WO2000063778A1 - Arrangement and method to improve information security - Google Patents
Arrangement and method to improve information security Download PDFInfo
- Publication number
- WO2000063778A1 WO2000063778A1 PCT/FI2000/000310 FI0000310W WO0063778A1 WO 2000063778 A1 WO2000063778 A1 WO 2000063778A1 FI 0000310 W FI0000310 W FI 0000310W WO 0063778 A1 WO0063778 A1 WO 0063778A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- processor
- processor unit
- unit
- processor units
- message
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/03—Protocol definition or specification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Definitions
- the invention relates to a hardware arrangement for preventing unauthorized access to a computer system through a data network.
- the invention further relates to a method for preventing unauthorized access to a computer system through a data network.
- a computer virus may arrive in a computer system for example in a file attachment to an e-mail message or in a newsgroup message or in the form of a Java applet when the user is browsing the world wide web.
- a virus program may spread in the intranet of a company or corporation from one workstation to another.
- a virus may copy on one of the computers all the text files typed in and all key presses of all the workstations, for example, or it may send a copy of an image file always when saved or information displayed on the screen at fifteen-minute intervals, for instance.
- the actions of a virus may produce an extra file in the directory c: ⁇ winnt ⁇ System32, for example. If the file is not detected and deleted, the virus program controlling it may send its contents say once a day to be read by a spy.
- a factor undermining information security is the fact that telecommuting gains increasing popularity. Someone spying on a company may possibly load on a telecommuter's computer a remote use program or computer virus which may later spread into the company's intranet as the infected computer is connected to it. It is uneconomical to build effective information protection for an individual telecom- muter and, furthermore, it is impossible as there is no guarantee that a telecommuter could keep his computer out of the reach of others.
- Known techniques to improve information security include the development of protected software structures, use of antivirus software, use of a so-called firewall, and having at least part of the computers isolated from the network.
- the drawback of software solutions for preventing unauthorized access to secret information is that such solutions have proven difficult to use and unreliable in operation.
- the drawback of antivirus software is that such applications cannot satisfactorily keep up with virus development.
- Antivirus programs are mainly based on finding certain data sequences. Often they do not recognize the codes of an industrial spy as he changes his code according to the target.
- a firewall means an arrangement with which the internal communications of a company or corporation is isolated from public data networks so that only data packets coming from certain IP addresses reach the internal network.
- firewalls bring considerable additional security for computers in the intranet, but they cannot hold back skillful spies for a very long time. For example, a faked IP address can be used to deceive the firewall.
- a firewall may in practice be badly configured, which makes penetration of the firewall easier.
- Fig. 1 shows such an arrangement. Shown in the Figure there are workstations 101, 102, 103 and 111 connected to one and the same LAN. All workstations connected to the LAN have communication possibility to the Internet through a firewall 120. Workstation 111 belongs to post 110, which further includes another computer 112. This other computer contains information that must be kept absolutely secret, and it is not connected to any data network.
- This arrangement gives good information security for isolated machines like said computer 112, but its disadvantages are relatively high costs, more cramped desks, and decreased convenience of use.
- An object of the invention is to reduce said disadvantages associated with the prior art.
- the structure according to the invention is characterized by what is specified in the independent claims 1 and 13.
- the method according to the invention is characterized by what is specified in the independent claim 14.
- the other claims specify some advantageous embodiments of the invention.
- a workstation comprises at least two separate processor units and a switch unit housed in one chassis. Part of the proces- sor units are connected to public data networks. The other processor units, which are not connected to public data networks, are used as work machines proper.
- the processor units in the workstation have got separate power supplies, separate fixed disk drives and hardware interfaces for electrically isolating data transfer between the processor units.
- the processor units share a display, keyboard and a mouse with their associated interfaces.
- the processor unit, with which the user works, is selected by means of a control switch or a code typed on the keyboard.
- the switch unit directs the control signals coming from the keyboard and mouse to the selected processor unit as well as the display signal of the selected processor unit to the common display.
- an indicator which indicates to the user the processor unit to which said devices are connected at any given time.
- peripherals such as e.g. a printer and scanner, which may be either shared by the processor units or specific to the processor units.
- An advantage of the invention is that the workstation, which can be connected to public data networks when needed, is secure against unauthorized access so one can safely work and save information on it. No viruses from data networks can enter the processor unit, which is isolated from data networks, and nor can the processor unit be monitored in any way through data networks.
- Another advantage of the invention is that the protection mentioned above is achieved without increasing the number of apparatuses at a post and without compromising convenience of use.
- a further advantage of the invention is that if the work processor proper malfunctions, the other processor can be used as a spare processor for working on a temporary basis.
