A METHOD FOR PROTECTING DATA RECORDED IN A TELEVISION SET HAVING INTERNET CONNECTION CAPABILITY"
Field of the Invention The present invention refers to television equipment that can be connected to the Internet, which is comprised of a television set portion and an additional computer portion, both these portions being interconnected with one another. More particularly, the present invention discloses a method applied to television equipment having characteristics enabling the same to be connected to the Internet, in order to protect the data recorded in the data storage device of the computer portion thereof from the action of computer programs or files that might be detrimental to the operation of the equipment, commonly designated as viruses, and against accidental disturbance of system configuration settings. Such method is preferentially implemented by means of a computer program.
Background of the Invention One of the most serious problems involving computers is the vulnerability thereof to attack by viruses, which consist in computer programs or files aimed at upsetting and even disabling the operation of such equipment.
The viruses may gain access to computers by means of data storage media such as, for example, floppy disks and compact discs (CDs), as well as by means of electronic files downloaded from the Internet or from an intranet.
The computers are usually provided with a hard disk drive wherein are stored, for example, the operating system, the application programs and various types of files. Since the hard disks are not write-protected due to the fact that the users need them to store their files, the viruses may install themselves in the hard disk and might corrupt or even disable the operation of the other computer programs.
If the user attempts to eliminate the virus by shutting down the computer and turning it on again, the virus will not have disappeared since it remains recorded in the hard disk. Therefore, there is normally required the use of anti-virus programs to eliminate the viruses, and in some cases a number of the user files may be permanently damaged due to the action of the virus even after the latter has been eliminated. Similarly, television equipment with Internet access capability is also subject to virus attacks, since the computer portion of the equipment may be affected thereby.
In addition to the matter of the effects brought about by the viruses, the data recorded in a data storage device such as, for example, a hard disk drive, may be accidentally deleted by the very user of the equipment. Such inadvertent action may cause loss of the system configuration settings, eventually causing the operation of the equipment to become unfeasible. Television equipment allowing access to the Internet is known in the art. More particularly, in document No. GB 2328824, published on
03/03/1999, there is disclosed a television set comprising a microprocessor that may be connected to the Internet by means of a fax-modem board. However, there is not disclosed, in either this or any other document, an apparatus comprised of a television set and a computer addressing therein the issue of protection of stored data against virus attacks and against accidental loss of system configuration settings.
Summary of the Invention The object of the present invention consists in a method that may be implemented by means of a computer program, aimed at protecting from virus attacks and from accidental loss of configuration settings a piece of equipment comprised of a television set portion and a computer portion, interconnected with one another, such equipment being capable of accessing the Internet and/or an intranet.
The primary components of the television set portion are: a television microcontroller, a tuner, an image display device - for example, a cathode ray tube - and a CRT control board. The main components of the computer portion are: a central data processing unit (CPU); a RAM-type (random access memory) memory device, which is a volatile memory for general use by the CPU, the data stored in such memory being lost when the equipment is turned off by disconnecting the power supply feed thereto; a ROM-type (Read Only Memory) memory device wherein is stored the BIOS (Basic Input Output System), which is a small program containing the initial instructions for operation of the CPU on startup; and a data
storage device, such as for example a hard disk drive or a Compact Flash® type card, which is an EEPROM-type (Electrically Erasable Programmable Read Only Memory) memory device. The method according to the present invention comprises the following steps: 1. creating at least two partitions in the data storage device; 2. storing, in at least one of the partitions created in the preceding step, of the main programs and files of the computer portion; 3. protecting the partition or partitions containing the programs and files stored in the preceding step against writing of data thereto; 4. diverting to the unprotected partition or partitions of the data storage device the writing of the Internet/intranet browsing optimization files and system configuration files; and 5. diverting to the RAM memory the writing of the files directed to the protected partition of the data storage device.
The unprotected partition or partitions of the data storage device that is/are intended for writing the Internet/intranet browsing optimization files and the system configuration files are preferentially not enabled to be viewed by the television equipment user.
Optionally, the method according to the present invention may comprise the additional step of allowing writing of other files and computer programs of the television equipment user to one of the unprotected partitions of the data storage device.
