Most modern computers and servers include at least one, and typically, multiple Input-Output (I/O ports). I/O ports are used to connect peripheral devices such as a mouse, keyboards, scanners, digital cameras, printers, external displays, external storage devices and the like, for power supply and/or data transfer purposes. Unauthorized connections to a computer network through I/O ports can result in unauthorized access and theft of network information, or insertion of viruses and malware into the host computer and the network. Typically, computers, servers, printers and other devices are supplied with multiple I/O ports. These I/O ports are often unused and/or unmonitored, making them susceptible to unauthorized access and unauthorized data transfer.
U.S. Patent Application Publication No. 2016/0012260 A1, “SYSTEM AND METHOD FOR SECURING A COMPUTER PORT USING SHAPE MEMORY ALLOYS,” U.S. Patent Application Publication No. 2016/0012259 A1, “SYSTEM AND METHOD FOR SECURING A COMPUTER PORT WITH AN ATTACHED DEVICE USING SHAPE MEMORY ALLOYS,” and U.S. Patent Application Publication No. 2016/0012258 A1, “SYSTEM AND METHOD FOR SECURING AN INPUT/OUTPUT PORT USING SHAPE MEMORY ALLOYS IN A LOCKING MECHANISM,” disclose I/O port security devices for USB, Ethernet (RJ-45) and serial ports. These I/O security devices utilize a mechanical leaf spring plate which contains locking teeth to physically lock the security devices into the I/O port. Insertion of the security devices physically blocks access to the I/O ports. The security devices can be removed from the I/O ports by physically disengaging the leaf spring plate and locking teeth, using shape memory wire. The unlocking function is controlled using an authentication circuit.
U.S. Patent Application Publication No. 2008/0041125 A1, “USB PORT LOCKING AND BLOCKING DEVICE,” discloses a mechanical lock for USB ports. Insertion of the lock into the USB port physically blocks the USB port. The device is removed manually through use of a key.
U.S. Patent Application Publication No. 2007/0132551 A1, “OPERATION AND CONTROL OF MECHANICAL DEVICES USING SHAPE MEMORY MATERIALS AND BIOMETRIC INFORMATION,” discloses various mechanical locking devices which utilize shape memory wire. Further, some of the devices are controlled using authentication techniques, such as biometric recognition.
U.S. Patent Application Publication No. 2015/0020189 A1, “ELECTRO-MECHANIC USB LOCKING DEVICE,” discloses a USB I/O security device which utilizes a mechanical locking tab to physically lock the security device into the I/O port. Insertion of the security device physically blocks access to the I/O port. The security device can be removed from the I/O port by physically disengaging the locking tab, using an electrical solenoid and manual push button. The unlocking function is controlled using an authentication circuit.
PCT Application Publication No. WO2013042108 A1, “SECURITY PLUG FOR PREVENTING ACCESS TO A USB SOCKET AND SECURED USB DEVICE,” discloses a security plug for preventing access to a USB I/O port which is adapted to create an electrical security monitoring circuit when inserted into the USB I/O port. Unauthorized removal of the plug from the I/O port physically breaks the circuit which is detected by the host computer via application software residing on the host computer.
U.S. Pat. No. 9,460,319 B1, “DEVICE FOR SECURING A COMPUTER PORT,” discloses I/O port security devices for USB, Ethernet (RJ-45) and serial ports. These I/O security devices utilize mechanical locking tabs to physically lock the security devices into the I/O port. Insertion of the security devices physically blocks access to the I/O ports. The security devices can be removed from the I/O ports by disengaging the locking tabs, using either an electrical solenoid, an electrical stepper motor or a piezo electric motor. The unlocking function is controlled using an authentication circuit.
Other I/O port mechanical locks are widely available from companies such as Lindy Computer Connection Technology, Inc. headquartered in Athens, Ala., USA and Kensington Computer Products Group of ACCO Brands headquartered in San Mateo, Calif., USA. These types of I/O port security devices employ simple mechanical keys, which can be easily duplicated, lost or stolen.
Many companies utilize security software to monitor and inactivate I/O ports; however, as with any software, it can be altered, blocked or bypassed due to hacking or the insertion of malware into the host computer or network. Further, software solutions do not preclude malicious manipulation or circumvention of software security solutions if the abuser has sufficient administrative network rights.
I/O ports are often used to facilitate data transfer to and from removable storage devices. Portable storage devices (e.g., thumb drives, flash drives, etc.) which contain Random Access Memory (RAM) are often used to move data between a computer, a network and the portable storage device. Leaving a portable storage device installed in a computer I/O port also presents a security risk, since current portable storage devices have no method to be physically locked in an I/O port to prevent unauthorized removal when left unattended. Theft or loss of portable storage devices is also a major network security risk.
Encrypted flash drives, such as IronKey® available from Kingston Technology Company, Inc. of Fountain Valley, Calif., USA; however, these devices rely solely on software encryption for security protection affording no physical security protection from unauthorized removal and subsequent hacking using sophisticated techniques.