Trusted personal computer system with limited accessibility

US 5,918,007 A
Filed: 05/27/1992
Issued: 06/29/1999
Est. Priority Date: 05/27/1992
Status: Expired due to Fees

First Claim

Patent Images

1. A personal computer system for receiving and retaining data to be maintained at a selected one of a plurality of levels of security and capable of securing data retained within the system against unauthorized access, the system comprising:

a normally closed enclosure defining at least one physical opening for one of;

(i) passage of a flow of cooling air and (ii) insertion and removal of digital signal storage media and (iii) connection of cables and the like,at least one security feature element mounted within said enclosure for selective activation to secure and non-secure states, said security feature element when set into secure state protecting the personal computer system against access to stored data by an unauthorized user and being disposed within said enclosure at a location which is physically inaccessible to any unauthorized user of the personal computer system attempting to affect the state of said security feature element by insertion of a probe through said physical opening, anda system processor mounted within said enclosure and operatively connected with said security feature element for controlling access to data stored within the system by distinguishing between the secure and non-secure states of said element.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention relates to personal computer systems and, more particularly, to such a system having security features enabling control over access to data retained in such a system. The present invention protects a trusted personal computer system against a probing attack, in which an unauthorized user would attempt to overcome the security feature elements of the personal computer system by inserting some form of probe into an opening provided in the system enclosure for other, legitimate, purposes such as cooling air flow or removable media insertion. A plurality of security feature elements are mounted within the enclosure for selective activation to secure and non-secure states and are disposed at locations inaccessible to any unauthorized user of the personal computer system attempting to affect the operation of any one of the security feature elements by insertion of a probe through an opening.

Citations

8 Claims

1. A personal computer system for receiving and retaining data to be maintained at a selected one of a plurality of levels of security and capable of securing data retained within the system against unauthorized access, the system comprising:
- a normally closed enclosure defining at least one physical opening for one of;
  
  (i) passage of a flow of cooling air and (ii) insertion and removal of digital signal storage media and (iii) connection of cables and the like,at least one security feature element mounted within said enclosure for selective activation to secure and non-secure states, said security feature element when set into secure state protecting the personal computer system against access to stored data by an unauthorized user and being disposed within said enclosure at a location which is physically inaccessible to any unauthorized user of the personal computer system attempting to affect the state of said security feature element by insertion of a probe through said physical opening, anda system processor mounted within said enclosure and operatively connected with said security feature element for controlling access to data stored within the system by distinguishing between the secure and non-secure states of said element.
- View Dependent Claims (2, 3)
- - 2. A personal computer system according to claim 1 further comprising a plurality of said security feature elements and wherein said security feature elements comprise an erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state, and an option switch mounted within said enclosure and operatively connected with said erasable memory element for setting said erasable memory element to the active and inactive states.
  - 3. A personal computer system according to claim 1 further comprising a plurality of said security feature elements and wherein said security feature elements comprise an erasable memory element mounted within said enclosure for receiving and storing data indicative of correct entry of any stored privileged access password, and a tamper detection switch mounted within said enclosure and operatively connected with said erasable memory element for detecting unauthorized rendering of the interior of said enclosure accessible and for invalidating any previously stored privileged access password in response to any switching of said tamper switch.

4. A personal computer system for receiving and retaining data to be maintained at a selected one of a plurality of levels of security and capable of securing data retained within the system against unauthorized access, the system comprising:
- a normally closed enclosure defining a plurality of physical openings for (i) flow of cooling air and (ii) insertion and removal of digital signal storage media and (iii) connection of cables,a first erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state,an option switch mounted within said enclosure and operatively connected with said first erasable memory element for setting said first erasable memory element to the active and inactive states,a second erasable memory element mounted within said enclosure for receiving and storing data indicative (i) of the state of said first erasable memory element and (ii) of entry of a password which matches any privileged access password then stored in said first erasable memory element,a tamper detection switch mounted within said enclosure and operatively connected with said second erasable memory element for detecting unauthorized rendering of the interior of said enclosure accessible and for requiring entry of a password which matches any privileged access password then stored in said first erasable memory element in response to any switching of said tamper switch,said memory elements and said switches being disposed within said enclosure at locations which are physically inaccessible to any unauthorized user of the personal computer system attempting to affect the operation of any one of said memory elements and switches by insertion of a probe through any one of said plurality of physical openings, anda system processor mounted within said enclosure and operatively connected with said erasable memory elements for controlling access to at least certain levels of data stored within the system by distinguishing between the active and inactive states of said first memory element and between entry and non-entry of a password matching any valid privileged access password then stored.
- View Dependent Claims (5, 6, 7, 8)
- - 5. A personal computer system in accordance with claim 4 wherein said first erasable memory element is an electrically erasable programmable read only memory device.
  - 6. A personal computer system in accordance with claim 4 wherein said option switch functions for enabling an operator to select between secured operation of the system and unsecured operation of the system by selecting respective active and inactive states of said first memory element.
  - 7. A personal computer system in accordance with claim 6 wherein said option switch is manually operable and positioned within said enclosure for manual access only after rendering of the interior of said enclosure accessible.
  - 8. A personal computer system in accordance with claim 4 wherein said second erasable memory element is a battery backed CMOS RAM.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Original Assignee
International Business Machines Corporation
Inventors
Dayan, Richard Alan, Newman, Palmer Eugene, Moeller, Dennis Lee, Blackledge, John Wiley Jr., Zubay, Kenneth John Peter
Primary Examiner(s)
Sheikh, Ayaz R.

Application Number

US07/889,325
Time in Patent Office

2,589 Days
Field of Search

380/4, 380/25, 380/23, 395/725
US Class Current

726/34
CPC Class Codes

G06F 1/181 Enclosures for portable com...

G06F 21/86 Secure or tamper-resistant ...

Trusted personal computer system with limited accessibility

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted personal computer system with limited accessibility

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links