A typical bus for a computer has an electrical and mechanical limit to the number of devices (e.g., computer cards) the bus can support. For example, a peripheral component interconnect (PCI) bus commonly supports fewer than six devices. An apparatus for extending the bus, entitled a "bridge", allows the bus to support additional devices without loading the bus. One such example for a bridge is a PCI bridge.
A PCI bridge extends the electrical and mechanical capacity for a PCI bus. However, one limitation for a PCI bridge is that it fails to provide security protection when communicating from the "host side" to the "extended device side" of the bridge.
Another limitation for existing computer systems is the difficulty in isolating devices. For example, in a computer system having a PCI bus, devices that are coupled to the bus via a bridge have "pass through" access to data. In other words, the bridge fails to provide data isolation between the host side and the extended device side of the bus. The inability to isolate the two sides of the bus constitutes a severe limitation when operating in a secure computing environment.
For example, assume that a secure computer system has several different software programs to perform. Further assume that some of the software programs are to be performed at different security levels. When extended devices are classified at a lower security level than one of the software programs, the bridge provides no security mechanism to detect or inhibit communication of information classified at a higher level to a device classified at a lower level. Furthermore, when security protection is provided to a system, the security apparatus providing the protection needs to be self-tested to provide assurance of intended operation.
Thus, what is needed are a system and method providing security protection for communications via a bus for a computer. What is also needed are a system and method for isolating devices coupled to a computer bus. What is also needed are a system and method for detecting communication of data from one device to another device. What is also needed are a system and method for inhibiting communication of data from one device to another device. What is also needed are a system and method for self-testing a security apparatus providing security protection.