This invention relates to computer security measures and to the prevention of unauthorized reading or altering of computer data by individuals or programs operating on a computer. Specifically, this invention describes a means and process by which the authorized user of a computer can protect data and programs stored in peripheral devices, such as mass storage media, from alteration or deletion by malicious persons, or computer "virus" programs, or accidents initiated by unskilled persons. This end is achieved by providing the authorized user with a switch whereby the user can completely or partially disable the peripheral device without disrupting the operation of the computer or other peripherals. Alternatively, the switch may disable write access to the peripheral device, such as a widely used computer harddrive, but allow the device to be read.
This invention is particularly useful in multi-user environments, such as those in a university computer lab, wherein only a computer supervisor is authorized to add programs and data to a mass storage peripheral device and other users are authorized only to read programs and data from the storage device. In this example, the computer supervisor would have a key with which he could gain access to write new information onto a harddrive and then could "lock out" write access so that students would be unable to accidentally or maliciously load a "virus" program onto the computer system.
This invention is also useful for persons who desire to evaluate new software but are afraid that by doing so they will be exposing their computer system to infection with a computer virus. By locking out write access to their computer's harddrive, the system is "safe" and the suspect program can be run without risk of it causing an infection which may later cause loss or disruption of programs and data.
By providing complete user control over a computer's access to its peripheral devices, this invention allows the user to implement greater security precautions against unauthorized programs or users. These options include limiting read and write access to the peripheral device, and the ability to configure the peripheral device so as to make all or portions of the device appear to the computer as a read-only, write-only, or write-once peripheral device.