METHOD FOR CONFIGURING AN EMBEDDED DEVICE

Abstract

Configuring an embedded device of a first type by means of a host device. The embedded device comprises a computing unit to provide configurable functionality according to input configuration items. The host device comprises an operating system to provide a means for communication with a number of predetermined types of embedded devices. The method includes coupling, via a coupling unit, the embedded device with the host device, including identifying the embedded device to the host device as a second type of device different from the first type or that operates in a different manner from the first type and is comprised of the predetermined types of embedded devices. The method includes presenting or offering a means for entering, retrieving, and supplying configuration items to the embedded device and receiving the configuration items by the computing unit, and performing configuration of the embedded device according to the received configuration items.

Claims

1. A method for configuring an embedded device of a first type in a computing environment by means of a host device, wherein: the embedded device comprises a computing unit adapted to provide configurable functionality according to externally input configuration items; and the host device comprises an operating system running thereon, wherein the operating system provides means for communication with a number of predetermined types of embedded devices, the method comprising: coupling the embedded device with the host device, wherein the computing unit identifies the embedded device to the host device as a second type of device of the predetermined types of embedded devices, wherein the second type is different from the first type or operates in a different manner from the first type; providing, by the host device with, a means for entering configuration items; retrieving the configuration items entered and supplying the configuration items to the embedded device by a means for communication with the second type of device provided by the operating system; receiving the configuration items by the computing unit of the embedded device; and performing configuration of the embedded device according to the received configuration items by the computing device.

2. The method of claim 1, wherein the predetermined types of embedded devices include printers, storage systems and keyboard lock indicators.

3. The method of claim 1, wherein the second type of device comprises a virtual file system, and wherein communication with the embedded device comprises creating or removing a file or directory, writing to a file or renaming a file or a directory stored in the virtual file system.

4. The method of claim 1, wherein the means for entering configuration items comprises a prompt requesting to rename a file or a directory with the configuration items.

5. The method of claim 1, wherein the embedded device is operable in at least two discrete operational states, and wherein the configurable functionality comprises toggling between the discrete operational states.

6. The method of claim 1, wherein the configurable functionality of the embedded device comprises a functionality with protected access and the configuration items comprise access details, wherein, in a unlocked state of the embedded device, access to the functionality is granted and, in a locked state of the embedded device, access to the functionality is denied, and wherein the computing unit of the embedded device verifies received access details against preset access details in order to unlock the embedded device.

7. The method of claim 1, wherein the embedded device comprises a storage unit and the configurable functionality is accessing data stored in the storage unit.

8. The method of claim 1, wherein providing the means for entering configuration items comprises presenting a user with instructions on how to enter the configuration items.

9. The method of claim 1 wherein providing the means for entering configuration items comprises obfuscating the configurable functionality to the user.

10. The method of claim 1, further comprising a computer-readable storage medium, comprising instructions, which when executed by a processor, cause the processor to perform the method.

11. An embedded device of a first type comprising: a coupling unit for coupling the embedded device to a host device; and a computing unit which is adapted to: identify the embedded device to the host device as a second type of device, wherein the second type is different from the first type or operates differently from the first type, receive configuration items from the host device by a means for communication with the second type of device, and perform configuration of the embedded device according to the received configuration items.

12. The embedded device of claim 11, wherein the embedded device is one of an input device, a wearable device, a configurable network device, or a removable storage device.

13. The embedded device of claim 12, wherein the coupling unit is adapted for a physical coupling with the host device.

14. A system for accessing configurable functionality on an embedded device, comprising: an embedded device; and a host device comprising a processing unit, an operating system running thereon, and an interface for receiving configuration items from a user, wherein the embedded device comprises: a coupling unit for coupling the embedded device to the host device; and a computing unit which is adapted to: identify the embedded device to the host device as a second type of device, wherein the second type is different from the first type or operates differently from the first type; receive the configuration items from the host device; and perform configuration of the embedded device according to the received configuration items.

15. The system of claim 14, wherein the operating system of the host device, upon a detection of the coupling of the embedded device, performs a predetermined action based on the second type of device.

16. The method of claim 6, wherein the computing unit based on the received configuration items further performs at least one of: initially presetting the access details; locking the embedded device; and resetting the embedded device to its initial state.

