This invention relates to computer security devices. This invention relates more particularly to devices for preventing unauthorized users from obtaining access to a network. This invention also relates to connectors for computer hardware.
Networks of personal computers that can communicate with one another are extremely common in businesses, universities and other institutions. The principle of a network is that an operator using one personal computer in a network may obtain access to data or programs stored in any other computer in the network. Similarly, an operator may transmit data to any other computer in the network. Such access is extremely advantageous for the sharing of information among authorized users of such a network. Information may be transmitted much more quickly using a network than by storing data in a magnetic storage medium such as a disk and physically transporting the disk to another computer. However, such access also presents a disadvantage. Any person who successfully gains access to the network through any one personal computer attached to the network can then gain access to data contained elsewhere in the network. This presents the danger of unauthorized users obtaining confidential information. A person who gains access to a single computer in a large network may have the ability to review any confidential information in any computer that is part of the network. Thus, trade secrets, business plans, and other secret information could be obtained by competitors. Moreover, unauthorized users may engage in sabotage of any computer connected to the network. Data that is essential to business operations or research could be altered or destroyed.
A large number of schemes that employ software techniques have been developed to prevent unauthorized users from gaining access to networks. Under such software-based schemes, users requiring access to a particular codes or particular programs must enter a password in order to gain access to the network. One method of circumvention is to boot a workstation or the file server with a floppy disk containing a booting program, which is inserted into the "A" drive of a personal computer attached to the network. The network server or the workstation is then booted with the appropriate operating system. Once the network server or workstation has been booted, various utility programs are then used to obtain access to the system. Once access is gained, any software, data or programs may be easily, and often undetectably, copied. Thus unauthorized users may obtain sensitive information.
Passwords are often written down by authorized users, verbalized to co-workers or forgotten. With the proper password even an authorized user may remove sensitive data or programs. In addition, passwords do not protect the network from a user loading programs from home or other sources that may contain a software virus.
One solution to this problem is the removal of the "A" drive from all the computers in the network when not in use. Disk drives are available that can easily slide in and out of position. Organizations may mandate that, whenever a computer is not in use, the "A" drives be stored in a secure place, so as to prevent use of the "A" drive to boot the network server or workstation. Alternatively, the organization may require that the computer be run without an "A" drive, except when needed, for example, to update software. However, these "A" drives are generally of standard manufacture. Accordingly, it is a fairly simple matter for an unauthorized user to obtain a standard removable disk drive, and insert it into the appropriate position in the personal computer.
Accordingly, it is an object of this invention to provide a system for restricting access to a personal computer to authorized users.
It is a further object of this invention to provide a system for restricting access to a personal computer having a removable disk drive.
It is a further object of this invention to provide a system for protecting the security of a personal computer and a network in communication with such a personal computer whereby only the particular disk drive that matches to that personal computer can be used for obtaining access to the personal computer and its associated network.
It is a still further object of this invention to provide a combination of a personal computer and a disk drive wherein only that particular disk drive may be inserted into that computer.
It is a further object of this invention to provide connectors for computer hardware units, whereby only those hardware units having identified matching connectors may be connected to a particular hardware unit.