United States Patent [191
`Real-don
`
`HlllllllllllllllllllllllllIllllIllllllllllllllllllllllllllllllllllllllllll
`
`US005434562A
`[11] Patent Number:
`[45] Date of Patent:
`
`5,434,562
`Jul. 18, 1995
`
`[54] METHOD FOR LIIVIITING COMPUTER
`ACCESS To PERIPHERAL DEVICES
`
`5,313,639 5/1994 Chao ............................ .. 340/ 825.31
`FOREIGN PATENT DOCUMENTS
`
`[76] Inventor‘ gagggéllge‘gldogz’7ighiothnghami
`p
`’
`I
`[21] APPI- No" 89,637
`[22] Filed:
`Jul. 12, 1993
`
`59-128638 11/1984 Japan .
`Primary Examiner—Donald J. Yusko
`Assistant Examiner-Gregg V. Miller
`[57]
`ABSTRACT
`
`[63]
`
`.
`.
`Related U'S' Apphcatlon Data
`Continuation of Ser- No- 755,866, Sep- 6, 1991, aban-
`dohed-
`[51] Int. Cl.6 ............................................. .. G07D 7/00
`[52] US. Cl. .................... .. 340/825.34- 340/825.31-
`'
`’
`380/‘;
`[58] Field of Search .................... .. 340/82531 825.32
`340/825 34 8255 {80/4 25’
`'
`’
`’
`’
`References Cited
`US' PATENT DOCUMENTS
`_
`3652/5122
`4,617,650 10/1986 Monno et a1. .................
`40/8386”
`gaging et a1‘
`380/4
`S’OIZ’SM 4/1991 R2;
`340/825.31
`5,144,659 9/1992 Jones ..... ..
`.......... .. 380/4
`5,144,660 9/1992 Rose
`5,289,540 2/1994 Jones ............................ .. 340/ 825.31
`
`[56]
`
`One or more user accessible switches are provided by
`which the authorized user may fully or partially limit
`the computer’s access to one or more of its peripheral
`devices. The switch inhibits power or control lines to
`the pe?Pheiml device’ °r_enab1es the, Programming of
`mess hmhs t° the PhhPheral de‘hcei “1 a manner
`which cannot be overridden by the computer. This
`added level Of °°htr°1 allows the “Sch ‘0 comm‘ the
`computer’s activities so that access to these peripheral
`devices is allowed only under secure conditions, so as to
`preclude alteration or destruction of data by unautho
`rized users or computer viruses. Methods are disclosed
`by which the switches can render peripheral devices
`totauy inactive’ or made to be temporarily reacLonly)
`write-only, or write-once in order to implement a num
`her or security protocols for single or multi-user envi
`rohmehts‘
`
`20 Claims, 1 Drawing Sheet
`
`52
`
`T0
`5111?:
`
`5 1
`
`TO
`PERIPHERAL
`DEVICE
`
`Palo Alto Networks, Inc. - Exhibit 1094 - Page 1
`Palo Alto Networks, Inc. v. Finjan, Inc., IPR2016-00159
`
`

`
`US. Patent
`
`July 18, 1995
`
`5,434,562
`
`A Method For Limiting Computer Access to Peripheral Devices
`
`FIG .
`
`'1
`
`52 Q-
`
`‘301%’;
`SUPPLY
`
`+5 v
`“2 v
`GND 8
`GND A
`
`53
`I/
`I:
`
`I
`
`51
`E
`Pang-15ml.
`
`DEVICE
`
`+v
`
`FIG. 2
`
`21
`
`22\ %
`
`+v M
`READ SELECT
`
`D_
`
`READ SELECT BUF F ERED
`
`WRITE SELECT BUFFERED
`
`WRITE SELECT-—[
`‘>0
`D-T ONE SHOT —-—- ALARM
`24/
`23
`
`24
`
`"RITE ERROR
`
`WRITE ERROR BUFFERED
`
`FIG. 3
`3Q,_\
`
`CONTROL
`SIGNALS
`
`E
`
`3% CARD ‘—_———__ D
`
`3L
`\
`
`_
`
`C
`
`g 1) (gang
`
`2001
`
`1001
`
`1000
`
`BUS
`
`CPU
`
`HARD DRIVE
`PARTITIUNS
`
`O
`
`Palo Alto Networks, Inc. - Exhibit 1094 - Page 2
`Palo Alto Networks, Inc. v. Finjan, Inc., IPR2016-00159
`
`

`
`METHOD FOR LIMITING COMPUTER ACCESS
`TO PERIPHERAL DEVICES
`
`5
`
`This application is a continuation of patent Ser. No.
`07/755,866, ?led Sep. 6, 1991, now abandoned.
`BACKGROUND~FIELD OF INVENTION
`This invention relates to computer security measures
`and to the prevention of unauthorized reading or alter
`ing of computer data by individuals or programs operat
`ing on a computer. Speci?cally, this invention describes
`a means and process by which the authorized user of a
`computer can protect data and programs stored in pe
`ripheral devices, such as mass storage media, from alter
`ation or deletion by malicious persons, or computer
`“virus” programs, or accidents initiated by unskilled
`persons. This end is achieved by providing the autho
`rized user with a switch whereby the user can com
`pletely or partially disable the peripheral device with
`out disrupting the operation of the computer or other
`peripherals. Alternatively, the switch may disable write
`access to the peripheral device, such as a widely used
`computer harddrive, but allow the device to be read.
`This invention is particularly useful in multi-user
`25
`environments, such as those in a university computer
`lab, wherein only a computer supervisor is authorized
`to add programs and data to a mass storage peripheral
`device and other users are authorized only to read pro
`grams and data from the storage device. In this exam
`ple, the computer supervisor would have a key with
`which he could gain access to write new information
`onto a harddrive and then could “look out” write access
`so that students would be unable to accidentally or
`maliciously load a “virus” program onto the computer
`system.
`This invention is also useful for persons who desire to
`evaluate new software but are afraid that by doing so
`they will be exposing their computer system to infection
`with a computer virus. By locking out write access to
`their computer’s harddrive, the system is “safe” and the
`suspect program can be run without risk of it causing an
`infection which may later cause loss or disruption of
`programs and data.
`By providing complete user control over a comput
`er’s access to its peripheral devices, this invention al
`lows the user to implement greater security precautions
`against unauthorized programs or users. These options
`include limiting read and write access to the peripheral
`device, and the ability to con?gure the peripheral de
`vice so as to make all or portions of the device appear to
`the computer as a read-only, write-only, or write-once
`peripheral device.
`Background-Description of Prior Art
`Protecting computer data and programs from unau~
`thorized copying, destruction, or alteration is a major
`concern for governmental agencies, businesses, educa
`tional institutions, and individual users. In addition to
`protecting valuable data from spies or malicious pro
`grammers, there is a need to protect data from com
`puter “virus” programs which can infect a system and
`cause damage at some later date.
`Numerous computer security programs have been
`written to provide a large variety of features to protect
`computer data. These include such features as password
`protection, restricted access to speci?ed ?les, limited
`menu options, checksum veri?cation, and scanning for
`
`35
`
`40
`
`45
`
`55
`
`60
`
`65
`
`1
`
`5,434,562
`
`2
`known virus programs or virus-like activities. The
`major shortcoming of these computer security pro
`grams is that they must operate within the computer’s
`working memory space, its RAM. This means the secu
`rity software is susceptible to other forms of software
`which can defeat the programs security measures.
`The distinct advantage of the present invention is that
`it is a hardware security device which cannot be by
`passed or defeated by software or keyboard program
`ming.
`Another advantage of the present invention is that it
`would allow the computer to be booted from a ?oppy
`and used as a ?oppy disk system, by either totally or
`partially inhibiting the hard drive. This feature may be
`of special interest in some multi-user situations.
`For example, in a home environment, a father could
`lock out the harddrive so as to allow his children to
`boot up the computer and run games from a potentially
`“virus” infected floppy disk without risk that child or
`“virus” will intrude upon or damage any of his business
`programs or ?les on the hard drive.
`Similarly, in a university setting, the present inven
`tion could be used to make the mass storage media
`“read only,” thus allowing the students to read neces~
`sary data and programs from the hard drive but block
`out any attempts to write to the hard drive, thus forcing
`all student created ?les and documents to be stored on
`removable ?oppy diskettes. Alternatively, this process
`could be implemented to provide read only access to a
`protected portion of the harddrive which contains the
`executable programs and allow write access only to an
`unprotected portion of the harddrive dedicated to data
`storage.
