Computer software encryption apparatus
First Claim
1. In a computer system having operating system software, at least a portion thereof being loaded into read/write memory, said operating system software implementing a file storage structure for storing data as individual files on different portions of a removable data storage medium, said structure including file allocation table means stored on said removable data storage medium and containing file allocation information for correlating said individual files with selected different portions of said medium in a first predetermined manner, a security system comprising:
- means programmably linked to said potion of said operating system software loaded into read/write memory for encrypting and storing said file allocation information on said removable data storage medium in an encrypted manner different from said first predetermined manner; and
means associated with said computer system for decrypting and using said file allocation information to correlate said individual files with said selected different portions of said medium, thereby permitting location and retrieval of data stored as files on said medium by said computer system.
0 Assignments
0 Petitions
Accused Products
Abstract
Data security is provided using an encryption/decryption algorithm which attaches at the primitive BIOS level of the operating system automatically during the power-on self-test routines. The encryption/decryption process is implemented by intercepting the removable media or floppy diskette interrupt in order to add additionasl interrupt ahandling routing instructions which perform the encryption and decryption of data passed between the diskette controller and the data transfer buffer area within system RAM. Bitwise alteratio of the data in a predefined relationship is used to encrypt and decrypt. The encryption/decryption system sttaches before the computer power-up sequence renders data entry hardware active, hence the user cannot readily override the secrity system. Data stored on nonremovable media such as hard disk media is not encrypted, thereby preserving the integrity of more permanent data.
309 Citations
11 Claims
-
1. In a computer system having operating system software, at least a portion thereof being loaded into read/write memory, said operating system software implementing a file storage structure for storing data as individual files on different portions of a removable data storage medium, said structure including file allocation table means stored on said removable data storage medium and containing file allocation information for correlating said individual files with selected different portions of said medium in a first predetermined manner, a security system comprising:
-
means programmably linked to said potion of said operating system software loaded into read/write memory for encrypting and storing said file allocation information on said removable data storage medium in an encrypted manner different from said first predetermined manner; and means associated with said computer system for decrypting and using said file allocation information to correlate said individual files with said selected different portions of said medium, thereby permitting location and retrieval of data stored as files on said medium by said computer system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. In a computer system having a processor means for operating on data comprising arrangements of binary digits, a power-on routine for causing said processor to scan a predetermined range of memory location addresses for instructions after power-on, means for enabling said processor means to communicate with data storage media comprising first program means including first BIOS input/output program for reading and writing data to a fixed data storage medium and second program means including second BIOS input/output program for reading and writing data to a removable data storage medium, said first and second BIOS input/output programs being selectively invoked by interrupt signals associated with an interrupt vector table stored in read/write memory, a data security system comprising:
-
security program means disposed within said predetermined range of memory location addresses for automatically altering said second program means during said power-on routine; said security program means including an encryption BIOS program and a vector table altering program, said vector table altering program being automatically invoked during said power-on routine to alter said interrupt vector table to substitute said encryption BIOS program for at least a portion of said second BIOS input/output program without altering said first BIOS input/output program; said encryption BIOS program of said security program means transforming data communicated between said removable data storage medium and said processor means such that said data stored on said removable data storage medium is represented using a different arrangement of binary digits than is used when said data is stored in said fixed data storage medium. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification