RU2740142C1 - Multi-circuit system for processing and protecting information - Google Patents

Abstract

FIELD: physics.

SUBSTANCE: invention relates to information security. Software and hardware system with a multi-loop architecture for digital information distribution comprises a computer terminal with independent hardware-separated circuits, interacting with interconnected local self-contained servers forming a secure restricted information movement system implemented by means of unidirectional gateways. Each of said local stand-alone servers comprises a peripheral equipment subsystem connected thereto, wherein the first server in the system is configured to receive and process new information, and the last server in the system is configured to process and retrieve the information. Outputs of each of the system servers are connected to their encoders, which are connected to a single router, transmitting data via a VPN communication channel to a router of a single information processing centre, configured to distribute information into contour response encoders, from which it is transmitted to central servers of corresponding loops.

EFFECT: technical result is to prevent possibility of entry of information of a certain category from one computer network to another.

1 cl, 1 dwg

Description

The proposed invention is used in the field of protection of information technology and computer programs, and is specifically intended for the secure distribution of important information of varying degrees of confidentiality and ease of use at a certain work site.

From the prior art, a computer technology (SVT) is known for processing information of different confidentiality (see RU2623903, class G06F21 / 30, publ. 2017 [1]).

The known technical solution [1] contains a data conversion unit for processing information with a low level of confidentiality and a unit for processing information with a high level of confidentiality, devices for interacting with an operator, a device for accessing shared external media, a switching control unit, which is connected by means of appropriate interfaces with a computer for processing information with a low level of confidentiality and with a computer for processing information with a high level of confidentiality.

This solution allows simultaneous processing of information with different levels of confidentiality using one set of devices for interacting with the user and for accessing separate external media.

The disadvantages of the known technical solution are the following:

1. Data (SVT) cannot be connected into a network without special complex devices that guarantee the correct integration of computers into a network. Those. the network must be guaranteed to unite only computers processing information of the same type (information of one category).

2. The issue of controlled safe input / output (input / output) of information to the first and second computers has not been resolved.

3. Peripheral devices are switched, i.e. are connected to the first or second computer, however, their memory is not cleared, therefore, devices with built-in memory cannot be used as an output device. So, for example, when printing a secret document, the printer ran out of paper and the document did not go to print, while the CBT user changed and when loading paper into the printer, the document will be pre-printed for a user for whom it is not intended.

4. There is no control and protection against errors in activating protection means. For example, if a switched on active protection device turns on incorrectly or does not work correctly, the second computer will still be turned on and loaded.

5. SVT is large in size and weight, since it includes means of active and passive protection of the first and second computers and uses system blocks to process information, which complicates the creation of automated workstations on the basis of such SVT.

From the prior art, the technology of controlling access to information resources of computer networks of various levels of confidentiality is known (see RU2436154, cl. G06F21 / 20, publ. 2011 [2]).

The objective of this solution is to create a way to control access to information resources of computer networks, which will prevent leakage of confidential information.

The scheme of a computer network of the known solution implies the presence of a user computer system, several interconnected computers-servers of the corporate network, a perimeter router and a device for controlling access to information resources.

The peculiarity of the known technology [2] consists in the classification of information resources into two main classes - according to the degree of confidentiality of information and according to the level of risk or danger of their impact on confidential information. In this case, the user has the ability to gain access to any information resource, however, simultaneous access to resources of different levels of confidentiality is prohibited.

The disadvantages of the known technology [2] are the following:

1. It is not specified how information will be protected from leaks due to PEMIN (spurious electromagnetic radiation and interference) between the technical means included in the described system and processing information of different levels of confidentiality.

2. The method of controlled guaranteed safe input / output of information on client computers when using peripheral devices with memory is not presented.

3. It is not clear how it is possible to guarantee secure transfer of information between client computers processing information of different levels of confidentiality.

The closest in technical essence to the proposed invention is a software and hardware system known from RU139001, class. G06F15 / 163, publ. 2014 [3].

The known system [3] relates to the field of computer technology and provides the possibility of safe operation of the operator in completely separated networks, including with different levels of confidentiality, using a single device with switchable information input-output devices.

The well-known hardware and software system [3] has the ability to hardware separation of information by making each of the computing modules (servers) completely autonomous with the ability to work independently of each other and the ability to connect to the Internet, while the unidirectional transmission of information from one specified computing module (server ) to the other is done through a unidirectional interface (gateway).

