Electrical computers and digital data processing systems: input/ – Intrasystem connection
Reexamination Certificate
1998-11-20
2001-04-10
Beausoleil, Robert (Department: 2184)
Electrical computers and digital data processing systems: input/
Intrasystem connection
C710S120000, C713S152000, C713S152000, C711S163000
Reexamination Certificate
active
06216183
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to computer system security and, more particularly, to an apparatus and method for securing against accessing sensitive information entered into memory by a universal serial bus (“USB”) input device.
2. Description of the Related Art
Securing a computer system involves preventing unauthorized access to sensitive data and/or instructions contained within various hardware resources attributed to that system. The terms “instructions” and “data” refer generically to all forms of electronic information, including data entries and files created by instructions as well as the executable instructions themselves.
Typically a computer system will include a plurality of hardware resources. Resources which can contain sensitive information include any and all peripheral devices connected to a peripheral bus as well as the system memory coupled to the processor bus. For example, system memory may include sensitive data or instructions against which access should be selectively prevented. The system memory is often denoted as semiconductor memory and includes a large contiguous address space often configured as DRAM or synchronous DRAM (SDRAM).
One mechanism used to secure a computer system is a technique known as password matching. For example, a password previously stored within non-volatile memory can be entered into volatile memory proximate to a comparator during reset or boot-up of the computer system. The previously stored password can then be compared against a user-entered password to determine if that user is allowed access. Typically, the volatile memory which receives the previously stored password, as well as a comparator locally linked to the volatile memory, are contained in what is often referred to as a “black box”. Description of a black box security device is generally set forth in U.S. Pat. No. 5,748,888 (herein incorporated by reference).
The user-entered password can be entered by a hardware resource connected to the computer system via a universal serial bus (“USB”). A USB input device, e.g., USB keyboard is generally configured to receive the user-entered password and store that password within system memory before being transferred to the black box. Unfortunately, that user-entered password may remain within system memory even after it is called upon for verification. This implies that unauthorized users can gain access to the portion of system memory which contains the user-entered password. In so doing, an unauthorized user may gain access to and therefore breach the internal security of the computer system. Measures must be taken to prevent unauthorized access of the system memory, especially in situations where the user-entered password is input to the system memory from a USB input device, such as a USB keyboard.
Many modem computer systems employ a USB for several reasons. Such as, ubiquitous and inexpensive connectivity to existing serial lines, such as telephone, fax, and modem ports. The USB protocol has proved especially useful not only when connecting to existing bi-directional serial lines, but also as an overall expansion port to numerous hardware resources, such as keyboards, mice, etc. As such, USB proliferation is particularly acute is personal computer systems which depend on a rather simple, token scheduled protocol and which utilize a dynamic (or “hot”) attachment and removal scheme.
The overall topography of a USB is that there is only one host, or host controller, located upon the USB. The host controller may be implemented in a combination of hardware, firmware, and/or software, and has a single attachment point for connecting to a hub or a function. The hub may be integrated within the host system to provide multiple attachment points therefrom.
A problem encountered by USB protocol, and related to the overall concern of maintaining system memory security, is that when a USB-coupled keyboard forwards password information, that information will be placed within system memory without regard to its security. Thus, the password within system memory can be retrieved by a “hacker” to compromise the security and integrity of not only the computer associated with that system memory, but many other computers networked thereto. Another problem associated with USB protocol is that after the USB host controller polls the USB keyboard for valid data resulting from a key being pressed upon the keyboard, the host controller temporarily places that data in a data buffer located within the host controller. Unauthorized access to that data buffer can occur prior to its transfer to system memory. It would therefore be desirable to introduce a USB host controller which can prevent unauthorized access to data and/or information entered onto the data buffer and/or system memory via the USB keyboard. It would be of further benefit to not modify in any way the existing USB protocol or the hardware associated with the USB host controller and/or USB devices (hubs and functions) connected to the USB host controller via the USB. Specifically, an improvement would be gained by implementing a security methodology which is seamless and transparent to the USB and computer system user.
SUMMARY OF THE INVENTION
The problems outlined above are in large part solved by an improved computer security system hereof. The security system encompasses a bus interface unit coupled between two peripheral buses. Preferably, one peripheral bus is a Peripheral Component Interface (PCI) bus, and the other peripheral bus is a Universal Serial Bus (USB). Any direct memory access (DMA) from a USB device to system memory is monitored by the bus interface unit and, more specifically, by a USB host controller within the bus interface unit. The USB host controller, hereinafter “host controller”, is configured to receive a DMA cycle originating from a USB keyboard. If the DMA address is to a monitored address which is kept track of in the host controller, then a system management interrupt (SMI) will be issued by the host controller. Thus, the USB keyboard includes any input device which is coupled to a USB and which is adapted for entering sensitive information, such as passwords, etc. Accordingly, the USB keyboard can include, for example, a touch screen device, bar code scanner, or any device on which a user-entered password can be forwarded onto the USB.
Upon receiving information from the USB keyboard, determination is made on whether that information is secured depending on whether the address associated with that information (i.e., DMA address) is from a monitored target endpoint address. The target endpoint address is an address of a USB device coupled to the host controller via the USB, and wherein the target endpoint device being monitored is maintained in one or more registers within the host controller. If a match occurs, then a control unit within the host controller will issue a SMI signal to the processor. The processor will then switch to a separate operating environment contained within a system management RAM (or SMRAM). The SMRAM contains what is often noted as SMI handler code. At least one function of the SMI handler code is to transfer the secured, keyboard-entered information (i.e., information from a monitored target endpoint address of a USB device) to a specified location within system memory. That location is accessible only while SMI is asserted, or during system management mode (SMM). In this fashion, the password entered upon the keyboard is contained within a secured portion of system memory not accessible during normal operation of the computer system, and certainly not accessible to an unauthorized user who is not privy to the endpoint addresses stored within the target endpoint address registers. Not knowing those addresses, or how the registers are configured during boot-up, or during subsequent re-configuration via a USB “control packet”, unauthorized access is not allowed—especially since all USB transfers, including control transfers, bulk transfers in general, isochronous transfers and
Beausoleil Robert
Chung-Trans X.
Compaq Computer Corporation
Conley Rose & Tayon
Daffer Kevin L.
LandOfFree
Apparatus and method for securing information entered upon... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus and method for securing information entered upon..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for securing information entered upon... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2467489