Cryptography – Key management – Having particular key generator
Patent
1992-10-21
1997-08-12
Chan, Eddie P.
Cryptography
Key management
Having particular key generator
39518221, 380 4, G06F 1214
Patent
active
056574738
DESCRIPTION:
BRIEF SUMMARY
The present invention relates to methods and apparatus for preventing the corruption or destruction of data in computer systems, and is particularly concerned with the detection and containment of hostile programs such as "virus" programs within computer systems. The word "virus", which has become a well-known term in the art, will be used herein as a generic name for all hostile programs.
There is an increasing problem with computer viruses which are introduced into computer systems by clandestine means with consequences of varying degrees of seriousness from minor inconvenience to the system user, to complete destruction of data or disablement of the system. The propagation of viruses can be controlled by controlling the operations which can be performed on particular data or classes of data. However, proposals to date for implementing such classification methods rely on a high degree of user discipline, and/or hardware modification of computers and/or hard disks, and/or software modification of the operating system, and/or knowledge of virus signatures.
It is an object of the present invention to obviate or mitigate the aforesaid disadvantages.
It is a further object of the present invention to provide a method of, and apparatus for, virus detection and containment capable of implementation on a computer system using: a `standard` version of a given computer operating system; a `standard` computer capable of operation using such an operating system; and `standard` computer devices.
In the sense used hereinbefore, the word `standard` means that which would be routinely purchased from manufacturers of these devices, without special modification.
The invention described herein may aptly be described as a `Supervisor` ie. an arrangement which controls,read, write and format operations performed on data on a storage medium of a computer system. While it is true that an operating system supervises the transfer and storage of all data within a computer system it is also true that a virus can be introduced and can circumvent this supervision if the computer is used with doubtful or unlicensed software. This allows a potential virus to replicate itself, to change, damage or delete data, and even to make the whole system inoperable.
It is, therefore, a further object of the present invention to provide an additional level of supervision which addresses the above circumstances. The invention specifically limits the damage a virus can cause and protects certain existing data areas.
It should, however, be stressed that there exists a hierarchy of potential virus infection ranging from innocent usage of infected software, even after precautions have been followed, through to deliberate sabotage of a system. There is ultimately no defence against this latter situation, given that computer systems are designed to respond to human inputs. The present invention would not claim to prevent this situation either. What it does do is to provide a framework within which a vital attack may be detected and contained. It, therefore, allows the user a mechanism for protection of his files. Starting from a virus-free position, it permits a way of introducing further software or modifications to existing software which, if infected, would corrupt only part of the user's existing system.
According to a first aspect of the invention there is provided a method of controlling access to and modification of information stored on a storage medium forming part of a computer system comprising: non-overlapping partitions, including a boot partition and a plurality of general partitions, each of the partitions being further divided into a plurality of sectors, any designated subset of the general partitions being active at any given time when the computer system is in use, unit (CPU) of the computer system for controlling the performance of read, write and format operations upon the information stored on the storage medium so as to allow, restrict or prevent such operations depending upon the type of information stored within a sector and type
REFERENCES:
patent: 3742458 (1973-06-01), Inoue et al.
patent: 3827029 (1974-07-01), Schlotterer et al.
patent: 4215400 (1980-07-01), Denko
patent: 4442484 (1984-04-01), Childs, Jr. et al.
patent: 4590552 (1986-05-01), Guttage et al.
patent: 4807284 (1989-02-01), Kleijne
patent: 4926476 (1990-05-01), Convey
patent: 5022077 (1991-06-01), Bealkowski et al.
patent: 5144659 (1992-09-01), Jones
patent: 5144660 (1992-09-01), Rose
patent: 5155829 (1992-10-01), Kao
patent: 5317717 (1994-05-01), Cutler
Communication from European Patent Office dated Mar. 10, 1993 re: Application No.91904667.2-2215.
Siemens Microcomputer Components: Data Catalog 1986/87, Muchen, pp. 539, 554-565.
Intel, Introduction to the iAPX 286, 1985, Santa Clara, Calif., pp. 3-20 to 3-31.
Killean Reginald
Robb David
White Norman Jackson
Arendee Limited
Chan Eddie P.
Ferguson Jr. Gerald J.
Nguyen Hiep T.
Robinson Eric J.
LandOfFree
Method and apparatus for controlling access to and corruption of does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for controlling access to and corruption of, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for controlling access to and corruption of will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-169017