JP2008186220A - Removable memory unit - Google Patents

Abstract

An OS stored in a removable memory unit can be booted on the removable memory unit without being read into a computer device.
A memory unit 13 includes a first storage area 13a recognized as a floppy disk drive and a second storage area 13b recognized as a hard disk drive. The first storage area 13a is used as a floppy disk drive. A control storage unit 14 that stores information for recognizing the second storage area 13b as a hard disk drive is provided, the OS main body 32 is stored in the second storage area 13b, the MBR 30 and at least the first storage area 13b, The OS startup program 31 including a search script for specifying the storage location of the OS main body 32 by searching the second storage area 13b is stored, the OS startup program 31 is read from the MBR 30, and the OS main body 32 is searched for the removable memory. Start on unit 10.
[Selection] Figure 1

Description

  The present invention relates to a removable memory unit that stores an OS (operating system) of a computer device, and in particular, can be started on a removable memory unit without reading the OS stored in the removable memory unit into the computer device. The present invention relates to such a removable memory unit.

  A computer device currently used by many users installs a processor chip, an OS startup program, and an OS (operating system / calculation / control program) on a hard disk built in the computer device, and the OS is started by the OS startup program. When activated, the processor chip is configured to control various resources in the computer device according to the OS and perform arithmetic operations.

  The hard disk device is divided into an area managed and used by the OS and an area used by the user, and application programs necessary for the user to use the computer device are installed in the user used area of the hard disk device under the management of the OS. , Operating under the control of the OS. In addition, data created by the user operating the computer device (starting a desired application) can also be stored in the user use area of the hard disk device.

  In addition, when a computer device is placed in a network environment, it accesses resources such as various servers and shared file devices in the network according to the network environment conditions set for the network and the user's computer device. Data permitted in the computer device can be acquired or the data can be rewritten.

  Further, when the computer device is placed in a network environment where an external network can be accessed from the LAN (local area network) via the Internet, various resources such as an external WEB server accessible via the Internet network. Can also be used.

  Such a computer device is also used for creating and storing highly confidential information in a company or the like. Therefore, the computer device is used by a third party who is not allowed to steal or originally use the computer device. There is a risk that confidential information may be leaked. In order to prevent such a situation, security measures for the computer apparatus and the network are required.

  Various methods have been proposed as security measures for computer devices, and many methods have been applied in practice. Generally, a method is employed in which a personal authentication function is installed in the OS startup program, the password set by the original user is input when the OS is started, and the OS is started by checking the set password. In this method, if the password is stolen or the password is taught to another person, the original security function cannot be achieved, and it cannot be said that it is an advanced security measure.

  As a security measure for a computer device, for example, the following Patent Document 1 (Japanese Patent Laid-Open No. 2002-341957) discloses a computer startup method using a removable unit such as a flash memory. In this computer startup method disclosed in Patent Document 1, a removable unit that is detachable from a computer main body includes a general data recording unit and a user code recording unit made of a flash memory, and can be used as an MP3 player. The BIOS-ROM includes a unit code recording unit, an interface unit to which the removable unit is connected, and a control unit that allows the system to be activated when the user code matches the unit code.

  When the computer user starts the computer, the removable unit is connected to the computer main body. The user code is sent from the removable unit to the computer via the interface, and the controller of the computer compares the contents of the user code with the contents of the unit code. If they match, the system is allowed to start. If they do not match, system startup is not permitted. By doing so, it is possible to start up the computer only when the correct removable unit is connected by simply connecting the removable unit to the computer body without using a password.

  According to this method, as long as the removable unit is properly managed by the user, an operation such as password entry is unnecessary and convenient, but the removable unit is stolen or lent to a third party. If this happens, you will not be able to perform the security function, which is not much different from using a password.

  To solve this problem, if a server room with security is provided and a system in which the client does not have a hard disk is built, access via the network is relatively easy even though the hard disk can be taken out or stolen. Easily possible.