17. The method of claim 7, wherein the data is stored in an encrypted manner and the accessing thereof comprises decrypting the data; and/or wherein the accessing of the data comprises a transfer of the data by means of Media Transfer Protocol or Universal Serial Bus (USB) Mass Storage Access Protocol.

18. The embedded device of claim 12, wherein the embedded device is an input device comprising a configurable keyboard or remote control.

19. The embedded device of claim 12, wherein the embedded device is a wearable device comprising a health monitor device or a smartwatch.

20. The embedded device of claim 13, wherein the coupling unit comprises a Universal Serial Bus (USB) protocol.

Description

THIRD EXAMPLE

[0035] In the following, a third embodiment of the present invention will be described in even more detail and making reference to the following drawings:

[0036] FIG. 1 a schematic view of a system for accessing securely stored data according to the invention;

[0037] FIG. 2 a state/flow diagram illustrating an embodiment of a method according to the invention; and

[0038] FIG. 3 an embodiment of information displayed to a user on a screen of the host device in the system of FIG. 1 when performing the method according to FIG. 2.

[0039] The third example relates to a removable storage device for securely storing data, such as a USB flash drive or a portable hard disk drive. Such devices allow the effortless transferring of files between multiple computers avoiding the drawbacks and limitations often associated with online communication, such as e-mail file size limits, low bandwidth delays, eavesdropping risk, lack of connectivity or firewall restrictions as well as the requirement to rely on third-party providers of cloud storage, which are often associated with the risk of data loss, security breaches, regulatory compliance complications and substantial costs.

[0040] However, storing data on removable storage devices in possession of individuals and organizations comes with risks associated with data confidentiality and integrity. A forgotten or misplaced removable storage device can disclose valuable data or even allow third parties to alter it. This is especially important when and, as often the case, the data concerns confidential and/or personal information. Possible leaks may expose individuals to identify theft or institutions to industrial espionage.

[0041] In the past, security breaches have happened in which, solely through the loss of USB flash drives, personal details of thousands of private pension holders have occurred, while in another case, a USB flash drive was stolen with the names, grades and social security numbers of thousands of former students of a university. It has even occurred that USB flash drives with classified military information were found for sale in public market places both online and offline. A study sponsored by IBM has found in 2018 that the average cost of each data breach amounts to 2.86 million dollars.

[0042] Previously, application-level or operating system-level encryption or other access control has been used in order to mitigate the above-described problems. However, additional burdens have been introduced by said access control methods, in particular both parties concerned with writing and reading the corresponding data need to have compatible access control or device driver software available or installed on their hardware. This approach is especially challenging when mismatched operating systems (Windows, Android, MacOS, Linux etc.) and/or mismatched software applications (BitLocker, DiskCryptor, VeraCrypt, GnuPG, 7-Zip, etc.) are used, and also since enterprise users typically lack the administrative access to install the required software on their devices, while outdated software or even incompatible versions of the same software can be prohibitive for smooth access to protected files on removable storage devices.

[0043] As a somewhat more platform-independent measure, removable storage devices, such as USB flash drives, with native encryption have been introduced, but they either require proprietary drivers which suffer from the above-described compatibility problems or are supplied with a costly, cumbersome and unreliable embedded keyboard or an expensive and insecure biometric sensor.

[0044] Using the method according to the present invention may overcome the above-identified problems and provide secure communication with the embedded device while neither requiring the installation and use of dedicated communication software nor the installation of driver software on a host device nor the embedding of a keyboard or biometric sensor on the embedded device itself.

[0045] In FIG. 1, a schematic view of a system according to the invention is illustrated and generally denoted with reference numeral 10. The system consists of a host device 100 and a removable storage device 200 acting as the embedded device in the sense of the invention, which are coupled by means of respective coupling units 102 and 202. The coupling units 102 and 202 may for example be USB plug and socket or similar physical coupling arrangements, or in an alternative embodiment may also be wireless coupling units such as Bluetooth transceivers. The coupling units 102 and 202 communicate via the logical interface 301, which presents the removable storage device 200 as a device of a first type, and the logical interface 302, which presents the removable storage device 200 as a device of a second type.

[0046] The host device 100 may for example be a personal computer which in addition to the coupling arrangement 102 comprises known components such as a processor 104 with a volatile memory in the form of random access memory 106 and a non-volatile memory 108 such as a hard disk drive.

