Discretix Peripheral Binding creates a secure domain between host computers, external peripherals and storage devices. Based on the IEEE 1667™ standard, DxPB restricts interaction between unauthorized devices.

Market Needs

Removable storage devices (e.g. USB flash drives, portable disks) and other portable devices that offer mass storage (e.g. Mobile phones, media players) are an integral part of our work and personal lives. These devices serve an important need, by allowing large amounts of data to be easily transported between computers and between work and home. However, this convenience comes at the risk of data theft and data leakage. These devices also carry the additional risk of introducing viruses onto the host computer and the corporate network.

Today's enterprises require that peripheral devices be authenticated before being connecting to a host computer. Consumers can use the same approach to ensure that their personal information is not accessed by unauthorized computers and that unauthorized devices may not be connected to their computers. Requiring mutual authentication between a device and a host computer creates a secure domain, enabling trusted devices to freely interact with one another.

Technical Overview

The IEEE 1667 standard defines authentication of the host and/or the device based on generic operations. Implementation of these operations over communication protocols (e.g. SCSI, USB), are defined separately, allowing the extension of the specification to include more protocols over time. DxPB implements the generic operations of IEEE 1667 layer, allowing straight-forward mapping to different communication protocols. The software includes the mapping layer from IEEE 1667 generic operation to SCSI and USB protocols.

DxPB software layer easily integrates on top of existing security foundations (cryptographic services and secured storage). It provides a standard method for mutual authentication, interoperable with industry implementations of both Hosts and Storage devices.

Block Diagram:



Configuration Options:



Complementary Products:

DxPB relies on existing cryptographic services and secret key storage in the system, and can be supported by one of the following combinations of Discretix products.