  Recently, since the storage capacity of the removable unit has increased dramatically, it has become common to use a removable unit such as a USB memory stick. For example, the following Patent Document 2 (Japanese Patent Laid-Open No. 2005-166049) discloses a memory storage device including a fingerprint sensor.

  A memory storage device having a fingerprint sensor disclosed in Patent Document 2 includes a host interface connected to a host, a controller connected to the host interface, a fingerprint sensor connected to the controller, and a memory module. Communicates by handshake, downloads the driving program and application program suitable for the host from the memory module to the host, the host receives the user's command through these two programs, notifies the controller to control the fingerprint sensor and uses it The user's recognition standby fingerprint data is read, the recognition standby fingerprint data is processed using an application program, and compared with the template fingerprint data stored in the memory module. Comparison, in which the host is configured to allow access to a particular block of memory modules by the comparison result.

  Thus, since the storage capacity of the removable unit has increased dramatically, the computer apparatus does not install the OS startup program or the OS itself, and the computer apparatus does not have input means such as a display means or a keyboard and a USB port. It is possible to provide only the removable unit connection means so that it does not function as a computer device when the removable unit is not connected.

  FIG. 8 is a block diagram showing such a removable unit and a computer device, and the USB memory unit 100 is used as the removable unit. The computer device 200 includes a display unit 210 such as a liquid crystal display unit, an input unit 220 such as a keyboard and a mouse, and a USB port 230 for connecting the USB memory unit 100. Although not shown, the computer device 200 is equipped with a microprocessor chip that controls the display unit 210, the input unit 220, and the USB port 230.

  On the other hand, the USB memory unit 100 includes a USB controller 110, an input / output unit 120, a processing module 130 having an OS activation program 131, an OS 132, and a memory 133. When the user uses the computer device 200, the USB memory unit 100 is connected to the USB port 230 of the computer device 200, and the OS activation program 131 is activated to activate the OS 132, via the input / output unit 120 and the USB port 230. Thus, information can be transmitted and received between the display unit 210 and the input unit 220 of the computer device 200, and the processing module 130 of the USB memory unit 100 operates as a part of the computer device 200.

  Generally, information called MBR (Master Boot Record) is used to start the OS of a computer apparatus. This MBR is recorded at the head address of the storage device, and is usually information of about 512 bytes. The MBR is stored in a storage area that is read first in order to start up the OS after the computer apparatus is turned on and a BIOS (Basic Input Output System) is started up. Screen information etc. are recorded. Therefore, the OSR program 131 of the USB memory unit 100 stores MBR in the first 512 bytes.

  When the computer apparatus is powered on, a BIOS (Basic Input Output System) is activated, and the MBR recorded in the first 512 bytes of the storage device is read by the BIOS. Since the MBR stores the address of the storage area of the OS 132, initial display screen information, and the like, the BIOS can display the initial screen on the display means and start the OS 132.

  With such a configuration, an OS and a hard disk are not required in the computer apparatus body, and no data remains in the computer apparatus body, so that information leakage can be completely shut out. Furthermore, if an authentication system is combined with this USB memory unit (also referred to as a memory stick type client device), it is possible to have a higher level of individual security.

  It is also possible to store various application software in the USB memory unit and start the application software on the USB memory. In this case, the application software is preferably stored in a read-only storage area such as a CD-ROM. However, since the USB memory unit is generally recognized as a hard disk unit by the computer device and not recognized as a CD-ROM, the application software cannot be stored in a non-rewritable storage area.

  A USB memory unit that solves such problems is disclosed in, for example, Japanese Patent Application Laid-Open No. 2004-171536 described below. This USB memory unit divides a storage area into an area where data can be read, written and deleted and an area where only data can be read, and these areas are discs where information can be read, written and deleted. Information for recognizing the device and information for recognizing as a CD-ROM device that can only read the information are stored, and the USB mass storage class driver of the host stores each of the USB storage devices. The area is configured to be recognized as two different types of devices, a disk device and a CD-ROM device.

