Methods and systems for protecting data in USB systems

US 20040003262A1
Filed: 06/28/2002
Published: 01/01/2004
Est. Priority Date: 06/28/2002
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a USB security module configured to process data associated with USB transfers;

an encryptor associated with the module and configured to encrypt data from one or more USB devices; and

a decryptor associated with the module and configured to decrypt encrypted data that is intended for use by a USB device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

179 Citations

95 Claims

1. A system comprising:
- a USB security module configured to process data associated with USB transfers;
  
  an encryptor associated with the module and configured to encrypt data from one or more USB devices; and
  
  a decryptor associated with the module and configured to decrypt encrypted data that is intended for use by a USB device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein the security module is located at a point in a USB system where there is no programmatic access to USB data in an unencrypted form.
  - 3. The system of claim 1, wherein the security module is configured to apply encryption and decryption on a device-by-device basis.
  - 4. The system of claim 1, wherein the security module is configured to apply encryption and decryption on a device-by-device basis, and further comprising a table having entries that indicate, on a device-by-device basis, where encryption and decryption is to be applied.
  - 5. The system of claim 1 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor.
  - 6. The system of claim 1 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor, the key service processor comprising a callable interface that can be called to set up which devices are to be secured through encryption and decryption.
  - 7. A function embodying the USB security module of claim 1.
  - 8. An in-line device embodying the USB security module of claim 1.
  - 9. A USB hub embodying the USB security module of claim 1.
  - 10. A USB host controller embodying the USB security module of claim 1.
  - 11. The system of claim 1, wherein the security module is configured to produce authentication data which can be associated with and used to authenticate the data that the security module processes.

12. A system comprising:
- a USB security module configured to process data associated with USB transfers;
  
  an encryptor associated with the module and configured to encrypt data from one or more USB devices that have been seized; and
  
  a decryptor associated with the module and configured to decrypt encrypted data that is intended for use by a seized USB device.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The system of claim 12, wherein the security module is located at a point in a USB system where there is no programmatic access to USB data in an unencrypted form.
  - 14. The system of claim 12, wherein the security module is configured to apply encryption and decryption on a device-by-device basis.
  - 15. The system of claim 12, wherein the security module is configured to apply encryption and decryption on a device-by-device basis, and further comprising a table having entries that indicate, on a device-by-device basis, where encryption and decryption is to be applied.
  - 16. The system of claim 12 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor.
  - 17. The system of claim 12 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor, the key service processor comprising a callable interface that can be called to set up which devices are to be secured through encryption and decryption.
  - 18. A function embodying the USB security module of claim 12.
  - 19. An in-line device embodying the USB security module of claim 12.
  - 20. A USB hub embodying the USB security module of claim 12.
  - 21. A USB host controller embodying the USB security module of claim 12.
  - 22. The system of claim 12, wherein the security module is configured to produce authentication data which can be associated with and used to authenticate the data that the security module processes.

23. A USB Host Controller comprising:
- a security module configured to process data associated with USB transfers;
  
  an encryptor associated with the module and configured to encrypt data from one or more USB devices;
  
  a decryptor associated with the module and configured to decrypt encrypted data that is intended for use by a USB device; and
  
  a table having entries that indicate, on a device-by-device basis, where encryption and decryption is to be applied.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The USB Host Controller of claim 23 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor.
  - 25. The USB Host Controller of claim 23 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor, the key service processor comprising a callable interface that can be called to set up which devices are to be secured through encryption and decryption.
  - 26. The USB Host Controller of claim 23, wherein the security module is configured to apply encryption and decryption using at least one stream cipher.
  - 27. The USB Host Controller of claim 23, wherein the security module is configured to produce authentication data which can be associated with and used to authenticate the data that the security module processes.

