Current personal microcomputer technology based on DOS for magnetic disk storage media is fundamentally open, that is, digital data is organised, structured and stored on magnetic disk media in such a way that the operating system can access the data for input and output quickly and efficiently according to certain fixed rules, all of which are well known. Thus for example, DOS organises and accesses digital data on magnetic disk media, such as fixed-disks and removable floppy disks, in the form of files and directories according to a rigid structural scheme. For every file or directory created on the disk, DOS prepares a special 32-byte directory entry data field, containing crucial information on that particular file or directory. This data, together with cluster distribution information contained in the File Allocation Table (FAT) for the disk, enables DOS to determine the precise sector locations on the physical disk surface occupied by the file or directory.
A major consequence of the rigid DOS standard directory and FAT structure for files and directories on magnetic disk storage media, is simply that in single machines DOS cannot be prevented from accessing, at media level, any file or directory on disk for the crucially important function of read, and associated operations such as copy. In principle, therefore, DOS will be able to read and, if required, copy, any file or directory, as long as it is DOS-structured, and physically exists on the disk. From the viewpoint of data security for DOS formatted magnetic disk storage media, this invariably means that DOS-structured files and directories on disks cannot be secured or locked in the absolute static sense, that is, the operating system cannot be prevented from accessing any file or directory at the level of the disk media itself.
Although the prior art contains numerous references on methods and techniques for computer system and disk security, these deal mainly with copyprotection of magnetic disk storage media or with digital data encryption, as distinct from the absolute static lock at media level described in this invention. At the present time, current technology only allows files and directories on DOS disks to be secured by non-absolute, indirect methods. These include file encryption, file attribute modification, for example, hiding files from DOS directory searches, control of the operating system boot, or some means of file access control through menu-type RAM-, or ROM-, resident programs, and the like. In all of these methods, however, the target file or directory, and indeed, the disk itself, still remains essentially unsecured at media level: any access control barrier can always be bypassed, and the target file can always be read and copied directly by DOS at media level, albeit in encrypted or otherwise modified form. Moreover, file security is often achieved with some kind of penalty, for example, easy access to the fixed disk of the host machine may be severely hampered.