WO2001086388A1 - Method and system for protection of data input/output, storage and processing - Google Patents

Method and system for protection of data input/output, storage and processing Download PDF

Info

Publication number
WO2001086388A1
WO2001086388A1 PCT/RU2000/000325 RU0000325W WO0186388A1 WO 2001086388 A1 WO2001086388 A1 WO 2001086388A1 RU 0000325 W RU0000325 W RU 0000325W WO 0186388 A1 WO0186388 A1 WO 0186388A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
computer
regenerated
input
storage
Prior art date
Application number
PCT/RU2000/000325
Other languages
French (fr)
Inventor
Nikolay Alekseevich Kalashnikov
Nikolay Aleksandrovich Radtsig
Original Assignee
Zakrytoye Aktsionernoe Obschestvo 'mezhotraslevoyeyuridicheskoye Agentstvo Yurpromkonsalting'
Zakrytoye Aktsionernoye Obschestvo 'relkom-Alfa'
Nizovtsev, Jury Mikhailovich
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from RU2000111743/09A external-priority patent/RU2000111743A/en
Application filed by Zakrytoye Aktsionernoe Obschestvo 'mezhotraslevoyeyuridicheskoye Agentstvo Yurpromkonsalting', Zakrytoye Aktsionernoye Obschestvo 'relkom-Alfa', Nizovtsev, Jury Mikhailovich filed Critical Zakrytoye Aktsionernoe Obschestvo 'mezhotraslevoyeyuridicheskoye Agentstvo Yurpromkonsalting'
Priority to AU67435/00A priority Critical patent/AU6743500A/en
Publication of WO2001086388A1 publication Critical patent/WO2001086388A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Definitions

