Trusted security zone access to peripheral devices
First Claim
1. A universal serial bus (USB) drive, comprising:
- a memory, wherein the memory contains at least some confidential information;
a processor coupled to the memory;
a universal serial bus connector coupled to the processor; and
an application stored in the memory that, when executed by the processor,receives, from a sender of a request, a command to execute the application in a trusted security zone of the processor, wherein the sender of the request commands at least one of another peripheral device or a user interface device to not access a data bus coupled to the USB drive and to execute an idling program to idle active applications or programs while the application is executing in the trusted security zone of the processor,receives, from the sender of the request, a request for confirmation that the application is executing in the trusted security zone of the processor,when a confirmation that the application is executing in the trusted security zone of the processor is received by the sender of the request, receives a command to access a trusted security portion of the memory,determines that the request to access the trusted security zone portion of the memory received by the universal serial bus connector is directed to the at least some confidential information,satisfies the request to access the trusted security zone portion of memory when a message is received by the universal serial bus connector from the sender of the request to access the trusted security zone portion of memory, wherein the message indicates that the sender of the request is executing in a trusted security zone, anddoes not satisfy the request to access the trusted security zone portion of memory when the message is not received by the universal serial bus connector from the sender of the request.
5 Assignments
0 Petitions
Accused Products
Abstract
A method of trusted data communication. The method comprises executing a data communication application in a trusted security zone of a processor, wherein the processor is a component of a computer, commanding a controller of a peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller is a component of the computer, commanding at least one of another peripheral device or a user interface device to not access a data bus of the computer, verifying that the controller is executing the control application in the trusted security zone of the controller, sending data from the processor to the controller over the data bus of the computer, and the controller one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk.
-
Citations
19 Claims
-
1. A universal serial bus (USB) drive, comprising:
-
a memory, wherein the memory contains at least some confidential information; a processor coupled to the memory; a universal serial bus connector coupled to the processor; and an application stored in the memory that, when executed by the processor, receives, from a sender of a request, a command to execute the application in a trusted security zone of the processor, wherein the sender of the request commands at least one of another peripheral device or a user interface device to not access a data bus coupled to the USB drive and to execute an idling program to idle active applications or programs while the application is executing in the trusted security zone of the processor, receives, from the sender of the request, a request for confirmation that the application is executing in the trusted security zone of the processor, when a confirmation that the application is executing in the trusted security zone of the processor is received by the sender of the request, receives a command to access a trusted security portion of the memory, determines that the request to access the trusted security zone portion of the memory received by the universal serial bus connector is directed to the at least some confidential information, satisfies the request to access the trusted security zone portion of memory when a message is received by the universal serial bus connector from the sender of the request to access the trusted security zone portion of memory, wherein the message indicates that the sender of the request is executing in a trusted security zone, and does not satisfy the request to access the trusted security zone portion of memory when the message is not received by the universal serial bus connector from the sender of the request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of accessing a memory disk drive, comprising:
-
transmitting, by a sender of a request to a disk controller of a memory disk drive, a command to execute a trusted routine in a trusted security zone of the disk controller; transmitting, by the sender of the request, a command to at least one of another peripheral device or a user interface device to not access a data bus coupled to the disk controller and to execute an idling program to idle active applications or programs while the disk controller executes the trusted routine in the trusted security zone of the disk controller; transmitting to the disk controller a request for confirmation that the trusted routine is executing in the trusted security zone of the disk controller; and when a confirmation that the trusted routine is executing in the trusted security zone of the disk controller is received by the sender of the request, transmitting to the disk controller a command to access a trusted security zone portion of the memory disk drive. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification