RU112789U1 - DEVICE FOR CONTROL AND WARNINGS ABOUT NO ACTIVE PROTECTION OF THE INFORMATIZATION OBJECT AGAINST INFORMATION LEAKAGE ON THE CHANNEL OF SIDE ELECTROMAGNETIC RADIATION AND TIPS - Google Patents

Abstract

The utility model relates to telecommunications, and more specifically to devices for protecting computer systems from unauthorized activity and can be used in various information systems and complexes, mainly as part of technical means and information processing systems (TSSOI) used at informatization facilities for processing information, for protect information from leakage due to secondary electromagnetic radiation and interference (PEMIN) arising from the operation of the aforementioned TSSOI.

The essence of the utility model lies in the fact that in a known device consisting of a USB port, a switch, a microcontroller (MK), a USB key, a current sensor (DT), an electrical outlet (ESD) and an electric power plug (ESV), which is the input and the output is connected, respectively, to the supply network 220 V and the input of the DT unit, which is connected by the first and second outputs, respectively, to the ESD unit and the first port of the MK unit, which is connected by the second port to the first port of the switch, which is connected by the second and third ports, respectively from USB to yuchom and a USB port for connecting to a personal electronic computer (PC), which is part of the technical means and information processing systems (TSSOI) operated at the object of informatization (OI), in addition, the USB key node is made with the possibility of using it as a means hardware authentication and identification, providing access control to the operating system and the interface of the aforementioned PC, the DT node is capable of non-contact measurement of the alternating current passing through it and the formation of input voltage proportional to the current passing through the load connected to the ESD unit, which is configured to connect to it the power supply circuit of the active protection equipment (TSAZ) used to mask the side electromagnetic radiation (PEMIN) generated during the operation of the mentioned TSSOI, MK unit made with the possibility of processing the voltage coming from the host DT, and the formation of signals for switching the USB key to the USB port, additionally introduced a computer port (KP) and power non-independent memory (EIT), which is connected by its port to the third port of the MK node, which is connected to the KP node by the fourth port, while the MK node is configured to operate under a program that emulates a computer port (KP) and supports information exchange through it A personal computer for recording in the node of the electronic interface a virtual threshold for the response of the system (VPRS), which corresponds to such a mode of operation of the TSAZ, which ensures the creation of an electromagnetic field (EMF) with a level sufficient to mask the aforementioned PEMIN, control access to the operating system and PC interface, depending on the operating modes of the TSAZ connected to the ESR node as a load, by monitoring the current value of the current in the load (TZTN) and comparing it with the value of VPRS, and, under the conditions and when TZTN≥VPRS or TZTN <VPRS, emulation, respectively, connecting or disconnecting a USB key to a USB port. The essential features introduced made it possible to significantly increase the level of information protection against leaks through the PEMIN-type technical channel by blocking access to the TSSOI functions used at the OI to process information in the event of a decrease below the preset EMPS providing masking of the PEMIN that are formed during operation of the mentioned TSSOI .

Description

The utility model relates to telecommunications, and more specifically to devices for protecting computer systems from unauthorized activities and can be used in various information systems and complexes, mainly as part of technical means and information processing systems operated at informatization facilities, to protect against information leakage due to spurious electromagnetic emissions and interference.

When processing information at the objects of informatization (OI) [L1, L2] using computer technology (SVT) and various technical means and information processing systems (TSSOI), the urgent task is to protect the OI from information leaks through various channels. Moreover, according to [L3], much attention is paid to issues related to the masking of secondary electromagnetic radiation and interference (PEMIN), which are created in the process of functioning of technical means and information processing systems operated at the computerization facility. This is due to the fact that through the interception and analysis of the information components contained in the PEMIN, unauthorized access to information circulating at the TSSOI can be organized. Moreover, TSSOI used at informatization facilities may include typical computers (PCs), workstations (PCs), personal computers (PCs), workstations (AWS) and other technical means and systems used by authorized personnel on OI for processing and transmission of information. It is known that the information circulating in the OI during its processing and transmission using TSSOI is often the object of “hunting” for unauthorized individuals (PFL), business competitors, and other intruders who are trying to gain unauthorized access (NSD) [L2, L3 ] to the system and information resources of both the OI as a whole, and to the TSSOI in particular. Moreover, a wide variety of methods, technologies and technical means can be used to implement unauthorized access, among which the most dangerous, due to the high stealth of use, is the technical channel. Under the technical channel of information leakage (TKUI), according to [L4, L5], we mean the combination of the reconnaissance object, reconnaissance hardware (TCP) and the physical environment in which the information signal is distributed. That is, by TKUI they mean a method of obtaining reconnaissance information about an object using TCP.

At the physical level, TSSOIs may also include stationary equipment, peripheral devices, connecting lines, distribution and communication devices, power supply systems and grounding systems. With the functioning of the TSSOI, objectively, as a by-product, conditions are created for the organization of TKUI, which is expressed in the formation of various types of secondary electromagnetic radiation and interference (PEMIN). According to [L6], PEMIN includes parasitic electromagnetic radiation of the radio range, electromagnetic interference on connecting lines and extraneous conductors that go beyond the controlled zone, leakage of information signals in the power and ground circuits.

According to the data from [L7], due to spurious electromagnetic radiation and interference, information can be read from a computer monitor at a distance of several hundred meters or more. You can also read information from the processor, keyboard, hard drive, disk drive, etc., so all cryptosystems become almost meaningless if you do not take appropriate active protection measures. Specialists of [L7-L10] note that radiation from computer elements and other technical means of the workstation is a fairly informative channel for information leakage, using which, by intercepting and decoding these emissions, PFLs can obtain information about all the information processed using TSSOI type PC.

Modern advances in the production technology of radio receivers, multichannel signal reception (both from different directions and at different frequencies), followed by their correlation processing, make it possible to ensure a sufficient range of information interception. The process of intercepting information circulating in the workstation, for example, by receiving spurious radiation from a composite monitor signal, is quite real. Moreover, methods are used to make the computer transmit the necessary information and not wait for the user to turn to confidential documents. This is solved as follows: the computer, which is part of TSSOI, is “infected” with a special program-bookmark of the Trojan horse type by any of the known methods using virus technology: through a presentation CD, an interesting program or toy, a driver disk, and through any of the communication channels to which TSSOI are connected (local network, Internet, etc.). Further, the Spy program [LI] searches for the necessary information on the PC disk and, by accessing various computer devices, causes the appearance of spurious emissions. For example, a Spy program can embed a message in a composite monitor signal, while the user, playing a favorite game such as Solitaire, does not even suspect that confidential text messages or images can be inserted into the image of playing cards. With the help of a special receiving device, interception of spurious radiation from the monitor and the selection of the desired useful signal can be provided.

The conducted experimental studies have confirmed such a possibility of obtaining confidential information. This is one of the technology options for covert data transmission through the channel of spurious electromagnetic radiation using software. The technology proposed by Cambridge scientists, in essence, is a kind of computer steganography, i.e. method of covert transmission of useful messages in harmless video, audio, image and text files. A feature of the technology is the use of the PEMIN channel for data transmission, which greatly complicates the detection of the fact of unauthorized transmission in comparison with traditional computer steganography. So, if there are hardware and software tools (FireWall, Proxy server, etc.) to prevent unauthorized data transmission over a local area network or the Internet, then there are no means to detect hidden data transmission via PEMIN, and to detect such radiation in general broadband the spectrum (over 1000 MHz) of spurious PC emissions, without knowing the parameters of the useful signal, is very problematic. The main danger of the technology for transmitting confidential information using PEMIN is the secrecy of the virus program. Such a program, unlike most viruses, does not "spoil" the data, does not disrupt the operation of the PC, does not send out unauthorized data distribution over the network, which means that it is not detected by the user and network administrator for a long time. Therefore, if viruses that use the Internet for data transfer manifest themselves almost instantly, and they quickly find an “antidote” in the form of anti-virus programs, then viruses that use PEMIN for data transfer can work for years without detecting themselves, controlling the radiation of almost any computer element. Studies have shown that most of the elements of a computer, keyboard, mouse-type manipulator, printer, and other technical devices contained in TSSOI can form PEMIN. At the same time, the signals emitted by these devices can be intercepted without significant costs, since the information in these devices is transmitted by a serial code, all parameters of which are standardized and well known.

As the studies showed, protecting the object of information from information leaks through the technical channel of the PEMIN type, which are formed and distributed outside the OI (is transmitted on the air from computer monitors, is distributed over wired and cable systems, etc. during the operation of the TSSOI, is a very difficult task .

The complexity of solving the problem of protecting the OI, where TSSOI is used, from information leaks through the technical channel of the PEMIN type, consists of the following contradictions. So, to carry out work on the OC using TSSOI, that is, to use TSSOI for its intended purpose, they must be turned on (activated). During the operation of TSSOI, PEMIN arise (as a by-product), which is due to the existing physical laws, that is, objective reasons. The presence of PEMIN forms a technical channel for information leakage from OI. Therefore, to eliminate leaks of information from OI due to PEMIN, all used TSSOIs must be turned off (deactivated). In this case, TSSOI cannot be used for its intended purpose, also for objective reasons.

An information search showed that the well-known technical solutions that are used to solve the problem associated with the protection of informatization objects and the TSSOI used on them from information leaks through the PEMIN channel generated during the operation of TSSOI have low efficiency. This is due to the following factors.

