WO2001002936A9 - Computer security system with dedicated hard drives - Google Patents

Computer security system with dedicated hard drives Download PDF

Info

Publication number
WO2001002936A9
WO2001002936A9 PCT/US2000/018500 US0018500W WO0102936A9 WO 2001002936 A9 WO2001002936 A9 WO 2001002936A9 US 0018500 W US0018500 W US 0018500W WO 0102936 A9 WO0102936 A9 WO 0102936A9
Authority
WO
WIPO (PCT)
Prior art keywords
hard drive
host
mother board
computer
hard
Prior art date
Application number
PCT/US2000/018500
Other languages
French (fr)
Other versions
WO2001002936A1 (en
Inventor
William F Peterson
Original Assignee
Compugard Inc
William F Peterson
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Compugard Inc, William F Peterson filed Critical Compugard Inc
Priority to AU63417/00A priority Critical patent/AU6341700A/en
Publication of WO2001002936A1 publication Critical patent/WO2001002936A1/en
Publication of WO2001002936A9 publication Critical patent/WO2001002936A9/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors

Definitions

  • This invention is directed to the field of a computer security system which incorporates a pair of dedicated hard drives, one for internet communications and the other for personal and confidential stored data.
  • the present invention is directed to a system of providing a secured computer that incorporates separate and dedicated hard drives, whereby the desired secured hard drive is inaccessible through the internet, and hence, to "hacking," a term well known in the art.
  • the Schafer's invention provides data access protection using a security software program, a hardware key, and a user password to permit access to the hard disk or floppy disk used in a computer.
  • the program stores the hardware key code and password on the disk and encrypts the disk partition data.
  • An encryption algorithm operates at all times and prevents unauthorized entry once the computer is turned off.
  • U.S. Patent No. 5,075,884 to Sherman et al. describes a multilevel secure workstation having network access and multi-window human user interface wherein each workstation has a plurality of secure screen divisions. Security is achieved by providing a display interface coupled to receive data from independent secure processors for each screen division or from a secure source of data. There is a physical restriction on manual input or access to the display interface and isolation of processors from one another. A problem with this system is that it requires the use of multiple processors which makes such a system necessarily expensive.
  • U.S. Patent No. 5,894,551 to Huggins et al. represents an attempt to meet the foregoing needs by a computer system having multiple security levels.
  • the system thereof allows the computer user to switch between at least two networks having different levels of security without transferring data between the two networks.
  • the computer system comprises a standard computer which includes a central processing unit (CPU) coupled to a random access memory (RAM), a power supply and a reset switch.
  • the computer is coupled to each of two different network cards, each of which is in turn connected to a separate storage device, such as a hard drive.
  • a separate storage device such as a hard drive.
  • Each combination of a network card connected to a storage device constitutes a network.
  • activating the reset switch reboots the CPU and clears the RAM.
  • a user chooses between the two networks by using a switch which activates one of the networks or the reset switch.
  • the switch is constructed so that it is impossible to switch between the two networks before activating the reset switch, thereby preventing data from being transferred between the networks.
  • each of the systems can have a different level of security.
  • the present invention relates to an improved computer system, where said computer system includes, among other components, first and second hard drives, a microprocessor, a host-mother board and internet access means.
  • the improvement therein comprises a security system wherein a first of the hard drives is dedicated to the internet and communications software and the second hard drive is dedicated to private and confidential information to be protected from destructive viruses and unauthorized access.
  • the security system further includes switching means operable in an open or closed position to selectively control data being read by the host-mother board and only one of the hard drives.
  • a pair of bus transceivers one each interposed, between the host-mother board and one of the hard drives, where the bus transceiver are used to pass data between the host-mother board and a selected hard drive.
  • an object of this invention is the provision of an improved and secret computer system that uses a pair of independent hard drives for selected information, and a switching means that allows only the user thereof access information from one hard drive, while ret ⁇ ining the second hard drive for internet access.
  • Another object hereof lies in the use of a pair of bus transceivers to control the flow of data between the host-mother board and a selected hard drive.
  • FIGURE 1 is a simplified schematic view of a typical computer system, as known in the art, illustrating the general relationship and operation of the computer system.
  • FIGURE 2 is an electrical schematic of the security system incorporated into an operating computer system according to this invention, where such system is an integral part of the computer operating system.
  • the present invention is directed to an internet security system for a computer containing a pair of hard drives, where a first of the hard drives is dedicated to the internet and communications software, and a second of the hard drives, dedicated to one's private and confidential information.
  • the security system hereof will now be described with regard to the two drawings, where like reference numerals represent like components or features in the two Figures.
  • the computer contains the four basic units of a calculator only the input and output vary greatly.
  • the keyboard 10 is the principal input unit to the microprocessor 12.
  • the keyboard works in much the same way as a calculator keyboard, except that combinations of two or more keys can entering letters and numbers.
  • a mouse 14 is another important input unit.
  • the microprocessor 12 is a processing unit contained in a microchip. It follows the program in Randon Access Memory (RAM) 16 and controls the other units receiving new data from the keyboard 10 and sending results to the output where a monitor 18 and printer 19 are the principal output units.
  • RAM Randomon Access Memory
  • ROM Read Only Memory
  • the drive connects to the computer's RAM chips 16, which it supplies with programs and data from disks. The drive can also take programs and data from RAM and store them on disks.
  • the computer includes a pair of hard drives 30, 32, where:
  • Hard Drive 30 - is dedicated to the intemet and communications software, and
  • Hard Drive 32 - is dedicated to private and confidential information to be protected from destructive viruses and "hacking".
  • switch 34 when switch 34 is closed a low is placed on input port RBI, where the software then reads the condition of switch 34 and places a low on RAl pin (18) of micreprocessor 12 which is connected to pin (1) of buffer/line driver 29.
  • RAl is also tied to pin (3) of U3B which inverts this signal to a high on pin (19) of U5 causing it's outputs which are tied to hard drive 32 to tri-state which electrically appears as an open circuit.
  • the microprocessor 12 also sets RAO pin (17) at a low placing data selector/multiplexer 36 in a select input (A)condition. These are the control signals going out from hard drive 30 to the host-mother board 18. Because pin (1) of data selector/multiplexer 36 is a toggle control pin, it also places all control signal outputs from hard drive 32 to a tri-state (open) circuit condition. With switch 34 closed, the microprocessor 12 also places a high on RA2 pin (1) which is inverted to a low on pin (2) of buffer/line driver 29 through a pair of buss transceivers 37 and 38. These buss transceivers 36, 38 are used to pass data both to and from the host- mother board 18, and its selected hard drives 30.
  • this signal also goes to a pair of buss transceivers 40 and 42. Being a high on pin (19), these buss transceivers 40, 42 are connected to hard drive 32 and are tri-stated to an open circuit condition preventing the host-mother board 18 from seeing any data which may appear on hard drive 32.
  • Signal outputs from host computer DIOW pin (23) and DIOR pin (25) are also monitored by input ports RB7 pin (13) and RB6 respectively, to determine the direction of data movement to and from the host-mother board 18. These are then controlled by output port RA3 pin (2) which is tied to direction control pins (pin 1) on both pairs of data buss transceivers 37, 38, 40, 42.

