CA2370603A1 - Arrangement and method to improve information security - Google Patents
Arrangement and method to improve information security Download PDFInfo
- Publication number
- CA2370603A1 CA2370603A1 CA002370603A CA2370603A CA2370603A1 CA 2370603 A1 CA2370603 A1 CA 2370603A1 CA 002370603 A CA002370603 A CA 002370603A CA 2370603 A CA2370603 A CA 2370603A CA 2370603 A1 CA2370603 A1 CA 2370603A1
- Authority
- CA
- Canada
- Prior art keywords
- processor
- unit
- processor unit
- processor units
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/03—Protocol definition or specification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The invention relates to an arrangement and method for preventing unauthoris ed access to an information system via a network. A workstation according to th e invention comprises at least two separate processor units (PA, PB) in one an d the same housing and a switch unit (16). Part of the processor units (PA) ar e connected to public data networks. The other processor units (PB), which are not connected to public data networks, are used as work machines proper. The processor units in the workstation have got separate power supplies (21, 22) , separate fixed disk drives (9, 10) and hardware interfaces for electrically isolating data transfer between the processor units. The processor units sha re a display (20), keyboard (18) and a mouse (19) with their associated interfaces. By means of a control switch (17) the user can select the processor unit to work with. In conjunction with the switch unit there is an indicator (23, 24) which indicates to the user the processor unit to which said devices are connected at any given time. An advantage of the invention is that the workstation, which can be connected to public data networks when needed, is secure against unauthorised access so one can safety work and sav e information on it. Information received from the network is transferred to t he protectedprocessor unit in an encrypted form on a diskette or printing paper , for example.
Description
Arrangement and method to improve information security The invention relates to a hardware arrangement for preventing unauthorized access to a computer system through a data network. The invention further relates to a method for preventing unauthorized access to a computer system through a data network.
Information security in computers connected to a public network directly or through a local area network (LAN) is in principle under constant threat. Just opening an e-mail program may result in a third party obtaining identifiers which make possible subsequent spying. A computer virus may arrive in a computer system for example in a file attachment to an e-mail message or in a newsgroup message or in the form of a Java applet when the user is browsing the world wide web. A virus program may spread in the intranet of a company or corporation from one workstation to another. A virus may copy on one of the computers all the text files typed in and all key presses of all the workstations, for example, or it may send a copy of an image file always when saved or information displayed on the screen at fifteen-minute intervals, for instance. The actions of a virus may produce an extra file in the directory c:lwinnt\System32, for example. If the file is not detected and deleted, the virus program controlling it may send its contents say once a day to be read by a spy.
In addition to hidden viruses gathering information the system may of course be-come infected with viruses that destroy data. Additional danger comes from the re-cently emerged computer remote use programs and from so-called Trojan Horses, which may e.g. send the PGP key rings, used in data encryption, to the network as soon as a workstation is connected it.
A factor undermining information security is the fact that telecommuting gains in-creasing popularity. Someone spying on a company may possibly load on a tele-commuters computer a remote use program or computer virus which may later spread into the company's intranet as the infected computer is connected to it. It is uneconomical to build effective information protection for an individual telecom-muter and, furthermore, it is impossible as there is no guarantee that a telecommuter could keep his computer out of the reach of others.
Known techniques to improve information security include the development of protected software structures, use of antivirus software, use of a so-called firewall, and having at least part of the computers isolated from the network.
Information security in computers connected to a public network directly or through a local area network (LAN) is in principle under constant threat. Just opening an e-mail program may result in a third party obtaining identifiers which make possible subsequent spying. A computer virus may arrive in a computer system for example in a file attachment to an e-mail message or in a newsgroup message or in the form of a Java applet when the user is browsing the world wide web. A virus program may spread in the intranet of a company or corporation from one workstation to another. A virus may copy on one of the computers all the text files typed in and all key presses of all the workstations, for example, or it may send a copy of an image file always when saved or information displayed on the screen at fifteen-minute intervals, for instance. The actions of a virus may produce an extra file in the directory c:lwinnt\System32, for example. If the file is not detected and deleted, the virus program controlling it may send its contents say once a day to be read by a spy.
In addition to hidden viruses gathering information the system may of course be-come infected with viruses that destroy data. Additional danger comes from the re-cently emerged computer remote use programs and from so-called Trojan Horses, which may e.g. send the PGP key rings, used in data encryption, to the network as soon as a workstation is connected it.
