There has been an enormous increase in the use of computers for processing and storing sensitive information in a wide variety of commercial and government applications. Computer systems have evolved from large systems with restricted access to small systems which may be portable and easily accessed by several users. As components have become more easily accessible and as demand for easy computer access has spread, there has arisen a greater need for the protection of sensitive data.
One method for securing access to computer systems is to restrict the physical access to the computer system, however, such restriction is inefficient for typical computer system installations which favor shared access and increased portability. The cost of securing computer systems by restricting physical access is also prohibitive.
Another method for providing security of sensitive data is to use a program to restrict access to the computer system. However, this method has drawbacks. For instance, an unauthorized user can often bypass the security program or routines which invoke the security program to gain access to the computer system. Even if the security program proves to be difficult to bypass, the unauthorized user can simply remove the information stored in the computer by removing the memory or monitoring the data bus. For example, a hard drive could be removed from the computer and installed in another computer to read the contents of the hard drive.
To prevent such unauthorized access and retrieval of sensitive information, sensitive data may be destroyed either logically or physically. Logical destruction requires that any data destroyed be unintelligible to another user after the destruction process has taken place. The storage media will typically still be reusable. An example of a logical destruction program is a program which erases the sensitive files on a hard drive when an unauthorized access is detected. Physical data destruction, on the other hand, requires catastrophic destruction of the storage media to ensure that the contents in the storage media are irretrievably lost.
In some applications the program destroying the logical data fails to completely destroy the data and advanced data retrieval techniques may be employed to recover traces of logically destroyed information. For example, information on a hard drive of a computer may be recovered by methods which detect previously written and erased binary words from trace magnetic remnants of the words. If the logical destruction methods are only partially effective, physical destruction techniques may also be required to ensure that the data is destroyed and cannot be recovered.
It may be desirable to restrict access to particular peripheral devices on a computer or workstation, rather than restricting access to the entire computer system. Modern computer security systems fail to provide such restricted access.
Therefore, there is a need in the art for a computer security system which prohibits unauthorized access and which is not vulnerable to bypass yet maintains the portability mad flexibility inherent in a modern computer system. There is a further need to provide complete protection of sensitive data such that the data may not be recovered by bypassing the data protection system or by physical removal of data storage devices. Finally, the system must also provide complete destruction of sensitive data to prevent retrieval of data traces.