1. Field of the Invention
The present invention relates generally to computer security. More particularly, the invention relates to security using biometrics. Still more particularly, the invention relates to limiting physical and logic access to computer devices and subsystems based on a user's biometric information.
2. Background of the Invention
Security is a concern for many computer systems, particularly those computer systems that contain sensitive information. Many organizations have large computer systems that include numerous components. Such a large computer system might include, for example, one or more racks that each contains multiple server computers, storage devices, power supplies, switches, communication devices, and other types of computers or computer-related equipment. Each of components generally is removable for maintenance purposes. Accordingly, if a device fails a technician can remove the failed device and install a replacement device.
Two avenues of access to a computer system are possible and both should be secured in some suitable way. One avenue is physical access to the computer system and its various subsystems and components. Often, a lockable access door is provided on the front of a rack to restrict access to the computer components contained within the rack. The door typically requires a physical key. Of course, keys can be misplaced, lost, or stolen thereby potentially frustrating legitimate attempts to gain access to the equipment in the rack. For this reason, sometimes the key is left in the lock, or attached via a string to the cabinet. Although convenient, leaving the key in, or around, the lock renders the lock useless. Further, a person that has a key to the access door then has access to all of the components in the rack, even though that person may never need access to certain components.
The other type of access to computer components is logical access through use of the computer system. This type of access includes, for example, access to storage devices (CD ROM, hard drive, tape drive, etc.). Without proper security mechanisms in place, an unauthorized person may be able to gain access to valuable, sensitive information.
Accordingly, a security mechanism is needed which addresses the shortcomings noted above. The security mechanism should be able to restrict physical and logic access to subsystems or components of a computer system.