WO1993009495A1 - Computer memory protection - Google Patents

Computer memory protection Download PDF

Info

Publication number
WO1993009495A1
WO1993009495A1 PCT/AU1992/000594 AU9200594W WO9309495A1 WO 1993009495 A1 WO1993009495 A1 WO 1993009495A1 AU 9200594 W AU9200594 W AU 9200594W WO 9309495 A1 WO9309495 A1 WO 9309495A1
Authority
WO
WIPO (PCT)
Prior art keywords
write
controller
address
memory
disabling
Prior art date
Application number
PCT/AU1992/000594
Other languages
French (fr)
Inventor
Thomas Joseph Rogers
Original Assignee
Australian Tech Support Pty. Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Australian Tech Support Pty. Ltd. filed Critical Australian Tech Support Pty. Ltd.
Priority to JP5508045A priority Critical patent/JPH07500935A/en
Priority to EP19920923327 priority patent/EP0614553A4/en
Publication of WO1993009495A1 publication Critical patent/WO1993009495A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1441Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range

Definitions

  • the invention is directed to a method and apparatus for preventing the unauthorised writing of data to selected portions of a memory device, such as a hard disc of a computer.
  • the invention is particularly useful for preventing "virus” programmes becoming resident in a computer memory device.
  • viruses are unwanted programmes which are designed to interfere with the normal or intended operation of a computer. Although some viruses may only be mischievous in their operation, many viruses are written with malicious intent to cause serious damage, for example by destroying valuable data on a hard disc or otherwise rendering such data irretrievable. The damage caused by such computer viruses can be catastrophic.
  • Any virus regardless of its effect, is a threat to the security of a computer system.
  • Significant costs and downtime are incurred in searching for, and eradicating, virus programmes which may have found their way into a computer memory, and replacing lost data and programmes.
  • viruses pose a serious threat to all computer systems, large or small.
  • virus detection techniques have been proposed. Such techniques are normally software-based. Typically, an anti-virus programme attempts to detect the presence of a virus in a computer memory, such as a hard disc, by searching for a characteristic string of binary digits which identifies the virus. However, such software techniques are not effective for all known viruses. Further, some virus programmes are known to "mutate” and alter their characteristic string, thereby making such programmes virtually undetectable using conventional software techniques. Another known anti-virus programme seeks to foil the intended operation of the virus by trapping interrupt commands. However, this known programme is not always effective against some viruses, and completely ineffective against others.
  • U.S. patent no. 5,144,660 (and its equivalent Australian patent application no. 40095/89) describes a method of securing a computer against undesired write operations to, or read operations from, a hard disc of the computer in order to protect the computer against viruses. This method involves interposing logic circuitry between the disc controller and the read/write head(s) of the disc drive, decoding control signals between the controller and the disc drive and, in response to such decoding, controlling the write or read operations from the disc drive.
  • the prior art method and apparatus are not suitable for computer systems in which the disc controller and the read/write head(s) are formed as a single unit.
  • the prior art protection apparatus cannot differentiate between signals sent by the CPU to the disc controller, e.g. between write commands and "low level" format commands.
  • the write protection device was positioned between the controller and the disc, it was impossible to tell whether the controller was writing data or doing a low level format command as both give the same signals leaving the controller.
  • the present invention provides apparatus for preventing the unwanted writing of data to selected portion(s) of a memory device of a computer having a CPU and a controller for the memory device, the apparatus comprising a write protection device having memory means containing the address(es) of selected portion(s) of the memory to which data is not intended to be written; decoding means for reading the address of any write command to the memory device; comparator means for comparing the write address with the address(es) of the selected portion(s) and disabling means responsive to the output of the comparator means for disabling the write command, characterised in that the write protection device is connected between the CPU and the controller.
  • the decoding means also detects low level format commands and these are stopped in the same manner as write commands to protected sectors.
  • the present invention provides a method of preventing unwanted writing of data to selected portion(s) of a memory device of a computer having a CPU and a controller for the memory device, comprising the steps of
  • steps (d) disabling those write commands having an address corresponding to the preselected portion(s), characterised in that steps (b)-(d) are performed by a write protection device connected between the CPU and the controller.
  • low level format commands are also detected and disabled.
  • data is intended to include any information or program which may be stored in electronic or magnetic format in the memory device.
  • the memory device is the hard disc of a computer, but may be any other sectored or addressable non-volatile memory device, such as a laser disc, floppy disc, RAM, etc.
  • a particular advantage of the present invention is that individual portions of the memory device corresponding to specific addresses can be protected separately.
  • the memory device is a hard disc, individual sectors in a particular cylinder can be protected.
  • the logic circuitry detects any attempt to write a particular sector by decoding the write address and comparing it with stored addresses of sectors to be write protected. If an attempt is made to write to a "protected" sector, the write command will be disabled, i.e. the write command will be prevented from reaching the controller or otherwise rendered ineffective. However, if an attempt is made to write to a sector which is not protected, the write command will be permitted to be executed even though that sector may be in the same cylinder as a protected sector.
