7.0 Software Disk Write Protection
Copyright(c), 1996 - Management Analytics and Others - All Rights Reserved
7.1 Software Disk Protect Background
Specifying the use of a removable hard drive for computer systems
which only occasionally process classified information represents
an expense that may not always be necessary. Other possible
solutions should be considered before making a final decision on
how to implement processing security measures.
Certain application programs are readily available which are
intended to block writing attempts to the system hard disk. The
intent when using these programs is to place emphasis on
procedural requirements and the user rather than the equipment.
Procedural measures assume that normal system users do not
intentionally try to circumvent their own security protection
measures. When used correctly these programs work very well, and
are now becoming widely accepted for stand alone computer
systems.
The two common programs that are used to prevent writing to hard
disks are PROTECT.COM and WPHD.COM. Both programs are similar.
Each trap interrupt number 13, the normal interrupt used for
writing to the hard disk. This interrupt is also commonly used
by other interrupts for disk writes. Most (but not all)
applications use this interrupt for hard disk writing.
PROTECT.COM and WPHD.COM will NOT protect the hard disk against a
Virus or a low level format. In addition, if somehow a classified
file is written to the fixed disk, disk removal and control will
be required. The ADP Security Office will follow the same
procedures as employed for other classified storage media when
de-classifying the hard disk.
7.2 Determination of Program is Applicability
Placing control and operational constraints on classified
processing activities is not as complicated as it sounds. When
using the protection program, the IS may be operated in both an
unclassified and a classified security mode as needed without
changing equipment. However, during classified operation the
system will need to operate in a stand alone dedicated mode.
This means it must not connected to a network, and be limited to
one user at any given time (no concurrent processing by more than
one user). This approach for security emphasizes the users
consciences and active part in the classified processing
operation.
7.2.1 Standard Operating Procedures (Security Supplement)
The Security Supplement is intended for use by Naval Research
Laboratory (NRL) personnel who have occasional need to perform
classified data processing or similar activities. Its purpose is
to serve as an example and to set forth standard practice
procedures for safeguarding classified data processed by
Microcomputer Data Processing Systems.
The generic standard practice and procedures were developed in
accordance with the requirements of DoD Directive 5200.28 and
SECNAV Instruction 5239.2. IS System Managers use the document
as the basis to generate their own operating procedures. Once
the procedure for a specific system is approved, no deviations
are authorized without prior approval by the NRL ADP Security
Office.
7.3 Floppy Boot Disk Preparation Procedures
Each system boot disk is unique, and must be prepared directly
from the DOS system installed on the computer. System files can
be transferred to the floppy by typing sys a: at the DOS prompt.
The boot disk will be treated as classified material and will be
kept in authorized secure storage when not is use.
In addition to the system boot program files, the following files
must be copied directly from the computer that will be used for
the boot disk to work correctly. Since some computers also need
HDRIVE.SYS and EGA.SYS, it is best to copy all .SYS files from
the DOS and C: directory to the new boot disk.
COMMAND.COM
AUTOEXEC.BAT
CONFIG.SYS
NOTE: Some machines also require SETVER.EXE
On some machines, the A: drive will not recognize the boot disk
unless its write protect is removed. When installing, each new
boot disk must be tested in an individual machine before it is
deemed workable.
The PROTECT program can be executed manually or stored in the
AUTOEXEC.BAT file on the controlled system boot floppy disk. The
best approach is to have the PROTECT.COM program execute
automatically during boot-up of the computer. Otherwise, the user
must remember to manually execute the program before classified
processing starts.
7.3.1 Installing and Executing The Program
The NRL IS Security Group will supply a controlled disk
containing the copy of PROTECT.COM software. After the program is
stored on the system the program is executed by typing in the
file name PROTECT, prior to starting any classified processing.
The message "Hard Disk Protection On" will be displayed on the
CRT screen. From that point on any requests for DOS to write on
Drive C: or above, should be prevented by this hard disk write
protect program. The PROTECT program can be turned off by typing
in the program name again. When this is done, a "Hard Disk
Protection Off" message will be displayed on the screen.