`Goodman et al.
`
`[75]
`
`[54] SECURITY SYSTEM FOR A STAND-ALONE
`COMPUTER
`Inventors: Michael K. Goodman, Tustin; Farzad
`Noorbehesht, Aliso Viejo; Charles F.
`Raasch, Lake Forrest, all of Calif.
`[73] Assignee: AST Research, Inc., Irvine, Calif.
`[21] Appl. No.: 79,630
`[22] Filed:
`Jun. 18, 1993
`[51]
`Int. Cl.6 ............................................... H04L 9/32
`[52] U.S. Cl ............................................ 380/25; 380/4
`[58] Field of Search ............................... 380/4, 44, 25;
`364/252.3, 252.4, 252.7, 958, 958.l, 958.4
`References Cited
`U.S. PATENT DOCUMENTS
`4,942,606 7/1990 Kaiser et al ............................. 380/4
`5,212,729 5/1993 Schafer ................................... 380/4
`5,222,133 6/1993 Chou et al .............................. 380/4
`5,265,163 11/1993 Golding et al ........................ 380/25
`5,297,200 3/1994 Murray ................................... 380/4
`
`[56]
`
`/()5
`
`DISPLAY
`
`,...-12()
`
`I lllll llllllll Ill lllll lllll lllll lllll lllll lllll lllll lllll llllll Ill lllll llll
`US005402492A
`5,402,492
`[11] Patent Number:
`[45] Date of Patent: Mar. 28, 1995
`
`Primary Examiner-Gilberto Barron, Jr.
`Attorney, Agent, or Firm-Knobbe, Martens, Olson &
`Bear
`
`[57]
`ABSTRACT
`A security system for stand alone and portable com(cid:173)
`puter hosts which utilizes both a hardware key and a
`password key to enable-access to the computer host.
`The entry of the password key and the hardware key is
`monitored by the keyboard controller. The keyboard
`controller alters a status bit during the POST portion of
`the host code if access is granted. The host security is
`divided into two levels of security, a first administrative
`level and a second user level. The administrative level is
`accessible by the entry of a first password or by the
`hardware key and enables access to all levels of the host
`SET-UP configuration. The user level is accessible by
`the entry of a second password and only enables access
`to a limited portion of the setup configuration.
`
`17 Claims, 16 Drawing Sheets
`
`/'()f!
`
`/
`r------~--------------------1
`I
`I
`I
`I
`I
`I
`RAM
`CONTROLLER "-__,__,,,1
`
`202
`
`HOST/CORE
`INTERFACE
`
`200
`
`20./
`
`CORE
`8-BIT
`CPU
`
`!./()
`
`15()
`
`211
`
`2()5
`
`KEYBOARD
`SCANNER
`
`INTERRUPT
`CONTROLLER 208
`
`I
`I
`I
`I
`I
`L---------------------------~
`
`222
`
`22()
`
`MEMORY
`
`2J()
`
`ELECTRONIC
`KEY
`
`125
`
`IPR2017-00430
`UNIFIED EX1016
`
`
`
`/()()
`
`120
`
`//()
`
`HOST
`
`115
`
`DISPLAY
`
`/()5
`
`FIG./
`
`,-----~--------1
`I
`I
`I KEYBOARD I
`I
`1-1d
`I
`I
`I
`I
`I
`~1
`~
`I
`I NON-VOLATILE r 125
`I
`I
`MEMORY
`I
`I
`L __ . _____________ J
`
`ctJ5
`
`15()
`
`/5()
`
`Cj
`•
`rLJ. •
`l"C
`
`~ a
`
`~
`
`1:-.)
`!'J
`"""" ~ (II
`
`r a
`
`~
`
`"""" Q
`"""" °'
`
`...
`(.11
`.i;:.
`0
`...
`N
`~
`N
`
`
`
`DISPLAY
`
`/()5
`
`115
`//{)
`
`I
`
`I
`
`l
`
`I
`
`HOST
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`I.ti()
`
`15()
`
`/ / ( ) ( )
`
`..... - 12()
`
`/
`r------~-------------------
`1
`I
`
`.-2()2
`
`,.-2()()
`
`HOST/CORE
`INTERFACE
`
`CORE
`8-BIT
`CPU
`
`RAM
`CONTROLLER (\.
`
`211
`
`2()6'
`
`KEYBOARD
`SCANNER
`
`1/0
`CONTROL
`
`I
`
`r
`
`>,...
`KEYBOARD
`
`I
`
`IJ5
`
`INTERRUPT
`CONTROLLER
`
`2 ()8
`
`I
`
`I
`
`155/ I
`I
`I
`I
`I
`I
`I
`I
`L---------------------------~
`
`FIG.2
`
`222
`
`1
`
`:
`I
`I 16'()
`I I
`
`22()
`
`MEMORY
`
`I
`
`~ELECTRONIC
`NON-VOLATILE I
`
`r2J()
`
`/J()
`
`KEY
`
`-
`
`MEMORY
`
`125
`
`~ •
`rJJ. •
`~ a.