In the study of issues related to the protection of OI from information leakage through a PEMIN-type channel, a model was studied whose main components that affect the information security of OI are conditionally presented in the form of three constituent links "TSSOI - users - TSAZ". Here, TSAZ refers to a technical means of active protection, which, according to the definition of OI, can be an integral part of it and be part of the means of ensuring information security of OI. Most often, various radio noise generators are used as TSAZ [L 12], which in the local area of the OI can form an electromagnetic noise field (EMF) in a wide frequency band, overlapping in frequency and power of the PEMIN arising during the operation of the TSSOI, and thereby ensuring masking the spectral components of PEMIN from the interception of intruders by radio means.

As studies have shown, the effectiveness of information protection of the presented system model substantially depends on the “users” link. The influence of this link on the overall system is manifested in the consequences of user actions, which is often called the influence of the “human factor” (Black Sea Fleet).

It is established that the manifestation of the aforementioned BSF can be prompted by various reasons, and is expressed in the form of unregulated actions of personnel (NDP), allowed to operate TSSOI at informatization facilities. In this case, the most dangerous, from the point of view of influence on the information security of the information system, is the operation by the personnel of the TSSOI without masking the PEMIN created by these TSSOI, that is, when the products are deactivated (turned off, out of order, working in low power mode, etc. products TSAZ).

That is, one of the significant manifestations of the consequences of the Black Sea Fleet is the deactivation of technical active protection equipment (TSAZ) and the creation of conditions at the computerization facility for information leakage due to PEMIN. What can be caused by elementary negligence and negligence of the personnel operating TSSOI. There are also known cases of deliberate shutdown (deactivation) of TSAZ due to the belief that the radiation it creates adversely affects people's health. Insiders [L13] can also perform similar actions to deliberately form a technical channel for information leakage from an object of informatization and create conditions for unauthorized access to information resources of both OI and TSSOI. That is, due to forgetfulness, absent-mindedness, dishonesty, negligence, negligence or intentionally (intentionally) and for other reasons, TSSOI users, in the process of performing work on the OI, may violate the working regulations, that is, do not install and do not update the anti-virus software in a timely manner software (software), do not activate TSAZ in a timely manner and do not perform work on their configuration and maintenance. As a result of this, the operation of TSSOI on the OI can be carried out without protection from viruses and other Spy programs, as well as without masking the aforementioned PEMIN, which may damage the information security of the OI (information may leak from the OI through a PEMIN type technical channel) .

Studies have shown that eliminating the influence of the “human factor” on the effectiveness of protecting an informatization object from information leaks through a PEMIN-type channel is a difficult task. So, in order to eliminate the influence of the aforementioned Black Sea Fleet, the admission of personnel to the TSSOI should be prohibited. To use the TSSOI as intended, the admission of personnel to the TSSOI must be allowed.

According to the authors, the information security of the OI (protection against leaks through the PEMIN channel) can be significantly increased on the basis of the “amplification” of the mentioned “users” link. For this, technical means (TS) can be used that implement monitoring and warning about the absence of active protection of the computerization object from information leaks through the side electromagnetic radiation channel and interference. Implementation using the mentioned TS functional link between access to the TSSOI interface and TSAZ activity can neutralize the consequences of the BS. At the same time, the implementation of the functional relationship between access to the TSSOI interface and TSAZ activity can provide effective control and warning of the absence of active protection of the computerization object from information leakage through the PEMIN channel that occurs during the operation of the TSSOI.

Studies have shown that well-known technical solutions used to ensure the information security of informatization facilities have low efficiency of protection against information leaks through a PEMIN-type channel, therefore, the search for new solutions that implement more advanced control and warning about the lack of active protection of the informatization object from information leakage channel PEMIN arising from the functioning of the TSSOI is an urgent task.

From technology [L14], a complex of technical means and information processing systems is known (complex), the main component of which is a personal electronic computer (PC). The complex is configured to install and operate on a PC software in the form of an operating system (OS) that provides control of the functions of software and hardware, the formation of a user interface with the possibility of input and / or output of information, software for processing user information and software to protect system and information resources from viruses.

The work of the complex is carried out in a standard way. System software, for example, such as Windows 2000 / XP / Vista, is installed on the computer, the drivers necessary for the operation of hardware, for example, keyboards, printers, displays, etc. are also installed. Then, in accordance with the type of information processed on the system, it is installed ( installed) application software, for example, for the preparation and processing of textual information (creating documents, presentations, etc.), an office software package, for example, Microsoft Office, can be installed in the OS. As a means to protect the system’s and information resources of the complex, anti-virus software is used.

The disadvantage of this complex is its low level of information protection against leakage through the technical channel of the PEMIN type, which are formed during the operation of the complex.

This is due to the action of the following factors. So, when organizing a technical channel for information leakage, Spy programs and by-products of the functioning of the technical facilities of the complex, which are PEMIN, can be used. However, in this complex, protection against information leakage through a technical channel is solved only by identifying and neutralizing Spy programs, viruses and other software tools that can be used to organize an information leakage channel of the PEMIN type. At the same time, the means of suppressing / masking PEMIN created during the operation of the workstation are absent in this complex, which significantly reduces the efficiency of protecting the computerization object from leaks through the technical channel of the PEMIN type.

Additional factors that reduce the effectiveness of the complex’s protection from information leaks through the PEMIN channel are the fact that cybercriminals constantly create and use more and more new types of viruses and other malicious programs to attack computerized objects, moreover, creating and putting into practice “antidotes” for new viruses it is always carried out with a delay in time. This leads to the fact that for some time a new virus can perform its malicious function unhindered. The situation is aggravated by the presence and effect of the previously mentioned subjective factor, that is, the inertia in the actions of personnel performing work on the complex, and prone to ignoring procedures for timely updating of antivirus software.

The disadvantages of this complex, which significantly affects the effectiveness of its protection against information leaks through the PEMIN channel, include the fact that the operation of the complex can continue regardless of its degree of protection against information leaks. In the best case, anti-virus tools can generate visual messages about the need to update anti-virus tools on the screen of the monitor, which is part of the complex. As you know, such messages are often ignored by many users of the complexes.

A system analysis of the use of this complex at the informatization facility has shown that its information security is substantially affected by the mentioned BSF. The ability to neutralize the Black Sea Fleet by technical means is absent in this device. The TSSOI users perform the functions of monitoring the state of the means of protection against leakage through the PEMIN channel. The influence of the Black Sea Fleet on the information security of the OI in this device is high, which significantly reduces the effectiveness of protecting the OI from information leaks during the operation of the TSSOI.

In this complex, there is no possibility of software and hardware monitoring and warning about the absence of active protection of the object of informatization from information leakage through the PEMIN channel, which are formed during the operation of the TSSOI operated at OI.

A complex of technical means and information processing systems (hereinafter referred to as the complex) consisting of a personal electronic computer (PC) connected to its USB key port and a radio noise generator (SRS) is known from the technology [L15]. At the same time, the PC unit is configured to install and operate software on it in the form of an operating system (OS) that provides control of the software and hardware functions of the complex, the formation of a user interface with the possibility of inputting and / or outputting information, software for processing information and software to protect information from viruses, data encryption software and software for performing trusted downloads shortcuts [L15] OS using hardware such as a USB key, which provides the possibility of authentication and user identification and access control to the program and information resources of the complex during the operation of the PC, in addition, the GRS node is configured to form in the local zone, which hosts the hardware nodes of the complex, the electromagnetic noise field (EMF) in a wide range of radio frequencies that overlap and mask the PEMIN, which are created and emitted by the ether during operation pparatnyh complex assemblies.

Basically, the functioning of this complex is similar to the previous product. This complex has the following operating features.

This is the use of a USB key. In order to gain access to the system and operational resources of the complex, this node must be detected by the operating system operating on a computer whose functions are performed by the PC node. Physically, for this, the user of the complex just needs to connect the USB key to the corresponding port of the PC.

This is the presence of a technical means of active protection (TSAZ), which is the main switchgear assembly. According to the regulations, this node must be activated by personnel during the operation of the complex to implement the protection of the object of information from information leaks due to PEMIN.

The operation of the complex begins with the fact that its user installs the USB key into the PC port, which is necessary for the authentication and identification procedure. In the absence / removal of a USB key, access to the program and information resources of the complex is blocked. Externally, this is manifested in the fact that if this key is not connected to the PC port, the OS does not boot, and if the key is removed (disconnected from the PC) with the OS already loaded, the system “freezes” - access to the operating system is blocked (the system does not respond on keystrokes of a keyboard, a mouse-type manipulator and requires the installation of a USB key for user authorization).

In addition, to start the operation of the complex, personnel need to activate (turn on) the GRS unit to ensure masking of the PEMIN emitted by the complex during its operation.

This complex partially eliminates the disadvantages of the previous product. This is achieved through the use of the following protective mechanisms.

This is the use of hardware to limit access to system and information resources, which is achieved by using a USB key. It is known that software protection tools are based mainly on the use of passwords that can be intercepted. In this complex, access to the mentioned system and information resources is possible only if a USB key is connected to the computer (PC). This allows, in cases where there is no USB key to be connected to the PC, to block direct access to the PFL complex, as well as to prevent information leakage using malicious software, which, as shown above, can use PEMIN for organizing NSDI to the object of informatization.

