WO2022231633A1 - Remote universal serial bus manager - Google Patents
Remote universal serial bus manager Download PDFInfo
- Publication number
- WO2022231633A1 WO2022231633A1 PCT/US2021/030356 US2021030356W WO2022231633A1 WO 2022231633 A1 WO2022231633 A1 WO 2022231633A1 US 2021030356 W US2021030356 W US 2021030356W WO 2022231633 A1 WO2022231633 A1 WO 2022231633A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- usb
- remote
- manager
- computing device
- usb device
- Prior art date
Links
- 238000004891 communication Methods 0.000 claims abstract description 53
- 230000009471 action Effects 0.000 claims abstract description 15
- 238000000034 method Methods 0.000 claims description 35
- 238000009434 installation Methods 0.000 claims description 7
- 230000011664 signaling Effects 0.000 claims description 6
- 238000010200 validation analysis Methods 0.000 claims description 2
- 238000003384 imaging method Methods 0.000 claims 1
- 238000012545 processing Methods 0.000 description 22
- 238000010586 diagram Methods 0.000 description 17
- 230000008569 process Effects 0.000 description 14
- 238000012546 transfer Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 3
- 239000004065 semiconductor Substances 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 230000033001 locomotion Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 239000003570 air Substances 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 239000003990 capacitor Substances 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 239000002184 metal Substances 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000000844 transformation Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
Definitions
- Remote desktop architectures are widely utilized in both enterprise and non-enterprise environments. Remoting has multiple benefits from a business and user perspective, it allows a user to access a common desktop from any device and allows a user to run a lighter and thinner local client device while harnessing the benefits of being able to connect to a powerful remote workstation.
- FIG. 1 illustrates a block diagram of a computing system for managing a remote Universal Serial Bus (USB) device, according to an example
- FIG. 2 illustrates a flow diagram of a process to manage a remote USB device, according to an example
- FIG. 3 illustrates a block diagram of a non-transitory storage medium storing machine-readable instructions to manage a remote USB device, according to an example
- FIG. 4 illustrates an operational architecture of a system for managing a remote USB device, according to another example
- FIG. 5 illustrates a sequence diagram for a process to manage a remote USB device, according to another example.
- FIG. 6 illustrates a block diagram of a computing system, which is representative of any system or visual representation of systems in which the various applications, services, scenarios, and processes disclosed herein may be implemented.
- Remote desktop architectures are widely utilized in both enterprise and non-enterprise environments, Remoting has multiple benefits from a business and user perspective. It allows a user to access a common desktop from any device and allows a user to run a lighter and thinner local client device while harnessing the benefits of being able to connect to a powerful remote workstation.
- USB devices provide widespread access to a multitude of remote devices and applications.
- USB devices have introduced considerations in how security is handled when a USB device is accessed by a computing device, USB devices have also introduced implications in how the USB device is managed and monitored by third parties, such as an administrator or Information Technologies (IT) department of an enterprise.
- IT Information Technologies
- the present disclosure provides a remote USB manager which may add external management of USB ports (e.g., by the third party). This allows the USB device to be remotely controlled for security and resource distribution purposes by the external management system using the remote USB manager.
- a system comprises a processor operatively coupled with a computer readable storage medium and instructions stored on the computer readable storage medium that, when executed by the processor, direct the processor to exchange communications between a computing device and a USB device over a remote USB manager; receive a control request from an external controller to the remote USB manager; and perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller.
- a method of operating a remote USB manager comprises receiving, over a USB input port, communications from a USB device.
- the method includes transferring, over a USB output port, the communications received from the USB device to a computing device.
- the method also includes receiving, over a network interface, control signaling from an administrator indicating an instruction to reroute the communications received from the USB device to a different computing device and transferring, over a USB output port, the communications received from the USB device to the different computing device.
- a non-transitory computer readable medium comprises Instructions executable by a processor to detect a physical plug-in a USB device by a remote USB manager In a computing device. The instructions executable by the processor further determine whether the USB device is authorized to access the computing device, if the USB device is authorized to access the computing device, then a remote plug-in of the USB device is enabled by the remote manager in the computing device. If the USB device is not authorized to access the computing device, then the remote plug-in of the USB device is blocked by the remote manager in the computing device.
- FIG. 1 illustrates a block diagram of computing system 100 for managing a remote USB device, according to an example.
- Computing system 100 depicts communication interface 102, processor 104, memory 106, and storage medium 108.
- storage medium 108 may include instructions 110-114 that are executable by processor 104.
- storage medium 108 can be said to store program instructions that, when executed by processor 104, implement the components of computing system 100.
- the executable instructions stored in storage medium 108 include, as an example, instructions 110 to exchange communications between a computing device and a USB device over a remote USB manager and instructions 112 to receive a control request from an external controller to the remote USB manager.
- the executable instructions stored in storage medium 108 also include, as an example, instructions 114 to perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller.
- Instructions 110 to exchange communications between a computing device and a USB device over a remote USB manager represent program instructions that when executed by processor 104 cause computing system 100 to exchange signaling and data from the USB device, such as an Operating System (OS) installation image.
- the remote USB manager includes a USB output port and a USB input port. In this example, the communications are exchanged with the computing device over the USB output port and the communications are exchanged with the USB device over the USB input port.
- Instructions 112 to receive a control request from an external controller to the remote USB manager represent program instructions that when executed by processor 104 cause computing system 100 to communicate a state of the USB device and then receive control instructions from an externa! control device on how to alter the state of the USB device.
- the external controller comprises an administrator computing device which remotely controls the USB device.
- the control request may be received in response to the remote USB manager transferring a status indicator to the external controller, such as a physically piugged-in status, virtual plugged-in status, powered on status, etc.