`~ a
`
`a:
`~
`N
`"' ...
`QC
`~
`UI
`
`00.
`t="
`(I)
`
`(I) -N
`Q ....., ...
`°'
`
`(.II
`
`...
`
`~ = ~ ...
`
`~
`~
`
`
`
`READ
`STATUS BYTE
`
`r
`
`JOO
`
`NO
`
`YES
`
`(j
`• 00
`•
`
`""d a ft) = "'*'
`
`~
`~
`~
`...
`QC
`1-ol
`IC
`IC
`Cl1
`
`00
`1:1"'
`(!)
`~
`CN
`e,
`1-ol °'
`
`...
`UI
`~
`0
`~ ....
`~
`~
`
`I
`
`J
`
`NO
`
`H
`
`FIG. 3A
`
`
`
`REQUEST VERIFY
`PASSWORD ROUTINE
`{FIG. 7)
`
`J()5
`
`READ STATUS
`BYTE
`
`JO#
`
`JOB
`
`NO
`
`J()7
`
`YES
`
`FIG. 38
`
`J/O
`
`ENABLE ADMIN
`LEVEL ACCESS
`'TO HOST COMPUTER
`
`JI-I
`
`ENABLE USER
`LEVEL ACCESS
`0 HOST COMPUTER
`
`COMPLETE
`BOOT OPERATIONS
`
`~ • 00. •
`"'C a.
`('D a
`
`~
`
`s::
`~
`~ ....
`~
`Cll
`
`00
`g'
`~
`
`~ e, ....
`°'
`
`...
`UI
`~ = ~ ...
`~
`
`~
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 5of16
`
`5,402,492
`
`INITIALIZE SYSTEM
`SECURITY ROUTINE
`
`4()()
`
`YES
`
`406
`
`SET
`ADMIN PASSWORD
`ESTABLIHED FLAG
`
`CLEAR
`ADMIN PASSWORD
`ESTABLISHED FLAG
`
`YES
`
`412
`
`SET
`USER PASSWORD
`ESTABLISHED FLAG
`
`410
`
`CLEAR
`USER PASSWORD
`ESTABLISHED FLAG
`
`418
`
`YES
`
`416
`
`CLEAR KEY ID
`ESTABLISHED FLAG
`
`SET KEY ID
`ESTABLISHED FLAG
`
`FIG. 4A
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 6of16
`
`5,402,492
`
`-120
`
`COMPUTE KEY ID AND
`ADMIN PASSWORD
`CHECKSUM
`
`-122
`
`NO
`
`COMPUTE USER
`PASSWORD CHECKSUM
`
`CLEAR ALL STORED
`PASSWORD AND
`KEY ID VALUES
`
`-128
`
`CLEAR ALL SECURITY
`ESTABLISHED FLAGS
`
`./JO
`
`CLEAR STORED
`CHECKSUM VALUES
`
`CLEAR USER
`PASSWORD
`STORED VALUE
`
`NO
`
`./JB
`
`CLEAR USER
`PASSWORD
`ESTABLISHED
`FLAG
`
`CLEARED STORED
`CHECKSUM
`VALUE
`
`YES
`
`i - - - - - - ' -1
`
`NO
`
`NO
`
`CALL RESET KEY
`SUB-ROUTINE
`(FIG 5)
`
`FIG. 48
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 7 of 16
`
`5,402,492
`
`452
`
`NO
`
`CALL RESET KEY
`SUB-ROUTINE
`{FIG. 5)
`
`NO
`
`YES
`
`456
`
`SET KEY ATTACHED
`TO PORT #2 FLAG
`
`YES
`
`450\
`
`SET KEY ATTACHED
`TO PORT # 1 FLAG
`
`458
`
`CALL
`READ KEY
`SUB-ROUTINE
`FIG. 6
`
`NO
`
`SET ADMIN ENTERED
`PASSWORD MATCH FLAG
`
`CLEAR USER ENTERED
`PASSWORD MATCH FLAG
`
`END
`
`FIG. 4C
`
`
`
`RESET KEY
`
`500
`
`SEND LOGIC LOW
`SIGNAL TO PS/2 PORT
`
`502
`
`50-1
`
`WAIT FOR
`SOOuSEC
`
`SEND LOGIC HIGH
`SIGNAL TO PS/2 PORT
`
`500
`
`(j
`•
`7J.J.
`•
`
`"'C i ~
`
`~
`~ ... IC
`
`~
`
`IC
`(IJ
`
`NO
`
`I
`
`YES
`
`/
`
`lUUUSl:.C
`
`..........
`
`I
`
`(Tl -QO
`00. =-(Tl
`0 ...., ... Q\
`
`FIG.SA
`
`UI
`
`... ..s;:.
