RU15613U1 - SYSTEM OF PROTECTION OF THE CORPORATE COMPUTER NETWORK FROM SUBJECTLY ORIENTED UNAUTHORIZED INFLUENCES OF HIDDEN SOFTWARE AND HARDWARE - Google Patents

Abstract

A system for protecting a corporate computer network from subject-oriented unauthorized influences of hidden software and hardware, comprising a device for protecting the integrity of the processes of interaction between a local and global networks, connected between a local computer network of a corporate computer network and a global network, characterized in that the device for protecting the integrity of the processes of interaction between a local and the global network contains the first buffer block connected in series through the input-output ports , a security server, a second buffer unit, the first buffer unit through the input-output ports of the first workstation connected to the first local area network of the corporate network, and the second buffer unit through the input-output ports of the second workstation and the global network the second local area network of the corporate computer network, while the first and second buffer blocks contain one low-power trusted processor for linear conversion of the processed information, and the security server contains m a sensible untrusted processor for processing linearly transformed information circulating between local segments of a corporate computer network.

Description

A system for protecting a corporate computer network from subject-oriented unauthorized influences of hidden software and hardware.

The proposed utility model relates to computer technology, in particular to systems that interconnect several computing devices that form a corporate computer network.

A device is known comprising a pattern generator, a random access memory for storing a pattern with a blocking unit, a code converter, an instruction decoder, an address decoder, a command register, and a pattern write buffer. However, this device is not able to prevent the unauthorized effect of hidden software and hardware on the media (RF patent G "2146834, CL G 06 F 12/14).

Closest to the proposed technical solution is a system for ensuring the integrity of information of computing devices, comprising a file system integrity protection unit, system integrity control units for users and processes in the system, and an integrity system control unit. This technical solution does not provide a multilevel design from the subject-oriented effects of hidden software and hardware in the system of local area networks included in the global network (RF patent f 2145727, class C 06 F 12/16 - prototype).

The proposed utility model solves the technical problem of separating program codes and data in general-purpose computers and providing multi-level protection of computer functions in the interworking and eliminating hidden channels of information leakage into the network through unauthorized actions.

The stated technical problem is solved by the fact that in the system the corporate computer network is protected from subject-oriented unauthorized influences of hidden software and hardware, containing a device for protecting the integrity of the processes of interaction between the local and global networks, connected between the local computer network of the corporate computer network and the global network, the first buffer block, the security server, the second buffer block, connected in series through the input-output ports k, and the first buffer unit through the input-output ports of the first workstation is connected to the first local area network of the corporate network, and the second buffer block through the input ports of the output of the second workstation and global network is connected to the second local area network of the corporate computer network, while the first and the second buffer blocks contain one low-power trusted processor for linear conversion of the processed information, and the security server contains a powerful untrusted line processor yno-transformed information circulating between local segments of a corporate computer network.

This implementation of the protection system of a corporate computer network from subject-oriented unauthorized influences of hidden software and hardware is provided due to the following circumstances,

Let two segments of the local network and the possibility of their connection over the global network be given. Users and information within local segments are single-level, Inmaid I am valuable. The global network has a lower level of trust. An unauthorized consumer does not have physical access to local segments of the local computer network and aims to obtain valuable information while in the global network. The hardware and software are imported, and the other side has all the information about undocumented capabilities of software and hardware. We assume that in each software and hardware environment there is a robot agent that is implemented by some program and is invisible for the means of protecting computers and a local network.In the presence of contact with the opposite side in the global network, the robot agent receives instructions and additional programs for processing data, and also transmits valuable information to the other party in the global network.

It can be assumed that the intellectual abilities of the opposite side in the global network are large enough to open simple ciphers, figure out data and software, and fake authentication codes. At the same time, the capabilities of the robot agent are limited in the absence of communication with the opposing party in the global network and are equal to these opportunities in the presence of such a connection. Without the presence of an adversary in the global network, the robot agent is not focused on specific applications, especially if they are not standard applications of imported software. Therefore, it is legitimate to assume that a robot agent without communication with the opposite side will not be able to understand the structure of non-standard data and restore the simplest parameters of transformations that are not explicitly specified,

The connection of the robot agent with the opposite side in the global network can be carried out using undocumented processor programs invisibly for funds and using one of the following types of channels, which are:

-legal channel - a regular channel for transmitting packets from segment to segment through the global network;

semi-illegal channel - use of the standard channel by encoding the transmitted information in the values of the transmitted parameters

information and communication parameters;

- Illegal channel - an abnormal method of transmitting messages to an outside segment of a local network.

The task is to create a connection between segments of the local network through the global network, preventing leakage of valuable information to the other side in the global network using the above transmission channels. This will solve the above technical problem.

It is assumed that information protection can rely on a trusted software and hardware environment of domestic production of low productivity and capable of implementing the calculation of simple functions. Communication of local segments through the global network is as follows. At the junction of each segment of the local network and the global network, a security server is installed. On the global network, the opposite side has the ability to intercept all traffic between the 11th segments of the local network or transfer information to the security server to manage the opposite side agents in the local network and in the security server, В each segment of the local network can be operated by a robot agent, seeking to transfer information from the segment of the local network to the opposite side and tracking incoming information4) identifying instructions from her. Both the robot agent and the opposing side will test various possibilities for organizing interaction channels,

In the security server, it is possible to have a robot agent, which in the absence of protection organizes the interconnection of the local network and the protected side.

