Systems and methods for protecting computing systems from peripheral devices

US 9,734,341 B1
Filed: 04/18/2014
Issued: 08/15/2017
Est. Priority Date: 04/18/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for protecting computing systems from peripheral devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:

identifying a peripheral device configured to perform a charging function and at least one non-charging function;

wherein the charging function is any functions of the peripheral device that conveys current to and through the peripheral device and/or charges a battery of the peripheral device and the non-charging function is any functions of the peripheral device that is not designed to charging the peripheral device;

configuring an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device;

wherein configuring the endpoint protection application with the endpoint protection rule comprises configuring the endpoint protection rule to apply to a device type of the peripheral device;

detecting, at least in part by determining a type of universal serial bus device that the peripheral device comprises, based on a universal serial bus class identifier of the peripheral device, that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application; and

applying, based at least in part on the type of universal serial bus device that the peripheral device comprises, the endpoint protection rule on the computing system to allow the charging function of the peripheral device;

wherein the peripheral device is able to charge via the computing system, while the non-charging function of the peripheral device is blocked from being performed on the computing system by representing the computing system to the peripheral device as a wall outlet on which the non-charging function cannot be performed rather than as the computing system on which the non-charging function can be performed.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for protecting computing systems from peripheral devices may include (1) identifying a peripheral device configured to perform a charging function and at least one non-charging function, (2) configuring an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device, (3) detecting that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application, and (4) applying the endpoint protection rule on the computing system to allow the charging function of the peripheral device so that the peripheral device is able to charge via the computing system and block the non-charging function of the peripheral device from being performed on the computing system. Various other methods, systems, and computer-readable media are also disclosed.

8 Citations

18 Claims

1. A computer-implemented method for protecting computing systems from peripheral devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying a peripheral device configured to perform a charging function and at least one non-charging function;
  
  wherein the charging function is any functions of the peripheral device that conveys current to and through the peripheral device and/or charges a battery of the peripheral device and the non-charging function is any functions of the peripheral device that is not designed to charging the peripheral device;
  
  configuring an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device;
  
  wherein configuring the endpoint protection application with the endpoint protection rule comprises configuring the endpoint protection rule to apply to a device type of the peripheral device;
  
  detecting, at least in part by determining a type of universal serial bus device that the peripheral device comprises, based on a universal serial bus class identifier of the peripheral device, that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application; and
  
  applying, based at least in part on the type of universal serial bus device that the peripheral device comprises, the endpoint protection rule on the computing system to allow the charging function of the peripheral device;
  
  wherein the peripheral device is able to charge via the computing system, while the non-charging function of the peripheral device is blocked from being performed on the computing system by representing the computing system to the peripheral device as a wall outlet on which the non-charging function cannot be performed rather than as the computing system on which the non-charging function can be performed.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-implemented method of claim 1, wherein applying the endpoint protection rule on the computing system to block the non-charging function of the peripheral device comprises applying the endpoint protection rule to block all non-charging functions of the peripheral device from being performed on the computing system.
  - 3. The computer-implemented method of claim 1, wherein detecting that the peripheral device is connected to the computing system comprises detecting that the peripheral device is connected to the computing system via a universal serial bus.
  - 4. The computer-implemented method of claim 1, wherein detecting that the peripheral device is connected to the computing system comprises detecting that the peripheral device is connected to the computing system via a wireless network.
  - 5. The computer-implemented method of claim 1, wherein the peripheral device comprises at least one of:
    - a mobile phone;
      
      a tablet; and
      
      an e-reader.
  - 6. The computer-implemented method of claim 1, wherein the non-charging function of the peripheral device comprises a data transfer function.
  - 7. The computer-implemented method of claim 1, wherein the universal serial bus class identifier of the peripheral device identifies a generic category of devices that is designated by an operating system of the computing device.