[0047] Furthermore, the host device 100 comprises peripheral devices such as a display unit 110 and input means 112 such as a keyboard and/or a mouse, wherein the display unit 110 and the input devices 112 provide an interface for interaction with a human user of the host device 100. The host device 100 is running an operating system which is stored in its non-volatile memory 108 and uses the volatile memory 106 during run time. Said operating system provides both low-level and high-level functionalities, both of which are employed in embodiments of the present invention, in particular on the one hand the high-level abilities to display information to the user by means of the display device 110 and to retrieve input from the user by means of the input devices 112 and on the other hand the low-level abilities to manipulate files stored in both the physical storage units and virtual file systems, for example by writing to them or renaming them. In this context, the term “file” may also encompass directories or folders in different types of filesystems known in the art.

[0048] On the other hand, the removable storage device 200 in addition to its coupling unit 202 also comprises a computing unit 204 which may be embodied by a microprocessor or microcontroller which associated thereto has a non-volatile memory such as an EEPROM 206 on which software to be run by the microprocessor 204 is stored in a non-volatile manner, wherein the microprocessor 204 furthermore has a volatile memory 208 associated thereto which is used by the microprocessor 204 during the runtime of said software.

[0049] Additionally, the storage device also comprises a dedicated storage unit 210, which can for example in turn comprise blocks of flash memory, on which large amounts of data can be stored, preferably in a protected manner, e.g. through encryption. Alternative implementations of the removable storage device 200 may combine the non-volatile memory 206 with the storage unit 210 such that software and data are stored in a common memory. Said data may have been copied to the storage unit of the removable storage device from the host unit 100 or any other compatible computing device already in a protected manner or it may have been protected during its transfer to the removable storage device from the host device 100 or any other compatible computing resource by the computing unit 204 of the storage device 200.

[0050] For the accessing of the protected data stored in the storage unit 210 of the removable storage device 200, a method connected to the state/flow diagram shown in FIG. 2 is employed, which embodies a method according to the present invention. For this purpose, the removable storage device 200 identifies to the host device 100 via the logical interface 302 as a virtual file system which serves as the second type of device in the sense of the invention, while the storage device 200 itself is of the first type of device.

[0051] In state S1, the removable storage device 200 is not yet initialized and thus neither has protected data stored in its storage unit 210 nor access details defined, which will serve as a way for accessing the (protected) data. Thus, after its first coupling to a suitable host device 100, which is illustrated by arrow S2, said host device 100 will cooperate with the computing unit 204 of the removable storage device in order to initialize the removable storage device 200 in the initialization step S3. For this purpose, in the present embodiment, the user will be presented an interface for configuring the access details of the storage device 200 in step S4, which will refer to the second type of device as which the storage device 200 identifies itself to the host device 100. In the present example, the access details and all further information entered by the user will serve as configuration items in the sense of the present invention.

[0052] In one embodiment discussed herein, the user will be presented a folder icon in a file manager application of the operating system of the host unit 100 on its display 110 in a similar manner as is shown in FIG. 3 and discussed below which is the typical tool of the present operating system for allowing user operations on file systems, including the present virtual file system serving as second type of device. The user can now rename the folder with a suitable alphanumeric string which will be forwarded from the host device 100 to the computing unit 204 of the storage device 200 by means of basic file system manipulation functionality natively supported by the operating system of the host device 100. In order to assist the user with said task, the folder to be renamed may initially have a name consisting of instructions on how to set a key-phrase in a similar manner as is shown in FIG. 3 in connection with the entering of the access details at a later stage of the method. At this stage and by means of the method according to the invention, a simple access method (e.g. through a passphrase, password, or PIN) can be configured, or one or more operations can be used to configure more sophisticated access control, e.g. through user identifiers, passwords, roles, and corresponding access rights.

[0053] The computing unit 204 of the storage device retrieves the alphanumeric string from the host device 100 and initializes the storage in a protected manner, for example by means of a symmetrical encryption key associated directly or indirectly with the provided access details. After said initialization step S3, the removable storage device 200 is initialized yet in a locked state, corresponding to state S7 discussed below. In an alternative implementation, at this point, the removable storage device might also enter state S10 as discussed below, in which it is ready to process secure data. In case the storage device 200 is uncoupled from the host device 100 before the key-phrase is properly set through the operation just described, it will return to its uninitialized state S1 as illustrated by the corresponding dashed arrow.