  • the present invention relates to computer technology and may be used for secure protection of stored and processed information and for protection from unauthorised access (UA) to information within a personal computer (PC) or within computer networks.
  • the invention may be utilised in practically any systems built on the PC basis.
  • a device which is a digital electronic computing machine (computer) comprising, in accordance with von Neumann's principles, a standard open (IBM- compatible) architecture including: an external information input/output device 1 , a central processor unit 2, storage 3.
  • IBM- compatible standard open
  • storage 3 which has the greatest memory capacity in modern computers is a hard disc drive (HDD) from which loading of operating system (OS) and application software is effected (Fig.1).
  • a program is input into the computer storage 3 from some external input/output device 1.
  • the central processor 2 controller reads the contents of a memory cell containing the first program command and organises its execution. This command may specify execution of arithmetic and/or logical operations, recording of their results into the storage 3 or data output to the external devices 1.
  • the central processor 2 controller automatically performs program instructions. It can exchange information with the working memory of storage 3 and with computer external devices. All results of the executed program must be output to the computer external devices, whereupon the computer transits to await signals from the external devices.
  • This method of computer functioning has the following disadvantages: due to the fact that according to any method of information input to the computer from the external devices 1 or from an external computer network, information, being immutable in the processes of computer operation in the form, for example, of control files, data libraries, etc., as well as a substantial portion of information being changed in the process of computer operation in the form of, for example, work files, local user sets, etc., remain in the computer storage 3 also upon completion of user work session.
  • all information which was input into storage 3 the most capacious element of which is the hard disc drive (HDD), undergoing with time some changes is nevertheless inseparably linked to the computer in question which would not function without it.
  • HDD hard disc drive
  • a device for protecting information contained in a PC which contains an external information carrier made in the form of non-volatile memory, and a microprocessor mounted on a common board connected to an interface of data exchange with the external information carrier, working storage and an interface of data exchange with the PC connected to the working storage /3/.
  • the above device also comprises a specialised microprocessor performing functions of a DES (Data Encryption Standard) algorithm cipherer.
  • the cipherer is coupled to the interface of data exchange with the PC and to the microprocessor which performs functions of device controller.
  • the working storage switches on the module with an open memory area accessible from the side of PC connected to the information exchange interface, and the module with a closed memory area having a stand-alone power source, this module being coupled to the microprocessor and inaccessible for PC.
  • a Smart Card type card may be used as an external information carrier, while the device itself is designed, in particular, to protect information Laptop (notebook) type computers.
  • the PC is provided with a read-only memory (ROM).
  • ROM read-only memory
  • the closed memory area of the protection device is loaded in the process of manufacture of the device itself.
  • the use in the device of only DES ciphering algorithm limits device functional capabilities and does not allow it to be used in one- and two-key cryptographic networks. Furthermore, this device, despite its complexity and high cost, does not provide the possibility of protecting information from unauthorised destruction or from breaking its integrity.
  • the closest prior art to the first embodiment for implementing the above method is the layout of a standard IBM-compatible computer 141 which comprises an external information input/output device such as a monitor and a keyboard, a central processor and a storage that may comprise working memory (SIMM), semipermanent memory (CMOS), fast memory (CACHE).
  • the general layout of this computer also includes a bus, permanent memory (BIOS) and hard disc drive (HDD). These devices are interconnected directly or through the bus using controllers, whereby all directions of data transmission, except the permanent memory from which a unidirectional data stream flows to the central processor, are bidirectional.
  • This computer arrangement under which fall layouts of virtually all personal computers, is used for input/output, storage and processing of information which was previously input to the computer and which is stored there with some alterations or additions on a permanent basis, a limit to which being the capacity of all types of memory, including also the hard disc drive (HHD).
  • HHD hard disc drive
  • a shortcoming of this device is in practical impossibility to employ it in the open access mode because information available therein, especially its part that is changeable during computer operation, is intended for a specific user and a strange user may confuse settings of the previous one, accidentally or intentionally erase or alter the existing information, to enter a virus into the computer, and so on.
  • IBM Netfinity The closest prior art to the second embodiment of the device operating in accordance with the proposed method, with the preferable application field for connecting to Internet, is a specialised computer connectable to Internet - IBM Netfinity /5/, comprising a system for equipment and software performance analysis with the possibility to correct errors and restore system performance.
  • This system is made as a special software, reiterative hardware redundancy.
  • a disadvantage of IBM Netfinity system is its complexity, high cost as well as insufficiently high reliability due to the fact that the use of restoration analysis and control systems based on software does not provide any guarantee of computer restoration during its glitch.
  • the basis of the present invention lies in the change in principles of information processing and storage on computer and associated functioning of computer as a device designed to implement a method.
  • the new solution is realised due to reorganisation of main information flows which are input and processed in the computer and due to establishing additional links and organising information flows.
  • the present invention is based on the concept of spatial division of information having functionally different purposes and removal of univocal links of information as a subject of use and protection, on one hand, and of hardware (personal computer, server, etc.) as a device for information processing and storage, on the other hand.
  • the proposed approach enables to actively use new external devices, various information closure algorithms, as well as identification and authentication modes which significantly broadens functional capabilities of the proposed invention.
  • the technical result of the invention is achieved by the fact that the method for information input/output, storage and processing consisting in inputting information in the form of computer programs to computer from an external information input/output device, reading out by the central processor information contained in a storage device, performing by the central processor commands built-in into the programs, and outputting the information to the computer external devices, previously divides all input information into changeable information including at least individual software settings, changeable operating software files, user-edited programs, documents and texts, and into immutable information including at least the operating system and program archive files, thereupon records it and stores on non-regenerated information carriers, further sequentially inputs the divided information from the non-regenerated information carrier to the storage device or to the central processor, or to the external information input/output device, or inputs the divided information from the non-regenerated information carrier to any two of the above three computer blocks, or inputs the divided information from the non- regenerated information carrier to all three of the above computer blocks, whereby upon completion of the user computer work session, the storage retains only the
  • driver libraries for all computer devices allowing to start the computer after its reconfiguring are written on non-regenerated information carriers. Further, information is recorded and stored on non-regenerated information carriers which has passed cryptographic processing and is inaccessible for unauthorised readout and review.
  • files that are changeable in the process of user work with the computer and files that are immutable in the process of user work with the computer are divided by analysing the software and software product file structure, when preparing for recording to the non-regenerated information carrier, changeable and immutable files are placed in different directories, references are set in files which control the software, a command is written in the operating system load control file for copying the changeable files to the re-writable device during the first computer loading, and all the above information is recorded to the non-regenerated information carrier.
  • the information input/output, storage and processing device comprising the external information input/output device, a storage device containing working memory and several auxiliary storage devices with memory capacity commensurable with or less than the working memory, and a central processor interconnected via a bus or directly, includes an additional external device having a non-regenerated information carrier, whose output is connected by a unidirectional channel, via a bus or directly, respectively, to the information input/output external device, storage device and the central processor.
  • the information input/output, storage and processing device comprising the information input/output external device, the storage device and the central processor interconnected directly or through a bus, includes an additional external device having a non-regenerated information carrier whose output is connected by a unidirectional channel, via a bus or directly, respectively, to information input/output device, the storage device or central processor, the information input/output, storage and processing device also includes a microprocessor having a controllable relay, said microprocessor being connected to a computer serial port and a control relay being connected to a computer restart circuit including an additional device with a non-regenerated information carrier.