The disadvantages of the known system [3] are the following:

1. The boards for processing information of different categories are located in one case and are powered from one power supply unit. In such conditions, it is difficult to provide protection against the transmission of information through PEMIN. There are no passive and active protection devices in the monoblock scheme, despite the fact that both boards in the monoblock work simultaneously.

2. The method of controlled guaranteed safe input / output of information when using peripheral devices with memory is not described.

3. Monoblocks cannot be connected into a network without special complex devices that guarantee the correct integration of computing modules into a network, namely, the network must be guaranteed to combine only computing modules that process information of the same type (information of one category). Also, according to the description, both modules have the same type of interfaces for connecting to computer networks.

4. In addition, the problem of secure controlled input of information has not been solved. For example, you can freely connect a flash drive infected with virus programs into a computing module that processes confidential information, which is fraught with fatal consequences.

The technical problem of the proposed invention is the creation of a high-tech software and hardware complex that has the ability to hardware (physical) separation of the information used in the work, which is previously assigned in importance to a certain category.

The technical result of the proposed invention, which is objectively manifested in the course of using the software and hardware complex, is to prevent the possibility of getting information of a certain (established) category from one computer network to another, which creates guaranteed conditions for safe and efficient operation.

The specified technical result is achieved as a result of the fact that a software and hardware complex with a multi-circuit architecture for the distribution of digital information contains a computer terminal with independent hardware-separated circuits interacting with interconnected local autonomous servers, forming a system of secure limited information movement, implemented through unidirectional gateways , wherein each of these local autonomous servers contains a peripheral equipment subsystem connected to it, and the first server in the system is configured to receive and process new information, and the last server in the system is configured to process and retrieve the information received, the outputs of each of the servers systems are connected to their encryptors, which are connected to a single router that transmits data via a VPN communication channel to a router of a single information processing center, made with the possibility distribution of information to the response encryptors of the circuits, from which it enters the central servers of the corresponding circuits.

According to the inventive concept, the proposed system allows you to create a spatially distributed network (single information space) that allows you to process information of different categories.

The main goal of the present invention is to protect digital information and the required degree of ergonomic arrangement when using heterogeneous information at one workplace.

As a rule, when working with documentation, enterprises use various sources of information, for example, information from the Internet, internal information of the enterprise, classified information, service information, etc. Mostly, computers intended for such purposes are located in different rooms and are not interconnected. at the same time, it is possible to process information of limited distribution (secret, confidential, official) only on specially prepared and certified computers located in specially prepared places, and therefore, the preparation of such documents inevitably involves the movement of employees from one place to another in order to transfer a special (confidential) information on special media between computers, which in turn complicates and delays paperwork, and employees are provoked to violate the workflow regime, which, with a certain degree of probability, can lead to the disclosure of confidential information. formations.

To eliminate the aforementioned drawback, common in large enterprises, the proposed invention is intended, the operation of which implies the creation of one autonomous workstation for working with information divided into categories, while it becomes possible to quickly transfer information of the "low" category and information of the "high" category , for example, information from the Internet and classified information marked "C", which will increase the efficiency of work and exclude possible intentional and deliberate violations of the accepted document flow regime.

The proposed terminal technology, which is implemented by the claimed hardware and software complex, is best suited for solving an urgent technical problem, since information is stored centrally on servers, and a computer terminal with independent hardware-separated circuits serves exclusively for input / output of information and its visual display.

The inventive concept of the present invention is based on sets of server equipment isolated from each other (stand-alone servers), which may include switches, network storages, etc. These local stand-alone servers are interconnected through unidirectional data transmission devices (unidirectional gateways). Peripheral devices (printers, mfp, scanners) that work only with them are connected to each stand-alone server.

A computer terminal (terminal workstation) with a selected autonomous circuit is automatically connected to certain servers (sets of server equipment) in accordance with the information read from the smart access card.

In the case when information constituting a state secret (GT) is processed in one of the circuits, then it is necessary to take into account the features and requirements of regulators for working with it, and therefore it is necessary to allocate a separate terminal board (isolation of electronic components processing GT). Therefore, when a smart access card is inserted into the reading module of the computer terminal, power in the computer terminal is supplied to only one processing terminal board. The rest of the terminal boards in this case are de-energized (disconnected), and there is no non-volatile memory on them.

