The present invention relates to computer security and, more particularly, to a computer security key that is required to be coupled to a bus in a computer to enable access to that computer.
Computer security prevents an unauthorized user from accessing a computer system. Computer security that is currently available typically prevents any input device from functioning unless that input device is used by an authorized user.
An example of computer security that is currently available is shown in FIG. 1. In FIG. 1, a computer 10 includes a central processing unit (CPU) 12 coupled to an address/data bus 16. Also coupled to the address/data bus 16 is a BIOS flash memory 14, in which is stored basic input/output system (BIOS) code. The BIOS code is the code that the CPU 12 uses to initialize the computer 10. A keyboard controller 18 is coupled to the address/data bus 16. The keyboard controller 18 controls a keyboard 17 which is coupled to the computer 10 through a keyboard port 19.
The keyboard controller 18 also provides computer security for the computer 10 by selectively preventing communication between the keyboard 17 and the CPU 12. Computer security exists for two states of the computer 10: Power-On Self Test (POST) and run-time. The POST state exists from the moment the computer 10 is powered on until the Operating System (OS) is loaded and in control. The computer 10 is in run-time state at any time thereafter.
If the keyboard controller 18 has been enabled to apply security to the computer 10, a POST program will prompt the user for a password when the computer 10 is initially powered on. When a password is entered via the keyboard 17 by the user, it is compared to a stored password in the BIOS flash memory 14. If the passwords do not match, the keyboard controller 18 will not allow the keyboard 17 to communicate with the CPU 12, or the computer 10 to boot.
After the user enters the password, the computer 10 boots into the run-time state. A secure mode may be entered by pressing a hot-key sequence (e.g. Ctrl-Alt-L). Secure mode may also be entered optionally via inactivity of the computer 10. In secure mode, all communication from the keyboard 17 to the CPU 12 other than password entry is blocked by the keyboard controller 18 until the user enters a previously defined password.
FIG. 2 illustrates an example of a computer 20 which includes an external bus. An external bus is a computer bus that has external connectors which can be used to couple external peripherals to the CPU 12. The external bus shown in FIG. 2 is the Universal Serial Bus (USB) 28. Detailed specifications for the USB 28 may be found in Universal Serial Bus Specification Revision 1.0, Jan. 15, 1996, Copyright .COPYRGT. 1996, Compaq Computer Corporation, Digital Equipment Corporation, IBM PC Company, Intel Corporation, Microsoft Corporation, NEC, Northern Telecom.
The computer 20, like the computer 10 in FIG. 1, includes a CPU 12, a BIOS flash memory 24 and a keyboard controller 18 coupled to a data/address bus 16. Further coupled to the data/address bus 16 is a USB controller 26. The USB controller 26 is also coupled to a USB port 31 through a USB 28. A USB hub 30 is plugged into the USB port 31 to allow more devices to be coupled to the USB 28 through USB port 31. The USB hub 30 includes multiple USB ports 32. A USB keyboard 34 is plugged into a USB port 32 of the USB hub 30.
In the computer 20, all run-time security through the keyboard controller 18 is easily defeated. Specifically, when the computer 20 is secured during run-time, all communication from the keyboard 17 to the CPU 12 other than password entry is blocked by the keyboard controller 18 until the user enters a previously defined password. However, when a USB keyboard 34 is plugged into a USB port 32, the USB keyboard 34 is instantly recognizable and usable. The USB keyboard 34 completely bypasses the keyboard controller 18, and therefore allows access to the computer 20.
Based on the foregoing, there is a need for a security device that provides security to a computer which includes a universal type serial bus.