This is the use of technical means of active protection, which is the main switchgear assembly. The effectiveness of protecting information from leaks with the help of this unit is due to the possibility of creating with its help broadband radiation (EMF), which can significantly exceed the intensity of the PEMIN, which are formed and emitted during the operation of the hardware nodes of the complex and, thereby, ensure their masking.

The disadvantage of this complex is its low level of information protection against leakage through the channel type PEMIN, which are formed during operation of the complex. This is due to the presence and action of the following factors of an objective and subjective nature.

The main objective factor may include the possibility of operating the complex with deactivated means of active protection, for example, due to a failure or due to the shutdown of the main switchgear assembly. When using the complex for its intended purpose, a situation may arise in which the functions of the complex for processing information are fully preserved, while for one reason or another the SRM node is deactivated (turned off). That is, the violation of TSAZ functions is not connected and does not affect the ability to use the complex for its intended purpose. Obviously, the operation of the complex when the TSAZ is deactivated (turned off, faulty, etc.) creates a risk of information leaks due to PEMIN, since their suppression / masking at this time is not provided.

The main subjective factor is the dependence of the effectiveness of PEMIN masking on the actions of personnel operating and servicing the complex. That is, whether TSAC will be turned on, serviced, repaired, tuned, tested, etc. on time, all depends on the actions of those individuals (FL) who are required to do this. And since PLs are susceptible to fatigue, stress, forgetfulness, distraction, etc., the control of TSAZ functions can be quite low, because of which the complex can be operated without an activated PEMIN masking agent.

Therefore, the low level of protection of information from leaks through the PEMIN channel emitted by the TSSOI of this complex during its operation is due to the low reliability of the control of TSAZ activity used to mask the mentioned PEMIN, and the lack of control providing the ability to restrict access to the functions of the said TSSOI in the absence of activity of the aforementioned TSAZ.

In this complex, regardless of TSAZ activity, the possibility of using a personal computer to process information is retained. The operation of the complex when TSAZ is deactivated (switched off) significantly reduces the level of its information protection, since PEMIN is not masked and favorable conditions are created for information leakage through this PEMIN-type technical channel.

A system analysis of the use of this complex of technical means and information processing systems at the informatization facility showed that its information security, like the previous complex, is subject to the mentioned BS.

In this complex, there is no possibility of implementing hardware-software control and warning about the absence of active protection of the computerization object from information leakage through the PEMIN channel, which are formed during the operation of the TSSOI. The possibility of neutralizing the aforementioned unregulated actions of the Black Sea Fleet by technical means in this complex is also absent, since the control of the TSAZ, which provides masking of the PEMIN channel, is carried out by the TSSOI users themselves. The influence of the Black Sea Fleet on the information security of the OI in this complex remains high, which significantly reduces the effectiveness of protecting the OI from information leaks through the PEMIN channel during the operation of the TSSOI.

In the process of research, the authors focused on the search for technical solutions that provide the possibility of establishing a direct (functional) connection, implemented by technical means, between access to the TSSOI functions used at the OI for information processing, and the presence of TSAZ activity that provides PEMI masking, which are formed during the operation of TSSOI .

Studies have shown that the implementation, using technical means, of a functional connection between the main structural components that affect the information security (protection of the PEMIN channel) of an informatization object, allows the transformation of a model of the type “TSSOI-users-TSAZ” into a model of the type “TSSOI-UKPAZ-TSAZ”

Here, UKPAZ is understood as a technical means that provides control and warning about the absence of active protection of the computerization object from information leakage through the PEMIN channel.

According to the new model, in order to solve the problem of ensuring information security of information sources against information leaks through the technical channel of the PEMIN type, which are created during the operation of the TSSOI, it is necessary to control the operation of the TSAZ. At the same time, for the active protection of OI from information leaks on the PEMIN channel, the mentioned products, such as radio noise generators (SRS) [L17-L19], used to mask PEMIN, can be used. As a rule, TSAZ provide the formation in the surrounding space where technical means and information processing systems (TSSOI) are located and operate at the computerization facility, an electromagnetic noise field (EMF), which in the frequency range from 0.1 to 1000 MHz or more can provide PEMIN masking, that arise during the operation of the mentioned TSSOI. That is, protection against information leaks through the PEMIN channel is ensured by generating and emitting noise electromagnetic field into the surrounding space and by guiding the masking signal into the outgoing circuits and utilities

According to the new OI model, during the operation of the TSSOI with the help of UKPAZ, the TSAZ activity (operability) must be continuously monitored, moreover, when the TSAZ is turned off (deactivated, out of order, etc.), the UKPAZ device in one way or another should provide blocking of user access to the functions of the PC, forming and / or part of the TSSOI.

A patent search showed that from the technology [L20] a complex of information protection against unauthorized access via the PEMIN channel (complex) is known, consisting of a personal electronic computer (PC), a USB key, a radio noise generator (GRS), a microcontroller (MK), a radio module (RM), a switch, and an electrical network outlet (ESD), which is connected by an input and an output, respectively, to a 220 V power supply network and a power supply circuit of a main switchgear assembly, which is wirelessly connected via the EMF created by it to the input of the RM node, which its output is connected to the first port of the MK node, which is connected by the second port to the first port of the switch, which is connected by the second and third ports to the USB key and the USB port of the PC. At the same time, the PC unit is configured to install and operate software on it in the form of an operating system (OS) that provides control over the functions of the software and hardware used at the informatization facility (OI) for processing information, forming a user interface with giving it input options and / or output of information and software of trusted OS loading using a USB key, which provides authentication and user identification for managing access to said user interface and functions of said hardware used at the OI to process information. The HFS unit is made with the possibility of forming an electromagnetic field (EMF) in a wide range of radio frequencies masking PEMIN, which are formed and propagated in the physical environment during the operation of the mentioned hardware used on OI for information processing. The RM node is configured to receive and broadband demodulation of the electromagnetic field generated and radiated by the main distribution module. The MK node operates according to a program that provides the ability to analyze and process signals coming from the RM node, identify the activity of the GRS node by the EMF created by it, and emulate connecting / disconnecting a USB key using a switch to allow or block access to the PC interface, respectively, if or absence of said EMF.

This device operates as follows. In preparation for operation, a software package (software) is installed on the PC node, including the installation of an operating system (OS) that provides control over the functions of the software and hardware used on the information processing unit, the formation of a user interface with the possibility of input and / or information output, installation of software oriented to the processing of information necessary for the user, installation of software to protect the OS and user information from viruses , installing data encryption software and software for performing trusted OS boot using a USB key. Also, drivers are installed for the operation of hardware nodes operating under the control of the OS installed on the PC.

Work on the complex begins with the activation of the GRS node, which in the local area of the hardware nodes of the complex forms the EMPS, the spectrum and intensity of which exceeds those of the PEMIN that are formed during the operation of the software and hardware used at the computerization facility (OI ) for processing information.

The RM node provides the reception of signals radiated into the air by the GRS node, and performs their broadband demodulation. At the same time, the PM node is configured in such a way that, if there is an intense EMF at its input, a high level signal is generated at the output of the RM node, which is fed to the MK node for processing. Upon receipt of a high level signal from the RM node, the MK node switches the switch on. When the switch is turned on, the USB key is switched (connected) to the PC port. If for some reason the main switchgear assembly is deactivated (turned off, goes out of order, etc.), then the mentioned EMF will cease to be received at the input of the RM node. This will lead to the fact that at the output of the PM will establish a low signal level. When a low signal level is applied to the MK, a switch off signal is generated at its output. This will lead to the emulation of disconnecting the USB key from the host PC. As a result of this, access to the PC interface and to the functions of the entire complex will be blocked.

After activating (turning on) the GRS node (restoring the working capacity of the GRS), the catch of the RM, MK, and the switch is carried out in the manner described above, as a result of which access to the PC OS and the entire complex is resumed.

This technical solution partially solves the problem associated with the protection of OI from information leakage through the PEMIN channel during the operation of TSSOI located on the OI. This is achieved due to the fact that with the help of it a partial neutralization of the consequences that may be caused by the mentioned “human factor” is achieved. This is expressed in the fact that TSSOI users cannot continue processing information without an activated (included) TSAZ. This, in turn, means that at the OI operation of the TSSOI is possible only when the technical channel of information leakage of the PEMIN type is masked with the help of the TSAZ, which is GRS. Otherwise (when deactivating the main switchgear), access to the functions of the PC (and TSSOI as a whole) is blocked. That is, this device implements the functional relationship between access to the TSSOI functions and the presence of TSAZ activity, which is necessary for masking PEMIN, which are used at the OI, to ensure the information security of the OI.

The disadvantage of this complex is the low reliability of monitoring the state (operating modes) of the TSAZ, as a result of which situations (failures, false alarms) may arise in which the operation of the TSSOI in the absence of PEMIN masking is possible, and therefore information leakage through the PEMIN channel is possible. This is due to the following reasons.

