摘要:
Systems and methods for enabling trusted software to monitor and control USB traffic associated with a security extension of a host controller and devices in a USB topology is disclosed. A host controller proxy receives USB-related data from a host controller driver, determines whether the data is of a security interest, and if so, sends the data to a driver for a security extension executing in the trusted execution environment. Likewise, after software executing in the trusted execution environment evaluates and appropriately addresses data sent by the HCD proxy or data retrieved from a hardware security extension, the HCD proxy receives data from the trusted execution environment for further dissemination.
摘要:
An adaptive driver and method is presented for communicating between an operating system of a computer and various peripheral devices connected to the computer via a peripheral bus. Operating characteristics and input/output characteristics of the peripheral device and all intervening hardware devices placed between the operating system and the peripheral device are noted in a linked set of data fields, i.e., a driver stack. Serialized data transfers are coordinated using the driver stack, and each request for a data transfer is submitted to the stack in the form of an input/output request packet (IRP). Unlike conventional practice, in which IRPs must be pre-defined and hard-coded to conform to the characteristics of a particular peripheral device, the adaptive driver derives the device characteristics from data structures maintained by the operating system and constructs IRPs accordingly. Thus, a driver embodying the method presented herein is capable of supporting a variety of dissimilar USB peripherals, requiring substantially no modification of the driver software.
摘要:
Systems and methods for enabling trusted software to monitor and control USB traffic associated with a security extension of a host controller and devices in a USB topology is disclosed. A host controller proxy receives USB-related data from a host controller driver, determines whether the data is of a security interest, and if so, sends the data to a driver for a security extension executing in the trusted execution environment. Likewise, after software executing in the trusted execution environment evaluates and appropriately addresses data sent by the HCD proxy or data retrieved from a hardware security extension, the HCD proxy receives data from the trusted execution environment for further dissemination.