Abstract

A computer security system having a pair of dedicated hard drives, a first drive for the internet and communications software, and a second hard drive for private and confidential information to be protected from destructive viruses and unauthorized access. Switching means are provided to allow the user to access information from the selected hard drive, while securing the second hard drive against intrusion.

Description

COMPUTER SECURITY SYSTEM WITH DEDICATED HARD DRIVES
Field of the Invention
This invention is directed to the field of a computer security system which incorporates a pair of dedicated hard drives, one for internet communications and the other for personal and confidential stored data.
Background of the Invention
The present invention is directed to a system of providing a secured computer that incorporates separate and dedicated hard drives, whereby the desired secured hard drive is inaccessible through the internet, and hence, to "hacking," a term well known in the art.
The 1990's have seen a dramatic growth in the internet system, a universal intercommunication system which allows one computer to communicate with a host of other computer users. The internet, primarily through the use of conventional communication links, i.e. telephone lines, has spawned a vast industry of home sales and services, and e-mail communication with others. Unfortunately, the freedom and universal access of the internet has raised new concerns to the users, and that is the threat by others of accessing private and confidential information, irrespective of attempts at maώtaining security.
In response to the need of preventing unauthorized access to confidential or classified data on computer systems, a number of different types of security systems have been developed. For example, some systems require the use of hardware keys to allow access to the hard drive. U.S. Patent No. 5,012,514 to Renton describes such a system to prevent unauthorized access to the hard drive of a personal computer system which consists of a plug-in expansion board, a device driver program which requests the password for access, and other programs to establish the valid passwords for the security system. U.S. Patent No. 5,212,729 to Schafer describes a security system which uses a hardware key. Schafer's invention provides data access protection using a security software program, a hardware key, and a user password to permit access to the hard disk or floppy disk used in a computer. The program stores the hardware key code and password on the disk and encrypts the disk partition data. An encryption algorithm operates at all times and prevents unauthorized entry once the computer is turned off.
However, the necessity to use a hardware key such as a plug-in expansion board makes the use of such a security system cumbersome. Therefore, many security systems rely solely on the use of passwords. U.S. Patent No. 5,375,243 to Parzych et al. describes a hard drive system which prevents data access operations upon power up until the user enters a password. The password is located on the hard disk itself to prevent bypassing the hard drive's security using a new computer environment A limit on computers which use the kind of password system described in Parzych is that they require that a computer be dedicated solely to secure use, because a user who does not have the password cannot use the computer at all. In situations when a user does both confidential and non-confidential work, the use of such a password system often requires that the user have a different computer for each kind of work. Because of the expense and inconvenience of providing multiple computers in an office environment, it would be desirable in many situations to provide a computer system which includes multiple levels of security in a single computer.
U.S. Patent No. 5,075,884 to Sherman et al. describes a multilevel secure workstation having network access and multi-window human user interface wherein each workstation has a plurality of secure screen divisions. Security is achieved by providing a display interface coupled to receive data from independent secure processors for each screen division or from a secure source of data. There is a physical restriction on manual input or access to the display interface and isolation of processors from one another. A problem with this system is that it requires the use of multiple processors which makes such a system necessarily expensive.
U.S. Patent No. 5,894,551 to Huggins et al., represents an attempt to meet the foregoing needs by a computer system having multiple security levels. The system thereof allows the computer user to switch between at least two networks having different levels of security without transferring data between the two networks. The computer system comprises a standard computer which includes a central processing unit (CPU) coupled to a random access memory (RAM), a power supply and a reset switch. The computer is coupled to each of two different network cards, each of which is in turn connected to a separate storage device, such as a hard drive. Each combination of a network card connected to a storage device constitutes a network. As in a standard computer, activating the reset switch reboots the CPU and clears the RAM. A user chooses between the two networks by using a switch which activates one of the networks or the reset switch. The switch is constructed so that it is impossible to switch between the two networks before activating the reset switch, thereby preventing data from being transferred between the networks. By preventing the transfer of data, each of the systems can have a different level of security. The foregoing prior art offers complex systems to assure users of a secure system for operating their computers, a system that allows the users reasonably free access to the internet. None, however, present a simplified system as found in this invention. The manner by which the present invention provides the computer user with security will become more apparent to those skilled in the art from the following description, particularly when read in conjunction with the accompanying drawings.
Summary of the Invention