JP 2002-341957 A (FIG. 3) Japanese Patent Laying-Open No. 2005-166049 (FIGS. 1 and 4) JP 2004-171536 A (FIGS. 1 and 2)

  By the way, when a USB memory unit storing an OS as shown in FIG. 8 is connected to a computer device and the OS is operated on the USB memory unit, to which computer device the USB memory unit is connected and used. Are different depending on the user, it is preferable that there is no dependency on the model of the computer device.

  For example, even if the computer device has a hard disk driver and can be connected to a hard disk drive, the hard disk drive that can be connected is limited depending on whether it is a hard disk driver corresponding to a SCSI hard disk drive or a DE hard disk drive. Similarly, when a CD-ROM driver, a DC-RW driver, or the like differs depending on the model of the computer device, a device that can be connected to the computer device is restricted.

  When a USB memory unit is connected to a computer device, a USB driver is incorporated in the computer device. Generally, the USB driver recognizes the USB memory unit as a hard disk drive. A hard disk drive is usually recognized by a computer device as a structure having a plurality of storage areas partitioned by partitions. Therefore, when the OS is stored in the USB memory unit and the OS is operated on the USB memory unit as shown in FIG. 8, the MBR is recorded at the head of the data storage area of the USB memory unit, and the MBR It is necessary to record the storage location where the OS body is stored. That is, it is necessary to record in which partition the storage location of the OS main body is stored.

  The storage area of the USB memory unit is recognized as a structure having a plurality of storage areas sd1 to sd4 divided by a plurality of partitions as shown in FIG. In FIG. 9, sda represents a disk drive a, and when there are a plurality of physical drives, each disk drive is represented as sdb... Sdn. Note that sda indicates that the hard disk drive conforms to the SCSI standard, and when the hard disk drive conforms to the DE standard, it is represented as hda... Hdn. Similarly, when the disk drive is based on the CD standard, it is represented by sr. In addition, the number of partitions by partition can be divided into a maximum of nine partitions of the basic partition 4 and the logical partition 5 in the SCSI standard. The same applies to the DE standard.

  Which hard disk drive standard the computer device employs depends on the manufacturer and model. Since the USB memory unit is connected to various computer devices, it should not depend on the model, and has drive information applicable to any of the SCSI standard, DE standard, CD standard, and the like.

  As an example of the method for starting the OS, the address of the storage area of the OS 132 and the initial display screen information are recorded in the MBR, the BIOS displays the initial screen on the display means, and the OS 132 is started. As another method of starting the OS, the memory location of the OS main body is not directly stored in the MBR, but the memory location of the OS main body is set at the memory location specified by the relative address with respect to the MBR memory location (the start address of the memory). It is also considered that the OS boot program including the search script to be searched is recorded, and the OS body is specified by sequentially searching each storage area divided by the partition.

  FIG. 10 is a diagram showing the configuration of this OS boot program. The OS boot program includes a search script for searching the storage location of the OS main body, and is configured to sequentially search each storage area divided by the partition and specify the OS main body by executing the search script. Has been. This OS boot program can be read and executed by storing it in a position indicated by a relative address with respect to the storage address of the MBR, and specifying the relative address position in the MBR.

  As shown in FIG. 10, the search script included in the OS boot program is a script that sequentially searches the partitions sda1 to sda9 of the disk drive sda, a script that sequentially searches the partitions sdd1 to sdd9 of the disk drive sdd, and a disk drive hda Scripts that search the partitions hda1 to hsda9 in order, ... scripts that search the partitions hdd1 to hdd9 of the disk drive hdd in order so that there is no dependency on the model of the computer device to which the USB memory unit is connected A search script is provided to meet the disk drive standards. Thereby, the stored partition of the OS body can be searched and the OS body can be started.

