Data processing: generic control systems or specific application – Generic control system – apparatus or process – Having protection or reliability feature
Reexamination Certificate
1999-11-01
2002-11-26
Patel, Ramesh (Department: 2121)
Data processing: generic control systems or specific application
Generic control system, apparatus or process
Having protection or reliability feature
C700S021000, C700S078000, C700S079000, C700S080000, C700S082000, C700S087000, C713S300000, C713S152000, C713S152000, C713S323000, C713S324000, C713S310000, C382S115000, C382S116000, C382S124000
Reexamination Certificate
active
06487465
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to improvements in security for a computer. More particularly, the present invention is an improved system and method for a personal computer during the startup process when scanning ROM by selectively allowing an input from a user.
2. Background Art
Personal computers are well known in the art for providing a variety of data processing applications. Such personal computers usually include various input and output devices connected to a processor with an operating system stored in memory of the personal computer. The system includes a power-on-self test (POST) operable when the computer is first turned on to verify the presence and operating condition of the various input and output devices connected to the processor. During the POST, certain blocks of memory address space are scanned for the presence of one (or more) block of code known as an adapter ROM (other memory technologies such as Flash as it is known in the state of the art may be used instead of ROM) used in attaching certain peripheral devices and setting them up with the appropriate initial conditions. If such an adapter ROM is found within the address memory space, then this adapter ROM performs initialization and configuration routines, a process which is often referred to as “ROM scan”. During the ROM scan, sensitive areas of memory (storing configuration information) in the computer are accessible for storing data as a result of the ROM scan. Since these memory areas are also involved in the security aspects of the personal computer, it is important that user inputs be controlled to avoid improper activity such as would defeat the security features which have been designed into the operating system (and its power-on-self-test) of the personal computer.
The ROM Scan Patent teaches that it is desirable to keep the user of a personal computer from making inputs at a keyboard or other input devices (such as a mouse) during the ROM scan process and the POST generally, and this is accomplished by locking the keyboard and other input devices out during the ROM Scan operation of the POST.
However, there are some ROM adapters which either encourage or require a user input during the ROM scan process and initial setup, and the functions provided in the ROM Scan Patent would preclude such inputs. Hence, the prior art systems either had security against user inputs during the ROM scan (as provided in the ROM Scan Patent) but prevented user inputs of the type desirable in some ROM adapters or allowed the user inputs during the ROM scan but did not provide security against inappropriate user input which could defeat security aspects present in the configuration information during the ROM scan process.
Accordingly, the prior art systems have undesirable limitations and disadvantages.
SUMMARY OF THE INVENTION
The present invention overcomes the disadvantages and limitations of the prior art systems by providing a system which selectively allows user inputs during the ROM scan process. In this way, the protection of the ROM Scan Patent preventing user inputs is usually in effect, but, in those cases where a user input is desirable or necessary, enabling such an input.
In this way, input devices such as the keyboard are normally locked out during ROM scan, but input is permitted when it is desirable to have such an input and the user has the authority to do so. Since some ROM adapter code stored in memory either requires a user input during startup or otherwise permits such an input, it would be desirable to allow such inputs when needed, while otherwise preventing the user inputs. The authorization to make changes can be limited to those individuals authorized to make changes to the system's configuration through the use of appropriate privilege access password or administrator password.
The present invention has the advantage that it is simple to implement and effective to normally prevent user inputs during power-on-self-test including the ROM scan, but to allow an input from the user to be made and recorded in memory when desirable.
The present invention allows the security of a lockout during power-on-self-test and yet allows use of ROM adapters which require a user input during startup. Other objects and advantages of the present invention will be apparent to those skilled in the relevant art in view of the following description of the preferred embodiment, taken together with the accompanying drawings and the appended claims.
REFERENCES:
patent: 4727476 (1988-02-01), Rouchon
patent: 5022077 (1991-06-01), Bealkowski et al.
patent: 5187792 (1993-02-01), Dayan et al.
patent: 5388156 (1995-02-01), Blackledge et al.
patent: 5410707 (1995-04-01), Bell
patent: 5634137 (1997-05-01), Merkin et al.
patent: 5724027 (1998-03-01), Shipman et al.
patent: 5742758 (1998-04-01), Dunham et al.
patent: 6098171 (2000-08-01), Johnson et al.
PC Magazine, v10, n22, p. 66, Dec. 31, 1991, “DOS menu system adds software-based security”, N Zelnick.
PC Sources, v2, n7, p. 307, Jul. 1991, “Virus protection”, B Brenesal.
Dayan Richard Alan
Johnson Robert Duane
Flynn John David
International Business Machines - Corporation
Patel Ramesh
Schelkopf J. Bruce
LandOfFree
Method and system for improved computer security during ROM... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for improved computer security during ROM..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for improved computer security during ROM... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2986220