`
`SUMMARY OF INVENTION
`The object, advantages, and features of the present
`invention are:
`(a) to provide a computer user with a method for
`protecting a computer’s security software from
`probing, alteration, bypass, or deletion;
`(b) to provide a computer user with a method for
`protecting a computer’s mass storage media from
`corruption by an unauthorized user or computer
`“virus”;
`(c) to provide user accessible switches by which the
`user can restrict the computer’s access to all or
`portions of computer’s peripheral devices.
`(d) to provide an alarm means to notify users of an
`unauthorized attempt to write to a computer’s pe~
`ripheral devices, wherein such an attempt may
`indicate that a computer virus~like activity is taking
`place.
`These and other objects are accomplished in accor
`dance with the present invention by providing one or
`more user activated switches, which may be of a key
`locking type, which‘ totally or partially disable the com
`puter’s access to peripheral devices such as mass storage
`media or network communications.
`
`BRIEF DESCRIPTION OF DRAWINGS
`FIG. 1 is a schematic drawing of a power intercep
`tion circuit between a host computer’s CPU and a pc
`ripheral mass storage device.
`FIG. 2 is a schematic drawing of electronic circuit
`which can block all write accesses to a typical personal
`computer’s harddrive whenever selected to do so by a
`user activated switch.
`
`Palo Alto Networks, Inc. - Exhibit 1094 - Page 3
`Palo Alto Networks, Inc. v. Finjan, Inc., IPR2016-00159
`
`

`
`5,434,562
`3
`4
`storage of con?guration data which would fully or
`FIG. 3 is a block drawing which shows the relation
`partially disable the CPU’s access to portions of the
`ship between a peripheral device such as a harddrive,
`peripheral device.
`the peripheral’s controller card, and access switches
`6) activate an electronic signal which would be de
`which limit the computer’s access to the peripheral
`device, and the computer’s central processing unit.
`tected by the CPU and would enable sections of
`the BIOS code stored in ?rmware whereby this
`BIOS code would fully or partially limit access to
`at least on peripheral device.
`The following discussion describes these various em
`bodiments in greater detail.
`
`10
`
`25
`
`DESCRIPTION OF INVENTION
`For the purpose of this discussion, peripheral devices
`shall mean any device external to the central processing
`unit (CPU) of a computer, including mass storage media
`devices such as hard disk drives and their controllers,
`computer network interface cards, and other I/O de
`vices. The term controller card refers to the electronics
`associated with the peripheral device which interface
`the device with the host computer, interpret the host
`computer’s commands, and controls the peripheral de
`vices activities, this controller card circuitry may be
`embedded in the peripheral device or remotely situated
`and in communication with the peripheral device. The
`term computer virus, or simply virus, refers to any
`potentially destructive computer program which may
`cause malfunction of the computer, corruption of ?les,
`loss of data, or other unwanted and unexpected results.
`The term unwanted memory loss refers to the condition
`of damaged, lost, or altered memory locations due to
`computer virus activity or accidental or malicious dam
`age caused by person with access to the computer.
`This invention describes a means and process by
`which to disable the computer’s access to all or part of
`a computer’s memory system or associated peripherals,
`30
`so as to protect the computer from computer virus
`infections when using new or untested software. In
`addition, this invention can prevent erasure, alteration,
`or other damage to ?les stored on a harddrive or net
`work due to accidental, negligent, or malicious behav
`ior of persons with access to the computer.
`The present invention achieves these ends by totally
`or partially disabling access to peripheral devices which
`may be subject to unwanted memory loss, typically
`these are mass storage media devices such as a hard
`drive. Typically, the disabling of the peripheral device
`is executed by the user operating a switch, which may
`be of a keylocking type, which fully or partially disables
`the peripheral device as long as the switch is activated.