  However, when a USB memory unit storing an OS as shown in FIG. 8 is connected to a computer device and the OS is operated on the USB memory unit, even if the USB memory unit disclosed in Patent Document 3 is applied, The computer device can recognize the memory portion of the USB memory unit as having a portion that recognizes as a hard disk drive and a portion that recognizes as a CD-ROM drive, but cannot recognize it as anything else. . For this reason, there has been a problem that the dependence on the model of the computer device cannot be completely eliminated.

  The inventor of the present application has made various studies to solve the above problems, and as a result, the computer apparatus always includes a floppy disk drive in preparation for a failure, and the OS can be booted from the floppy disk. The USB memory unit is divided into a storage area that is recognized as a floppy disk and a storage area that is recognized as a hard disk, and the MBR and OS boot program are stored in the storage area that is recognized as a floppy disk and recognized as a hard disk. If the OS main body is stored in the storage area, the above problem can be solved, and the present invention has been completed.

  That is, the present invention has an object to solve the above-described problems, and can be started on a removable memory unit without reading the OS stored in the removable memory unit into the computer apparatus regardless of the model of the computer apparatus. An object of the present invention is to provide such a removable memory unit.

In order to solve the above-mentioned problem, the invention according to claim 1 of the present application is
In a removable memory unit connected to a computer device having a port for connecting a display means, an input means and a removable memory unit,
The removable memory unit includes a memory unit including a first storage area recognized as a floppy disk drive and a second storage area recognized as a hard disk drive, and the first storage area as a floppy disk drive. A control storage unit storing information for recognizing the storage area of 2 as a hard disk drive,
An OS bootup that stores an OS main body in the second storage area, includes a master boot record in the first storage area, and a search script that searches at least the second storage area and specifies a storage location of the OS main body. A program is stored, an OS boot program is read from the master boot record, the OS main body is searched, and booted on the removable memory unit.

Further, the invention according to claim 2 of the present application is the removable memory unit according to claim 1,
The removable memory unit further includes a fingerprint authentication unit comprising authentication verification data storing fingerprint data for authenticating a proper owner of the removable memory unit and a fingerprint sensor,
The OS startup program sequentially searches the second storage area as a hard disk drive having a plurality of storage areas partitioned by partition, and in addition to the search script for searching the storage location of the OS main body, the second storage area A search script for searching the OS main body as a hard disk drive having one storage area that is not partitioned by partition;
When authentication in the fingerprint authentication unit is established, the OS boot program is read by the master boot record, the OS main body is searched, and the OS main body is started on the removable memory unit.

Further, the invention according to claim 3 of the present application is the removable memory unit according to claim 2,
The removable memory unit further includes RFID reading means, and the authentication verification data is read from an RFID tag storing fingerprint data for authenticating a proper owner of the removable memory unit.

  In the invention according to claim 1, the removable memory unit includes a memory unit including a first storage area recognized as a floppy disk drive and a second storage area recognized as a hard disk drive, and the first storage. A control storage unit storing information for recognizing the area as a floppy disk drive and the second storage area as a hard disk drive, storing the OS main body in the second storage area, and storing the first storage An OS boot program including a master boot record in the area and a search script for searching at least the second storage area to identify the storage location of the OS main body is stored, and the OS boot program is read out by the master boot record to read the OS Search the main unit and start it on the removable memory unit. To.

  According to such a configuration, the OS stored in the removable memory unit can be started on the removable memory unit without being read into the computer device, and the MBR and the search script for searching the OS main body are included. Since the OS boot program is stored in a memory area (first storage area) that the computer apparatus recognizes as a floppy disk drive, the BIOS can read the MBR and OS boot program from this area and boot the OS main body. It becomes possible to eliminate the dependence on the model.

