`
`CARATYET AA
`3125A
`
`
`
`
`United States Patent
`
`5,533,125
`[11] Patent Number:
`
`
`
`
`
`Bensimonet al.
`
`
`
`
`
`
`
`Jul. 2, 1996
`145] Date of Patent:
`
`
`US00553
`
`
`
`19)
`
`
`
`
`
`
`[54] REMOVABLE COMPUTER SECURITY
`DEVICE
`
`
`
`
`[75]
`
`
`
`
`
`
`
`
`
`Inventors: Daniel Bensimon, Boca Raton; Neal A.
`
`
`
`
`
`Osborn, Delray Beach; Joaquin F.
`
`
`
`
`
`
`Pacheco, Boca Raton, all of Fla.
`
`
`
`
`[73] Assignee:
`
`
`
`
`
`International Business Machines
`
`
`
`Corporation, Armonk, N.Y.
`
`
`
`
`
`
`{21] Appl. No.: 503,536
`
`
`
`{22]
`
`
`
`Filed:
`
`
`
`
`Jul. 18, 1995
`
`
`
`
`
`
`Related U.S. Application Data
`
`
`
`
`
`
`
`
`
`
`
`
`{63] Continuation of Ser. No. 397,017, Mar. 1, 1995, abandoned,
`
`
`
`
`
`
`
`
`
`
`which is a continuation of Ser. No. 43,425, Apr. 6, 1993,
`abandoned.
`
`[SV]
`Tint. Cho wenncccssssssscsssssssssssesssesesesessereee H04K 1/00
`
`
`
`
`
`
`
`
`
`[52] U.S. Che oneeeeeseeeeeee 380/4; 380/23; 380/25
`
`
`
`
`
`
`
`[58] Field of Search oe 380/3, 4, 23, 25,
`
`
`
`
`380/49, 50; 235/379, 380, 382
`
`
`
`
`
`
`
`
`
`[56]
`
`
`
`4,742,215
`4,799,635
`4,816,653
`
`
`
`
`
`
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`
`
`
`
`5/1988 Daughters .......ccccssseseeeeeee 235/487
`
`
`
`
`1/1989 Nakagawa...........
`
`3/1989 Ander] et al. wiccceeesessceees 235/380
`
`
`
`
`
`
`
`
`
`ccsscscccccccccsue 365/189.01
`4,864,542
`9/1989 Oshimaet al.
`
`
`
`
`
`
`4,882,474 11/1989 Anderl et al. cecccccscecccccsccsssese 235/380
`
`
`
`
`
`3/1990 Barakat
`sscsssssssssecsscescossssesessn 380/23
`4,910,774
`
`
`
`6/1990 Fruhauf et al.
`ssscssccccccccccsssssssseee 380/4
`4,932,053
`
`
`
`
`
`
`8/1990 Mineo ........
`. 364/200
`4,947,318
`
`
`
`
`4/1991 Remton wine
`5,012,514
`cessscessssescsseessesseees 380/4
`
`
`
`
`....
`7/1991 Atsumiet al.
`5,034,597
`. 235/380
`
`
`
`
`
`9/1991 Abraham etal. .
`ve 380/23
`5,048,085
`
`
`
`
`
`
`
`
`
`11/1991 Lang oe essessssesssescesseeseessnseeees 380/25
`5,065,429
`5/1992 Hatta .........
`- 380/4 X
`5,115,508
`
`
`
`
`
`
`6/1992 Claus et al.
`we 235/382
`5,120,939
`
`
`
`
`
`7/1992 Mizuta ......
`w» 395/725
`5,131,091
`
`
`
`9/1992 Geoffrotin 0...
`5,146,499
`eeesessseeseestesseenee 380/23
`
`
`
`1/1994 Mclean etal. ....csessesee
`5,282,247
`w. 380/4
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Primary Examiner—David C. Cain
`
`
`
`[57]
`
`
`
`ABSTRACT
`
`
`
`
`
`
`
`Anintelligent removable information storage device (100),
`
`
`
`
`
`
`
`
`
`
`
`
`
`for coupling to a host microcomputer system (10), includes
`
`
`
`
`
`
`
`
`a local processor unit (106) including apparatus for prevent-
`
`
`
`
`
`
`
`
`
`ing the microcomputer system from reading from, or writing
`
`
`
`
`
`
`
`
`
`
`to, the storage device absent the entry of an appropriate
`
`
`
`
`
`
`
`
`
`
`password by a user of the host microcomputer system. The
`
`
`
`
`
`
`
`
`
`storage device also includes a storage medium (e.g., a
`
`
`
`
`
`
`
`
`
`magnetic disk) for storing informationincludingat least one
`
`
`
`
`
`
`
`
`password. The local processor unit includes apparatus for
`
`
`
`
`
`
`
`
`
`preventing access to the information stored in the storage
`
`
`
`
`
`
`
`means absent receipt of a valid password.
`
`
`
`
`
`10 Claims, 5 Drawing Sheets
`
`
`
`
`
`
`
`INTERFACE
`
`
`CONTROLLER
`
`
`
`LOCAL
`
`
`
`
`
`
`
`(BUFFER)
`
`
`
`
`READ / WRITE
`CHANNEL
`
`
`
`
`MEDIA
`
`CONTROL
`LOGIC
`
`
`
`
`
`
`
`
`
`STORAGE
`MEDIA
`
`
`
`PROCESSOR
`
`
`
`
`
`
`
`
`
`CONTROL
`MEMORY
`
`
`
`
`DATA
`
`
`MEMORY
`
`
`
`
`
`
`
`
`
`
`PC CARD
`
`
`
`
`Page 1 of 10
`
`Unified Patents Exhibit 1004
`
`Page 1 of 10
`
`Unified Patents Exhibit 1004
`
`