- a still further advantage of the invention is that the arrangement according to the invention increases the costs by an amount which is relatively small or nonexistent since the existence of a protected processor unit allows the use of more inexpensive protection methods towards the network as compared to prior art workstations.
- an advantage of the invention is that the introduction and use of protection according to the invention does not require special expertise, unlike the installation and updating of protection systems in conventional prior-art arrange- ments.
- Fig. 1 shows an example of a prior-art arrangement
- Fig. 2 shows an example of the arrangement according to the invention
- Fig. 3 shows an example of the use of computers according to the invention in a network environment
- Fig. 4 shows an example of cooperation of a computer according to the invention and another communications device
- Fig. 5 shows an example of the method according to the invention. Fig. 1 was already discussed in connection with the description of the prior art.
- Fig. 2 shows an example of a workstation according to the invention.
- the first processor unit PA comprises a motherboard 2, central processor 6, memory modules 5, fixed disk drive 9, and a network card 3.
- a cable 4 to be connected to a data network is attached to the network card.
- a diskette drive 7 and CD-ROM (compact disc read only memory) drive 8 are interfaced to the PA unit.
- the first processor unit PA has got a power supply 21 of its own.
- the second processor unit PB comprises a second motherboard 10, second central processor 12, second memory modules 11, and a second fixed disk drive 15.
- a second diskette drive 13 and second CD-ROM drive 14 are interfaced to it.
- the second processor unit PB has got a power supply 22 of its own.
- the switch unit 16 is connected to a bus on the motherboards of both processor units.
- the switch unit comprises interfaces, i.e. controllers, for the keyboard 18, mouse 19 and display 20.
- the switch unit 16 includes a switch 17 controlled by means of a separate lever or push buttons or keyboard commands. The position of the switch 17 determines whether said interfaces are connected to the bus of processor unit PA or the bus of processor unit PB.
- the switch 17 further controls the indicators 23 and 24 in the arrangement, that indicate which processor unit is connected to the keyboard, mouse and display.
- the indicators are shown to be light emitting diodes or lamps. They may as well be sound signal devices, for instance.
- processor units with separate power supplies adds to the costs but, on the other hand, enhances information security.
- All motherboards are equipped with a sensitive voltmeter for automatic supply voltage control.
- a processor unit As a processor unit is active, the load caused by it on the power supply varies constantly and, hence, the supply voltage varies slightly, too. If the processor units had a shared power supply, a voltmeter monitoring program possibly installed on processor unit PA, connected to a data network, could be able to register events of processor unit PB isolated from the data network.
- processor unit PA is used as a network machine
- processor unit PB is the work machine proper containing all the information that needs to be protected.
- Possible thefts directed to the data structures of unit PA are not a serious threat to the business of the company, and possible de- struction of those data structures does not prevent work on unit PB.
- Information is transferred between the processor units through data diskettes or document scan- ning, for example.
- An infrared link may also be used inside the workstation. In all cases, the transfer is carried out in compliance with rules drawn up to guarantee information security.
- Fig. 3 shows an example of the use of computers according to the invention in a network environment.
- an internal data network INTRANET-X of a company or corporation connected to the INTERNET through a firewall 301.
- the INTRANET-X comprises, among others, local area networks LAN1, LAN2, LAN3 and LAN4.
- Each local area network has e.g. a routing hub, such as HUB1, to which the workstations and servers of the local area network are connected.
- Local area network LAN1 includes workstations 311 and 312, among others. In accordance with the invention these comprise processor units PA and PB. For all corresponding workstations we will call the former part A, and the latter, part B in short.
- Each workstation according to the invention is connected to the INTRANET-X network via part A.
- Local area network LAN2 includes, among other things, workstations 321, 322 and 323 according to the invention.
- Local area network LAN3 includes, among other things, workstations 331 and 332 according to the invention.
- These workstations 331, 332 have, in addition to part A connected to the INTRANET-X, two separate protected processor units, parts B and C.
- the protected parts B in workstations 321, 322 and 323 are interconnected so as to form a small network of their own on the side of the intranet in question.
- To this pro- tected subnetwork there is further connected, through a protected and fixed connection, part B of workstation 331 in the local area network LAN3.
- parts C of at least workstations 331 and 332 are interconnected so as to form a protected network of their own.
- INTRANET-X there may also be, connected to it, individual workstations which may of course be conventional or in accordance with the invention.
- workstation 391 connected to INTRANET-X via a node ND.
- Fig. 3 further depicts a remote workstation 305 of an employee of the company in question, which workstation is in accordance with the invention and includes part A from which a connection to INTRANET-X can be established through the Internet.
- connection CN is realized e.g. through the telephone network.