In such case it is preferred, according to the method of the present invention, that the unprotected partition or partitions intended for writing thereto the Internet/intranet browsing optimization files and the system configuration files be different from the unprotected partition or partitions intended for writing thereto the television equipment user's other files and computer programs.
As an option, the method according to the present invention comprises the additional step of allowing the content of any protected partition of the data storage device to be substituted with update files. Furthermore, the method according to the present invention may also comprise the step of allowing the BIOS stored in the ROM memory to be altered by update files.
The update files may be downloaded from the Internet/intranet or from data storage media, such as floppy disks or compact discs (CDs).
Brief description of the drawings In Figure 1 there is shown a diagram depicting the main components of the television equipment wherein will be carried out the method according to the present invention. In Figure 2 there is shown the first part of the flow diagram representing the method according to the present invention. In Figure 3 there is shown the continuation of the flow diagram that starts in Figure 2, which represents the method according to the present invention.
Detailed description of the invention The method according to the present invention is preferentially implemented by means of a computer program in television equipment comprised of a television set portion 1 and a computer portion 2.
The computer portion 2 comprises a RAM-type volatile memory 3, a data storage device 4, a ROM-type memory 5, a central data processing unit 6 (CPU) and connections for access to the Internet or to an intranet, such as a faxmodem device 7 and a network card 8.
The computer portion 2 further comprises at least one interface 9, preferentially of the USB (universal serial bus) type, to allow connection of peripheral devices to the CPU 6. These peripheral devices may consist, for example, in a printer, a keyboard, a mouse, or a receptor for a remote control device, for a wireless mouse or for a wireless keyboard.
The television set portion 1 refers to any television set which television microcontroller 10 is connected to the CPU 6 of the computer portion 2. In the preferred embodiment of the present invention, the television set microcontroller 10 is connected to the CPU by means of a parallel/serial converter 11 using a parallel port cable 12, and the CPU is further directly connected to the video input port 13 of the television set microcontroller.
The method according to the present invention will operate on the computer portion 2 of the television equipment. The first step consists in the creation of at least two partitions in the data storage device 4, which may
consist, for example, in a hard disk drive usually employed in personal computers or a Compact Flash® type card, which is an EEPROM memory (Electrically Erasable Programmable Read Only Memory). In the case of a hard disk drive there are preferentially created three partitions (C:, D: and E:), and in the case of a Compact Flash® type card, it is preferred to create two partitions (C: and D:). However, there should be pointed out that the number of partitions that can be created is variable and is directly dependent on the storage capacity of the devices at issue. Such capacity, and also the number of storage devices provided in any given equipment, is primarily limited by economic aspects, and in principle there is no technically based reason to inhibit the addition of partitions and storage devices to those provided herein as an example. The partitions of the data storage device 4 are created using a computer program utility such as, for example, FDISK, which is integrated in the DOS operating system provided by Microsoft® Corporation.
The second step of the method according to the present invention consists in storing in at least one of the partitions of the data storage device 4 the computer programs and the main files of the system, for example the operating system, application programs, peripheral equipment drivers, audio and video files and text files. This data and these programs are preferentially recorded by the supplier of the equipment.
In the preferred embodiment of the present invention the operation
system used is Windows XP Embedded®. Among the application programs there may be included as example, in addition to a browser type program that is essential to browse the Internet, other programs allowing the display of data files in specific formats, such as MS Word®, MS Excel®, MS PowerPoint®. It is also extremely advisable, and therefore preferential, the provision of a sound and image reproduction program such as Windows Media Player® and a driver to allow the connection of at least one printer to the equipment.
In the preferred embodiment of the present invention, the partition of the data storage device 4 wherein are recorded the main files and programs of the system, either in the hard disk drive or in the Compact Flash® means, is partition C:.
The third step of the method according to the present invention consists in write-protecting at least one of the partitions of the data storage device 4, the one wherein are recorded the previously described main files and programs. The protection of a given partition is performed using the very resources of the operating system of the computer portion 2. In the preferred embodiment of the present invention, the partition to be protected against writing of data is partition C : .
The fourth step of the method according to the present invention consists in directing the storage of the Internet/intranet browsing optimization files that are automatically downloaded from the Internet sites accessed by the user, and other system configuration files, to the unprotected partition or partitions of the data storage device 4.