  • an optical system device which reads information recorded on a compact disc, such as CD-ROM, DVD, is used as an additional external device with a non-regenerated information carrier.
  • a device comprising flash cards as non-regenerated information carriers is used as an additional external device with a non-regenerated information carrier.
  • the basis of the proposed invention is formed by the concept of information spatial division and removal of univocal link between information as the subject of utilisation and protection, on one hand, and the hardware (personal computer, server, etc.) of information processing and storage mechanism, on the other hand.
  • This essentially, constitutes the main difference of functioning principles of the proposed computer system from functioning of a computer according to von Neumann's principles, i.e. introduction, in addition to the computer classical design, of a unidirectional circuit with divided information which may be entered into the computer during loading, while upon completion of user computer work session, the computer memory can retain only the regenerated or re-writable information, or information may be completely removed from the memory.
  • the proposed method implements complete separation of all information from the computer, as an operating terminal, with its physical transfer to individual, so-called non-regenerated, information carriers.
  • all information including the operating system and work files is available in the computer only during the work session of a particular user.
  • the user extracts his private non-regenerated or non-rewritable information carrier, whereby the information is removed from the computer or remains in a form inaccessible for reading or changing by other users.
  • Information sources which may be, e.g., CD-R discs, DVD, flash cards, etc., have been called non-regenerated or non-rewritable because, under normal conditions, i.e.
  • the proposed approach allows to actively use new functional devices, various information closure algorithms as well as identification and authentication modes which significantly broadens functional capabilities of the proposed invention.
  • a novel method of computer system functioning which in brief may be called a Divided Information Computer System (DICS).
  • DIFS Divided Information Computer System
  • the proposed invention due to its algorithm and firmware solution, may be used to protect information and prevent unauthorised access to PCs (from simple to powerful stations), network servers and local area networks.
  • the invention may be used to protect information from any programs - viruses, hackers, displeased co-workers and other problems connected with the need to provide preservation and confidentiality of information on PCs.
  • Fig.1 shows the general block-diagram of computer functioning according to von Neumann's principles.
  • Figs.2 to 8 show block-diagrams of devices functioning according to the proposed method.
  • Fig.9 shows the principal layout of a device functioning according to the proposed method.
  • Fig.10 sows the principal layout of the first embodiment of the proposed device functioning, in particular, as an "open terminal".
  • Fig.11 shows the principal layout of the second embodiment of a device according to the proposed method which functions, in particular, as an Internet- connected system.
  • a device implementing the proposed method comprises: an information input/output external device 1 in the form of a monitor having a keyboard, a central processor 2, a storage device 3, an additional external device 4 containing a non- regenerated information carrier, interconnected via a bus 5 and devices for connecting to computer networks, modem (network card) 6 (Fig.9).
  • the additional external device 4 may comprise two assemblies connected to the computer, first designed to record analysed information divided into changeable and immutable to a non- regenerated information carrier, and second assembly for inputting information from the non-regenerated information carrier to any computer block(s) (see. Figs.2-8).
  • the first assembly of the additional external device 4 serving for recording the divided information on the non-regenerated carrier includes an optical system for recording and reading information from a compact disc, e.g. CD-R 7502-INT, which in conjunction with the computer, in standard complement, analyses, sorts files and records the divided information to the non-regenerated information carrier, in particular, compact disc (CD).
  • the second assembly of the additional external device 4 serving for inputting information to the computer from the non-regenerated information carrier is a standard CD-ROM, e.g. Panasonic 585, which comprises an optical system for reading information from compact discs, a detailed description of CD and CD-R is provided in the attached "User Instructions".
  • the device for implementing the proposed method operates as follows: previously, using the computer and the first assembly of additional external device 4 information is divided into changeable and immutable information by a method of logical analysis of software operation process and investigation of the used software (operating system) structure with subsequent recording. For this purpose, files are divided into changeable and immutable in the process of the user computer work. Further, ail the above information is recorded on the non-regenerated information carrier. This procedure may be performed both directly on the user's computer and on a completely different computer system or even in copying software at manufacturer facility /8/. Whereby the proposed method is built-in into the system innovations and design at the software and hardware level.
  • the changeable and immutable files are placed into different directories. References are appropriately set in files controlling the ' software.
  • the second assembly of the additional external device 4 operates as follows. After recording to the non-regenerated information carrier information, previously prepared and divided into changeable and immutable, this information is input stage by stages through an appropriate channel into any one of the computer blocks(s),. for example, into storage device 3 (Fig.5), via said block information is distributed among the remaining blocks according to its in-built algorithm. Whereby only changeable information is recorded to HDD (or another storage device 3 element), in particular, individual software settings, operating software changeable files, documents and program texts edited by the user, etc., i.e. only that information which, when particularly used non-regenerated information carrier is replaced, will be inaccessible for any other user. Thus, this computer system operates only in the case when, apart from the above changeable information, the individual non-regenerated information carrier is employed.
  • the user Upon completion of user computer working session, the user extracts the non- regenerated information carrier, in this particular case CD-R, thus removing at least all immutable portion of the information and leaving the place for work of another user on the same computer.
  • CD-R non-regenerated information carrier
  • the proposed method allows both at the first start-up and at every other next restart, to effect complete updating of re-writable information on the computer and to check good preservation and integrity of files change of which is not merely not required but harmful.
  • changeable information we mean software files and user texts that are being changed in the process of the user computer work, namely: software settings, time files of dynamic up-loading, documents and program texts edited by the user, etc.
  • immutable information we mean software files which are not changed in the process of the user computer work from installation time, namely: operating system, system libraries, source program texts, etc.
  • the following device may be provided as a specific example of the proposed computer system and its operation.
  • the computer system is made up from:
  • HDD hard disc drive
  • SIMM single-in-line memory module
  • CMOS single-permanent memory
  • BIOS permanent memory
  • CACHE fast memory
  • optical information input 4 including CD-master & CD-slave
  • CD-device e.g. CD-R 7502-INT.
  • Computer bus 5 via controller IDE1 , is connected to HDD, while both CD- devices 4 are connected via controller IDE2.
  • CD-master is placed into computer setup as a loading member for the operating system and CD-slave is used as a normal CD in modern computer standard complement. Given the fact that dividing and recording of the changeable and immutable information to the non-regenerated information carrier have been done previously, the said non-regenerated information carrier is installed into CD- master.
  • the operating system After the computer is on, using external information input/output device 1 , the operating system begins to be loaded from CD-master to the storage device 3, whereby central processor 2 executes commands written in autoexec.bat and config.sys, the last command, before loading the operating system, performs unpacking to HDD (or any other re-writable storage) all system setup and user setting files, whereby this procedure may be performed concurrently with complete removal of all information contained on HDD, wherein the computer is reset to the first loading mode.
  • HDD or any other re-writable storage
  • the first embodiment of the device preferably, for the "open terminal" comprises: external information input/output device in the form of a monitor and keyboard 1 , central processor 2, storage device 3 including working memory and several auxiliary devices having insignificant memory capacity, in particular, CMOS, CACHE, from which thus the most capacious memory storing device is excluded, i.e. HDD, an additional external device 4 containing a non-regenerated information carrier, BIOS 7, all interconnected through a bus 5 or directly interconnected as, for example, BIOS 7 and central processor 2 (Fig.10).
  • the proposed device may be connected to a regenerated or re-writable storage device 8 designed to store information that is being changed in the process of user work.
  • Additional external device 4 serving for inputting information from the non- regenerated information carrier to the computer is a standard CD-ROM, for example Panasonic 585, comprising an optical system for information readout from compact discs.
  • the device operates as follows.
  • the information is divided into changeable and immutable by the method of structural-logical analysis of the process of software operation and investigation of the software (operating system) used.
