1. Field of the Invention
The present invention is an improved system and method for providing security in a personal computer. More particularly, the present invention relates to securing an external bus (particularly the Universal Serial Bus, sometimes referred to as the USB Interface) and coupling the locked state of that bus with the locked state of the keyboard. This accomplishes security of the external bus consistent with the security of the keyboard.
2. Background Art
Personal computers in general, and the IBM personal computers in particular, have obtained wide spread use for a variety of data processing applications, providing computing power to many segments of society for handling information in the form of digital data. These personal computers may be defined as desktop, floor-standing or a portable unit and typically include a system unit with a single system processor with volatile and nonvolatile memory, a display, one or more input devices such as a keyboard or a mouse connected to dedicated data ports in the system unit and one or more storage devices such as a floppy disk drive, a fixed disk drive or a CD ROM drive, and optionally, a printer or other output device. The components of a personal computer are assembled into an enclosure which includes a variety of data ports or external connectors to couple input and output devices to the single system processor.
Such personal computers not only include the dedicated port(s) for connecting the keyboard or mouse, but a variety of general purpose buses have been established to interface a wide variety of peripheral devices through well-defined (in some cases, industry-standard or quasi-industry standard) interfaces. One such type of interface is the Universal Serial Bus interface (sometimes referred to as the USB interface), the parameters of which are set forth in a generally available document entitled “Universal Serial Bus Specification” Release 1.1 dated Sep. 23, 1998 from USB.ORG which was prepared by representatives of four companies; Compaq, Intel, Microsoft and NEC. Buses which comply with this standard are referred to as the USB interface and have been included on several recent versions of personal computers from various different manufactures for attaching devices for plug-and-play of personal computers with such computer peripherals as telephones, modems, CD-ROM drives, joysticks, tape and floppy drives, scanner and printers. Additionally, the USB Interface allows an alternate connection for input devices such as keyboards and mice, providing an alternate to the dedicated keyboard and mouse ports which many manufacturers provide.
The ROM Scan Patents disclose that it is sometimes desirable to prevent a user input at an input device such as a keyboard or a mouse, a feature which locks out the keyboard from making effective inputs during sensitive periods such as the initialization of the personal computer during its power-on-self test, POST, and ROM scan. The ROM Scan Patents also teach that the memory of the computer system may be vulnerable to user inputs during these times and that user inputs should be controlled. One such way to control the input is to lock out the keyboard for at least part of the time during which ROM scan is occurring, as taught by the ROM Scan Patents.
In addition, there are other security features which advantageously control the keyboard. When a user leaves his workstation, he can invoke a security feature which locks out the keyboard until a key is used to unlock the system. Some systems also provide security by locking the keyboard during certain time periods and other require the use of a supervisory key to unlock the keyboard for use. Locking of a keyboard may be selectively controlled (by either a physical key or by password or other security control) and is well known in the trade as a desirable feature of current models of personal computers.
However, no locks for the USB port of the personal computer are specified in the document referred to above—the Universal Serial Bus is generally available whenever the personal computer is powered up. Thus, a keyboard attached through the dedicated keyboard port may be secured against entries, but a similar keyboard accomplishing the same function is not secured at all when attached through the USB port.