28. A USB Hub comprising:
- a security module configured to process data associated with USB transfers;
  
  an encryptor associated with the module and configured to encrypt data from one or more USB devices;
  
  a decryptor associated with the module and configured to decrypt encrypted data that is intended for use by a USB device; and
  
  a table having entries that indicate, on a device-by-device basis, where encryption and decryption is to be applied.
- View Dependent Claims (29, 30, 31, 32)
- - 29. The USB Hub of claim 28 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor.
  - 30. The USB Hub of claim 28 further comprising a key service processor associated with the security module and configured to provide one or more keys for the encryptor and/or decryptor, the key service processor comprising a callable interface that can be called to set up which devices are to be secured through encryption and decryption.
  - 31. The USB Hub of claim 28, wherein the security module is configured to apply encryption and decryption using at least one stream cipher.
  - 32. The USB Hub of claim 28, wherein the security module is configured to produce authentication data which can be associated with and used to authenticate the data that the security module processes.

33. A method comprising:
- receiving data that is associated with a USB device;
  
  determining whether the received data is associated with a USB device that is intended to be secure; and
  
  if the USB device is intended to be secure, then encrypting or decrypting the data as appropriate.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 34. The method of claim 33, wherein the act of receiving is performed by an entity at which there is no programmatic access to the data by a client application executing on a host computer system.
  - 35. The method of claim 33, wherein the act of determining is performed by accessing a table that contains entries that identify, on a device-by-device basis, which devices are to be secure.
  - 36. The method of claim 33, wherein the acts of encrypting or decrypting are performed by a USB host controller.
  - 37. The method of claim 33, wherein the acts of encrypting or decrypting are performed by a USB function.
  - 38. The method of claim 33, wherein the acts of encrypting or decrypting are performed by a USB in-line device.
  - 39. The method of claim 33, wherein the acts of encrypting or decrypting are performed by a USB hub.
  - 40. The method of claim 33, wherein the acts of encrypting or decrypting are performed using a stream cipher.
  - 41. The method of claim 33 further comprising producing authentication data for the data that is received, and associating the authentication data with the received data.
  - 42. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 33.

43. A system comprising:
- means for processing data associated with USB transfers;
  
  means for encrypting data from one or more USB devices and being employable on a device-by-device basis;
  
  means for decrypting data that is intended for use by a USB device and being employable on a device-by-device basis; and
  
  said means for encrypting and means for decrypting being disposed at a location where there is no direct programmatic access by applications executing on a host computer.
- View Dependent Claims (44, 45, 46)
- - 44. The system of claim 43 further comprising means for determining whether encryption or decryption is to be applied to a particular device.
  - 45. The system of claim 43 further comprising means for authenticating data that is processed for the USB transfers.
  - 46. The system of claim 43, wherein all of said recited means are embodied in a USB Host Controller.

47. A system comprising:
- one or more unsecure client applications;
  
  one or more secure client applications;
  
  an unsecure software stack comprising at least one driver that is not secure;
  
  a secure software stack comprising at least one driver that is secure;
  
  a USB host controller driver associated with the secure and unsecure software stack;
  
  the host controller driver being programmable to;
  
  route data to and from unsecure USB devices through the unsecure software stack for use by the one or more unsecure client applications; and
  
  route data to and from secure USB devices through the secure software stack for use by the one or more secure client applications.
- View Dependent Claims (48, 49)
- - 48. The system of claim 47, wherein the secure software stack is configured to decrypt encrypted data that is provided by secure USB devices.
  - 49. The system of claim 47 further comprising one or more keys associated with the secure software stack for decrypting data from secure USB devices and encrypting data to secure USB devices.

50. A method comprising:
- determining whether an unsecure client application has focus;
  
  receiving encrypted data that is intended for use by a client application; and
  
  if the received data is intended for use by the unsecure client application and the unsecure client application has focus, then decrypting the encrypted data.
- View Dependent Claims (51, 52, 53)
- - 51. The method of claim 50, wherein the recited acts are performed at a point in a USB system where there is no direct programmatic access to the received data.
  - 52. The method of claim 50, wherein the recited acts are performed by a USB Host Controller.
  - 53. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 50.