  • the files are divided into changeable and immutable in the process of user computer work.
  • all the previously divided information is recorded to the non-regenerated information carrier.
  • this procedure may be effected both directly on the user's computer and on the quite different computer system, or during software (6) copying at the manufacturer's facility.
  • the proposed technical solution is built-in into the system innovations and design at the software and hardware level.
  • the changeable and immutable files are placed to different directories. References are appropriately set in the files controlling the software. In computer loading from the non-regenerated carrier, information is supplied to the working memory.
  • the additional external device operates as follows. Upon recording to the non- regenerated carrier information, previously prepared and divided into changeable and immutable, using device 4 this information is stage by stage input, through an appropriate channel, into any one of the computer block(s), for example, into the storage device 3 (Fig.5). Through said block the information is distributed among the remaining blocks according to its in-built algorithm.
  • non-volatile storage device records only the changeable information, in particular, individual software settings, changeable operating software files, documents and program texts edited by the user and others, that is only that information which, when the particularly used non-regenerated information carrier is replaced, will be inaccessible for any other user.
  • this computer system operates only in the case when, apart from the above information, the individual non-regenerated information carrier is used.
  • the user After completion of the user computer work session, the user extracts the non- regenerated information carrier, in this case CD, thus removing at least all immutable information and leaving the place for work of another independent user on the same computer.
  • the non- regenerated information carrier in this case CD
  • the proposed device realises the possibility of using an "empty" computer and loading to it from the non-regenerated information carrier all software and allows both during first start-up and during every next restart to effect complete refreshing of rewritten information on the computer and to check good preservation and integrity of files change of which is not only not required but also harmful.
  • open terminal As a specific example of operation of the first device embodiment of the proposed computer system ("open terminal") it is possible to provide the following (Fig.10).
  • the computer system is made up from:
  • - storage device 3 which in the present case comprises SIMM, CMOS, CACHE and others, except hard disc drive HDD,
  • - optical information input device 4 having a non-regenerated information carrier including CD-ROM;
  • BIOS permanent memory
  • the computer bus is connected, via controller IDE2, to re-writable storage device 8, e.g. floppy disc and the like, and is connected to device 4 through controller IDE1.
  • CD- ROM is installed into the computer setup as a loading member for the operating system. Given the fact that dividing and recording the changeable and immutable information to the re-writable information carrier have been done earlier, the above non-regenerated information carrier, in this case compact disc CD, is installed into CD-ROM.
  • the operating system After the computer is switched on, the operating system begins to be loaded from CD-ROM to the working memory of storage device 3, whereby commands written in autoexec.bat and config.sys are executed, the last command before loading the operating system performs unpacking on the storage device 3 all system setup and user setting files.
  • the re-writable storage device 8 may be used to store information being changed in the process of user work.
  • This device allows to make the computer an open terminal on which different users may work having their own tasks and using individual software packages. With this solution, user-selected individual system setups are maintained and the problem of accidental and intentional destruction of other's information is removed since the device utilises renewable information carriers of great capacity tied to a particular user. In order to protect from unauthorised readout, information may be located on the carrier in a distributed-noisy form and the access to carrier review may be closed with a private password.
  • the second device embodiment intended for connection to Internet comprises: external information input/output device 1 in the form of a monitor with keyboard, central processor 2, storage device 3, additional external device 4 comprising a non-regenerated information carrier, a device for connection to computer networks - modem (network card) 6, BIOS 7, re-writable storage device 8 designed to store information being changed in the process of user work, a second additional external device 9 in the form of a programmed microprocessor with a control relay, wherein all these blocks may be interconnected directly, as BIOS with the central processor 2, or through bus 5.
  • Additional external device 4 which serves to input information to the computer from the non-regenerated information carrier (see Figs.2-8) is a standard CD-ROM, for example Panasonic 585, comprising an optical system for information readout from compact discs.
  • the second additional external device 9 which serves to check operating capability of functioning of all computer systems is a programmed microprocessor connected to the computer serial port with a control relay which is connected to a computer restart circuit including additional external device 4 which serves to input information to the computer from the non-regenerated information carrier.
  • the present device for connection to Internet operates as follows:
  • the additional external device 4 operates as follows. After recording to the non-regenerated carrier information previously divided into changeable and immutable, this information, using device 4, is stage by stage input through an appropriate channel into any one of computer blocks, for example, into storage device 3 (Fig.5). Through said block-the information is distributed among the remaining blocks, according to its built-in algorithm. In this case, the nonvolatile re-writable device 8 records only the changeable information which, when the specifically used non-regenerated information carrier is replaced, will be inaccessible for any other user. Thus, this computer system only operates in the case when, apart from said changeable information, an individual, non-regenerated information carrier is used.
  • the additional external device 4 provides a test for determining operating capability of the computer as a whole and of its individual parts, as well as for determining software proper functioning. As a result of the test, information is supplied to the computer serial port.
  • the second additional external device 9 analyses this received information and generates computer control commands. In the case a malfunction occurs or information has not been received from additional external device 4 to the serial port, the microprocessor of the second additional external device 9 generates a command to restart the computer (hardware restart) executed using a controllable relay (not shown in the figure).
  • the computer system consists of:
  • BIOS Basic Input/O System
  • BIOS - permanent memory
  • - second additional external device 9 including a XILINX-based microprocessor for testing computer control, as well as a standard electronic relay which controls a computer hardware restart circuit.
  • the computer bus via a controller, is connected to the re-writable storage device 8, for example a floppy disc and the like, and is connected to device 4 via an IDE2 controller.
  • CD-ROM is installed into computer setup as a loading member for the operating system. Given the fact that dividing and recording the changeable and immutable information to, the non-regenerated information carrier have been done earlier, said non-regenerated information carrier is installed into CD-ROM, in the present case, compact disc CD.
  • the operating system After switching on the computer, the operating system begins to be loaded from CD-ROM to the working memory of storage device 3, whereby commands written in autoexec.bat and config.sys are executed, the last command before loading the operating system performs unpacking on the storage device all system setup and user setting files.
  • the re-writable storage device 8 may be used to store information being changed in the process of user work. Further, an extended test program is started from the non-regenerated information carrier CD in the form of cyclic retry. Test results are translated to the computer serial port.
  • the microprocessor of the second additional external device 9 which is connected to the serial port analyses these data and, in the case a test failure or interruption of data receipt are detected, effects system restart.
  • the microprocessor diagnoses the trouble and generates a system recovery command.
  • the proposed method and the described devices enable to make on the basis of a PC operating under the control of the "simplest" OS the Windows 95 WEB server of a high degree of protection, inaccessible for aggressive actions of the most sophisticated hackers and, in addition, not requiring service of a highly professional network administrator. In this event, a user significantly saves on the software (Windows NT, Firewall at all) and on labour costs of the administrator.
  • the proposed method protects a company against adverse actions of its own displeased or former employees.
  • the proposed method and device allow to make on the basis of standard PC a Complex for Work with "Closed Information”.
  • the Complex consists of two functional parts:
  • the server contains all processed on-line information control, processing and storage system.
  • the terminal hall comprises the necessary amount of computer terminals (without HDD and disc drives) having only specialised interchangeable information carriers of great capacity (CD) "tied" to a particular user and having an individual access identifier.
  • Access to server resources is organised based on the principle of individual password and key located on the private CD of each user.
  • the user may work with documents but it is possible to make a printout or a copy to any information carrier (diskette, CD-disc, etc.). only through the office of the Regimen Department if appropriate permission is obtained. After work, the user deposits his private CD at the Regimen Department repository.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

Method for protecting information and for protecting from unauthorised access to information at individual computers and in computer networks. The method of information input/output, storage and processing consists in inputting information to a computer in the form of computer programs from an external information input/output device, reading by a central processor information contained within a storage device, executing by the central processor commands built-in into the programs, and outputting the information to computer external devices. All input information is previously divided into changeable and immutable information, then stored on non-regenerated information carriers, further the divided information is sequentially input from the non-regenerated information carrier to the storage device or central processor, or external information input/output device, whereby upon completion of the user computer work session, the computer storage device retains only re-writable information or all information is completely removed from the computer.

Description

METHOD AND SYSTEM FOR PROTECTION OF DATA INPUT/OUTPUT , STORAGE AND PROCESSING
The present invention relates to computer technology and may be used for secure protection of stored and processed information and for protection from unauthorised access (UA) to information within a personal computer (PC) or within computer networks. The invention may be utilised in practically any systems built on the PC basis.
Wide use of computer technology in various fields and development of local area and global computer networks imposes stringent requirements with respect to information storage and processing confidentiality, generates a need to use special means of information protection from unauthorised access. A great number of computer programs are known which are designed for information protection. One of the weak points in using the above computer programs is their low resistance to "crypto-yiruses" and "vandal-programs", while complex information protection systems, although rather expensive, still fail to provide 100% protection. A great number of software techniques for information protection from viruses and UA are known (see, e.g., 1), however all of them currently do not provide secure protection despite their complexity and, typically, high costs since they cannot prevent information destruction without disclosure of its contents.
The closest to the proposed method, by virtue of its versatility, is a general layout and method of operation of a personal computer functioning, principles of which were described by John von Neumann in 1945 "EDVAC Project" Report, USA, 1945) 121. According to these principles, the operating scheme of the personal computer may be described as follows: a device which is a digital electronic computing machine (computer) comprising, in accordance with von Neumann's principles, a standard open (IBM- compatible) architecture including: an external information input/output device 1 , a central processor unit 2, storage 3. Here the main element of storage 3 which has the greatest memory capacity in modern computers is a hard disc drive (HDD) from which loading of operating system (OS) and application software is effected (Fig.1).
Thus, at the start, a program is input into the computer storage 3 from some external input/output device 1. The central processor 2 controller reads the contents of a memory cell containing the first program command and organises its execution. This command may specify execution of arithmetic and/or logical operations, recording of their results into the storage 3 or data output to the external devices 1. The central processor 2 controller automatically performs program instructions. It can exchange information with the working memory of storage 3 and with computer external devices. All results of the executed program must be output to the computer external devices, whereupon the computer transits to await signals from the external devices.
This method of computer functioning has the following disadvantages: due to the fact that according to any method of information input to the computer from the external devices 1 or from an external computer network, information, being immutable in the processes of computer operation in the form, for example, of control files, data libraries, etc., as well as a substantial portion of information being changed in the process of computer operation in the form of, for example, work files, local user sets, etc., remain in the computer storage 3 also upon completion of user work session. In other words, actually, all information which was input into storage 3 the most capacious element of which is the hard disc drive (HDD), undergoing with time some changes, is nevertheless inseparably linked to the computer in question which would not function without it. A device for protecting information contained in a PC is known which contains an external information carrier made in the form of non-volatile memory, and a microprocessor mounted on a common board connected to an interface of data exchange with the external information carrier, working storage and an interface of data exchange with the PC connected to the working storage /3/.
The above device also comprises a specialised microprocessor performing functions of a DES (Data Encryption Standard) algorithm cipherer. The cipherer is coupled to the interface of data exchange with the PC and to the microprocessor which performs functions of device controller. The working storage switches on the module with an open memory area accessible from the side of PC connected to the information exchange interface, and the module with a closed memory area having a stand-alone power source, this module being coupled to the microprocessor and inaccessible for PC. A Smart Card type card may be used as an external information carrier, while the device itself is designed, in particular, to protect information Laptop (notebook) type computers. To provide operation of the protection device, the PC is provided with a read-only memory (ROM).The closed memory area of the protection device is loaded in the process of manufacture of the device itself. The use in the device of only DES ciphering algorithm limits device functional capabilities and does not allow it to be used in one- and two-key cryptographic networks. Furthermore, this device, despite its complexity and high cost, does not provide the possibility of protecting information from unauthorised destruction or from breaking its integrity.
The closest prior art to the first embodiment for implementing the above method ("open terminal") is the layout of a standard IBM-compatible computer 141 which comprises an external information input/output device such as a monitor and a keyboard, a central processor and a storage that may comprise working memory (SIMM), semipermanent memory (CMOS), fast memory (CACHE). The general layout of this computer also includes a bus, permanent memory (BIOS) and hard disc drive (HDD). These devices are interconnected directly or through the bus using controllers, whereby all directions of data transmission, except the permanent memory from which a unidirectional data stream flows to the central processor, are bidirectional. This computer arrangement, under which fall layouts of virtually all personal computers, is used for input/output, storage and processing of information which was previously input to the computer and which is stored there with some alterations or additions on a permanent basis, a limit to which being the capacity of all types of memory, including also the hard disc drive (HHD).
A shortcoming of this device is in practical impossibility to employ it in the open access mode because information available therein, especially its part that is changeable during computer operation, is intended for a specific user and a strange user may confuse settings of the previous one, accidentally or intentionally erase or alter the existing information, to enter a virus into the computer, and so on.
In addition, in such type of computers constructed according to von Neumann's principles, where the storage, or main information storage units (HDD, and RAID-arrays built on their basis) are directly connected in the computer device and are linked by bidirectional information transfer links with other main computer units, significant, and mostly almost all, information is constantly within the computer in appropriate memory units and may, in a number of cases, be subjected to undesirable changes, up to erasure or mere theft which may occur unnoticed by the information owner.
The closest prior art to the second embodiment of the device operating in accordance with the proposed method, with the preferable application field for connecting to Internet, is a specialised computer connectable to Internet - IBM Netfinity /5/, comprising a system for equipment and software performance analysis with the possibility to correct errors and restore system performance. This system is made as a special software, reiterative hardware redundancy. A disadvantage of IBM Netfinity system is its complexity, high cost as well as insufficiently high reliability due to the fact that the use of restoration analysis and control systems based on software does not provide any guarantee of computer restoration during its glitch.
It follows from the foregoing that practically all personal computers are subject to the action of viruses, "vandal-programs", lost or unauthorised alteration of information in them as a result of unauthorised penetration into the computer of alien programs or users (e.g. hackers). In addition, standard computers operating according to von Neumann's principles in virtue of constant information availability in them that is suitable for some people and redundant for others, cannot be freely used as open terminals due to which effectiveness of use of these computers is reduced and, given rapid moral ageing of computer equipment, computer updating is accompanied by continuous additional financial losses in connection with a low utilisation rate of each computer.
Currently, main services actually focus on increasing computer speed. And it appears that the problem of optimising technology and algorithm of information input/output, storage and processing and related issues of information integrity and preservation backs off to the background. The practice of long-standing computer operation has shown that all software tricks used to ensure information integrity and preservation result in complicating the work with computer and in significant additional costs, while fail to solve the problem (ensuring information integrity and good preservation). Moreover, malfunctions in computer operation caused by accidental, unintentional or wilful actions may result in corruption, partial and even complete loss of important information. Such are, in general, the drawbacks of the classical principle of computer construction and operation.
The basis of the present invention lies in the change in principles of information processing and storage on computer and associated functioning of computer as a device designed to implement a method. The new solution is realised due to reorganisation of main information flows which are input and processed in the computer and due to establishing additional links and organising information flows.
As a result, computer functional capabilities broaden and the problems of information integrity and preservation are solved with maximum efficiency.
The present invention is based on the concept of spatial division of information having functionally different purposes and removal of univocal links of information as a subject of use and protection, on one hand, and of hardware (personal computer, server, etc.) as a device for information processing and storage, on the other hand. The proposed approach enables to actively use new external devices, various information closure algorithms, as well as identification and authentication modes which significantly broadens functional capabilities of the proposed invention.
The technical result of the invention is achieved by the fact that the method for information input/output, storage and processing consisting in inputting information in the form of computer programs to computer from an external information input/output device, reading out by the central processor information contained in a storage device, performing by the central processor commands built-in into the programs, and outputting the information to the computer external devices, previously divides all input information into changeable information including at least individual software settings, changeable operating software files, user-edited programs, documents and texts, and into immutable information including at least the operating system and program archive files, thereupon records it and stores on non-regenerated information carriers, further sequentially inputs the divided information from the non-regenerated information carrier to the storage device or to the central processor, or to the external information input/output device, or inputs the divided information from the non-regenerated information carrier to any two of the above three computer blocks, or inputs the divided information from the non- regenerated information carrier to all three of the above computer blocks, whereby upon completion of the user computer work session, the storage retains only the changeable information or all information is completely removed from the computer.
Further, at the first start-up of the computer, as well as at every restart, if required, complete refreshing if information regenerated on the computer is effected. .
Further, driver libraries for all computer devices allowing to start the computer after its reconfiguring are written on non-regenerated information carriers. Further, information is recorded and stored on non-regenerated information carriers which has passed cryptographic processing and is inaccessible for unauthorised readout and review.
In addition, for further input to the computer, files that are changeable in the process of user work with the computer and files that are immutable in the process of user work with the computer are divided by analysing the software and software product file structure, when preparing for recording to the non-regenerated information carrier, changeable and immutable files are placed in different directories, references are set in files which control the software, a command is written in the operating system load control file for copying the changeable files to the re-writable device during the first computer loading, and all the above information is recorded to the non-regenerated information carrier.
The technical result is also achieved by the fact that the information input/output, storage and processing device comprising the external information input/output device, a storage device containing working memory and several auxiliary storage devices with memory capacity commensurable with or less than the working memory, and a central processor interconnected via a bus or directly, includes an additional external device having a non-regenerated information carrier, whose output is connected by a unidirectional channel, via a bus or directly, respectively, to the information input/output external device, storage device and the central processor.
The technical result is also achieved by the fact that the information input/output, storage and processing device comprising the information input/output external device, the storage device and the central processor interconnected directly or through a bus, includes an additional external device having a non-regenerated information carrier whose output is connected by a unidirectional channel, via a bus or directly, respectively, to information input/output device, the storage device or central processor, the information input/output, storage and processing device also includes a microprocessor having a controllable relay, said microprocessor being connected to a computer serial port and a control relay being connected to a computer restart circuit including an additional device with a non-regenerated information carrier.
In addition, an optical system device which reads information recorded on a compact disc, such as CD-ROM, DVD, is used as an additional external device with a non-regenerated information carrier.
Further, a device comprising flash cards as non-regenerated information carriers is used as an additional external device with a non-regenerated information carrier.
The basis of the proposed invention is formed by the concept of information spatial division and removal of univocal link between information as the subject of utilisation and protection, on one hand, and the hardware (personal computer, server, etc.) of information processing and storage mechanism, on the other hand. This, essentially, constitutes the main difference of functioning principles of the proposed computer system from functioning of a computer according to von Neumann's principles, i.e. introduction, in addition to the computer classical design, of a unidirectional circuit with divided information which may be entered into the computer during loading, while upon completion of user computer work session, the computer memory can retain only the regenerated or re-writable information, or information may be completely removed from the memory. In other words, the proposed method implements complete separation of all information from the computer, as an operating terminal, with its physical transfer to individual, so-called non-regenerated, information carriers. Thus, all information including the operating system and work files is available in the computer only during the work session of a particular user. Upon completion of the work session, the user extracts his private non-regenerated or non-rewritable information carrier, whereby the information is removed from the computer or remains in a form inaccessible for reading or changing by other users. Information sources, which may be, e.g., CD-R discs, DVD, flash cards, etc., have been called non-regenerated or non-rewritable because, under normal conditions, i.e. in the absence of special devices or writing operation modes, these carriers become protected from recording at the physical level, although, in principle, recording to the carriers is possible, but under special conditions and subject to availability of necessary additional devices. All this signifies the emergence of usual principles of computer system functioning with a number of advantages.
In particular, the proposed approach allows to actively use new functional devices, various information closure algorithms as well as identification and authentication modes which significantly broadens functional capabilities of the proposed invention. Thus, one may ascertain the emergence of a novel method of computer system functioning which in brief may be called a Divided Information Computer System (DICS).
On the whole, the proposed invention, due to its algorithm and firmware solution, may be used to protect information and prevent unauthorised access to PCs (from simple to powerful stations), network servers and local area networks.- The invention may be used to protect information from any programs - viruses, hackers, displeased co-workers and other problems connected with the need to provide preservation and confidentiality of information on PCs.
Fig.1 shows the general block-diagram of computer functioning according to von Neumann's principles.
Figs.2 to 8 show block-diagrams of devices functioning according to the proposed method.
Fig.9 shows the principal layout of a device functioning according to the proposed method.
Fig.10 sows the principal layout of the first embodiment of the proposed device functioning, in particular, as an "open terminal".
Fig.11 shows the principal layout of the second embodiment of a device according to the proposed method which functions, in particular, as an Internet- connected system.
In all figures arrows show control and information links.
A device implementing the proposed method comprises: an information input/output external device 1 in the form of a monitor having a keyboard, a central processor 2, a storage device 3, an additional external device 4 containing a non- regenerated information carrier, interconnected via a bus 5 and devices for connecting to computer networks, modem (network card) 6 (Fig.9). Typically, the additional external device 4 may comprise two assemblies connected to the computer, first designed to record analysed information divided into changeable and immutable to a non- regenerated information carrier, and second assembly for inputting information from the non-regenerated information carrier to any computer block(s) (see. Figs.2-8). The first assembly of the additional external device 4 serving for recording the divided information on the non-regenerated carrier includes an optical system for recording and reading information from a compact disc, e.g. CD-R 7502-INT, which in conjunction with the computer, in standard complement, analyses, sorts files and records the divided information to the non-regenerated information carrier, in particular, compact disc (CD). The second assembly of the additional external device 4 serving for inputting information to the computer from the non-regenerated information carrier is a standard CD-ROM, e.g. Panasonic 585, which comprises an optical system for reading information from compact discs, a detailed description of CD and CD-R is provided in the attached "User Instructions".
The device for implementing the proposed method operates as follows: previously, using the computer and the first assembly of additional external device 4 information is divided into changeable and immutable information by a method of logical analysis of software operation process and investigation of the used software (operating system) structure with subsequent recording. For this purpose, files are divided into changeable and immutable in the process of the user computer work. Further, ail the above information is recorded on the non-regenerated information carrier. This procedure may be performed both directly on the user's computer and on a completely different computer system or even in copying software at manufacturer facility /8/. Whereby the proposed method is built-in into the system ideology and design at the software and hardware level.
When preparing for recording to the compact disc, the changeable and immutable files are placed into different directories. References are appropriately set in files controlling the ' software. A command for copying the changeable files to re-writable device, e.g. HDD, is written in the operating system load control file at the first loading.
The second assembly of the additional external device 4 operates as follows. After recording to the non-regenerated information carrier information, previously prepared and divided into changeable and immutable, this information is input stage by stages through an appropriate channel into any one of the computer blocks(s),. for example, into storage device 3 (Fig.5), via said block information is distributed among the remaining blocks according to its in-built algorithm. Whereby only changeable information is recorded to HDD (or another storage device 3 element), in particular, individual software settings, operating software changeable files, documents and program texts edited by the user, etc., i.e. only that information which, when particularly used non-regenerated information carrier is replaced, will be inaccessible for any other user. Thus, this computer system operates only in the case when, apart from the above changeable information, the individual non-regenerated information carrier is employed.
Upon completion of user computer working session, the user extracts the non- regenerated information carrier, in this particular case CD-R, thus removing at least all immutable portion of the information and leaving the place for work of another user on the same computer.
The proposed method, the gist of which amounts to the use of an "empty" computer and loading to it from the non-regenerated information carrier all software, allows both at the first start-up and at every other next restart, to effect complete updating of re-writable information on the computer and to check good preservation and integrity of files change of which is not merely not required but harmful.
By changeable information we mean software files and user texts that are being changed in the process of the user computer work, namely: software settings, time files of dynamic up-loading, documents and program texts edited by the user, etc.
By immutable information we mean software files which are not changed in the process of the user computer work from installation time, namely: operating system, system libraries, source program texts, etc.
The following device (Fig.9) may be provided as a specific example of the proposed computer system and its operation. The computer system is made up from:
- external information input/output device if the form of a monitor having a keyboard 1 ,
- central processor 2,
- storage device 3 including all types of memory used in the computer, including HDD (hard disc drive), SIMM (single-in-line memory module), CMOS (semi-permanent memory), BIOS (permanent memory), CACHE (fast memory), etc.,
- additional external device with optical information input 4 including CD-master & CD-slave,
- bus 5,
- network board (modem) 6.
Information is previously divided on the computer being used, as discussed above, and the divided information is recorded on the recording CD-device, e.g. CD-R 7502-INT. Computer bus 5, via controller IDE1 , is connected to HDD, while both CD- devices 4 are connected via controller IDE2. CD-master is placed into computer setup as a loading member for the operating system and CD-slave is used as a normal CD in modern computer standard complement. Given the fact that dividing and recording of the changeable and immutable information to the non-regenerated information carrier have been done previously, the said non-regenerated information carrier is installed into CD- master.
After the computer is on, using external information input/output device 1 , the operating system begins to be loaded from CD-master to the storage device 3, whereby central processor 2 executes commands written in autoexec.bat and config.sys, the last command, before loading the operating system, performs unpacking to HDD (or any other re-writable storage) all system setup and user setting files, whereby this procedure may be performed concurrently with complete removal of all information contained on HDD, wherein the computer is reset to the first loading mode.