In this complex, the RM unit is configured to receive and broadband demodulation of the EMF generated and emitted by the mainframe. Moreover, the node RM is made with the possibility of broadband detection of radio signals. This property provides the reception of all signals that come from the radio to the input of the RM node. However, as is known from the technology [L21-L23], the entire range of radio frequencies is intensively used and saturated with signals from many sources, including radio communications, broadcasting radio stations, emissions from industrial facilities, vehicles, household appliances, etc. Signals created all of these objects can have high intensity (power), enter the input of the RM and cause a false alarm at its output in the absence of activity of the TSAZ of the GRS type. For example, if the main switchgear is, for one reason or another, malfunctioning or deactivated by personnel operating a PC (TSSOI), then the radio signals from extraneous radiation sources arriving at the input of the PM node can be interpreted as the emf generated by the switchgear node, the time when they are not. This leads to a dangerous situation, from the point of view of information security of the OI, which can conditionally be called “alarm skipping”.

It was established that these “omissions of alarms” are due to the fact that in this technical solution, to identify the activity of the main switchgear that provides active protection (masking) of the PEMIN channel, a sign with low information content is used, which does not provide reliable data necessary for reliable monitoring the activity of TSAZ (GRS) used at the OI to mask PEMIN emitted during operation of the PC assembly and other TSSOI.

It is known that during the operation of TSSOI, secondary electromagnetic radiation is generated, the spectrum of which is distributed over a wide range of radio frequencies, therefore, to mask them, HFS are performed with the possibility of generating a noise radio signal with a spectrum that covers the spectrum in which PEMIN can be created. For the reception and processing of signals generated by TSAZ (GRS), that is, the response (reception and detection) to the electromagnetic field, the radio of the RM node is also made broadband. This leads to the fact that radiation from a multitude of extraneous sources of radio emissions (IRI) with which the ether is intensely saturated will necessarily fall into the broadband path of the RM node. That is, the RM node will receive radio signals from household radio and television transmitters, transmitters from radio-relay and cellular communication systems, etc. As a result of this, the signals from the aforementioned foreign IRIs will be perceived as EMF created by the HPS unit (TSAZ), while the GRSh unit (TSAZ) itself can be turned off or disabled for one reason or another, including the fault of personnel operating the TSSOI.

In this complex, in cases of deactivation of the HSS node, the RM node can receive signals of extraneous IRI, causing a false identification of the presence of activity of the HSS node, therefore, the possibility of using TSSOI on OI for its intended purpose with deactivated TSAZ, that is, without masking PEMIN, can be preserved.

Studies have shown that the low reliability of identification of TSAZ activity in this technical solution is due to the use of signs with low information content for making the appropriate decision (that the HBS node is active and emits EMF). In fact, the RM node does not have properties that can reliably identify the signals generated by the HFS due to exposure to the physical environment from which, together with the useful signal, which is the EMF created by the HFS node, interfering signals (radiation from extraneous IRI) can come in, RM node - not provided. PM has low noise immunity.

Therefore, the functional connection formed with the help of this complex between access to the functions of hardware and systems used at the information processing unit for information processing and TSAZ (GRS node) activity, which should provide PEMIN masking, is “weak” and not stable, which significantly reduces reliability of protection of the object of informatization against leaks through the PEMIN channel. It also significantly reduces the effectiveness of hardware-software control and warning about the lack of active protection of the computerization object from information leakage through the PEMIN channel, which are formed during the operation of the TSSOI operated at OI.

It has been established that it is not possible to strengthen the mentioned functional relationship between access to the PC interface used at the OI for information processing and the activity of the main switchgear with the use of the features and properties of this technical solution, since reliable identification of the emf created by the main switchgear assembly is not provided. This is due to the fact that the EMF and the signal from extraneous PXR are in the same radio frequency band, and the power of the HFM node is limited by the relevant standards and distributed (“smeared”) over a wide range, therefore, concentrated interference from extraneous may be present in the reception band of the PM node PRI with a power level exceeding the intensity of the EMS signals. That is, neither in frequency nor in power, reliable identification of the signals generated by TSAZ (GRS node) is not provided.

When using this device for monitoring and warning about the absence of active protection of the computerization object from information leakage through the PEMIN channel, situations may arise when the main switchgear assembly is deactivated due to a malfunction, accidental or intentional shutdown caused by unregulated actions of personnel operating the PC (TSSOI). In these cases, the personal computer (TSSOI) can be operated without the presence of EMF from the HPS unit due to the presence on the air of a sufficient number of extraneous IRIs, the emissions of which can be falsely identified as useful signals (EMF from the HPS unit). That is, at the OI, a PC (TSSOI) can be operated without masking the PEMIN, which significantly reduces the information security of the OI, since it can lead to information leakage through an unprotected PEMIN-type technical channel.

In this complex, there is the possibility of software and hardware monitoring and warning about the absence of active protection of the computerization object from information leakage through the PEMIN channel, which are formed during the operation of the TSSOI operated at OI, but the reliability of such control is low.

According to the authors, the closest in technical essence to the claimed object (prototype) is a device known from the technique [L24], consisting of a USB port, a switch, a microcontroller (MK), a USB key, a current sensor (DT), an electrical outlet 220 B (ESD) and an electric network plug 220 V (ESV), which is connected by an input and output, respectively, to a supply network 220 V and an input of a DT unit, which is connected with the first and second outputs, respectively, to the ESD unit and the first port of the MK unit, which is connected by the second port to the first port to switch, which the second and third ports are connected, respectively, with a USB port and a USB key, which is configured to use it as a means of hardware authentication, providing access control to the operating system of a personal electronic computer (PC), which is part of the technical means and information processing systems (TSSOI) operated at the objects of informatization (OI), in addition, the DT unit is made with the possibility of non-contact measurement of the alternating current passing through it and forming output voltage proportional to the current in the load connected to the ESD unit, which is configured to connect to it the power circuit of a technical active protection device (TSAZ), for example, an electromagnetic field generator (GEMP) that generates an electromagnetic noise field (EMF), which provides masking spurious electromagnetic radiation (PEMIN) generated during the operation of the aforementioned PCs and TSSOI, MK node is made with the possibility of functioning according to the program that provides voltage processing, dull from the DT node, generating switch control signals for connecting or disconnecting the USB key to the USB port depending on the presence or absence of current through the DT node and the load connected to the ESV node, for example, when the TSAZ power is turned on or off.

Functional diagram of this device is presented in figure 1. The device (Fig. 1) consists of a USB port 1, switch 3, a microcontroller (MK) 4, a USB key 5 and a current sensor (DT) 6, an electric power plug (ESV) 9 and an electric power outlet (ESD) 7. When this, the switch 3 by the first, second and third ports is connected, respectively, with a USB port 1, a USB key 5 and the first port of the MK 4 node, which is connected to the signal first output of the DT6 node, which is the second output and input, respectively, connected with the ESD unit 7 and with the output of the unit. ESV 8, which is connected to the power supply network 220 V by input. In addition, the DT 6 assembly is capable of non-contact measurement of the alternating current passing through it and generating an output voltage proportional to the said current, the ESR 7 assembly is configured to connect a technical power circuit to it active protection means (TSAZ 10), for example, an electromagnetic field generator (GEMP) that generates an electromagnetic noise field (EMF) that provides masking of secondary electromagnetic radiation (PEMIN), created during the operation of the aforementioned TSSOI, the MK 4 unit is configured to operate according to a program that provides processing of the voltage coming from the DT 6 node, generating switch control signals for connecting or disconnecting the USB key 5 to USB port 1, respectively, in the presence or absence of current through node DT 6 and connected to the node ESV 8 load, for example, when turning on or off the power supply TSAZ 10.

Basically, the operation of this device is similar to the previous product. To use the device for its intended purpose, that is, to solve the problem of monitoring and warning about the lack of active protection of the computerization object from information leaks through the channel of spurious electromagnetic emissions and pick-ups (PEMIN) generated during the operation of PC 2 from the hardware and systems used at the information processing unit, the device with its USB port 1, the input of the ESV 9 node and the output of the ESR 7 node is connected, respectively, to the PC 2 (from the TSSOI), to the power supply network 220 V 8 and to the network power supply of the technical active protection device TSAZ 10, which is used at the OI to mask the aforementioned PEMIN. The essence of the monitoring and warning functions performed by this device is to determine in real time the presence of current in the load, which is used as TSAZ 10, and depending on whether there is current in the load or not, respectively, connect or disconnecting the USB key 5 to the USB port 1 and to the PC port 2. When the TSAZ 10 power circuit (mains plug) TSAZ 10 is connected to the output of the ESR 7 node and this product is in active mode, an electric flow will begin to flow through the ESR 7, DT 6 and ESV 9 nodes current. At the second output of the DT 6 unit, an output voltage is generated, which is detected by the MK 4 node. The MK 4 node generates a control signal and sends it to the switch node 3. Switch 3 switches to low impedance mode, which allows the exchange of information between the USB key 5 and the PC 2 , in the operating environment of which the software is installed that performs the authentication and user identification procedure by USB key 5. Only if there is a USB key 5 available for the mentioned information exchange, the authorization procedure Household users can be performed successfully. If for some reason the TSAZ 10 node is turned off (deactivated), then the current in its power supply circuit becomes zero, at the second output of the DT 6 node, the voltage also becomes zero. When this fact is detected by the MK 4 node, the USB key 5 is disconnected from the PC 2. For this, the MK 4 node sends a control signal to the switch 3, which switches the switch 3 to the high impedance state, which interrupts the information exchange between the USB key 5 software and the PC 2. This causes blocking of user access to the PC user interface 2 and the TSSOI functions used on the OI.