The present invention relates to an improved computer system, where said computer system includes, among other components, first and second hard drives, a microprocessor, a host-mother board and internet access means. The improvement therein comprises a security system wherein a first of the hard drives is dedicated to the internet and communications software and the second hard drive is dedicated to private and confidential information to be protected from destructive viruses and unauthorized access. The security system further includes switching means operable in an open or closed position to selectively control data being read by the host-mother board and only one of the hard drives. Further included is a pair of bus transceivers, one each interposed, between the host-mother board and one of the hard drives, where the bus transceiver are used to pass data between the host-mother board and a selected hard drive.
Accordingly, an object of this invention is the provision of an improved and secret computer system that uses a pair of independent hard drives for selected information, and a switching means that allows only the user thereof access information from one hard drive, while retøining the second hard drive for internet access.
Another object hereof lies in the use of a pair of bus transceivers to control the flow of data between the host-mother board and a selected hard drive.
These and other objects will become apparent to those skilled in the art from the following description, particularly when read in conjunction with the accompanying drawings. Brief Description of the Drawings
FIGURE 1 is a simplified schematic view of a typical computer system, as known in the art, illustrating the general relationship and operation of the computer system. FIGURE 2 is an electrical schematic of the security system incorporated into an operating computer system according to this invention, where such system is an integral part of the computer operating system.
Detailed Description of Preferred Embodiment The present invention is directed to an internet security system for a computer containing a pair of hard drives, where a first of the hard drives is dedicated to the internet and communications software, and a second of the hard drives, dedicated to one's private and confidential information. The security system hereof will now be described with regard to the two drawings, where like reference numerals represent like components or features in the two Figures.
Before discussing the security system of this invention, and though computers have dramatically improved in speed and compactness, the basic operation has remained very much the same over the years. Turning first to Figure 1, the computer contains the four basic units of a calculator only the input and output vary greatly. For the computer, the keyboard 10 is the principal input unit to the microprocessor 12. The keyboard works in much the same way as a calculator keyboard, except that combinations of two or more keys can entering letters and numbers. A mouse 14 is another important input unit.
The microprocessor 12 is a processing unit contained in a microchip. It follows the program in Randon Access Memory (RAM) 16 and controls the other units receiving new data from the keyboard 10 and sending results to the output where a monitor 18 and printer 19 are the principal output units. Integrated with the microprocessor 12 is the Read Only Memory (ROM) chip 20 which contains permanent instructions that enable the microprocessor 12 to control the computer. Further, supplemental to the hard drive (disk) within the computer, are floppy disks 22. Floppy disks contain computer programs and store data generated by programs. The drive connects to the computer's RAM chips 16, which it supplies with programs and data from disks. The drive can also take programs and data from RAM and store them on disks. Finally, an internet link 24, typically a telephone line, is provided for access to the internet.
Turning now to the electrical circuit schematic of Figure 2, illustrating the schematics for a computer incorporating the security system of this invention, the computer includes a pair of hard drives 30, 32, where:
Hard Drive 30 - is dedicated to the intemet and communications software, and
Hard Drive 32 - is dedicated to private and confidential information to be protected from destructive viruses and "hacking". In operation, when switch 34 is closed a low is placed on input port RBI, where the software then reads the condition of switch 34 and places a low on RAl pin (18) of micreprocessor 12 which is connected to pin (1) of buffer/line driver 29. This enables all control signals from the host-mother board 18 to pass through to hard drive 30. Signal RAl is also tied to pin (3) of U3B which inverts this signal to a high on pin (19) of U5 causing it's outputs which are tied to hard drive 32 to tri-state which electrically appears as an open circuit. The microprocessor 12 also sets RAO pin (17) at a low placing data selector/multiplexer 36 in a select input (A)condition. These are the control signals going out from hard drive 30 to the host-mother board 18. Because pin (1) of data selector/multiplexer 36 is a toggle control pin, it also places all control signal outputs from hard drive 32 to a tri-state (open) circuit condition. With switch 34 closed, the microprocessor 12 also places a high on RA2 pin (1) which is inverted to a low on pin (2) of buffer/line driver 29 through a pair of buss transceivers 37 and 38. These buss transceivers 36, 38 are used to pass data both to and from the host- mother board 18, and its selected hard drives 30. In the case of hard drive 32, this signal also goes to a pair of buss transceivers 40 and 42. Being a high on pin (19), these buss transceivers 40, 42 are connected to hard drive 32 and are tri-stated to an open circuit condition preventing the host-mother board 18 from seeing any data which may appear on hard drive 32. Signal outputs from host computer DIOW pin (23) and DIOR pin (25) are also monitored by input ports RB7 pin (13) and RB6 respectively, to determine the direction of data movement to and from the host-mother board 18. These are then controlled by output port RA3 pin (2) which is tied to direction control pins (pin 1) on both pairs of data buss transceivers 37, 38, 40, 42. Lastly the pair of diagnostic signals PDIAG pin (34) of 40 pin drive connectors, and DASP pin (39) are controlled by RB2 pin (8). A low on this pin turns on transistor 44, thereby energizing relay coil of relay 46, and thus switching the drive present signal activities between hard drive 30, or hard drive 32, when not energized. It is recognized that variations, changes and modifications may be made tp the security system of this invention, particularly when read by a person skilled in the art. Accordingly, no hmitation is intended to be imposed hereon except as set forth in the following claims.

