Apparatus and method for providing access security to a device coupled upon a two-wire bidirectional bus

US 6,510,522 B1
Filed: 11/20/1998
Issued: 01/21/2003
Est. Priority Date: 11/20/1998
Status: Expired due to Term

First Claim

Patent Images

1. A computer system incorporating a plurality of securable devices coupled to a two-line bi-directional bus, said computer system comprising:

a keyboard;

a storage unit operably coupled to the keyboard to produce an unlock signal upon an output conductor of the storage unit if a stored password within the storage unit favorably compares with a password entered upon the keyboard; and

a controller coupled to the storage unit for allowing access to a first address of the securable device upon receiving the unlock signal and wherein access to a second address of the securable device is allowed regardless of whether the stored password compares with the password entered upon the keyboard.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system, bus interface unit, and method are provided for securing certain devices connected to an I²C bus. Those devices include any device which contains sensitive information or passwords. For example, a device controlled by a I²C-connected device bay controller may contain sensitive files, data, and information to which improper access may be denied by securing the device bay controller. Moreover, improper accesses to passwords contained in non-volatile memory connected to the I²C bus must also be prevented. A bus interface unit coupled within the computer contains registers, and logic which compares the incoming I²C target and word addresses with coded bits within fields of those registers. If the target or word address is to a protected address or range of addresses, then an unlock signal must be issued before the security control logic will allow the target or word address to access the I²C bus or addressed device thereon. The unlock signal can be assigned to a particular slot among numerous slots, wherein the slots are arranged in hierarchical order. This allows a system administrator the capability to unlock accesses to protected non-volatile memory, and thereby allowing the system administrator to change passwords within one portion of non-volatile memory, and possibly allowing a lower priority user to access and change a password within another portion of non-volatile memory. The slot which accommodates an unlock signal assigned to the system administrator is altogether separate from a slot assigned to a non-system administrator or user.

103 Citations

View as Search Results

20 Claims

1. A computer system incorporating a plurality of securable devices coupled to a two-line bi-directional bus, said computer system comprising:
- a keyboard;
  
  a storage unit operably coupled to the keyboard to produce an unlock signal upon an output conductor of the storage unit if a stored password within the storage unit favorably compares with a password entered upon the keyboard; and
  
  a controller coupled to the storage unit for allowing access to a first address of the securable device upon receiving the unlock signal and wherein access to a second address of the securable device is allowed regardless of whether the stored password compares with the password entered upon the keyboard.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer system as recited in claim 1, wherein the keyboard comprises any input device into which a user can forward a password.
  - 3. The computer as recited in claim 1, wherein the controller comprises security control logic for discerning whether said first address of the securable device is a target address of a non-volatile memory.
  - 4. The computer as recited in claim 1, further comprising a security mapping register having a field of bits against which said first address of the securable device is compared to determine whether said first address of the securable device is a target address of a non-volatile memory.
  - 5. The computer as recited in claim 1, wherein the controller comprises security control logic for discerning whether said first address of the securable device is within a securable address range of a non-volatile memory.
  - 6. The computer as recited in claim 1, further comprising another unlock signal produced upon another output conductor of the storage unit, and wherein the controller is coupled to the storage unit for allowing access to a third address of the securable device upon receiving the unlock signal.
  - 7. The computer as recited in claim 1, further comprising a security mapping register having a field of bits against which said first address of the securable device is compared to determine whether said first address of the securable device is within a securable address range of a non-volatile memory.
  - 8. The computer as recited in claim 1, wherein the two-line bi-directional bus is an inter integrated circuit (I²C) bus.

9. A bus interface unit coupled to an inter integrated circuit (I²C) bus upon which a plurality of I²C devices are connected, the bus interface unit comprising:
- a storage unit configured to retain a stored password;
  
  a security mapping register comprising a field of bits which identify a password secured device among the plurality of I²C devices;
  
  a comparator coupled to the storage unit for comparing a user entered password against the stored password and to present an unlock signal from the comparator if the user entered password favorably compares with the stored password; and
  
  security control logic operably coupled between the comparator and the security mapping register for allowing access to the password secured device upon receipt of the unlock signal.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The bus interface unit as recited in claim 9, further comprising a second I²C bus upon which a second plurality of I²C devices are connected, and wherein the security mapping register comprises another field of bits which identify a second password secured devices among said second plurality of I²C devices, and wherein the security control logic is configured to allow access to the second password secured device upon receipt of the unlock signal.
  - 11. The bus interface unit as recited in claim 9, wherein the password secured device comprises a device bay controller.
  - 12. The bus interface unit as recited in claim 9, wherein the password secured device comprises non-volatile memory.
  - 13. The bus interface unit as recited in claim 9, wherein the security mapping register comprises another field of bits which identify a secured address range within the password secured I²C device.
  - 14. The bus interface unit as recited in claim 13, wherein the security control logic is coupled to allow access to the secured address range upon receipt of the unlock signal.
  - 15. The bus interface unit as recited in claim 13, wherein the password secured I²C device comprises a plurality of secured address ranges, each of which are unlocked by a separate and distinct unlock signal.

16. A method for unlocking a plurality of password securable devices, comprising:
- comparing a user-entered password against a stored password;
  
  comparing a target address issued to an inter integrated circuit (I²C) device against a field code within a security mapping register to determine if the target address is a password secured address; and
  
  presenting an unlock signal to the I²C device to de-assert lock thereof if the user-entered password is the same as the stored password and, if the user-entered password is not the same as the stored password, asserting lock only to the I²C device having the target address while the remaining plurality of password securable devices are unlocked and operable.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method as recited in claim 16, wherein said comparing the user-entered password comprises depressing keys corresponding to the user-entered password on a keyboard locally or distally connected to the I²C device.
  - 18. The method as recited in claim 16, further comprising programming bits within the field code corresponding to a password secured starting and ending address of the I²C device.
  - 19. The method as recited in claim 16, further comprising fixing bits within the field code which identify the I²C device as a non-volatile memory.
  - 20. The method as recited in claim 16, further comprising programming bits within the field code which identify the I²C device as coupled to one of two I²C buses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Compaq Computer Corporation (HP Inc.)
Inventors
Heinrich, David F., Stancil, Charles J., Le, Hung Q., Rawlins, Paul B.
Primary Examiner(s)
Hayes, Gail
Assistant Examiner(s)
TRUVAN, LEYNNA THANH

Application Number

US09/196,849
Time in Patent Office

1,523 Days
Field of Search

713/200, 713/201, 713/202, 710/126, 710/100, 710/132
US Class Current

726/34
CPC Class Codes

G06F 21/70 Protecting specific interna...

G06F 21/78 to assure secure storage of...

Apparatus and method for providing access security to a device coupled upon a two-wire bidirectional bus

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

103 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for providing access security to a device coupled upon a two-wire bidirectional bus

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links