This device partially eliminates the disadvantages of the previous technical solution (TP). Thus, the use of the DT 6 current sensor for monitoring the activity of TSAZ 10 can improve the reliability of determining (identifying) the state of activity / passivity of the TSAZ 10. This is achieved due to the fact that when using the current sensor DT 6 for monitoring the activity of TSAZ 10, the level of errors of the type “false” is reduced anxiety ”and“ skipping alarms ”, which is typical of the previous TR, exposed to external radio interference generated by various IRI. Here, an error of the type “false alarm” (LT) means a state of the device that corresponds to the USB key 5 connection mode in the absence of TSAZ 10 activity, and an error of the type “skip alarm” (PT) refers to a state of the device that corresponds to the USB shutdown mode key 5 in the presence of TSAZ activity 10. That is, this device is less susceptible to the effects of the physical environment, from which interfering signals can come along with a useful signal containing information about the activity of TSAZ 10. As a result, the probability of generating false signals causing emulation of connecting a USB key 5 to a PC 2 when TSAZ 10 is deactivated is significantly reduced. Therefore, the functional relationship between access to the PC interface 2 (and the functions of the TSSOI used on the OI) and the activity of the TSAZ 10 used to mask the PEMIN (generated by the operation of the PC 2 and other technical means and information processing systems) is implemented in this device more stable . This allows using this device to increase the efficiency of protection of the object of information from leaks through the channel PEMIN.

However, the disadvantage of this device (prototype) is the low reliability of activity monitoring (operation mode) of the active protection equipment TSAZ 10, which reduces the efficiency of protecting the OI from information leaks through the technical channel of the PEMIN type, which are formed during operation of the PCT type 2 and other TSSOIs used at OI. This is due to the following factors. So, to mask the PEMIN generated during the operation of the SSSOI, as a rule, devices of the type TSAZ 10 with the ability to adjust the output power are used. This allows you to set (create by adjusting the radiation power TSAZ) at the EMF the EMF intensity is adaptive to object conditions, for example, according to the results of instrumental measurements performed in the process of certification of premises and other objects. When setting a predetermined power level, TSAZ 10 assumes that its decrease below a predetermined (set) value may not provide the necessary level of PEMIN masking. That is, when solving the problem of ensuring information security, from the point of view of protection against leaks through the PEMIN channel, simply monitoring the presence of TSAZ activity in the “on or off” volume is not enough, since when it operates with the radiation mode with reduced power, PEMIN masking may not be provided. Therefore, it is necessary to more accurately control the operation mode of the TSAZ, including determining the fact of a decrease in the radiation power of this device below a predetermined value, for example, by determining the fact of a decrease in the current in the TSAZ power supply circuit below a given threshold. This device does not have the signs and properties that allow you to set the required threshold (TP), against which it would be possible to control the current in the load circuit connected to the ESR 7 node, for example, the power supply circuit of TSAZ 10. Here, the required TP threshold means such a value controlled current in the load, which is the TSAZ 10 power supply circuit, in which the TSAZ 10 operates in a mode that ensures the formation of an EMF at the OI that provides the necessary level of masking P MIN created PC 2. TA is used to carry out relative thereto current value control (TZT) flowing through the current sensor 6, DT, and perform formation of a corresponding system response. For example, if the TZT is greater than or equal to the TP, then we can assume that the TSAZ operating mode is normal, otherwise not. If the TZT is greater than or equal to TP, then we can assume that the PEMIN channel is reliably masked, otherwise it is not. If the TZT is greater than or equal to the TP, then the operation of the TSSOI can continue, otherwise not.

From the analysis of the generalized algorithm of operation of this device, it follows that the main task solved by the nodes DT 6 and MK 4 is to fix the very fact of activation or deactivation (on and off) of the TSAZ 10 without assessing the level of the mentioned TZT.

It is established that the signs and properties used in this device do not provide the ability to set and change the threshold of the device (response to a given current value in the load, which uses the power supply circuit TSAZ 10. With this device, the ability to control the specified operation mode TSAZ 10, in which the required level of PEMIN masking is provided, and timely restriction of access to the TSSOI functions is not provided.

The technical means that are widely used in practice for the active protection of OI from information leaks through the PEMIN channel have an adjustable output power, which makes it possible to more accurately adapt these products to object conditions (OI). During operation of the TSAZ 10, the power consumption of which is set in accordance with the conditions of a particular OI, monitoring the current consumed by this TSAZ 10 becomes a very important factor in the information security of the OI in terms of ensuring the necessary level of PEMIN masking. However, a contradictory situation arises.

So, on the one hand, in order to increase the reliability of monitoring the activity of TSAZ 10, the threshold set at the stage of manufacturing of this device should be minimal so that the device responds to the minimum possible currents in the power supply circuit corresponding to this category of products that can be used as TSAZ 10, that is, the threshold should be reduced. In this case, any TSAZ 10 model that is available on the security market can be controlled by the current it consumes in the power supply circuit: "TSAZ 10 node - ESR node 7 - DT node 6 - ESV node 9 - power supply network 8" .

As a rule, in the process of special surveys conducted at the research institutes, for example, during the certification of informatization objects, the level of PEMIN, which are formed during the operation of the TSSOI, is determined. In accordance with the data obtained, TSAZ is installed on the OI and its radiation power is set at which the generated EMF provides masking of the aforementioned PEMINs. Therefore, on the other hand, to achieve masking of the set PEMIN levels, the intensity of the protective electromagnetic noise field (EMF) generated by the TSAZ 10 is increased to the required value by adjusting the output power of the TSAZ 10. That is, the TSAZ operating mode of 10 s can be set at different OIs different output power, which is necessary to ensure the masking of PEMIN in accordance with the object conditions (the number of CBT, the area of the OI, the number of TSSOI, the intensity of PEMIN, etc.). At the same time, in order to ensure the operating conditions of the PC 2 (TSSOI used at the OI) in the most protected mode (when the TSAZ is in the high-power mode), the device threshold must be increased. Otherwise, during the operation of the TSSOI by users or technical personnel (accidentally or intentionally), the TSAZ power (by simply turning the TSAZ 10 output power regulator) can be reduced to the lower limit value. Such actions (to reduce the power and current consumption of TSAZ) will not be recorded by this device, since its threshold cannot be adapted to the operating mode of TSAZ 11. This device does not have the ability to set (configure, adjust, adjust, adapt) the threshold level ( response threshold) corresponding to the operating mode (radiation power and current consumption) of the technical equipment used as TSAZ 10. This device at the manufacturing stage is configured in such a way as to “respond” to minimum load, that is, at minimum currents, which corresponds to the operation of the TSAZ 10 product in the mode of radiation of minimum power. Therefore, this device “reacts” (connects a USB key 5) in the same way, both to a large current (with a maximum power of TSAZ 10) and a minimum current (with a minimum power of TSAZ 10) in the power supply circuit of TSAZ 10, without blocking user access to PC OS interface 2, which is part of TSSOI, with a decrease in power (current consumption in the power supply circuit of TSAZ 10) from maximum to minimum value. We can say that this device has a constant zero threshold, tuned to the maximum sensitivity corresponding to the minimum load current, TSAZ 10 is used as an office.

As a result of the use of this device, the efficiency of protecting the OI from information leaks through the PEMIN channel that occur during the operation of the TSSOI can be significantly reduced, since the possibility of operating a PC 2 (access to the TSSOI functions) when the TSAZ 10 is operating in the (low emf power) mode is not providing the given masking efficiency PEMIN is preserved.

In this complex, there is the possibility of software and hardware monitoring and warning about the absence of active protection of the object of informatization from information leakage through the PEMIN channel, which are formed during the operation of the TSSOI operated at OI, however, the reliability of the mentioned control is low.

This device does not have the ability to control the current value of the current in the load (TZTN), which uses TSAZ 10, a relative adjustable threshold, the value of which can be set (programmed) in accordance with the level of EMF (power TSAZ 10), necessary to ensure reliable masking of the aforementioned PEMIN.

According to the authors, an increase in the efficiency of protection of an informatization object from information leakage through the PEMIN channel, which are formed during the operation of the TSSOI operated at the OI, can be achieved on the basis of the implementation of the idea, the essence of which is to realize such a functional relationship between TSAZ activity and access to the functions of TSSOI, which could provide control over the compliance of the PEMIN masking efficiency with the required level. That is, a device that implements monitoring and warning about the lack of active protection of the OI from leaks through the PEMIN channel must have the property of adaptation (installation, programming) of the system response threshold (ORS), regarding which a decision is made about connecting / disconnecting to PC 2 (from structure of TSSOI) of authentication and identification hardware, USB key type 5. Here, OR means the level of current measured (controlled) in the power circuit of TSAZ 10 connected to the ESD unit, the excess of which is higher than the ORS call a USB key emulation connection 5 to the PC 2 (through switch 1 3 and the USB port). And with a decrease in the current consumed by TSAZ 10 below a predetermined (threshold) value, that is, when the current in the load decreases below the ORS, access to the PC OS 2 interface and the TSSOI functions used on the OI are blocked. Programming (setting) the ORS threshold in accordance with the TSAZ 10 power level required at the OI and monitoring (comparing) the current value of the current in the load, which is the TSAZ 10 power supply circuit, can provide effective (accurate, reliable) control of TSAZ activity (operation mode) 10 and to exclude the operation of the TSSOI in case of accidental or deliberate facts of a decrease in the power of the TSAZ 10 below the permissible value, since this will lead to the discovery of a decrease in the current in the load below the ORS, which will cause blocking to a step to the PC OS 2 interface and the TSSOI functions used on the OI.

