1. Field of Invention
The invention relates to a computing system such as a computer, a Personal Digital Assistant, or a mobile phone, and more particularly, to the computing system being accessible to both an internal network and an external network and being able to quickly and switch therebetween without being shut down.
1. Description of Related Arts
At present, in consideration of information security, an internal network such as an office or a confidential Local Area Network, is usually physically separated from external network such as the Internet. Some home PCs having private data also need physical separation from the external network. The earliest predecessor solution to this problem was using two computers respectively connected to internal and external networks. Bringing high security however requiring two computers, it is too expensive and can not efficiently exchange data between the internal and the external networks. A later resolution was the dual-mainboard solution. Though uses a common computer chassis and shares one display and one keyboard, it still employs two computers essentially. It has the same problem as its ancestors.
Latterly, dual hard disk and then single hard disk solutions came up. The first one means that two hard disks are used by one computer. When using the internal network, a computer boots up with an “internal use only” hard disk and when it needs to be connected to the external network, a user can boot from the other hard disk connected and used by external network only. In this situation, once the external network is started up, the hard disk or network connected to the internal network is physically separated, i.e. the internal system is absolutely not accessible or at least is not able to be effectively read from or written on. Thus, a user is able to use either the internal system or the external system with one computer, with the physical separation of the internal and the external networks and consequent security of the internal data.
Although the solution of dual hard disk securely separated the internal and external networks, it requires two hard disks, which still costs relative high. In the single hard disk solution, the hard disk is divided into two partitions, each having its own operating system used independently by the internal or external network, respectively. A user can choose to boot either, the internal or the external network. In this solution, when the computer is connected to the external network, data of the internal network is not readable and/or writable and more than one operating systems need to be started up, as disclosed in the patented Chinese invention ZL 94,111,461 owned by the same inventor. When more than one operating systems need to be started up, a good way is “twice startup” disclosed in Chinese patent ZL 97,116,855 of the same inventor. At the same time, the single hard drive solution also successfully solves the problem of system recovery when the system collapses. Additionally, in the solution, a swap area is established on the hard disk, which can be read from or written on when the external network is started up, or can be read from however without being written on when the internal is started up. Information is allowed to flow one-way from the external network to the internal, preventing any automatic disclosure of the internal data. The swap area can be arranged to be readable and writable at any time, which will sacrifice certain security performance. Generally, data exchanges between the internal and the external networks can be done flexibly and safely, keeping a secured separation is always desirable.
However, for either the single hard disk solution or the dual hard disk solution, if a user wants to switch between the internal and the external systems, the computer must be rebooted for purpose of security. It is obviously very inconvenient for users. Especially in e-business, a user frequently needs to communicate and exchange information with other external network users via the external network. And when he needs a digital signature, he may hope to enter the internal network where the signature key is placed to prevent any ill-willed hacker from getting it. After the information is safely signed, the user needs to come back into the external system to exchange the information with other relevant external network users. In that way, programs and keys for signature are kept in the internal system to ensure their security, and can be used in e-commerce while security is guaranteed.
The most important issue in the Internet-based e-commerce is security. At client terminals, due to non-one-hundred-percent virus protection, ill-willed hacker invasions, and BOs, there exists the possibility for the information in client terminal computers to be illegally accessed. However, it is unaffordably serious if the information of a key used for digital signature, which is used to identify clients and sign contracts, is so accessed. It means the information of the key must be kept at an inaccessible place. An U.S. Pat. No. 99,806,523 filed on May 13, 1999 by Wave Systems Corp. disclosed a solution that employs a special-use computer for digital signature. But the computer, e.g. a smart card, either works slowly or is expensive, which makes the users have to choose encryption algorithms having relatively weaker security performance. Therefore, the best way is to make full use of the computer at client terminal, making it 1. be able to physically separate the internal and the external systems, making any internal system information inaccessible from any program and individual including the user he himself; 2. when the computer is connected to internal network, the user can selectively send relevant information to the external system, and in order to ensure security, the control program will not be able to be changed by any virus: it should be write-protected; and, 3. the switching between the internal and the external systems should be conveniently and quickly.
The spirit of the invention for above mentioned computer can be applied to all computing devices such as the portable computing devices. A user may access the external network when internet communication is needed. When digital signature is needed, the user can enter the internal system, and then send documents bearing digital signatures to the expected destinations via external network.
A computer which is able to “simultaneously” use two operating systems will also provide convenience for computer education on multiple operating systems.