Using a USB host controller security extension for controlling changes in and auditing USB topology
First Claim
1. A computer-readable medium having computer-executable instructions for performing steps, comprising:
- receiving data associated with a USB device;
determining whether the data is allowed to be sent to the USB device; and
sending an instruction based on the determining to an entity, wherein the data is a result of program code associated with the USB device being executed outside of a trusted execution environment, wherein the data is received in the trusted execution environment, and wherein the entity is outside the trusted execution environment.
2 Assignments
0 Petitions
Accused Products
Abstract
Protecting computer systems from attacks that attempt to change USB topology and for ensuring that the system'"'"'s information regarding USB topology is accurate is disclosed. A software model is defined that, together with secure USB hardware, provides an ability to define policies using which USB traffic can be properly monitored and controlled. The implemented policy provides control over USB commands through a combination of software evaluation and hardware programming. Legitimate commands are evaluated and “allowed” to be sent to a USB device by a host controller. Illegitimate commands are evaluated and blocked. Additionally, the USB topology is audited to verify that the system'"'"'s topology map matches the actual USB topology.
59 Citations
20 Claims
-
1. A computer-readable medium having computer-executable instructions for performing steps, comprising:
-
receiving data associated with a USB device;
determining whether the data is allowed to be sent to the USB device; and
sending an instruction based on the determining to an entity, wherein the data is a result of program code associated with the USB device being executed outside of a trusted execution environment, wherein the data is received in the trusted execution environment, and wherein the entity is outside the trusted execution environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-readable medium having computer-executable instructions for performing steps, comprising:
-
receiving map data indicative of a topology map of a USB topology, wherein the map data is received from an area outside of a trusted execution environment;
receiving device data describing a device from each device in the USB topology; and
comparing in a trusted execution environment the map data and the device data. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A computer system, comprising:
-
means for receiving data associated with a USB device;
means for determining whether the data is allowed to be sent to the USB device; and
means for sending an instruction based on the determining to an entity, wherein the data is a result of program code associated with the USB device being executed outside of a trusted execution environment, wherein the data is received in the trusted execution environment, and wherein the entity is outside the trusted execution environment. - View Dependent Claims (18, 19, 20)
-
Specification