GB2257194A - Computer security device - Google Patents

Computer security device Download PDF

Info

Publication number
GB2257194A
GB2257194A GB9113751A GB9113751A GB2257194A GB 2257194 A GB2257194 A GB 2257194A GB 9113751 A GB9113751 A GB 9113751A GB 9113751 A GB9113751 A GB 9113751A GB 2257194 A GB2257194 A GB 2257194A
Authority
GB
United Kingdom
Prior art keywords
computer
plate
locking
lever
disk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9113751A
Other versions
GB9113751D0 (en
GB2257194B (en
Inventor
Roger William Solomon Harris
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB9113751A priority Critical patent/GB2257194B/en
Publication of GB9113751D0 publication Critical patent/GB9113751D0/en
Publication of GB2257194A publication Critical patent/GB2257194A/en
Application granted granted Critical
Publication of GB2257194B publication Critical patent/GB2257194B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B33/00Constructional parts, details or accessories not provided for in the other groups of this subclass
    • G11B33/005Means for locking the disc or cassette receiving slot, e.g. dummy cassettes locked in the slot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

A computer security device, for use with a computer having a floppy disk drive of the type having a latching lever, comprises a locking plate (1) insertable into the entry slot of the floppy disk drive (10) to enable the latching lever (2) to be rotated to the latching position. The plate has a locking slot (7) positioned so as to lie behind the latching lever (2), the plate being of a size allowing it to be movable in the withdrawal direction so that the locking slot (7) then accommodates the lever (2) and prevents its return to the release position. A locking hole (5) which accepts a padlock (4) is located in a portion of the locking plate which extends outwardly from the entry slot when the locking slot accommodates the lever, to prevent sufficient movement of the plate in the insertion direction to allow the lever to be released. For use with a computer having a hard drive, the plate may come as a kit with a floppy disk bearing software to disable the boot up files on the hard disk before the locking plate is inserted. The floppy also bears re-enabling software. <IMAGE>

