1. Field of the Invention
This invention relates to security and personal computer systems, and more particularly to a method for extending computer security features to devices having Plug and Play capabilities.
2. Description of the Related Art
The prevention of data theft is extremely important in computer systems designed to exist on corporate networks as well as home computers. Companies and individuals spend large sums of time and money developing data that resides in these systems. Adequately protecting a computer system's resources from unauthorized access is thus a primary concern of computer users.
To address various security issues, including protection of system ROM and other memory locations, a security device was developed as described in commonly-assigned U.S. patent application Ser. No. 081779,061, entitled "SECURITY CONTROL FOR PERSONAL COMPUTE," which is hereby incorporated by reference for all purposes as if set forth in its entirety. The security device described therein provides a secure method for access to different system resources, and was capable of preventing data transfer via externally accessible channels by turning off common system devices such as the parallel port, the serial port(s), the floppy disk controller, etc. The logic for all of these devices as well as other logical devices normally exists within a computer system's "Super I/O" chip or similar device. The Super I/O chip provides a mechanism to disable the various logical devices via one or more configuration registers.
Merely turning off system devices, however, is not sufficient protection. To make a system more secure, it is necessary that the devices cannot be turned back on by an unauthorized user. In current systems, security logic is used to block ISA bus read and/or write cycles to the registers in the Super I/O chip responsible for turning system devices on or off. The ISA cycles are blocked by gating an address enable signal AEN and/or I/O write control IOWC# signal of the Super I/O chip. Unauthorized cycles to the Super I/O chip are blocked when the security logic decodes and I/O address for the Super I/O chip and the user has set what amounts to a blocking enable bit.
In prior systems, security logic in the security device protected certain ranges of non-volatile CMOS RAM within the Real-Time Clock (RTC) in the Super I/O chip. The protected locations are used to store passwords and other critical information. For example, assume that the I/O Index register address of the RTC is 0070h and the address of the Data register is 0071h. The prior security logic would work by blocking reads or writes to address 0071h when the Index, tracked by examining writes to the address 0071h, was in a predetermined range of indices to be protected. Reads and writes would be blocked by holding the I/O write control signal IOWC# or address enable signal AEN to a logic high level when the value of 0070h (the Index register address) was in the range of an Index containing sensitive information.
The security device operates by providing multiple hardware "lock" signals capable of being toggled by the user. The lock signals restrict access to specific system resources when asserted. In general, a user enters a password for a particular memory "slot" in the security device. The memory slot is then placed in a "protected" state by issuing a PROTECT RESOURCES command to the security device. While in the locked state, a lock signal is asserted, which secures system resources. To unlock the slot, the user issues an ACCESS RESOURCE command to the security device, followed by entry of the correct password. Correctly entering a slot's password changes the state of the slot to "unprotected." The security device password may only be written if the slot is in the unprotected state. The security device can only verify and does not divulge the password, thereby enhancing the security of the system. Providing computer security is not a static process, however, as technology and new threats to security continue to develop at a rapid pace.
For example, the owners of today's personal computers (PCs) are faced with a myriad of options when choosing peripheral devices. Frequently, computer users decide to upgrade or expand the capabilities of their computer systems rather than buying an entirely new system. In the past, installing new hardware was frequently a time-consuming and frustrating process, requiring the computer user to become familiar with architectural components such as direct memory access (DMA) and various system interrupts (IRQs). Manipulation of various parameters was often required in order to ensure that its newly added components did not conflict with existing components.
Against this backdrop, a number of hardware and software manufacturers undertook an initiative to solve these dilemmas by creating the so-called Plug and Play (PnP) specification. Plug and Play is the industry term for the technology that allows a computer system to understand a user's intentions to install option cards, for example, a sound card, into the computer system and automatically configure it. This allows new options to work immediately following installation without disrupting existing system components. When a new option card is installed, Plug and Play firmware automatically figures the computer system's bus and sets key technology parameters for Plug and Play-ready add-in cards. Previously, users had to set these parameters manually, a complex and problematic exercise. When combined with features in certain operating systems, such as Windows 95, Plug and Play greatly simplifies the process of setting up a personal computer system.
Following the boot process, an operating system incorporating Plug and Play support retrieves Plug and Play information gathered by the BIOS. System resources are then allocated amongst the Plug and Play cards. Conflict-free resources for all inactive logical devices are also allocated. All logical devices that have been configured are activated, and device drivers are loaded. Details of Plug and Play configuration are generally known or available to those skilled in the art Adding Plug and Play capabilities to the Super I/O chip may create additional security concerns. Specifically, the ISA Plug and Play architecture allows a given chip to contain several "logical devices." It does this by allowing each logical device to have its own base address. The given chip decodes all addresses for its logical devices.
When the RTC located within the Super I/O chip becomes a Plug and Play logical device whose base address can change, prior security devices may not adequately protect the contents of the RTC. For example, an unauthorized user could conceivably modify the base address of the RTC, and then gain access to unprotected Indexed locations. Other logical devices of the Super I/O chip, such as power management logic, may also have base I/O addresses capable of being modified. Further, the base address of the Super I/O chip itself may be modified in an attempt to circumvent security measures.