- Instructions 114 to perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller represent program instructions that when executed by processor 104 cause computing system 100 to alter the state of the USB device based on the control instructions received from the external control device.
- the control request indicates an instruction to disable the USB device
- the action performed by the remote USB manager comprises a virtual unplug of the USB device by at least one a powering off of the USB device and a discontinuing of exchanging communication between the USB device and the computing device
- the control request indicates an instruction to enable the USB device.
- the action performed by the remote USB manager comprises a virtual plug-in of the USB device by at least one a powering on of the USB device and a continuing of exchanging communication between the USB device and the computing device.
- the control request indicates an instruction to authorize the USB device.
- the action performed by the remote USB manager then comprises a determination of the type of the USB device and allowing the exchange communication between the USB device and the computing device when the USB device type is authorized.
- the USB device may be an administrative USB device which requests authorization before enabled to transfer confidential data to the computing device.
- the action performed by the remote USB manager comprises a validation of an internal signature of the USB device and allowing the exchange communication between the USB device and the computing device when the internal signature of the USB device is validated.
- control request indicates an instruction to route the communications from the USB device to a different computing device.
- the action performed by the remote USB manager comprises a redirecting of the communications exchanged with the USB device to the different computing device, in this example, the remote USB manager may be located on a motherboard of the computing device and reports to an OS of the computing device.
- Storage medium 108 represents any number of memory components capable of storing instructions that can be executed by processor 104. As a result, storage medium 108 may be implemented in a single device or distributed across devices. Likewise, processor 104 represents any number of processors capable of executing instructions stored by storage medium 108.
- FIG. 2 illustrates a flow diagram of method 200 to manage a remote USB device, according to an example. Some or all of the steps of method 200 may be implemented in program instructions in the context of a component or components of an application used to carry out the remote USB management. Although the flow diagram of FIG. 2 shows a specific order of execution, the order of execution may differ from that which is depicted. For example, the order of execution of two of more blocks shown in succession by be executed concurrently or with partial concurrence. Ail such variations are within the scope of the present disclosure. [0025] Referring parenthetically to the steps in FIG. 2, method 200 receives, over a USB input port, communications from a USB device, at 201.
- a remote USB manager may include a USB input port which exchanges control and data signaling with a USB device.
- the USB device may include an OS installation image.
- Method 200 transfers, over a USB output port, the communications received from the USB device to a computing device, at 202.
- the remote USB manager may also include a USB output port which exchanges control and data signaling with a computing device, in this example, the remote USB manager may transfer the OS installation image to the computing device from the USB device.
- Method 200 receives, over a network interface, control signaling from an administrator indicating an instruction to reroute the communications received from the USB device to a different computing device, at 203.
- the remote USB manager may also include a network port which communicates with a third- party administrator, such as an IT department to receive the control instructions to reroute the USB device.
- Method 200 transfers, over a USB output port, the communications received from the USB device to the different computing device, at 204.
- the USB device can be remotely unplugged from the computing device and remotely plugged into the different computing device, without needing to be physically unplugged from the computing device and re-plugged into the different computing device.
- the OS installation image may then be transferred to the different computing device over the remote USB manager.
- FIG. 3 illustrates a block diagram of non-transitory storage medium 300 storing machine-readable instructions that upon execution cause a system to manage a remote USB device, according to an example.
- Storage medium is non- transitory in the sense that is does not encompass a transitory signal but instead is made up of a memory component configured to store the relevant instructions.
- the machine-readable instructions include instructions 302 to detect a physical plug-in a USB device by a remote USB manager in a computing device.
- the machine-readable instructions also include instructions 304 to determine whether the USB device is authorized to access the computing device.
- the machine- readable instructions also include instructions 306 to enable a remote plug-in of the USB device by the remote manager in the computing device if the USB device is authorized to access the computing device.
- the machine-readable instructions include instructions 308 to block the remote plug-in of the USB device by the remote manager in the computing device if the USB device is not authorized to access the computing device.
- non-transitory storage medium 300 may be a portable medium such as a CD, DVD, or a flash drive.
- Non-transitory storage medium 300 may also be maintained by a server from which the installation package can be downloaded and instaiied.
- the program instructions may be part of an application or applications already instaiied.
- non-transitory storage medium 300 can include integrated memory, such as a hard drive, solid state drive, and the like.
- FIG. 4 illustrates an operational architecture of a system for managing, according to another example.
- FIG. 4 illustrates operational scenario 400 that relates to what occurs when.
- Operational scenario 400 includes remote USB manager 401 , first computing device 402, second computing device 403, USB device 404, and administrator control system 405.
- Remote USB manager 401 includes USB input ports 41Ga-410b, USB output ports 412a-412b, network port 414, and internal controller 416.
- Remote USB manager 401 is representative of any device capable of routing control instructions from administrator control system 405 and USB device 414.
- Remote USB manager 401 may include various hardware and software elements in a supporting architecture suitable for performing process 500.
- One such representative architecture is illustrated in FIG. 6 with respect to computing system 601.
- Remote USB manager 401 also includes a software application or application component in internal controller 416 capable of controlling the exchange of communications to and from USB device 404 in accordance with the processes described herein.
- the software application may be implemented as a natively installed and executed application, a web application hosted in the context of a browser, a streamed or streaming application, a mobile application, or any variation or combination thereof.
- First computing device 402 and second computing device 403 may include, but are not limited to, personal computers, mobile phones, tablet computers, desktop computers, laptop computers, wearable computing devices, or any other form factor, including any combination of computers or variations thereof. As shown in FIG. 4, first computing device 402 may receive communications from USB device 404 over remote USB manager 401 . Administrator control system 405 may be any external computing device which is able to remotely control the exchange of communications of USB device 404 using remote USB manager 401.
- FIG. 5 Illustrates a sequence diagram for process 500 to remotely manage a USB device, according to another example. Specifically, the sequence diagram illustrates an operation of system 400 to route communications from USB device 404 to first computing device 402 and second computing device 403 over remote USB manager 401.
- USB device 404 transfers data to first computing device 402 over remote USB manager 401 , at 501.
- remote USB manager 401 transfers a USB status of USB device to administrator control system 405, at 502.
- remote USB manager 401 receives a command from administrator control system 405 indicating an instruction to reroute USB device 404 from first computing device 402 to second computing device 403, at 503.
- remote USB manager 401 processes the reroute command received from administrator control system 405, at 504.
- remote USB manager 401 directs USB device 404 to remotely unplug from first computing device 402, at 505.
- Remote USB manager 401 then directs USB device 404 to remotely plug-in to second computing device 403, at 506.
- USB device 404 transfers data to second computing device 403 over remote USB manager 401 , at 507.
- FIG. 6 illustrates a block diagram of computing system 601 , which is representative of any system or visual representation of systems in which the various applications, services, scenarios, and processes disclosed herein may be implemented.
- Examples of computing system 601 include, but are not limited to, server computers, rack servers, web servers, cloud computing platforms, and data center equipment, as well as any other type of physical or virtual server machine, container, and any variation or combination thereof.
- Other examples may include smart phones, laptop computers, tablet computers, desktop computers, hybrid computers, gaming machines, virtual reality devices, smart televisions, smart watches and other wearable devices, as well as any variation or combination thereof.
- Computing system 601 may be implemented as a single apparatus, system, or device or may be implemented in a distributed manner as multiple apparatuses, systems, or devices.
- Computing system 601 includes, but is not limited to, processing system 602, storage system 603, software 605, communication interface system 607, and user interface system 609.
- Processing system 602 is operatively coupled with storage system 603, communication interface system 607, and user interface system 609.
- Processing system 602 loads and executes software 605 from storage system 603.
- Software 605 includes application 606, which is representative of the processes discussed with respect to the preceding FIG.s 1-5, including method 200.
- application 606 When executed by processing system 602 to enhance an application, software 605 directs processing system 602 to operate as described herein for at least the various processes, operational scenarios, and sequences discussed in the foregoing examples.
- Computing system 601 may optionally include additional devices, features, or functionality not discussed for purposes of brevity.
- processing system 602 may comprise a microprocessor and other circuitry that retrieves and executes software 605 from storage system 603.
- Processing system 602 may be implemented within a single processing device but may also be distributed across multiple processing devices or subsystems that cooperate in executing program instructions. Examples of processing system 802 include general purpose central processing units, graphical processing unites, application specific processors, and logic devices, as well as any other type of processing device, combination, or variation.
- Storage system 603 may comprise any computer readable storage media readable by processing system 802 and capable of storing software 605.
- Storage system 603 may Include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data. Examples of storage media include random access memory, read only memory, magnetic disks, optical disks, flash memory, virtual memory and non-virtual memory, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or other suitable storage media, except for propagated signals.
- Storage system 603 may be implemented as a single storage device but may also be implemented across multiple storage devices or sub-systems co-located or distributed relative to each other.
- Storage system 603 may comprise additional elements, such as a controller, capable of communicating with processing system 602 or possibly other systems.
- Software 805 may be implemented in program instructions and among other functions may, when executed by processing system 602, direct processing system 602 to operate as described with respect to the various operational scenarios, sequences, and processes illustrated herein.
- Software 605 may include program instructions for implementing method 200.
- the program instructions may include various components or modules that cooperate or otherwise interact to carry out the various processes and operational scenarios described herein.
- the various components or modules may be embodied in compiled or interpreted instructions, or in some other variation or combination of instructions.
- the various components or modules may be executed in a synchronous or asynchronous manner, serially or in parallel, in a single threaded environment or multi-threaded, or in accordance with any other suitable execution paradigm, variation, or combination thereof.
- Software 605 may include additional processes, programs, or components, such as operating system software, virtual machine software, or other application software, in addition to or that include process 606.
- Software 605 may also comprise firmware or some other form of machine- readable processing instructions executable by processing system 602.
- software 605 may, when loaded into processing system 602 and executed, transform a suitable apparatus, system, or device (of which computing system 601 is representative) overall from a general-purpose computing system into a special-purpose computing system, indeed, encoding software 605 on storage system 603 may transform the physical structure of storage system 603.
- the specific transformation of the physical structure may depend on various factors in different examples of this description. Such factors may include, but are not limited to, the technology used to implement the storage media of storage system 603 and whether the computer-storage media are characterized as primary or secondary storage, as well as other factors.
- software 605 may transform the physical state of the semiconductor memory when the program instructions are encoded therein, such as by transforming the state of transistors, capacitors, or other discrete circuit elements constituting the semiconductor memory. A similar transformation may occur with respect to magnetic or optical media. Other transformations of physical media are possible without departing from the scope of the present description, with the foregoing examples provided only to facilitate the present discussion.
- Communication interface system 607 may include communication connections and devices that allow for communication with other computing systems (not shown) over communication networks (not shown). Examples of connections and devices that together allow for inter-system communication may include network interface cards, antennas, power amplifiers, RF circuitry, transceivers, and other communication circuitry. The connections and devices may communicate over communication media to exchange communications with other computing systems or networks of systems, such as metal, glass, air, or any other suitable communication media. The aforementioned media, connections, and devices are weli known and need not be discussed at length here.