Description

COMPUTER SECURITY The present invention relates in general to computer security, and more specifically it is applicable to preventing or indicating the unauthorised use of personal computers possessing floppy disk drive units of the kind having a latching lever.
According to one aspect of the present invention, there is provided a computer security device, for a computer having at least one disk drive unit of the type having a disk entry slot for accepting a floppy disk and a latching lever rotatable from a release position to a latching position in which a disk cannot be removed, the device comprising a locking plate insertable into the entry slot of a disk drive unit of that type to enable the latching lever to be rotated to the latching position, the plate having a locking slot positioned so as to lie behind the latching lever, the plate being of a size allowing it to be movable in the withdrawal direction so that the locking slot then accommodates the lever and prevents its return to the release position, there being means by which locking means may be attached to the plate to prevent sufficient subsequent movement of the plate in the insertion direction to release the lever from the locking slot.
According to a second aspect of the invention, there is provided a method of rendering more secure a computer incorporating at least one floppy disk drive of the type having a disk entry slot for accepting a floppy disk and a latching lever rotatable from a release position to a latching position in which a disk cannot be removed, the method comprising inserting into the or each such drive a locking plate sufficiently far as to allow rotation of the lever, rotating the lever to its latching position, the plate having a locking slot positioned so as to lie behind the latching lever in its latching position, moving the plate in the withdrawal direction so that the lever is accommodated in the locking slot to prevent its return to the release position, and locking the plate to prevent sufficient movement of the plate in the insertion direction to release the lever.
According to a further aspect of the invention, there is provided a computer comprising one or more floppy disk drive units the or each of which has a disk entry slot and a latching lever rotatable from a disk release position to a latching position in which the disk cannot be removed; a locking plate which can be inserted into the disk entry slot of the or each drive unit to a position which allows the rotation of the latching lever to the latching position, the plate having a locking slot to accommodate the lever when the plate is moved in the withdrawal direction after the lever has attained its latching position; and releasable means for preventing sufficient movement of the plate in the insertion direction to allow the latching lever to be moved to the release position.
A preferred embodiment of device according to the first aspect or computer according to the second aspect is intended for the situation in which a hard disk drive is also included. In that case, this embodiment also comprises software operable to render inaccessible to the computer operating system a file on the hard disk required for functioning of the operating system and operable after release of the plate to render that file accessible again.
Thus, a further aspect of the invention may comprise a kit or package including a locking plate according to the first aspect, a computer floppy disk (security disk) dimensioned for a disk drive of the type to which the locking plate applies, the disk having software as set forth above, and locking means for attachment to the plate according to the first aspect.
For a better understanding of the invention and to show how the same may be carried into effect, reference will now be made, by way of example, to the accompanying drawings, in which: Figure 1 is a plan view of a locking plate; Figures 2 to 5 illustrate a use of the plate of Figure 1 with a disk drive unit having a left-hand latching lever; and Figures 6 to 9 illustrate the use of the plate of Figure 1 with a disk drive unit having a right-hand latching lever; and Figure 10 is a plan view of a second embodiment of locking plate; and Figures 11 to 18 illustrate the use of the plate of Figure 10 with disk drive units having left- and righthand latching levers.
Figure 1 shows a plan view of a locking plate 1 for a disk drive unit 10 of the type shown in Figure 2, i.e.
a disk drive unit of a personal computer, where the disk drive unit is housed within the computer body and possesses a latching lever 2. During normal operation a floppy disk can be inserted into the drive and be retained in place by rotation of the latching lever clockwise until it is in a vertical position, preventing removal of the disk and causing the disk to be clamped onto the drive hub of the unit 10.
The locking plate 1 of Figure 1 is used to prevent or indicate unauthorised access to the disk drive unit.
The locking plate 1 is of a rigid material such as plastic or a nonmagnetic metal and is approximately 1.5 mm thick and has a width W similar to the width of the floppy disk of the kind generally inserted into the disk drive unit (e.g. 5#" or 8").
A number of slots and holes are formed in this plate. The largest slot 6 allows the plate to be fully inserted into the opening of the drive unit, whilst avoiding the central disk rotation clamping mechanism and read/write heads located within the drive unit. At its front edge (shown at the lower part of Figure 1) there are two slots 7 and 8 to accommodate left and righthanded latching levers, various holes 5 at various distances from the front and the side edges of the plate and a tongue 9 extending from the front edge.
The slots may each be at least 8 mm wide, e.g., the left-hand one 12.5 mm and the right-hand one 9 mm, but each might even be up to 20 or 25 mm wide. An alternative form 11 shown in Figure 10 has a single locking slot to be used as described below for both left and right-handed drives (Figures 11 to 18) by merely inverting the plate as necessary. In that case, the single slot may well be at least 20 mm wide, preferably 22 mm, or more, wide.