`While this invention can be realized in many con?gura
`tions which are familiar to persons practiced in elec
`tronics, six principle methods for implementing of this
`device are illustrative of the scope of this invention. The
`switch may be con?gured to either
`1) physically disconnect the power supply to the mass
`storage media device and/or the communication
`link to the network;
`2) physically disconnect control lines to the mass
`storage media device so as to disable all writing
`functions; or
`3) activate an electronic signal which would electron
`ically disconnect, block, or buffer control signals to
`or from the harddrive and/ or network interface so
`as to selectively block write activity to all or part
`of the harddrive or network.
`4) activate an electronic signal which would be de
`tected by the peripheral device’s controller which
`would then fully or partially disable portions of the
`peripheral device according to the predetermined
`de?nition associated with that switch.
`5) activate an electronic signal which would be de
`tected by the peripheral device’s control processor
`which would then enable the con?guration and
`
`EMBODIMENT l
`The simplest, but least selective, means for achieving
`the ends described above is shown in FIG. 1. This draw
`ing shows a means for intercepting and interrupting the
`power to a typical harddrive peripheral device in a
`common variety of personal computers. In this typical
`example, the harddrive receives its power from a four
`pin connector to the computer’s central power supply.
`Normally, the harddrive is powered on whenever the
`computer is on, and powered off whenever the com
`puter is off. If, however, the harddrive is connected to
`connector 51 in FIG. 1, and the computer’s central
`power supply output is connected to connector 52, then
`the user can selectively poweroff the harddrive by
`switching switch 53 to the disconnected position with
`out disrupting the computer’s normal operation. As
`long as switch 53 is in the disconnected position, the
`computer can be used, even with computer virus in
`fected software, without risk of infecting or damaging
`information stored on the harddrive.
`Switch 53 may be of a key locking type which is
`positioned in some accessible location so that the user
`can conveniently reach it.
`In a typical application, a parent who uses a home
`computer for business applications may use this inven
`tion to turn off the harddrive and lock it out so that
`children may experiment with the computer and oper
`ate new, unusual, and highly suspect programs, without
`risk of damaging important business information.
`In another typical application, a computer user who
`enjoys experimenting with new software traded among
`friends or loaded down from electronic bulletin boards,
`can use switch 53 to safeguard his harddrive from com
`puter viruses while at the same time enjoying the indis
`criminate use of programs which come from unknown
`or suspicious origins.
`
`EMBODIMENT 2
`The same ends can be achieved with a slight variation
`on the power switching method illustrated in FIG. 1. In
`this variation of the present invention the switch would
`physically disconnect the control lines to or from the
`peripheral controller. Typically this would involve the
`ability to disconnect the device select, write select lines,
`or other access signals which the controller uses to
`enable access to the peripheral device. When one or
`more of these control signals is disconnected, the com
`puter would be able to run normally but would not be
`able to write information to the peripheral device.
`
`EMBODIMENT 3
`
`A more expensive, but more selective, means of
`achieving the above goals would involve the electronic
`switching of control signals to the peripheral device.
`An example illustrative of this means is shown in FIG.
`2. This embodiment of the present invention would
`allow the user to selectively disable write access to a
`
`35
`
`40
`
`45
`
`55
`
`65
`
`Palo Alto Networks, Inc. - Exhibit 1094 - Page 4
`Palo Alto Networks, Inc. v. Finjan, Inc., IPR2016-00159
`
`

`
`5,434,562
`5
`peripheral device such as a harddrive, while selectively
`maintaining the option to read data from the peripheral
`device. In addition, this electronic means demonstrates
`two optional features which would aid in the testing of
`software to identify the existence of computer viruses.
`As shown in FIG. 2, switch 21 is used to alter an
`electronic logic level which is logically AND’ed with
`the normal write select signal to the peripheral device,
`such as a harddrive. When switch 21 is in the open
`position, a logical l is generated and the computer has
`normal access to the peripheral device. When switch 21
`is in the closed position, a logical 0 is generated, the
`write select signal is blocked, and the all write access to
`the peripheral device is inhibited.
`For the purpose of identifying improper user activity
`or the presence of a computer virus, it may be desirable
`to alert the user that a write command was attempted
`whenever switch 21 is in the closed position. For this
`purpose, the inverted signal from switch 21 is logically
`AND’ed with the write select signal to trigger a retrig
`gerable oneshot logic device, 23, which in turn would
`sound the alarm, 24, for a minimum period of time.
