I. Field of the Invention
The present invention relates to the field of computer security. In particular, the present invention relates to a workstation lock for thwarting unauthorized access to information contained on the workstation and alerting users of tampering with the workstation.
II. Background of the Invention
The need for a multifaceted approach to information protection on workstations and personal computers ("PCs") has been well documented. Using a security product and removable media can increase the level of protection, however, even these systems are subject to compromise in various ways.
The robustness and usefulness of existing security products vary widely. Some of these products are software only, some are hardware only, and some are a combination of both. The cost of these products ranges from no cost for software-only freeware to several thousand dollars for security containers housing various PC components. Many of the access-control products provide capabilities for differentiating levels of access (e.g., security officer, employee supervisor or data owner, and user) and multiuser access, which, more often than not, go unused in a typical office environment where most workers have their own PCs.
With physical access, a skilled intruder with a prepared methodology can acquire information thought to be protected by one or more of these commercial access-control products. Possible methods of intrusion generally associated with PCs, some of which may be effective even if a security product is being used, include: 1) access to the keyboard to display, transmit, or alter information; 2) access to the keyboard to allow time for password guessing; 3) removal of PC media including diskettes, disk drives, hardcopy, or printer ribbons; 4) observation of information on the video display or monitor; 5) bypass, removal, or disconnection of security product hardware from the PC; 6) insertion of transmitting or recording devices in the PC; 7) boot up from a floppy disk, circumventing the security product startup and verification procedure; and 8) access to a media drive, resulting in the insertion of malicious code.
Denial of physical access to the PC in an office environment can be implemented in a variety of ways: vault-type rooms, security containers with pull-out drawers containing large built-in disk drives, workstation cabinets, PC key locks that lock the case and/or keyboard, cases secured by storage-shed-type clasps with padlocks, tamper proof seals, and office doors. While these mechanisms provide various levels of protection during the day and/or at night, an alternative optimized system for protection, especially during the day and preferably even when information is being processed, has been missing from the security officer's arsenal of control mechanisms.
Also, an unattended PC where classified or sensitive information is being processed requires physical and administrative controls at all times to deter or detect an unauthorized access.
In addition, while some current PC security products address file access controls, including discretionary access controls and encryption, these products do not provide physical protection for the PC components, such as the disk drives, keyboard, and mouse. These components can be used to circumvent the PC security product's protection features. For instance, numerous security products may be circumvented upon gaining access to the keyboard or one of the disk drives.
In other security devices, other shortcomings often arise. For example, in many systems, if the power is removed, the security product ceases to function. If there is no power in the battery, the system could be circumvented if the regular power source is cut off. Some security products can be defeated by simply bringing in a separate keyboard and plugging it in. Still other PC security products provide an audit capability to document accesses to files as pre-defined by the system administrator. However, the review of audit files is a very timely process, and is, therefore, inefficient and not often undertaken. The review of audit files could take more time than powering down the PC, removing the media from the PC, locking it up in a repository before leaving the office, and reinstalling it upon return and, therefore, is not desirable.
Also, because most PC security products address file access controls, including discretionary access controls and encryption, such features protect a file, but do nothing to protect the PC while in operation. Often, PC security products do not allow processing to continue while maintaining protection of the PC.
In still other systems, it is possible for an intruder to place a diskette into a floppy diskette drive and plant a program on the system that will either 1) allow access to the PC at a later time or 2) permit the intruder to plant a program to steal files and place them on the diskette.
Therefore, there exists an urgent need for workstation security products that protect multiple components of the PC (i.e., screen, internal and external devices and removable media, keyboard and mouse) from physical access while the PC is in operation. In addition, there exists a need for a workstation security product that permits users to continue processing sessions (e.g., a long processing jobs which are undesirable to interrupt, either intentionally or unintentionally) even if the users only need to leave the vicinity of their workstations for short periods of time.