54. A method comprising:
- determining whether a secure or an unsecure client application has focus;
  
  if a secure client application has focus, instructing a USB host controller to apply encryption/decryption protection to data associated with the secure client application; and
  
  if an unsecure client application has focus, instructing the USB host controller to not apply encryption/decryption protection to data that is associated with the unsecure client application.
- View Dependent Claims (55)
- - 55. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 54.

56. A method comprising:
- partitioning memory into protected and unprotected memory on a host computer;
  
  for USB devices that are secure, writing and reading data associated with such USB devices to and from the protected memory; and
  
  for USB devices that are not secure, writing and reading data associated with such USB devices to and from the unprotected memory.
- View Dependent Claims (57, 58, 59, 60, 61, 62, 63)
- - 57. The method of claim 56, wherein the acts of writing and reading are performed by a USB Host Controller.
  - 58. The method of claim 56, wherein the acts of writing and reading are performed by a USB Host Controller having privileged access to the protected memory.
  - 59. The method of claim 56, wherein the acts of writing and reading to and from the protected memory comprise using memory indirection to do so.
  - 60. The method of claim 56, wherein the acts of writing and reading to and from the protected memory comprise using direct memory access (DMA) techniques to do so.
  - 61. The method of claim 56, wherein the acts of writing and reading to and from the protected memory are performed by a USB Host Controller and comprise using direct memory access (DMA) techniques to do so.
  - 62. The method of claim 56, wherein the acts of writing and reading to and from the protected memory are performed by a USB Host Controller and comprise using direct memory access (DMA) techniques to do so, wherein the protected memory is not accessible to other DMA devices.
  - 63. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 56.

64. A method comprising:
- maintaining a table that indicates whether one or more USB devices are secure; and
  
  if a USB device is indicated as secure, copying data into and out of protected portions of memory that are associated with that USB device.
- View Dependent Claims (65, 66, 67, 68, 69)
- - 65. The method of claim 64, wherein the act of copying is performed by a USB Host Controller.
  - 66. The method of claim 64, wherein the acts of maintaining and copying are performed by a USB Host Controller.
  - 67. The method of claim 64 further comprising prior to copying, using a memory mapping table to ascertain memory addresses in protected memory that are associated with secure devices.
  - 68. The method of claim 64, wherein the act of copying is performed by a USB Host Controller using direct memory access (DMA) techniques.
  - 69. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 64.

70. A method comprising:
- associating at least one portion of protected memory with at least one secure USB device; and
  
  copying data associated with the one secure USB device to and from the associated portion of protected memory.
- View Dependent Claims (71, 72, 73, 74, 75)
- - 71. The method of claim 70, wherein said copying is performed responsive to a memory indirection.
  - 72. The method of claim 70, wherein said acts of associating and copying are performed, at least in part, by a USB Host Controller.
  - 73. The method of claim 70, wherein the act of copying is performed using direct memory access (DMA) techniques.
  - 74. A USB host controller configured to implement the method of claim 70.
  - 75. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 70.

76. A system comprising:
- a USB host controller;
  
  a table associated with the host controller and which indicates whether one or more USB devices are secure; and
  
  the host controller being configured to use the table and, if a USB device is indicated by the table as secure, copy data into and out of protected portions of memory that are associated with that USB device.
- View Dependent Claims (77, 78)
- - 77. The system of claim 76, wherein the host controller is configured to use a memory mapping table to ascertain memory addresses in protected memory that are associated with secure devices.
  - 78. The system of claim 76, wherein the host controller is configured to copy said data using direct memory access (DMA) techniques.

79. A system comprising:
- protected memory that is configured to be used in connection with secure USB devices;
  
  unprotected memory that is configured to be used with USB devices that are not secure;
  
  a USB host controller associated with the protected and unprotected memory;
  
  the host controller being configured to write and read data associated with secure USB devices to and from the protected memory; and
  
  the host controller further being configured to write and read data for USB devices that are not secure to and from the unprotected memory.
- View Dependent Claims (80, 81, 82)
- - 80. The system of claim 79, wherein the host controller has privileged access to the protected memory.
  - 81. The system of claim 79, wherein the system is configured to use memory indirection to cause the host controller to write and read from the protected memory.
  - 82. The system of claim 79, wherein the host controller is configured to use direct memory access techniques (DMA) to write and read from the protected memory.