Claims

Claims
1. In a computer system having first and second hard drives, a microprocessor, a host-mother board, and intemet access means, the improvement comprising in combination therewith the provision of a security system wherein a first said hard drive is dedicated to said internet and communications software, and said second hard drive is dedicated to private and confidential information to be protected from destructive viruses and unauthorized access, said security system further including switching means operable in an open or closed position to selectively control data being read by said host-mother board to only one of said hard drives.
2. The computer system combination according to claim 1 , including a pair of bus transceivers, one each interposed and electricaly connected between said host-mother board and a said hard drive, where said bus transceivers are used to pass data between said host-mother board and a selected said hard drive.
3. The computer system combination according to claim 2, including a buffer/line driver electrically connected to said microprocessor, and that when said switch is closed, said buffer/line driver sends all control signals from said host-mother board to pass directly to said first hard drive.
4. The computer system combination according to claim 3, including an energizing relay coil to drive signal activities between the said hard drives.
PCT/US2000/018500 1999-07-06 2000-07-06 Computer security system with dedicated hard drives WO2001002936A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU63417/00A AU6341700A (en) 1999-07-06 2000-07-06 Computer security system with dedicated hard drives

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US35026599A 1999-07-06 1999-07-06
US09/350,265 1999-07-06

Publications (2)

Publication Number Publication Date
WO2001002936A1 WO2001002936A1 (en) 2001-01-11
WO2001002936A9 true WO2001002936A9 (en) 2001-05-17

Family

ID=23375946

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/018500 WO2001002936A1 (en) 1999-07-06 2000-07-06 Computer security system with dedicated hard drives

Country Status (2)

Country Link
AU (1) AU6341700A (en)
WO (1) WO2001002936A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002067098A2 (en) * 2001-02-22 2002-08-29 Gaillard Frederic Computer cloning unit for purifying data and protecting against unauthorised access
US6816982B2 (en) 2001-03-13 2004-11-09 Gonen Ravid Method of and apparatus for computer hard disk drive protection and recovery
FR2824927A1 (en) * 2001-05-18 2002-11-22 Scaling Software Unalterable loading of a data process into a data system connected to a communication network, in which rebooting system passes through a transitory loading state to load a transitory program into memory
DE10153402A1 (en) * 2001-11-01 2003-05-15 Kai Dorau Method for secure exchange of electronic data in an online process, whereby access to the hard drive or storage unit is switched off when a processor has an online connection via a data line

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5969632A (en) * 1996-11-22 1999-10-19 Diamant; Erez Information security method and apparatus
CA2197502A1 (en) * 1997-02-13 1998-08-13 Joseph Skobla Multiple user secure hard drive interface
DE29702631U1 (en) * 1997-02-15 1998-08-27 Jost Rainer Dipl Ing Protection device against computer viruses and external espionage attacks on the hard disk during online or network operation of the computer

Also Published As

Publication number Publication date
WO2001002936A1 (en) 2001-01-11
AU6341700A (en) 2001-01-22

Similar Documents

Publication Publication Date Title
US5894551A (en) Single computer system having multiple security levels
US7366916B2 (en) Method and apparatus for an encrypting keyboard
US5949882A (en) Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm
CA2026739C (en) Transaction system security method and apparatus
Kuhn Cipher instruction search attack on the bus-encryption security microcontroller DS5002FP
CN101551784B (en) Method and device for encrypting data in ATA memory device with USB interface
JPS63125030A (en) Method of accessing remote terminal
JPH11316714A (en) Integrated circuit and smart card provided with the same
WO2005106622A1 (en) Method and apparatus providing multiple single levels of security for distributed processing in communication systems
CN101364187A (en) Double operating system computer against worms
CN107924365A (en) Anti- hacker's Computer Design
US7631348B2 (en) Secure authentication using a low pin count based smart card reader
KR20050010967A (en) Security processor with bus configuration
EP0436365B1 (en) Method and system for securing terminals
US6630926B2 (en) Apparatus and method for verifying keystrokes within a computing system
CN108197480A (en) Access control method, device and computer readable storage medium
Chadwick Smart Cards aren't always the Smart Choice
US5615262A (en) Device for securing an information system used in microcomputers
US6141422A (en) Secure cryptographic multi-exponentiation method and coprocessor subsystem
CN101420299B (en) Method for enhancing stability of intelligent cipher key equipment and intelligent cipher key equipment
EP1188104B1 (en) Identification device for authenticating a user
WO2001002936A9 (en) Computer security system with dedicated hard drives
KR20190012093A (en) Ssd based storage media with data protection
WO2008010653A1 (en) Computer system
CN100446016C (en) System for realizing data security protecting

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: C2

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: C2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

COP Corrected version of pamphlet

Free format text: PAGE 1/1, DRAWINGS, REPLACED BY A NEW PAGE 1/1; DUE TO LATE TRANSMITTAL BY THE RECEIVING OFFICE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct app. not ent. europ. phase
NENP Non-entry into the national phase in:

Ref country code: JP