Personal computer systems in general have attained widespread use for providing computer power to many segments of today's modern society. Personal computer systems can usually be defined as a desktop, floor standing, or portable microcomputer that comprises a system unit having a single system processor and associated volatile and non-volatile memory. FIG. 1 is an example of a typical personal computer system 10. The personal computer system 10 typically includes an associated display monitor 11, a keyboard 12, one or more diskette drives 13, an associated printer 14, and a hard drive (not shown).
With the phenomenal growth and use of personal computers in the world in recent years, more and more data or information is being collected and retained or stored in such systems. A lot of this data is sensitive in nature. In the wrong hands, data could become embarrassing to individuals, a company could lose a competitive edge, or sensitive data could be used to force payment for silence or lead to physical violence against individuals. As more users recognize the sensitive nature of data and its value, the more it becomes desirable to protect against such misuse.
To protect themselves and the persons associated with the stored data, users are requiring the incorporation of security and integrity features into the personal computers that they purchase. Consequently, as security requirements for personal computer systems continue to become more sophisticated, the addition of cryptography hardware will become mandatory for some market segments. Other market segments will be unwilling to pay for the increased system cost resulting from the addition of what is perceived to be unneeded hardware. This dichotomy requires personal computer vendors to manufacture and maintain different system configuration whose only difference is the presence or absence of the cryptography hardware. Alternatively, some vendors may choose to manufacture a single system whose security features can be upgraded by adding a hardware module or card. In the latter case, some protection is needed to ensure that sensitive data (i.e., encryption keys) on the card, along with the secrets that they protect, are not compromised if the card is moved between systems.
Accordingly, what is needed is a method and system for determining whether a security card has been added/removed from a computer system thereby allowing the computer system to boot up in a more secure fashion. The method and system should be simple, cost effective and capable of being easily adapted to current technology. The present invention addresses such a need.