In the invention according to claim 2, in the removable memory unit according to claim 1, the removable memory unit further includes authentication verification data storing fingerprint data for authenticating a proper owner of the removable memory unit and a fingerprint sensor. A fingerprint authentication unit consisting of
The OS startup program sequentially searches the second storage area as a hard disk drive having a plurality of storage areas partitioned by partition, and in addition to the search script for searching the storage location of the OS main body, the second storage area A search script for searching the OS main body as a hard disk drive having one storage area that is not partitioned by partition, and when authentication in the fingerprint authentication unit is established, the OS boot program is read by the master boot record and Search the OS itself.

  According to such a configuration, the security of the removable memory unit can be improved, and one storage area in which the USB memory unit, which is a removable memory unit, is not divided by partitions after authentication is established by the fingerprint authentication unit. By executing a search script (for example, search scripts sda, sdb... Sdd of FIG. 3) that searches the OS main body as a single storage area that is recognized as a disk drive having The storage location of the main body can be specified, and the OS can be started.

  According to a third aspect of the present invention, in the removable memory unit according to the second aspect, the removable memory unit further comprises RFID reading means, and the authentication verification data is used for authenticating a proper owner of the removable memory unit. Read from the RFID tag that stores the fingerprint data.

  According to such a configuration, the reference data for authentication is separated from the outside of the USB memory unit and stored in advance in the chip of the RFID tag. Even when the test is performed under a forced external force, the security function can be improved without passing the authentication without the RFID tag.

  Hereinafter, specific examples of the present invention will be described in detail with reference to examples and drawings. However, the embodiment shown below exemplifies a removable memory unit for embodying the technical idea of the present invention, and is not intended to specify the present invention as this removable memory unit. The present invention is equally applicable to the removable memory units of other embodiments within the scope of the claims.

  FIG. 1 is a diagram illustrating a configuration of a removable memory unit and a computer apparatus according to the first embodiment of the present invention. In the first embodiment, the removable memory unit includes a USB memory unit 10, and the computer device 20 includes a USB port 23 for connecting the USB memory unit 10.

  Similar to FIG. 8, the computer device 20 includes a display unit 21, an input unit 22, a control unit such as a microprocessor (not shown) for controlling these, a power source, in addition to the USB port 23 that is a connection port of the removable memory unit. Although it has a unit, it does not have an OS startup program or a hard disk device in which an OS is installed unlike a normal computer device. Therefore, the computer device 20 alone cannot be operated as a computer device.

  The USB memory unit 10 includes a USB controller 11, an input / output unit 12, a memory unit 13, and a control storage unit 14 in the same manner as a general USB memory unit. The memory unit 13 is divided into a first storage area 13a recognized as a floppy disk drive from the computer apparatus 20 and a second storage area 13b recognized as a hard disk drive from the computer apparatus 20, and a control storage unit 14 stores information indicating which logical block of the memory unit 13 is an area used as a floppy disk drive and which logical block of the memory unit 13 is an area used as a hard disk drive. The information stored in the control storage unit 14 is the information for the floppy disk drive similar to the information for the CD-ROM drive in Patent Document 3 described above.

  Accordingly, when the USB memory unit 10 is connected, the USB driver of the computer device 20 recognizes the first area 13a of the memory unit 13 as a floppy disk drive and the second area 13b as a hard disk drive. As shown in FIG. 2, a logical block having a predetermined storage capacity is assigned to the first area 13a from the start address of the memory unit 13, MBR30 is stored in the first 512 bytes, and a relative address with respect to the storage position of the MBR30 The OS boot program 31 is stored from the storage location specified by.

  On the other hand, the OS main body 32 is stored in the second storage area 13b as shown in FIG. 2, and the other portion 33 is used as a storage area for files created by the user. The OS boot program 31 stores a minimum program for booting the OS main body, and includes a search script for searching a stored area of the OS main body. In addition, the OS startup program stores a program that is minimally required to start the OS main body 32, such as a program for displaying an OS desktop screen.

