Apparatus and Method for Enhancing Security of Data on a Host Computing Device and a Peripheral Device

US 20130031629A1
Filed: 08/09/2012
Published: 01/31/2013
Est. Priority Date: 01/21/2011
Status: Active Grant

First Claim

Patent Images

1. A security device for coupling between a host computing device (“

host”

) and at least one peripheral device (“

peripheral”

), each peripheral being assigned an address, the security device comprising;

an upstream interface configured to be coupled via an upstream link to the host and to receive commands and data from the host via the upstream link and to send data to the host via the upstream link, each of at least some of the commands including an address of one of the at least one peripheral;

at least one downstream interface, each downstream interface configured to be coupled via a respective downstream link to one of the at least one peripheral and to receive data from the one peripheral via the respective downstream link and to send commands and data to the one peripheral via the respective downstream link; and

a controller coupled to the upstream and downstream interfaces and configured to;

receive commands and data via the upstream interface;

select at least one of the at least one downstream interface, based on an address in the received commands and data;

forward the received commands and data to the selected at least one of the at least one downstream interface.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of enhancing security of at least one of a host computing device and a peripheral device coupled to the host computing device through a communication interface. Data is transparently received from the peripheral device or the host computing device, and the received data is stored. The stored data is analyzed to detect a circumstance associated with a security risk. If such a circumstance is not detected, then the data is transparently forwarded to the other of the peripheral device or the host. However, if a circumstance associated with a security risk is detected, then a security process, defined by a rule, is performed. Related apparatus are provided, as well as other methods and apparatus.

Citations

26 Claims

1. A security device for coupling between a host computing device (“
- host”
  
  ) and at least one peripheral device (“
  
  peripheral”
  
  ), each peripheral being assigned an address, the security device comprising;
  
  an upstream interface configured to be coupled via an upstream link to the host and to receive commands and data from the host via the upstream link and to send data to the host via the upstream link, each of at least some of the commands including an address of one of the at least one peripheral;
  
  at least one downstream interface, each downstream interface configured to be coupled via a respective downstream link to one of the at least one peripheral and to receive data from the one peripheral via the respective downstream link and to send commands and data to the one peripheral via the respective downstream link; and
  
  a controller coupled to the upstream and downstream interfaces and configured to;
  
  receive commands and data via the upstream interface;
  
  select at least one of the at least one downstream interface, based on an address in the received commands and data;
  
  forward the received commands and data to the selected at least one of the at least one downstream interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A device according to claim 1, wherein the controller is configured to prevent forwarding the received commands and data to at least one of the at least one downstream interface, other than the selected at least one of the at least one downstream interface.
  - 3. A device according to claim 1, wherein the controller is configured to prevent direct communication between any two of the at least one peripheral via a respective downstream link.
  - 4. A device according to claim 1, wherein the controller is configured to:
    - garble the received commands and data; and
      
      forward the garbled commands and data to at least one of the at least one downstream interface, other than the selected at least one of the at least one downstream interface.
  - 5. A device according to claim 1, wherein each downstream interface is configured to be removably coupled via the respective downstream link to the one of the at least one peripheral.
  - 6. A device according to claim 1, wherein the controller is configured to:
    - select the at least one of the at least one downstream interface by analyzing the received data during an analysis interval; and
      
      during at least a portion of the analysis interval, emulate one of the host and the peripheral to the other of the host and the peripheral.
  - 7. A device according to claim 6, wherein the controller is configured to emulate the one of the host and the peripheral at least in part by generating an acknowledge packet and sending the generated acknowledge packet to the other of the host and the peripheral.
  - 8. A device according to claim 6, wherein the controller is configured to emulate the one of the host and the peripheral at least in part by generating a negative-acknowledge packet and sending the generated negative-acknowledge packet to the other of the host and the peripheral.
  - 9. A device according to claim 6, wherein the controller is configured to emulate the one of the host and the peripheral at least in part by coupling a termination resistor to the upstream link.
  - 10. A device according to claim 1, wherein the controller is configured to:
    - analyze the received data to ascertain if the received data poses a security risk;
      
      if the received data is ascertained not to pose a security risk, forward the received data to the selected at least one of the at least one downstream interface;
      
      if the received data is ascertained to pose a security risk, prevent forwarding the received data to any of the at least one downstream interface.
  - 11. A device according to claim 10, wherein the controller is configured to prevent forwarding the received data by:
    - changing the upstream link from a linked state to an electrically terminated state; and
      
      changing at least one of the respective downstream link from a linked state to an electrically terminated state.
  - 12. A device according to claim 11, wherein the controller is configured to change the upstream link from a linked state to an electrically terminated state by coupling a termination resistor to the upstream link.