- User interface system 609 may include a keyboard, a mouse, a voice input device, a touch input device for receiving a touch gesture from a user, a motion input device for detecting non-touch gestures and other motions by a user, and other comparable input devices and associated processing elements capable of receiving user input from a user.
- Output devices such as a display, speakers, haptic devices, and other types of output devices may also be included in user interface system 609. In some cases, the input and output devices may be combined in a single device, such as a display capable of displaying images and receiving touch gestures.
- the aforementioned user input and output devices are weli known in the art and need not be discussed at length here.
- User interface system 609 may also include associated user interface software executable by processing system 602 in support of the various user input and output devices discussed above.
- Communication between computing system 601 and other computing systems may occur over a communication network or networks and in accordance with various communication protocols, combinations of protocols, or variations thereof. Examples include intranets, internets, the Internet, local area networks, wide area networks, wireless networks, wired networks, virtual networks, software defined networks, data center buses, computing backplanes, or any other type of network, combination of network, or variation thereof.
- the aforementioned communication networks and protocols are well known and need not be discussed at length here. Certain inventive aspects may be appreciated from the foregoing disclosure, of which the following are various examples.
- examples described may include various components and features. It is also appreciated that numerous specific details are set forth to provide a thorough understanding of the examples. However, it is appreciated that the examples may be practiced without limitations to these specific details, in other instances, well known methods and structures may not be described in detail to avoid unnecessarily obscuring the description of the examples. Also, the examples may be used in combination with each other.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Systems (AREA)
Abstract
In an example implementation according to aspects of the present disclosure, a system comprises a processor operatively coupled with a computer readable storage medium and instructions stored on the computer readable storage medium that, when executed by the processor, direct the processor to exchange communications between a computing device and a USB device over a remote USB manager; receive a control request from an external controller to the remote USB manager; and perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller.
Description
REMOTE UNIVERSAL SERIAL BUS MANAGER
BACKGROUND
[0001] Remote desktop architectures are widely utilized in both enterprise and non-enterprise environments. Remoting has multiple benefits from a business and user perspective, it allows a user to access a common desktop from any device and allows a user to run a lighter and thinner local client device while harnessing the benefits of being able to connect to a powerful remote workstation.
BRIEF DESCRIPTION OF THE DRAWINGS
[0002] Many aspects of the disclosure can be better understood with reference to the following drawings. While several examples are described in connection with these drawings, the disclosure is not limited to the examples disclosed herein.
[0003] FIG. 1 illustrates a block diagram of a computing system for managing a remote Universal Serial Bus (USB) device, according to an example;
[0004] FIG. 2 illustrates a flow diagram of a process to manage a remote USB device, according to an example;
[0005] FIG. 3 illustrates a block diagram of a non-transitory storage medium storing machine-readable instructions to manage a remote USB device, according to an example;
[0006] FIG. 4 illustrates an operational architecture of a system for managing a remote USB device, according to another example;
[0007] FIG. 5 illustrates a sequence diagram for a process to manage a remote USB device, according to another example; and
[0008] FIG. 6 illustrates a block diagram of a computing system, which is representative of any system or visual representation of systems in which the various
applications, services, scenarios, and processes disclosed herein may be implemented.
DETAILED DESCRIPTION
[0009] Remote desktop architectures are widely utilized in both enterprise and non-enterprise environments, Remoting has multiple benefits from a business and user perspective. It allows a user to access a common desktop from any device and allows a user to run a lighter and thinner local client device while harnessing the benefits of being able to connect to a powerful remote workstation.
[0010] Universal Serial Bus (USB) devices provide widespread access to a multitude of remote devices and applications. However, USB devices have introduced considerations in how security is handled when a USB device is accessed by a computing device, USB devices have also introduced implications in how the USB device is managed and monitored by third parties, such as an administrator or Information Technologies (IT) department of an enterprise.
[0011] The present disclosure provides a remote USB manager which may add external management of USB ports (e.g., by the third party). This allows the USB device to be remotely controlled for security and resource distribution purposes by the external management system using the remote USB manager.
[0012] In an example implementation according to aspects of the present disclosure, a system comprises a processor operatively coupled with a computer readable storage medium and instructions stored on the computer readable storage medium that, when executed by the processor, direct the processor to exchange communications between a computing device and a USB device over a remote USB manager; receive a control request from an external controller to the remote USB manager; and perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller.
[0013] In another example implementation, a method of operating a remote USB manager comprises receiving, over a USB input port, communications from a USB
device. The method includes transferring, over a USB output port, the communications received from the USB device to a computing device. The method also includes receiving, over a network interface, control signaling from an administrator indicating an instruction to reroute the communications received from the USB device to a different computing device and transferring, over a USB output port, the communications received from the USB device to the different computing device.
[0014] In yet another example, a non-transitory computer readable medium comprises Instructions executable by a processor to detect a physical plug-in a USB device by a remote USB manager In a computing device. The instructions executable by the processor further determine whether the USB device is authorized to access the computing device, if the USB device is authorized to access the computing device, then a remote plug-in of the USB device is enabled by the remote manager in the computing device. If the USB device is not authorized to access the computing device, then the remote plug-in of the USB device is blocked by the remote manager in the computing device.
[0015] FIG. 1 illustrates a block diagram of computing system 100 for managing a remote USB device, according to an example. Computing system 100 depicts communication interface 102, processor 104, memory 106, and storage medium 108. As an example of computing system 100 performing its operations, storage medium 108 may include instructions 110-114 that are executable by processor 104. Thus, storage medium 108 can be said to store program instructions that, when executed by processor 104, implement the components of computing system 100.
[0016] In particular, the executable instructions stored in storage medium 108 include, as an example, instructions 110 to exchange communications between a computing device and a USB device over a remote USB manager and instructions 112 to receive a control request from an external controller to the remote USB manager. The executable instructions stored in storage medium 108 also include, as an example, instructions 114 to perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller.