`0
`~ ...
`~
`
`~
`
`
`
`515~ ~ ~Mt.uuvNo
`.,
`XPIRED
`HAS
`PS/2 PORT
`RESPONDED WITH
`LOGIC LOW
`SIGNAL
`
`I
`
`NO/ 250uSEC ""
`
`52()
`
`DISABLE COMMUNICATIONS
`WITH PS/2 PORT
`
`FIG.58
`
`SET KEY ERROR' ,,,..- 5J()
`FLAG
`
`(RETURN)
`
`5JI
`
`~ •
`00
`•
`
`""= a a
`
`~
`~
`~
`S'J
`1-l
`\C
`\C
`f.11
`
`rJ1
`1:1"' m m
`.....
`\C
`Q
`,.....,
`1-l
`Q\
`
`...
`C.11
`~
`0
`...
`N
`~
`\C
`N
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 10 of 16
`
`5,402,492
`
`__ _..._
`
`500
`ID
`
`READ KEY
`
`502
`
`RESET CRC VALUE
`
`504
`SEND READ KEY COMMAND
`TO PS/2 PORT
`
`505
`SET BYTE,COUNTER TO SEVEN
`
`508
`SET BIT COUNTER TO EIGHT
`
`510
`ADVANCE REGISITER BY 1 BIT
`512
`
`SEND LOGIC LOW
`SIGNAL FOR 1 0 µsec
`
`SEND LOGIC HIGH
`FOR 10 µsec
`
`518
`
`SET BIT HIGH
`
`520
`
`522
`
`WAIT FOR 50 µsec
`
`DECREASE BIT
`COUNTER BY ONE
`
`YES
`
`FIG. 6A
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 11 of 16
`
`5,402,492
`
`PERFORM CRC
`CHECK ON NEW DATA
`
`UPDATE CRC VALUE
`WITH NEW CRC DATA
`
`SAVE DATA BYTE IN
`KEY ID REGISTER
`
`6'26'
`
`6'28
`
`6'J()
`
`6'J2
`
`DECREASE
`BYTE REGISTER BY ONE
`
`YES
`
`6'J6'
`
`READ STORED
`CRC VALUE FROM KEY
`
`NO
`
`SET KEY ERROR FLAG
`
`6'./2
`CLEAR KEY ID VALUE
`READ FROM KEY
`
`FIG. 68
`
`YES
`
`RETURN
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 12 of 16
`
`5,402,492
`
`VERIFY PASSWORD
`
`700
`
`702
`
`SEND REQUEST TO
`HOST TO DISPLAY
`PASSWORD ENTRY PROMPT
`
`KEYBOARD CONTROLLER
`STORES USER ENTERED
`KEYSTROKES IN
`PASSWORD BUFFER
`
`YES
`
`NO
`
`YES
`
`71./
`
`SET USER
`ENTERED PASSWORD
`MATCH FLAG
`
`716'
`
`708
`
`SET ADMIN
`ENTERED
`PASSWORD
`MATCH FLAG
`
`CLEAR USER
`ENTERED
`PASSWORD
`MATCH FLAG
`
`720
`
`"-710
`
`CLEAR ADMIN
`ENTERED PASSWORD
`MATCH FLAG
`
`72J
`
`RETURN
`
`SET VERIFY
`PASSWORD FAIL
`FLAG
`
`FIG. 7
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 13 of 16
`
`5,402,492
`
`ESTABLISH KEY ID
`
`BOO
`
`CALL RESET KEY
`ROUTINE FOR PS/2
`PORT #1
`{FIG. 5)
`
`Bl./
`
`Bio
`
`CALL READ
`KEY ID ROUTINE
`FIG. 6
`
`STORE KEY ID IN
`· NON-VOLITILE MEMORY
`
`BIB
`
`SET KEY ID
`ESTABLISHED FLAG
`
`B20
`
`B21
`
`UPDATE KEY ID AND
`ADMIN PASSWORD
`CHECKSUM VALUE
`
`RETURN
`
`BIO
`
`CALL RESET
`KEY ROUTINE
`FOR PS/2
`PORT #2 FIG.5
`
`BO./
`
`SET ESTABLISH
`KEY ID
`FAIL FLAG
`
`FIG.8
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 14 of 16
`
`5,402,492
`
`900
`CREATE PASSWORD
`
`KEYBOARD CONTROLLER STORES
`USER ENTERD KEYSTROKES
`IN PASSWORD BUFFER 1
`910
`KEYBOARD CONTROLLER STORES
`SECOND SET OF USER KEYSTROKES
`IN PASSWORD BUFFER # 2
`
`908
`
`SET
`CREATE
`PASSWORD
`FAIL FLAG
`
`SET
`CREATE
`PASSWORD
`FAIL FLAG
`
`YES
`
`918
`SET ADMIN PASSWORD
`ESTABLISHED FLAG
`
`920
`SET USER PASSWORD
`ESTABLISHED FLAG
`
`922
`
`TARNSFER PASSWORD TO
`ADMIN PASSWORD STORAGE
`AREA IN NON-VOLITILE MEMORY
`928
`UPDATE KEY ID c!c ADMIN
`PASSWORD CHECK SUM
`
`TRANSFER PASSWORD TO
`USER PASSWORD STORAGE
`AREA IN NON-VOLATILE MEMORY
`92-1
`UPDATE KEY ID c!c USER
`PASSWORD CHECKSUM
`
`FIG. 9
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`____ ____.__
`
`Sheet 15 of 16
`
`5,402,492
`
`1000
`
`DELETE PASSWORD
`
`YES
`
`_____ __._ _____ _____
`
`1006
`
`STORE USER ENTERED KEYSTORES
`IN PASSWORD BUFFER #1
`
`NO
`
`1016
`CLEAR ADMIN PASSWORD
`FROM NON-VOLITILE MEMORY
`IOIB
`
`CLEAR ADMIN
`PASSWORD ESTABLISHED FLAG
`1020
`UPDATE KEY ID ANO ADMIN
`PASSWORD CHECK SUM VALUE
`
`CLEAR USER PASSWORD
`STORED IN NON-VOLATILE MEMOR
`
`YES
`
`IOI./
`
`1012
`
`. SET
`DELETE
`PASSWORD
`FAIL f'LAG
`
`CLEAR USER PASSWORD FROM STABLISHED f'LAG
`102./
`------------------"'--..
`UPDATE USER PASSWORD CHECKSUM VALUE
`
`1026
`
`RETURN
`
`FIG. 10
`
`
`
`U.S. Patent
`
`Mar. 28, 1995
`
`Sheet 16 of 16
`
`5,402,492
`
`//()()
`
`DELETE KEY ID
`
`STORE USER ENTERED
`KEYSTROKES IN PASSWORD BUFFER
`
`11()2
`
`NO
`
`YES
`
`DELETE KEY ID FROM NON-VOLITILE
`MEMORY
`
`11()5
`
`/1()8
`
`DELETE KEY
`
`ID ESTABLISHED FLAG
`
`1110
`ID AND ADMIN PASSWORD
`UPDATE KEY
`CHECKSUM VALUE
`
`1112
`
`RETURN
`
`FIG. II
`
`
`
`1
`
`5,402,492
`
`SECURITY SYSTEM FOR A STAND-ALONE
`COMPUTER
`
`BACKGROUND OF THE INVENTION
`1. Field of the Invention
`The present invention relates to the field of computer
`security systems. More particularly, the present inven(cid:173)
`tion relates to controlling access to a stand alone or
`portable computer system using both password entry 10
`and a hardware key.
`2. Description of the Related Art
`Computer security usually relates to a large computer
`network of a number of users where each user has ac(cid:173)
`cess to a limited portion of the network. Thus, the secu- 15
`rity system prevents each user from accessing another
`user's storage area and from accessing the system con(cid:173)
`trol portion of the network. This limiteq access main(cid:173)
`tains the integrity of the network, but is usually not
`required in a stand alone system.
`Another area where security has become prevalent is
`in the area of computer software. In certain circum(cid:173)
`stances, in order to run a software program, a hardware
`key must be installed in one of the serial ports of the
`computer. The key prevents users from copying soft- 25
`ware. The keys are usually active keys which are de(cid:173)
`signed to be difficult to decode to prevent a user from
`being able to reproduce the key device.
`Development in the area of computer security at the
`stand alone computer level or for portable computer 30
`systems has been limited. Examples of security that is
`provided on a stand alone computer include systems
`such as the IBM AT, which has a mechanical lock and
`key system. A mechanical key is matched to a mechani-
`cal lock which enables the rotation of a lock from one 35
`position to another position. The lock must be in the on
`position to enable the stand alone system to operate.
`Mechanical lock systems are primitive, and can be eas-
`ily defeated. Another example of computer security is a
`password which the operating system requires during 40
`each boot sequence. Most portable computer systems
`today do not have any security system. The small size of
`the portable computer and lack of security has made
`portable computers an attractive target for thieves.
`
`SUMMARY OF THE INVENTION
`The present invention is a security device for com(cid:173)
`puter systems. The security system of the present inven(cid:173)
`tion utilizes a hardware key and a password to enable
`access to the computer system. A keyboard controller 50
`manages the system security. The security system is,
`therefore, transparent to the operating system, making
`it more secure from access by a fraudulent user who
`wishes to intercept the security communications.
`The security system is divided into two levels of 55
`password security, a first administrative level and a
`second user level. The hardware key overrides all sys(cid:173)
`tem security. The administrative level is accessible by
`the entry of a first password. The administrative level of
`access enables the modification of all of the parameters 60
`of the system setup program. The user level is accessible
`by the entry of a second password, and only enables
`access to certain portions of the system setup program.
`By enabling two separate levels of security, a system
`administrator can control the access to certain system 65
`level configuration options while still allowing users to
`access all other operational portions of the system. Fur(cid:173)
`ther, if the administrator or user forgets a password, the
`
`20
`
`2
`hardware key can be used to override all system secu(cid:173)
`rity.
`The entry of a password is monitored by the key(cid:173)
`board controller during system start-up. The keyboard
`5 controller compares the password to a previously
`stored password value. The keyboard controller sends
`the operating system "go" or "no go" status bits during
`the Power On Self Test (POST) portion of the boot
`operation. The status bits correspond to the administra(cid:173)
`tive level or user level code depending on whether the
`password is correct. A status bit is also sent indicating
`whether override hardware key is installed. To access
`the computer using the electronic hardware key, the
`key is inserted into a mouse port such as a PS/21 ®port
`(or any port which is controlled by a non-system level
`microcontroller) which is controlled by the keyboard
`controller. An ID value stored in the key is read from
`the key and compared to a stored key ID value by the
`keyboard controller. The system provides for the stor(cid:173)
`age of at least two password values and one hardware
`key value, each of which, if properly matched, enables
`access to the computer system.
`1 PS/2 is a registered trademark of IBM Corporation.
`One aspect of the present invention involves a secu(cid:173)
`rity system for controlling access to a host computer.
`The security system monitors a set of security settings
`during system boot operations and controls access to
`the host computer based upon the security settings. The
`security system has at least one peripheral device com-
`munications port and a key which is adapted for con(cid:173)
`nection to the communications port. The key has an
`associated key ID value stored therein. The security
`system executes with a microprocessor-based periph(cid:173)
`eral controller which is in communication with a non(cid:173)
`volatile memory, a keyboard, the communications port
`and the host computer. The non-volatile memory has
`defined therein a stored key ID value and a first pass(cid:173)
`word value. The stored key ID value corresponds to
`the key ID value in the key and the first password value
`corresponds to a selected first access password. The
`microprocessor-based peripheral controller responds to
`either the key being connected to the communications
`port or entry of the first access password on the key-
`45 board to permit access to the host computer.
`In one embodiment, the non-volatile memory has
`further defined therein a second password value which
`. corresponds to a selected second access password. In
`this embodiment, the peripheral controller is further
`responsive to entry of the second access password on
`the keyboard to permit access to less than all of a set of
`setup parameters for said host computer. The communi(cid:173)
`cations port, in one embodiment, comprises a PS/2 @(cid:173)
`type mouse port, and the key comprises an electronic
`key having a second non-volatile memory containing
`the key ID value. In the present embodiment, the sec-
`ond non-volatile memory of the key operates based on
`a one-wire data communication protocol and has only
`one data line and one ground line.
`Another aspect of the present invention involves a
`method of controlling access to a host computer. The
`host computer is in communication with the peripheral
`device controller, and the peripheral device controller
`is in communication with at least one communications
`port and with a first non-volatile memory. The non(cid:173)
`volatile memory has defined therein a stored key ID
`value corresponding to a key ID value in an access key.
`The method follows the steps of coupling a key having
`
`
`
`5,402,492
`
`3
`a key ID value corresponding to the stored key ID
`value to the communications port, reading, with the
`peripheral controller, the key ID value from the key,
`comparing, with the peripheral controller, the key ID
`value to the stored key ID value, and permitting access 5
`to the host computer if the peripheral controller deter(cid:173)
`mines that the stored key ID value and the key ID value
`correspond. In one embodiment, the non-volatile mem(cid:173)
`ory has further defined therein a first password value
`which corresponds to a first access password. In this 10
`embodiment, the method further involves the steps of
`monitoring entries made on a keyboard until a desig(cid:173)
`nated on the keyboard is pressed, comparing the entries
`monitored by the keyboard controller to the first pass(cid:173)
`word value to determine ifthe entries correspond to the 15
`first access password, and permitting access to the host
`computer if the entries correspond to the first access
`password. In a further embodiment, the non-volatile
`memory has further defined therein a second password
`value corresponding to a second access password. In 20
`this further embodiment, the method further involves
`the steps of comparing the entries monitored by the
`keyboard controller to the second password value to
`determine if the entries correspond to the second access
`password, and permitting access to less than all of the 25
`set of setup parameters for the host computer if the
`entries correspond to the second access password.
`
`40
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`FIG. 1 is a block diagram of a computer system 30
`which includes the security system of the present inven(cid:173)
`tion.
`FIG. 2 is a block diagram of the security system of
`the present invention.
`FIGS. 3A-3B depict a flowchart which details oper- 35
`ating system level operations of the security system of
`the present invention during system boot operations.