  The start address of the storage location of the OS boot program is stored in the MBR, but is stored as a relative address with respect to the storage location of the MBR. Accordingly, the MBR is read out, and the OS boot program 31 stored with the relative address position stored therein as the head can be read out and executed. Since the OS boot program 31 stores a search script for searching an area where the OS main body 32 is stored, the OS can be started by specifying the storage location of the OS main body 32 by executing this search script. The search script of the OS startup program 31 has the same configuration as that of the normal search script, that is, the search script shown in FIG.

  In the USB memory unit 10 according to the first embodiment of the present invention, since the MBR 30 is stored at the head of the first area 13a of the memory unit 13 that is recognized as a floppy disk drive, the BIOS stores the MBR 30 from the floppy disk drive. A procedure for reading and starting the OS is started. Therefore, the OS can be started by the floppy disk driver provided in all the computer devices without depending on the model of the computer device.

  Since the MBR 30 read from the first storage area 13a stores the location of the OS startup program 31 at a relative address with respect to the storage location of the MBR 30 (the first 512 bytes of the memory unit 13), the OS startup program from the MBR 30 is stored. 31 is read and the search script is executed. The search script can search the portion of the second storage area 13b that is recognized as the hard disk drive, search for the location where the OS main body 32 is stored, and start the OS main body 32.

  The first embodiment is an example in which the MBR 30, the OS boot program 31, and the OS main body 32 are stored in the memory unit 13 of the USB memory unit 10, but an authentication unit for fingerprint authentication is further provided in the USB memory unit 10. The security of the unit 10 can be improved.

  FIG. 3 is a block diagram of the configuration of the removable memory unit according to the second embodiment of the present invention. The USB memory unit 10 shown in FIG. 3 has basically the same configuration as that of the USB memory unit 10 shown in FIG. 1 except that it includes a fingerprint sensor 18 and authentication verification data 19. It is a different point. In FIG. 3, the same reference numerals are given to the same components as those in FIG.

  As shown in FIG. 3, the USB memory unit 10 includes a fingerprint authentication unit including a fingerprint sensor 18 and authentication verification data 19 in order to authenticate the owner of the USB memory unit 10. The authentication verification data 19 stores fingerprint data (verification fingerprint data) of the authorized owner of the USB memory unit 10. The fingerprint data read by the fingerprint sensor 18 is collated with the authentication collation data 19, and if both match, the use of the USB memory unit 10 is permitted. If they do not match, the use of the USB memory unit 10 is not permitted, and the data stored in the USB memory unit 10 cannot be read / written or used.

  Similar to the USB memory unit 10 of FIG. 1, the memory unit 13 includes a first storage area 13a recognized as a floppy disk drive by the computer apparatus 20, and a second storage area recognized as a hard disk drive from the computer apparatus 20. 13b. In the first area 13a, a logical block having a predetermined storage capacity is allocated from the head address of the memory unit 13, MBR30 is stored in the first 512 bytes, and a memory location specified by a relative address with respect to the memory location of the MBR30. An OS boot program 31 is stored. Further, the OS main body 32 is stored in the second storage area 13b, and the other portion 33 is used as a storage area for files created by the user.

  By the way, when the USB memory unit 10 includes a fingerprint authentication unit, before the fingerprint authentication is established by the fingerprint authentication unit, the storage area of the USB memory unit 10 has a storage area divided into a plurality of partitions as described above. Although it is recognized as one, it is recognized as having one storage area that is not divided by partitions after fingerprint authentication is established.

  FIG. 4 is a schematic diagram showing this concept. Before the fingerprint authentication is established, the storage area of the removable memory unit is recognized as a structure having a plurality of storage areas sd1 to sd4 divided by a plurality of partitions, as shown in FIG. 4A. After the fingerprint authentication is established, as shown in FIG. 4B, the storage area of the removable memory unit is not recognized as a structure divided by a plurality of partitions, and the entire storage area sda is one storage area of the disk drive. Designed to be recognized as.