[0017] Instructions 110 to exchange communications between a computing device and a USB device over a remote USB manager represent program instructions that when executed by processor 104 cause computing system 100 to exchange signaling and data from the USB device, such as an Operating System (OS) installation image. In some examples, the remote USB manager includes a USB output port and a USB input port. In this example, the communications are exchanged with the computing device over the USB output port and the communications are exchanged with the USB device over the USB input port.
[0018] Instructions 112 to receive a control request from an external controller to the remote USB manager represent program instructions that when executed by processor 104 cause computing system 100 to communicate a state of the USB device and then receive control instructions from an externa! control device on how to alter the state of the USB device. In some examples, the external controller comprises an administrator computing device which remotely controls the USB device. The control request may be received in response to the remote USB manager transferring a status indicator to the external controller, such as a physically piugged-in status, virtual plugged-in status, powered on status, etc.
[0019] Instructions 114 to perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller represent program instructions that when executed by processor 104 cause computing system 100 to alter the state of the USB device based on the control instructions received from the external control device.
[0020] In some examples, the control request indicates an instruction to disable the USB device, in this example, the action performed by the remote USB manager comprises a virtual unplug of the USB device by at least one a powering off of the USB device and a discontinuing of exchanging communication between the USB device and the computing device, in other examples, the control request indicates an instruction to enable the USB device. In this example, the action performed by the remote USB manager comprises a virtual plug-in of the USB device by at least one a powering on of the USB device and a continuing of exchanging communication between the USB device and the computing device.
[0021] In yet another example, the control request indicates an instruction to authorize the USB device. The action performed by the remote USB manager then comprises a determination of the type of the USB device and allowing the exchange communication between the USB device and the computing device when the USB device type is authorized. For example, the USB device may be an administrative USB device which requests authorization before enabled to transfer confidential data to the computing device. However, in other examples, the action performed by the remote USB manager comprises a validation of an internal signature of the USB device and allowing the exchange communication between the USB device and the computing device when the internal signature of the USB device is validated.
[0022] In some examples, the control request indicates an instruction to route the communications from the USB device to a different computing device. In this example, the action performed by the remote USB manager comprises a redirecting of the communications exchanged with the USB device to the different computing device, in this example, the remote USB manager may be located on a motherboard of the computing device and reports to an OS of the computing device.
[0023] Storage medium 108 represents any number of memory components capable of storing instructions that can be executed by processor 104. As a result, storage medium 108 may be implemented in a single device or distributed across devices. Likewise, processor 104 represents any number of processors capable of executing instructions stored by storage medium 108.
[0024] FIG. 2 illustrates a flow diagram of method 200 to manage a remote USB device, according to an example. Some or all of the steps of method 200 may be implemented in program instructions in the context of a component or components of an application used to carry out the remote USB management. Although the flow diagram of FIG. 2 shows a specific order of execution, the order of execution may differ from that which is depicted. For example, the order of execution of two of more blocks shown in succession by be executed concurrently or with partial concurrence. Ail such variations are within the scope of the present disclosure.
[0025] Referring parenthetically to the steps in FIG. 2, method 200 receives, over a USB input port, communications from a USB device, at 201. For example, a remote USB manager may include a USB input port which exchanges control and data signaling with a USB device. The USB device may include an OS installation image.
[0026] Method 200 transfers, over a USB output port, the communications received from the USB device to a computing device, at 202. For example, the remote USB manager may also include a USB output port which exchanges control and data signaling with a computing device, in this example, the remote USB manager may transfer the OS installation image to the computing device from the USB device.
[0027] Method 200 receives, over a network interface, control signaling from an administrator indicating an instruction to reroute the communications received from the USB device to a different computing device, at 203. For example, the remote USB manager may also include a network port which communicates with a third- party administrator, such as an IT department to receive the control instructions to reroute the USB device.
[0028] Method 200 transfers, over a USB output port, the communications received from the USB device to the different computing device, at 204. For example, the USB device can be remotely unplugged from the computing device and remotely plugged into the different computing device, without needing to be physically unplugged from the computing device and re-plugged into the different computing device. In this example, the OS installation image may then be transferred to the different computing device over the remote USB manager.
[0029] FIG. 3 illustrates a block diagram of non-transitory storage medium 300 storing machine-readable instructions that upon execution cause a system to manage a remote USB device, according to an example. Storage medium is non- transitory in the sense that is does not encompass a transitory signal but instead is made up of a memory component configured to store the relevant instructions.
[0030] The machine-readable instructions include instructions 302 to detect a physical plug-in a USB device by a remote USB manager in a computing device.
The machine-readable instructions also include instructions 304 to determine whether the USB device is authorized to access the computing device. The machine- readable instructions also include instructions 306 to enable a remote plug-in of the USB device by the remote manager in the computing device if the USB device is authorized to access the computing device. Furthermore, the machine-readable instructions include instructions 308 to block the remote plug-in of the USB device by the remote manager in the computing device if the USB device is not authorized to access the computing device.
[0031] In one example, program instructions 302-308 can be part of an installation package that when instaiied can be executed by a processor to implement the components of a computing device, in this case, non-transitory storage medium 300 may be a portable medium such as a CD, DVD, or a flash drive. Non-transitory storage medium 300 may also be maintained by a server from which the installation package can be downloaded and instaiied. In another example, the program instructions may be part of an application or applications already instaiied. Here, non-transitory storage medium 300 can include integrated memory, such as a hard drive, solid state drive, and the like.
[0032] FIG. 4 illustrates an operational architecture of a system for managing, according to another example. FIG. 4 illustrates operational scenario 400 that relates to what occurs when. Operational scenario 400 includes remote USB manager 401 , first computing device 402, second computing device 403, USB device 404, and administrator control system 405. Remote USB manager 401 includes USB input ports 41Ga-410b, USB output ports 412a-412b, network port 414, and internal controller 416.
[0033] Remote USB manager 401 is representative of any device capable of routing control instructions from administrator control system 405 and USB device 414. Remote USB manager 401 may include various hardware and software elements in a supporting architecture suitable for performing process 500. One such representative architecture is illustrated in FIG. 6 with respect to computing system
601. Remote USB manager 401 also includes a software application or application component in internal controller 416 capable of controlling the exchange of communications to and from USB device 404 in accordance with the processes described herein. The software application may be implemented as a natively installed and executed application, a web application hosted in the context of a browser, a streamed or streaming application, a mobile application, or any variation or combination thereof.
[0034] First computing device 402 and second computing device 403 may include, but are not limited to, personal computers, mobile phones, tablet computers, desktop computers, laptop computers, wearable computing devices, or any other form factor, including any combination of computers or variations thereof. As shown in FIG. 4, first computing device 402 may receive communications from USB device 404 over remote USB manager 401 . Administrator control system 405 may be any external computing device which is able to remotely control the exchange of communications of USB device 404 using remote USB manager 401.
[0035] FIG. 5 Illustrates a sequence diagram for process 500 to remotely manage a USB device, according to another example. Specifically, the sequence diagram illustrates an operation of system 400 to route communications from USB device 404 to first computing device 402 and second computing device 403 over remote USB manager 401.
[0036] In a first step, USB device 404 transfers data to first computing device 402 over remote USB manager 401 , at 501. in a next step, remote USB manager 401 transfers a USB status of USB device to administrator control system 405, at 502. In a next step, remote USB manager 401 receives a command from administrator control system 405 indicating an instruction to reroute USB device 404 from first computing device 402 to second computing device 403, at 503.
[0037] In a next step, remote USB manager 401 processes the reroute command received from administrator control system 405, at 504. Next, remote USB manager 401 directs USB device 404 to remotely unplug from first computing device 402, at 505. Remote USB manager 401 then directs USB device 404 to remotely plug-in to
second computing device 403, at 506. In a final step, USB device 404 transfers data to second computing device 403 over remote USB manager 401 , at 507.
[0038] FIG. 6 illustrates a block diagram of computing system 601 , which is representative of any system or visual representation of systems in which the various applications, services, scenarios, and processes disclosed herein may be implemented. Examples of computing system 601 include, but are not limited to, server computers, rack servers, web servers, cloud computing platforms, and data center equipment, as well as any other type of physical or virtual server machine, container, and any variation or combination thereof. Other examples may include smart phones, laptop computers, tablet computers, desktop computers, hybrid computers, gaming machines, virtual reality devices, smart televisions, smart watches and other wearable devices, as well as any variation or combination thereof.
[0039] Computing system 601 may be implemented as a single apparatus, system, or device or may be implemented in a distributed manner as multiple apparatuses, systems, or devices. Computing system 601 includes, but is not limited to, processing system 602, storage system 603, software 605, communication interface system 607, and user interface system 609. Processing system 602 is operatively coupled with storage system 603, communication interface system 607, and user interface system 609.
[0040] Processing system 602 loads and executes software 605 from storage system 603. Software 605 includes application 606, which is representative of the processes discussed with respect to the preceding FIG.s 1-5, including method 200. When executed by processing system 602 to enhance an application, software 605 directs processing system 602 to operate as described herein for at least the various processes, operational scenarios, and sequences discussed in the foregoing examples. Computing system 601 may optionally include additional devices, features, or functionality not discussed for purposes of brevity.
[0041] Referring still to FIG. 6, processing system 602 may comprise a microprocessor and other circuitry that retrieves and executes software 605 from storage system 603. Processing system 602 may be implemented within a single processing
device but may also be distributed across multiple processing devices or subsystems that cooperate in executing program instructions. Examples of processing system 802 include general purpose central processing units, graphical processing unites, application specific processors, and logic devices, as well as any other type of processing device, combination, or variation.
[0042] Storage system 603 may comprise any computer readable storage media readable by processing system 802 and capable of storing software 605. Storage system 603 may Include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data. Examples of storage media include random access memory, read only memory, magnetic disks, optical disks, flash memory, virtual memory and non-virtual memory, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or other suitable storage media, except for propagated signals. Storage system 603 may be implemented as a single storage device but may also be implemented across multiple storage devices or sub-systems co-located or distributed relative to each other. Storage system 603 may comprise additional elements, such as a controller, capable of communicating with processing system 602 or possibly other systems.
[0043] Software 805 may be implemented in program instructions and among other functions may, when executed by processing system 602, direct processing system 602 to operate as described with respect to the various operational scenarios, sequences, and processes illustrated herein. Software 605 may include program instructions for implementing method 200.
[0044] In particular, the program instructions may include various components or modules that cooperate or otherwise interact to carry out the various processes and operational scenarios described herein. The various components or modules may be embodied in compiled or interpreted instructions, or in some other variation or combination of instructions. The various components or modules may be executed in a synchronous or asynchronous manner, serially or in parallel, in a single threaded environment or multi-threaded, or in accordance with any other suitable execution
paradigm, variation, or combination thereof. Software 605 may include additional processes, programs, or components, such as operating system software, virtual machine software, or other application software, in addition to or that include process 606. Software 605 may also comprise firmware or some other form of machine- readable processing instructions executable by processing system 602.