`As an additional option, the oneshot 23 could be
`con?gured to beep the alarm a single time whenever
`switch 21 is activated in order to audibly notify the user
`25
`that the “quarantine” has been initiated. Another alter
`native would be to provide an LED which would re
`main lit whenever switch 21 is closed in order to pro
`vide a visual indicator to the user that write access to
`the harddrive is blocked and the “quarantine” is active.
`Neither of these two options are illustrated in FIG. 2.
`Normally, the optional switch 22 in FIG. 2 would be
`left in the open position so that whenever switch 21 is in
`the closed position, the computer would have normal
`read access to the peripheral device but would not be
`able to write to it. However, in some circumstances the
`user may wish not only to protect ihe peripheral device
`from alteration but also wishes to lock out others from
`examining its contents. Switch 22 is provided for this
`circumstance. If it is desired to con?gure the electronics
`to also block read access to the peripheral whenever
`switch 21 is in the closed position, switch 22 is set to a
`closed position.
`FIG. 2 also illustrates one additional optional feature,
`namely a feedback write error signal to the computer,
`or the peripheral’s controller. In a typical application
`where the write select to a harddrive is blocked, the
`computer may think that it is successfully writing data
`to the harddrive. This may be a useful feature for trick
`ing a computer virus into believing that it is successful
`in its write attempts. However, in some applications it
`may be desirable to alert the computer, and thereby the
`user, that write access is being blocked so that they can
`take corrective measures if necessary. Therefore, if a
`write error signal is desired, the inverse signal from
`switch 21 can be logically AND’ed with the write select
`signal to produce a logical 1 whenever a disallowed
`write attempt is made, which in turn can be logically
`OR’ed with the normal write error signal which is pro
`vided from the peripheral device so that the computer
`or controller will be noti?ed that the write attempt did
`not succeed. Other control signals can be similarly con
`trolled for similar or varied effects which achieve the
`same function of protecting data on the harddrive in all
`or some locations.
`The circuitry of this embodiment could be added to
`the controller card for the peripheral at little cost dur
`ing the time of design and manufacture. Alternatively,
`
`35
`
`6
`this circuitry could be placed on a separate expansion
`card as is typically used in personal computers, with the
`control cable extending from the controller card, which
`would normally be plugged directly into the peripheral
`device, being plugged instead into this separate expan
`sion card. Another control cable, including the inter
`cepted and buffered control signals, would then extend
`from the separate expansion card, containing the cir
`cuitry described in this embodiment of the present in
`vention, to the peripheral device.
`This embodiment of the present invention serves all
`of the above stated purposes but can also be used in
`additional applications. For example, a computer super
`visor in a business could lock out write access to the
`harddrive so that staff can use the programs on the
`harddrive but not load unauthorized programs onto the
`harddrive. Users would be forced to save data ?les to
`unprotected media, such as diskettes. In another appli
`cation, an individual can temporarily “quarantine” the
`harddrive by making it “read-only” while evaluating
`new software which may be infected with a computer
`“virus.”
`
`EMBODIMENT 4
`FIG. 3 represents another embodiment of this inven
`tion which is illustrative of the scope of the invention.
`In this embodiment, the electronics and microcontroll'
`ers already present on the peripheral device’s controller
`card would directly read and interpret the switches to
`carry out the processes disclosed in this invention. This
`arrangement is especially bene?cial since it adds little or
`no cost to the consumer and manufacturer, and at the
`same time provides the user with increased flexibility in
`controlling access to all or part of the peripheral device.
`The typical controller card is already capable of in
`terpreting commands from the computer and imple
`menting the appropriate read and write functions to the
`peripheral device. Typically, these actions of interpret
`ing commands and implementing responses are under
`the control of a prede?ned logic circuit or a program
`mable microcontroller which operates a program from
`its ?xed memory. In order to implement the present
`invention most effectively and at least cost, only a slight
`modi?cation of the controller card is necessary. This
`modi?cation would involve the addition of one or more
`switches which are read into the controller card’s cir
`cuitry as additional control or con?guration signals.
`The means for implementing the reading of these
`switches, and logically combining them to produce the
`desired results in either hardware logic or ?rmware
`programs are standard practices for all electronic and
`software designers, therefore no detailed explanation
`for the buffering of the switch signals is necessary.
