Protecting Unattended Computers Without Software

Carl E. Landwehr

In many environments, users log in to workstations and then leave them unattended. Rather than trying to stop users from doing what comes naturally, this paper suggests a simple, hardware-based system that can protect computers in such an environment from unauthorized use by those with physical access to the monitor and keyboard. Requirements for the system are described, some design issues are discussed, and a sketch of a design for an initial prototype is provided, together with an assurance argument for it. A prototype implementing many of the concepts described has been built; two dozen copies of a second prototype are to be installed in an office environment.