1. Field of the Invention
The present invention relates to a method for concealing and protecting data by employing a password to read and overwrite the data recorded in a removable storage medium provided in a storage device, which is connected to an information processor, such as a computer, a word processor and an electronic book apparatus, under a control from the storage device or the information processor, and the present invention also relates to a storage device using the method.
2. Description of the Related Art
There is a case where information should not be accessed by other persons that an original holder or administrator, because such the information relates to a personal privacy or secret information on business recorded in a storage device connected to an information processor, such as a computer and a word processor.
However, it is almost easy to access the storage device of the information processor so as to retrieve data and to copy bulk data. This brings problems such that important data can be easily accessed and modified.
To avoid such problem, it has been proposed that a password is given to a storage device, and then, a user must input the password when accessing data on the storage device. Then, if the inputted password does not coincide with a correct password given to the storage device, the user cannot be authorized to access the storage device.
Various kinds of such structures and methods have been proposed, for example, in Japanese laid open patent applications No. 58-178456 (first conventional method), 60-189531 (second conventional method) and 4-192027 (third conventional method).
In the first conventional method, a basic structure is disclosed, in which a password is recorded in a magnetic disk to allow the access to the disk only when the password is coincident with an inputted password.
In the second conventional method, the structure is intended to protect contents stored in, particularly, an external storage medium having a large storage capacity. However, a password given in a storage medium is checked with a password that supplied from an upper level device, and if both the passwords coincide, a user can access the storage medium, similarly to the first conventional method.
These conventional methods are applicable not only to a storage device, such as a fixed disk having a large storage capacity with a volume table of contents (VTOC), but also to various kinds of removable storage mediums, such as storage devices with volume administrative information and an optical magnetic disk.
Further, it is assumed in the third conventional method that one removable storage medium can be accessed from multiple persons. When one removable storage medium is divided into a plurality of logical partitions, a password is specified in each of the logical partitions. Therefore, it is possible to provide an exclusive partition for each user by inputting a password.
However, the following problems are brought in either of the above-described conventional methods.
That is, supposing a user uses plural removable storage mediums and then the user forgets in which removable storage medium a specified document is stored, the user must access all storage mediums randomly to find out which storage medium stores the specified document.
However, when a password is set to a storage medium, i.e., a disk, according to the above-described conventional methods, the user should input the password every time he accesses the disk. That brings complicated operation for the user. Therefore, there is a possibility that the user wants to avoid the troublesome and then sets only one password for almost all disks, without differing the password in each disk.
Moreover, it should be considered that a situation where a user forgets which storage medium provided in a removable storage device has stored a specified document may frequently occur. This is because such the information itself that a certain storage medium “01” stores a specified document “A”, such as a diary, should be concealed.
To avoid the above-described situation or condition, the user may put the label title such as the “secret business documents” on a storage medium “01”, for example. This gives to the others a chance to illegally access data, and then, the secret may leak out. With the same reason, it is not suitable administration to print out a list of contents in each disk. Therefore, disk administration may become to be dependent on user's memories or uses easy keywords.
Further, in an other mode, there is a case where one user instructs the other person to find and take out a disk, on which business information is recorded due to urgent requirement on ordinary business. In this case, a password is not informed to the instructed person, and therefore, the person cannot know which disk he should take out.
Actually, the user should inform the password to the instructed person, or the disk administration is operated without any password in consideration with such the condition. In the foregoing case, the number of persons having known the password of the removable storage medium will increase unintentionally, and therefore, it becomes a problem from the view of the security. On the contrary, in the later case, a security function can not be fundamentally employed.
On the other hand, a library storage device has been employed for automatically administrating multiple storage mediums. It is now considered to treat a storage medium protected by a password in such the storage device. In this case, a label or a serial number is employed on an individual storage medium to specify each of the multiple storage mediums, which the library storage device administrates. Therefore, it is necessary that the library storage device can read out the label on each storage device.
However, if a password is specified to refer such the label or the substation, it is general that the same password is specified to all disks that the library device administrates. In such the mode, once a password is specified to one disk, access all storage mediums would be permitted. Viewing from the point of system security, this situation is not acceptable.
As described above, situations where disks are frequently exchanged and are referred occurs in a removable storage device. Therefore, when employing either of the conventional methods, it is inclined to form a careless administration, such that only one password is specified for almost all storage mediums. More particularly, the problem occurs if either of the above-described conventional method is applied to multiple removable storage mediums. As a mass-storage medium has larger capacity, much information illegally referred will increase, and therefore, a serious problem will occur.