`

`
`
`U.S. Patent
`
`
`
`Jul. 2, 1996
`
`
`
`
`
`
`Sheet 1 of 5
`
`
`
`5,533,125
`
`
`
`
`
`
`
`Page 2 of 10
`
`Page 2 of 10
`
`

`

`
`
`
`Sheet 2 of 5
`
`
`
`5,533,125
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IHOLW||saan
`
`
`
`
`
` 300030
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`
`
`Jul. 2, 1996
`
`
`
`
`
`
`
`alOHOINW
`HOSS3OOHdVoSid
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`AHOVO
`
`HSTIOWLNOS
`
`z
`
`
`
`SE
`
`A>)
`
`
`
`Page 3 of 10
`
`Page 3 of 10
`
`
`

`

`
`
`U.S. Patent
`
`
`EESre©eoes2©reeoreeeeen©rece©SE©OUEoCO=oOeeeeeoeee©eoee2ee0ees#en8eeeeeeetkeoeebSoFeaETE0ESOtesEY©ED@Cie4SOLD©RiogeeEO©a@ar©ee
`ssaydavomay
`iy”disWwHdefNeb>.|asia|usaunat+d2‘is
`gees\9|
`diswvua=[—~T]
`(3a003d|||Svo‘svu)
`vivaa
`XnNWLOTSO/|
`35qt[|Pp
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`SS
`
`
`Page 4 of 10
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`LS
`
`
`
`Jul. 2, 1996
`
`
`
`
`
`
`Sheet 3 of 5
`
`
`
`5,533,125
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`LO1sO/|
`
`
`
`
`
`
`Page 4 of 10
`
`
`

`

`
`
`U.S. Patent
`
`
`
`Jul. 2, 1996
`
`
`
`
`
`
`Sheet 4 of 5
`
`
`
`5,533,125
`
`
`
`Lhv9SL.advd
`
`
`
`
`
`YaldvavYaldvdvHOODWd
`
`
`
`zezSyTaTIVuvdSOW)SOWS
`
`
`
`
`
`98¥8oe
`
`YSTIOULNOD
`
`Yaw
`
`UeSls
`
`etrette"5
`
`Page 5 of 10
`
`Page 5 of 10
`
`
`

`

`
`U.S. Patent
`
`
`
`Jul. 2, 1996
`
`
`
`
`
`Sheet 5 of 5
`
`
`
`
`
`
`5,533,125
`
`
`
`
`FIG. 3
`
`
`
`
`
`
`
`
`
`
`
`INTERFACE
`
`
`CONTROLLER
`
`
`
`LOCAL
`
`
`PROCESSOR
`
`
`
`
`
`108
`
`
`
`
`CONTROL
`
`
`MEMORY
`
`DATA
`
`
`
`
`
`110
`
`
`
`MEMORY
`
`
`
`
`
`(BUFFER)
`
`
`
`
`READ / WRITE
`
`CHANNEL
`
`
`
`Page 6 of 10
`
`MEDIA
`
`
`CONTROL
`
`
`LOGIC
`
`
`
`
`
`
`
`
`
`STORAGE
`
`
`MEDIA
`
`
`
`
`
`PC CARD
`
`
`
`Page 6 of 10
`
`

