Authenticating a multiple interface device on an enumerated bus
First Claim
1. A method of operating a host device, the method comprising, by the host device:
- receiving from an universal serial bus (USB) accessory device coupled to the host device, enumeration information identifying a plurality of interfaces supported by the USB accessory device, the plurality of interfaces including a master interface that has one or more associated attributes, each attribute having a predetermined value, wherein the master interface is defined for USB accessories designed to be used with the host device;
determining that the enumeration information indicates presence of the predetermined value for each of the one or more attributes associated with the master interface;
obtaining authentication information from the USB accessory device in accordance with a protocol associated with the master interface, the authentication information including a digital certificate;
extracting the digital certificate from the authentication information;
validating the digital certificate;
enabling the USB accessory device for use with the host device based on the validation;
determining an authorization level for the USB accessory device;
determining one or more interfaces, from the plurality of interfaces, associated with the authorization level;
enabling only the one or more interfaces; and
permitting communication with the USB accessory device using only the one or more interfaces.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating a multiple interface accessory device is provided. The method includes receiving enumeration information identifying the multiple interfaces supported by the accessory. The enumeration information includes information about a master interface supported by the accessory. A host device obtains authentication information from the accessory in accordance with a protocol associated with the master interface. Based on the authentication information, the host device determines whether the accessory is authorized to communicate with the host device. In the event that the accessory is authorized, the host device permits communication with the accessory using one or more of the multiple interfaces supported by the accessory.
34 Citations
19 Claims
-
1. A method of operating a host device, the method comprising, by the host device:
-
receiving from an universal serial bus (USB) accessory device coupled to the host device, enumeration information identifying a plurality of interfaces supported by the USB accessory device, the plurality of interfaces including a master interface that has one or more associated attributes, each attribute having a predetermined value, wherein the master interface is defined for USB accessories designed to be used with the host device; determining that the enumeration information indicates presence of the predetermined value for each of the one or more attributes associated with the master interface; obtaining authentication information from the USB accessory device in accordance with a protocol associated with the master interface, the authentication information including a digital certificate; extracting the digital certificate from the authentication information; validating the digital certificate; enabling the USB accessory device for use with the host device based on the validation; determining an authorization level for the USB accessory device; determining one or more interfaces, from the plurality of interfaces, associated with the authorization level; enabling only the one or more interfaces; and permitting communication with the USB accessory device using only the one or more interfaces. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable non-transitory storage medium storing a plurality of instructions that when executed by a processor in a host device, cause the processor to perform a method for authenticating an accessory device, the method comprising:
-
receiving, from the accessory device, enumeration information for a plurality of interfaces of the accessory device, the plurality of interfaces including a master interface; determining that the enumeration information includes identification information for the master interface;
the identification information including one or more predetermined values for one or more attributes associated with the master interface, wherein the master interface is defined for accessory devices designed to be used with the host device;obtaining authentication information from the accessory device in accordance with a protocol associated with the master interface; extracting a digital certificate from the authentication information; validating the digital certificate; enabling the accessory device for use with the host device based on validation; determining an authorization level for the accessory device from a plurality of authorization levels, each authorization level in the plurality of authorization levels being associated with a subset of interfaces from the plurality of interfaces; determining one or more interfaces, from the plurality of interfaces, to be enabled based on the authorization level of the accessory device; enabling the one or more interfaces; and permitting communication with the accessory device using only the enabled one or more interfaces, wherein the one or more interfaces includes at least one interface other than the master interface. - View Dependent Claims (9, 10, 11)
-
-
12. A host device comprising:
-
a processor; and a memory device coupled to the processor, wherein the processor is configured to; receive from an universal serial bus (USB) accessory device coupled to the host device, enumeration information identifying a plurality of interfaces supported by the USB accessory device, the plurality of interfaces including a master interface that has one or more associated attributes, each attribute having a predetermined value, wherein the master interface is defined for USB accessories designed to be used with the host device; determine that the enumeration information indicates presence of the predetermined value for each of the one or more attributes associated with the master interface; obtain authentication information from the USB accessory device in accordance with a protocol associated with the master interface, wherein the authentication information includes a digital certificate; extract the digital certificate from the authentication information; validate the digital certificate; enable the USB accessory device for use with the host device based on the validation; determine an authorization level for the USB accessory device; determine one or more interfaces, from the plurality of interfaces, associated with the authorization level; enable only the one or more interfaces; and permit communication with the USB accessory device using only the one or more interfaces. - View Dependent Claims (13, 14)
-
-
15. A method for operating an universal serial bus (USB) accessory device, the method comprising:
-
providing, to a host device, (i) a list of one or more interfaces supported by the accessory device and (ii) information about a master interface supported by the accessory device, the master interface having a plurality of attributes associated with it and wherein each of the plurality of attributes has a predetermined value, wherein the master interface is defined for any accessory that is designed to be used with the host device; providing, to the host device, the predetermined value for each attribute associated with the master interface; receiving a request from the host device to provide authentication information via a protocol associated with the master interface; providing the authentication information, using the protocol, in response to the request from the host device, wherein the authentication information includes a digital certificate; receiving an authentication confirmation message from the host device and information indicating enablement of a first interface from the one or more interfaces, wherein the first interface is enabled based on an authorization level of the accessory device, wherein the authorization level is part of a plurality of authorization levels and wherein each authorization level in the plurality of authorization levels has a set of interfaces associated with it; and communicating with the host device using only the first interface. - View Dependent Claims (16, 17, 18, 19)
-
Specification