  Note that sda represents the disk drive a, and when there are a plurality of physical drives, each disk drive is represented as sdb... Sdn. Note that sda indicates that the hard disk drive conforms to the SCSI standard, and when the hard disk drive conforms to the DE standard, it is represented as hda... Hdn. Similarly, when the disk drive is based on the CD standard, it is represented by sr.

  The search script included in the OS startup program 31 recognizes the second storage area 13b recognized as a hard disk drive after authentication is established as one hard disk drive that is not classified by partition, and stores the OS main body 32 stored therein. A search script for searching is added to the search script of FIG. FIG. 5 shows the structure of the search script in the second embodiment.

  That is, in addition to the search script of FIG. 10 as shown in FIG. 5, search scripts sda to sdd for searching the second storage area 13b recognized as one hard disk drive that is not divided by partition are added. Yes. By configuring the OS boot program 31 in this way, it becomes possible to search and start the storage location of the OS main body 32 after the fingerprint authentication is established.

  In the second embodiment described above, the fingerprint data of the authorized owner of the USB memory unit 10 is stored in the authentication verification data 19, but the configuration is not limited to this. For example, the USB memory unit 10 may be provided with an RFID reader / writer that is a non-contact IC tag, and fingerprint data may be stored in an RFID tag that has been authenticated for personal identification. Then, at the time of collation with the fingerprint data read from the fingerprint sensor 18, the fingerprint data stored in the RFID tag is read using an RFID reader / writer to perform authentication collation.

  FIG. 6 is a diagram illustrating the configuration of the USB memory unit 10 according to the third embodiment of the present invention configured as described above. 6 differs from the second embodiment (see FIG. 3) in that the USB memory unit 10 is provided with an RFID reading means 15 and an authentication verification means 16, and the authentication verification data 19 of the second embodiment is stored in the RFID tag 40. Is a point. The configuration of the memory unit 13 is the same as that of the second embodiment. In FIG. 6, the same components as those in FIG. 3 are denoted by the same reference numerals.

  That is, the USB memory unit 10 according to the third embodiment stores the authentication verification data 19 in the RFID tag 40 for individual authentication (personal authentication) of the authorized owner of the USB memory unit 10 as shown in FIG. The authentication data is read by the RFID reading means 15 and the authentication collation data 19 and the fingerprint data read by the fingerprint sensor 18 are collated by the authentication collation means 16 for authentication.

  In this way, if the reference data for authentication is separated outside the USB memory unit 10 and stored in advance in the chip of the RFID tag 40, the biometric authentication action is forced by a third party against the will of the individual. Even if it is performed under the above, if there is no RFID tag 40, the authentication function is not passed and the security function can be improved. Further, for example, in the case of fingerprint data, it is possible to construct a high security level that is not easily broken by performing actions such as periodically changing the finger or changing the combination of fingers.

  FIG. 7 is a flowchart showing an OS startup procedure in the USB memory unit 10 according to the first to third embodiments of the present invention. First, in step S101, the computer apparatus 20 is turned on. In step S102, the USB memory unit 10 is connected to the USB port 23 of the computer device 20.

  Next, in the process of step S103, the MBR 30 (master boot record) stored in the first 512 bytes is read from the first storage area 13a of the memory unit 13 of the USB memory unit 10. Next, the OS boot program 31 is read based on the MBR 30 in the process of step S104. Since the storage location of the OS boot program 31 is specified by a relative address with respect to the MBR 30, and this relative address is stored in the MBR 30, the OS boot program 31 can be read by reading and executing the MBR 30.

  The OS boot program 31 stores a minimum program for booting the OS main body 32, and includes a search script (see FIGS. 10 and 5) for searching the storage position of the OS main body 32. The search script is sequentially executed in the process of step S105 to search the storage location of the OS main body 32. When the storage location of the OS main body 32 is known, the OS desktop display screen is displayed on the display unit 21 of the computer device 20 in the process of step S106. To start the OS main body 32.

