Browse Prior Art Database

USB Hot Plug Disable feature

IP.com Disclosure Number: IPCOM000013728D
Original Publication Date: 2000-Dec-23
Included in the Prior Art Database: 2003-Jun-18
Document File: 2 page(s) / 39K

Publishing Venue

IBM

Abstract

In todays secured system, control over the configuration by the system administrator is an important factor. However, with the addition of external USB Ports and the OS software capable of enumerating externally attached USB devices, the systems capability to maintain the same level of integrity is in doubt. This invention will give the system administrator the capability to control the USB configuration by allowing the administrator to define a set of allowable devices and disable any externally hotplugged USB device after the fact not contained in the approved list.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

USB Hot Plug Disable feature

In todays secured system, control over the configuration by the system administrator is an important factor. However, with the addition of external USB Ports and the OS software capable of enumerating externally attached USB devices, the systems capability to maintain the same level of integrity is in doubt. This invention will give the system administrator the capability to control the USB configuration by allowing the administrator to define a set of allowable devices and disable any externally hotplugged USB device after the fact not contained in the approved list.

The system administrator will be given the capability to command the USB monitoring subsystem to capture all devices currently attached as the allowed device configuration and the ability to disable any USB devices not found in the approved configuration once the feature is enabled. This feature is enabled using a new configuration utility. The administrator will identify those devices which are allowed to function if attached to a system USB port including those already attached. For example, removable media devices such as a floppy diskette,a zip drive or a keyboard. When the administrator is finished, the utility will pass a command to the USB monitoring subsystem, described below, containing the approved device configuration list. In addition, the USB subsystem will be instructed to no longer allow enumeration of any hotplugged USB device. The USB monitoring subsystem retains knowledge of approved device configuration list and the fact that the system is no longer allowed to enumerate any hotplugged USB device by setting fields in non-volatile memory...