The present invention relates to a disk drive, a method for controlling the disk drive and a falsification detection method. More particularly, the present invention relates to a method for controlling a disk drive having a flag area that can be only referred to by a host but not written thereby and relates to a falsification detection method for detecting a falsification of data, which has been recorded by the disk drive on the storage medium employed in the disk drive, by making a 2-stage analysis, i.e., an analysis of a time transient of meta data and an analysis of a time transient of contents.
With popularization of various kinds of application software, there is also progress in efforts to convert documents prepared by the user into electronic data. Unlike a document written on a piece of paper, electronic data can be changed with ease. Thus, by carrying forward the efforts to convert documents into electronic data, improvement of the work efficiency can be expected. In order to use electronic data as evidence in typically a judicial trial, however, it is required that the time to make the electronic data and the contents of the electronic data are not falsified. For this reason, the faultlessness of the electronic data must be verified or, if the electronic data has been falsified, the falsification must be detected.
The conventional detection of electronic data recorded by a disk drive on a storage medium mounted thereon can be divided into two large categories as follows:    (1) a method for generating falsification detection information inside the disk drive, and    (2) a method to generate falsification detection information by using information external to the disk drive.
As the first method, a file system and a program storage medium have been proposed and disclosed in Japanese Patent Laid-open No. 10-283262 and as the second method, a system and method for preventing falsification of electronic texts' have been proposed and disclosed in Japanese Patent Laid-open No. 11-261550.
Japanese Patent Laid-open No. 10-283262 has proposed a new file system capable of determining whether or not a file has been falsified. When a new file is generated, an authentication file is also created. The authentication file includes a checksum of the new file, its creation date and information on the creator thereof. By using this new file system, every time a file recorded on a storage medium in a disk drive is updated through an operation carried out by a host to write data onto the storage medium, a post-updating checksum and an updating date are added to the authentication file. Thus, it is possible to determine whether or not the file has been falsified.
In Japanese Patent Laid-open No. 11-261550, a method has been proposed as a falsification detection method allowing an outside authenticator to create authentication data of an electronic text. In accordance with this method, first of all, a central player extracts characteristic data representing characteristics of an electronic text and encrypts the characteristic data by using a first encryption key. Then, the outside authenticator adds external authentication data including at least a date to the encrypted characteristic data and further encrypts the characteristic data by using a second encryption key to produce authentication data of the electronic text. The central player is not capable of creating the authentication data. Thus, by comparing the electronic text with the authentication data, it is possible to determine whether or not the electronic text has been falsified.