Apparatus and method for enhancing security of data on a host computing device and a peripheral device
First Claim
1. A security device for coupling between a first device, configured to act at a given time as a host computing device (“
- host”
) and a plurality of second devices, each second device configured to act at the same time as a peripheral device (“
peripheral”
), wherein a protocol governs communications between the first device and the second devices, the protocol requiring any command sent by the first device to be sent to all of the second devices, each peripheral being assigned an address, and the first device operates invariably according to the protocol, the security device comprising;
an upstream interface configured to be coupled via an upstream link to the host and to receive commands and data according to the protocol without exception from the host via the upstream link and to send data to the host via the upstream link according to the protocol, each of at least some of the commands including an address of a respective peripheral;
a plurality of downstream interfaces, each downstream interface configured to be coupled via a respective downstream link to one of the peripherals and to receive data from the one peripheral via the respective downstream link and to send commands and data to the one peripheral via the respective downstream link; and
a controller coupled between the upstream and downstream interfaces and configured to;
receive a command and data via the upstream interface;
perform a security process to analyze the received command;
if the security process does not identify a security risk, select one of the downstream interfaces, and if the security process identifies a security risk, select none of the downstream interfaces; and
if one of the downstream interfaces is selected as a result of the security process having not identified a security risk, forward the received command and data to only the selected one of the downstream interfaces.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of enhancing security of at least one of a host computing device and a peripheral device coupled to the host computing device through a communication interface. Data is transparently received from the peripheral device or the host computing device, and the received data is stored. The stored data is analyzed to detect a circumstance associated with a security risk. If such a circumstance is not detected, then the data is transparently forwarded to the other of the peripheral device or the host. However, if a circumstance associated with a security risk is detected, then a security process, defined by a rule, is performed. Related apparatus are provided, as well as other methods and apparatus.
147 Citations
21 Claims
-
1. A security device for coupling between a first device, configured to act at a given time as a host computing device (“
- host”
) and a plurality of second devices, each second device configured to act at the same time as a peripheral device (“
peripheral”
), wherein a protocol governs communications between the first device and the second devices, the protocol requiring any command sent by the first device to be sent to all of the second devices, each peripheral being assigned an address, and the first device operates invariably according to the protocol, the security device comprising;an upstream interface configured to be coupled via an upstream link to the host and to receive commands and data according to the protocol without exception from the host via the upstream link and to send data to the host via the upstream link according to the protocol, each of at least some of the commands including an address of a respective peripheral; a plurality of downstream interfaces, each downstream interface configured to be coupled via a respective downstream link to one of the peripherals and to receive data from the one peripheral via the respective downstream link and to send commands and data to the one peripheral via the respective downstream link; and a controller coupled between the upstream and downstream interfaces and configured to; receive a command and data via the upstream interface; perform a security process to analyze the received command; if the security process does not identify a security risk, select one of the downstream interfaces, and if the security process identifies a security risk, select none of the downstream interfaces; and if one of the downstream interfaces is selected as a result of the security process having not identified a security risk, forward the received command and data to only the selected one of the downstream interfaces. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- host”
Specification