  • a virus programme normally is transferred to the boot sector of a hard disc of the computer, typically when the computer is switched on with a floppy disc (having the virus programme) inserted in a disc drive of the machine.
  • the boot sector, and all the sectors in the partition area are permanently write barred. That is, these, portions of the hard disc of the computer would normally always be selected to prevent the writing of any data or programme thereto. If other portions of the memory device are to be write barred, the addresses of these portions can be stored in a look-up table, e.g. in non-volatile memory. The address of any write command can then be compared also with the addresses in the look-up table to ascertain whether the write command will be carried out.
  • the write protection device of this invention is inserted between the CPU and the controller, it has the advantage of being able to selectively prevent other commands, such as low level format commands from being executed.
  • FIG. 1 is a circuit diagram illustrating the write protection circuit of an embodiment of this invention connected to a computer system
  • Fig. 2 is a circuit diagram of part of the write protection circuit of Fig. 1 for fixed memory portions; and Fig. 3 is a circuit diagram of part of the write protection device of Fig. 1 for selectable memory portions.
  • the write protection circuit of the illustrated embodiment monitors all commands sent to the controller for the memory or storage device, typically a hard disc. These commands will move the read/write head or other mechanism to a particular portion of the storage device, e.g. to a particular sector of the hard disc. In particular, the write protection device detects write and format commands.
  • the write protection device tracks these sector commands and compares the write addresses with preselected addresses and/or addresses in a look-up table to determine whether a write command is permissible. If the write address corresponds to a preset sector or a sector listed in the look-up table, the write protection circuit disables the write command, e.g. by not permitting the command to reach the storage device. Low level format commands are also disabled. All read commands however, are unaffected. As illustrated in the drawings, particularly
  • the write protection device 10 can be mounted on a card and interconnected between the CPU and the controller of the hard disc (or other storage device) of a computer. Plug-in and/or piggy-back connections connected to the input and output of the card allow quick and simple installation in the computer.
  • the write protection device taps into the memory data bus to monitor the commands from the CPU to the controller for the hard disc. These commands may include read, write, format, recalibrate, verify, reset and identify commands. The recalibrate, write, format and reset commands are detected. A sector within the hard disc is selected by writing values to registers in the hard drive controller to select a particular read/write head, a track or cylinder, and the required sector on that cylinder.
  • the commands on the data bus are tracked by an instruction decoder 11 which detects any write or low level format commands and provides the appropriate output.
  • the commands are also fed to registers 12-15 which have been preset to detect preselected values. In the illustrated embodiment, these values correspond to all sectors in the partition area, and the boot sector, of the hard disc. (The partition area is cylinder 0, head 0 and all the sectors on that cylinder/head. The boot sector is cylinder 0, head 1, sector 1).
  • AND gate 5 is inverted by inverter 9, and ANDed with the system write command by AND gate 6, the output (HDIOW) of which is fed to the device controller.
  • the command address corresponds to one of the preset addresses in latches 12- 15, the write command will be prevented from reaching the device controller. If the output of AND gate 5 goes high, an alarm
  • flip-flop 7 indicating that an attempt has been made to write to a protected area of the disc. Once the alarm 8 has been triggered the output ⁇ Q of flip- flop 7 is latched low and all write commands are stopped by AND gate 6 regardless of their drive or sector. This acts as a fail safe to prevent further damage once the protected sectors are threatened.
  • Jumper switch J2 is connected to the input of
  • the jumper switch J2 may suitably be key operated.
  • the head/cylinder/sector addresses of such sectors can be stored in a look-up table in non-volatile memory, such as an EPROM, EEPROM, or static RAM with battery backup, connected to the OR gate 4 via jumper switch Jl.
  • non-volatile memory such as an EPROM, EEPROM, or static RAM with battery backup
  • jumper switch Jl As illustrated in Fig. 3, a one Mbyte EEPROM 160 is provided to store the locations of the sectors to be write protected. These sectors can be varied by reprogra ⁇ uning the EEPROM 160.
  • Each command address is compared with the addresses of the preselected sectors using suitable comparator means, such as a programmable logic array.
  • the output of the comparison is fed via Jl to the input of OR gate 4.
  • the write protection device of the illustrated embodiment monitors the read/write commands in parallel with the hard disc controller and will normally allow all commands to reach the controller. However, when a write command is issued, and the read/write heads have been positioned to the restricted sectors, the write command will be prevented from reaching the controller, thereby preventing writing to the protected sectors. Low level format commands can also be blocked separately from write commands.
  • a particular advantage of the write protection system is that as there is no overhead in time required to check the validity of the write command, there is no degradation in performance.
  • the write protection device is based wholly on hardware, it can be adapted to any software operating system.
  • the decoder 11 can also be modified to detect other selected commands to be disabled.

