WO1993008521A1 - Computer security peripheral device - Google Patents

Computer security peripheral device Download PDF

Info

Publication number
WO1993008521A1
WO1993008521A1 PCT/GB1992/001962 GB9201962W WO9308521A1 WO 1993008521 A1 WO1993008521 A1 WO 1993008521A1 GB 9201962 W GB9201962 W GB 9201962W WO 9308521 A1 WO9308521 A1 WO 9308521A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer
floppy disk
disk drive
data
drive
Prior art date
Application number
PCT/GB1992/001962
Other languages
French (fr)
Inventor
Paul Edward Wynter
Paul Bartlett
Original Assignee
Paul Edward Wynter
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Paul Edward Wynter filed Critical Paul Edward Wynter
Publication of WO1993008521A1 publication Critical patent/WO1993008521A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Definitions

  • This " invention relates to a computer peripheral device and is particularly, though not exclusively, useful in the field of computer and data security and access control of computers.
  • the floppy disc port of the computer with its attached floppy disc or other form of replaceable media is the main entry and exit point for the majority of these incursions.
  • IBM PC architecture devices such as, but not limited to, the PC and AT platforms and clones, allow the "booting" up of the system from an externally prepared operating system disc placed in the floppy disc port. This happens because the internal firmware known as the BIOS (Basic Input Output System) "looks”, or starts hunting, for a "bootable” disc starting with the floppy disc port before the hard disc channel which is internal. This occurs at switch-on or re-boot. Therefore an unauthorised person wishing to gain access to the system for whatever reason can easily start the system from the floppy disc port and then using his own software "tools", tamper with the data held on the internal storage devices.
  • BIOS Basic Input Output System
  • the floppy disc channel as implemented in the IBM PC or compatible is as follows:- A controller card or controller device is placed on the main address/data bus of the host system. In most cases it combines the dual functions of floppy disc port controller and hard disc controller. The port has a 34 pin IDC ribbon cable coming from it to go to the floppy or series of daisy-chained floppies.
  • the SA 400 interface which defines electrical connections between a disc controller and floppy disc drive has been preserved between the variants of the original IBM designs. There have been minor changes to the standard through the various families of IBM compatible, but this does not affect the implementation of our invention. The main benefit of this standardisation is that most external disc drives are-not manufactured by the processor board and computer manufacturers. There are numerous competitive drive manufacturers world-wide. The original specification for the floppy disc interface therefore has lasted throughout the evc ution of the PC families, thus allowing easy replacement of the floppy drives obtained from different sources. The pin designations, operation and design of this port are similar between platforms, and the software access of this channel is via the same registers and hardware routes.
  • a device for communicating with a host computer via its floppy disk drive port adapted to be connected to the communication channel between the computer and one or more floppy disk drives comprising means for monitoring data passing between the computer and the floppy disk drive without affecting the data flow; and means for detecting a specific signal from the computer, and in response thereto communicating with the host computer via the floppy disk port.
  • a computer having a floppy disk drive interface connected via a floppy disk bus to one or more floppy disk drives and a device connected to said bus between said interface and said disk drives, wherein said device comprises means for monitoring data passing on said bus between said interface and said disk drives and, under normal operation, is transparent to said data; said device further comprising means for detecting a specific code on said bus, in response to which said device uses said bus to communicate with said computer via the floppy disk port.
  • a method of controlling access to a computer via the floppy disk port by use of a security device inserted in the communication channel between the host computer and one or more floppy disk drives wherein: on switching on the computer, the security device enters an initial start-up state whereby the floppy disk read lines are inhibited; the host computer searches for a bootable drive, in a known manner, searching the floppy disk port first; on being unable to find a valid boot sector the computer then accesses the internal drive containing the - operating system; when the computer finds the internal drive, a special driver is loaded which immediately halts .
  • the present system specifically makes use of the attributes of the floppy disc channel. Because the floppy disc drive interface is universally present in form discussed above in the architecture of the PC, the floppy disc bus is an ideal place to site an advanced security controller which can operate transparently to the floppy disc interface but allow or inhibit the use of it. Physically the device can be implemented using either a single-chip micro and associated logic or a dedicated programmable logic device or other cost-effective hardware method. It is up to the designer and manufacturer of the device to decide the most cost-effective implementation of the device depending on the volume or functionality requirements.
  • FIG. 1 is a schematic view of a computer system incorporating a periphal device according to the present invention
  • Fig. 2 is a block diagram of the hardware and connections of the device of Fig. 1;
  • Fig. 3 is a more detailed circuit diagram of the device of Fig. 2;
  • Fig. 4 is a flow chart showing the security- operation of the device;
  • Fig. 5 is a timing chart showing a command instruction to the device.
  • a host computer 2 comprises the usual monitor screen 4 and keyboard 5, and in a system box 17, a motherboard 10 and disc drive controller card 11 with a port 7.
  • the controller card 11 communicates in the usual way with the address and data bus of the host computer and also connects via a ribbon cable 8 with one or more disc drives 3.
  • a peripheral device 1 according to the invention is connected in parallel to the connections between the interface card 11 and the drives 3.
  • the device 1 may comprise a single-chip microcomputer provided with a crystal clock 12 and power-up reset logic 13 and optionally an audible alarm device 14 and clock/calendar chip 15 with on-board RAM.
  • the device connects to the ribbon cable 8 and communicates therewith via i/o port 16. In normal operation the device 1 need not affect the data passing between interface 11 and drive 3.
  • the security device 1 On switching on the PC system the security device 1 enters an initial, start-up state whereby the floppy disc read lines are inhibited. This will prevent use of the drive.
  • the device 1 may record in a non-volatile RAM present on the optional calendar chip 15, the time, from its on-board clock, at which the switch-on occurred.
  • the driver running on the PC host 2 will then place a prompt upon the local monitor screen 4.
  • the prompt will request the entry of a password or passwords from the user's keyboard 5.
  • the device driver is in communication with the internally placed floppy disc channel security device 1 in a manner which will be described in detail later, in our example.
  • the device driver Upon the user entering a password, the device driver, in communication with the security device 1 allows or prevents further access to the system depending on the validity of the entry or, where one or more levels of security are allowed, will enable/or disable various attributes of the computer system.
  • a "managerial" level can also be implemented to allow access to the system by using a manager's password, thus giving extra features to the manager but not the lower-level user.
  • any data held in the non-volatile memory of the device 1 such as the record of previous unauthorised attempts, the key presses entered during these attempts and the times the last switch-on occurred can all be displayed on the system screen for further security purposes.
  • the security device can also store certain coded sequences that are useful to any software manufacturer wishing to ensure that their software is only used on a controlled, one-per-machine basis.
  • the device may also include an audible alarm 10 which. is activated when an invalid password is used.
  • an audible alarm 10 which. is activated when an invalid password is used.
  • the security device 1 is placed at an advantageous point in the ribbon cable 8 of the computer 2 to floppy disc drive 3 connection. This is effected by using the appropriate electrical connectors.
  • the security device 1 is electrically transparent to this connection and will not interfere with disc accesses, either reads or writes.
  • the software in the security device 1 constantly monitors the status of the various lines and recognises a specific sequence that is described in the following section. This sequence will not occur at any time during the normal operation of the computer or floppy disc port, it will only occur when the specific device driver for. the. floppy port is used by the host to communicate with the security device 1.
  • the host software driver's main task is to communicate with the security device 1 placed on the floppy disc bus 8.
  • the driver essentially sets up what can be described as a "simple serial communications channel". It uses the resources of the hardware registers- in the floppy controller IC that usually command and control events in the floppy disc drives.
  • the driver switches various registers, described in detail later, on and off at a predetermined rate such that the security device 1 recognises these as valid data, intended for it. It will then decode this data and act accordingly.
  • the security device 1 when wishing to return data to the host 2, switches (flags) various floppy disc bus control lines on and off in a similar manner as before and the device driver, whilst monitoring these results in the various registers, interprets this data as having come from the security device 1 and acts accordingly.
  • the communication from the device 1 to the interface 11 uses the floppy disc "Write Protect" line as shown in Fig. 3.PI.6 is connected to the Write Protect line through open collector transistors.
  • a similar arrangement is provided from PI.5 to the 'Read Data' line for inhibiting data flow from the floppy disk drive to the computer.
  • Serial data communication to the device 1 by the host 2 and from the device 1 to the host 2 is executed in such a way as to ensure that the floppy disc controller, and/or the floppy disc drives 3 themselves do not interpret the information as commands to act upon, which would disturb the data flow or functioning of the host computer 2.
  • the protocol implemented must also not use data usually found during the normal operation of the floppy channel which would falsely activate the device.
  • the security device 1 remains electrically transparent to these lines, as described below, but acts when it sees the "serial data" intended for it.
  • the security device is also held as a "slave” or “listener” to the host and will not attempt to flag the host 2 unless returning results from directly requested data.
  • the software device driver in the host makes use of the standard i/o registers in the floppy controller port.
  • the initial state of the device 1 after its cpu is powered up by the host's power lines is that of "lock". In this condition the floppy disc drive 3 will be inhibited from operating until the device 1 is reset.
  • the methods by which communication and control of the device's operation take place are detailed in the following paragraphs.
  • the device itself is physically implemented using an 87C51 8-bit Microcontroller.
  • device 1 uses a very simple serial data protocol, allowing the host computer 2 to enable or disable the floppy disk sub-syste 3 or to check the current state of the device 1.
  • the host computer 2 addresses the device 1 by manipulating the control signals available on the floppy disk interface 11, via the port's registers, in a manner that does not occur during normal operation by the host 2 when it reads and writes to the floppy disc drive(s) 3.
  • the host computer 2 In order for the host computer 2 to perform an operation on one of the floppy disk drives 3 fitted, it must first assert one of the available 'Drive Select' lines P1.0, Pl.l. These are usually driven by open collector outputs. Usually, one of these lines is asserted by driving it to a Low Level, thus enabling one of the attached drives 3. The host may then perform an operation on the selected drive 3 by appropriate use of other control lines on the interface 11.
  • the device 1 is accessed by manipulating one of these control lines without asserting any of the drive select lines. This is a situation that would not occur during normal operation of the computer.
  • both 'drive select' lines P1.0, Pl.l on the interface 11 are monitored together with the 'head select 1 line PI.2.
  • the device 1 monitors and interprets activity on the 'head select' line PI.2 whilst the 'drive select' lines P1.0, Pl.l are in their inactive state. In the example we have used this Head Select Line PI.2 to pass information to the device.
  • the device 1 is instructed to perform a command by means of a four bit message:-
  • the first two bits serve to synchronise the host to the device 1.
  • the device 1 is initially unaware of the data rate at which communication is to take place so each message is preceded by a guaranteed low start bit followed by a high bit.
  • the high bit is required to ensure that there is a transition at the end of the start bit.
  • the device measures the length of the start bit and uses this to estimate the position of the Centre of the bit cells containing the two information-carrying bits.
  • the data line is sampled at the times marked 'sample' in Fig. 5.
  • the device interprets the information bits as follows:
  • Test current device sense Disable floppy disk Enable floppy disk Ignored
  • the device responds by setting the output data line (in the example device, this is the 'write protect' line on the floppy interface) , corresponding to the device state for one bit period following the two information' bit ' s.
  • the host 2 communicates with - li ⁇ the device 1 by manipulating the Head Select line on the floppy disc interface 11 whilst the drive select lines are not asserted. This is achieved by issuing a 'sense drive status' command with the desired state of the head select line encoded in the command.
  • bit timing is achieved using simple software timing loops.
  • timers internal to the host computer 2 would be employed to ensure consistent results.
  • the reader is directed towards the IBM PC hardware technical reference or other documents covering PC architecture.
  • bitandhalf bittime + (bittime » 1) ;
  • ⁇ c inportb(DSR) ; if (I (c & 0x80)) ⁇ '
  • protocol implemented for this, example, device s very rudimentary and is designed to demonstrate a preferred embodiment of this invention.
  • a protocol of arbitrary complexity may thus be built using the system outlined in this example, dependent on the application and user requirements.
  • Other lines may also be used on the interface to implement the same scheme of controlling a microcontroller or intelligent logic arrays on the floppy disc i/o bus.
  • the device may have other functions, e.g. as a device for storing data.

Abstract

A peripheral device (1) for communicating with a host computer (2) via its floppy disk drive port (7), adapted to be connected to the data bus (8) between the computer (2) and one or more floppy disk drives (3). The device (1) monitors the data passing between the computer (2) and the floppy disk drive(s) (3) without affecting the data flow. Upon detection of a specific signal intended for, and recognized by, the device (1), the device (1) communicates with the computer (2) via the floppy disk port (7).

Description

COMPUTER SECURITY PERIPHERAL DEVICE
This "invention relates to a computer peripheral device and is particularly, though not exclusively, useful in the field of computer and data security and access control of computers.
Since 1980 there has been proliferation of small desk-top computer systems for office, industrial and general purpose usage. A great deal of information is now capable of being stored on these systems and the value of this information varies widely, depending on the application. Companies and individuals are now posed with the ever present threat of data tampering and theft from these small systems. The original architecture of these systems, stemming from the designs of IBM, The PC-XT, PC-AT, PS-2 etc, made no provision for password or security access control. These computer systems are continually under threat of tampering, having data stolen from them and the insertion of so-called viruses whether accidentally or maliciously.
The floppy disc port of the computer with its attached floppy disc or other form of replaceable media is the main entry and exit point for the majority of these incursions. Additionally IBM PC architecture devices such as, but not limited to, the PC and AT platforms and clones, allow the "booting" up of the system from an externally prepared operating system disc placed in the floppy disc port. This happens because the internal firmware known as the BIOS (Basic Input Output System) "looks", or starts hunting, for a "bootable" disc starting with the floppy disc port before the hard disc channel which is internal. This occurs at switch-on or re-boot. Therefore an unauthorised person wishing to gain access to the system for whatever reason can easily start the system from the floppy disc port and then using his own software "tools", tamper with the data held on the internal storage devices.
The floppy disc channel as implemented in the IBM PC or compatible is as follows:- A controller card or controller device is placed on the main address/data bus of the host system. In most cases it combines the dual functions of floppy disc port controller and hard disc controller. The port has a 34 pin IDC ribbon cable coming from it to go to the floppy or series of daisy-chained floppies.
Although the computer platforms in the IBM architecture differ, in that the clock speeds, types of processor and data bandwidth of the bus vary, there is one common feature between all the systems - the implementation of the floppy disc port channel. In the specification from IBM the floppy drive channel designated as logical drive "A" is always looked at first by the BIOS from switch-on or re-boot, in order for the system to see whether there is an active boot disc loaded and present. If there -is a bootable disc, the system will load the boot sectors and boot from this point usually calling in the operating system present on that disc. This common feature is exploited in our invention. Physically the electrical connections to the floppy disc drive on the ribbon cable are standardised, in that the Shugart Associates interface type "SA 400" was implemented. The SA 400 interface which defines electrical connections between a disc controller and floppy disc drive has been preserved between the variants of the original IBM designs. There have been minor changes to the standard through the various families of IBM compatible, but this does not affect the implementation of our invention. The main benefit of this standardisation is that most external disc drives are-not manufactured by the processor board and computer manufacturers. There are numerous competitive drive manufacturers world-wide. The original specification for the floppy disc interface therefore has lasted throughout the evc ution of the PC families, thus allowing easy replacement of the floppy drives obtained from different sources. The pin designations, operation and design of this port are similar between platforms, and the software access of this channel is via the same registers and hardware routes.
According to one aspect of the invention there is provided a device for communicating with a host computer via its floppy disk drive port adapted to be connected to the communication channel between the computer and one or more floppy disk drives, comprising means for monitoring data passing between the computer and the floppy disk drive without affecting the data flow; and means for detecting a specific signal from the computer, and in response thereto communicating with the host computer via the floppy disk port.
According to a second aspect there is provided a computer having a floppy disk drive interface connected via a floppy disk bus to one or more floppy disk drives and a device connected to said bus between said interface and said disk drives, wherein said device comprises means for monitoring data passing on said bus between said interface and said disk drives and, under normal operation, is transparent to said data; said device further comprising means for detecting a specific code on said bus, in response to which said device uses said bus to communicate with said computer via the floppy disk port.