`FIGS. 4A-4C depict a flowchart which details the
`general method employed within an initialize system
`security routine.
`FIGS. SA-SB depict a flowchart which details the
`general method employed within a reset key subroutine.
`FIGS. 6A-6B depict a flowchart which details the
`general method employed within a read key ID subrou-
`tine.
`FIG. 7 depicts a flowchart which details the general
`method employed within a verify password subroutine.
`FIG. 8 depicts a flowchart which details the general
`method performed within the establish key ID routine
`which is employed by the computer security system of 50
`the present invention.
`FIG. 9 depicts a flowchart which details the general
`method performed by the create password routine
`which is employed by the computer security system of
`the present invention.
`FIG. 10 depicts a flowchart which details the general
`method performed by the delete password routine em(cid:173)
`ployed by the computer security system of the present
`invention.
`FIG. 11 depicts a flowchart which details the general 60
`method performed by the delete key ID routine em(cid:173)
`ployed by the computer security system of the present
`invention.
`
`45
`
`4
`tronic hardware key and passwords to enable access to
`the computer system. The security system is transparent
`to the operating system during runtime, so it is not
`accessible by a fraudulent user who wishes to intercept
`the security communications.
`FIG. 1 is a block diagram of the security system 100
`and its interface with the host computer 110. The host
`110 may, for instance, be an IBM compatible computer
`based on INTEL 80X86 architecture. FIG. 1 further
`illustrates a display terminal lOS connected to the host
`110 via signal lines llS. The security system 100 com-
`prises a keyboard controller 120, a non-volatile memory
`125, at least one PS/2 ® type mouse port 130 and a
`keyboard 13S. The keyboard controller 120 controls the
`operations of the security system and communicates
`with the operating system of the host 110 via signal lines
`140. In one embodiment, the keyboard controller 120
`has a display blanking port which connects to the host
`computer 110 via a signal line 14S. As is well known in
`the art, the display blanking port is used to blank the
`display lOS. The signal lines 140 comprise an input/out-
`put bus between the host 110 and the keyboard control(cid:173)
`ler 120. The keyboard controller 120 is in communica(cid:173)
`tion with a keyboard 13S via signal lines lSO, and with
`the non-volatile memory 12S, via signal lines lSS. Addi(cid:173)
`tionally, the keyboard controller is in communication
`with the at least one PS/2 @-type mouse port 130 (or
`any other port which is in communication with the
`keyboard controller) via signal lines 160. The keyboard
`controller 120 is advantageously a microprocessor(cid:173)
`based controller, such as AST® Research, Inc.'s Miki
`controller, or an Intel® 80C51SL-AG, 8742, 8042, or
`similar microprocessor-based keyboard controller. As is
`well-known in the art, the keyboard controller 120
`provides an interface between the host 110 and the
`peripheral input devices such as the keyboard 13S and
`devices connected through the PS/2 @-type ports 130.
`FIG. 2 is a more detailed block diagram of the secu(cid:173)
`rity system 100 with the specific control elements of the
`keyboard controller 120 shown in more detail. The
`keyboard controller 120 comprises a core 8-bit central
`processing unit CPU 200, a host/core interface 202, a
`RAM Controller 204, a keyboard scanner 206, an inter(cid:173)
`rupt controller 208 and 1/0 control logic 212, all of
`which communicate via an internal bus 214. The core
`8-bit CPU 200, such as an Intel 8031or8051 controller,
`controls the operation of the keyboard and its associ(cid:173)
`ated functions. The host/ core interface, as is well
`known in the art, is used to control the communications
`between the host processor 110 and the keyboard con(cid:173)
`troller 120. The keyboard scanner 206 scans the key-
`board 13S and calculates the scan codes for the keys
`which have been depressed on the keyboard 13S. The
`interrupt controller 208 receives and processes the in(cid:173)
`terrupts for the core 8-bit CPU 200. The 1/0 control
`logic 212 controls the communications between the
`core 8-bit CPU 200 and the at least one PS/2 @-type
`port 130 via lines 160 and the non-volatile memory 125
`via lines 155.
`The RAM controller 204 is further connected to a
`memory 220 (preferably, a static memory) via signal
`lines 222. Although the memory 220 is shown in FIG. 2
`as being external to the keyboard controller 120, it
`should be understood that the memory 220 may also be
`65 internal to the keyboard controller 120.
`In operation, the keyboard controller 120 performs a
`number of pre-programmed procedures which relate to
`the interaction between the host system 110 and the
`
`55
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`The present invention is a security system for com(cid:173)
`puter systems. The security system utilizes both an elec-
`
`
`
`5,402,492
`
`5
`keyboard 135. Additionally, the keyboard controller
`120 controls the interaction between other peripherals
`which are connected to the system via the PS/2 ®
`ports 130, such as a mouse, a keypad, and the electronic
`hardware key 230 of the present invention. Instructions 5
`for the keyboard controller's operation may be down(cid:173)
`loaded from the host 110, or may be pre-programmed
`within the memory 220. In one embodiment, the key(cid:173)
`board controller 120 executes the instructions in re(cid:173)
`sponse to an interrupt generated by the keyboard 135 or 10
`the peripheral devices connected to PS/2 ® ports 130.