The first embodiment of the device, preferably, for the "open terminal", comprises: external information input/output device in the form of a monitor and keyboard 1 , central processor 2, storage device 3 including working memory and several auxiliary devices having insignificant memory capacity, in particular, CMOS, CACHE, from which thus the most capacious memory storing device is excluded, i.e. HDD, an additional external device 4 containing a non-regenerated information carrier, BIOS 7, all interconnected through a bus 5 or directly interconnected as, for example, BIOS 7 and central processor 2 (Fig.10). The proposed device may be connected to a regenerated or re-writable storage device 8 designed to store information that is being changed in the process of user work.
Additional external device 4 serving for inputting information from the non- regenerated information carrier to the computer (Figs.2-8) is a standard CD-ROM, for example Panasonic 585, comprising an optical system for information readout from compact discs.
The device operates as follows.
Previously, the information is divided into changeable and immutable by the method of structural-logical analysis of the process of software operation and investigation of the software (operating system) used. For this purpose, the files are divided into changeable and immutable in the process of user computer work. Further, all the previously divided information is recorded to the non-regenerated information carrier. As in the previous case, this procedure may be effected both directly on the user's computer and on the quite different computer system, or during software (6) copying at the manufacturer's facility. Whereby the proposed technical solution is built-in into the system ideology and design at the software and hardware level. When preparing to recording to the compact disc, the changeable and immutable files are placed to different directories. References are appropriately set in the files controlling the software. In computer loading from the non-regenerated carrier, information is supplied to the working memory.
The additional external device operates as follows. Upon recording to the non- regenerated carrier information, previously prepared and divided into changeable and immutable, using device 4 this information is stage by stage input, through an appropriate channel, into any one of the computer block(s), for example, into the storage device 3 (Fig.5). Through said block the information is distributed among the remaining blocks according to its in-built algorithm.
Here non-volatile storage device records only the changeable information, in particular, individual software settings, changeable operating software files, documents and program texts edited by the user and others, that is only that information which, when the particularly used non-regenerated information carrier is replaced, will be inaccessible for any other user. Thus, this computer system operates only in the case when, apart from the above information, the individual non-regenerated information carrier is used.
After completion of the user computer work session, the user extracts the non- regenerated information carrier, in this case CD, thus removing at least all immutable information and leaving the place for work of another independent user on the same computer.
The proposed device realises the possibility of using an "empty" computer and loading to it from the non-regenerated information carrier all software and allows both during first start-up and during every next restart to effect complete refreshing of rewritten information on the computer and to check good preservation and integrity of files change of which is not only not required but also harmful. As a specific example of operation of the first device embodiment of the proposed computer system ("open terminal") it is possible to provide the following (Fig.10). The computer system is made up from:
- external input/output device in the form of a monitor and keyboard 1 ,
- central processor 2,
- storage device 3 which in the present case comprises SIMM, CMOS, CACHE and others, except hard disc drive HDD,
- optical information input device 4 having a non-regenerated information carrier including CD-ROM;
- bus 5;
- permanent memory (BIOS) 7;
- re-writable storage device 8.
The computer bus is connected, via controller IDE2, to re-writable storage device 8, e.g. floppy disc and the like, and is connected to device 4 through controller IDE1. CD- ROM is installed into the computer setup as a loading member for the operating system. Given the fact that dividing and recording the changeable and immutable information to the re-writable information carrier have been done earlier, the above non-regenerated information carrier, in this case compact disc CD, is installed into CD-ROM.
After the computer is switched on, the operating system begins to be loaded from CD-ROM to the working memory of storage device 3, whereby commands written in autoexec.bat and config.sys are executed, the last command before loading the operating system performs unpacking on the storage device 3 all system setup and user setting files. The re-writable storage device 8 may be used to store information being changed in the process of user work.
This device allows to make the computer an open terminal on which different users may work having their own tasks and using individual software packages. With this solution, user-selected individual system setups are maintained and the problem of accidental and intentional destruction of other's information is removed since the device utilises renewable information carriers of great capacity tied to a particular user. In order to protect from unauthorised readout, information may be located on the carrier in a distributed-noisy form and the access to carrier review may be closed with a private password.
The second device embodiment intended for connection to Internet (Fig.11) comprises: external information input/output device 1 in the form of a monitor with keyboard, central processor 2, storage device 3, additional external device 4 comprising a non-regenerated information carrier, a device for connection to computer networks - modem (network card) 6, BIOS 7, re-writable storage device 8 designed to store information being changed in the process of user work, a second additional external device 9 in the form of a programmed microprocessor with a control relay, wherein all these blocks may be interconnected directly, as BIOS with the central processor 2, or through bus 5.
Additional external device 4 which serves to input information to the computer from the non-regenerated information carrier (see Figs.2-8) is a standard CD-ROM, for example Panasonic 585, comprising an optical system for information readout from compact discs. The second additional external device 9 which serves to check operating capability of functioning of all computer systems is a programmed microprocessor connected to the computer serial port with a control relay which is connected to a computer restart circuit including additional external device 4 which serves to input information to the computer from the non-regenerated information carrier.
The present device for connection to Internet operates as follows:
First, information is divided into changeable and immutable precisely as described with respect to the first embodiment of the device. The additional external device 4 operates as follows. After recording to the non-regenerated carrier information previously divided into changeable and immutable, this information, using device 4, is stage by stage input through an appropriate channel into any one of computer blocks, for example, into storage device 3 (Fig.5). Through said block-the information is distributed among the remaining blocks, according to its built-in algorithm. In this case, the nonvolatile re-writable device 8 records only the changeable information which, when the specifically used non-regenerated information carrier is replaced, will be inaccessible for any other user. Thus, this computer system only operates in the case when, apart from said changeable information, an individual, non-regenerated information carrier is used. The additional external device 4 provides a test for determining operating capability of the computer as a whole and of its individual parts, as well as for determining software proper functioning. As a result of the test, information is supplied to the computer serial port. The second additional external device 9 analyses this received information and generates computer control commands. In the case a malfunction occurs or information has not been received from additional external device 4 to the serial port, the microprocessor of the second additional external device 9 generates a command to restart the computer (hardware restart) executed using a controllable relay (not shown in the figure).
A specific example of the embodiment of the device for connection to Internet.
The computer system consists of:
- external input output device in the form of a monitor and keyboard 1 ,
- central processor 2,
- storage device 3 including all types of memory to be used in a computer, except BIOS,
- optical information input device having a non-regenerated information carrier 4
including CD-ROM, - bus 5,
- modem 6,
- permanent memory (BIOS) 7,
- re-writable storage device 8,
- second additional external device 9, including a XILINX-based microprocessor for testing computer control, as well as a standard electronic relay which controls a computer hardware restart circuit. The computer bus, via a controller, is connected to the re-writable storage device 8, for example a floppy disc and the like, and is connected to device 4 via an IDE2 controller. CD-ROM is installed into computer setup as a loading member for the operating system. Given the fact that dividing and recording the changeable and immutable information to, the non-regenerated information carrier have been done earlier, said non-regenerated information carrier is installed into CD-ROM, in the present case, compact disc CD.
After switching on the computer, the operating system begins to be loaded from CD-ROM to the working memory of storage device 3, whereby commands written in autoexec.bat and config.sys are executed, the last command before loading the operating system performs unpacking on the storage device all system setup and user setting files. The re-writable storage device 8 may be used to store information being changed in the process of user work. Further, an extended test program is started from the non-regenerated information carrier CD in the form of cyclic retry. Test results are translated to the computer serial port. The microprocessor of the second additional external device 9 which is connected to the serial port analyses these data and, in the case a test failure or interruption of data receipt are detected, effects system restart. In particular, in the case of the server inbreak and data destruction, or system glitch, the microprocessor, based on the test data, diagnoses the trouble and generates a system recovery command. The proposed method and the described devices enable to make on the basis of a PC operating under the control of the "simplest" OS the Windows 95 WEB server of a high degree of protection, inaccessible for aggressive actions of the most sophisticated hackers and, in addition, not requiring service of a highly professional network administrator. In this event, a user significantly saves on the software (Windows NT, Firewall at all) and on labour costs of the administrator. In addition, the proposed method protects a company against adverse actions of its own displeased or former employees.
The proposed method and device allow to make on the basis of standard PC a Complex for Work with "Closed Information".
The Complex consists of two functional parts:
1. Regimen Department server
2. Terminal hall
The server contains all processed on-line information control, processing and storage system.
The terminal hall comprises the necessary amount of computer terminals (without HDD and disc drives) having only specialised interchangeable information carriers of great capacity (CD) "tied" to a particular user and having an individual access identifier. Access to server resources is organised based on the principle of individual password and key located on the private CD of each user. The user may work with documents but it is possible to make a printout or a copy to any information carrier (diskette, CD-disc, etc.). only through the office of the Regimen Department if appropriate permission is obtained. After work, the user deposits his private CD at the Regimen Department repository.
List of literature:
1. European patent EP 0752663. 2. John von Neumann. First Draft of a Report on the EDVAC (USA, Princeton University, 1945).
3. European patent 0753816.
4. R. White. How Computer Works. Ziff-Davis Press, 1993.
5. S.R.Lelii, PC Week, April, 13, 2000.
6. E.Holsinger, R.Farrance. The Fastest Drives Alive. PC World. 1997, June, p.143.