Figure 2 illustrates the locking plate 1 partially inserted into the opening of a left-handed drive unit 10.
Figure 3 illustrates the locking plate 1 fully inserted into the slot of the drive unit 3. From this position, the latching lever 2 may be rotated clockwise to the latching position, as shown in Figure 4. Once in this position, the tongue 9 which protrudes from the locking plate can be used to withdraw said plate until the latching lever is accommodated in the slot 7. In this position the slot 7 prevents rotation of the latching lever to its release position. Passing the shaft of a padlock 4 through one of the holes 5 nearest to the front edge of the disk drive unit prevents inward movement of the locking plate far enough to allow the latch to be rotated to its release position. Thus the plate cannot be removed without damage. It therefore follows that the disk drive unit is inoperable in this condition.
The plate is designed in order to allow its use with a maximum number of disk drive configurations. For example a second slot 8 is provided for use with a right handed disk drive unit, as is readily apparent from Figures 6 to 9. Also a variety of holes 5 is provided to take into account the various shapes and dimensions of the front plate of the disk drive unit.
As described so far, the security provisions dealt with are effective for those computers having only floppy disk drive units with latching levers and no hard disk (or external drive socket) from which the computer might be booted, despite the fact that the floppy disk drive units are locked as described.
In order to deal with those computers having the hardware means for communicating with an internal hard disk drive and which do not have all the operating system files needed to effect that communication stored in the computer's read-only memory (ROM), the preferred embodiment also includes a floppy disk (security disk) insertable into the or either floppy disk drive unit of the computer, that disk having software to render one or more vital operating system files on the hard disk inaccessible to the computer's ROM-BIOS operating system.
These are the system files which are loaded on power-up into the computer by the ROM bootstrap loader program under instruction from the basic input-output system (BIOS) which is stored in the computer's read-only memory (ROM). The names of these system files and the number of files required may vary according to the operating system intended for use with a computer but the principle of operation is the same.
In the case of computers employing the well-known MSDOS operating system marketed by Microsoft Corporation of the United States of America the system files are I0.SYS, MSDOS.SYS and COMMAND.COM. Such system files are stored either on floppy disks or on the computer's hard disk drive.
On power-up of the computer in the absence of such system files or in the event of such system files being inaccessible to the basic input-output system (BIOS), the user will be unable to operate the computer.
The software on the floppy disk (security disk) may include two batch files of operating system commands a first of which firstly renames all files of the form *.BAT, *.COM and *.EXE, for example, to a form having a different, unique, suffix, e.g. including control characters to avoid conflict with user suffixes.
Secondly, the first batch file calls a program on the disk in its "HIDE" mode which sets to 1 (one) the 'hidden file' bit (bit 1H) of the attribute byte (byte OBH) in the directory entry of those files in the hard disk's directory so that they are hidden. Such software is marketed, for example, under the name "HIDE/UNHIDE" by Clockwork Software of Bidbury House, Bidbury Lane, Havant, Hants. P09 3JG, United Kingdom. "Disklock", a far more powerful software-based data protection system, is marketed by Fifth Generation Systems Ltd., P. O. Box 2, Central Way, Feltham, TW14 OTG, United Kingdom.
For information on attribute bytes and disk directories see: "The MS-DOS Encyclopedia", (c) 1988, published by Microsoft Press, a subsidiary of Microsoft Corporation, United States of America. See items commencing on pages 61 and 281.
The first batch file is invoked prior to switching off the computer and insertion and locking of the locking plate(s) 1 and/or 11. On power-up the BIOS is unable to locate the system files and the computer will be inoperable. One method whereby normal operations may be achieved is by inserting a floppy system boot disk containing the correctly named files into the or either floppy disk drive unit. This is obviously prevented by securing the floppy drive unit(s) with the locking plate(s) 1 and/or 11.
Once the security disk has been inserted into the drive and normal operation achieved, the second batch file is executed in its "UNHIDE" mode to return the attribute parameters of the altered files on the hard disk to their original formats. Secondly, the second batch file executes system commands to rename the files.
According to a further embodiment of this invention, the system files may also or alternatively be rendered unreadable by renaming the files in the first sector (boot sector) of the hard disk or the files may be deleted altogether and restored from a floppy disk.
The following is an example of the batch files: First batch file (HIDE) instructions explanation ECHO OFF ECHO OFF CLS DEL C:\COMMAND.COM ;delete COMMAND.COM from hard disk RENAME C:\*.BAT *.BT ;change .BAT file extension to .BT RENAME C:\*.COM *.CM ;change .COM file extension to .CM RENAME C:\*.EXE *.EE ;change .EXE file extension to .EE RENAME C:\*.SYS *.SS ;change .SYS file extension to .SS A:\HIDE C:\*.* > NUL ;conceal files, don't display names A:\HIDE C:\*.*/D > NUL ;conceal directories, don't display names Second batch file (UNHIDE) instructions explanation A:\UNHIDE C:\*.* > NUL ;reveal files, don't display names A:\UNHIDE C:\*.*/D > NUL ;reveal files, don't display names RENAME C: :\*.BT *.BAT ;change .BT file extension to .BAT RENAME C:\*.CM *.COM ;change .CM file extension to .COM RENAME C:\*.EE *.EXE ;change .EE file extension to .EXE RENAME C:\*.SS *.SYS ;change .SS file extension to .SYS COPY A:\COMMAND.COM C: ;copy copy COMMAND.COM file from floppy disk to hard disk.