`These switches, may be of a toggle or key locking
`type, or may be implemented as a bank of miniature
`DIP switches in cases where there are a mutiplicity of
`options to partially disable access to the peripheral, or a
`combination of the above. In the typical application,
`these switches would be in a location easily accessible
`to the user on the outside of the computer. These
`switches might be advantageously located for accessi
`bility on the front panel of the computer case, near or on
`the face of the harddrive, for example, or they may be
`placed on the cover plate for the controller card which
`?ts in an expansion slot, such as is common for IBM
`compatible computers. Other locations of convenience
`would be immediately obvious to computer and periph
`eral device designers.
`
`45
`
`55
`
`65
`
`Palo Alto Networks, Inc. - Exhibit 1094 - Page 5
`Palo Alto Networks, Inc. v. Finjan, Inc., IPR2016-00159
`
`

`
`7
`Activation of these switches would allow the user to
`override the computer’s instructions to the controller
`card for the peripheral device. For example, a user
`operated switch could be pre-de?ned to block all read
`and write access to all or a portion of the peripheral
`device. When this switch is activated, the controller
`logic circuit, or ?rmware, would ignore any commands
`coming from the computer to access the restricted por
`tions of the peripheral device.
`For the purpose of demonstrating the scope and
`power of this embodiment of the present invention, an
`example utilizing several switches to override computer
`access to a harddrive is described below and illustrated
`in block form in FIG. 3.
`In this example, the harddrive is partitioned into 3
`logical drives which are addressed by the computer as
`drives, C, D, and E. Each logical drive represents a
`portion of the physical harddrive which lies between
`speci?ed sectors or addresses. For example, logical
`drive C may include sectors 0 through 1000, drive D
`20
`sectors 1001 to 2000, and drive E sectors 2001 to 3000.
`When all four switches are in the off position, the con
`troller card will allow the CPU to have normal, unlim
`ited, read and write access to the harddrive.
`When switch 30 is activated, the controller card’s
`25
`logic will force it to ignore all write commands to the C
`partition. This effectively makes the C partition read
`only. When switch 31 is activated, the controller card’s
`logic will ignore all read and write commands to parti
`tion D. This effectively makes partition D completely
`inaccessible to the CPU. When switch 32 is activated,
`the controller card blocks all read commands to the E
`partition. This effectively makes partition E a write
`only partition, the usefulness of which will be described
`below. Finally, when switch 33 is activated, the con
`troller card disables certain normal commands and ena
`bles new functions. Namely, when switch 33 is acti4
`vated the controller card ignores all commands to write
`over previously written blocks of data. This may in
`clude blocking out of any format command, and any
`erase, delete or copy over commands. This would effec
`tively make the entire drive, or selected partitions, a
`write-once media. This means that once data is written,
`it cannot be altered as long as switch 33 is active. If a
`data ?le is changed, it must be saved to a new ?le name
`45
`in a new, unused portion of the partition.
`An example of how these functions would be used,
`and why they are useful follows. In this example, as
`sume that a government agency is sending out auditors
`which must record and report sensitive information
`from a number of private businesses. Each auditor is
`supplied a portable computer, with a harddrive, and the
`access restriction switches described above. The audit
`software and a menu system which automatically loads
`onto the computer whenever the computer is turned on
`55
`are loaded by the program supervisor onto partition C
`of each portable computer. Keylock switch 30 is acti
`vated and locked on before the unit is given to the
`auditors. This effectively guarantees that the auditor
`will not be able to load other, unauthorized programs
`60
`onto the partition C thus risking doing damage to the
`computer’s con?guration for its assigned task.
`Also, prior to issuing the portable computers to the
`auditors, switch 31 is activated to “turn off’ partition D,
`which may contain programs and data which are used
`65
`only when the auditor has returned from the ?eld. For
`example, such programs may include communication
`software which is used to download the ?eld informa
`
`5,434,562
`8
`tion to the agencies main-frame computers. These pro
`grams are not needed in the ?eld and so read and write
`access to this partition is completely blocked.
`In addition, switch 32 may be locked into position.
