1. Technical Field
The present invention relates to computer security in general, and in particular to a method and apparatus for maintaining computer security on a multi-user computer. Still more particularly, the present invention relates to a method and apparatus for providing password management on a multi-user computer.
2. Description of Related Art
Notebook personal computers (PCs) are more susceptible to theft because of their portability. If a notebook PC is stolen and data are taken out of its hard disk drive, the damage can be serious. In particular, these days, a hard disk drive often includes personal information, business information, and/or authentication information for accessing a network or online service that requires user authentication. Thus, it is important to take measures in protecting data in a notebook PC in case the notebook PC falls in the wrong hands. More specifically, it is important to prevent a notebook PC from being started and used by someone who is not an authorized user, and to prevent data from being extracted from a hard disk drive even if the disk drive is removed from the notebook PC and attached to another computer.
A commonly solution is to set passwords for the Basic Input/Output System (BIOS) and the hard disk drive of a notebook PC so that the BIOS and the hard disk drive cannot be used unless the passwords are properly entered. There are generally two types of passwords for the BIOS, namely, a power-on password and a supervisor password. When a notebook PC with password settings is started, the notebook PC prompts for a password. Then, either the power-on password or the supervisor password needs to be entered. If the power-on password is entered and properly authenticated, only starting of an operating system (OS) is allowed. If the supervisor password is entered and properly authenticated, operations such as modification of the BIOS settings and setting of the power-on password are allowed in addition to starting of the OS.
ATA/ATAPI is a common interface for connecting an external storage device to a computer, and the password for the hard disk drive (HDD password) is included in the standard ATA/ATAPI specification. The HDD password can also be set via the BIOS. If the HDD password is set, starting the notebook PC causes the BIOS to input the HDD password to the hard disk drive and to make the hard disk drive usable. If a password for the BIOS is also set, the HDD password is input to the hard disk drive only when the BIOS properly authenticates the power-on password or the supervisor password. The power-on password, supervisor password, and HDD password can be collectively called a shared password.
There are many prior art techniques related to shared passwords. For example, one prior art technique requires the BIOS to generate an HDD password and sets the password for a hard disk drive, and on power-up of a computer, the BIOS inputs the password to the hard disk drive. As a result, data cannot be read from the hard disk drive even if the hard disk drive is removed from the computer and attached to another computer. Another prior art technique for a computer having multiple storage devices, in which inputting a password to a first storage device causes passwords stored in the first storage device to be input to other storage devices. As a result, security of the multiple storage devices can be protected with only one password for the first storage device.
Even in notebook PCs, commonly used OSs such as the Windows™ OS or the Linux OS are adaptable to multi-user mode. In fact, it is not uncommon that one notebook PC is used by multiple users. In that case, the administrator of the OS registers a different user ID and password for each user, and each user logs in to the OS using the assigned user ID and password. However, the shared passwords are not adaptable to multi-user mode according to their standards. Therefore, even when a notebook PC is used by multiple users, all users of the notebook PC know and use the same shared passwords. This is not desirable from the standpoint of computer security. In order to achieve the high security protected by the shared password in a notebook PC used by multiple users, it is desirable that the shared password to be different for each user.
FIG. 16 is a block diagram showing the application of a technique of user authentication using biometrics information, such as a fingerprint, vein, or iris, for solving the above-mentioned problem. Biometrics information 601 on each user and a shared password 603 are associated with each other and are stored in a non-volatile storage device 605 within a notebook PC. When biometrics information 609 on a user is input from a biometrics information input apparatus 607, a determination is made as to whether or not non-volatile storage device 605 contains biometrics information identical with the information read by biometrics information input apparatus 607. If biometrics information 601 identical with the read information exists within non-volatile storage device 605, shared password 603 corresponding to that biometrics information 601 is input to a BIOS 611 and a hard disk drive 613. Thus, the users need not know their shared password, and this ensures high computer security because the shared password is used only inside the notebook PC.
However, with the technique shown in FIG. 16, biometrics information 601 and shared password 603 need to be associated with each other and stored in non-volatile storage device 605. That is, every registration of biometrics information 601 on a user requires input of shared password 603, thereby revealing shared password 603 to the user. In addition, it is desirable to change the password from time to time to ensure security, but every change of shared password 603 requires an operation of associating changed shared password 603 with biometrics information 601 on all users. This operation is cumbersome and renders a risk of revealing shared password 603 to all users.
Consequently, it would be desirable to provide an improved method and apparatus for managing shared passwords on a multi-user computer.