Claims (18)

1. A computer security device for a computer having at least one data storage disk drive of the type having a data disk entry slot for accepting a floppy disk and a latching lever rotatable from a release position to a latching position in which a floppy disk cannot be removed, the device comprising a locking plate insertable into the entry slot of a disk drive of that type to a position which allows the latching lever to be rotated to the latching position, the plate having a locking slot positioned so as to lie behind the latching lever, the plate being of a size allowing it to be movable in the withdrawal direction so that the locking slot then accommodates the lever and prevents its return to the release position, there being means by which locking means may be attached to the plate to prevent sufficient subsequent movement of the plate in the insertion direction to release the lever from the locking slot.
2. A computer security device according to claim 1 in combination with said locking means.
3. A computer comprising one or more disk drives of the type having a disk entry slot for a floppy disk and a latching lever rotatable from a disk release position to a latching position in which the disk cannot be removed; a locking plate which can be inserted into the disk entry slot of the or each disk drive to a position which allows the rotation of the latching lever to the latching position, the plate having a locking slot to accommodate the lever when the plate is moved in the withdrawal direction after the lever has attained its latching position; and releasable locking means for preventing sufficient movement of the plate in the insertion direction to allow the latching lever to be moved to the release position.
4. A computer security device according to claim 2 or a computer according to claim 3, wherein the locking means is a padlock.
5. A computer security device according to claim 1, 2 or 4, or a computer according to claim 3 or 4, wherein the locking plate comprises a locking hole to receive the locking means and which is located in a part of the plate arranged to extend outwardly from the entry slot when the locking slot accommodates the lever.
6. A computer security device or computer according to claim 5 and comprising a plurality of holes arranged to provide said locking hole for a variety of disk drives.
7. A computer security device or computer according to claim 6 wherein a plurality of said holes are arranged to lie spaced apart in a direction substantially parallel to the direction of insertion when the disk is inserted into a disk drive and a plurality of said holes are arranged to lie spaced apart in a direction at right angles to the insertion direction.
8. A computer security device according to claim 1 or 2, or to any one of claims 4 to 7, or a computer according to any one of claims 3 to 7, comprising a plurality of slots arranged to provide said locking slot for respective ones of a variety of disk drives.
9. A computer security device or computer according to claim 8 comprising two of said slots, one of said slots being arranged to lie on one side of a line running through the centre of the plate and lying parallel to the direction of insertion when the plate is inserted into a disk drive and the other of said slots being arranged to lie on the other side of said line.
10. A computer security device according to claim 1 or 2, or to any one of claims 4 to 9 for a computer having a hard disk drive, or a computer according to any one of claims 3 to 9 having a hard disk drive, in combination with software operable to render inaccessible to the computer operating system a file on the hard disk required for functioning of the operating system and operable after release of the locking plate to render the file accessible again.
11. A device or computer according to claim 10 wherein the software is operable to render a file on the hard disk inaccessible by deleting the file from the hard disk and to render the file accessible again by rewriting it onto the hard disk.
12. A device or computer according to claim 10 wherein the software is operable to render a file on the hard disk inaccessible by enciphering the filename and to render the file accessible again by deciphering the enciphered file name.
13. A device or computer according to claim 10 wherein the software is operable to render a file on the hard disk inaccessible by invoking a "HIDE" command, whereby the attribute byte of that file is altered and the file is hidden from the operating system, and to render the file accessible again by invoking an "UNHIDE" command, whereby the attribute byte of that file is restored.
14. A computer security kit or package including a computer security device according to claim 2 or 4 or to any one of claims 5 to 9, when appended to claim 2, a computer data storage medium of the type to which the locking plate applies, the medium having software operable as set out in any one of claims 10 to 13, and locking means for attachment to the plate.
15. A computer security device, computer, kit or package substantially as hereinbefore described with reference to Figure 1, or Figures 2 to 5, or Figures 6 to 9, or Figure 10, or Figures 11 to 18 of the accompanying drawings.
16. A method of rendering more secure a computer incorporating at least one disk drive of the type having a disk entry slot for accepting a floppy disk and a latching lever rotatable from a release position to a latching position in which a floppy disk cannot be removed, the method comprising inserting into the or each such drive a locking plate sufficiently far as to allow rotation of the lever, rotating the lever to its latching position, the plate having a locking slot positioned so as to lie behind the latching lever in its latching position, moving the plate in the withdrawal direction so that the lever is accommodated in the locking slot to prevent its return to the release position, and locking the plate to prevent sufficient movement of the plate in the insertion direction to release the lever from the slot.
17. A method according to claim 16 and intended for use in the situation in which a hard disk drive is included, the method comprising rendering inaccessible to the computer operating system a file on the hard disk required for the functioning of the operating system before inserting the locking plate, thereby rendering the computer inoperable, and rendering operable the computer by rendering accessible the file after removal of the locking plate.
18. A method of rendering more secure a computer substantially as hereinbefore described with reference to Figures 2 to 5, or Figures 6 to 9, or Figures 11 to 18 of the accompanying drawings.
GB9113751A 1991-06-26 1991-06-26 Computer security Expired - Fee Related GB2257194B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB9113751A GB2257194B (en) 1991-06-26 1991-06-26 Computer security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9113751A GB2257194B (en) 1991-06-26 1991-06-26 Computer security