A factor undermining information security is the fact that telecommuting gains in-creasing popularity. Someone spying on a company may possibly load on a tele-commuters computer a remote use program or computer virus which may later spread into the company's intranet as the infected computer is connected to it. It is uneconomical to build effective information protection for an individual telecom-muter and, furthermore, it is impossible as there is no guarantee that a telecommuter could keep his computer out of the reach of others.
Known techniques to improve information security include the development of protected software structures, use of antivirus software, use of a so-called firewall, and having at least part of the computers isolated from the network.
The drawback of software solutions for preventing unauthorized access to secret information is that such solutions have proven difficult to use: and unreliable in operation. The drawback of antivirus software is that such applications cannot satis-factorily keep up with virus development. Antivirus programs axe mainly based on finding certain data sequences. Often they do not recognize the codes of an indus-trial spy as he changes his code according to the target.
A firewall means an arrangement with which the internal communications of a company or corporation is isolated from public data networks so that only data packets coming from certain IP addresses reach the internal network. When used correctly, firewalls bring considerable additional security for computers in the intra-net, but they cannot hold back skillful spies for a very long time. For example, a faked IP address can be used to deceive the firewall. Moreover, a firewall may in practice be badly configured, which makes penetration of the firewall easier.
Also known is to use two computers at one post. Fig. 1 shows such an arrangement.
Shown in the Figure there are workstations 101, 102, 103 and 111 connected to one and the same LAN. All workstations connected to the LAN have communication possibility to the Internet through a firewall 120. Workstation 111 belongs to post 110, which further includes another computer 112. This other computer contains information that must be kept absolutely secret, and it is not connected to any data network. This arrangement gives good information security for isolated machines like said computer 112, but its disadvantages are relatively high costs, more cramped desks, and decreased convenience of use.
An object of the invention is to reduce said disadvantages associated with the prior art. The structure according to the invention is characterized by what is specified in the independent claims 1 and 14. The method according to the invention is charac-terized by what is specified in the independent claim 16. The other claims specify some advantageous embodiments of the invention.
The basic idea of the invention is as follows: A workstation comprises at least two separate processor units and a switch unit housed in one chassis. Part of the proces-sor units are connected to public data networks. The other processor units, which are not connected to public data networks, are used as work machines proper.
The processor units in the workstation have got separate power supplies, separate fixed disk drives and hardware interfaces for electrically isolating data transfer between the processor units. The processor units share a display, keyboard and a mouse with their associated interfaces. The processor unit, with which the user works, is selected by means of a control switch or a code typed on the keyboard. The switch unit directs the control signals coming from the keyboard and mouse to the selected processor unit as well as the display signal of the selected processor unit to the common display. In conjunction with the switch unit there is an indicator which indicates to the user the processor unit to which said devices are connected at any given time. There may also be connected to the workstation other peripherals, such as e.g. a printer and scanner, which may be either shared by the processor units or specific to the processor units.
An advantage of the invention is that the workstation, which can be connected to public data networks when needed, is secure against unauthorized access so one can safely work and save information on it. No viruses from data networks can enter the processor unit, which is isolated from data networks, and nor can the processor unit be monitored in any way through data networks. Another advantage of the invention is that the protection mentioned above is achieved without increasing the number of apparatuses at a post and without compromising convenience of use. A further ad-vantage of the invention is that if the work processor proper mal:Cunctions, the other processor can be used as a spare processor for working on a temporary basis. A
still further advantage of the invention is that the arrangement according to the invention increases the costs by an amount which is relatively small or nonexistent since the existence of a protected processor unit allows the use of more inexpensive protec-tion methods towards the network as compared to prior art workstations. In connec-tion with the above, an advantage of the invention is that the introduction and use of protection according to the invention does not require special expertise, unlike the installation and updating of protection systems in conventional prior-art arrange-menu.
The invention is described in more detail in the following. Reference is made to the accompanying drawings in which Fig. 1 shows an example of a prior-art arrangement, Fig. 2 shows an example of the arrangement according to the invention, Fig. 3 shows an example of the use of computers according to the invention in a network environment, Fig. 4 shows an example of cooperation of a computer according to the inven-tion and another communications device, and Fig. 5 shows an example of the method according to the invention.
