1. Field of the Invention
The present invention relates to a portable computer system having a security function for confirming that the operator is an authorized user.
2. Description of the Related Art
Recently, personal computers have been reduced in size and weight to be more easily portable, and enhanced in performance and functions. Particularly, laptop type personal computers driven by a battery and having a large capacity memory such as a Hard Disk Drive (HDD), a RAM pack, and further a card interface, for example, of Personal Computer Memory Card International Association (PCMCIA) cards are widely popular.
The most advantageous feature of these personal computers resides in that everyone can easily use them by a simple operation irrespective of a place. On the other hand, wide spread of the personal computers tends to increase the opportunity of processing secret information. Therefore, sufficient consideration is required with regard to the security function.
Conventionally, the security function is realized by programming the computer to check a password input by the operator each time the power source is switched on. In this password check, inputting of a password is requested immediately after start of power supply, and then it is checked whether the input password coincides with a password previously registered. When coincidence is detected therebetween, the personal computer becomes active to start a data processing corresponding to an instruction input by the operator.
However, the conventional security function has the following drawbacks.
(a) In a case where the personal computer incorporates a hard disk storing secret information, anyone of authorized users can obtain the information by instructing the computer to access the hard disk. This bothers a restricted number of the authorized users who take responsibility for the management of the secret information. Further, if there are many authorized users who knows the password, there is a possibility that an unauthorized user easily gets the password from one of them.
(b) The aforementioned personal computer generally includes a CPU for controlling the system operation, a password memory for storing a registered password, and a system bus connected between the CPU and the password memory. The CPU accesses the password memory via the system bus to read the registered password stored in the password memory. Therefore, there is a possibility that an unauthorized user gets the registered password from the password memory by an unacceptable access method.
(c) Some of the personal computers has a resume function in which a data processing is interrupted after the main power source is switched off, and restarted from the interrupted point after the main power source is switched on. In a case where an operator has switched off the main power source after setting a mode of the resume function to leave the computer, a display stops to display the display data stored in a video RAM. At this time, a backup power is supplied to the video RAM and the video RAM maintains the display data under the backup power. When the main power source is switched on, the display starts to display the display data stored in the video RAM. At this time, a password-input window is displayed on a part of the display screen. Therefore, anyone can obtain information concerning the interrupted data processing from the display data displayed in the background of the password-input window. In other words, an unauthorized user can obtain the information without inputting any password.
(d) Some of the personal computers has an instant security function such as an operation lock function in which display and keyboard operations are locked without interrupting the data processing. To unlock the operations, it is necessary to input a password that is identical to that accepted in the password checking effected at the time of power-on. In this power-on password checking, if a wrong password has been input, for example, more than two times, inputting of the next password is generally rejected for at least a preset period of time thereafter. If the password is simplified to facilitate the unlocking, the reliability of the security function will be lowered. In addition, the number of times a wrong password is input is not counted in the operation lock password checking, since this checking is effected after the operator is detected to be an authorized user in the power-on password checking. Therefore, it is possible for an unauthorized user to find the registered password by repeatedly inputting a password selected at random.
(e) Assume that an operator left the computer after setting a mode of the resume function and switching off the main power source. The interrupted data processing will be restarted when a password indicating an authorized user is input after the main power source is switched on. However, if the password is input by another unfamiliar operator, this operator may cause the restarted data processing to be in a state that the operator who left the computer cannot continue his or her job.