The implementation of this idea can provide an increase in the level of protection of OI from information leaks on the PEMIN channel, which can be achieved by monitoring the current value in the load circuit, which is TSAZ, relative to a given threshold corresponding to the radiation power of TSAZ used to achieve effective masking of PEMIN, which are formed at the OI during the operation of the TSSOI.

Using this idea, reliable monitoring and warning about the absence of active protection of the computerization object from information leakage through the PEMIN channel in cases of both complete and partial decrease in the TSAZ 10 operability (radiation power) can be ensured.

According to the proposed idea, in the investigated model of the OI type “TSSOI - KAZOI-TSAZ device”, the prototype of the KAZOI device can be endowed with the property of adaptation to object conditions (OI), which provides more effective control of the TSAZ 10 operating modes. If the prototype device is controlled with a zero threshold (ORS = 0), then, according to the proposed idea, ORS can be programmed over a wide range and installed (adaptively) in accordance with the current consumption (radiation power) of the TSAZ 10, and hence with the level m EMF generated them used for masking PEMIN.

When implementing the proposed idea, tracking (monitoring) of the level of power consumed by the load (TSAZ 10 product) can be ensured with the possibility of blocking access to the PC interface 2 and the TSSOI functions used on the OI, while reducing the power consumed by the load (TSAZ 10) below the specified value (with a decrease in current in the power supply circuit TSAZ 10 below the established ORS).

As shown by patent research, technical solutions that provide the ability to control access to system and information resources of technical means and information processing systems (TSSOI) used at informatization facilities (OI), depending on the activity (operating mode) of the active protection equipment (TSAZ) used to mask PEMIN, which are formed during the operation of the mentioned TSSOI, depending on the change in the masking efficiency of the mentioned PEMIN, determined relative to the level of programs Rui threshold value of said reaction system from the art is not known.

The purpose of the utility model is to expand the functionality of a known device for controlling access to the functions of technical means and information processing systems (TSSOI) depending on the effectiveness of PEMIN masking, which are formed when using the mentioned TSSOI at the computerization facility.

This goal is achieved due to the fact that in the known device, consisting of a USB port, a switch, a microcontroller (MK), a USB key, a current sensor (DT), an electric power outlet 220 V (ESD) and an electric power plug 220 V (ESV) which is connected by an input and an output, respectively, to a 220 V supply network and an input of a DT unit, which is connected by a first and second output, respectively, to an ESD unit and a first port of a MK unit, which is connected to the first port of the switch by the second and second ports ports connected respectively with a USB port and a USB key, which is configured to use it as a means of hardware authentication and identification, providing access control to the operating system of a personal electronic computer (PC), which is part of the hardware and information processing systems (TSSOI) operated on objects of informatization (OI), in addition, the node DT is made with the possibility of non-contact measurement of the passing through it alternating current and the formation of the output voltage proportional to the the current, the ESD unit is configured to connect to it the power supply circuit of an active protection equipment (TSAZ), for example, an electromagnetic field generator (GEMP) that generates an electromagnetic noise field (EMF), which provides masking of side electromagnetic radiation (PEMIN) generated during operation mentioned TSSOI, the MK node is configured to operate according to a program that provides processing of the voltage coming from the DT node, the formation of switch control signals for connecting or disconnecting the USB key to the USB port, respectively, in the presence or absence of current through the DT node and the load connected to the ESV node, which uses the mentioned TSAZ node, a computer port (CP) and non-volatile memory (EPR), which is its port, are additionally introduced connected to the third port of the MK node, which the fourth port is connected to the KP node, while the MK node is configured to operate according to a program that provides emulation of the computer port and support through it information exchange with a PC for framing in the memory node of the virtual system response threshold (VPRS), relative to which the current value of the current in the load (TZTN) connected to the ESV node monitors the activity of the mentioned TSAZ used as the load, and controls access to the USB key, signal processing, generated by the DT node, and performing dynamic control (with an interval of about 1 second) of the compliance of the TZTN with the permissible value determined relative to the SCL, which is installed in the memory node, as well as emulation of connection or disconnection Key USB PC port, respectively, above or lowering said TZTN load connected to the ESA node with respect to said SPMS.

The proposed device provides the following combination of distinctive features and properties.

This is an introduction to the structure of the device of a computer port (CP) and non-volatile memory (EPR), which is connected by its port to the third port of the MK node, which is connected to the CP node by the fourth port,

This is the execution of the MK node with the possibility of functioning under a program that provides emulation of a computer port and support through it information exchange with a PC to form a virtual system reaction threshold (VPRS) in the memory node, relative to which, according to the current value of the current in the load (TZTN) connected to ESV node, the activity (operating mode) of the said TSAZ used as a load is monitored and access control to the USB key is controlled.

This is the execution of the MK node with the possibility of functioning according to the program that provides the processing of signals generated by the DT node, and the implementation of dynamic (periodic) control (with an interval of not more than a few seconds) of the conformity of the TZTN to the permissible value determined relative to the SCL, which is installed in the memory node, and also emulation of connecting or disconnecting the USB key to the PC port, respectively, when exceeding or decreasing the mentioned TZTN in the load connected to the ESV node, relative to the said VPRS. That is, emulation of turning on or off the USB key used as a hardware identification and authentication is provided to control the access of individuals to the PC interface and the TSSOI functions used on the OI to process information, respectively, when exceeding or decreasing the TZTN connected to the node ESV, relative to the said VPRS.

The presence and use of all the above signs and properties allows us to implement a functional relationship between access to the PC interface and the TSSOI functions used at the OI and the state of the TSAZ activity (operation mode) taking into account the ratio of the mentioned TZTN and VPRS. At the same time, it is believed that the current in the load (current in the TSAZ power supply circuit), which corresponds to or exceeds the VLSI installed in the memory node, corresponds to such a mode of operation of the TSAZ, in which reliable masking of the mentioned PEMIN is provided. And only in this case, it provides the possibility of operating the TSSOI on the OI due to the fact that access to the hardware authentication and user identification by USB key is open. In cases of a decrease in TZTN below VLRS, which corresponds to a decrease in the radiation power of TSAZ and a decrease in the level of EMF below the permissible value at which masking PEMIN is not provided, this device blocks access to the PC interface and TSSOI functions. Thus, thanks to the introduced features and the use of new properties, this device provides the possibility of operating the TSSOI on the OI only in cases where the TSAZ operate in a mode that provides reliable masking of the PEMIN that occur during the functioning of the mentioned TSSOI. This provides a significant increase in the level of protection of OI from information leaks through the channel type PEMIN.

The combination of distinguishing features and properties of the proposed monitoring and warning device about the lack of active protection of the computerization object from information leakage through the channel of spurious electromagnetic radiation and interference from the technique is not known, therefore it meets the criterion of novelty. Moreover, to achieve the maximum result in expanding the functionality of the known device for controlling access to the functions of technical means and information processing systems (TSSOI), depending on the effectiveness of PEMIN masking, which are formed when using the mentioned TSSOI at the computerization facility, it is necessary to use the whole set of distinctive features and the properties indicated above.

The functional diagram of the device for monitoring and warning of the absence of active protection of the object of informatization from information leakage through the channel of spurious electromagnetic radiation and interference (hereinafter referred to as the device) is shown in Fig.2.

The device (figure 2) consists of a USB port 1, to which a PC 2 can be connected, which is part of the TSSOI used on the OI, a computer port (CP) 3, switch 4, microcontroller (MK) 5, USB key 6, a sensor current (DT) 7, non-volatile memory 8, electrical mains (220 V) plugs (ESV) 9 and electrical mains sockets (ESD) 10, designed to connect and provide power to the technical means of active protection (TSAZ) 11, for example, an electromagnetic field generator providing the formation of EMF, which masks PEMIN, arising Suitable PC 2 in the operation, part of the TSSOI. In this case, the USB port 1 is connected to the first port of the switch 4, which is connected by the second and third ports, respectively, to the USB port of the dongle and the first port of the MK 5 node, which is connected by the second, third and fourth ports to the KP 3 node, memory 8 and the first output of the DT 7 node, which is connected by an input and a second output, respectively, to the ESV 9 node and the ESR 10 node. In addition, the nodes USB 1 and KP 3 are configured to connect to a standard PC 2 port.