A firewall means an arrangement with which the internal communications of a company or corporation is isolated from public data networks so that only data packets coming from certain IP addresses reach the internal network. When used correctly, firewalls bring considerable additional security for computers in the intra-net, but they cannot hold back skillful spies for a very long time. For example, a faked IP address can be used to deceive the firewall. Moreover, a firewall may in practice be badly configured, which makes penetration of the firewall easier.
Also known is to use two computers at one post. Fig. 1 shows such an arrangement.
Shown in the Figure there are workstations 101, 102, 103 and 111 connected to one and the same LAN. All workstations connected to the LAN have communication possibility to the Internet through a firewall 120. Workstation 111 belongs to post 110, which further includes another computer 112. This other computer contains information that must be kept absolutely secret, and it is not connected to any data network. This arrangement gives good information security for isolated machines like said computer 112, but its disadvantages are relatively high costs, more cramped desks, and decreased convenience of use.
An object of the invention is to reduce said disadvantages associated with the prior art. The structure according to the invention is characterized by what is specified in the independent claims 1 and 14. The method according to the invention is charac-terized by what is specified in the independent claim 16. The other claims specify some advantageous embodiments of the invention.
The basic idea of the invention is as follows: A workstation comprises at least two separate processor units and a switch unit housed in one chassis. Part of the proces-sor units are connected to public data networks. The other processor units, which are not connected to public data networks, are used as work machines proper.
The processor units in the workstation have got separate power supplies, separate fixed disk drives and hardware interfaces for electrically isolating data transfer between the processor units. The processor units share a display, keyboard and a mouse with their associated interfaces. The processor unit, with which the user works, is selected by means of a control switch or a code typed on the keyboard. The switch unit directs the control signals coming from the keyboard and mouse to the selected processor unit as well as the display signal of the selected processor unit to the common display. In conjunction with the switch unit there is an indicator which indicates to the user the processor unit to which said devices are connected at any given time. There may also be connected to the workstation other peripherals, such as e.g. a printer and scanner, which may be either shared by the processor units or specific to the processor units.
An advantage of the invention is that the workstation, which can be connected to public data networks when needed, is secure against unauthorized access so one can safely work and save information on it. No viruses from data networks can enter the processor unit, which is isolated from data networks, and nor can the processor unit be monitored in any way through data networks. Another advantage of the invention is that the protection mentioned above is achieved without increasing the number of apparatuses at a post and without compromising convenience of use. A further ad-vantage of the invention is that if the work processor proper mal:Cunctions, the other processor can be used as a spare processor for working on a temporary basis. A
still further advantage of the invention is that the arrangement according to the invention increases the costs by an amount which is relatively small or nonexistent since the existence of a protected processor unit allows the use of more inexpensive protec-tion methods towards the network as compared to prior art workstations. In connec-tion with the above, an advantage of the invention is that the introduction and use of protection according to the invention does not require special expertise, unlike the installation and updating of protection systems in conventional prior-art arrange-menu.
The invention is described in more detail in the following. Reference is made to the accompanying drawings in which Fig. 1 shows an example of a prior-art arrangement, Fig. 2 shows an example of the arrangement according to the invention, Fig. 3 shows an example of the use of computers according to the invention in a network environment, Fig. 4 shows an example of cooperation of a computer according to the inven-tion and another communications device, and Fig. 5 shows an example of the method according to the invention.
Fig. 1 was already discussed in connection with the description of the prior art.
Fig. 2 shows an example of a workstation according to the invention. In the Figure we can see within a single housing 1 a first processor unit PA, a second processor unit PB, and a switch unit 16. The first processor unit PA comprises a motherboard 2, central processor 6, memory modules 5, fixed disk drive 9, and a network card 3.
A cable 4 to be connected to a data network is attached to the network card. A
diskette drive 7 and CD-ROM (compact disc read only memory) drive 8 are interfaced to the PA unit. Furthermore, the first processor unit PA has got a power supply 21 of its own. The second processor unit PB comprises a second motherboard 10, second central processor 12, second memory modules 11, and a second fixed disk drive 15. A second diskette drive 13 and second CD-ROM drive 14 are interfaced to it. Furthermore, the second processor unit PB has got a power supply 22 of its own. The switch unit 16 is connected to a bus on the motherboards of both processor units. The switch unit comprises interfaces, i.e.
controllers, for the keyboard 18, mouse 19 and display 20. In addition, the switch unit 16 includes a switch 17 controlled by means of a separate lever or push buttons or keyboard commands. The position of the switch 17 determines whether said interfaces are connected to the bus of processor unit PA or the bus of processor unit PB. The switch 17 further controls the indicators 23 and 24 in the arrangement, that indicate which processor unit is connected to the keyboard, mouse and display. Here the indicators are shown to be light emitting diodes or lamps. They may as well be sound signal devices, for instance.