- Fig. 4 shows an example of an arrangement of cooperation of a computer according to the invention and a mobile station.
- the computer 41 comprises part A connected to a data network 43 and a protected part B.
- Part A includes the parts required by an outward-directed infrared link.
- the mobile station 42 is likewise equipped with an infrared apparatus so that it can be connected to the computer 41 through the infrared link 44.
- Part A in the computer 41 further comprises software related to use of the link 44, which software is used e.g. to transfer the signals coming from the mobile station to the data network 43.
- Mobile stations are becoming more versatile, thanks to technologies like the infrared connections described above.
- Fig. 5 shows in the form of flow diagram a method for transferring information in a system according to the invention.
- a message from the network is received in processor unit PA.
- the message may have been sent by somebody else or picked by the user himself by means of a browser program, for instance.
- step 52 it is checked whether the message is encrypted. If it is, it is checked whether or not the message has been altered. This step 53 is possible when using an encryption program that contains such a checking algorithm. If it is found out that the message has been altered, it is destroyed (step 58). If no changes are detected in the message, it is stored on a transfer medium by the processor unit PA (step 54).
- the transfer medium may be e.g. a diskette or printing paper.
- processor unit PB is taken into use by means of the switch unit.
- the message is taken from the transfer medium to the processor unit PB. If the message was stored on a diskette, the latter is inserted in a diskette drive connected to the protected processor unit PB and the message is transferred from the diskette into memory. If the message was stored on printing paper, the latter is inserted in a scanner connected to the protected processor unit PB, converted into electrical format by the scanner, and transferred into the memory of the processor unit PB.
- the mes- sage is decrypted. So, the principle is that only encrypted messages, which are found not to have been altered, are taken to the protected processor unit to be used there. If an incoming message is unencrypted, it is just stored, according to step 59, on the fixed disk of processor unit PA to be examined in unit PA.
- steps 51 to 57 it is also possible to arrange a transfer within the intranet from a machine to another so that an unauthorized party will not have access to the information. It may be stated as a rule that no information shall be taken unencrypted from the processor unit PB to the processor unit PA which serves as network machine.
- processor units may also be located in a mobile station, for example.
- the invention may be modified in many ways within the scope defined by the independent claims.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA002370603A CA2370603A1 (en) | 1999-04-16 | 2000-04-12 | Arrangement and method to improve information security |
EP00918906A EP1196851A1 (en) | 1999-04-16 | 2000-04-12 | Arrangement and method to improve information security |
AU39685/00A AU3968500A (en) | 1999-04-16 | 2000-04-12 | Arrangement and method to improve information security |
JP2000612827A JP2002542537A (en) | 1999-04-16 | 2000-04-12 | Hardware structure for improving information security, mobile terminal device, and method for improving information security of computer |
HK02107464.0A HK1047325A1 (en) | 1999-04-16 | 2002-10-15 | Arrangement and method to improve information security |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FI990851A FI990851A0 (en) | 1999-04-16 | 1999-04-16 | Device and method for improving computer security in computers |
FI20000456A FI109154B (en) | 1999-04-16 | 2000-02-28 | Device and method for improving data security |
FI20000456 | 2000-02-28 | ||
FI990851 | 2000-02-28 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2000063778A1 true WO2000063778A1 (en) | 2000-10-26 |
Family
ID=26160733
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FI2000/000310 WO2000063778A1 (en) | 1999-04-16 | 2000-04-12 | Arrangement and method to improve information security |
Country Status (7)
Country | Link |
---|---|
EP (1) | EP1196851A1 (en) |
JP (1) | JP2002542537A (en) |
AU (1) | AU3968500A (en) |
CA (1) | CA2370603A1 (en) |
FI (1) | FI109154B (en) |
HK (1) | HK1047325A1 (en) |
WO (1) | WO2000063778A1 (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10153402A1 (en) * | 2001-11-01 | 2003-05-15 | Kai Dorau | Method for secure exchange of electronic data in an online process, whereby access to the hard drive or storage unit is switched off when a processor has an online connection via a data line |
US6578140B1 (en) * | 2000-04-13 | 2003-06-10 | Claude M Policard | Personal computer having a master computer system and an internet computer system and monitoring a condition of said master and internet computer systems |
AT502414B1 (en) * | 2005-09-20 | 2007-03-15 | Diaplan Elektronic Gmbh | SECURITY SYSTEM |
US8090961B2 (en) * | 2007-01-22 | 2012-01-03 | Simon Yoffe | Security switch |
