1. Field of the Invention
The present invention relates generally to secure network computers.
2. Description of the Related Art
Secure network computers (SNC) are used in secure networks, such as “virtual private networks” (VPN), that are as a practical matter not accessible to computers outside the network. Secure networks can be used by companies and agencies desiring to maintain confidential information on a computer network while permitting only authorized people to access the network via the SNC of the network.
As part of security efforts, it might be desirable that secure network computers operate without significant non-volatile memory such as hard disk drives. This is because data control is made less complicated when all data remains in a single network drive, being downloaded from the network drive by the individual computers on an as-needed basis. That is, depriving network computers of local hard disk drives ensures that multiple copies of potentially sensitive data are not dispersed throughout the network, but rather that the sensitive data is maintained in a single network location, thereby simplifying data control and security.
Simply removing the local hard disk drives from network computers and allowing the computers to access a network drive instead, however, is not without complications. Among these complications is the fact that most computers “boot up” when energized by retrieving the computer's operating system from a local hard disk drive. The operating system is then temporarily stored in high speed volatile memory until the computer is deenergized, at which time the operating system is no longer available in the volatile memory. Furthermore, once booted, most computer operating systems are designed to frequently issue input/output (I/O) requests for data to a local drive connected to the main data bus of the computer, not to a network.
One way to address the above-noted problem is to provide modified versions of a boot program and operating system that issue I/O requests to a network port instead of to a local hard drive. However, modifying an operating system is expensive and requires operating system vendor support, which may not exist. The present invention critically recognizes that it would be desirable to enable the use of an off-the-shelf, unmodified operating system that can be accessed at a network location in a secure computer network for temporary storage in local volatile memory, and that subsequently can operate in a diskless computer.