Providing the processor units with separate power supplies adds to the costs but, on the other hand, enhances information security. All motherboards are equipped with a sensitive voltmeter for automatic supply voltage control. As a processor unit is active, the load caused by it on the power supply varies constantly and, hence, the supply voltage varies slightly, too. If the processor units had a shared power supply, a voltmeter monitoring program possibly installed on processor unit PA, connected to a data network, could be able to register events of processor unit PB
isolated from the data network.
In accordance with the structure described, processor unit PA is used as a network machine, and processor unit PB is the work machine proper containing all the in-formation that needs to be protected. Possible thefts directed to the data structures of unit PA are not a serious threat to the business of the company, and possible de-struction of those data structures does not prevent work on unit PB.
Information is transferred between the processor units through data diskettes or document scan-ning, for example. An infrared link may also be used inside the workstation.
In all cases, the transfer is carried out in compliance with rules drawn up to guarantee information security.
To provide additional protection, different operating systems may be installed on 5 the processor units PA, PB. If then a virus programmed for the Windows environ-ment, for example, enters on a data diskette the PB unit operating under, say, Linux, it most likely will become inoperative in that other operating system.
Fig. 3 shows an example of the use of computers according to the invention in a network environment. In the Figure there can be seen an internal data network INTRANET-X of a company or corporation, connected to the INTERNET through a firewall 301. The INTRANET-X comprises, among others, local area networks LAN1, LAN2, LAN3 and LAN4. Each local area network has e.g. a routing hub, such as HUB 1, to which the workstations and servers of the local area network are connected. Local area network LAN 1 includes workstations 311 and 312, among others. In accordance with the invention these comprise processor units PA and PB.
For all corresponding workstations we will call the former part A, and the latter, part B in short. Each workstation according to the invention is connected to the INTRANET-X network via part A. Local area network LAN2 includes, among other things, workstations 321, 322 and 323 according to the invention. Local area network LAN3 includes, among other things, workstations 331 and 332 according to the invention. These workstations 331, 332 have, in addition to part A
connected to the INTRANET-X, two separate protected processor units, parts B and C. The protected parts B in workstations 321, 322 and 323 are interconnected so as to form a small network of their own on the side of the intranet in question. To this pro-tected subnetwork there is further connected, through a protected and fixed connec-tion, part B of workstation 331 in the local area network LAN:3. In the local area network LAN3, parts C of at least workstations 331 and 332 are interconnected so as to form a protected network of their own. When building such protected "inner networks", there will be between the A and B parts, or A and C parts of an individual workstation an inter-network interface, which is impenetrable to viruses and such.
Within INTRANET-X there may also be, connected to it, individual workstations which may of course be conventional or in accordance with the invention. One such is workstation 391, connected to INTRANET-X via a node ND.
Fig. 2 shows an example of a workstation according to the invention. In the Figure we can see within a single housing 1 a first processor unit PA, a second processor unit PB, and a switch unit 16. The first processor unit PA comprises a motherboard 2, central processor 6, memory modules 5, fixed disk drive 9, and a network card 3.
A cable 4 to be connected to a data network is attached to the network card. A
diskette drive 7 and CD-ROM (compact disc read only memory) drive 8 are interfaced to the PA unit. Furthermore, the first processor unit PA has got a power supply 21 of its own. The second processor unit PB comprises a second motherboard 10, second central processor 12, second memory modules 11, and a second fixed disk drive 15. A second diskette drive 13 and second CD-ROM drive 14 are interfaced to it. Furthermore, the second processor unit PB has got a power supply 22 of its own. The switch unit 16 is connected to a bus on the motherboards of both processor units. The switch unit comprises interfaces, i.e.
controllers, for the keyboard 18, mouse 19 and display 20. In addition, the switch unit 16 includes a switch 17 controlled by means of a separate lever or push buttons or keyboard commands. The position of the switch 17 determines whether said interfaces are connected to the bus of processor unit PA or the bus of processor unit PB. The switch 17 further controls the indicators 23 and 24 in the arrangement, that indicate which processor unit is connected to the keyboard, mouse and display. Here the indicators are shown to be light emitting diodes or lamps. They may as well be sound signal devices, for instance.