`This causes partition E to temporarily become a write
`only drive. This may be useful as a means to protect
`sensitive information gathered in the ?eld from being
`view or downloaded once it is entered into the system
`by the auditor. For example, the auditor goes to Busi
`ness A and conducts his audit using the programs stored
`on the “read-only” partition C. Upon exiting the pro
`gram, the ?eld data is written to the “write-only” drive
`E. Now, as the auditor goes to Businesses B through J,
`this information cannot be retrieved for display or
`copying by persons who may gain access to the audi
`tor’s computer, since switch 32 has blocked all read
`attempts to this data. This sensitive information can be
`retrieved only upon return to the central agency where
`the project supervisor has the key to disable the “write
`only” function caused by switch 32. Only then can the
`data be read and downloaded into the agencies main
`frame.
`In addition, the program supervisor may wish to
`audit the performance of the auditors, or prevent the
`auditors or other persons from accidentally or mali
`ciously overwriting data, erasing data, or reformatting
`the harddrive while it is in the ?eld. In this case, switch
`33 can be activated which would make the entire drive,
`or at least partition E a “write once” drive. Now, a
`history of all data which was written to the drive is
`preserved and can be examined upon return to the cen
`tral agency of?ce. After the information is reviewed
`and downloaded to the agency’s main-frame, switches
`33 and 32 can be disabled and partition E can be com
`pletely erased in preparation for the next ?eld audit.
`
`EMBODIMENT 5
`Another embodiment of this invention would provide
`the peripheral device control processor with a user
`activated con?guration switch. When the switch is
`activated, the peripheral device can be con?gured with
`whatever access restrictions are desired. The con?gura
`tion is saved in nonvolatile memory and the switch may
`be deactivated. The saving of the con?guration infor
`mation can take place before or after the switch is deac
`tivated. Thereafter, the peripheral device control pro
`cessor will allow the CPU only the accesses for which
`it was previously con?gured. By repitition of the above
`steps, the user can recon?gure the peripheral devices’
`access limitations as security needs change. Computer
`programmers will immediately recognize many ways to
`implement security software which can employ the
`con?guration switch disclosed in this invention. Com
`mercial security programs which allow user con?gura
`tion, but lack a user accessible con?guration switch,
`include Protec by Sophco, Totalsafe by EliaShim, and
`Cetus by FoundationWare. Jones (US. Pat. No.
`5,144,659) has provided a detailed ?owchart for soft
`ware con?guration of a CPU-independent, programma
`ble security device for harddrives——though again lack
`ing the user accessible con?guration switch disclosed,
`herein. Thus, for those skilled in the art, the software
`implementation of the con?guration switch is simple
`and an obvious two step process: At an appropriate
`juncture, prior to allowing recon?guration of the secu
`rity protocol, 1) read the state of the con?guration
`switch, and 2) if it is in the correct state, allow the
`con?guration process to continue.
`
`Palo Alto Networks, Inc. - Exhibit 1094 - Page 6
`Palo Alto Networks, Inc. v. Finjan, Inc., IPR2016-00159
`
`

`
`As an example of this embodiment, assume that a
`harddrive is provided with a key locked con?guration
`switch and con?guration software. When ‘the con?gu
`ration software is run, the software checks for a prede
`termined flaw in the diskette to verify that the operator
`has access to the original diskette, a ?rst level of secu
`rity. A password is required to enter the con?guration
`menu, a second level of security. The user is then in
`structed to activate the key lock using the provided key,
`a third level of security. While the key lock is activated,
`a menu is presented whereby the user can make certain
`partitions or sections, subdirectories, or even speci?c
`?les or groups of ?les such as executable program ?les,
`either unrestricted, inaccessible, read-only, not-reada
`ble, write-only, or write-once. After the con?guration
`has been entered, the menu is exited and the user is
`instructed to deactivate the key lock, remove the key,
`and store the key in a safe location. At a convenient
`juncture suited to the security protocol requirements,
`the con?guration parameters are stored in non-volatile
`memory or written to a reserved section of the hard
`drive. Thereafter, whenever the harddrive is powered
`on, the control processor reads the con?guration pa
`rameters into its working memory and restricts the
`CPU’s harddrive access accordingly. If the CPU at
`tempts to access a restricted zone or ?le, or attempts to
`erase or modify a read-only ?le, an alarm may sound