A computer terminal with only one circuit processing a certain type of information can be connected at a time to interconnected servers (sets of server equipment), which together form a corresponding circuit for information processing. At the same time, the simultaneous operation of several information processing circuits in a complex at once is absolutely impossible, since an individual smart access card is provided for the activation and functioning of a certain circuit, in case of extraction of which no information remains at the workplace, namely, the power of the computer terminal is turned off with complete erasure his memory.

To interact with external storage media, the complex provides for a special workstation for information transfer ("information input") and a special workstation for information retrieval ("information removal"). "Information input" is carried out from any information carrier after checking for malicious programs, which is subsequently entered into a circuit that processes open information. The user also installs a special smart-access card into the reader of the terminal of the “entering new information” workplace and connects strictly to his session on the server, i.e. the transmitted information will be available only to him. Further, through unidirectional gateways, information can move to other sequentially connected servers. Information is retrieved after it passes through the last server, which is isolated from all network contours by a unidirectional gateway, while it is possible to record information on any media. It is possible to copy information by connecting from a special workstation "taking information" into your session using a special smart card. The user connects to strictly his session on the server, i.e. the information received will be available only to the user.

Communication with remote network segments is carried out through a group of encryptors, which allow creating an encrypted data transmission channel through public networks, for example, via the Internet. If the user needs not only to transfer information, but to enter a site, then the request goes through an encrypted channel to the data processing center and the required site is accessed through the network security system.

It is important to note that when working in a remote network segment, access to the Internet is provided at a single point controlled by security systems. So, a user, working remotely in any institution abroad, will be under control of the Internet in the “home” region, and in fact his work on the Internet will not differ from the user's work in the said region.

Thus, the implementation of the software and hardware complex proposed above, taking into account its technical features, forms a set of features sufficient to achieve a technical result, which consists in excluding the possibility of information from a certain (established) category from one computer network to another, which creates guaranteed conditions for safe and effective operation and solves the actual technical problem of hardware (physical) separation of the heterogeneous information used in the work.

FIG. 1 shows a block diagram of the proposed hardware and software complex with a multi-loop architecture for the distribution of digital information.

The proposed invention is illustrated by a specific example of implementation and implementation, which, however, are not the only possible, but clearly demonstrate the achievement of the specified set of essential features of the technical result, as well as the solution to the existing technical problem.

FIG. 1, the following blocks and means of implementing the proposed software and hardware complex are indicated:

1 - computer terminal;

2 - reading module for smart access cards of the computer terminal 1;

3 - local server of the outer loop;

4 - local server of the inner loop;

5 - local server of the backup circuit;

6 - peripheral equipment of the external circuit;

7 - peripheral equipment of the internal circuit;

8 - peripheral equipment of the spare circuit;

9 - block of the workplace for "entering information";

10 - block of the “information removal” workplace;

11 - unidirectional gateway;

12 - external contour encoder;

13 - encoder of the inner contour;

14 - spare circuit encoder;

15 - a single router;

16 - VPN communication channel;

17 - router of a single information processing center;

18 - response encoder of the outer loop;

19 - response encoder of the inner loop;

20 - response encoder of the spare circuit;

21 - central server of the external circuit;

22 - central server of the internal circuit;

23 - central server of the reserve circuit;

24 - the Internet;

25 is a conditional “single center of information processing”.

It should be noted that the purpose of the following description of the present invention is not to limit it to a specific embodiment and implementation, but on the contrary, to cover all possible additions that do not go beyond the scope of the presented claims.

The proposed hardware and software complex with a multi-circuit architecture for information distribution contains a computer terminal 1, which is equipped with three independent hardware-separated circuits, which are activated in turn by means of a reading module 2 that receives information from a specific smart card.

Only one of the three information processing circuits can always be in an active state. To activate another circuit, it is necessary to end the session, remove the smart card with the signs of the current circuit and install another smart card with the signs of the required circuit, while after removing the smart card directly at the workplace of the computer terminal 1, no information remains, namely, a disconnection occurs power supply of the computer terminal with complete erasure of its memory.

A computer terminal 1 with independent hardware-separated circuits interacts with the interconnected local server of the external circuit 3, the local server of the internal circuit 4 and the local server of the backup circuit 5, thereby forming a system of secure limited information movement, which is implemented through connecting servers of unidirectional gateways 11.

In this case, the local server of the outer loop 3 contains the peripheral equipment 6, the local server of the inner loop 4 contains the peripheral equipment 7, and the local server of the spare loop 5 contains the peripheral equipment 8.

The local server of the external circuit 3 is made with the possibility of primary receiving and processing of new information, for which purpose the unit 9 of the workstation “input of information” connected directly to it is provided.

The local server of the backup circuit 5 is configured to process and retrieve the received information, for which there is provided a unit 10 of the workstation “information removal” connected directly to it.

The output of the local server of the outer loop 3 is connected to its encoder 12 of the outer loop, the output of the local server of the inner loop 4 is connected to its encoder 13 of the inner loop, and the output of the local server of the spare loop 5 is connected to its encoder 14 of the spare loop.

The outer loop encoder 12, the inner loop encoder 13 and the spare loop encoder 14 are connected to a single router 15.

A single router 15 transmits data via a VPN communication channel 16 to a single router 17 of a single (conditional) information processing center 25.

A single router 17 is configured to distribute information to the additionally equipped encryptors of each of the servers in the system, namely, to the response encryptor of the outer loop 18, to the response encryptor of the inner loop 19 and to the response encryptor of the backup loop 20.

From the mentioned response encryptors 18, 19 and 20, information is sent to the central servers of the system 21, 22 and 23 of the corresponding circuits (external, internal, spare), then the information request can be sent to the world wide Internet.

The proposed hardware and software complex works as follows.

When a certain smart access card is installed into the reading module 2 of the computer terminal 1 with the identifying feature of the desired circuit “outer circuit”, the attribute of the required circuit is read and the user gains access to this kennel, i.e. the ability to work in it after entering the identifying information. User identification is carried out using a smart access card after entering a username and password. Moreover, the user can open a new session for work, or can resume work in it from the place in which it was closed. Since the proposed complex is based on the terminal principle, any action is stored in the system memory.

Then the user works in the outer loop and he needs to use the information received on the Internet to work in another loop, where, for example, service information of limited distribution is processed, for example, in the inner loop. To do this, it is necessary to place a file with the information of interest in the folder "Transfer of information to the inner contour", which is located on the desktop of the monitor of the computer terminal 1. Since the computer terminal 1 does not process and does not store working information, but serves only as a working place for display and input information, all information is processed on servers connected through unidirectional gateways 11.

Further, information from the server of the outer loop 3 through the unidirectional gateway 11 is transmitted to the server of the inner loop 4 (the server that processes the service information). Then the user removes from the reading module 2 of the computer terminal 1 a smart access card with an outer contour sign, after which he installs a smart access card with an inner contour sign (a contour that processes service information), and after reading the corresponding contour sign and entering identification information, gains access to the required information processing circuit.

After that, on the desktop of the monitor of the computer terminal 1, operating in the current circuit, there is a folder “Information from the outer contour” and, accordingly, it contains the necessary file with information that was transferred from the outer contour.

Further, communication with the external network segments, for example, the connection of the local server of the internal loop 4 (circuit for processing service information) with some remote (external) server subordinate to it, is performed using the encoder 13 of the internal loop, which makes it possible to create an encrypted data transmission channel that passes through a single router 15 arrives via the VPN communication channel 16 to the router 17 located in the “single information processing center” and then through the response encoder 19 of the inner loop goes to the central server 22 of the inner loop.

If there is a need not only to transmit information, but to enter at the same time to any site, then the corresponding information request via an encryption channel enters the router 17 of the single information processing center, enters the response encoder 18 of the outer loop and then to the central server 21 of the outer loop, in which the network security is checked and then the required site is accessed.

In accordance with the presented structure of the claimed invention, including its technical features and functionality, as well as in accordance with the specified specific version of its execution and implementation, the creation of a high-tech hardware and software complex is provided, which has the ability to physically separate the information used in the work, which is pre-ranked by importance to a specific category.

The proposed hardware and software complex with a multi-circuit architecture can be successfully used at large enterprises in which a regulated procedure for office work and work with documents has been established.

Claims (1)

A software and hardware complex with a multi-circuit architecture for the distribution of digital information, containing a computer terminal with independent hardware-separated circuits interacting with interconnected local autonomous servers, forming a system of secure limited information movement, implemented by means of unidirectional gateways, with each of the specified local autonomous servers contains a peripheral equipment subsystem connected to it, and the first local server in the system is configured to receive and process new information, and the last local server in the system is configured to process and retrieve the received information, the outputs of each of the local servers of the system are connected to their encryptors, which are connected to a single router that transmits data via a VPN communication channel to a router of a single information processing center, configured to distribute information to ciphers of circuits, from which it enters the central servers of the corresponding circuits.

Images