`The general method used by the keyboard controller
`120 to provide security for access to the host 110 is
`described in more detail below.
`The security system 100 is controlled by the key- 15
`board controller 120 and is initiated during the Power
`On Self Test (Posn portion of the system boot opera(cid:173)
`tions. The system boot operations, as is well known in
`the art, are controlled by the system BIOS. All of the
`boot operations must be completed before runtime con- 20
`trol by the operating system of the host 110 begins. One
`way to access the secured system is by matching a 48-bit
`number that is stored in the hardware key 230, referred
`to as a key ID, to a stored key ID value. This hardware
`key 230 functions as a security system override. An- 25
`other way to access the secured system is to enter one of
`at least two stored passwords using the keyboard 135.
`The stored key ID value and passwords are maintained
`in the non-volatile memory 125, such as an E2PROM,
`access to which is controlled by the keyboard control- 30
`ler 120.
`
`6
`The security system 100 of the present invention is
`divided into two levels of security, a first administrative
`level, or admin level, and a second user level. The ad(cid:173)
`ministrative level is accessible by the entry of a first
`password, referred to as an admin password. In addi(cid:173)
`tion, this level is accessible by the installation of the
`hardware key 130 into the PS/2 ® port 130 which
`overrides all security. The administrative level enables
`access to all of the system setup commands and to all of
`the operational portions of the host system. The user
`level is accessible by the entry of a second password,
`referred to as a user password, and enables access to all
`of the operational portions of the host, but only enables
`access to a certain portion of the system setup com(cid:173)
`mands. In a preferred embodiment, a third password,
`also referred to as a user password, enables access to the
`user level. In the two-user password embodiment, each
`of the user passwords are differentiated as userl and
`user2 passwords. By enabling two separate levels (i.e.,
`admin and user) of security, a system administrator can
`control the access to certain system level configuration
`commands while still enabling the user to access other
`operational portions of the host system.
`If an administrative level access has been enabled, the
`user will be enabled access all parameters during setup
`operation.
`In one embodiment, if a user level access has been
`enabled, the user will not have access to certain parame(cid:173)
`ters which the administrator can access in the setup
`operation. For instance, the security panel in the setup
`operations may appear as follows for admin level ac(cid:173)
`cess:
`
`<Clear, Establish>
`
`<Enabled, Disabled>
`
`<Enabled, Disabled>
`
`<Disabled, 5min ... 30min>
`<Inhibited, Enable, Disable>
`
`Security Panel:
`<OVERVIEW>
`SMARTKEYID
`PASSWORD
`ADMIN SECURITY
`ENTER PASSWORD:[••••••••]
`VERIFY the PASSWORD:[••••••••]
`USER SECURITY
`ENTER PASSWORD:[••••••••]
`VERIFY the PASSWORD:[••••••••]
`LOCK KEYBOARD
`PASSWORD AT BOOT
`<EXIT TO MAIN MENU>
`And the same security panel may appear as follows for
`user level access:
`Security Panel
`<OVERVIEW>
`PASSWORD
`USER SECURITY
`ENTER PASSWORD:[********)
`VERIFY the PASSWORD:[********)
`<EXIT TO MAIN MENU>
`Other differences may also be advantageous:
`Admin Level:
`Update BIOS
`<OVERVIEW>
`REVISION
`BIOS
`Battery Controller
`BIOS Loader
`BIOS UPDATE
`<SAVE CHANGES, EXIT, AND UPDATE BIOS>
`<EXIT WITHOUT SAVING CHANGES, AND UPDATE BIOS>
`<EXIT TO MAIN MENU>
`USER LEVEL:
`Update BIOS
`<OVERVIEW>
`REVISION
`BIOS
`Battery Controller
`BIOS Loader
`<EXIT TO MAIN MENU>
`
`<Enabled, Disabled>
`
`xx.yy.zz
`xx.yy.zz
`xx.yy.zz
`
`xx.yy.zz
`xx.yy.zz
`xx.yy.zz
`
`
`
`7
`
`-continued
`
`5,402,492
`
`8
`
`Admin Level:
`
`SETUP Main Menu
`<OVERVIEW>
`Date and Time
`Date (MM/DD/YY)
`Time (HH:MM:SS)
`<Power Management>
`<System Configuration>
`<Security>
`<Update BIOS>
`<Exit System Setup>
`User Level:
`
`SETUP Main Menu
`<OVERVIEW>
`Date and Time
`Date (MM/DD!YY)
`Time (HH:MM:SS)
`<Power Management>
`<System Configuration>
`<Security>
`<Update BIOS>
`<Exit System Setup>
`Admin Level:
`
`Power Management Panel.