Claims

1. A method of information input/output, storage and processing comprising inputting information in the form of computer programs to a computer from an external information input/output device, readout by a central processor of information contained within a storage device, executing by said central processor commands which are built-in into the programs, and outputting the information to an external computer device, characterised in that all input information is previously divided into changeable information including at least individual software setups, changeable working software files, documents and program texts edited by a user, and into immutable information including at least the operating system and archive program files, then recording and storing on non-regenerated information carriers, further the divided information is sequentially input from said non-regenerated information carrier to the storage device or central processor, or external information input/output device, or the divided information is input from said non-regenerated information carrier to any two of said three computer blocks, or the divided information is fed from said non-regenerated information carrier to all three of said computer blocks, wherein upon completion of the user computer work session, the computer storage device retains only the changeable information, or all information is completely removed from the computer.
2. A method according to claim 1 , characterised in that during the first computer start-up, as well as during every restart, complete refreshing of information being rewritten on the computer is effected.
3. A method according to claim 1 , characterised in that driver libraries of all computer devices are recorded to said non-regenerated interchangeable information carriers, which libraries allow to start the computer after its reconfiguration.
4. A method according to claim 1 or claim 3, characterised in that information is recorded to and stored on said non-regenerated information carriers, said information having passed cryptographic processing and being inaccessible to unauthorised reading and review.
5. A method according to claim 1 , characterised in that for subsequent input into the computer, files changeable in the process of user computer work and files immutable in the process of user computer work are divided by software analysis and software product investigation, when preparing to recording on said non-regenerated information carrier, said changeable and immutable files are placed into different directories, references are set in software control files, a command for copying the changeable files to a re-writable device is written in the operating system load control file during the first computer loading, and all said information is recorded to said non-regenerated information carrier.
6. An information input/output, storage and processing device, comprising an external information input/output device, a storage device including working memory and several auxiliary storage devices having memory capacity commensurable with or less than the working memory, and a central processor interconnected through a bus or directly, characterised in that said device contains an additional external device having a non-regenerated information carrier whose output is connected by a unidirectional channel through the bus or directly, respectively, to the external information input/output device, storage device and central processor.
7. An information input/output, storage and processing device, comprising an external information input/output device, a storage device and a central processor interconnected through a bus or directly, characterised in that said device contains an additional external device having a non-regenerated information carrier whose output is connected by a unidirectional channel through the bus, respectively, to said external information input/output device, storage device and central processor, it also contains a microprocessor with a control relay, said microprocessor being connected to the computer serial port, said control relay being connected to a computer restart circuit including said additional external device having the non-regenerated information carrier.
8. A device according to claim 6 or claim 7, characterised in that a device with an optical system for reading information recorded on compact discs, for example CD-ROM, DVD, is used as said additional external device having the non-regenerated information carrier.
9. A device according to claim 6 or claim 7, characterised in that a device comprising a flash card is used as said additional external device having the non- regenerated information carrier.
PCT/RU2000/000325 2000-05-12 2000-08-08 Method and system for protection of data input/output, storage and processing WO2001086388A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU67435/00A AU6743500A (en) 2000-05-12 2000-08-08 Method and system for protection of data input/output, storage and processing

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
RU2000111743 2000-05-12
RU2000111743/09A RU2000111743A (en) 2000-05-12 METHOD OF INPUT-OUTPUT, STORAGE AND PROCESSING OF INFORMATION AND DEVICE FOR ITS IMPLEMENTATION

Publications (1)

Publication Number Publication Date
WO2001086388A1 true WO2001086388A1 (en) 2001-11-15

Family

ID=20234465

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/RU2000/000325 WO2001086388A1 (en) 2000-05-12 2000-08-08 Method and system for protection of data input/output, storage and processing

Country Status (2)

Country Link
AU (1) AU6743500A (en)
WO (1) WO2001086388A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2756074A1 (en) * 1996-11-15 1998-05-22 Advanced Pc Technologies Apct PROCESS FOR SECURING AND CONTROL OF ACCESS TO INFORMATION FROM A COMPUTER PLATFORM EQUIPPED WITH A MICRO-COMPUTER
WO1999040701A1 (en) * 1998-02-10 1999-08-12 The Government Of The United States Of America As Represented By The Secretary Of The Navy Secured network system
US5983273A (en) * 1997-09-16 1999-11-09 Webtv Networks, Inc. Method and apparatus for providing physical security for a user account and providing access to the user's environment and preferences

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2756074A1 (en) * 1996-11-15 1998-05-22 Advanced Pc Technologies Apct PROCESS FOR SECURING AND CONTROL OF ACCESS TO INFORMATION FROM A COMPUTER PLATFORM EQUIPPED WITH A MICRO-COMPUTER
US5983273A (en) * 1997-09-16 1999-11-09 Webtv Networks, Inc. Method and apparatus for providing physical security for a user account and providing access to the user's environment and preferences
WO1999040701A1 (en) * 1998-02-10 1999-08-12 The Government Of The United States Of America As Represented By The Secretary Of The Navy Secured network system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"BITS: A SMARTCARD PROTECTED OPERATING SYSTEM", COMMUNICATIONS OF THE ASSOCIATION FOR COMPUTING MACHINERY, US, ASSOCIATION FOR COMPUTING MACHINERY. NEW YORK, VOL. 37, NR. 11, PAGE(S) 66-70,94, ISSN: 0001-0782, XP000485634 *

Also Published As

Publication number Publication date
AU6743500A (en) 2001-11-20

Similar Documents

Publication Publication Date Title
US6385721B1 (en) Computer with bootable hibernation partition
JP4734585B2 (en) Method and apparatus for data encryption / decryption in mass storage device
ES2380160T3 (en) Self-managed processing device
CN101454751A (en) Execution of a secured environment initialization instruction on a point-to-point interconnect system
RU2472215C1 (en) Method of detecting unknown programs by load process emulation
US20100005531A1 (en) Isolated multiplexed multi-dimensional processing in a virtual processing space having virus, spyware, and hacker protection features
US8869308B2 (en) Computer motherboard having peripheral security functions
US7146525B2 (en) Method for backing up and recovering data in the hard disk of a computer
CN100389408C (en) Fixed disk data enciphering back-up and restoring method
CN100552690C (en) Data managing method
US20080244743A1 (en) Computer System Architecture And Method Providing Operating-System Independent Virus-, Hacker-, and Cyber-Terror Immune Processing Environments
KR20100087336A (en) Computer storage device having separate read-only space and read-write space, removable media component, system management interface, and network interface
US20090210456A1 (en) Methods, Systems and Media for TPM Recovery Key Backup and Restoration
US20120099219A1 (en) Secure data storage device
CN111353162B (en) TrustZone kernel-based asynchronous execution active trusted computing method and system
WO1994020897A1 (en) Hardware protection control for computer storage devices
EP3627368B1 (en) Auxiliary memory having independent recovery area, and device applied with same
US20060200682A1 (en) Apparatus and method for protecting diagnostic ports of secure devices
US20080076355A1 (en) Method for Protecting Security Accounts Manager (SAM) Files Within Windows Operating Systems
AU2005248713A2 (en) Isolated multiplexed multi-dimensional processing in a virtual processing space having virus, spyware, and hacker protection features
JP5214135B2 (en) Work content recording system and method, and program thereof
JPH1091289A (en) Memory initialization device and method
CN108197457A (en) Hard disk secure control method and device
CN109583197B (en) Trusted overlay file encryption and decryption method
WO2001086388A1 (en) Method and system for protection of data input/output, storage and processing

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC DATED 31/03/03.

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP