Accessing a USB host controller security extension using a HCD proxy
First Claim
1. A method, comprising:
- obtaining first data associated with a USB device, wherein the first data is a result of program code associated with the USB device being executed outside of a trusted execution environment of a computer;
sending second data associated with the first data to the trusted execution environment; and
receiving third data associated with the first data from the trusted execution environment.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for enabling trusted software to monitor and control USB traffic associated with a security extension of a host controller and devices in a USB topology is disclosed. A host controller proxy receives USB-related data from a host controller driver, determines whether the data is of a security interest, and if so, sends the data to a driver for a security extension executing in the trusted execution environment. Likewise, after software executing in the trusted execution environment evaluates and appropriately addresses data sent by the HCD proxy or data retrieved from a hardware security extension, the HCD proxy receives data from the trusted execution environment for further dissemination.
22 Citations
20 Claims
-
1. A method, comprising:
-
obtaining first data associated with a USB device, wherein the first data is a result of program code associated with the USB device being executed outside of a trusted execution environment of a computer;
sending second data associated with the first data to the trusted execution environment; and
receiving third data associated with the first data from the trusted execution environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer-readable medium having computer-executable instructions for performing steps, comprising:
-
obtaining first data associated with a USB device, wherein the first data is a result of program code associated with the USB device being executed outside of a trusted execution environment of a computer;
sending second data associated with the first data to the trusted execution environment; and
receiving third data associated with the first data from the trusted execution environment. - View Dependent Claims (15, 16)
-
-
17. A system, comprising:
-
a trusted execution environment a host controller driver associated with a USB host controller, wherein the host controller driver resides outside of the trusted execution environment; and
a host controller driver proxy for;
obtaining first data associated with a USB device, wherein the first data is a result of program code associated with the USB device being executed outside of the trusted execution environment of a computer;
sending second data associated with the first data to the trusted execution environment; and
receiving third data associated with the first data from the trusted execution environment. - View Dependent Claims (18, 19, 20)
-
Specification