`

`
`5,533,125
`
`1
`REMOVABLE COMPUTER SECURITY
`
`
`DEVICE
`
`
`
`
`This is a continuation of application Ser. No. 08/397,017,
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`filed Mar. 1, 1995, now abandoned which is a continuation
`
`
`
`
`
`
`
`
`
`
`of application Ser. No. 08/043,425,filed on Apr. 6, 1993,
`now abandoned.
`
`
`
`BACKGROUND OF THE INVENTION
`
`
`
`
`
`
`
`
`
`
`
`
`
`This invention relates generally to removable peripheral
`
`
`
`
`
`
`
`devices for microcomputers, and more specifically to
`
`
`
`
`
`
`
`removable device security removable peripheral devices for
`
`
`personal computers.
`
`Personal computer systems in general and IBM personal
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`computers in particular have attained widespread use for
`
`
`
`
`
`
`
`
`providing computer power to many segments of today’s
`
`
`
`
`
`
`
`
`modern society. Personal computer systems can usually be
`
`
`
`
`
`
`
`
`defined as a desk top, floor standing, or portable microcom-
`
`
`
`
`
`
`
`
`
`
`
`puters that consist of a system unit having a single system
`
`
`
`
`
`
`
`processorand associated volatile and non-volatile memory,
`
`
`
`
`
`
`
`
`
`
`a display monitor, a keyboard, one or more diskette drives,
`
`
`
`
`
`
`
`
`
`
`
`a fixed disk storage, and an optional printer. One of the
`
`
`
`
`
`
`
`
`
`distinguishing characteristics of these systems is the use of
`
`
`
`
`
`
`
`
`a motherboard, or system planar,
`to electrically connect
`
`
`
`
`
`
`
`these components together. These systems are designed
`
`
`
`
`
`
`
`
`primarily to give independent computing capability to a
`
`
`
`
`
`
`
`
`
`single user and are inexpensively priced for purchase by
`
`
`
`
`
`
`
`
`individuals or small businesses. Examples of such personal
`
`
`
`
`
`
`
`computer systems are JBM’s PERSONAL COMPUTER XT
`
`
`
`
`
`
`
`
`
`and AT and IBM’s PERSONAL SYSTEM/2 Models25, 30,
`
`
`
`
`
`
`
`
`
`
`
`
`
`35, 40, 50, 55, 56, 57, 60, 65, 70, 80, 90, and 95.
`
`
`
`
`
`
`
`
`
`These systems can beclassified into two general families.
`The first family, usually referred to as Family I Models, use
`
`
`
`
`
`
`
`
`
`
`
`a bus architecture exemplified by the IBM PERSONAL
`
`
`
`
`
`
`
`COMPUTERAT(ATis a trademark of the IBM corporation)
`
`
`
`
`
`
`
`
`
`and other “JBM compatible” machines. The second family,
`
`
`
`
`
`
`
`
`teferred to as Family I] Models, use IBM’s MICRO CHAN-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`NEL bunsarchitecture exemplified by ]BM’s PERSONAL
`
`
`
`
`
`
`
`
`
`SYSTEM/2 Models 50 through 95. Certain Family J and
`
`
`
`
`
`
`
`
`
`
`most Family 1] models typically use the high speed INTEL
`
`
`
`
`80386, and 80486 microprocessors.
`Such personal computers are characterized as having an
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`“open” architecture. That is, the systems are designed and
`
`
`
`
`
`
`
`
`constructed in such a way thatadditional peripheral devices,
`
`
`
`
`
`
`
`
`
`such as removable media direct access storage devices (or
`
`
`
`
`
`
`
`
`
`
`
`
`DASD)that may beselected and addedto the systems, or an
`
`
`
`
`
`
`
`
`
`
`
`existing device that may be changed for a device of a
`
`
`
`
`
`
`
`
`
`different type. The floppy disk drives mentioned above are
`
`
`
`
`
`
`
`one example of a removable media DASD.
`Family I] machines may have DASD using 3.5 inch
`
`
`
`
`
`
`
`
`
`diskettes to store 720 kilobytes or 1.44 megabytes or 2.88
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`megabytes of data. It is known and contemplated that other
`
`
`
`
`
`
`
`
`
`removable media DASD maybe provided and may be used
`
`in or with personal computersofthe general types described.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`One such information storage device is the so-called
`
`
`
`
`
`
`
`
`
`personal computercard (or simply, pc card) made in accor-
`
`
`
`
`
`
`
`
`dance with the standard established by the Personal Com-
`
`
`
`
`
`
`puter Memory Card International Association (PCMCIA).
`
`
`
`
`
`
`
`
`
`
`
`
`All pe cards have the footprint of a credit card. These pc
`
`
`
`
`
`
`
`
`cards may be classified under two general categories:
`
`
`
`
`
`
`
`
`memory cards and input/ontput (I/O) cards. Memory cards
`
`
`
`
`
`
`
`
`
`
`
`were the first generation of cards specified by Release ].0 of
`
`
`
`
`
`
`
`
`the PCMCIAstandard. These cards are file-formatted and
`
`
`
`
`
`
`
`
`
`
`are used in substantially the same way as memory diskettes.
`
`
`
`
`
`
`
`
`
`
`
`I/O cards are specified in Release 2.0 of the standard. These
`
`
`
`10
`
`
`
