root directory file and by a file allocation table. The management block of the root directory file of a partition gathers information on all the files of the partition accessible from this second level, including their names, their attributes including attributes relating to their types: sub-directory or data files and to the access authorizations to which they are subject, and a reference to the file allocation table making it possible to locate the beginning of each file in the storage area of the partition considered. The file allocation table contains addresses of domain chains occupied by the files and makes it possible to locate each file of the second level of tree structure in the storage area of the partition considered. A second level storage area contains the files listed in the management block of the root directory file corresponding to the partition concerned.

 The third level of the tree structure is that of the sub-directory and data files accessible from the sub-directory files of the second level of tree structure. It is organized as the second level of tree structure, with a management zone and a storage zone per file subdirectory of the second level. The management area of a second level sub-directory file is occupied by a management block for this sub-directory file and a file allocation table within the storage area for this sub-directory file. The management block of a second level subdirectory file gathers information allowing to go up to the father directory as well as information on all the files accessible from this second level father subdirectory file, always with attributes relating to the authorizations. file access and a reference to the third level file allocation table making it possible to locate in the storage area, the files accessible from the considered sub-directory file of the second level.

 The other tree levels have an organization plan similar to the third level.

For "private" partitions intended to receive sensitive data, all of the files are encrypted. In this way, it is not only the data files which are encrypted but also the trees leading to these files. This makes any "private" partition completely unintelligible in the absence of decryption but requires a decryption of
The tree structure leading to a file before being able to locate it. This operation is carried out, as we saw previously during the recognition of qualification level process. This decryption of the tree structure leading to the authorized files requires at least partial decryption of the management blocks and file allocation tables of the different subdirectory and directory files containing the target files.

 The encryption-decryption subroutine 62 when it intervenes for the first time during a session, uses the specialized smart card with access control code which must be in the smart card reader when the computer is turned on, for the supply of encryption / decryption keys. For this call, it goes through the routines 61 of communication management which make it possible to communicate with the specific smart card with access control, for example by respecting a protocol conforming to standard ISO 7816-3, in a secure form. never allowing the encryption / decryption key (s) provided to appear in clear. Once in possession of these encryption / decryption keys, it stores them in RAM so that they can be used throughout the session.

 In parallel with these operations of interception of requests for access to files, verification of the user's access rights to the desired files and encryption and decryption of these files, the security software proceeds periodically, in established regime, to a test for the presence of the specific smart card with access control in the smart card reader by periodically launching, for example at an interval of two seconds, the subroutine 63 for testing the presence of the smart card . It can operate this launching in various ways, for example by using an interrupt associated with the BIOS wake-up service or any other type of waiting for events. As soon as it no longer detects the card, it issues an order to erase the areas of the RAM memory it uses and ends its task.

 The chip card presence test subroutine 63 can send a card authentication message based on an asymmetric cryptographic algorithm with two keys K1 and K2. It generates a hazard, signs it with a first key K1 stored in the hard disk and the address on the card. The latter decrypts the hazard with the second key K2, signs it with the key K2 and sends it to the test routine 63 which decrypts the hazard with the key K1 and compares it with its initial version in order to s 'ensure that the card has answered correctly. This asymmetric cryptographic algorithm can also be used for the communication of the encryption and decryption keys on the part of the smart card; It suffices for this that the smart card combines the hazard received with the encryption / decryption keys using a logic function such as the XOR function. Of course, more complex encryption algorithms such as RSA, DSA, etc. can be used. to protect the communication between the smart card and the computer.

 The specific smart card with access control code can simply be a card provided with a mathematical co-processor capable of performing the cryptographic functions necessary for securing its communications with the computer. It can also be a smart card capable of carrying out a complex transaction program.

In the latter case, it can store part or all of the encryption-decryption subprogram which will only be made available to the computer during the initialization process of the security software, which will improve confidentiality by removing any possibility of analyzing the nature of the encryption process from the sole study of the content of the hard drive.

 With the secure computer that we have just described, we obtain a high level of protection for sensitive data. Indeed, the encrypted data and even their organization within the partitions of the hard disk also encrypted are inaccessible apart from the meeting of the three elements which are the security software which must run in background in the computer, the card to specific chip which must be continuously present in the computer's smart card reader, and knowledge of the access control code of the smart card.

 The confidentiality of encryption / decryption keys is very high since they do not appear on the hard disk and the smart card never communicates them in clear.

 In a higher degree of security, it is conceivable, with an intelligent smart card that the encryption-decryption keys never leave the smart card, but that conversely, the data pass through the smart card to be encrypted and decrypted. However, we then come up against problems of speed of encryption and decryption of data due to the always limited speed of a communication link with a smart card which is generally a link to the work-study program.

 Finally, it should be noted that securing a conventional computer provided with a smart card reader, for example a portable PC, can be obtained very easily, by simply installing the securing software coupled with the use of a specific smart card and that the security does not restrict the usual use of the computer which is provided with it.

Claims (9)

 1. Secure computer with a rewritable permanent memory and a smart card reader, characterized in that it is equipped with security software (6) requiring to operate the permanent presence, in the smart card reader, of '' a specific smart card (7) which uses a user access control code, taking control of exchanges with the rewritable permanent memory as soon as the computer starts, encrypting the data before writing it to the rewritable permanent memory and decrypting them after having read them from the permanent rewritable memory using an encryption code requiring at least one encryption / decryption key stored in the chip card (7) with the user access control code.  2. Computer according to claim 1, characterized in that the smart card (7) is part of a set of smart cards using different access control codes corresponding to different levels of privileges giving access to certain data and not to others.  3. Computer provided with a rewritable permanent memory organized into files addressed by means of at least one file allocation table, according to claim 1, characterized in that said security software (6) also provides encryption of data stored in rewritable permanent memory, encryption of file allocation tables using an encryption code requiring at least one encryption key decoding of file allocation table stored in the smart card (7 ).  4. Computer according to claim 3, characterized in that the encryption and decryption keys of data and file allocation tables are identical.  5. Computer according to claim 1, characterized in that its rewritable permanent memory is shared in several independent partitions, some being encrypted and others not encrypted, the security software intervening only on the encrypted partitions so that the computer can operate freely, without the presence of the specific smart card (7), with the only unencrypted partitions of its permanent rewritable memory.  6. Computer according to claim 1 characterized in that said rewritable permanent memory is a hard disk.  7. Computer according to claim 1, characterized in that the security software (6) comprises a part relating to the process of encryption and decryption of the data stored in the specific smart card (7) and called at each start of the computer, after checking the access control code of the latter.  8. Computer according to claim 1, characterized in that the security software (6) communicates with the specific smart card (7) by encrypted messages.  9. Computer according to claim 1, characterized in that the security software (6) uses, in steady state, a part of RAM in the computer and erases this part of RAM each time that it notes the withdrawal of the specific smart card (7) of the smart card reader.