The device (figure 2) operates as follows. First, the device is prepared for operation. At this stage, on the PC 2, which is part of the TSSOI, the software is installed that provides authentication and user identification of the PC 2 using the USB key 6. Then, the sensitivity of the device is triggered when the controlled load is turned on (activated) connected to the ESD unit 10, which uses technical active protection equipment TSAZ 11, which protects the information processed at the OI from leaks through the PEMIN channel, which are formed in the process of nirovaniya using said TSSOI. Setting the sensitivity of the device to operate (react) to connect the load, which corresponds to the operation of TSAZ 11 in the EMM emission mode with a given power, provides for the following actions. The procedure is carried out to form a virtual system response threshold (VLRS) in memory node 8, which implements the functional dependence of turning switch 4 on or off, emulating connecting or disconnecting a USB key 6 to control authentication and user identification and control access to the PC 2 operating system, which is part of technical means and information processing systems (TSSOI) operated at informatization facilities. The procedure for the formation of VPRS is carried out using a computer 2 connected to the node KP 3. During this procedure, the TSAZ 11 is connected to the ESR 10 node, which will be used at the OI to protect information from leaks through the PEMIN channel created during the operation of the PC 2 and the mentioned TSSOI .

In the initial state, the device through the USB 1 port is connected to the corresponding PC port 2 from the structure of the TSSOI used on the OI for information processing. An electric network plug of a TSAZ 11 type product is connected to the ESR 10 assembly, which is used to protect information from leaks through the PEMIN channel generated during the operation of the aforementioned TSSOI.

The operation of the device in combination with a PC 2 and TSAZ 11 is as follows. The TSAZ 11 power supply is turned on. In this case, the TSAZ 11 power supply voltage is supplied through the ESV 9, DT 7 and ESV 10 nodes. At the DT 7 output, signals corresponding to the current value of the current in the load (TZTN) are generated, which uses TSAZ 11, which are supplied to the node MK 5, which performs their processing and comparison with the value of the said VPRS, the value of which is stored in non-volatile memory 8.

If the radiation power of TSAZ 11 and, accordingly, the current of its consumption in the power supply circuit is higher than the threshold value set by the VLSI value, then the MK 5 node sends a control signal to switch 4, which puts switch 4 into a low impedance state, which ensures USB key 6 connection to the USB port 1 and through it to the PC port 2. As a result of this, the authentication and user identification procedure on the PC 2 is allowed, as well as access to both its interface and all the TSSOI functions used on the OI. Since the power of the EMF generated by TSAZ 11 is sufficient to mask the PEMIN arising from the operation of the TSSOI, information is protected from leaks through the channel of the PEMIN type with OI - it is provided. However, as a result of various reasons, for example, when TSAZ 11 fails, changes in its operation mode, the level of protective EMF created by TSAZ 11 can be reduced below the permissible value, which can cause information leaks through the PEMIN channel. This situation is monitored using the proposed device.

It is known that the level of EMF generated by TSAZ 11 depends on the power consumed by this device, which can be controlled by the value of the current in the power circuit of TSAZ 11. Therefore, based on the control of the current flowing in the power circuit of TSAZ 11, this device provides power control of EMF radiated by TSAZ 11. After setting the required power level of the EMF, which ensures the given masking efficiency of the PEMIN channel on the OI, for example, in the process of performing the OI certification, such a value is programmed and stored SPMS, which corresponds to the desired level of radiation power and current consumption in the power supply circuit 11 TSAZ.

Thanks to the use of the device, the operation of the SSSOI at the OI can continue only as long as the power of the TSAZ 11 and, accordingly, the level of the EMI and the current consumption in its power supply circuit are in line with the norm (above the VPRS). If the current consumption of TSAZ 11 decreases below the threshold value set by the VPRS, then the MK 5 node sends a control signal to switch 4, which puts switch 4 in a high impedance state, which ensures that USB key 6 is disconnected from USB port 1 and, accordingly, from the port PC 2. As a result of this, a request will be made to repeat the authentication and user identification procedure of PC 2. At the same time, access to the PC interface 2 and to all functions of the TSSOI used on the OI is blocked.

After the required level of operability of TSAZ 11 is restored (the current in the power supply circuit will be higher than the value of VPRS), it is possible to continue further operation of the PC 2 and all TSSOI used on OI.

As a result of the use of the proposed technical solution, the operation of PC 2 and TSSOI used to process information on the OI is possible only when the TSAZ 11 node is operating in such a mode that a sufficient level of masking of the PEMIN created by TSSOI is provided. This allows you to significantly increase the efficiency of protection of information processed at the OI using TSSOI, from leaks through the technical channel type PEMIN.

The introduction and use of new features and properties ensures the achievement of a technical result, which consists in reducing and the probability of interception and analysis of information components contained in PEMIN, which are formed in the process of functioning of the TSSOI used at the OI for information processing due to the control of the TSAZ operating mode, which is used together with TSSOI to create an electromagnetic noise field (EMF) masking the aforementioned PEMIN, and block access to the functions of the said TSSOI, while reducing the intensity of the aforementioned EMR, controlled by the value of the current in the power supply circuit of the TSAZ, is lower than the permissible value determined relative to the value of the VLSI, which corresponds to such a mode of operation of the TSAZ connected to the ESR node, in which the creation of the EMR with the level sufficient to mask the mentioned PEMIN. The presence in the device of signs and properties that provide the possibility of forming a threshold (base level), against which the current values of the current are monitored in the load (power supply circuit TSAZ 11), allows you to more accurately identify the activity of TSAZ 11 connected to the ESD 10 node, and record as the presence (absence) of TSAZ 11 activity by the presence (absence) of current in the circuit of its power supply, and record the change in the operation mode of TSAZ 11 to reduce its current consumption below a set threshold (VPRS). This provides more accurate control of the operating modes of the TSAZ 11 type load and the implementation of blocking access to the PCM 2 functions from the TSSOI used at the OI, in cases of changes in the TSAZ 11 operating mode that cause a decrease in the effectiveness of the PEMIN masking formed during the functioning of the said TSSOI. The use of this technical solution allows you to limit (prohibit) the operation of the PC 2 (from the composition of the TSSOI used at the OI) in the absence of masking the TEMIN created by the said TSSOI, with a level sufficient to reliably protect the information (processed at the OI using the mentioned TSSOI) from leaks by PEMIN channel created during the operation of the TSSOI. The achievement of the mentioned technical result is also ensured by the possibility of adjusting the said VPRS in accordance with the information security policy that provides for the use of TSAZI 11-type products with the required output power to ensure the camouflage of the PEMIN created by the TSSOI, at which the necessary level of protective EMF, dynamic monitoring of compliance of the current in the load with the permissible value, calculated relative to anovlennogo (programmed) of said SPMS, which is used to decide whether to allow or block access to the PC interface 2, in particular, and to TSSOI functions as a whole.

When implementing the device, its functioning algorithm can be represented as follows:

- Start;

- Procedure No. 1 “Preparing for work”: connecting the KP 3 unit to the PC 2 and entering in the memory 8 the values of the VPRS (which corresponds to the permissible level of current controlled in the load connected to the ESD 10 node); connection to the site of the ESD 10 load in the form of TSAZ 11; connecting a USB 1 port to a PC 2, installing hardware and software authentication tools for a PC 2 user using a USB key 6;

- Procedure No. 2 “Check 1”: does the current flowing through the ESV 9, DT 7 and ESR 10 nodes exceed the specified VLSI (installed in memory 8)? If YES, then turning switch 4 on to a low impedance state (emulation of connecting a USB key 6 via USB 1 to a PC 2 port, which ensures successful authentication and user identification of the PC 2 and access to the PC interface 2 and TSSOI functions), the transition to the procedure for monitoring current in the load; If NO, then turn off the switch 4 with its high impedance state (emulation of disconnecting the USB key 6 from the USB port 1 and the PC port 2, blocking access to the PC interface 2, and TSSOI functions), request data (password) for authentication and user identification PC 2;

- Procedure No. 3 “Processing a request for user authorization”: entering data (password) for authentication and user identification using the PC keyboard 2;

- Procedure No. 4 “Verification - 2”: is user authorization supported by the device? If YES, then go to the procedure for monitoring the current in the load connected to the ESD 10 unit (monitoring the current consumed by the TSAZ 11 product). If NO, go to procedure 5;

- Procedure No. 5 “Verification - 3”: is the TSAZ 11 product connected to the ESD 10 node, is it working properly and is operating in the specified mode (TZTN is greater than or equal to the VLSI)? If YES, then return to the procedure - 2, if NO, then restore the performance of TSAZ 11 and go to the procedure - 2;

- Procedure No. 6 “Monitoring current in the load”: periodic (with an interval of not more than 1 second) monitoring of the current flowing through the ESV 9, DT 7 and ESR 10 nodes and returning to the procedure - 2;

- Procedure No. 7 “Shutdown”: completion of a user's work session on a PC 2, turning off the power to the PC 2, turning off the power to TSAZ 11;

- The end.

Device nodes: USB port 1, switch 4, microcontroller MK 5, USB key 6, current sensor DT 7, ESV 9 and ESD 10, as well as the execution of the USB key node with the possibility of using it as a means of hardware authentication and identification, providing access control to the operating system of a personal electronic computer (PC), which is part of the technical means and information processing systems (TSSOI), operated at the objects of informatization (OI), the DT node - with the possibility of non-contact measurement of the variable passing through it of the current and the formation of an output voltage proportional to the said current, the ESD unit - with the possibility of connecting to it the power supply circuit of a technical active protection device (TSAZ), for example, an electromagnetic field generator (HEMP), which forms an electromagnetic field (EMF), which provides masking of secondary electromagnetic radiation (PEMIN), created during the operation of the aforementioned TSSOI, of the MK unit - with the possibility of functioning according to a program that provides processing of the voltage coming from the DT node, the formation of control switch signals for connecting or disconnecting a USB key to a USB port can be similar to the corresponding features of the prototype device and do not require refinement when they are implemented.