`
`
`20
`
`
`25
`
`
`30
`
`
`
`
`
`40
`
`
`45
`
`50
`
`
`
`55
`
`
`60
`
`
`
`65
`
`
`
`Page 7 of 10
`
`©
`
`
`
`
`
`
`
`
`
`2
`
`
`
`
`
`
`
`
`types of cards include madems, local area networks (LANs),
`
`
`
`
`
`
`
`
`image cards, hard disk drives, faxes, and dockingstations.
`
`
`
`
`
`
`
`
`
`
`There are three physical sizes for these cards. All three types
`
`
`
`
`
`
`
`
`
`
`
`
`are 54.0 mm in length, and 54.0 mm in width. Type 1 are 3.3
`
`
`
`
`
`
`
`
`
`
`
`
`mm in thickness; Type II are 5.0 mm; and TypeIII, 10.5 mm.
`
`
`
`
`
`
`
`
`The PCMCIAstandard is becoming widely used for con-
`
`
`
`
`
`
`
`necting peripheral devices to portable and notebook personal
`
`
`
`
`
`
`
`
`
`
`computers and may be used for other types ofpcs.
`
`
`
`
`
`
`
`
`Protection from unauthorized users may be required in
`cases where confidential or classified information is handled
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`by automated information systems, such as personal com-
`
`
`
`
`
`
`
`
`
`puter systems. The need for security becomes acnte in
`
`
`
`
`
`
`
`systems using small removable information storage devices,
`
`
`
`
`
`
`
`
`
`
`
`such as pe cards, because of their value. There are two
`
`
`
`
`
`
`
`
`
`
`sources of value in these storage devices: (1) the intrinsic
`
`
`
`
`
`
`
`
`
`
`value of the device itself (DASD can represent up to
`
`
`
`
`
`
`
`
`
`
`
`one-third the value of the hardware cost of the system); and
`
`
`
`
`
`
`
`
`
`
`
`(2) the data contained in the device may itself be more
`
`
`
`
`
`
`
`valuable than the device. Previously,
`small
`removable
`
`
`
`
`
`
`
`
`memory devices (e.g., diskettes and CD ROMs)typically
`
`
`
`
`
`
`
`
`
`used physical means of security such a write-preventtabs or
`
`
`
`
`
`
`
`
`
`switches and locks. Moreover, access to a computer system
`
`
`
`
`
`
`
`
`
`
`
`
`may require the use of a password. However,in the cases of
`
`
`
`
`
`
`
`small removable storage devices these security measures
`
`
`
`
`
`
`
`
`
`
`may be inadequate because oftheattractiveness for theft of
`
`
`
`
`
`
`
`
`
`
`these devices. A thief of a small removable device could
`
`
`
`
`
`
`
`
`
`
`
`have read the information in the medium in a system not
`
`
`
`
`
`
`
`
`
`Tequiring a password and could also re-use the storage
`
`
`
`
`
`
`
`
`device itself. Additionally,
`in prior systems a password
`
`
`
`
`
`
`
`
`
`string was transferred to the host computer to enable pass-
`
`
`
`
`
`
`
`
`word protection in a blind “set password function.” Consider
`
`
`
`
`
`
`
`
`
`
`a device that does not have password protection enabled. It
`
`
`
`
`
`
`
`
`
`
`may have never been enabled, or the operator may have
`
`
`
`
`
`
`
`
`
`
`disabled it via the proper input of the required password(s).
`
`
`
`
`
`
`
`
`
`
`A malicious user or a virus software program could create
`
`
`
`
`
`
`
`
`
`
`and enable a new password without the permission of a
`
`
`
`
`
`
`
`legitimate operator, the drive becomes password protected
`
`
`
`
`
`
`
`
`
`
`
`and unusable, even to a legitimate user. This can be a
`
`
`
`
`
`
`
`
`
`
`
`problem where the user did not intend the system to be
`
`
`
`
`
`
`
`
`
`password protected. Thus, a need exists for better security
`measures.
`
`
`SUMMARY OF THE INVENTION
`
`
`
`
`
`
`
`
`
`
`
`
`
`Briefly, in accordance with the invention, a removable
`
`
`
`
`
`
`information storage device includes means for preventing
`
`
`
`
`
`
`
`
`
`the computer system from reading from, or writing to, the
`
`
`
`
`
`
`
`
`
`
`storage device absentthe entry of a selected password by a
`
`
`
`
`
`
`user of the host computer system.
`
`
`
`
`
`
`
`
`
`
`BRIEF DESCRIPTION OF THE DRAWING(S)
`
`
`
`
`
`
`
`
`
`
`
`
`
`FIG. 1 is a perspective view of a personal computer
`system embodying this invention;
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`FIG. 2 is a block diagram of certain components of the
`personal computer of FIG. 1;
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`FIG, 3 is a block diagram of an intelligent removable
`information storage device in accordance with the invention.
`
`
`
`
`
`
`
`
`
`
`
`
`
`DESCRIPTION OF THE ILLUSTRATIVE
`
`
`
`
`EMBODIMENT(S)
`
`
`
`
`
`
`
`
`
`
`Referring to FIG. 1, a microcomputersystem 10, embody-
`
`
`
`
`
`
`
`
`ing the present invention is shown and generally indicated.
`
`
`
`
`
`
`
`
`
`The computer system 10 includes a monitor 12 and a
`
`
`
`
`
`
`
`
`keyboard 13. The computer system 10 also includes remov-
`
`
`
`
`
`
`
`
`able media direct access storage devices (DASDs) which are
`
`
`
`
`
`
`Page 7 of 10
`
`

`

`
`5,533,125
`
`
`
`
`
`3
`preferably a floppy disk drive 15 and a slot 14 for a personal
`
`
`
`
`
`
`
`
`
`
`
`
`
`computer card (or, simply, a pe card). The pe card is
`
`
`
`
`
`
`
`
`
`
`
`preferably one complying with the PCMCIAstandard. In
`
`
`
`
`
`
`
`
`accordance with the invention, removable DASDs having
`
`
`
`
`
`
`
`processor means would include a password security feature
`
`
`
`
`
`
`
`
`that would prevent the unauthorized access to the informa-
`
`
`
`
`
`
`
`
`tion stored in these devices and the use of the devices
`
`
`
`
`
`
`
`
`
`
`themselves.
`
`Referring to FIG. 2, there is shown a block diagram of a
`
`
`
`
`
`
`
`
`
`
`
`
`
`personal computer system illustrating the various compo-
`
`
`
`
`
`
`
`
`
`nents of the computer unit 11 of FIG. 1. The compnter 10
`
`
`
`
`
`
`
`
`
`includes a motherboard (or planar) having components
`
`
`
`
`
`
`
`mounted thereon. Also connected to the planar is the system
`
`
`
`
`
`
`
`
`
`
`processor 32, which comprises a microprocessor, connected
`
`
`
`
`
`
`
`
`by a high speed central processing unit (CPU) local bus 34,
`
`
`
`
`
`
`
`
`
`
`through a bus control timing unit 35, to a memory control
`
`
`
`
`
`
`
`
`
`
`
`unit 36 which is further connected to a volatile random
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`access memory (RAM) 38. While any appropriate micro-
`
`
`
`
`
`
`
`
`processor can be used, one suitable microprocessor is the
`80486 which is sold by Intel Corp.
`
`
`
`
`
`
`
`The CPU local bus 34 (comprising data, address and
`
`
`
`
`
`
`
`
`
`control components) provides for the connection of the
`
`
`
`
`
`
`
`
`microprocessor 32, a math coprocessor 39, a cache control-
`
`
`
`
`
`
`
`
`
`
`ler 40, and a cache memory 41. Also coupled on the CPU
`
`
`
`
`
`
`
`
`
`
`local bus 34 is a buffer 42. The buffer 42is itself connected
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`to a slower speed (compared to the CPU local bus) system
`
`
`
`
`
`
`
`
`bus 44, also comprising address, data and control compo-
`
`
`
`
`
`
`
`
`
`
`
`nents. The system bus 44 extends between the buffer 42 and
`
`
`
`
`
`
`
`
`
`
`
`a further buffer (or latch/buffer) 68. The system bus 44is
`
`
`
`
`
`
`
`
`
`
`
`further connected to the bus control timing unit 35 and a
`
`
`
`
`
`
`
`
`
`
`direct memory access (DMA) unit 48. The DMA unit 48
`
`
`
`
`
`
`
`
`
`comprises a central arbitration unit 49 and DMAcontroller
`
`
`
`
`
`
`
`
`
`
`
`50. A buffer 51 providesan interface between the system bus
`
`
`
`
`
`
`
`
`
`
`44 and an optional feature bus such as the MICRO CHAN-
`
`
`
`
`
`
`
`
`
`
`
`
`NELbus 52. Connected to the bus 52 are a plurality of /O
`
`
`
`
`
`
`
`slots 54 for receiving MICRO CHANNEL adapter cards
`
`
`
`
`
`
`
`
`
`
`which may be further connected to an I/O device or memory.
`Anarbitration control bus 55 couples the DMAcontroller
`
`
`
`
`
`
`
`
`
`50 and central arbitration unit 49 to the I/O slots 54 and a
`
`
`
`
`
`
`
`
`
`
`
`
`
`diskette adapter 56. Also connected to the system bus 44is
`
`
`
`
`
`
`
`
`
`
`
`the memory control unit 36 which comprises a memory
`
`
`
`
`
`
`
`
`
`controller 59, an address multiplexor 60, and a data buffer
`
`
`
`
`
`
`
`
`
`
`61. The memory controller 59 includes means for decoding
`
`
`
`
`
`
`
`
`
`row address and column addressstrobes (i.e., RAS and CAS
`
`
`
`
`
`
`
`
`
`
`decode). The memory control unit 36 is further connected to
`
`
`
`
`
`
`
`
`
`
`a random access memory as represented by the RAM
`
`
`
`
`
`
`
`
`
`module 38. The memory controller 36 includes the logic for
`
`
`
`
`
`
`
`
`
`
`mapping addresses to and from the microprocessor 32 to
`
`
`
`
`
`
`
`
`
`particular areas of RAM 38. This logic is used to reclaim
`
`
`
`
`
`
`
`
`
`
`
`RAM previously occupied by the basic input/output system
`
`
`
`
`
`
`
`
`(BIOS). Further generated by memory controller 36 is a
`
`
`
`
`
`
`
`
`
`ROM select signal (ROMSEL), that is used to enable or
`
`
`
`
`
`
`
`
`
`
`disable ROM 64.
`
`
`
`While the microcomputer unit 10 is shown with a basic1
`
`
`
`
`
`
`
`
`
`
`
`megabyte RAM module,
`it is understood that additional
`
`
`
`
`
`
`
`
`memory can be interconnected as
`represented by the
`
`
`
`
`
`
`
`
`optional memory modules 65 through 67. For purposes of
`
`
`
`
`
`
`
`
`
`illnstration only,
`the present invention is described with
`
`
`
`
`
`
`
`
`reference to the basic one megabyte memory madule 38.
`
`
`
`
`
`
`
`
`
`A Jatch buffer 68 is coupled between the system bus 44
`
`
`
`
`
`
`
`
`
`
`
`and a planar I/O bus 69. The planar I/O bus 69 includes
`
`
`
`
`
`
`
`
`
`
`
`
`address, data, and control componentsrespectively. Coupled
`
`
`
`
`
`
`
`along the planar I/O bus 69are a variety of I/O adapters and
`
`
`
`
`
`
`
`
`
`
`
`
`
`other components such as the display adapter 70 (which is
`
`
`
`
`
`
`
`
`
`
`used to drive the monitor 11), a CMOSclock 72, nonvolatile
`
`
`
`
`
`
`
`
`
`
`CMOS RAM 74(hereinafter referred to as NVRAM), a
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 8 of 10
`
`
`
`
`
`
`4
`RS232 adapter 76, a paralle] adapter 78, a plurality of timers
`
`
`