Abstract

A write protection device (10) prevents data from being written to selected portions of the hard disc of a computer. The write protection device is connected between the CPU of the computer and the controller for the hard drive. The write protection device monitors the read/write commands from the CPU to the controller. The address of each write command is compared with preselected address(es) stored in registers (12, 15) corresponding to the partition area and boot sector, and/or any other preselected address listed in a look-up table (160). In the event of a positive comparison, the write command is prevented from reaching the controller. Individual sectors of the disc can be write protected while still permitting writing to other sectors, even within the same cylinder. Low level format commands can be detected and disabled separately from write commands.

Description

"COMPUTER MEMORY PROTECTION" THIS INVENTION relates to computer security. In particular, the invention is directed to a method and apparatus for preventing the unauthorised writing of data to selected portions of a memory device, such as a hard disc of a computer. The invention is particularly useful for preventing "virus" programmes becoming resident in a computer memory device.
BACKGROUND OF THE INVENTION So-called "virus" computer programmes, or more simply "viruses", are unwanted programmes which are designed to interfere with the normal or intended operation of a computer. Although some viruses may only be mischievous in their operation, many viruses are written with malicious intent to cause serious damage, for example by destroying valuable data on a hard disc or otherwise rendering such data irretrievable. The damage caused by such computer viruses can be catastrophic.
Any virus, regardless of its effect, is a threat to the security of a computer system. Significant costs and downtime are incurred in searching for, and eradicating, virus programmes which may have found their way into a computer memory, and replacing lost data and programmes. With the increasing prevalence and variety of virus programmes in recent years, viruses pose a serious threat to all computer systems, large or small.
Various virus detection techniques have been proposed. Such techniques are normally software-based. Typically, an anti-virus programme attempts to detect the presence of a virus in a computer memory, such as a hard disc, by searching for a characteristic string of binary digits which identifies the virus. However, such software techniques are not effective for all known viruses. Further, some virus programmes are known to "mutate" and alter their characteristic string, thereby making such programmes virtually undetectable using conventional software techniques. Another known anti-virus programme seeks to foil the intended operation of the virus by trapping interrupt commands. However, this known programme is not always effective against some viruses, and completely ineffective against others.
U.S. patent no. 5,144,660 (and its equivalent Australian patent application no. 40095/89) describes a method of securing a computer against undesired write operations to, or read operations from, a hard disc of the computer in order to protect the computer against viruses. This method involves interposing logic circuitry between the disc controller and the read/write head(s) of the disc drive, decoding control signals between the controller and the disc drive and, in response to such decoding, controlling the write or read operations from the disc drive.
However, the protection technique taught by U.S. patent no. 5,144,660 has several inherent disadvantages. First, since the logic circuitry is interposed between the controller and the hard disc, it is only possible to read or write protect whole cylinders on the disc. That is, it is not possible to differentiate between sectors within a particular cylinder on the disc. For example, cylinder 0 head 0 sector 1 of the disc normally contains a partition table and the rest of the sectors are .not used. The prior art system requires that all sectors on the cylinder be protected even though only one sector is required to be protected as a precaution against virus programmes. Further, cylinder 0 head 1 sector 1 is normally allocated to the master DOS boot record, while cylinder 0 head 1 sector 2 is normally the file allocation table. Although it may be desired to protect the master DOS boot record but not the file allocation table, the prior art method and apparatus does not permit such differentiation within a cylinder.
Secondly, the prior art method and apparatus are not suitable for computer systems in which the disc controller and the read/write head(s) are formed as a single unit.
Thirdly, since separate cables are provided for control and data signals, the protection apparatus of U.S. patent no. 5,144,660 requires a counter to track the particular cylinder being addressed.
Fourthly, the prior art protection apparatus cannot differentiate between signals sent by the CPU to the disc controller, e.g. between write commands and "low level" format commands. As the write protection device was positioned between the controller and the disc, it was impossible to tell whether the controller was writing data or doing a low level format command as both give the same signals leaving the controller.
It is an object of the present invention to provide improved apparatus and method for preventing unwanted information, data or programmes, such as viruses, being written to a data storage device of a computer.
