Computer software encryption apparatus
First Claim
1. In a computer system having a fixed data storage medium, a removable data storage medium and a buffer area for communicating with said fixed data storage medium and said removable data storage medium, a data security system comprising:
- a selectively invocable nonencrypting operating routine for controlling said removable data storage medium;
a selectively invocable encrypting operating routine for controlling said removable data storage medium;
a power-on self-test routine for automatically enabling said encrypting operating routine and disabling said nonencrypting operating routine upon power up of said computer system;
a security means invoked by said encrypting operating routine and communicating with said buffer area for automatically intercepting and encrypting data flowing from said buffer area to said removable data storage medium for storage on said removable data storage medium in an encrypted state and for intercepting and decrypting data flowing from said removable data storage medium to said buffer area without intercepting and encrypting data flowing from said buffer area to said fixed data storage medium; and
a means for testing user input requesting encryption to be disabled and responding to said user input by enabling said nonencrypting operating routine and disabling said encrypting operating routine.
1 Assignment
0 Petitions
Accused Products
Abstract
Data security is provided using an encryption/decryption algorithm which attaches at the primitive BIOS level of the operating system automatically during the power-on self-test routines. The encryption/decryption process is implemented by intercepting the removable media or floppy diskette interrupt in order to add additional interrupt handling routing instructions which perform the encryption and decryption of data passed between the diskette controller and the data transfer buffer area within system RAM. Bitwise alteration of the data in a predefined relationship is used to encrypt and decrypt. The encryption/decryption system attaches before the computer power-up sequence renders data entry hardward active, hence the user cannot readily override the security system. Data stored on nonremovable media such as hard disk media is not encrypted, thereby preserving the integrity of more permanent data.
46 Citations
13 Claims
-
1. In a computer system having a fixed data storage medium, a removable data storage medium and a buffer area for communicating with said fixed data storage medium and said removable data storage medium, a data security system comprising:
-
a selectively invocable nonencrypting operating routine for controlling said removable data storage medium; a selectively invocable encrypting operating routine for controlling said removable data storage medium; a power-on self-test routine for automatically enabling said encrypting operating routine and disabling said nonencrypting operating routine upon power up of said computer system; a security means invoked by said encrypting operating routine and communicating with said buffer area for automatically intercepting and encrypting data flowing from said buffer area to said removable data storage medium for storage on said removable data storage medium in an encrypted state and for intercepting and decrypting data flowing from said removable data storage medium to said buffer area without intercepting and encrypting data flowing from said buffer area to said fixed data storage medium; and a means for testing user input requesting encryption to be disabled and responding to said user input by enabling said nonencrypting operating routine and disabling said encrypting operating routine. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. In a computer system having a processor means for operating on data comprising arrangements of binary digits, means for implementing a power-on routine for causing said processor to scan a predetermined range of memory location addresses for instructions after power-on, means for enabling said processor means to communicate with data storage media comprising program means for reading and writing data to a fixed data storage medium and to a removable data storage medium, a data security system comprising:
-
security program means disposed within said predetermined range of memory location addresses and providing instructions for causing said processor means to automatically alter said program means for reading and writing during said power-on routine; said security program means causing data communicated between at least one of said fixed and removable data storage media and said processor means to be altered such that said data stored on said one of said data storage media is represented using a different arrangement of binary digits than is used when said data is operated upon by said processor; said security program means further including means for testing user input requesting the disabling of security and for responding to said user input by causing data communicated between at least one of said fixed and removable data storage media and said processor means to be communicated without alteration, such that said data stored on said one of said data storage media is represented using the same arrangement, of binary digits as is used when said data is operated upon by said processor. - View Dependent Claims (9, 10, 11, 12, 13)
-
Specification