Difference between revisions of "Universal Serial Bus (USB)"
From MgmtWiki
(→Context) |
(→Solutions) |
||
| Line 17: | Line 17: | ||
* The first solution was a browser add-on from Google that would allow security keys that were plugged into the computer to be queried by the browser and perform a function just like "Answer to Reset". | * The first solution was a browser add-on from Google that would allow security keys that were plugged into the computer to be queried by the browser and perform a function just like "Answer to Reset". | ||
* A similar solution for [[Smart Phone]]s include NFC and Bluetooth, explained elsewhere, none of which provide a secure physical connection. | * A similar solution for [[Smart Phone]]s include NFC and Bluetooth, explained elsewhere, none of which provide a secure physical connection. | ||
| − | * An alternate solution for devices with [[Trusted Execution Environment]]s is to place the [[User]] [[Identifier]] and [[Attribute]]s into a well secured location within the device itself. | + | * An alternate solution for devices with [[Trusted Execution Environment]]s is to place the [[User]] [[Identifier]] and [[Attribute]]s into a well-secured location within the device itself. |
==References== | ==References== | ||
Revision as of 09:59, 8 August 2018
Full Title or Meme
Nearly all computers and other portable devices now support a single Universal Serial Bus (USB) for both data and power.
Context
- Legacy serial ports on computers were slow speed and specific to a particular function, like: keyboard, mouse, audio in, audio out, serial RS232 port or printer port.
- Now when a device is connected to a computer USB port is must identify itself so that the computer can recognize that device and ensure it has the correct device driver installed.
- The smart card had a similar serial port with similar functionality. Since there were multiple card types, the card will "Answer to Reset (ATR)" with a code identifying it.[1]
- New Security Tokens for User Identifiers and Attributes are built to connect directly to the USB port and provide similar locator codes.
Problems
- Since the first Smart Card was issued, portable identification devices have needed to issue Locator Codes of some sort which allow the attachment to acquire a software driver to support the card.
- Smart cards have worked well for controlled environments like: governments, colleges and corporations. Consumers have never been willing to tolerate the complexity of the card and the X.509 Certificate they needed.
- The first attempt was to add a card reader to convert from Smart Card format to USB, but the added hardware was enough to impede consumer adoption.
- Even if the USB device worked, it was not recognized by the User Agent (browser) from companies like Microsoft, Apple and Google.
Solutions
- The first solution was a browser add-on from Google that would allow security keys that were plugged into the computer to be queried by the browser and perform a function just like "Answer to Reset".
- A similar solution for Smart Phones include NFC and Bluetooth, explained elsewhere, none of which provide a secure physical connection.
- An alternate solution for devices with Trusted Execution Environments is to place the User Identifier and Attributes into a well-secured location within the device itself.
References
- ↑ eft lab, Smart Cards - Answer To Reset (ATR). https://www.eftlab.co.uk/index.php/site-map/our-articles/169-demystifying-atr-answer-to-reset
