SECURITY SYSTEM FOR A HARD DISK
This invention relates to a security system for a hard disk of a personal computer (PC).
Protection of the hard disk is required where it is desirable or necessary to prevent access to some or all of the area of the disk for writing of data or loading of software. Protecting a hard disk in this way can prevent a purchaser of a low cost or discounted PC from removing the hard disk and using it in another computer or computer system by ensuring that the operating system provided thereon cannot be configured or overwritten.
The present invention seeks to provide a security system for a hard disk which can operate in this way.
Thus and in accordance with the present invention therefore there is provided a security system for a hard disk of a computer system, said hard disk having loaded thereon a binary input/output system (BIOS) and said hard disk being divided into multiple logical block addresses uniquely identified respectively as LBAo to LBAn'one of said logical block addresses containing a master boot record which contains instructions relating to a boot cycle of the system in the form of entries in a partition table which direct said BIOS to other logical block addresses during said boot cycle of said system where necessary data or software is stored and wherein said security system comprises protection means which acts to prevent writing of data or software to said one logical block address and a logical black
address to which a first entry in said partition directs said BIOS during said boost cycle.
With this arrangement it is possible to prevent a hard disk of a computer system being removed and used in other systems as it will not be possible to modify the operating system provided or to overwrite the operating system provided since it is not possible to access the logical block addresses in which are provided instructions which control the boot cycle of the system.
Referring now to the drawings, the single figure of which shows a diagrammatic representation of a hard (fixed) disk 10 of a computer system for example a personal computer system (PC).
The hard disk 10 comprises multiple discrete uniquely identified sectors or areas 11 in which data, instructions or software routines or programs can be stored. Each of the sectors or areas 11 form a logical block address, conventionally 512 bytes, and each of these logical block addresses are identified sequentially as LBAo to LBA.
Conventionally, when used in a computer system, a hard disk 10 has installed thereon a binary input/output system (BIOS) which controls the interaction between the various hardware components of a computer system. Thus for example, the BIOS controls the boot cycle which occurs when a computer system is first turned on.
Further, it is usual for information relating to the boot cycle to be
stored in a single logical block address uniquely identified as LBAo in the form of a partition table (shown schematically as 12) which contains a number of entries. Each entry in the partition table 12 directs the BIOS to another logical block address 11 to refer to data instructions or software routines or programs contained therein, to carry out instructions or to load software.
Therefore, in a conventional computer system, the system is supplied to a purchaser with an operating system installed. In such a system, when the system undergoes the boot cycle, the BIOS will look through logical block address LBAo and will refer to the directions set out therein. Thus when the BIOS refers to logical block address LBAo the first partition table entry contained therein will usually direct the BIOS to one or more other logical block addresses where operating system software is stored in order that the operating system is loaded. Thus in a conventional system of this type, the operating system is actually loaded when the machine undergoes the boot cycle by use of the partition table entries in logical block addressLBAo under the control of the BIOS.
If in the conventional system a new operating system is installed, the installation process will actually change, insofar as this is necessary, the partition table entries in logical block address LBAo to ensure correct loading of the new operating system in the boot cycle.
It will be appreciated that this can lead to problems because there is
no restriction in conventional computer systems on the hard disk, being removed from one system and replaced in another. In these circumstances, if the user does not wish to use the manufacturers installed operating system, then it is a simple matter of loading another operating system onto the hard disk to overwrite the existing operating system.
It has been proposed that it may be desirable to manufacture and supply computer systems which are intended for use in accessing the world wide web with operating systems installed by the manufacturer and which are configured to allow a user access only to the manufacturers preferred Internet service provider (ISP) and it is proposed that such systems will be manufactured and sold at a low price.
However the problem with this proposal is that, with conventional computer systems, it will be possible for a purchaser to buy a low cost PC and remove the expensive hard disk 10 and install this into another system.
A different operating system could be installed, which wasn't configured in accordance with the original manufacturers intended configuration and which allows access to any preferred ISP. The system would then operate satisfactorily with the new operating system in place.
The present invention provides a solution to this problem.
Thus in the present invention, the manufacturer will install the operating system onto the hard disk 10 of the computer system. The operating system will be configured to allow access only to the
manufacturers preferred ISP and may be otherwise configured to the manufacturers particular specifications. When the operating system is loaded the partition table entries and BIOS are configured to ensure that, during the boot cycle, the operating system will be loaded properly.
However, in the present invention, the logical block address LBAo which contains the partition table and the logical block addresses to which the BIOS is directed by the first entry in the partition table, which are used during the boot cycle, are write protected using any suitable hardware, software or firmware. By doing this, access can be prevented to the partition table stored in logical block address LBAo and the logical block address to which the BIOS is directed by the first entry in the partition table and this means that modification of the entries contained in the partition table, such as would be necessary to ensure that any new operating system loaded onto the hard disc could load and operate properly, is prevented.
Furthermore, this would mean that during the boot cycle, the manufacturers preferred operating system, if present, is the only operating system which can be loaded. If the manufacturers complete specially configured operating system is not present then the boot cycle will not operate properly and the machine will not be operational.
It will be seen that with this arrangement, it is possible to make sure that the hard disk, cannot be transferred from low price computer systems to other computer systems since a new operating system cannot be loaded
onto the hard disk in order that the system will operate correctly.
Of course, if the hard disc is transferred to another machine then it will operate if the original manufacturers complete, specially configured, operating system is used and this is acceptable since manufacturers can recoup the discounted prices offered on the systems and parts of systems by appropriate deals with the preferred Internet Service Provider.
Further security can also be obtained by making access to the hard disk 10 subject to entry of a password which would prevent the write protection which is used on the hard disc from being breached by unauthorised persons.
It is of course to be understood that the invention is not intended to be restricted to the details of the above embodiment which are described by way of example only.