8. A system for protecting computing systems from peripheral devices, the system comprising:
- a memory;
  
  an identification module, stored in the memory, that identifies a peripheral device configured to perform a charging function and at least one non-charging function;
  
  wherein the charging function is any functions of the peripheral device that conveys current to and through the peripheral device and/or charges a battery of the peripheral device and the non-charging function is any functions of the peripheral device that is not designed to charging the peripheral device;
  
  a configuration module, stored in the memory, that configures an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device;
  
  wherein the configuration module configures the endpoint protection application with the endpoint protection rule comprises configuring the endpoint protection rule to apply to a device type of the peripheral device;
  
  a detection module, stored in the memory, that detects, at least in part by determining a type of universal serial bus device that the peripheral device comprises, based on a universal serial bus class identifier of the peripheral device, that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application;
  
  an application module, stored in the memory, that applies, based at least in part on the type of universal serial bus device that the peripheral device comprises, the endpoint protection rule on the computing system to allow the Charging function of the peripheral device;
  
  wherein the peripheral device is able to charge via the computing system, while the non-charging function of the peripheral device is blocked from being performed on the computing system by representing the computing system to the peripheral device as a wall outlet on which the non-charging function cannot be performed rather than as the computing system on which the non-charging function can be performed; and
  
  at least one hardware processor configured to execute the identification module, the configuration module, the detection module, and the application module.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the application module applies the endpoint protection rule on the computing system to block the non-charging function of the peripheral device by applying the endpoint protection rule to block all non-charging functions of the peripheral device from being performed on the computing system.
  - 10. The system of claim 8, wherein the detection module detects that the peripheral device is connected to the computing system by detecting that the peripheral device is connected to the computing system via a universal serial bus.
  - 11. The system of claim 8, wherein the detection module detects that the peripheral device is connected to the computing system by detecting that the peripheral device is connected to the computing system via a wireless network.
  - 12. The system of claim 8, wherein the peripheral device comprises at least one of:
    - a mobile phone;
      
      a tablet; and
      
      an e-reader.
  - 13. The system of claim 8, wherein the non-charging function of the peripheral device comprises a data transfer function.
  - 14. The system of claim 8, wherein the detection module determines the type of universal serial bus device of the peripheral device using a device identifier of the peripheral device that comprises at least one of:
    - an identifier of a vendor of the peripheral device;
      
      an identifier of a version of the peripheral device; and
      
      a serial number of the peripheral device.

15. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
- identify a peripheral device configured to perform a charging function and at least one non-charging function;
  
  wherein the charging function is any functions of the peripheral device that conveys current to and through the peripheral device and/or charges a battery of the peripheral device and the non-charging function is any functions of the peripheral device that is not designed to charging the peripheral device;
  
  configure an endpoint protection application with an endpoint protection rule that allows the charging function of the peripheral device and does not allow the non-charging function of the peripheral device;
  
  wherein configuring the endpoint protection application with the endpoint protection rule comprises configuring the endpoint protection rule to apply to a device type of the peripheral device;
  
  detect, at least in part by determining a type of universal serial bus device that the peripheral device comprises, based on a universal serial bus class identifier of the peripheral device, that the peripheral device is connected to a computing system that is provisioned with the endpoint protection application; and
  
  apply, based at least in part on the type of universal serial bus device that the peripheral device comprises, the endpoint protection rule on the computing system to allow the charging function of the peripheral device;
  
  wherein the peripheral device is able to charge via the computing system, while the non-charging function of the peripheral device is blocked from being performed on the computing system by representing the computing system to the peripheral device as a wall outlet on which the non-charging function cannot be performed rather than as the computing system on which the non-charging function can be performed.
- View Dependent Claims (16, 17, 18)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the one or more computer-readable instructions cause the computing device to apply the endpoint protection rule on the computing system to block the non-charging function of the peripheral device by applying the endpoint protection rule to block all non-charging functions of the peripheral device from being performed on the computing system.
  - 17. The non-transitory computer-readable medium of claim 15, wherein the one or more computer-readable instructions cause the computing device to detect that the peripheral device is connected to the computing system by detecting that the peripheral device is connected to the computing system via a universal serial bus.
  - 18. The non-transitory computer-readable medium of claim 15, wherein the one or more computer-readable instructions cause the computing device to detect that the peripheral device is connected to the computing system by detecting that the peripheral device is connected to the computing system via a wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Cheng, Cui
Primary Examiner(s)
Abyaneh, Ali
Assistant Examiner(s)
Wade, Shaqueal

Application Number

US14/256,897
Time in Patent Office

1,215 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/60   Protecting data

G06F 21/604   Tools and structures for ma...

G06F 21/629   to features or functions of...

H04L 63/08   for authentication of entit...

H04L 63/20   for managing network securi...

Systems and methods for protecting computing systems from peripheral devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

8 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for protecting computing systems from peripheral devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links