`This panel allows one mutually exclusive choice. The
`options are presented this columnar way in order to give each
`one its own context sensitive help panel on the right of the
`display.
`
`[01/01/80]
`[00:00:00]
`
`[01/01/80]
`[00:00:00]
`
`<OVERVIEW>
`Power Management
`Characterize Battery
`System Suspend Options
`Smart Sleep
`
`Resume On Modem Ring
`Resume On Schedule
`Time
`Date
`<Exit to Main Menu>
`User Level:
`
`Power Management Panel
`This panel allows one mutually exclusive choice. The
`options are presented this columnar way in order to give each
`one its own context sensitive help panel on the right of the
`display.
`
`<Max Battery Life, Max Performance>
`<Enable, Disable>
`
`<No Delay, 0.5hr, !hr, 2hr,
`3hr, 4hr, 5hr>
`<Enable, Disable>
`<Enable, Disable>
`[00:00:00]
`[00/00/00]
`
`<OVERVIEW>
`Power Management
`System Suspend Options
`Resume On Modem Ring
`Resume On Schedule
`Time
`Date
`<Exit to Main Menu>
`Admin Level:
`
`System Configuration Panel
`<OVERVIEW>
`BOOT OPTIONS
`Mouse Connected To
`
`Parallel Port Type
`Boot Device
`
`Speaker
`Keyboard Clicks
`Font Expand
`Simultaneous Video
`Serial Ports
`
`MEMORY
`Modify Refresh Rate
`PowerStation Options
`Floppy Drive B
`
`Ext Video Adapter
`<Exit to Main Menu>
`User Level:
`
`System Configuration Panel
`<OVERVIEW>
`
`<Max Battery Life, Max Performance>
`
`<Enable, Disable>
`<Enable, Disable>
`[00:00:00]
`[00/00/00]
`
`<None, Serial I, Serial 2,
`Key Pad Port>
`<Disable, Standard, Enhanced>
`<Try Floppy First, Try Hard Drive
`Only, Try PowerStation>
`<Enable, Warnings Only, Disable>
`<Enable, Disable>
`<Enable, Disable>
`<Enable, Disable>
`<Port I, 2 Disabled>
`<Port I = 3F8h, 2 Disabled>
`<Port I = 3F8h, Port 2 = 2F8h>
`
`<Enable, Disable>
`
`<None>
`<1.44 MB 3.5">
`<720 KB 3.5">
`<1.2 MB 5.25">
`<360 KB 5.25">
`<Enable, Disable>
`
`
`
`9
`
`-continued
`
`5,402,492
`
`10
`
`BOOT OPTIONS
`Speaker
`Keyboard Clicks
`Font Expand
`Simultaneous Video
`
`<Enable, Warnings Only, Disable>
`<Enable, Disable>
`<Enable, Disable>
`<Enable, Disable>
`
`Of course, other variations can be implemented de-
`system. The user level password established flag indi-
`pending upon security concerns.
`An advantage of the security system of the present 10 cates that a user level password has been established for
`invention is that it enables access to the administrative
`the security system. The admin entered password match
`level of the security system by overriding all security
`flag indicates that either the hardware electronic key
`with the hardware key 230. Thus, if the admin password
`has been connected to the PS/2 ® port and matches a
`is lost or forgotten, access is still possible via the hard-
`stored key ID, or that the admin level password has
`ware key 230. Advantageously, the security system of 15 been entered by the administrator and matches the
`stored admin level password. The user entered pass-
`the present invention provides a secure system and yet
`provides at least one backup form of entry. This system
`word match flag indicates that a user level password has
`also provides the advantage of allowing a system ad-
`been entered and matches the value established for the
`security system. The key ID exists flag indicates that the
`ministrator to use the same electronic hardware key 230
`for all, or a selected group, of computers over which 20 key ID value from the electronic hardware key 230 is
`stored in the non-volatile memory 125 (e.g., the E2-
`the administrator has responsibility.
`The hardware key 230 is a passive device and is pref-
`PROM). The use of the these flags will become more
`erably made from a ROM. The memory on the key 230
`apparent upon discussion of the security system opera-
`contains a unique multi-bit key ID value. The ROM in
`tions below. By transferring the status byte to the host
`the key 230 is connected to a standard PS/2 @ port 25 100, the security system informs the host system 110 of
`male connector. Preferably the ROM is a DS2400 sili-
`the status of the security system without requiring that
`con ROM produced by Dallas semiconductor. Because
`the host system 100 actually access the associated hard-
`the hardware key 230 is a passive device, the ROM of
`ware of the security system 100.
`the key 230 obtains its operational power from the host
`Many keyboard controllers 120 pre