[0054] As soon as the coupling between the host device 100 and the initialized removable storage device 200 is cut once step S4 has been performed, for example by physically disconnecting the coupling units 102 and 202 or in case the host device 100 is powered down, as illustrated by the corresponding dashed arrow, the storage device 200 enters, actively or by default, a locked state S5, in which access to the protected files is denied.

[0055] After re-coupling the storage device 200 with the host device 100 in its initialized, yet locked state in step S6, the storage device will enter state S7 and the user of the host device 100 will be presented the folder icon in the above-mentioned file manager application of the operating system of the host unit 100 on the display 110 as shown in FIG. 3, left side. The user may now enter access details serving as configuration items, e.g. by renaming the folder shown in FIG. 3, and the entered access details are forwarded from the host device 100 to the computing unit 204 of the storage device 200 by means of the basic file system manipulation functionality of the operating system of the host device 100 discussed above.

[0056] Now, the computing unit 204 will again verify if the access details are compatible with those provided in step S8, e.g. by deriving the encryption key from the access details, and in case they can be correctly used to access the protected data (state S9), the storage device will enter state S10 in which the storage device 200 is unlocked and data can be transferred thereto and retrieved therefrom by means of file transfer operations provided by the operating system of the host device 100 via the logical interface 301, wherein the computing unit 204 of the removable storage device 200 may perform additional encryption and/or decryption operations during said file manipulation operations. FIG. 3, right side refers to such an unlocked state, in which the user can perform file manipulation operations by means of the file manager application of the operating system of the host device 100 as previously discussed. Similarly to state S7, if the storage device 200 gets uncoupled from the host device 100 while in state S10, the storage device 200 enters locked state S5, as illustrated by the corresponding dashed arrow, in which access to the protected files is denied.

[0057] On the other hand, in case the entered and forwarded access details and the stored key-phrase in cannot be used to access the protected data in step S8 (state S11), the user may again be presented the folder icon as shown in FIG. 3, left side, with its original name wherein additional safety measures can be taken, for example a maximum number of tries to enter the correct access details may be provided to the user before the removable storage device 200 permanently locks itself or wipes all stored data.

[0058] Through the operating system level mechanisms discussed above, which in the present example are related to renaming dedicated files with suitable alphanumeric names serving as commands to the computing unit 204, additional operations can be performed on the storage device 200, such as wiping data or resetting the key-phrase while the storage device is in state S7 (step S13) thus un-initializing the storage device 200 and returning it into its uninitialized state S3 or locking the storage device while in state S10 thus returning to state S7 (step S12). All of the respective inputs for said operations constitute configuration items in the sense of the present invention.

[0059] Although a commonly adopted approach for securing stored data is through encryption, other approaches are also possible. For example, the storage device 200 may store the initial access details and compare them against newly-entered ones to provide access to the (not necessarily encrypted) data when the entered access details match those stored when the device was initialized. The security vulnerabilities of this approach can be mitigated by utilizing secure tamper-proof hardware for implementing the storage device 200.

[0060] The method just described in the context of accessing data on a secure storage device, in which file or directory names in a virtual file system are modified in order to provide configuration items to a configurable embedded device may also be used for other types of embedded devices such as configurable keyboards. Nowadays, the task of programming macro-commands on computer keyboards is accomplished by dedicated, platform-specific application programs and/or device drivers. Applying the present invention to said task may allow to present a user a means for entering configuration items, such as the virtual file system discussed above, wherein the operation of each function key can be programmed simply by editing the file corresponding to the given key. For this purpose, the programmable keyboard also has to identify itself to the host device as a virtual file system.

[0061] Similarly, the communication with a USB-to-Ethernet adapter offering firewall functionality can also be performed without a dedicated application program and device driver, thereby making the device more portable and possibly also offering the potential to make it more secure. Specifically in an embodiment, the firewall's rules, such as white-lists or black-lists of IP addresses or TCP/UDP ports may be presented to the user through a virtual file system as files which can be edited. Other virtual files may provide details of accepted and rejected packets during the firewall's operation.