1. Field of the Invention
The present invention relates to data protection device, data modification prevention device, data modification prevention methods and data protection methods independent of operating systems.
2. Description of the Related Art
The present invention addresses the need for data protection where data protection means that there is data that cannot be modified in accidental or non authorized way, and that there is data that cannot be accessed by other than the authorized operator of the computing system. This definition of data protection can be divided in two requirements of protection: Data modification prevention and extraneous code execution prevention. The present invention implements both methods in one data storage protection device without regard to and/or the need for installed operating systems. We start by describing the current state with the first requirement: normally when there is data in a computing system that needs to be protected from accidental or unauthorized modification, said data is marked as “read-only”, and the operation on it is limited by this characteristic. But this “marking” can be un-done or simply ignored by software that does not conform to the operating system conventions or uses a different way of accessing this data on the data storage device used by said computing system. The solution to this would be to make the data storage device “read-only”, in a manner similar to the working of a floppy disk, where a lever on its case allows or denies data modification on its magnetic surface. But this solution does work only for isolated data and it cannot be used when the data storage device also holds data that needs to be modified regularly, for example a directory index maintained by the operating system of the computing system. The second requirement, the extraneous code execution prevention, is currently addressed with a layer of software running as part of the operating system of the computing system, usually called “antivirus” and “firewall” software, depending on its operational and functional characteristics. This layer of software protects the data on a computing system by preventing execution of code that is not specifically part of the code that the user of said computing system is intending to use with its data. The problem with this approach to cover the second requirement is similar to what we specified for the first requirement: the software operation can be bypassed by software that operates not in conformance with operating system rules, or by software that operates using different access rules that the ones specified by the operating system. Well know examples of this are the “rootkits”, pieces of software that operate in a lower level than the operating system, in a way that prevents its detection by the layer of software that implements the extraneous code execution prevention. A normal user is defenseless against this type of intrusion to the computing system.