A security system for the PC "under windows"

number: 
107
إنجليزية
department: 
Degree: 
Imprint: 
Computer Science
Author: 
Omar Nabil Al-Khatib
Supervisor: 
Dr. Mohemmad Ali Shallal
year: 
1995
Abstract:

Data security is a hot topic these days and with good reason: As PCs are spread throughout the world and as an increasing number of people become computer literate, more information seems to be flowing more freely. There are many ways to secure sensitive data files from unauthorized access, but few are effective. In this research, two security systems under Windows 3.1 are designed. The first system (HDPM) which is an acronym for Hard Disk Partition for Multiusers system, combines the idea of hard disk partitioning with the encryption methods. The system allows the hard disk to be shared by multiple users, each user has his/her own partition to work with, not affecting other users' partitions. The partition is a hidden area from the operating system (MS-DOS, OS/2, and Windows NT), this provides a first level of security. The hidden partition will not show up until the user provides the correct password. The correct password opens the partition, which means the partition will be visible to the operating system. Besides hiding the partition, an encryption method is used on the data stored on it, this provides a second level of security. One partition is considered to be the global partition, which is drive C:, the other users' partitions are named drive 0: (One partition is opened for each user at a time). The second system, CRADP (CopyRight Anti-Debugging Protection], which as its name implies, is aimed at curing the shortcomings that exist in the techniques presently used for the copyright protection. Three of these exiting methods are presented and shown to be vulnerable and could be broken by experienced programmers using DEBUG.EXE or TD.EXE to disassemble the program, tracing it and then removing the code for copy protection. CRADP inserts a code in any .EXE program under DOS. This code is responsible to protect the .EXE program from being changed by unauthorized programmers to break the protection method used. The code depends on three ievels: password, summation byte and setting the interrupt controller 8259A Chip. The password is used to decrypt the rest code of the program to continue execution. The summation byte is generated from summing the code of the program from the beginning to a specified address. Then use this summation byte generated to decrypt the rest of the program's code. This prevents any attempt to change the code included in the summation byte process. Finally, Setting the interrupt controller (8259A) to disable all the interrupts of the PC, so that the system can not be traced using the keyboard. Both systems (HDPM and CRADP) are designed using Borland Turbo Pascal version 7.0 under Windows 3.1.