The files that allow perfect Internet/intranet browsing may be provided in the Internet site itself in order to facilitate browsing by the user. For example, such files may be either the personal data of the user, to avoid requiring that the user provide his or her data every time he or she accesses the Internet site, or small application files to enable the user to view animations and images on the Internet site.
The system configuration files may consist, for example, in the network or service provider access configuration data. In the preferred embodiment of the present invention, the television equipment user is allowed to alter the Internet/intranet server data, such as the telephone number to be dialed and the TCP/IP protocol configurations.
In the preferred embodiment of the present invention, the operating system of the computer portion 2, is configured to direct the writing of data provided by the Internet/intranet sites and of system configuration data to the unprotected partition D:. Although this partition is unprotected, the operating system of the computer portion 2 is preferentially configured to not enable the user of the television equipment to view this partition.
When optionally the data storage device 4 is a hard disk drive, the method according to the present invention preferentially comprises the additional step of allowing storage of other files of interest to the user in one or more unprotected partition(s).
For example, in a preferred embodiment of the present invention
the hard disk drive would have three partitions, C:, D: and E:, where partition E: would be intended for storage of the user's personal files.
In that specific case, a relevant aspect of the present invention is that there is no communication between protected and unprotected partitions.
Therefore, should a virus be stored in an unprotected partition, such virus will be unable to gain access to the main system data stored in the write-protected partition of the data storage device 4. The fifth step of the method according to the present invention consists in directing to the RAM memory 3 any data the user attempts to write to the protected partition of the data storage device 4.
When the user attempts to write to the computer portion 2 a file downloaded from the Internet/intranet or originating from an external storage device such as a floppy disk, a compact disc (CD) or from another computer, the method according to the present invention will cause such writing to be automatically diverted to the RAM memory 3, which is used to emulate a conventional storage device, instead of being written to the data storage device 4
In the preferred embodiment of the present invention, the operating system of the computer portion 2 is configured to automatically divert to the RAM memory 3 any attempt to write any file to the protected partition C. The actual result of the above described steps is that any downloaded file that is infected with a virus is written to the RAM memory and
not to the conventional storage device emulated thereby. Therefore, the user merely has to turn off the equipment and turn it on again in order to have the virus disappear, since the RAM memory 3 is volatile, that is, everything that is written thereto is temporary and is deleted when the equipment is turned off.
Optionally, the method in accordance with the present invention may comprise an additional step allowing updating of the content of the protected partition of the data storage device 4. To this effect, the user may, for example, access the equipment manufacturer web page on the Internet and download an update file that will be written to the protected partition of the data storage device 4.
This update file is provided with specific security encoding that may be decoded using the method according to the present invention. Therefore, since this is a secure file which downloading is authorized by the manufacturer of the equipment, the method according to the present invention will enable this file to be written to the protected partition of the data storage device 4.
In the preferred embodiment of the present invention, the operating system of the computer portion 2 is configured to automatically check for available updates. If an update is available, a message is displayed to the user informing the same on the availability of such update.
If the user agrees to update the system, the update file will start downloading to the unprotected partition D.\ When the download is concluded, the equipment will be automatically turned off and will subsequently restart with
the protection filter of partition C: disabled, thus allowing automatic transfer of the update file from partition D: to partition C:, this transfer being possible only due to this file being recognized by the operating system as being an update file. Upon conclusion of the transfer operation the equipment will be automatically turned off and restarted, at which time the protection filter for partition C: will be active and the update will have been concluded.
Similarly, as an option, the method according to the present invention may comprise an additional step allowing updating of the BIOS stored in the ROM memory 5. To that end, the user may also access the website of the television equipment manufacturer and download an update file that will replace the file originally recorded in the ROM memory 5. This update file is encoded such that the method according to the present invention will enable the download thereof to the ROM memory 5.
The same security conditions listed above apply to this situation, and therefore in the preferred embodiment of the present invention the BIOS may only be updated with a file that is directly downloaded from the manufacturer's website.
However, the update files cited in the two options above may also be inserted into the television equipment using data storage media such as a floppy disk or a compact disc (CD).
Although the method according to the present invention has been
preferentially disclosed in regard of television equipment with Internet connection capability, the same may also be applied in a conventional computer.