1. Field of the Invention
The present invention is an improved system and method for providing system security in a computer. More particularly, the present invention relates to improved security provided by the operating system of a personal computer.
2. Background Art
Security, particularly data security, is an essential aspect of any computer and its operating system. It is desirable to make data and programs stored on a computer system available to authorized users with a minimum of effort by (and delay to) an authorized user with minimum overhead to the computer while preferably denying access to the programs and data to those who are not authorized to use the data and programs (or at least delaying substantially and requiring much time and trouble).
It is well known to have a “power-on” password on a computer system. Such a system allows an authorized user to identify himself as an authorized user by his entry of the power-on password, then access the data and the programs stored on the computer.
It is also well known, particularly in large computer systems and in networks, to have different levels of security provided by password control. That is, a first user (or group of users) might have one level of authorization to perform some functions with the computer or the network and to be denied performing other functions, with a second user (or group of users) with a higher authorization being permitted to perform those functions the first user was denied. For example, in a grocery store, a cashier may be able to process sales transactions but not “credit” transactions (or credit transactions above a threshold), which may require a manager's authorization). As a second example of differing levels of authorization, in a mainframe computer, the password of the system administrator must be employed to add a new user to the list of authorized users, a function which an authorized user would not be permitted to perform.
But a personal computer might be subject to a variety of attacks, ranging from a physical attack (an attempt to get into the hardware by removing a cover or other enclosure) to repeated entry of different passwords to try to find the right password (a process which has been called “hammering” in the trade). Many of the present day personal computers have some form of security, perhaps a power-on password. These systems lack a log of the access attempts and the results thereof, allowing someone to try repeatedly different passwords until the valid password is determined. Some systems have a system which locks up after several failures to enter the proper password, but these systems then allow the computer to be powered down and powered back up for repeated efforts to find the right password. This system of having to power the computer down and back up may slow down the process of breaking into the computer but it does not prevent it.
Although it might be assumed that a personal computer bears a greater risk of security breaches at some times rather than others (for example, at night or on a weekend in an office environment, the security risk is greater because fewer people are present), the present security systems for personal computers do not take into account that the risk of security attempt differs by the day and time.
The Operating System Patent discloses the functions of an operating system and suggests some limited forms of security for the personal computer. Other personal computers on the market include some forms of security, sometimes quite limited such as a key lock, while others rely on a power-on password.
Accordingly, the current systems for providing computer security, particularly in a personal computer system, have undesirable limitations and disadvantages.