This invention relates to computer systems and methods of operation thereof.
In particular, a first aspect of the invention is concerned with a computer system comprising a computer (such as a general purpose microcomputer) and a peripheral, the computer being operable to run a device driver for the peripheral and an application, and the computer being operable to produce a command or data in dependence upon the application and device driver and to make the command or data available to the peripheral for use by it, for example by placing the command or data in one or more registers or memory locations of the computer to which the peripheral has access. Such a system is well known.
One known form of computer peripheral is a radio transmitter. A problem with radio peripherals is preventing them transmitting on unauthorised frequency bands or at unauthorised times. To deal with this problem, it is known to provide such a peripheral which includes its own dedicated microcomputer which generates only authorised frequency band settings or which ignores any unauthorised frequency band settings requested by the main computer and which only turns on the transmitter at an authorised time. This adds to the expense of the peripheral, but such radio peripherals have been able to obtain regulatory approval.
To reduce cost, there is a desire to produce radio peripherals which do not need to include their own dedicated microcomputer, but the problem is that the correct operation is dependent (a) on correct operation of the peripheral, (b) on correct operation of its device driver, and (c) on the main computer or its software not writing other data to the registers or memory locations in use by the peripheral. Accordingly, there is a reluctance on the part of the regulatory authorities to grant approval for such an arrangement.
Although the problems with which the invention is concerned have been described above in relation to radio peripherals, it is envisaged that similar problems may arise in connection with other types of peripheral such a telephony equipment or medical equipment.
The first aspect of the present invention is characterised in that: the peripheral is operable in response to receipt of a command to compute a challenge and to make the challenge available to the computer, the computer is operable in dependence upon the device driver to compute a response which is a first predetermined function, at least in part, of the challenge and to make the response available to the peripheral; and the peripheral is operable to test the response and to execute or not execute the command in dependence upon the result of the test. Accordingly, the invention can substantially eliminate the possibility of a rogue program causing serious malfunction of the peripheral.
(In this specification, the term xe2x80x9ccomputexe2x80x9d includes any kind of general or special purpose computing or information processing device, the functionality of which is defined by programmed instructions, for example in the form of software or firmware; likewise xe2x80x9cperipheralxe2x80x9d includes any ancillary device which may be connected, permanently or removably and internally or externally, to a computer, and xe2x80x9cdevice drivexe2x80x9d includes any programmed instructions for enabling a computer to co-operate with a peripheral.)
The challenge may be arbitrary, but for improved security it is preferably a second predetermined function, at least in part, of the command.
In the case where the computer is operable to produce a series of such commands, and the peripheral is operable to compute a series of such challenges each corresponding to a respective one of the commands, each challenge is preferably, for improved security, said second predetermined function not only of the respective command, but also of at least one previous such command and/or challenge.
In the case where the computer is also operable to compute a series of such responses each corresponding to a respective one of the challenges, each response is preferably, for improved security, said first predetermined function not only of the respective challenge, but also of the respective command and/or at least one previous command and/or previous challenge and/or previous response.
In one embodiment, the peripheral is operable so to test the or each response by computing a validation which is said first function, at least in part, of the or the respective challenge, and by testing the equality of the validation and the response. In this case, the peripheral preferably does not make the validation available to the computer, otherwise a rogue program might read the validation and set the response to be the same.
In accordance with a second aspect of the present invention, there is provided a method of operation of a computer and a peripheral therefor using a device driver for the peripheral, wherein: the computer makes a command available to the peripheral in dependence upon the device driver; and the peripheral is operable to execute the command; characterised in that: in response to receipt of such a command, the peripheral computes a challenge and makes the challenge available to the computer, the computer computes, in dependence upon the device driver, a response which is a first predetermined function, at least in part, of the challenge and makes the response available to the peripheral; and the peripheral tests the response and determines whether to execute or not to execute the command in dependence upon the result of the test.