  As described above in detail, according to the present invention, a removable memory unit that stores an OS (operating system) of a computer device, the removable memory unit without reading the OS stored in the removable memory unit into the computer device. It is possible to provide a removable memory unit that can be started up.

  In addition, according to the present invention, the BIOS is stored in the memory area (first storage area) that the computer apparatus recognizes as a floppy disk drive, including the MBR and a search script for searching the OS body. The MBR and OS boot program can be read from this area and the OS main body can be booted, and the model dependence of the computer apparatus can be eliminated.

  Note that a general floppy disk drive is normally recognized as a storage capacity of 1.4 megabytes. However, if the OS boot program 31 does not fit in the range of the storage capacity of 1.4 megabytes, the storage capacity of the floppy disk drive is reduced. For example, it may be configured to be recognized as having twice the storage capacity of 2.8 megabytes, and the MBR and OS boot program may be stored in this area.

It is a block diagram which shows the structure of the removable memory unit concerning Example 1 of this invention. It is a schematic diagram which shows the structure of the memory part of a removable memory unit. It is a block diagram which shows the structure of the removable memory unit concerning Example 2 of this invention. FIG. 4A is a conceptual diagram for explaining a storage area configuration of a removable memory unit having a fingerprint authentication unit. FIG. 4A is a conceptual diagram showing a state before authentication is established, and FIG. 4B is a conceptual diagram showing a state after the authentication is established. It is a schematic diagram which shows the structure of the search script contained in the OS starting program in Example 2 of this invention. It is a block diagram which shows the structure of the removable memory unit concerning Example 3 of this invention. It is a flowchart which shows the procedure of OS starting in the removable memory unit concerning this invention. It is a block diagram which shows the concept of the removable memory unit which memorize | stored OS starting program and OS main body. It is a conceptual diagram for demonstrating the storage area structure of a removable memory unit. It is a conceptual diagram which shows the search script and OS search procedure in OS starting program.

Explanation of symbols

10 .... USB memory unit 11 .... USB controller 12 .... Input / output unit 13 .... Memory unit 13a ... First storage area (floppy disk drive)
13b ... second storage area (hard disk drive)
14... Control storage unit 31... OS startup program 32... OS main body 33.

Claims (3)

In a removable memory unit connected to a computer device having a port for connecting a display means, an input means and a removable memory unit,
The removable memory unit includes a memory unit including a first storage area recognized as a floppy disk drive and a second storage area recognized as a hard disk drive, and the first storage area as a floppy disk drive. A control storage unit storing information for recognizing the storage area of 2 as a hard disk drive,
An OS bootup that stores an OS main body in the second storage area, includes a master boot record in the first storage area, and a search script that searches at least the second storage area and specifies a storage location of the OS main body. A removable memory unit that stores a program, reads an OS boot program from the master boot record, searches the OS main body, and boots on the removable memory unit. The removable memory unit further includes a fingerprint authentication unit comprising authentication verification data storing fingerprint data for authenticating a proper owner of the removable memory unit and a fingerprint sensor,
The OS startup program sequentially searches the second storage area as a hard disk drive having a plurality of storage areas partitioned by partition, and in addition to the search script for searching the storage location of the OS main body, the second storage area A search script for searching the OS main body as a hard disk drive having one storage area that is not partitioned by partition;
2. The authentication device according to claim 1, wherein when authentication in the fingerprint authentication unit is established, an OS boot program is read from the master boot record, the OS main body is searched, and the OS main body is started on the removable memory unit. Removable memory unit.   3. The removable memory unit further comprises RFID reading means, and the authentication verification data is read from an RFID tag storing fingerprint data for authenticating a proper owner of the removable memory unit. Removable memory unit as described.

Images