Providing the processor units with separate power supplies adds to the costs but, on the other hand, enhances information security. All motherboards are equipped with a sensitive voltmeter for automatic supply voltage control. As a processor unit is active, the load caused by it on the power supply varies constantly and, hence, the supply voltage varies slightly, too. If the processor units had a shared power supply, a voltmeter monitoring program possibly installed on processor unit PA, connected to a data network, could be able to register events of processor unit PB
isolated from the data network.
In accordance with the structure described, processor unit PA is used as a network machine, and processor unit PB is the work machine proper containing all the in-formation that needs to be protected. Possible thefts directed to the data structures of unit PA are not a serious threat to the business of the company, and possible de-struction of those data structures does not prevent work on unit PB.
Information is transferred between the processor units through data diskettes or document scan-ning, for example. An infrared link may also be used inside the workstation.
In all cases, the transfer is carried out in compliance with rules drawn up to guarantee information security.
To provide additional protection, different operating systems may be installed on 5 the processor units PA, PB. If then a virus programmed for the Windows environ-ment, for example, enters on a data diskette the PB unit operating under, say, Linux, it most likely will become inoperative in that other operating system.
Fig. 3 shows an example of the use of computers according to the invention in a network environment. In the Figure there can be seen an internal data network INTRANET-X of a company or corporation, connected to the INTERNET through a firewall 301. The INTRANET-X comprises, among others, local area networks LAN1, LAN2, LAN3 and LAN4. Each local area network has e.g. a routing hub, such as HUB 1, to which the workstations and servers of the local area network are connected. Local area network LAN 1 includes workstations 311 and 312, among others. In accordance with the invention these comprise processor units PA and PB.
For all corresponding workstations we will call the former part A, and the latter, part B in short. Each workstation according to the invention is connected to the INTRANET-X network via part A. Local area network LAN2 includes, among other things, workstations 321, 322 and 323 according to the invention. Local area network LAN3 includes, among other things, workstations 331 and 332 according to the invention. These workstations 331, 332 have, in addition to part A
connected to the INTRANET-X, two separate protected processor units, parts B and C. The protected parts B in workstations 321, 322 and 323 are interconnected so as to form a small network of their own on the side of the intranet in question. To this pro-tected subnetwork there is further connected, through a protected and fixed connec-tion, part B of workstation 331 in the local area network LAN:3. In the local area network LAN3, parts C of at least workstations 331 and 332 are interconnected so as to form a protected network of their own. When building such protected "inner networks", there will be between the A and B parts, or A and C parts of an individual workstation an inter-network interface, which is impenetrable to viruses and such.
Within INTRANET-X there may also be, connected to it, individual workstations which may of course be conventional or in accordance with the invention. One such is workstation 391, connected to INTRANET-X via a node ND.
Fig. 3 further depicts a remote workstation 305 of an employee of the company in question, which workstation is in accordance with the invention and includes part A
from which a connection to INTRANET-X can be established through the Internet.
Furthermore, there is from the protected part B of the workstation 305 a connection CN to a conventional computer 306 for some special purpose. This connection CN
is realized e.g. through the telephone network.
Fig. 4 shows an example of an arrangement of cooperation of a computer according to the invention and a mobile station. In the Figure we see a computer 41 and a mobile station 42. The computer 41 comprises part A connected to a data network 43 and a protected part B. Part A includes the parts required by a.n outward-directed infrared link. The mobile station 42 is likewise equipped with an infrared apparatus so that it can be connected to the computer 41 through the infrared link 44.
Part A in the computer 41 further comprises software related to use of 'the link 44, which software is used e.g. to transfer the signals coming from the mobile station to the data network 43. Mobile stations are becoming more versatile, thanks to technologies like the infrared connections described above. When using a computer according to the invention, incidental passers-by, for example, cannot, by means of their mobile stations, gain access to protected information, which in Fig. 4 is located in processor unit B.
Fig. 5 shows in the form of flow diagram a method for transferring information in a system according to the invention. In step 51, a message from the network is received in processor unit PA. The message may have been sent by somebody else or picked by the user himself by means of a browser program, for instance. In step 52, it is checked whether the message is encrypted. If it is, it is checked whether or not the message has been altered. This step 53 is possible when using an encryption program that contains such a checking algorithm. If it is found out that the message has been altered, it is destroyed (step 58). If no changes are detected in the message, it is stored on a transfer medium by the processor unit PA (step 54). The transfer medium may be e.g. a diskette or printing paper. In the next step 55, processor unit PB is taken into use by means of the switch unit. In step 56, th.e message is taken from the transfer medium to the processor unit PB. If the message was stored on a diskette, the latter is inserted in a diskette drive connected to the protected processor unit PB and the message is transferred from the diskette into memory. If the mes-sage was stored on printing paper, the latter is inserted in a scanner connected to the protected processor unit PB, converted into electrical format by the scanner, and transferred into the memory of the processor unit PB. In the next step 57 the mes-sage is decrypted. So, the principle is that only encrypted messages, which are found not to have been altered, are taken to the protected processor unit to be used there. If an incoming message is unencrypted, it is just stored, according to step 59, on the fixed disk of processor unit PA to be examined in unit PA.
In accordance with steps 51 to 57 it is also possible to arrange a transfer within the intranet from a machine to another so that an unauthorized party will not have access to the information. It may be stated as a rule that no information shall be taken unencrypted from the processor unit PB to the processor unit PA which serves as network machine.
Some solutions according to the invention were described above. The invention is not limited to the application of processor units according to the invention in other-wise conventional computers. The processor units may also be located in a mobile station, for example. The invention may be modified in many ways within the scope defined by the independent claims.
from which a connection to INTRANET-X can be established through the Internet.
Furthermore, there is from the protected part B of the workstation 305 a connection CN to a conventional computer 306 for some special purpose. This connection CN
is realized e.g. through the telephone network.
Fig. 4 shows an example of an arrangement of cooperation of a computer according to the invention and a mobile station. In the Figure we see a computer 41 and a mobile station 42. The computer 41 comprises part A connected to a data network 43 and a protected part B. Part A includes the parts required by a.n outward-directed infrared link. The mobile station 42 is likewise equipped with an infrared apparatus so that it can be connected to the computer 41 through the infrared link 44.
Part A in the computer 41 further comprises software related to use of 'the link 44, which software is used e.g. to transfer the signals coming from the mobile station to the data network 43. Mobile stations are becoming more versatile, thanks to technologies like the infrared connections described above. When using a computer according to the invention, incidental passers-by, for example, cannot, by means of their mobile stations, gain access to protected information, which in Fig. 4 is located in processor unit B.
Fig. 5 shows in the form of flow diagram a method for transferring information in a system according to the invention. In step 51, a message from the network is received in processor unit PA. The message may have been sent by somebody else or picked by the user himself by means of a browser program, for instance. In step 52, it is checked whether the message is encrypted. If it is, it is checked whether or not the message has been altered. This step 53 is possible when using an encryption program that contains such a checking algorithm. If it is found out that the message has been altered, it is destroyed (step 58). If no changes are detected in the message, it is stored on a transfer medium by the processor unit PA (step 54). The transfer medium may be e.g. a diskette or printing paper. In the next step 55, processor unit PB is taken into use by means of the switch unit. In step 56, th.e message is taken from the transfer medium to the processor unit PB. If the message was stored on a diskette, the latter is inserted in a diskette drive connected to the protected processor unit PB and the message is transferred from the diskette into memory. If the mes-sage was stored on printing paper, the latter is inserted in a scanner connected to the protected processor unit PB, converted into electrical format by the scanner, and transferred into the memory of the processor unit PB. In the next step 57 the mes-sage is decrypted. So, the principle is that only encrypted messages, which are found not to have been altered, are taken to the protected processor unit to be used there. If an incoming message is unencrypted, it is just stored, according to step 59, on the fixed disk of processor unit PA to be examined in unit PA.
In accordance with steps 51 to 57 it is also possible to arrange a transfer within the intranet from a machine to another so that an unauthorized party will not have access to the information. It may be stated as a rule that no information shall be taken unencrypted from the processor unit PB to the processor unit PA which serves as network machine.
Some solutions according to the invention were described above. The invention is not limited to the application of processor units according to the invention in other-wise conventional computers. The processor units may also be located in a mobile station, for example. The invention may be modified in many ways within the scope defined by the independent claims.