SUMMARY OF THE INVENTION In one broad form, the present invention provides apparatus for preventing the unwanted writing of data to selected portion(s) of a memory device of a computer having a CPU and a controller for the memory device, the apparatus comprising a write protection device having memory means containing the address(es) of selected portion(s) of the memory to which data is not intended to be written; decoding means for reading the address of any write command to the memory device; comparator means for comparing the write address with the address(es) of the selected portion(s) and disabling means responsive to the output of the comparator means for disabling the write command, characterised in that the write protection device is connected between the CPU and the controller.
Preferably, the decoding means also detects low level format commands and these are stopped in the same manner as write commands to protected sectors.
In another form, the present invention provides a method of preventing unwanted writing of data to selected portion(s) of a memory device of a computer having a CPU and a controller for the memory device, comprising the steps of
(a) selecting the portion(s) of the memory device to which data is not intended to be written and storing the address(es) of the portion(s), (b) reading the address of any write command from the CPU to the controller,
(c) comparing the write address with the stored address(es) of the preselected portion(s), and
(d) disabling those write commands having an address corresponding to the preselected portion(s), characterised in that steps (b)-(d) are performed by a write protection device connected between the CPU and the controller.
Preferably, low level format commands are also detected and disabled.
The term "data" is intended to include any information or program which may be stored in electronic or magnetic format in the memory device.
Typically, the memory device is the hard disc of a computer, but may be any other sectored or addressable non-volatile memory device, such as a laser disc, floppy disc, RAM, etc.
As the memory is write protected by hardware means, the security system cannot be overwritten or circumvented by software.
By using hardware to physically prevent the writing of data to preselected - portions of the memory device, those portions of the memory device effectively become read-only-memory, permitting data to be read but not written thereto. Since all data will be prevented from being written to the preselected portions of the storage device, viruses will be thwarted, regardless of their particular composition or mode of operation, as such viruses will not be able to become resident in the preselected portions of the memory device.
A particular advantage of the present invention is that individual portions of the memory device corresponding to specific addresses can be protected separately. Thus, if the memory device is a hard disc, individual sectors in a particular cylinder can be protected. The logic circuitry detects any attempt to write a particular sector by decoding the write address and comparing it with stored addresses of sectors to be write protected. If an attempt is made to write to a "protected" sector, the write command will be disabled, i.e. the write command will be prevented from reaching the controller or otherwise rendered ineffective. However, if an attempt is made to write to a sector which is not protected, the write command will be permitted to be executed even though that sector may be in the same cylinder as a protected sector. A virus programme normally is transferred to the boot sector of a hard disc of the computer, typically when the computer is switched on with a floppy disc (having the virus programme) inserted in a disc drive of the machine. In the preferred embodiment of this invention, the boot sector, and all the sectors in the partition area, are permanently write barred. That is, these, portions of the hard disc of the computer would normally always be selected to prevent the writing of any data or programme thereto. If other portions of the memory device are to be write barred, the addresses of these portions can be stored in a look-up table, e.g. in non-volatile memory. The address of any write command can then be compared also with the addresses in the look-up table to ascertain whether the write command will be carried out.
Since the write protection device of this invention is inserted between the CPU and the controller, it has the advantage of being able to selectively prevent other commands, such as low level format commands from being executed.
In order that the invention may be more fully understood and put into practice, a preferred embodiment thereof will now be described with reference to the accompanying drawings.
BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a circuit diagram illustrating the write protection circuit of an embodiment of this invention connected to a computer system;
Fig. 2 is a circuit diagram of part of the write protection circuit of Fig. 1 for fixed memory portions; and Fig. 3 is a circuit diagram of part of the write protection device of Fig. 1 for selectable memory portions.
DESCRIPTION OF PREFERRED EMBODIMENT The write protection circuit of the illustrated embodiment monitors all commands sent to the controller for the memory or storage device, typically a hard disc. These commands will move the read/write head or other mechanism to a particular portion of the storage device, e.g. to a particular sector of the hard disc. In particular, the write protection device detects write and format commands.
The write protection device tracks these sector commands and compares the write addresses with preselected addresses and/or addresses in a look-up table to determine whether a write command is permissible. If the write address corresponds to a preset sector or a sector listed in the look-up table, the write protection circuit disables the write command, e.g. by not permitting the command to reach the storage device. Low level format commands are also disabled. All read commands however, are unaffected. As illustrated in the drawings, particularly
Fig. 1, the write protection device 10 can be mounted on a card and interconnected between the CPU and the controller of the hard disc (or other storage device) of a computer. Plug-in and/or piggy-back connections connected to the input and output of the card allow quick and simple installation in the computer.
The write protection device taps into the memory data bus to monitor the commands from the CPU to the controller for the hard disc. These commands may include read, write, format, recalibrate, verify, reset and identify commands. The recalibrate, write, format and reset commands are detected. A sector within the hard disc is selected by writing values to registers in the hard drive controller to select a particular read/write head, a track or cylinder, and the required sector on that cylinder.
As shown more specifically in Fig. 2, the commands on the data bus are tracked by an instruction decoder 11 which detects any write or low level format commands and provides the appropriate output. The commands are also fed to registers 12-15 which have been preset to detect preselected values. In the illustrated embodiment, these values correspond to all sectors in the partition area, and the boot sector, of the hard disc. (The partition area is cylinder 0, head 0 and all the sectors on that cylinder/head. The boot sector is cylinder 0, head 1, sector 1).
If the sector of the command address fed to registers 12-15 corresponds to one of the preset sector addresses representing the partition area or boot sector, the output of AND gate 2 or AND gate 3 will be high, and hence the output of OR gate 4 will also be high. The output of the OR gate 4 is ANDed with the WRITE command output from the instruction decoder 11 by AND gate 5.
The output of AND gate 5 is inverted by inverter 9, and ANDed with the system write command by AND gate 6, the output (HDIOW) of which is fed to the device controller. Thus, if the command address corresponds to one of the preset addresses in latches 12- 15, the write command will be prevented from reaching the device controller. If the output of AND gate 5 goes high, an alarm
8 is triggered by flip-flop 7 indicating that an attempt has been made to write to a protected area of the disc. Once the alarm 8 has been triggered the output ~Q of flip- flop 7 is latched low and all write commands are stopped by AND gate 6 regardless of their drive or sector. This acts as a fail safe to prevent further damage once the protected sectors are threatened.
Jumper switch J2 is connected to the input of
AND gate 5 to effectively short out the write protection mechanism, e.g. if it is desired to write to the protected areas. The jumper switch J2 may suitably be key operated.
If other sectors of the hard disc are to be write barred, the head/cylinder/sector addresses of such sectors can be stored in a look-up table in non-volatile memory, such as an EPROM, EEPROM, or static RAM with battery backup, connected to the OR gate 4 via jumper switch Jl. As illustrated in Fig. 3, a one Mbyte EEPROM 160 is provided to store the locations of the sectors to be write protected. These sectors can be varied by reprograπuning the EEPROM 160.
Each command address is compared with the addresses of the preselected sectors using suitable comparator means, such as a programmable logic array. The output of the comparison is fed via Jl to the input of OR gate 4. Thus, if the command address corresponds to either the partition area or boot sector or any other preselected address listed in the look-up table 160, the output of AND gate 5 will be high and the output of AND gate 6 (to the controller) will be low, and hence the write command (IOW) from the CPU will be effectively prevented from reaching the device controller.
Both the output of AND gate 5 and the FORMAT COMMAND output of decoder 11 are connected to OR gate 10, the output of which is connected to invert 9 and the alarm 8. In this manner, any low level format command to any physical drive connected to the controller will be prevented from reaching the hard disc controller, and will also trigger the alarm 8. The write protection device of the illustrated embodiment can therefore protect against low level format commands while still allowing write commands.
In summary, the write protection device of the illustrated embodiment monitors the read/write commands in parallel with the hard disc controller and will normally allow all commands to reach the controller. However, when a write command is issued, and the read/write heads have been positioned to the restricted sectors, the write command will be prevented from reaching the controller, thereby preventing writing to the protected sectors. Low level format commands can also be blocked separately from write commands.
A particular advantage of the write protection system is that as there is no overhead in time required to check the validity of the write command, there is no degradation in performance. As the write protection device is based wholly on hardware, it can be adapted to any software operating system.
The foregoing describes only one embodiment of the invention, and modifications which are obvious to those skilled in the art may be made thereto without departing from the scope of the invention as defined in the following claims. For example, although the write protection device has been described with particular reference to a hard disc, it can be used to protect any memory system based on a sector type format.
The decoder 11 can also be modified to detect other selected commands to be disabled.

Claims

CLAIMS :
1. Apparatus for preventing the unwanted writing of data to selected portion(s) of a memory device of a computer having a CPU and a controller for the memory device, the apparatus comprising a write protection device having memory means containing the address(es) of selected portion(s) of the memory to which data is not intended to be written; decoding means for reading the address of any write command to the memory device; comparator means for comparing the write address with the address(es) of the selected portion(s) and disabling means responsive to the output of the comparator means for disabling the write command, characterised in that the write protection device is connected between the CPU and the controller.
2. Apparatus as claimed in claim 1, wherein the memory device is a hard disc drive.
3. Apparatus as claimed in claim 2, wherein the addresses of the partition area and the boot sector of the hard disc are preset in the memory means.
4. Apparatus as claimed in claim 3, wherein the memory means further comprises a look-up table and the addresses of further portions of the hard disc which are to be write protected are stored in the look-up table.
5. Apparatus as claimed in claim 1 wherein the decoding means also detects any format command and provides an output to the disabling means to render the command ineffective.
6. Apparatus as claimed in claim 1, wherein the write protection device further comprises alarm means responsive to the comparator means for signalling an attempt to write to a write protected portion of the memory device.
7. Apparatus as claimed in claim 6 wherein the alarm means is also triggered by the detection of a format command by the decoding means.
8. Apparatus as claimed in claim 1, further comprising user-operated means for disabling the operation of the write protection device.
9. Apparatus as claimed in claim 1, wherein the disabling means includes logic switch means for preventing the write command from reaching the controller.
10. A write protection circuit for use with a computer having a CPU, a memory, and controller means for the memory, the write protection circuit comprising means for disabling write commands to the controller means which are addressed to preselected portions of the memory, characterised in that the write protection circuit is adapted to be connected between the CPU and the controller means.
11. A write protection circuit as claimed in claim 10, comprising decoding means for reading the address of any write command from the CPU to the controller of the memory; comparator means for comparing the write address with stored address(es) corresponding to portion(s) of the memory intended to be write protected; and disabling means responsive to the output of the comparator means for disabling write commands addressed to the stored address(es).
12. A write protection circuit as claimed in claim 10 further comprising means for disabling format commands.
13. A method of preventing unwanted writing of data to selected portion(s) of a memory device of a computer having a CPU and a controller for the memory device, comprising the steps of (a) selecting the portion(s) of the memory device to which data is not intended to be written and storing the address(es) of the portion(s), (b) reading the address of any write command from the CPU to the controller,
(c) comparing the write address with the stored address(es) of the preselected portion(s), and (d) disabling those write commands having an address corresponding to the preselected portion(s), characterised in that steps (b)-(d) are performed by a write protection device connected between the CPU and the controller.
14. A method as claimed in claim 13 further comprising the steps of detecting and disabling a format command to the controller.
PCT/AU1992/000594 1991-11-05 1992-11-05 Computer memory protection WO1993009495A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP5508045A JPH07500935A (en) 1991-11-05 1992-11-05 computer memory protection
EP19920923327 EP0614553A4 (en) 1991-11-05 1992-11-05 Computer memory protection.

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AUPK929791 1991-11-05
AUPK9297 1991-11-05

Publications (1)

Publication Number Publication Date
WO1993009495A1 true WO1993009495A1 (en) 1993-05-13

Family

ID=3775801

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU1992/000594 WO1993009495A1 (en) 1991-11-05 1992-11-05 Computer memory protection

Country Status (4)

Country Link
EP (1) EP0614553A4 (en)
JP (1) JPH07500935A (en)
CA (1) CA2123001A1 (en)
WO (1) WO1993009495A1 (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996001446A1 (en) * 1994-07-01 1996-01-18 Ybm Technologies, Inc. Personal computer security system
EP0800135A1 (en) * 1996-03-13 1997-10-08 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
WO2001088724A2 (en) * 2000-05-18 2001-11-22 Igt Method and apparatus for inhibiting a selected ide command
GB2367386A (en) * 2000-05-11 2002-04-03 Time Computers Ltd Security system for a hard disk
WO2002027445A2 (en) * 2000-09-29 2002-04-04 Steven Bress Write protection for computer long-term memory devices
DE10239975A1 (en) * 2002-07-09 2004-01-22 Pütter, Paul Stefan, Dr. Fixed disk controller for a personal computer partitions a fixed disk into isolated areas, each assigned to a 'sub-personal computer' and fitted with its own operating system, programs and data
US6738879B2 (en) 2000-05-22 2004-05-18 Seagate Technology Llc Advanced technology attachment compatible disc drive write protection scheme
US7165137B2 (en) 2001-08-06 2007-01-16 Sandisk Corporation System and method for booting from a non-volatile application and file storage device
EP1751763A2 (en) * 2004-05-19 2007-02-14 L-3 Integrated Systems Company Systems and methods for write protection of non-volatile memory devices
WO2007104092A1 (en) * 2006-03-15 2007-09-20 Stargames Corporation Pty Limited A method and arrangement for providing write protection for a storage device
US7310726B2 (en) 2002-10-02 2007-12-18 Sandisk Corporation Booting from non-linear memory
EP1926037A1 (en) * 2006-11-27 2008-05-28 Research In Motion Limited System and Method for Controlling Access to a Memory Device of an Electronic Device
US7730253B2 (en) * 2006-11-27 2010-06-01 Research In Motion Limited System and method for controlling access to a memory device of an electronic device
EP2299380A1 (en) * 2005-09-09 2011-03-23 Fujitsu Technology Solutions Intellectual Property GmbH Computer with at least one connection for a removable storage medium and method of starting and operating of a computer with a removable storage medium
CN101996671A (en) * 2010-11-25 2011-03-30 深圳市研祥通讯终端技术有限公司 Disc protection method, apparatus and device
US8090904B2 (en) 2008-02-01 2012-01-03 Cru Acquisition Group, Llc Reduced hard-drive-capacity detection device
US8474021B2 (en) 2001-06-29 2013-06-25 Secure Systems Limited Security system and method for computers
CN112148201A (en) * 2019-06-26 2020-12-29 龙芯中科技术有限公司 Data writing method, device and storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1063589A1 (en) * 1999-06-25 2000-12-27 TELEFONAKTIEBOLAGET L M ERICSSON (publ) Device for processing data and corresponding method