US10930452B2 (en) | 2018-06-29 | 2021-02-23 | Purism | Electronic kill and physical cover switch |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101006433B (en) | 2004-08-25 | 2012-01-11 | 日本电气株式会社 | Information communication device, and program execution environment control method |
US8365021B2 (en) | 2005-06-17 | 2013-01-29 | Nec Corporation | Information processing device comprising a plurality of domains having a plurality of processors, recovery device, program and recovery method |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0398695A2 (en) * | 1989-05-17 | 1990-11-22 | International Business Machines Corporation | A single physical main storage unit shared by two or more processors executing respective operating systems |
EP0794639A2 (en) * | 1996-02-14 | 1997-09-10 | Mitsubishi Denki Kabushiki Kaisha | Data security method and system |
-
2000
- 2000-02-28 FI FI20000456A patent/FI109154B/en not_active IP Right Cessation
- 2000-04-12 EP EP00918906A patent/EP1196851A1/en not_active Withdrawn
- 2000-04-12 CA CA002370603A patent/CA2370603A1/en not_active Abandoned
- 2000-04-12 AU AU39685/00A patent/AU3968500A/en not_active Abandoned
- 2000-04-12 WO PCT/FI2000/000310 patent/WO2000063778A1/en not_active Application Discontinuation
- 2000-04-12 JP JP2000612827A patent/JP2002542537A/en active Pending
-
2002
- 2002-10-15 HK HK02107464.0A patent/HK1047325A1/en unknown
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0398695A2 (en) * | 1989-05-17 | 1990-11-22 | International Business Machines Corporation | A single physical main storage unit shared by two or more processors executing respective operating systems |
EP0794639A2 (en) * | 1996-02-14 | 1997-09-10 | Mitsubishi Denki Kabushiki Kaisha | Data security method and system |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6578140B1 (en) * | 2000-04-13 | 2003-06-10 | Claude M Policard | Personal computer having a master computer system and an internet computer system and monitoring a condition of said master and internet computer systems |
DE10153402A1 (en) * | 2001-11-01 | 2003-05-15 | Kai Dorau | Method for secure exchange of electronic data in an online process, whereby access to the hard drive or storage unit is switched off when a processor has an online connection via a data line |
AT502414B1 (en) * | 2005-09-20 | 2007-03-15 | Diaplan Elektronic Gmbh | SECURITY SYSTEM |
US8090961B2 (en) * | 2007-01-22 | 2012-01-03 | Simon Yoffe | Security switch |
US10930452B2 (en) | 2018-06-29 | 2021-02-23 | Purism | Electronic kill and physical cover switch |
US11574781B2 (en) | 2018-06-29 | 2023-02-07 | Purism | Electronic kill and physical cover switch |
Also Published As
Publication number | Publication date |
---|---|
FI20000456A (en) | 2000-10-16 |
AU3968500A (en) | 2000-11-02 |
FI109154B (en) | 2002-05-31 |
EP1196851A1 (en) | 2002-04-17 |
CA2370603A1 (en) | 2000-10-26 |
HK1047325A1 (en) | 2003-02-14 |
FI20000456A0 (en) | 2000-02-28 |
JP2002542537A (en) | 2002-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6721890B1 (en) | Application specific distributed firewall | |
US7752662B2 (en) | Method and apparatus for high-speed detection and blocking of zero day worm attacks | |
US6351810B2 (en) | Self-contained and secured access to remote servers | |
US8281114B2 (en) | Security system with methodology for defending against security breaches of peripheral devices | |
US5896499A (en) | Embedded security processor | |
US20120005756A1 (en) | Network security architecture | |
US20070061883A1 (en) | System and method for generating fictitious content for a computer | |
EP2031823B1 (en) | Phishing notification service | |
JPH11502976A (en) | Method and means for interconnecting networks of different security levels | |
WO2001004759A1 (en) | System and method for computer security | |
US7930745B2 (en) | Network security system and method | |
JP4683518B2 (en) | Intrusion prevention system | |
WO2000063778A1 (en) | Arrangement and method to improve information security | |
US20050033984A1 (en) | Intrusion Detection | |
Cisco | Configuring the System | |
Cisco | Configuring the System | |
Cisco | Configuring the System | |
Cisco | Configuring the System | |
Cisco | Configuring the System | |
Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
Cisco | CiscoSecure Access Control Server User Guide 2.1 Release Notes | |
Cisco | Configuring the System | |
Cisco | Configuring the System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
ENP | Entry into the national phase |
Ref document number: 2370603 Country of ref document: CA Ref country code: CA Ref document number: 2370603 Kind code of ref document: A Format of ref document f/p: F |
|
ENP | Entry into the national phase |
Ref country code: JP Ref document number: 2000 612827 Kind code of ref document: A Format of ref document f/p: F |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09958934 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2000918906 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWP | Wipo information: published in national office |
Ref document number: 2000918906 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2000918906 Country of ref document: EP |