The main idea of the technical solution is to prevent the robot agent of the local network or the opposing side from managing the robot agent of the security server, due to the fact that it does not have the intellectual ability to analyze

semantics of messages, its isolation can be implemented by converting messages in the security server processing path to an unknown way to the opposite side, the Robot Agent of the security server is not a priori oriented to implemented applications and does not have the intelligence to restore message transformations, in this case, commands from outside sent for it control over legal and semi-legal channels cannot be perceived by this robot agent. An illegal channel is cut off by autonomous control in the first and second buffer blocks. Thus, despite the presence of a robot agent, the security server performs its functions or does not work at all, the Robot Agent of the local network, due to encryption, cannot communicate with the other party in the global network. Thus, the security server implements two-level protection, where the processed information is at the lower untrusted level, and the processing programs are at the upper trusted level.

The proposed utility model is illustrated by the circuit shown in FIG.

The system for protecting a corporate computer network from object-oriented unauthorized influences of hidden software and hardware contains device I for protecting the integrity of the processes of interaction between local and global networks, in which the first buffer unit 2, security server 3, and the second buffer unit 1 4 are connected sequentially through the input-output ports 1, Device I connected to the input-output ports of the first buffer unit 2 with the first workstation 5 and through it to the first local network b, and the input-output ports of the second buffer through the ports block 4 with a second workstation 7 and through it with a global network 8, while each of the buffer blocks 2 and 4 contains one low-power trusted processor 9 and 10, respectively. Similarly, any local area network of a corporate computer network, for example, a second local area network II through a third station 12 and a second security device 13, a fourth work station 14 can be connected to a global network 8. Local networks 6 and II are parts of a corporate computer network that are connected through global network 8, the proposed system operates as follows. Information from the first local area network b for transmission to the global network 8 is presented in the form of a packet, which arrives at the first station 5, where it is prepared, for example, as follows;

-all service fields are highlighted by flags of a given type;

-all information in the fields is presented as a sequence of bytes;

The sequence transmitted to the first buffer block 2 is a sequence of bytes.

Buffer block 2 performs the following conversions with each byte:

-convert byte to byte using linear AI conversion;

- calculation of the converted byte by linear transformation A2 of the byte, which is the authentication code (MAC);

- Forwarding a sequence of byte pairs (converted MAO byte to security server 3 via 232 interface.

Security Server 3 performs the following functions:

-analysis of the sequences placed between the flags of the packet fields for their correctness;

-analysis for permission to pass the packet (filtering);

-routing, which includes the formation of a new address of the sender and recipient;

- encryption using the gamma of one-time use of each byte of the received packet, as well as the addition of the MAC of this byte with the MAC of the gamma for this byte;

-formation of a new packet in the form of a sequence of bytes, the fields are separated by flags;

- transfer of a sequence of bytes to the second buffer block 4 via the RS 232 interface,

The second buffer unit 4 checks the authentication codes using a linear transformation A2. If the MACs do not match or are absent, then the JOption is destroyed. After checking, authentication codes are destroyed, and message bytes are converted by linear conversion (AI). From the second buffer block 4, the sequence of bytes of the fields of the new packet is transmitted to the second workstation 7 via the RS 232 interface, which converts the information between the flags into the fields of the standard packet and transfers to the global network 8, Information backtracking from the global network 8 can occur to any local network that is part of the corporate computer network, i.e., either to the first local network b or to the second local network II through a second station 7 or a fourth workstation 14, respectively, in which the packet is converted into a sequence of bytes at the receiving ends, where the fields are highlighted with special flags, and transmitted to the second buffer blocks of protection devices I or 13, respectively, in the security servers of these devices I or 13 the gamma is subtracted and the geisha authentication code is subtracted from the authentication code of the byte received. In the converted form, the packet is sent to the first buffer block of devices I or 13, where authentication codes are checked, flags are discarded, and the packet is transmitted to the first station 5 or third workstation 12, from which the packet is transmitted to the recipient - either the first local network 6 or the second local network II

Thus, when using the proposed system, the protection of the corporate computer network is ensured due to the fact that with the help of trusted processors when converting the processed information in a computer, all channels for transmitting control signals and subject-oriented software for hidden firmware are eliminated in systems that implement interworking and T81 also for transmitting information from hidden firmware from a protected computer environment, following Wie means that these hidden due to low intellectual abilities can not carry out the theft and organization of information leakage via interconnection channels.

Claims (1)

A system for protecting a corporate computer network from subject-oriented unauthorized influences of hidden software and hardware, comprising a device for protecting the integrity of the processes of interaction between the local and global networks, included between the local computer network of the corporate computer network and the global network, characterized in that the device for protecting the integrity of the processes of interaction between the local and the global network contains the first buffer block connected in series through the input-output ports , a security server, a second buffer block, the first buffer block through the input-output ports of the first workstation connected to the first local area network of the corporate network, and the second buffer block through the input-output ports of the second workstation and the global network the second local area network of the corporate computer network, while the first and second buffer blocks contain one low-power trusted processor for linear conversion of the processed information, and the security server contains m a sensible untrusted processor for processing linearly transformed information circulating between local segments of a corporate computer network.