The functioning of the MK node according to a program that emulates a computer port and supports information exchange with a PC through it to form a virtual system reaction threshold (VPRS) in the memory node, relative to which the current value of the current in the load (TZTN) connected to the ESV node is monitored the activity of the mentioned TSAZ used as a load can be carried out using software procedures and algorithms known from [L31, L32].

The functioning of the MK node according to the program that provides dynamic control (with an interval of about 1 second) of the compliance of the TZTN with the allowable value determined relative to the VLSI installed in the memory node, as well as emulation of connecting or disconnecting the USB key to the PC port, respectively, when exceeding or decreasing mentioned TZTN connected to the site of the ESV, relative to the aforementioned VPRS, can be carried out using software procedures and algorithms known from [L28-L30].

The non-volatile memory unit 8 can be implemented on the basis of SAMSUNG FLASH-memory chips known from [L25], for example, of the type K9K4G08Q0M-Y, which are distinguished by their miniature, low power consumption and high degree of integration.

Node KP 3 can be implemented in the form of a typical computer port corresponding to the interface "RS-232" [L26] or "USB" [L27].

For ease of use, the device can be made in the form of a compact case containing a printed circuit board and external connectors. At the same time, nodes can be placed on the printed circuit board: KP 3, switch 4, MK 5, USB key 6, DT 7 and memory 8. The nodes of the USB 1, ESV 9 and ESD 10 ports can be structurally made in the form of standard cable connectors.

The above means, with which it is possible to implement a utility model, make it possible to ensure its industrial applicability.

The main nodes of the proposed technical solution are experimentally tested and can be the basis for the creation of serial samples of devices that protect the OI from information leakage through the PEMIN-type channel that occur during the operation of TSSOI used on OI for information processing.

In the technical solution developed by the authors, a significant increase in the level of protection of the informatization object from information leaks through the PEMIN-type technical channel is achieved by introducing new features and properties and using the obtained technical result, which improves the reliability of PEMIN masking that are formed during the operation of the TSSOI by controlling the operation mode TSAZ, which creates EMPS for masking the aforementioned PEMIN, and blocking access to the PC interface and the TSSOI functions used for For information processing, while decreasing the intensity of the aforementioned EMR and the associated current in the power supply circuit of the TSAZ, it is below the permissible value determined by the set (programmed) value of the VLSI.

Thus, the technical solution developed by the authors and the technical result obtained using it provides the opportunity to significantly increase the level of protection of information from leaks through the PEMIN channel that arise during the operation of the TSSOI.

A device for monitoring and warning about the lack of active protection of the object of information from information leakage through the channel of secondary electromagnetic radiation and interference will be in demand by a wide range of consumers using computer equipment (SVT, TSSOI) to process information that needs protection from leaks through the PEMIN channel, which are formed during the functioning of the mentioned CBT (TSSOI) at various facilities, including at informatization facilities.

LIST OF USED LITERATURE

1. Certification of objects of informatization, http://www.cbimodus.ru/service/attestaciya-obektov-informatizacii.html?layout=blog

2. GOST R 51275-2006 Information Security. The object of informatization. Factors affecting information. General Provisions

3. Regulation on the certification of objects of informatization according to information security requirements, http://www.fstec.ru/_docs/doc_2_2_012.htm#pr

4. Protection of technical channels of institutions and enterprises from unauthorized access to information, http://dvo.sut.ru/libr/infbezop/i192galk/l.htm

5. Technical channel for information leakage. Information Security Terminology, http://www.centre-expert.ru/index.php/infosec/

6. Spurious electromagnetic radiation and interference. Definition., Http://www.wikisec.ru/index.php

7. Threats to information security, http://www.bre.ru/security/

8. The problem of information leakage from computer technology through secondary electromagnetic radiation and pickups (PEMIN), http://villa-bagio.narod.ru/izlu.htm

9. Protection against PEMIN, http://tom-haus.narod.ru/1/002/6.htm

10. Studies of spurious electromagnetic emissions of technical equipment, http://www.pemi.ru/

11. Spyware, http://ru.wikipedia.org/wiki/Spyware

12. Means of protection against PEMIN. Noise generator GSh-K-1800, http://www.t-ss.ru/gshk_1800m.htm

13. Insider, http://ru.wikipedia.org/wiki/Insider

14. An automated workstation in a secure execution for processing information constituting a state secret, http://www.npp-bit.ru/compex/arm_gostayna.php

15. Protected computers. Automated workstation "Bastion" company Aquarius, http://aq.ru/aquarius_spec.html

16. Trusted download, http://ru.wikipedia.org/wiki/

17. Means of active protection of information from leaks through the channel of electromagnetic radiation: device for protecting electronic objects from information leakage through the PEMIN Bazalt-5GES channels, the radio noise generator RNR-02, the PEMIN masking system Grom-3I-4A, the electromagnetic generator noise "Salute 2000", http://www.bnti.ru

18. Means of protection against PEMIN. Noise generator GSh-K-1800, http://www.t-ss.ru/gshk_1800m.htm

19. Broadband radio noise generator "Shtora-1", http://www.nero.ru/goods119.html

20. Utility Model Patent No. 96435 “Automated Workplace with Information Protection from Unauthorized Access”, registered in the State Register of Utility Models of the Russian Federation dated July 27, 2010

21. Electromagnetic radiation, http://ru.wikipedia.org/wiki/%D0%

22. Sources of electromagnetic interference, http://www.obzor-electro.ru/publ/ehl_magnitnaja_sovmestimost/istochniki_ehlektromagnitnykh

23. Electromagnetic interference and their classification, http://www.vxi.su/praktikum/elektromagnitnye-pomehi/

24. Patent for utility model No. 988612 “Automated workstation with protection against information leakage”, is registered in the State Register of Utility Models of the Russian Federation of October 20, 2010

25. Chips FLASH-memory company SAMSUNG http://cxem.net/sprav/sprav76.php

26. Serial interface RS-232, http://amursat.ru/dir.php?id=143

27. USB interface, http://www.gaw.ru/html.cgi/txt/interface/usb/start.htm

28. The program for the computer "Sensor Manager". Certificate on state registration in FIPS of the Russian Federation No. 20099610444 dated January 19, 2009

29. Computer program “Transceiver Controller”, State Registration Certificate in FIPS of the Russian Federation No. 20099610445 dated January 19, 2009

30. Computer software program “Monitor of communication equipment”, State Registration Certificate with FIPS of the Russian Federation No. 2009611020 dated February 16, 2009

31. The computer program “Serial EEPROM ROM driver”, State Registration Certificate in FIPS of the Russian Federation No. 20099612937 dated July 5, 2009

32. Computer program “Controller for memory devices of the Secure Digital Memory Card standard”, State Registration Certificate with FIPS of the Russian Federation No. 2011611842 of 02.28.2011

Claims (1)

A device for monitoring and warning of the lack of active protection of the object of information from information leakage through the channel of secondary electromagnetic radiation and interference, consisting of a USB port, a switch, a microcontroller (MK), a USB key, a current sensor (DT), an electrical outlet (ESD) and an electrical outlet network plug (ESV), which is connected by an input and output to a 220 V power supply network and an input of a DT unit, which is connected by a first and second output to an ESD unit and a first port of a MK unit, which is a second port It is connected with the first port of the switch, which is connected by the second and third ports to a USB key and a USB port, respectively, used to connect a personal electronic computer (PC), which is a part of hardware and information processing systems (TSSOI) operated at the informatization facility ( OI), in addition, the USB key node is configured to use it as a means of hardware authentication and identification, providing access control to the operating system and the interface of the PC, connected to the USB port node, the DT node is made with the possibility of non-contact measurement of the alternating current passing through it and generating an output voltage proportional to the current passing through the load connected to the ESD node, which is configured to connect the power supply circuit of the active protection equipment (TSAZ ), made with the possibility of creating an electromagnetic noise field (EMF) for masking the side electromagnetic radiation (PEMIN) generated during the functioning of the mentioned TSSOI, MK is made with the possibility of processing the voltage coming from the host DT, and generating signals for switching the USB key to the USB port, characterized in that it includes an additional computer port (CP) and non-volatile memory (EPR), which is connected with its port to the third port of the MK node, which is connected to the KP node by the fourth port, while the MK node is configured to operate according to a program that provides emulation of a computer port and supports information exchange with a PC through it, connected to the USB port, for recording in the EPR node a virtual system response threshold (VPRS), which corresponds to such a mode of operation of the TSAZ connected to the ESR node, in which at the computerization facility where the mentioned TSSOIs are used, the creation of the EMI with a level sufficient to mask the PEMIN, control of access to the operating system and the PC interface connected to the USB port, and the functions of the aforementioned TSSOI used on the OI to process information, depending on the operating modes of the TSAZ connected to the ESD node as load, by dynamically (periodically) monitoring the current value of the current in the load (TZTN) connected to the ESD unit, and comparing the TZTN with the value of VLSI installed in the ENP node, and when TZTN≥VPRS or TZTN <VPRS perform emulation, respectively, connect or disconnect USB a key to the USB port to which the PC is connected, which is part of the mentioned technical means and information processing systems.