Controlling USB Access of Windows CE6

Question

I am looking to find a way to programatically (C++) control/secure access to the USB ports on a Windows CE device that will only have a single login, and then be left running a real-time application.

Ideally, being able to have a password entered into the running application, which then opens up/enables USB functionality, would be the easiest to integrate, but any solution will be taken into consideration.

I'm not really bothered about what type of device is plugged in, although this would be a bonus. I just want to stop someone being able to use Pen Drives without authorisation on the running system, but still allow authorised engineers a way to update software and copy log files etc.

I know that could be done in the BIOS, but I don't want to have to reboot to toggle this functionality, as the software running needs to stay running, and I'd rather not let inexperienced people into the BIOS...

Is there any way this can be done in C++ for Windows CE6?

Answer 1

You need to modify the USB host driver to ask for the authenticaion from the user (or better yet have it coordinate with some authentication app/servce). You could then make it as complex as you'd like, associating users with device classes, device vendors or even down to a device serial number.

The driver source ships with Platform Builder, so it shouldn't be too difficult to do.