Claims (16)
1. An arrangement to improve the information security of a computer, which ar-rangement comprises at least a first (PA) and a second (PB) processor unit and a switch unit (16) to select the processor unit to be used at a given time, which processor units have separate fined disk drives, and the first of which processor units has means for providing connection to a public data network and the second processor unit of which is a data-secure unit, characterized in that - said processor units are within the same housing (1), - said processor units have separate power supplies (21, 22) for preventing the acquiring of information based on changes of the supply voltage, - said processor units each have an interface for an electrically isolating transfer medium for transferring information between the processor units, - said processor units have shared keyboard, mouse and display interfaces, - said switch unit has means for connecting said interfaces to one of said processor units, - the arrangement further comprises an indicator to indicate the processor unit cur-rently in use, and - the first processor unit comprises means for checking whether the received message is encrypted and for detecting alterations in an encrypted file, and said second processor unit comprises means for encrypting and decrypting information.
2. An arrangement according to claim 1, in which both the first and second processor units have got separate diskette drive interfaces of their own, character-ized in that said electrically isolating transfer medium is a portable magnetic diskette.
3. An arrangement according to claim 1, in which the first processor unit has a printer interface and the second processor unit has a scanner interface, character-ized in that said electrically isolating transfer medium is printing paper.
4. An arrangement according to claim 1, characterized in that the first processor unit has a different operating system than the other processor units.
5. An arrangement according to claim 1, characterized in that said means of the switch unit for connecting the interfaces includes a manual switch (17).
6. An arrangement according to claim 1, characterized in that said means of the switch unit for connecting the interfaces includes an identification circuit for a keyboard-originated code of at least four characters.
7. An arrangement according to claim 1, characterized in that said indicator is a pair of light emitting diodes (23, 24).
8. An arrangement according to claim 1, characterized in that said indicator is a device generating certain sound signals.
9. A second processor unit (321B) according to claim 1, characterized in that it further comprises means for providing connection to at least one other similarly protected processor unit (322B, 323B, 331B).
10. An arrangement according to claim 1, characterized in that it comprises in addition to a first processor unit (331A) at least two protected processor units (331B, 331C).
11. An arrangement according to claim 1, characterized in that said first proces-sor unit (41A) comprises an interface to an infrared link (44) and software means for transferring information via said link.
12. A mobile station comprising a first and a second processor unit and a switch unit for selecting the processor unit to be used at a given time, only the first one of which processor units has means for connecting to a mobile communications network, characterized in that - in connection with both said processor units there is a separate drive for a portable storage medium, - said mobile station has a keyboard and display shared by its processor units, - said switch unit has means for connecting said interfaces to either one of said processor units, and - the arrangement further comprises an indicator to indicate the processor unit in use at a given time.
13. A method to improve the information security of a computer, which computer comprises a first and a second processor unit and a switch unit to select the proces-sor unit to be used at a given time, the both processor units having fixed disk drives of their own and the first processor unit having means for providing connection to a data network and for detecting alterations in an encrypted file and the second processor unit having means for encrypting and decrypting information, charac-terized in that said computer further comprises keyboard, mouse and display inter-faces shared by said processor units and that in the method - a message from the network is received (51) at the first processor unit, - it is checked (52) whether said message is encrypted, - it is checked (53) whether the encrypted message has been altered, - the message is stored (54) on a transfer medium if the message is encrypted and unaltered, - a control is given (55) to said switch unit such that said interfaces become con-nected to the second processor unit, - the message is read (56) from said transfer medium into the second processor unit, - said message is decrypted (57) in the second processor unit, and - the message is stored (59) on the fixed disk of the first processor unit if the mes-sage is unencrypted.
