Browse Prior Art Database

Method and Mechanism for USB "Key" Enable/Disable Disclosure Number: IPCOM000028711D
Original Publication Date: 2004-May-27
Included in the Prior Art Database: 2004-May-27
Document File: 2 page(s) / 14K

Publishing Venue


This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 57% of the total text.

Page 1 of 2

Method and Mechanism for USB "Key" Enable/Disable

     Today there are no known methods for physical disabling of I/O through the USB Ports. For legacy-free systems, it may be important for administrators to be able to lock out any form of I/O at a particular station. Even on legacy systems, being able to physically lock a user from USB access maybe essential to prevent security compromise. This disclosure discusses a method and hardware mechanism for enabling and disabling the USB subsystem on a given system with a special USB "key".

     There are 4 main components to the USB "key" enable/disable system: TPM, Q-switch, custom embedded processor, and portable USB "key".

     Definitions: Portable USB "key" - A small, hand held "key" that plugs into a USB port and contains a small ASIC with encryption data that can be married to specific computers.

TPM - Secure storage area on motherboard with "key" access information. Q-Switch - Circuitry residing on Universal Serial Bus (USB) to physically lock out access from outside USB devices. Controlled by the CEP. Custom Embedded Processor (CEP) - the "Brain" for the entire USB security operation.

Normal USB Configuration

Secure USB Configuration using Disclosure

External USB PortsUSB Host Controller

USB "Key"Processor

USB Host Controller

External USB Ports


Custom Embedded


USB Signals

-Data +Data Vcc Ground

     In this disclosure's secured state, the Q-switch would be set to physically disconnect the USB host controller from th...