13. A security device for coupling between a host computing device (“
- host”
  
  ) and at least one peripheral device (“
  
  peripheral”
  
  ), the security device comprising;
  
  an upstream interface configured to be coupled via an upstream link to the host and to receive data from the host via the upstream link and to send data to the host via the upstream link;
  
  at least one downstream interface, each downstream interface configured to be coupled via a respective downstream link to one of the at least one peripheral and to receive data from the one peripheral via the respective downstream link and to send data to the one peripheral via the respective downstream link; and
  
  a controller coupled to the upstream and downstream interfaces and configured to;
  
  receive data via the upstream interface;
  
  analyze the received data to ascertain if the received data poses a security risk;
  
  if the received data is ascertained not to pose a security risk, forward the received data to at least one of the at least one downstream interface; and
  
  if the received data is ascertained to pose a security risk, prevent forwarding the received data to any of the at least one downstream interface.
- View Dependent Claims (14, 15)
- - 14. A device according to claim 13, wherein the controller is configured to prevent forwarding the received data by:
    - changing the upstream link from a linked state to an electrically terminated state; and
      
      changing at least one of the respective downstream link from a linked state to an electrically terminated state.
  - 15. A device according to claim 14, wherein the controller is configured to change the upstream link from a linked state to an electrically terminated state by coupling a termination resistor to the upstream link.

16. A security device-implemented method of enhancing security of at least one of a host computing device (“
- host”
  
  ) and at least one peripheral device (“
  
  peripheral”
  
  ), the security device comprising an upstream interface configured to be coupled via an upstream link to the host and to receive commands and data from the host via the upstream link and to send data to the host via the upstream link, each of at least some of the commands including an address of one of the at least one peripheral, the security device further comprising at least one downstream interface, each downstream interface configured to be coupled via a respective downstream link to one of the at least one peripheral and to receive data from the one peripheral via the respective downstream link and to send commands and data to the one peripheral via the respective downstream link, each peripheral being assigned an address, the method comprising;
  
  receiving commands and data via the upstream interface;
  
  selecting at least one of the at least one downstream interface, based on an address in the received commands and data;
  
  forwarding the received commands and data to the selected at least one of the at least one downstream interface.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 17. A method according to claim 16, further comprising preventing forwarding the received commands and data to at least one of the at least one downstream interface, other than the selected at least one of the at least one downstream interface.
  - 18. A method according to claim 16, further comprising preventing direct communication between any two of the at least one peripheral via a respective downstream link.
  - 19. A method according to claim 16, further comprising:
    - garbling the received commands and data; and
      
      forwarding the garbled commands and data to at least one of the at least one downstream interface, other than the selected at least one of the at least one downstream interface.
  - 20. A method according to claim 16, further comprising:
    - selecting the at least one of the at least one downstream interface by analyzing the received data during an analysis interval; and
      
      during at least a portion of the analysis interval, emulating one of the host and the peripheral to the other of the host and the peripheral.
  - 21. A method according to claim 20, wherein emulating the one of the host and the peripheral comprises, at least in part, generating an acknowledge packet and sending the generated acknowledge packet to the other of the host and the peripheral.
  - 22. A method according to claim 20, wherein emulating the one of the host and the peripheral comprises, at least in part, generating a negative-acknowledge packet and sending the generated packet to the other of the host and the peripheral.
  - 23. A method according to claim 20, wherein emulating the one of the host and the peripheral comprises, at least in part, coupling a termination resistor to the upstream link.
  - 24. A method according to claim 16, further comprising:
    - analyzing the received data to ascertain if the received data poses a security risk;
      
      if the received data is ascertained not to pose a security risk, forwarding the received data to the selected at least one of the at least one downstream interface;
      
      if the received data is ascertained to pose a security risk, preventing forwarding the received data to any of the at least one downstream interface.
  - 25. A method according to claim 24, wherein preventing forwarding the received data comprises:
    - changing the upstream link from a linked state to an electrically terminated state; and
      
      changing at least one of the respective downstream link from a linked state to an electrically terminated state.
  - 26. A method according to claim 25, wherein changing the upstream link from a linked state to an electrically terminated state comprises coupling a termination resistor to the upstream link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NetScout Systems Incorporated
Original Assignee
Gigavation, Inc. (NetScout Systems Incorporated)
Inventors
Srivastava, Gita, Srivastava, Piyush B.

Granted Patent

US 8,869,273 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/606   by securing the transmissio...

G06F 21/85   interconnection devices, e....

Apparatus and Method for Enhancing Security of Data on a Host Computing Device and a Peripheral Device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and Method for Enhancing Security of Data on a Host Computing Device and a Peripheral Device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links