This Content Component encountered an error
Definition

Human Interface Device protocol

Contributor(s): Matthew Haughn

Human Interface Device protocol (HID protocol) is a USB protocol for a broad category of user input devices.

Devices in the category include but are not limited to keyboards, mice, pen tablets, webcams, headsets, game and simulation controllers.

HID protocol has a default polling rate of 125hz as compared to PS/2’s 100hz. This rate gives USB an edge in responsiveness with a lower latency. Both USB and PS/2 provide for faster speeds but where PS/2 tops out at 200hz, USB goes up to 1000hz, which works out to a tiny 1ms latency. This low latency provides excellent response time for keyboards, mice, VR headsets, gaming and simulation controllers.

With keyboards, HID protocol is used to both enable pre-operating system functionality with a 6 key rollover boot mode for BIOS (basic input/output system) and operating systems that are not USB aware. This mode has the caveat of interrupting the system every time the device is polled and it being polled regardless of whether there is a change in input or not. A separate operating system mode which enables further features does not have this issue. Many devices can function with basic drivers included with OSs until custom drivers are installed, making hardware installation easier.

HID protocol’s ability to announce its capabilities provides ease of connecting devices and having OS find the drivers makes USB a very plug and play experience. At the same time, the specification offers no means to verify that devices are what they claim to be. This lack of verification can be a vulnerability that leads to masquerading devices. BadUSB is an example of malware exploiting this vulnerability.

This was last updated in October 2018

Continue Reading About Human Interface Device protocol

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close