Publications (3)

Publication Number Publication Date
GB9113751D0 GB9113751D0 (en) 1991-08-14
GB2257194A true GB2257194A (en) 1993-01-06
GB2257194B GB2257194B (en) 1994-06-01

Family

ID=10697328

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9113751A Expired - Fee Related GB2257194B (en) 1991-06-26 1991-06-26 Computer security

Country Status (1)

Country Link
GB (1) GB2257194B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2321275A (en) * 1997-01-17 1998-07-22 Roy Bateman Electronic equipment security lock and alarm device
FR2874438A1 (en) * 2004-08-23 2006-02-24 Jean Michel Rodriguez Computer program`s e.g. java, undesired execution controlling and prohibiting method for Microsoft DOS operating system, involves calculating valid extension required to execute files using private key known only by operating system of user
US8813260B2 (en) 2006-11-20 2014-08-19 International Business Machines Corporation Self-contained device security

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1990005340A1 (en) * 1988-11-04 1990-05-17 Lama Systems Inc. Personal computer access control system
DE4015855A1 (en) * 1990-05-17 1991-11-21 Andreas E Dipl Ing Hilburg Tamper proof security lock for personal computer disc drives - uses modified diskette locking assembly to guarantee system integrity

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1990005340A1 (en) * 1988-11-04 1990-05-17 Lama Systems Inc. Personal computer access control system
DE4015855A1 (en) * 1990-05-17 1991-11-21 Andreas E Dipl Ing Hilburg Tamper proof security lock for personal computer disc drives - uses modified diskette locking assembly to guarantee system integrity

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2321275A (en) * 1997-01-17 1998-07-22 Roy Bateman Electronic equipment security lock and alarm device
FR2874438A1 (en) * 2004-08-23 2006-02-24 Jean Michel Rodriguez Computer program`s e.g. java, undesired execution controlling and prohibiting method for Microsoft DOS operating system, involves calculating valid extension required to execute files using private key known only by operating system of user
US8813260B2 (en) 2006-11-20 2014-08-19 International Business Machines Corporation Self-contained device security

Also Published As

Publication number Publication date
GB9113751D0 (en) 1991-08-14
GB2257194B (en) 1994-06-01

Similar Documents

Publication Publication Date Title
US5933631A (en) Dynamic boot filesystem selection
US7606946B2 (en) Removable device and program startup method
US7181738B2 (en) Running ramdisk-based Microsoft Windows 95/98/ME
US5325430A (en) Encryption apparatus for computer device
US9164787B2 (en) Methods and systems for running multiple operating systems in a single mobile device
US5432939A (en) Trusted personal computer system with management control over initial program loading
JP2509438B2 (en) Computer system with security mechanism
US20030028765A1 (en) Protecting information on a computer readable medium
CA2020520A1 (en) Apparatus and method for preventing unauthorized modification to bios in a personal computer system
US20050015540A1 (en) Auto-executable portable data storage device and the method of auto-execution thereof
CA2101123A1 (en) Absolute Static Lock of Files and Directories on Magnetic Disk Storage Media in Single Machine Personal Microcomputers
WO1997026736A1 (en) System for decryption and re-encryption of files
EP0588471A2 (en) Trusted personal computer system with identification
PT921466E (en) SECURITY COPY SYSTEM ON COMPUTERS WITH OPEN FILES
RU2353969C2 (en) Method and device for computer memory binding to motherboard
Wirzenius et al. The Linux System Administrator's Guide
US7222132B2 (en) Common template file system tree for virtual environments and virtual servers
GB2257194A (en) Computer security device
GB2145856A (en) Copyright protection device
JP3220387B2 (en) Disk copy protection method, disk reading mechanism, and disk recording medium
JPH03105419A (en) Fixed disk device
Kamp Rethinking/dev and Devices in the {UNIX} Kernel
US6532393B1 (en) Keypad structure
TWI262444B (en) Method for creating multiple main partitions on IDE hard disk
KR100287712B1 (en) Content locking method for hard disc

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 19960626