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU4099589A (en) * 1988-08-31 1990-03-08 Rose, Anthony Morris Securing a computer against undesired write operations to or read operations from a mass storage device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3901457A1 (en) * 1989-01-19 1990-08-02 Strahlen Umweltforsch Gmbh METHOD FOR ADDRESS AREA MONITORING IN REAL-TIME DATA PROCESSING DEVICES
GB2230881A (en) * 1989-04-28 1990-10-31 Christopher William Cowsley Data storage protection
GB9003890D0 (en) * 1990-02-21 1990-04-18 Rodime Plc Method and apparatus for controlling access to and corruption of information in computer systems

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU4099589A (en) * 1988-08-31 1990-03-08 Rose, Anthony Morris Securing a computer against undesired write operations to or read operations from a mass storage device

Non-Patent Citations (8)

* Cited by examiner, † Cited by third party
Title
PATENT ABSTRACT OF JAPAN, P-1236, page 9; & JP,A,03 110 620 (TOSHIBA CORP) 10 May 1991 (10.05.91). *
PATENT ABSTRACT OF JAPAN, P-1309, page 108; & JP,A,03 252 838 (FUJITSU LTD) 12 November 1991 (12.11.91). *
PATENT ABSTRACT OF JAPAN, P-1313, page 37; & JP,A,03 259 359 (FUJITSU LTD) 19 November 1991 (19.11.91). *
PATENT ABSTRACT OF JAPAN, P-1429, page 35; & JP,A,04 167 038 (TOSHIBA CORP) 15 June 1992 (15.06.92). *
PATENT ABSTRACT OF JAPAN, P-504, page 112; & JP,A,61 112 236 (TOSHIBA CORP) 30 May 1986 (30.05.86). *
PATENT ABSTRACT OF JAPAN, P-786, page 139; & JP,A,63 163 943 (YAMATAKE HONEYWELL CO LTD) 7 July 1988 (07.07.88). *
PATENT ABSTRACT OF JAPAN, P-964, page 77; & JP,A,01 213 733 (FUJITSU LTD) 28 August 1989 (28.08.89). *
See also references of EP0614553A4 *

