Trusted security zone access to peripheral devices
First Claim
1. A method of trusted data communication, comprising:
- executing, by a computer, a data communication application in a trusted security zone of a processor, wherein the processor is a component of the computer;
commanding, by the computer, a controller of a trusted peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller of the trusted peripheral device is a component of the computer, and wherein the trusted peripheral device is a party to a trusted data communication;
commanding, by the computer, at least one of another peripheral device or a user interface device to not access a data bus of the computer and to execute an idling program to idle active applications or programs while the controller of the trusted peripheral device is executing the control application in the trusted security zone of the controller, wherein the at least one of the other peripheral device or the user interface does not read from or write to the data bus while executing the idling program, and wherein the at least one of the other peripheral device or the user interface device is not a party to the trusted data communication;
verifying, by the computer, that the controller of the trusted peripheral device is executing the control application in the trusted security zone of the controller; and
sending, by the computer, data from the processor to the controller of the trusted peripheral device over the data bus of the computer after verifying that the controller of the trusted peripheral device is executing the control application in the trusted security zone of the controller;
wherein the controller of the trusted peripheral device performs at least one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of trusted data communication. The method comprises executing a data communication application in a trusted security zone of a processor, wherein the processor is a component of a computer, commanding a controller of a peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller is a component of the computer, commanding at least one of another peripheral device or a user interface device to not access a data bus of the computer, verifying that the controller is executing the control application in the trusted security zone of the controller, sending data from the processor to the controller over the data bus of the computer, and the controller one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk.
-
Citations
20 Claims
-
1. A method of trusted data communication, comprising:
-
executing, by a computer, a data communication application in a trusted security zone of a processor, wherein the processor is a component of the computer; commanding, by the computer, a controller of a trusted peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller of the trusted peripheral device is a component of the computer, and wherein the trusted peripheral device is a party to a trusted data communication; commanding, by the computer, at least one of another peripheral device or a user interface device to not access a data bus of the computer and to execute an idling program to idle active applications or programs while the controller of the trusted peripheral device is executing the control application in the trusted security zone of the controller, wherein the at least one of the other peripheral device or the user interface does not read from or write to the data bus while executing the idling program, and wherein the at least one of the other peripheral device or the user interface device is not a party to the trusted data communication; verifying, by the computer, that the controller of the trusted peripheral device is executing the control application in the trusted security zone of the controller; and sending, by the computer, data from the processor to the controller of the trusted peripheral device over the data bus of the computer after verifying that the controller of the trusted peripheral device is executing the control application in the trusted security zone of the controller; wherein the controller of the trusted peripheral device performs at least one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for trusted communication, comprising:
-
a universal serial bus drive coupled to a data bus, the universal serial bus drive comprising; a memory, wherein the memory contains at least some confidential information, a processor coupled to the memory, a universal serial bus connector coupled to the processor, and an application stored in the memory that, when executed by the processor, determines that a request to access the memory received by the universal serial bus connector is directed to the at least some confidential information, satisfies the request to access the memory when a message, received by the universal serial bus connector from a sender of the request to access the memory, indicates that the sender is executing in a trusted security zone, and does not satisfy the request to access the memory when the message is not received by the universal series bus connector from the sender; and at least one of a peripheral device or a user interface device coupled to the data bus, wherein the at least one of the peripheral device or the user interface device is commanded to not access the data bus and to execute an idling program to idle active applications or programs while the application satisfies the request to access the memory, wherein the at least one of the peripheral device or the user interface does not read from or write to the data bus while executing the idling program, and wherein the at least one of the peripheral device or the user interface device is not a party to a trusted data communication. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method of accessing a memory disk drive, comprising:
-
transmitting, by a computer to a disk controller of a memory disk drive, a command to execute in a trusted security zone of the disk controller; transmitting, by the computer to the disk controller, a request for confirmation that the disk controller is executing in the trusted security zone of the disk controller; when a confirmation that the disk controller is executing in the trusted security zone of the disk controller is received, transmitting, by the computer to the disk controller, a command to access a trusted security zone portion of the memory disk drive; and commanding, by the computer, at least one of another peripheral device or a user interface device to not access a data bus of the computer and to execute an idling program to idle active applications or programs while the disk controller accesses the trusted security portion of the memory disk drive, wherein the at least one of the peripheral device or the user interface does not read from or write to the data bus while executing the idling program, and wherein the at least one of the peripheral device or the user interface device is not a party to a trusted data communication. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification