Abstract: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

Abstract: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

Abstract: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

Abstract: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

Abstract: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

Abstract: A secure association may be established between a first device and a second device for providing secure communication. When the secure association is to be terminated, a first device may save an indication that termination of the secure association is pending, if it is unable to communicate with the second device at that time. At a later time, the first device may communicate with the second device to notify it that the secure association is to be terminated. After the second device has been notified, the secure association may be terminated by the first device.

Abstract: Device connection routing for controllers is provided. A computing device is configured with multiple controllers that provide connections for peripheral devices. The controllers enable the peripheral devices to interact with the computing device through a bus. Each device connection is routed to one of the multiple controllers based on one or more pre-determined factors. These factors may include load-balancing, power saving, quality of service, data flow requirements, and the like. Device connection routing may be dynamically managed to respond to changing states of the peripheral devices and the controllers. The device connection routing may be performed for controllers associated with any type of wired or wireless buses, such as Universal Serial Bus (USB), IEEE 1394, Secure Digital Input/Output (SDIO), and the like.

Abstract: Port number emulation for wireless Universal Serial Bus (USB) connections is provided. Virtual USB port numbers are emulated and associated with external devices that are wirelessly connected to a host device. The associations are maintained in a data structure. When a wireless external device connects with the host device after a period of disconnection, the emulated port number associated with the wireless external device is identified. The virtual port number is provided to a software component in the host device so that the external device can resume interaction with software components in the host device across enumerations. In one example implementation, the virtual USB port numbers are provided to a plug and play manager, which handles the wireless USB devices in a manner similar to wired USB devices.

Abstract: In a wireless USB data transfers over UWB, softwareconfigures hardware thresholds to control data transfer in a manner that uses bandwidth for good connections over bad connections, given the high error rate experienced with wireless USB. Periodic transfers are first attempted before asynchronous transfers, as long as the periodic transfers are successful. When failures are occurring, the hardware includes a mechanism having a software-configurable threshold specifying the number of errors a given endpoint can tolerate before it is paused in the schedule. By pausing transfer attempts that are likely to again fail, endpoints with successful transfers are favored over those experiencing errors. When the number of active transfers pending exceeds a software-configurable notification threshold for isochronous endpoints, the hardware notifies the software of this state, corresponding to a low-buffer condition at the receiver.

Abstract: An extensible architecture for untrusted medium (e.g., wireless) device configuration via trusted medium. The architecture includes systems and methods for establishing a wireless universal serial bus (WUSB) connection between a connecting device and a host device using a trusted medium, such as a wired connection. In one implementation, the connecting device sends an association request through the trusted medium to the host device. The association request includes device attributes associated with the WUSB component of the connecting device. In response, the host device parses and validates the association request and determines connection attributes for connecting using WUSB. The host device sends a response with the connection attributes through the trusted medium to the connecting device. Using the connection attributes, the connecting device configures the WUSB component and establishes a WUSB connection with the host device.

Abstract: In wireless USB data transfers over UWB, software configures hardware thresholds to control data transfer in a manner that uses bandwidth for good connections over bad connections, given the high error rate experienced with wireless USB. Periodic transfers are first attempted before asynchronous transfers, as long as the periodic transfers are successful. When failures are occurring, the hardware includes a mechanism having a software-configurable threshold specifying the number of errors a given endpoint can tolerate before it is paused in the schedule. By pausing transfer attempts that are likely to again fail, endpoints with successful transfers are favored over those experiencing errors. When the number of active transfers pending exceeds a software-configurable notification threshold for isochronous endpoints, the hardware notifies the software of this state, corresponding to a low-buffer condition at the receiver.

Abstract: Systems and methods for analyzing transactions on a bus. A software module can cause a trace packet to be generated and sent out on a bus to an invalid address. The trace packet triggers a protocol analyzer and permits the bus data flowing on the bus when the software module detected a problem to be analyzed. The trace packet causes the protocol analyzer to trigger even though the bus protocol is normal and the protocol analyzer would not otherwise trigger. The trace packet can be used to analyze and debug communications flowing on a bus when the software module detects a problem.

Abstract: A protocol analyzer monitors a bus while a software module causes a trace packet to be generated and sent out on the bus to an invalid address. The trace packet triggers the protocol analyzer and permits the bus data flowing on the bus when the software module detected a problem to be analyzed. The trace packet causes the protocol analyzer to trigger even though the bus protocol is normal and the protocol analyzer would not otherwise trigger. The trace packet can be used to analyze and debug communications flowing on a bus when the software module detects a problem.

Abstract: Systems and methods for analyzing transactions on a bus. A software module can cause a trace packet to be generated and sent out on a bus to an invalid address. The trace packet triggers a protocol analyzer and permits the bus data flowing on the bus when the software module detected a problem to be analyzed. The trace packet causes the protocol analyzer to trigger even though the bus protocol is normal and the protocol analyzer would not otherwise trigger. The trace packet can be used to analyze and debug communications flowing on a bus when the software module detects a problem.

Abstract: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.