`
`
`
`
`
`
`the diskette adapter (or controller) 56, an interrupt
`80,
`
`
`
`
`
`
`
`
`controller 84, and the read only memory (ROM) 64. The
`
`
`
`
`
`
`
`
`
`ROM64includes the BIOS (basic input/output system) that
`
`
`
`
`
`
`
`
`is used to interface between the I/O devices and the oper-
`
`
`
`
`
`
`
`
`
`
`ating system of the microprocessor 32. BIOS stored in ROM
`
`
`
`
`
`
`
`
`
`
`64 can be copied into RAM 38 to decrease the execution
`
`
`
`
`
`
`
`
`
`
`
`time of BIOS. ROM 64is further responsive (via ROMSEL
`
`
`
`
`
`
`
`
`
`
`signal) to memory controller 36. If ROM 64 is enabled by
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memory controller 36, BIOS is executed out of ROM. If
`ROM 64 is disabled by memory controller 36, ROM is not
`
`
`
`
`
`
`
`
`
`
`
`responsive to address enquiries from the microprocessor 32
`
`
`
`
`
`
`
`
`(i.e. BIOS is executed out of RAM).
`
`
`
`
`
`
`
`The planar I/O bus 69, as described hereinafter, includes
`
`
`
`
`
`
`
`
`
`portions defined by conductive pathways formedin interior
`
`
`
`
`
`
`
`
`layers of the multilayer planar, and particularly includes a
`
`
`
`
`
`
`
`
`
`numberof such pathwaysin a portion extending adjacent an
`
`
`
`
`
`
`
`
`
`
`edge ofthe planar whichis positioned to extend adjacent one
`
`
`
`
`
`
`
`
`
`
`
`of the front and rear panels of the chassis. Such designof the
`
`
`
`
`
`
`
`
`
`
`
`
`
`planar makes possible the location of a number of I/O
`
`
`
`
`
`
`
`
`
`
`connectors along such a side edge for exchange ofsignals
`
`
`
`
`
`
`
`
`
`
`with such devices as the monitor, keyboard and printer.
`
`
`
`
`
`
`
`
`
`The clock 72 is used for time of day calculations and the
`
`
`
`
`
`
`
`
`
`
`
`
`NVRAMis used to store system configuration data. Thatis,
`
`
`
`
`
`
`
`
`
`
`the NVRAM 74 will contain values which describe the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`present configuration of the system. For example, NVRAM
`
`
`
`
`
`
`
`
`
`74 contains information describing the capacity of a fixed
`
`
`
`
`
`
`
`
`
`
`
`disk or diskette, the type of display, the amount of memory,
`
`
`
`
`
`
`
`
`
`time, date, etc. Of particular importance NVRAM 74 will
`
`
`
`
`
`
`
`
`
`
`
`contain data (which can be one bit) which is used by
`
`
`
`
`
`
`
`
`
`
`memory controller 36 to determine whether BIOSis run out
`of ROM or RAM and whether to reclaim RAM intended to
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`be used by BIOS RAM.Furthermore, these data are stored
`
`
`
`
`
`
`
`
`in NVRAM whenevera special configuration program, such
`
`
`
`
`
`
`
`
`
`
`as SET Configuration, is executed. The purpose of the SET
`
`
`
`
`
`
`
`
`Configuration program is to store values characterizing the
`
`
`
`
`
`
`configuration of the system to NVRAM.
`A PCMCIA interface 86 is coupled to the bus 69 for
`
`
`
`
`
`
`
`
`
`
`
`providing an interface and driverfor pc cards (in accordance
`
`
`
`
`
`
`
`
`
`
`with the PCMCIA standard that may be coupled to the
`
`
`
`
`
`
`
`
`
`
`
`computer system 10 via port 14).
`
`
`
`
`
`Referring to FIG.3, there is shown a simplified block
`
`
`
`
`
`
`
`
`
`diagram of an intelligent removable information storage
`
`
`
`
`
`
`
`device 100 in accordance with the invention. The device 100
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`comprises a storage medium (or media) 102 for storing
`
`
`
`
`
`
`
`
`
`
`
`information. This storage medium can takethe form of an IC
`
`
`
`
`
`
`
`
`
`
`
`memory or a magnetic disk. The device 100 also includes a
`
`
`
`
`
`
`
`
`
`
`media control logic circuit 102, and a local processor 106.
`
`
`
`
`
`
`
`
`
`
`Thus, the device 100 is an “intelligent” storage device. This
`
`
`
`
`
`
`
`
`intelligence enables storage device 100 to include a pass-
`
`
`
`
`
`
`
`
`
`word security feature at the device level. Password security
`
`
`
`
`
`
`
`
`
`at the device level provides an advantage over system-level
`
`
`
`
`
`
`
`
`
`
`password security in that a stolen storage device cannot be
`
`
`
`
`
`
`
`
`
`
`
`used in any computer system unless the thief also knowsthe
`
`
`
`
`
`
`
`
`password. The local processor can be any suitable micro-
`
`
`
`
`
`
`
`processor(e.g., a 68HC11 manufactured by Motorola, Inc.).
`
`
`
`
`
`
`
`
`A control memory ROM 108, containing instructionsfor the
`
`
`
`
`
`
`
`
`local processor, and a data memory RAM 110, containing
`
`
`
`
`
`
`
`
`data for microprocessor operation, are coupled to the pro-
`
`
`cessor 106.
`
`
`
`
`
`An interface controller 112 provides an interface between
`
`
`
`
`
`
`
`
`the device 100 and a host computer (such as computer unit
`
`
`
`
`
`
`
`
`
`
`
`11 shown in FIGS. 1 and 2). Coupled to the controller 112
`
`
`
`
`
`
`
`
`
`
`
`
`is a buffer 114 which provides a cache function for the
`
`
`
`
`
`
`
`
`
`
`
`controller 112. A read/write channel unit 116, coupled to the
`
`
`
`
`
`
`
`
`
`
`
`
`storage media 102 and to the local processor 106, receives
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`20
`
`
`
`25
`
`
`
`
`35
`
`
`40
`
`
`
`45
`
`
`
`
`50
`
`35
`
`
`
`60
`
`
`
`65
`
`
`
`Page 8 of 10
`
`

