When a personal computer is turned on, a basic input-output system (BIOS) that is stored in non-volatile solid state memory of the computer is invoked to begin what is known as a “boot” process, in which various initialization chores are undertaken. Among the most important of these chores is the copying of an operating system from disk storage of the computer over into typically a volatile solid state memory of the computer, for execution of the operating system by the processor of the computer when the computer is being used. When the computer is turned off or when it is “re-booted”, the operating system is flushed from the memory. By executing the operating system from the relatively fast memory instead of from the disk, computer operations are accelerated.
Among the chores of booting is to prompt the user to enter a password, so that use of the computer is enabled. This password is sometimes referred to as the “power-on password. Without proper password entry, the use of the operating system is denied. Additionally, the hard disk drive (HDD) of the computer may have its own password, so that even when the power-on password is properly entered, access to the HDD is denied unless the HDD password is also input.
Recognizing that users can forget their passwords, a limited operating system, referred to herein as a “secure operating system” (also sometimes referred to in the art as a “service O.S.”), may be provided to the user to undertake limited, “safe” tasks. That is, a “secure” operating system is configured to accomplish only predetermined limited tasks, and because of this the secure O.S. cannot feasibly be corrupted or infected with malicious code. Also, this O.S. is not suitable for other “productive” uses of the computer, so the end user cannot accomplish other work using it. One of these limited tasks may be to issue a challenge question to the user, which, if correctly answered, enables the user to reset the power-on password and, hence, to boot the standard O.S. The secure O.S., like the standard O.S., must be booted.
The present invention recognizes that various files, including rescue and recovery files, may be provided on optical disks using International Standards Organization (ISO) format. As understood herein, since optical disks originally were envisioned as being write-once, read-only storages, the ISO file standard did not provide for updating files once imaged onto disk, in contrast to other file systems. Thus, ISO files remain static, and if an ISO file must be updated, the entire file must be regenerated.
The present invention critically recognizes that this is a drawback for a number of reasons. For instance, it complicates placing a digital signature in the file, because owing to the vagaries of optical disk recording and the requirements of ISO, significant data manipulation that cannot be predicted in advance of recording typically occurs when creating the ISO file, and the digital signature depends on the entire file data. Thus, a digital signature cannot be reliably computed before an ISO file is actually laid down, hence, the signature cannot be incorporated into the file without regenerating the entire file.
Additionally, in the case of several files that are essentially the same except for language differences in, e.g., the user interfaces, a unique copy of each language version must be stored on the optical disk, consuming large space. This is because, recall, an ISO file remains static per the conventions of the ISO file system. With these critical observations in mind, the invention herein is provided.