IBM Technical Disclosure Bulletin Volume 30 No. 5 October 1987 at pages 57 and 58 discloses a security system for a personal computer. Personal computers such as, for example, the IBM Personal System/2 (IBM and Personal System/2 are trademarks of International Business Machines Corporation) range of computers are provided with a power-on password facility to prevent use of the computer by unauthorized persons; in this case an unauthorized person is a person not knowing the power-on password. In the IBM Personal System/2 range of computers the power-on password is held non-volatile (battery powered) CMOS Random-Access Memory ("RAM").
The power-on password facility provided on the IBM Personal System/2 personal computers is limited to a single password, and once a person has access to that password the full facilities of the computer are available to that person.
It would be desirable to provide access to the computer for a plurality of users and also provide different levels of access to the facilities of the computer. In particular it is desirable to have a computer system in which the way the system boots up after power-on or system reset has been predetermined at the stage of set up and configuration of the system by a system manager or similar such control person. The term "boot" refers to initial program load into the computer memory. In the case of computer systems which are capable of booting from multiple devices (i.e. from diskette, fixed disk or the like), when the system is switched on initially, a boot (sometimes referred to as bootstrap) program is initialized to load the operating system from a reserved area on the media (this may be on the floppy diskette, fixed disk or remote device) and load the operating system. The boot routine is held in the system's Read Only Memory ("ROM") and it is automatically entered after switching on the system or is activated upon acceptance of the user entered power-on password.
In prior art computer systems, password access to the system facilities is activated after the operating system has been loaded. Unauthorized access is possible before the operating system has been loaded by using an alternative boot up program. Once the unauthorized user has succeeded in booting up the system all facilities of the system are vulnerable to misuse.
In order to illustrate the problem of the prior art one may consider the precautions being taken by computer system managers to prevent contamination by computer viruses and the like. A personal computer is conventionally restricted to a single user by a conventional physical key lock or a power-on/configuration password as described above. Any user having such access has unrestricted access and may use the diskette drive if fitted. The most common source of computer viruses is from a diskette contaminated with the virus, either deliberately or as a result of inadequate screening of stored programs and data on diskette made available to the user.
Prior art multi-access computer systems are configured to attempt to boot up from the diskette drive (provided a suitable diskette is inserted) or, if not possible from diskette, to attempt boot up from other storage media eg the fixed disk or remote device. It is clear that allowing an unauthorized user access to an activated diskette drive could allow that user to introduce a computer virus stored on a diskette; the prior art systems which only prevent access to unauthorized operators once the machine has booted up may have already been contaminated with a computer virus before the operating system password control security system is in operation.