`

`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`5,533,125
`
`
`
`
`
`
`
`
`
`5
`the data pulses from storage media 102 and converts them to
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`usable information. This unit 116 can take the form of a head
`
`
`
`
`
`
`
`
`
`
`
`amplifier in the case where the storage media 102 is a disk
`drive or any other suitable non-volatile memory such as
`
`
`
`
`
`
`
`
`Flash EEPROM.
`
`
`A media control ASIC (application-specific integrated
`
`
`
`
`
`
`circuit) is used to control the storage media 102. In the ease
`
`
`
`
`
`
`
`
`
`
`
`
`where the storage media 102 is a disk drive, block 104 would
`
`
`
`
`
`
`
`
`
`
`
`take the form of a control for a spindle motor. In the case
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`where storage media 102 is an IC memory (e.g., Flash
`
`
`
`
`
`
`
`
`
`
`EEPROM), block 104 would take the form of a format
`
`
`
`
`
`
`
`
`
`
`reader and could also perform bit parity checks. Along with
`
`
`
`
`
`
`
`
`
`read/write channel unit 116, the media control logic 104
`
`
`
`
`
`
`
`translates physical media characteristics into logie levels
`
`
`
`
`
`
`
`
`
`
`(..¢., it converts magnetie flux changes into a bit stream).
`In a preferred embodiment the device 100 is a pc card in
`
`
`
`
`
`
`
`
`
`
`
`accordance with the PCMCIA standard. More specifically, a
`
`
`
`
`
`
`
`PCMCIA-ATAcard is defined. ATA represents AT-attach-
`
`
`
`
`
`
`able, wherein AT is a trademark of International Business
`
`
`
`
`
`
`
`
`
`
`Machines Corporation. PCMCIAdevices(other than simple
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memory cards) communicate with a host computer system
`
`
`
`
`
`
`
`
`
`
`via a high level set of commands. For PCMCIA-ATAfiles,
`
`
`
`
`
`
`
`
`
`these commands are similar to those employed by more
`
`
`
`
`
`
`
`
`
`traditional fixed disks. In accordance with the invention, a
`
`
`
`
`
`
`
`uew ATA and PCMCIA-ATA compatible command called
`
`
`
`
`
`
`
`
`
`“Password”is defined. For storage devices, the invention is
`
`
`
`
`
`
`
`preferably implemented within the file specific command
`
`
`
`
`
`
`
`
`structure in order to maintain compatibility across systems,
`
`
`
`
`
`
`
`
`
`whether they contain removablefiles or not. The Password
`
`
`
`
`
`
`
`
`commandtakes three forms: (1) Password-Enable; (2) Pass-
`
`
`
`
`word-Send; and (3) Password-Disable.
`Operationally, the owner of a pe card (e.g., card 100)
`
`
`
`
`
`
`
`
`
`
`would insert the pe card 100 into the port 14 in the computer
`
`
`
`
`
`
`
`
`
`
`
`
`
`10 (shown in FIG. 1)to use the card 100. If the pe card is
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`not previously in a password protected made and the owner
`wishes to make the card 100 password protected, he or she
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`would enter a valid password into the computer unit 10
`
`
`
`
`
`
`
`along with a Password-Enable command. The computer unit
`10 would then transfer the password string to the card 100
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`thus enabling a protection mode in the device 100. This
`
`
`
`
`
`
`
`
`
`
`password need not match any previous password, andit does
`
`
`
`
`
`
`
`
`
`not operate if password protection is already active. To
`
`
`
`
`
`
`
`
`
`
`prevent unauthorized access to the storage device 100,it is
`
`
`
`
`
`
`
`
`
`
`required that to change a password, a valid password (or
`
`
`
`
`
`
`
`
`
`
`passwords, if required) mustbe transferredto the device 100
`
`
`
`
`
`
`
`
`
`in the same atomie (i.e., non-reduceable) operation as the
`
`
`
`
`
`
`
`change instruction. This requirement eliminates the “blind”
`
`
`
`
`
`
`
`
`aspect of the password control, and prevents unauthorized
`
`
`
`
`
`
`
`
`
`
`users (i.e., those who do not know the passward(s)) from
`
`
`
`
`
`
`modifying passwords or the security status.
`Exposure also exists from the time of delivery to the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`customer until the user enables and sets a password forthe
`first time (i.e, if the user has not yet, or neverintends to use
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`the password protection features of the invention). If the
`
`
`
`
`
`
`
`
`
`card 100 falls into the hands of another person who activates
`
`
`
`
`
`
`
`
`
`
`
`the security feature with a password unknownto the owner,
`
`
`
`
`
`
`
`
`
`
`that owner would suffer a fate similar to that of users of the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`prior art devices. Therefore, according to the invention, a
`
`
`
`
`
`
`
`default password can be provided. To enable password