[0045] In general, software 605 may, when loaded into processing system 602 and executed, transform a suitable apparatus, system, or device (of which computing system 601 is representative) overall from a general-purpose computing system into a special-purpose computing system, indeed, encoding software 605 on storage system 603 may transform the physical structure of storage system 603. The specific transformation of the physical structure may depend on various factors in different examples of this description. Such factors may include, but are not limited to, the technology used to implement the storage media of storage system 603 and whether the computer-storage media are characterized as primary or secondary storage, as well as other factors.
[0046] If the computer readable storage media are implemented as semiconductor-based memory, software 605 may transform the physical state of the semiconductor memory when the program instructions are encoded therein, such as by transforming the state of transistors, capacitors, or other discrete circuit elements constituting the semiconductor memory. A similar transformation may occur with respect to magnetic or optical media. Other transformations of physical media are possible without departing from the scope of the present description, with the foregoing examples provided only to facilitate the present discussion.
[0047] Communication interface system 607 may include communication connections and devices that allow for communication with other computing systems (not shown) over communication networks (not shown). Examples of connections and devices that together allow for inter-system communication may include network interface cards, antennas, power amplifiers, RF circuitry, transceivers, and other communication circuitry. The connections and devices may communicate over communication media to exchange communications with other computing systems or networks of systems, such as metal, glass, air, or any other suitable communication
media. The aforementioned media, connections, and devices are weli known and need not be discussed at length here.
[0048] User interface system 609 may include a keyboard, a mouse, a voice input device, a touch input device for receiving a touch gesture from a user, a motion input device for detecting non-touch gestures and other motions by a user, and other comparable input devices and associated processing elements capable of receiving user input from a user. Output devices such as a display, speakers, haptic devices, and other types of output devices may also be included in user interface system 609. In some cases, the input and output devices may be combined in a single device, such as a display capable of displaying images and receiving touch gestures. The aforementioned user input and output devices are weli known in the art and need not be discussed at length here. User interface system 609 may also include associated user interface software executable by processing system 602 in support of the various user input and output devices discussed above.
[0049] Communication between computing system 601 and other computing systems (not shown), may occur over a communication network or networks and in accordance with various communication protocols, combinations of protocols, or variations thereof. Examples include intranets, internets, the Internet, local area networks, wide area networks, wireless networks, wired networks, virtual networks, software defined networks, data center buses, computing backplanes, or any other type of network, combination of network, or variation thereof. The aforementioned communication networks and protocols are well known and need not be discussed at length here. Certain inventive aspects may be appreciated from the foregoing disclosure, of which the following are various examples.
[00S0] The functional block diagrams, operational scenarios and sequences, and flow diagrams provided in the FiG.s are representative of example systems, environments, and methodologies for performing novel aspects of the disclosure. While, for purposes of simplicity of explanation, methods included herein may be in the form of a functional diagram, operational scenario or sequence, or flow diagram, and may be described as a series of acts, it is to be understood and appreciated that the methods are not limited by the order of acts, as some acts may, in accordance
therewith, occur in a different order and/or concurrently with other acts from that shown and described herein, it should be noted that a method could alternatively be represented as a series of Interrelated states or events, such as in a state diagram. Moreover, not all acts illustrated in a methodology may be required for a novel example.
[0051] It is appreciated that examples described may include various components and features. It is also appreciated that numerous specific details are set forth to provide a thorough understanding of the examples. However, it is appreciated that the examples may be practiced without limitations to these specific details, in other instances, well known methods and structures may not be described in detail to avoid unnecessarily obscuring the description of the examples. Also, the examples may be used in combination with each other.
[0052] Reference in the specification to “an example” or similar language means that a particular feature, structure, or characteristic described in connection with the example is included in at least one example, but not necessarily in other examples. The various instances of the phrase “in one example” or similar phrases in various places in the specification are not necessarily ail referring to the same example.
Claims
1. A remote Universal Serial Bus (USB) manager system comprising a processor operatively coupled with a computer readable storage medium and instructions stored on the computer readable storage medium that, when read and executed by the processor, direct the processor to: exchange communications between a computing device and a USB device over a remote USB manager; receive a control request from an external controller to the remote USB manager; and perform an action, by the remote USB manager, for the USB device based on the received control request from the external controller.
2. The remote USB manager system of claim 1 wherein the remote USB manager includes a USB output port and a USB input port, and wherein the communications are exchanged with the computing device over the USB output port and the communications are exchanged with the USB device over the USB input port.
3. The remote USB manager system of claim 1 wherein: the control request indicates an instruction to disable the USB device; and the action performed by the remote USB manager comprises a virtual unplug of the USB device by at least one a powering off of the USB device and a discontinuing of exchanging communication between the USB device and the computing device.
4. The remote USB manager system of claim 1 wherein: the control request indicates an instruction to enable the USB device; and the action performed by the remote USB manager comprises a virtual plug-in of the USB device by at least one a powering on of the USB device
and a continuing of exchanging communication between the USB device and the computing device.
5. The remote USB manager system of claim 1 wherein: the control request indicates an instruction to authorize the USB device; and the action performed by the remote USB manager comprises a determination of the type of the USB device and allowing the exchange communication between the USB device and the computing device when the USB device type is authorized.
6. The remote USB manager system of claim 1 wherein: the control request indicates an instruction to authorize the USB device; and the action performed by the remote USB manager comprises a validation of an internal signature of the USB device and allowing the exchange communication between the USB device and the computing device when the internal signature of the USB device is validated.
7. The remote USB manager system of claim 1 wherein: the control request indicates an instruction to route the communications from the USB device to a different computing device; and the action performed by the remote USB manager comprises a redirecting of the communications exchanged with the USB device to the different computing device.
8. The remote USB manager system of claim 1 wherein the external controller comprises an administrator computing device which remotely controls the USB device.