83. A method comprising:
- receiving a request from an application for a USB transaction;
  
  querying the application for a memory location that is to be the subject of the transaction;
  
  receiving a memory location indication from the application, the memory location indication comprising, in an event that the application is a secure application, an indication associated with protected memory;
  
  processing the memory location indication into a transaction description (TD); and
  
  processing the TD with a host controller effective to either copy in or copy out data relative to the protected memory location associated with the memory location indication.
- View Dependent Claims (84, 85, 86, 87, 88, 89, 90)
- - 84. The method of claim 83, wherein protected memory is only accessible by a USB host controller.
  - 85. The method of claim 83, wherein the act of processing the TD comprises copying in or copying out the data only if the protected memory location is associated with a secure USB device that is the subject of the USB transaction.
  - 86. The method of claim 83, wherein the host controller copies data in or out of the protected memory using direct memory access (DMA) techniques.
  - 87. The method of claim 83 further comprising, if the data is to be provided by the host controller into protected memory, associating integrity data with the data that is to be provided into the protected memory, the integrity data being useable to verify the integrity of the data that is provided into the protected memory.
  - 88. The method of claim 83 further comprising, if the data is to be provided by the host controller into protected memory, associating integrity data with the data that is to be provided into the protected memory, the integrity data being useable to verify the integrity of the data that is provided into the protected memory, said associating comprising appending a counter having a counter value to individual data packets that are provided into the protect memory.
  - 89. The method of claim 83 further comprising, if the data is to be provided by the host controller into protected memory, associating integrity data with the data that is to be provided into the protected memory, the integrity data being useable to verify the integrity of the data that is provided into the protected memory, said associating comprising appending a counter having a counter value to individual data packets that are provided into the protect memory, the counter values comprising monotonically increasing values.
  - 90. One or more computer-readable media having computer-readable instructions which, when executed by one or more processors, cause the one or more processors to implement the method of claim 83.

91. A system comprising:
- a USB component assembly configured to;
  
  receive a request from an application for a USB transaction;
  
  query the application for a memory location that is to be the subject of the transaction;
  
  receive a memory location indication from the application, the memory location indication comprising, in an event that the application is a secure application, an indication associated with protected memory;
  
  process the memory location indication into a transaction description (TD);
  
  process the TD with a host controller effective to either copy in or copy out data relative to the protected memory location associated with the memory location indication.
- View Dependent Claims (92, 93, 94, 95)
- - 92. The system of claim 91, wherein protected memory is only accessible by a USB host controller.
  - 93. The system of claim 91, wherein data that is copied in or out of the protected memory location is associated with a secure USB device that is the subject of the USB transaction.
  - 94. The system of claim 91, wherein the host controller copies data in or out of the protected memory using direct memory access (DMA) techniques.
  - 95. The system of claim 91, wherein if the data is to be provided into protected memory, the component assembly associates integrity data with the data that is to be provided into the protected memory, the integrity data being useable to verify the integrity of the data that is provided into the protected memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Dunn, John C., England, Paul, Ray, Kenneth D., Peinado, Marcus, Willman, Bryan, Slick, Glen

Granted Patent

US 7,478,235 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 13/28   using burst mode transfer, ...

G06F 13/362   with centralised access con...

G06F 13/4282   on a serial bus, e.g. I2C b...

G06F 21/1011   to devices

G06F 21/606   by securing the transmissio...

G06F 21/72   in cryptographic circuits

G06F 21/73   by creating or determining ...

G06F 21/78   to assure secure storage of...

G06F 21/85   interconnection devices, e....

G06F 2212/1052   Security improvement

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2129   Authenticate client device ...

G06F 2221/2147   Locking files

G06F 2221/2153   Using hardware token as a s...

G06F 3/065   Replication mechanisms

Methods and systems for protecting data in USB systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

179 Citations

95 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for protecting data in USB systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

179 Citations

95 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links