Trusted personal computer system with limited accessibility
First Claim
1. A personal computer system for receiving and retaining data to be maintained at a selected one of a plurality of levels of security and capable of securing data retained within the system against unauthorized access, the system comprising:
- a normally closed enclosure defining at least one physical opening for one of;
(i) passage of a flow of cooling air and (ii) insertion and removal of digital signal storage media and (iii) connection of cables and the like,at least one security feature element mounted within said enclosure for selective activation to secure and non-secure states, said security feature element when set into secure state protecting the personal computer system against access to stored data by an unauthorized user and being disposed within said enclosure at a location which is physically inaccessible to any unauthorized user of the personal computer system attempting to affect the state of said security feature element by insertion of a probe through said physical opening, anda system processor mounted within said enclosure and operatively connected with said security feature element for controlling access to data stored within the system by distinguishing between the secure and non-secure states of said element.
2 Assignments
0 Petitions
Accused Products
Abstract
This invention relates to personal computer systems and, more particularly, to such a system having security features enabling control over access to data retained in such a system. The present invention protects a trusted personal computer system against a probing attack, in which an unauthorized user would attempt to overcome the security feature elements of the personal computer system by inserting some form of probe into an opening provided in the system enclosure for other, legitimate, purposes such as cooling air flow or removable media insertion. A plurality of security feature elements are mounted within the enclosure for selective activation to secure and non-secure states and are disposed at locations inaccessible to any unauthorized user of the personal computer system attempting to affect the operation of any one of the security feature elements by insertion of a probe through an opening.
-
Citations
8 Claims
-
1. A personal computer system for receiving and retaining data to be maintained at a selected one of a plurality of levels of security and capable of securing data retained within the system against unauthorized access, the system comprising:
-
a normally closed enclosure defining at least one physical opening for one of;
(i) passage of a flow of cooling air and (ii) insertion and removal of digital signal storage media and (iii) connection of cables and the like,at least one security feature element mounted within said enclosure for selective activation to secure and non-secure states, said security feature element when set into secure state protecting the personal computer system against access to stored data by an unauthorized user and being disposed within said enclosure at a location which is physically inaccessible to any unauthorized user of the personal computer system attempting to affect the state of said security feature element by insertion of a probe through said physical opening, and a system processor mounted within said enclosure and operatively connected with said security feature element for controlling access to data stored within the system by distinguishing between the secure and non-secure states of said element. - View Dependent Claims (2, 3)
-
-
4. A personal computer system for receiving and retaining data to be maintained at a selected one of a plurality of levels of security and capable of securing data retained within the system against unauthorized access, the system comprising:
-
a normally closed enclosure defining a plurality of physical openings for (i) flow of cooling air and (ii) insertion and removal of digital signal storage media and (iii) connection of cables, a first erasable memory element mounted within said enclosure for selective activation to active and inactive states and for receiving and storing a privileged access password when in the active state, an option switch mounted within said enclosure and operatively connected with said first erasable memory element for setting said first erasable memory element to the active and inactive states, a second erasable memory element mounted within said enclosure for receiving and storing data indicative (i) of the state of said first erasable memory element and (ii) of entry of a password which matches any privileged access password then stored in said first erasable memory element, a tamper detection switch mounted within said enclosure and operatively connected with said second erasable memory element for detecting unauthorized rendering of the interior of said enclosure accessible and for requiring entry of a password which matches any privileged access password then stored in said first erasable memory element in response to any switching of said tamper switch, said memory elements and said switches being disposed within said enclosure at locations which are physically inaccessible to any unauthorized user of the personal computer system attempting to affect the operation of any one of said memory elements and switches by insertion of a probe through any one of said plurality of physical openings, and a system processor mounted within said enclosure and operatively connected with said erasable memory elements for controlling access to at least certain levels of data stored within the system by distinguishing between the active and inactive states of said first memory element and between entry and non-entry of a password matching any valid privileged access password then stored. - View Dependent Claims (5, 6, 7, 8)
-
Specification