9. The remote USB manager system of claim 1 wherein the remote USB manager is located on a motherboard of the computing device and reports to an Operating System (OS) of the computing device.
ID. A method of operating a remote Universal Serial Bus (USB) manager comprising: receiving, over a USB input port, communications from a USB device; transferring, over a USB output port, the communications received from the USB device to a computing device; receiving, over a network interface, control signaling from an administrator system indicating an instruction to reroute the communications received from the USB device to a different computing device transferring, over a USB output port, the communications received from the USB device to the different computing device.
11. The method of operating the remote manager of claim 10 wherein the USB device includes an Operating System (OS) installation image and wherein the remote USB manager routes the USB device to the different computing device for re-imaging of an OS on the different computing device.
12. The method of operating the remote manager of claim 10 wherein the remote USB manager is remotely connected to a plurality of computing devices.
13. A non-transitory computer readable medium comprising program instructions executable by a processor to: detect a physical plug-in a Universal Serial Bus (USB) device by a remote USB manager in a computing device; determine whether the USB device is authorized to access the computing device; if the USB device is authorized to access the computing device, then enable a remote plug-in of the USB device by the remote manager in the computing device; and
if the USB device is not authorized to access the computing device, then block the remote plug-in of the USB device by the remote manager in the computing device.
14. The non-transitory computer readable medium of claim 13 wherein to determine whether the USB device is authorized to access the computing device, the program instructions executable by a processor are configured to: determine a type of the USB device; and compare the type of the USB device to an authorized USB device type to determine whether the USB device is authorized to access the computing device.
15. The non-transitory computer readable medium of claim 13 wherein to determine whether the USB device is authorized to access the computing device, the program instructions executable by a processor are configured to: receive an internal signature of the USB device; and validate the internal signature of the USB device to determine whether the USB device is authorized to access the computing device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/US2021/030356 WO2022231633A1 (en) | 2021-04-30 | 2021-04-30 | Remote universal serial bus manager |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/US2021/030356 WO2022231633A1 (en) | 2021-04-30 | 2021-04-30 | Remote universal serial bus manager |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2022231633A1 true WO2022231633A1 (en) | 2022-11-03 |
Family
ID=83847213
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2021/030356 WO2022231633A1 (en) | 2021-04-30 | 2021-04-30 | Remote universal serial bus manager |
Country Status (1)
| Country | Link |
|---|---|
| WO (1) | WO2022231633A1 (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060123166A1 (en) * | 2004-12-07 | 2006-06-08 | Cisco Technology, Inc., A Corporation Of California | Method and system for controlling transmission of USB messages over a data network between a USB device and a plurality of host computers |
| KR20110078601A (en) * | 2009-12-31 | 2011-07-07 | 서정훈 | Security usb device with secure password input&output function and method of authentication |
| US20160196454A1 (en) * | 2015-01-02 | 2016-07-07 | Hi Sec Labs LTD. | Usb security device, apparatus, method and system |
-
2021
- 2021-04-30 WO PCT/US2021/030356 patent/WO2022231633A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060123166A1 (en) * | 2004-12-07 | 2006-06-08 | Cisco Technology, Inc., A Corporation Of California | Method and system for controlling transmission of USB messages over a data network between a USB device and a plurality of host computers |
| KR20110078601A (en) * | 2009-12-31 | 2011-07-07 | 서정훈 | Security usb device with secure password input&output function and method of authentication |
| US20160196454A1 (en) * | 2015-01-02 | 2016-07-07 | Hi Sec Labs LTD. | Usb security device, apparatus, method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9197629B2 (en) | Remote direct memory access authentication of a device | |
| US20140259028A1 (en) | Mechanism for establishing temporary background communication between applications | |
| CN110083399B (en) | Applet running method, computer device and storage medium | |
| US9847987B2 (en) | Data center access and management settings transfer | |
| US11907766B2 (en) | Shared enterprise cloud | |
| WO2017045272A1 (en) | Virtual machine migration method and device | |
| US20170132027A1 (en) | Systems and methods for coordinating data caching on virtual storage appliances | |
| US10133361B2 (en) | Device driver-level approach for utilizing a single set of interface input devices for multiple computing devices | |
| WO2022231633A1 (en) | Remote universal serial bus manager | |
| US10609013B2 (en) | Twin factor authentication for controller | |
| US10771482B1 (en) | Systems and methods for detecting geolocation-aware malware | |
| US9712518B2 (en) | Apparatus used for security information interaction | |
| CN114051029B (en) | Authorization method, authorization device, electronic equipment and storage medium | |
| US10193880B1 (en) | Systems and methods for registering user accounts with multi-factor authentication schemes used by online services | |
| US11991208B2 (en) | Secure fibre channel/NVMe fabric communication system | |
| US20170034946A1 (en) | Server embedded storage device | |
| US10073978B2 (en) | Efficient modification and creation of authorization settings for user accounts | |
| US10152266B1 (en) | Systems and methods for providing data backup services in a virtual environment | |
| US20220222679A1 (en) | Systems and methods for integration of e-commerce data | |
| US20240012779A1 (en) | Systems and methods for conditional enablement and host visibility for hot-addable and hot-pluggable devices | |
| US11778548B2 (en) | Deploying containers on a 5G slice network | |
| US11424997B2 (en) | Secured network management domain access system | |
| US11895159B2 (en) | Security capability determination | |
| US20230229474A1 (en) | Plug-in management in virtualized computing environment | |
| US20240028730A1 (en) | Revoked firmware rollback prevention |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21939567 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| 122 | Ep: pct application non-entry in european phase |
Ref document number: 21939567 Country of ref document: EP Kind code of ref document: A1 |