According to a third aspect there is provided a method of controlling access to a computer via the floppy disk port by use of a security device inserted in the communication channel between the host computer and one or more floppy disk drives, wherein: on switching on the computer, the security device enters an initial start-up state whereby the floppy disk read lines are inhibited; the host computer searches for a bootable drive, in a known manner, searching the floppy disk port first; on being unable to find a valid boot sector the computer then accesses the internal drive containing the - operating system; when the computer finds the internal drive, a special driver is loaded which immediately halts . execution of the boot-up process and waits for a password from the user; when a valid password is input to the computer the driver signals the security device to allow access to the floppy disk drive to an extent determined by the password. Thus, in order to control, monitor and lockout the floppy disc port and therefore provide essential security features, the present system specifically makes use of the attributes of the floppy disc channel. Because the floppy disc drive interface is universally present in form discussed above in the architecture of the PC, the floppy disc bus is an ideal place to site an advanced security controller which can operate transparently to the floppy disc interface but allow or inhibit the use of it. Physically the device can be implemented using either a single-chip micro and associated logic or a dedicated programmable logic device or other cost-effective hardware method. It is up to the designer and manufacturer of the device to decide the most cost-effective implementation of the device depending on the volume or functionality requirements.
A preferred embodiment of the present invention will .now be described, by way of example only, with reference to the accompanying drawings, wherein: Fig. 1 is a schematic view of a computer system incorporating a periphal device according to the present invention; Fig. 2 is a block diagram of the hardware and connections of the device of Fig. 1;
Fig. 3 is a more detailed circuit diagram of the device of Fig. 2; Fig. 4 is a flow chart showing the security- operation of the device; and
Fig. 5 is a timing chart showing a command instruction to the device.
Referring to Figure 1, a host computer 2 comprises the usual monitor screen 4 and keyboard 5, and in a system box 17, a motherboard 10 and disc drive controller card 11 with a port 7. The controller card 11 communicates in the usual way with the address and data bus of the host computer and also connects via a ribbon cable 8 with one or more disc drives 3. A peripheral device 1 according to the invention is connected in parallel to the connections between the interface card 11 and the drives 3.
As seen in Figs. 2 and 3, the device 1 may comprise a single-chip microcomputer provided with a crystal clock 12 and power-up reset logic 13 and optionally an audible alarm device 14 and clock/calendar chip 15 with on-board RAM. The device connects to the ribbon cable 8 and communicates therewith via i/o port 16. In normal operation the device 1 need not affect the data passing between interface 11 and drive 3.
The operation of the device 1 is described below with reference also to Fig. 4.
On switching on the PC system the security device 1 enters an initial, start-up state whereby the floppy disc read lines are inhibited. This will prevent use of the drive. As an additional security feature, the device 1 may record in a non-volatile RAM present on the optional calendar chip 15, the time, from its on-board clock, at which the switch-on occurred.
As the Host computer 2 BIOS invokes itself it goes through the process of looking for a bootable drive. Being unable to access the locked-out floppy drive 3, it will then find the internal drive that has the operating system placed on it. For use with our security device 1 a software driver is placed early on in the internal disc boot "process and is designed to immediately- halt execution of the boot-up process and if implemented interrogate the user for a password.
The driver running on the PC host 2 will then place a prompt upon the local monitor screen 4. The prompt will request the entry of a password or passwords from the user's keyboard 5. The device driver is in communication with the internally placed floppy disc channel security device 1 in a manner which will be described in detail later, in our example. Upon the user entering a password, the device driver, in communication with the security device 1 allows or prevents further access to the system depending on the validity of the entry or, where one or more levels of security are allowed, will enable/or disable various attributes of the computer system.
A "managerial" level can also be implemented to allow access to the system by using a manager's password, thus giving extra features to the manager but not the lower-level user. There can, of course, be many security schemes implementable, each depending on the site security requirements and the value of the data held on the system. Additionally the security device 1 can hold certain encrypted security keys which could be used to unlock files on the system only after proper password access has been given.
When the correct password has been given by an authorised user, any data held in the non-volatile memory of the device 1 such as the record of previous unauthorised attempts, the key presses entered during these attempts and the times the last switch-on occurred can all be displayed on the system screen for further security purposes. The security device can also store certain coded sequences that are useful to any software manufacturer wishing to ensure that their software is only used on a controlled, one-per-machine basis.
The device may also include an audible alarm 10 which. is activated when an invalid password is used. The foregoing has discussed the general applications environment of the device, with a few examples of how it will interface - at a high level- to the user. We next present how the device functions at a software level and the electronic interfaces to the floppy disc bus 8 where it resides. The implementation of the higher levels of use are entirely up to the developer, who may opt for a simple single password system or a multi-level, multi-user environment. Irrespective of the applications environments, at a low-level, the security device 1 in conjunction with the device driver software communicates data between the security device 1 and the host PC 2.
The security device 1 is placed at an advantageous point in the ribbon cable 8 of the computer 2 to floppy disc drive 3 connection. This is effected by using the appropriate electrical connectors.
During normal, unlocked operation of the PC 2 the security device 1 is electrically transparent to this connection and will not interfere with disc accesses, either reads or writes.
The software in the security device 1 constantly monitors the status of the various lines and recognises a specific sequence that is described in the following section. This sequence will not occur at any time during the normal operation of the computer or floppy disc port, it will only occur when the specific device driver for. the. floppy port is used by the host to communicate with the security device 1.
Communication Protocol
The host software driver's main task is to communicate with the security device 1 placed on the floppy disc bus 8. The driver essentially sets up what can be described as a "simple serial communications channel". It uses the resources of the hardware registers- in the floppy controller IC that usually command and control events in the floppy disc drives.
The driver switches various registers, described in detail later, on and off at a predetermined rate such that the security device 1 recognises these as valid data, intended for it. It will then decode this data and act accordingly.
The security device 1 when wishing to return data to the host 2, switches (flags) various floppy disc bus control lines on and off in a similar manner as before and the device driver, whilst monitoring these results in the various registers, interprets this data as having come from the security device 1 and acts accordingly.
In the example, the communication from the device 1 to the interface 11 uses the floppy disc "Write Protect" line as shown in Fig. 3.PI.6 is connected to the Write Protect line through open collector transistors.
A similar arrangement is provided from PI.5 to the 'Read Data' line for inhibiting data flow from the floppy disk drive to the computer. Serial data communication to the device 1 by the host 2 and from the device 1 to the host 2 is executed in such a way as to ensure that the floppy disc controller, and/or the floppy disc drives 3 themselves do not interpret the information as commands to act upon, which would disturb the data flow or functioning of the host computer 2. The protocol implemented must also not use data usually found during the normal operation of the floppy channel which would falsely activate the device. Unless instructed to inhibit the operation of the floppy disc drives, the security device 1 remains electrically transparent to these lines, as described below, but acts when it sees the "serial data" intended for it. The security device is also held as a "slave" or "listener" to the host and will not attempt to flag the host 2 unless returning results from directly requested data.
The software device driver in the host makes use of the standard i/o registers in the floppy controller port.
In the following example, the initial state of the device 1 after its cpu is powered up by the host's power lines is that of "lock". In this condition the floppy disc drive 3 will be inhibited from operating until the device 1 is reset. The methods by which communication and control of the device's operation take place are detailed in the following paragraphs.
The device itself is physically implemented using an 87C51 8-bit Microcontroller.
In the example, device 1 uses a very simple serial data protocol, allowing the host computer 2 to enable or disable the floppy disk sub-syste 3 or to check the current state of the device 1. The host computer 2 addresses the device 1 by manipulating the control signals available on the floppy disk interface 11, via the port's registers, in a manner that does not occur during normal operation by the host 2 when it reads and writes to the floppy disc drive(s) 3.
In order for the host computer 2 to perform an operation on one of the floppy disk drives 3 fitted, it must first assert one of the available 'Drive Select' lines P1.0, Pl.l. These are usually driven by open collector outputs. Usually, one of these lines is asserted by driving it to a Low Level, thus enabling one of the attached drives 3. The host may then perform an operation on the selected drive 3 by appropriate use of other control lines on the interface 11.
The device 1 is accessed by manipulating one of these control lines without asserting any of the drive select lines. This is a situation that would not occur during normal operation of the computer. In the example device, both 'drive select' lines P1.0, Pl.l on the interface 11 are monitored together with the 'head select1 line PI.2. The device 1 monitors and interprets activity on the 'head select' line PI.2 whilst the 'drive select' lines P1.0, Pl.l are in their inactive state. In the example we have used this Head Select Line PI.2 to pass information to the device. The device 1 is instructed to perform a command by means of a four bit message:-
The first two bits (see Fig. 5) serve to synchronise the host to the device 1. The device 1 is initially unaware of the data rate at which communication is to take place so each message is preceded by a guaranteed low start bit followed by a high bit. The high bit is required to ensure that there is a transition at the end of the start bit. The device measures the length of the start bit and uses this to estimate the position of the Centre of the bit cells containing the two information-carrying bits. The data line is sampled at the times marked 'sample' in Fig. 5.
The device interprets the information bits as follows:
Test current device sense Disable floppy disk Enable floppy disk
Figure imgf000012_0001
Ignored
If the command selected is 'test device sense' , then the device responds by setting the output data line (in the example device, this is the 'write protect' line on the floppy interface) , corresponding to the device state for one bit period following the two information' bit's.
As described above, the host 2 communicates with - li ¬ the device 1 by manipulating the Head Select line on the floppy disc interface 11 whilst the drive select lines are not asserted. This is achieved by issuing a 'sense drive status' command with the desired state of the head select line encoded in the command. In the example software, bit timing is achieved using simple software timing loops. In a commercial device, timers internal to the host computer 2 would be employed to ensure consistent results. For precise details of controlling the floppy disk sub-system on an IBM PC or compatible, the reader is directed towards the IBM PC hardware technical reference or other documents covering PC architecture. Some specific examples of simple programs for implementing the low-level communication operation described above will now be given. First we give a program written in C to be compiled and used in the Target 87C51 Device as detailed in the Example:
#include 8051reg.h
main()
{ int bittime; int bitandhalf; int i; char bitO, bitl; char current;
/* set all bits high */ current = PI = 0x3f;
for ( ; ; )
{
/* clear bit timer */ bittime = 0; /* wait for a start bit */ while ((PI & 0x07) != 0x03) ;
/* count bit duration */ while ((PI & 0x07) == 0x03)
{ bittime-H-;
} bitandhalf = bittime + (bittime » 1) ;
/* now delay one and a half bit times */ for (i = 0; i < bitandhalf; i++) ;
/* sample command bit 0 */ bitO = (PI & 0x07) = 0x07;
/* wait another bit time */ for (i = 0; i < bittime; i++) ;
/* sample command bit 1 */ bitl = (PI & 0x07) == 0x07;
/* test status, enable or disable drive */ if (IbitO && bitl) {
/* set lock */ current = PI = 0x3f;
} else if (bitO && Ibitl) {
/* clear lock */ current = PI = Oxlf;
} else if (ibitO && Ibitl) {
/* test current lock status */
PI = (current & 0x20) ? (current j 0x40) : current ;
/* delay one bit time and release status line */ for (i = 0; i < bittime; i++) ;
PI = current;
}
Next we give the C code to be used after compiling in the computer, in this example an 80286 computer:
#include <stdio.h> #include <dos.h> #include <conio.h> #include <string.h>
#define DOR 0x3f2 #define DSR 0x3f4 #define DDR 0x3f5 #define byte unsigned char
void wrtcmd(byte) ; byte rdstat(void) ; void one(void) ; void zero(void) ; void idelay(void) ;
byte result;
void main(int argc, char **argv)
( int i, j ;
if (argc < 2) { printf("\nUsage: DONGLE ONJOFF{ EST\n") ;
} else { strupr(argv[1]) ; if (Istrcmp(argv[l], "ON"))
(
/* switch dongle on */ zero() ; one() ; zero() ; one() ; one() ; printf("\nFloppy disk disabled\n") ;
} else if (Istrcmp(argv[l], "OFF"))
{
/* switch dongle off */ zero() ; one() ; one() ; zero() ; one() ; printf("\nFloppy disk enabled\n") ;
} else if (Istrcmp(arg [1J, "TEST"))
{
/* test dongle state */ zero() ; one() ; zero() ; zero() ; one() ; printf("\nFloppy disk is currently %s.\n", result & 0x40 ? "disabled" : ""enabled"); } else
{
/* illegal command */ printf("\nUsage: DONGLE ONJOFFJTEST\n") ; )
} }
/* send a zero bit */ void zero(void)
{ wrtcmd(4) ; wrtcmd(7) ; idelay() ; result = rdstat() ;
}
/* send a one bit */ void one(void) { wrtcmd(4) ; wrtcmd(3) ; idelay() ; result = rdstat() ; } void idelay(void)
{ int i;
for (i = 0; i < 1000; i++)
{ i == i;
} } void wrtcmd(byte data)
( byte c; or( ; ,- )
{ c = inportb(DSR) ; if (I (c & 0x80)) {'
/* fdc busy */ continue;
} if (c & 0x40) {
/* fdc trying to send something */ inportb(DDR) ; continue;
} break;
}
/* fdc ready to accept a byte */ outportb(DDR, data); }
/* read a byte from fdc */ byte rdstat(void)
{ for(;;)
{ if ( (inportb(DSR) & OxcO) == OxcO)
{
/* fdc has a byte to send */ break;
} } return inportb(DDR) ;
}
The protocol implemented for this, example, device s very rudimentary and is designed to demonstrate a preferred embodiment of this invention. A protocol of arbitrary complexity may thus be built using the system outlined in this example, dependent on the application and user requirements. Other lines may also be used on the interface to implement the same scheme of controlling a microcontroller or intelligent logic arrays on the floppy disc i/o bus.
Although the above examples describe the device in use as a security device, the device may have other functions, e.g. as a device for storing data.

Claims

Claims
1. A device for communicating with a host computer via its floppy disk drive port, adapted to be connected to the communication channel between the computer and one or more floppy disk drives, comprising means for monitoring data passing between the computer and the floppy disk drive(s) without affecting the data flow; and means for detecting a specific signal from the computer, and in response thereto communicating with the host computer via the floppy disk port.
2. A device as claimed in claim 1 wherein said device monitors at least one control line in the communication channel for a condition which does not normally exist when data passes to or from the disk drive.
3. A device as claimed in claim 1 or 2 comprising means for measuring the length of data bits passing on the channel from the computer; sampling means for sampling the data line after said measuring means indicates said specific signal is present; and means for analysing the sampled data and causing the device to respond according to the sampled data.
4. A device as claimed in claim 1, 2 or 3 in the form of a security device adapted to inhibit or allow access to the computer via a floppy disk drive, and arranged to inhibit access to or from said floppy disk drive by said computer until a predetermined data has been received by the device from the computer.
5. - A device as claimed in claims 3 and 4 wherein said device includes means for disabling said disk drive; means for enabling said disk drive and means for returning the status of the device upon receipt of the relevant command.
6. A device as claimed in any of claims 1 to 5 further including means for recording in said device the times the computer is switched on.
7. A device as claimed in any of claims 4 to 6 further including means for storing the values of key presses entered into the computer while access is inhibited.
8. A device as claimed in claim 6 or 7 including means for communicating with said computer to display said times and/or values.
9. A device as claimed in any of claims 4 to 8 wherein said device holds a number of security keys to inhibit or allow access to certain parts of the system according to said device.
10. A device as claimed in any preceding claim whereby said communication channel is a ribbon cable and said device is plug-connectable into said cable.
11. A device as claimed in any preceding claim wherein said specific code comprises a sequence of data at a predetermined rate which is not interpreted by the floppy disk driver as a command to be acted on but is recognised by said device.
12. A device as claimed in any preceding claim wherein said device sends data to said computer by switching a control line in the communication channel which is provided for sending signals from the disk drive to the disk drive interface.
13. A computer having a floppy disk drive interface connected via a floppy disk bus to one or more floppy disk drives and a device connected to said bus between said interface and said disk drive(s), wherein said device comprises means for monitoring data passing on said bus between said interface and said disk drive(s) and, mider normal operation, is transparent to said data; said device further comprising means for detecting a specific signal on said bus, in response to which said device uses said bus to communicate with said computer via the floppy disk interface.
14. A method of controlling access to a computer via the floppy disk port by use of a security device inserted in the communication channel between the host computer and one or more floppy disk drives, wherein: on switching on the computer, the security device enters an initial start-up state whereby the or each floppy disk drive is inhibited; the host computer searches for a bootable drive, in a known manner, searching the floppy disk port first; on being unable to recognise a valid boot sector the computer then accesses the internal drive containing the operating system; when the computer finds the internal drive, a special driver is loaded which immediately halts execution of the boot-up process and waits for a password from the user; when a valid password is input to the computer the driver signals the security device to allow access to the floppy disk drive to an extent determined by the password.
PCT/GB1992/001962 1991-10-25 1992-10-26 Computer security peripheral device WO1993008521A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB9122673.8 1991-10-25
GB9122673A GB9122673D0 (en) 1991-10-25 1991-10-25 Floppy or external drive electronic key lock system

Publications (1)

Publication Number Publication Date
WO1993008521A1 true WO1993008521A1 (en) 1993-04-29

Family

ID=10703525

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB1992/001962 WO1993008521A1 (en) 1991-10-25 1992-10-26 Computer security peripheral device

Country Status (2)

Country Link
GB (1) GB9122673D0 (en)
WO (1) WO1993008521A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2279163A (en) * 1993-06-15 1994-12-21 Boxware Limited Computer security device which disables a disc drive
WO2015026836A1 (en) * 2013-08-20 2015-02-26 Janus Technologies, Inc. System and architecture for secure computer devices

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1990000771A1 (en) * 1988-07-07 1990-01-25 Verweyen Gmbh Data security device
GB2222899A (en) * 1988-08-31 1990-03-21 Anthony Morris Rose Computer mass storage data protection
US5012514A (en) * 1990-06-26 1991-04-30 Paul Renton Hard drive security system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1990000771A1 (en) * 1988-07-07 1990-01-25 Verweyen Gmbh Data security device
GB2222899A (en) * 1988-08-31 1990-03-21 Anthony Morris Rose Computer mass storage data protection
US5012514A (en) * 1990-06-26 1991-04-30 Paul Renton Hard drive security system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2279163A (en) * 1993-06-15 1994-12-21 Boxware Limited Computer security device which disables a disc drive
WO2015026836A1 (en) * 2013-08-20 2015-02-26 Janus Technologies, Inc. System and architecture for secure computer devices
US9231921B2 (en) 2013-08-20 2016-01-05 Janus Technologies, Inc. System and architecture for secure computer devices
US9684794B2 (en) 2013-08-20 2017-06-20 Janus Technologies, Inc. System and architecture for secure computer devices

Also Published As

Publication number Publication date
GB9122673D0 (en) 1991-12-11

Similar Documents

Publication Publication Date Title
US6292890B1 (en) Computer system with dynamically configurable boot order
US5432939A (en) Trusted personal computer system with management control over initial program loading
AU2004223343B2 (en) Security system and method for computer operating systems
AU635690B2 (en) An apparatus and method for loading a system reference diskette image from a system partition in a personal computer system
US6317836B1 (en) Data and access protection system for computers
US20030159056A1 (en) Method and system for securing enablement access to a data security device
US5987536A (en) Computer system having flash memory bios which can be accessed while protected mode operating system is running
US20030084316A1 (en) System and method for securing a computer
US20070028292A1 (en) Bus bridge security system and method for computers
US20020166072A1 (en) Data processing system and method for password protecting a boot device
JP3869049B2 (en) Method for preventing loss of device configuration during standby in computer system and controller circuit for capturing device configuration
US6065081A (en) Administrator controlled architecture for disabling add-in card slots
US20080250165A1 (en) USB port access management
JP2004531004A (en) Security system and method for computer
AU2002315565A1 (en) Security system and method for computers
KR20000008713A (en) Pc security method using password
US6434697B1 (en) Apparatus for savings system configuration information to shorten computer system initialization time
KR100429144B1 (en) Method for providing security to a computer on a computer network
US6542995B2 (en) Apparatus and method for maintaining secured access to relocated plug and play peripheral devices
JPH07191776A (en) Personal computer system for realization of secrecy protection
KR20060119989A (en) Device for secure access to digital media contents, virtual multi-interface driver and system for secure access to digital media contents
US6920566B2 (en) Secure system firmware by disabling read access to firmware ROM
US20050193195A1 (en) Method and system for protecting data of storage unit
US5937157A (en) Information processing apparatus and a control method
US7159044B2 (en) Input/output device disable control for PC-based consumer electronics device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): GB JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL SE

122 Ep: pct application non-entry in european phase