`
`
`
`
`
`
`
`
`
`
`
`protection for the first time,
`the user inputs this default
`
`
`
`
`
`password to the change instruction.
`Whena user enters the Password-Send commandinto the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`computer 10 it transfers the password string to the device
`100. The device 100 comparesthis string with its recorded
`
`
`
`
`
`
`
`
`
`
`string (if password protection been previously invoked) and
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`enables normal operation if the password is valid. This
`
`
`
`10
`
`
`
`
`20
`
`
`25
`
`
`30
`
`
`35
`
`40
`
`45
`
`350
`
`
`
`55
`
`
`60
`
`
`65
`
`
`
`Page 9 of 10
`
`6
`
`
`
`
`
`
`
`
`
`
`
`commandalsosets an error condition if the password is not
`
`
`
`
`
`
`
`valid (and password protection has been previously
`invoked). It does not compare passwords if password secu-
`
`
`
`
`
`
`
`
`tity is not enabled. The device 100 will function normally
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`until a reset (soft or hard) is generated. After a reset, this
`
`
`
`
`
`command must be issued again.
`
`
`
`
`
`
`
`
`When the user wishes to disable the password security
`feature, he or she enters a Password-Disable into the eom-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`puter 10, the computer 10 transfers the passwordstring to
`
`
`
`
`
`
`
`
`
`the device 100. If the password is valid, password protection
`
`
`
`
`
`
`
`
`
`
`is disabled. The password is write only from the system 10
`to the file 100.
`
`
`
`
`
`
`
`
`
`
`
`
`
`There are two classes of passwords: (1) Write protection
`(read-only); and (2) Read/Write protection. In the case of
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`write protection passwords, the device 100 is fully opera-
`
`
`
`
`
`
`
`
`
`
`tional, with the exception that any write or format operations
`
`
`
`
`
`
`
`
`
`are disabled. In the read/write protection mode, the device
`
`
`
`
`
`
`
`
`
`
`100 is rendered useless to those without knowledge of the
`
`
`
`
`
`
`
`
`
`
`password. Theft of the device would not allow the rightful
`
`
`
`
`
`
`
`
`
`
`
`
`
`ownerto use the device 100, but the thief is both unable to
`use the device and to access the data contained therein. The
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`“identify drive” command remains operable so that it may
`
`
`
`
`
`
`
`
`
`be used to indicate whether password protection is active.
`
`
`
`
`
`
`
`
`
`To indicate that card 100 is password protected, a unique
`
`
`
`
`
`
`
`
`
`
`string of characters is returned from the card 100 to the
`
`
`
`
`
`
`
`
`computer 10 (within the ID DRIVEinformation block). This
`
`
`
`
`
`
`
`
`
`provides a standard method for the computer system 10 to
`
`
`
`
`
`
`
`
`determine whether it must supply a password (via the
`
`
`
`
`
`
`
`password command)to continue operation with the storage
`device.
`
`Host systems that are password aware may lookat this
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`data field prior to attempting access, and determine whether
`
`
`
`
`
`
`
`
`
`
`
`the password is required to be issuedto the drive. Preferably,
`
`
`
`
`
`
`
`
`
`
`this issuance will be accomplished via system promptofthe
`user.
`
`In a preferred embodiment, the password and a password
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`enabling flag are stored in the media 102itself, along with
`
`
`
`
`
`
`
`
`
`the protected data, rather than with the control electronics.
`
`
`
`
`
`
`
`
`
`This provides an inereased level of security because a
`
`
`
`
`
`
`
`
`sophisticated thief would be prevented from replacing the
`
`
`
`
`
`
`
`
`
`
`control electronies on the target device with those of a
`
`
`
`
`
`
`
`
`
`similar but unprotected device (or one with a known pass-
`
`
`
`
`
`
`
`
`
`
`In other words,
`if the password is part of the
`word).
`
`
`
`
`
`
`
`
`electronics instead of the media,
`the electronics can be
`
`
`
`
`
`
`
`
`
`
`switched to gain access to the media. The electronics and the
`
`
`
`
`
`
`
`
`
`
`media are easy to separate as a result of the manufacturing
`
`process.
`The controller firmware does not allow user access to the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`password storage area of the media. Design verification
`
`
`
`
`
`
`
`testing should provide assurance that the user commands
`
`
`
`
`
`
`
`
`range check their parameters to prevent unintendedaccessto
`this area (such as a negative array subscript).
`
`
`
`
`
`
`
`
`In order to deal with cases where the ownerofthe pe card
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`100 loses the password a “backup” password may