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1996001446A1 (en) * 1994-07-01 1996-01-18 Ybm Technologies, Inc. Personal computer security system
EP0800135A1 (en) * 1996-03-13 1997-10-08 Arendee Limited Method and apparatus for controlling access to and corruption of information in computer systems
US6092161A (en) * 1996-03-13 2000-07-18 Arendee Limited Method and apparatus for controlling access to and corruption of information in a computer
US6526488B1 (en) 1996-03-13 2003-02-25 Arendee Limited Computer systems
US6684309B2 (en) 1996-03-13 2004-01-27 Arendee Limited Method for controlling access to data by redirecting modifications of the data
GB2367386A (en) * 2000-05-11 2002-04-03 Time Computers Ltd Security system for a hard disk
WO2001088724A2 (en) * 2000-05-18 2001-11-22 Igt Method and apparatus for inhibiting a selected ide command
AU2001264712B2 (en) * 2000-05-18 2005-03-24 Igt Method and apparatus for inhibiting a selected IDE command
WO2001088724A3 (en) * 2000-05-18 2003-08-28 Igt Reno Nev Method and apparatus for inhibiting a selected ide command
US6629184B1 (en) 2000-05-18 2003-09-30 Igt Method and apparatus for inhibiting a selected IDE command
US6823419B2 (en) 2000-05-18 2004-11-23 Igt Method and apparatus for inhibiting a selected IDE command
US6738879B2 (en) 2000-05-22 2004-05-18 Seagate Technology Llc Advanced technology attachment compatible disc drive write protection scheme
WO2002027445A3 (en) * 2000-09-29 2003-06-19 Steven Bress Write protection for computer long-term memory devices
WO2002027445A2 (en) * 2000-09-29 2002-04-04 Steven Bress Write protection for computer long-term memory devices
US6813682B2 (en) 2000-09-29 2004-11-02 Steven Bress Write protection for computer long-term memory devices
US8474021B2 (en) 2001-06-29 2013-06-25 Secure Systems Limited Security system and method for computers
US7454557B2 (en) 2001-08-06 2008-11-18 Sandisk Corporation System and method for booting from a non-volatile application and file storage device
US7165137B2 (en) 2001-08-06 2007-01-16 Sandisk Corporation System and method for booting from a non-volatile application and file storage device
DE10239975A1 (en) * 2002-07-09 2004-01-22 Pütter, Paul Stefan, Dr. Fixed disk controller for a personal computer partitions a fixed disk into isolated areas, each assigned to a 'sub-personal computer' and fitted with its own operating system, programs and data
US7310726B2 (en) 2002-10-02 2007-12-18 Sandisk Corporation Booting from non-linear memory
EP1751763A2 (en) * 2004-05-19 2007-02-14 L-3 Integrated Systems Company Systems and methods for write protection of non-volatile memory devices
EP1751763A4 (en) * 2004-05-19 2009-08-12 L 3 Comm Integrated Sys Ltd Systems and methods for write protection of non-volatile memory devices
EP2299380A1 (en) * 2005-09-09 2011-03-23 Fujitsu Technology Solutions Intellectual Property GmbH Computer with at least one connection for a removable storage medium and method of starting and operating of a computer with a removable storage medium
WO2007104092A1 (en) * 2006-03-15 2007-09-20 Stargames Corporation Pty Limited A method and arrangement for providing write protection for a storage device
EP1926037A1 (en) * 2006-11-27 2008-05-28 Research In Motion Limited System and Method for Controlling Access to a Memory Device of an Electronic Device
US7730253B2 (en) * 2006-11-27 2010-06-01 Research In Motion Limited System and method for controlling access to a memory device of an electronic device
US8010762B2 (en) 2006-11-27 2011-08-30 Research In Motion Limited System and method for controlling access to a memory device of an electronic device
US8090904B2 (en) 2008-02-01 2012-01-03 Cru Acquisition Group, Llc Reduced hard-drive-capacity detection device
CN101996671A (en) * 2010-11-25 2011-03-30 深圳市研祥通讯终端技术有限公司 Disc protection method, apparatus and device
CN112148201A (en) * 2019-06-26 2020-12-29 龙芯中科技术有限公司 Data writing method, device and storage medium

Also Published As

Publication number Publication date
CA2123001A1 (en) 1993-05-13
EP0614553A4 (en) 1994-10-26
JPH07500935A (en) 1995-01-26
EP0614553A1 (en) 1994-09-14

Similar Documents

Publication Publication Date Title
WO1993009495A1 (en) Computer memory protection
US5144660A (en) Securing a computer against undesired write operations to or read operations from a mass storage device
CN107066311B (en) Kernel data access control method and system
US7665123B1 (en) Method and apparatus for detecting hidden rootkits
EP0815510B1 (en) Method for protecting executable software programs against infection by software viruses
US5396609A (en) Method of protecting programs and data in a computer against unauthorized access and modification by monitoring address regions
US5657473A (en) Method and apparatus for controlling access to and corruption of information in computer systems
US7636872B2 (en) Threat event-driven backup
US20040003321A1 (en) Initialization of protected system
US6016536A (en) Method for backing up the system files in a hard disk drive
WO2011076464A1 (en) Method and system for protecting an operating system against unauthorized modification
EP3627368B1 (en) Auxiliary memory having independent recovery area, and device applied with same
JPS58139400A (en) Data withdrawal prevention control mechanism
EP0436365B1 (en) Method and system for securing terminals
US6920566B2 (en) Secure system firmware by disabling read access to firmware ROM
CN109214204B (en) Data processing method and storage device
EP0560277A1 (en) Method and apparatus for controlling read and write of microcomputer hard disk
GB2231418A (en) Computer viruses
CN1053507C (en) Method and device for controlling read and write of hard disc in computer
AU2923392A (en) Computer memory protection
US20030131112A1 (en) Computer firewall system
EP2883185B1 (en) Apparatus and method for protection of stored data
JPS63317975A (en) Right protecting mechanism for magnetic disk device
CN116910768B (en) Attack defending method, system, device and medium
JPH09138733A (en) Protective system for magnetic disk device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AU CA JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FR GB GR IE IT LU MC NL SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2123001

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 1992923327

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1992923327

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1992923327

Country of ref document: EP