14. A method according to claim 13, characterized in that said transfer medium is a magnetic diskette.
15. A method according to claim 13, characterized in that said transfer medium is printing paper.
16. A method according to claims 13 and 15, characterized in that said printing paper is read in a scanner to transfer the message to the second processor unit.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FI990851 | 1999-04-16 | ||
| FI990851A FI990851A0 (en) | 1999-04-16 | 1999-04-16 | Device and method for improving computer security in computers |
| FI20000456A FI109154B (en) | 1999-04-16 | 2000-02-28 | Device and method for improving data security |
| FI20000456 | 2000-02-28 | ||
| PCT/FI2000/000310 WO2000063778A1 (en) | 1999-04-16 | 2000-04-12 | Arrangement and method to improve information security |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2370603A1 true CA2370603A1 (en) | 2000-10-26 |
Family
ID=26160733
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002370603A Abandoned CA2370603A1 (en) | 1999-04-16 | 2000-04-12 | Arrangement and method to improve information security |
Country Status (7)
| Country | Link |
|---|---|
| EP (1) | EP1196851A1 (en) |
| JP (1) | JP2002542537A (en) |
| AU (1) | AU3968500A (en) |
| CA (1) | CA2370603A1 (en) |
| FI (1) | FI109154B (en) |
| HK (1) | HK1047325A1 (en) |
| WO (1) | WO2000063778A1 (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6578140B1 (en) * | 2000-04-13 | 2003-06-10 | Claude M Policard | Personal computer having a master computer system and an internet computer system and monitoring a condition of said master and internet computer systems |
| DE10153402A1 (en) * | 2001-11-01 | 2003-05-15 | Kai Dorau | Method for secure exchange of electronic data in an online process, whereby access to the hard drive or storage unit is switched off when a processor has an online connection via a data line |
| EP1811387A4 (en) | 2004-08-25 | 2016-04-13 | Nec Corp | Information communication device, and program execution environment control method |
| WO2006134691A1 (en) | 2005-06-17 | 2006-12-21 | Nec Corporation | Information processing device, restoration device, program and restoration method |
| AT502414B1 (en) * | 2005-09-20 | 2007-03-15 | Diaplan Elektronic Gmbh | SECURITY SYSTEM |
| JP2010532588A (en) * | 2007-01-22 | 2010-10-07 | シモン ヨフェ | Security switch |
| US10930452B2 (en) | 2018-06-29 | 2021-02-23 | Purism | Electronic kill and physical cover switch |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5144692A (en) * | 1989-05-17 | 1992-09-01 | International Business Machines Corporation | System for controlling access by first system to portion of main memory dedicated exclusively to second system to facilitate input/output processing via first system |
| EP0794639A3 (en) * | 1996-02-14 | 2001-01-31 | Mitsubishi Denki Kabushiki Kaisha | Data security method and system |
-
2000
- 2000-02-28 FI FI20000456A patent/FI109154B/en not_active IP Right Cessation
- 2000-04-12 EP EP00918906A patent/EP1196851A1/en not_active Withdrawn
- 2000-04-12 AU AU39685/00A patent/AU3968500A/en not_active Abandoned
- 2000-04-12 CA CA002370603A patent/CA2370603A1/en not_active Abandoned
- 2000-04-12 JP JP2000612827A patent/JP2002542537A/en active Pending
- 2000-04-12 WO PCT/FI2000/000310 patent/WO2000063778A1/en not_active Application Discontinuation
-
2002
- 2002-10-15 HK HK02107464.0A patent/HK1047325A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| FI109154B (en) | 2002-05-31 |
| FI20000456A0 (en) | 2000-02-28 |
| WO2000063778A1 (en) | 2000-10-26 |
| EP1196851A1 (en) | 2002-04-17 |
| FI20000456A (en) | 2000-10-16 |
| JP2002542537A (en) | 2002-12-10 |
| AU3968500A (en) | 2000-11-02 |
| HK1047325A1 (en) | 2003-02-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6351810B2 (en) | Self-contained and secured access to remote servers | |
| US7752662B2 (en) | Method and apparatus for high-speed detection and blocking of zero day worm attacks | |
| US5896499A (en) | Embedded security processor | |
| US6721890B1 (en) | Application specific distributed firewall | |
| US8281114B2 (en) | Security system with methodology for defending against security breaches of peripheral devices | |
| US7788235B1 (en) | Extrusion detection using taint analysis | |
| US20050235348A1 (en) | System for preventing unwanted access to information on a computer | |
| EP2031823B1 (en) | Phishing notification service | |
| CA2370603A1 (en) | Arrangement and method to improve information security | |
| US7565690B2 (en) | Intrusion detection | |
| Fenzi et al. | Linux security HOWTO | |
| Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
| Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
| Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
| Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
| Cisco | CiscoSecure ACS 2.1 for UNIX Release Notes | |
| Foo et al. | Security considerations in the delivery of Web‐based applications: a case study | |
| JP2004104739A (en) | System for virus and hacker invasion preventive mechanism, invasion prevention method, and information processing apparatus | |
| Ahmad et al. | Design of a Network-Access Audit Log for Security Monitoring and Forensic Investigation. | |
| US20080148385A1 (en) | Sectionalized Terminal System And Method | |
| Schifreen | How hackers do it | |
| Gwinn | Network Security For Trade Shows | |
| Allen et al. | Securing Network Servers | |
| Brotzman | Wrap a security blanket around your computer | |
| Shermis et al. | Security for Web-Based Tests. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| FZDE | Discontinued |