1 / 52

Москва, 2011

OKB SAPR. www.okbsapr.ru okbsapr@okbsapr.ru. Если Вам есть что скрывать. Москва, 2011. Why do we insist on hardware ?. How to provide the integrity of the software which checks the integrity ? Using some other software ? And how to check THAT software integrity ? Using….

ahanu
Download Presentation

Москва, 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. OKB SAPR www.okbsapr.ru okbsapr@okbsapr.ru Если Вам есть что скрывать. Москва, 2011

  2. Why do we insist on hardware? How to provide the integrity of the software which checks the integrity? Using some other software? And how to check THAT software integrity? Using…

  3. What should the unauthorized access protection tool be like? • independentfrom operation and file system of the PC • inaccessiblefor making changes • hardware.

  4. Basis: trusted startup

  5. Superstructure: trusted environment

  6. Superstructure: trusted system

  7. Superstructure: trusted infrastructure

  8. Superstructure: trusted virtual infrastructure

  9. Data Security Systems for Unauthorized Access Protection Stationary Based on Accord (Trusted Startup Hardware Module – TSHM) controllers Mobile Based on Enough TSHM controllers

  10. CryptographicData Security Tools Stationary Accord-U КВ2, Accord-U КС3 Mobile PCDST SHIPKA, HSCPrivacy

  11. Infrastructural solutions Stationary Accord-V., Accord-DAC, RCCS Mobile HSC «Center-Т», TST «MARSH!»

  12. Safe OfficialStorage Device SECRET For usage on separate PC or in LAN

  13. ACCORD

  14. Unauthorized Access Protection Can be achieved by the trusted startup mode, that confirms the following: it is the very user, who has a right to work on this PC; it is the very PC, which the very user must use.

  15. Accord-TSHM. Trusted Startup

  16. Trusted Startup The operating system boot is performed only after a successful completion of the following procedures: • the user identification/authentication. •  integrity checking of the PC hardware and the software utilities, using a step-by-step integrity inspection algorithm; •  blocking the operating system boot from the external storage mediums;

  17. Reliability in an unreliable world: Accord-TSHM architecture provides • introducing modification into the Accord-TSHM firmware is impossible; • the controller’s even log is accessible only to the information security administrator, that is why concealing an attempt of UA from him is impossible; • on the basis of Accord-TSHM, there have been developed the access isolation and information protection control systems.

  18. Access Isolation

  19. Access Isolation Hardware-and-Software Complexes based on Accord-TSHM and special software Accord-Win32, Accord-Win64 – for Windows; Accord-Х – for Linux

  20. HSC Accord Identification/authentification of users (local and remote); An isolated working software environment for each user on an individual basis; Mutual authentification ofinteracting devices; The users' access to data arrays and programs isolation (discretional access control method); The access of users and processes to data arrays isolation (capability-based access control method).

  21. Terminal System Protection

  22. Terminal System Protection Interaction mode confirming that The user interacts only with the protected server; With the server interacts only the user of protected “thin client”.

  23. Components of HSCAccord TSE Installed both into terminal servers and into users terminals interact through virtual channels based on protocols: RDP and ICA This fact makes possible using already set channel for interacting instead of setting the new one.

  24. Trusted infrastructure

  25. Trusted infrastructure of the remote access contains the protected terminal client – the trusted startup of its OS Trusted startup of the OS of the terminal client can be provided either by installing in it the Accord-TSHM, or by using HSC “Center-T” or TST “MARСH!”, entirely integrated with DSS UAA Accord.

  26. Trusted Virtual Infrastructure

  27. Accord-V. Data protection system • Entirely integrates into the virtual infrastructure, so doesn’t need any additional servers; • Realizes the correct start conception at all levels of the system startup; • Doesn’t narrow the features of virtual infrastructure in safety sake, all itsbenefits stay available.

  28. Remote Access

  29. Remote Access • Terminal access (operation with terminal server in terminal session) • Web-access (operation through the web-interface with theweb-resource) • Mixed system (operation in both modes) Remote access systems can be built in several ways

  30. Remote Access • Thin clients are cheaper then PC • It needs less costs for data protection tools with the same security level • You can use a lot of different computer kinds as the client’s workplaces is reasonable because it makes the system more budget

  31. Remote Access • Thin clients are cheaper then PC • It needs less costs for data protection tools with the same security level • You can use a lot of different computer kinds as the client’s workplaces is reasonable if these principals ARE NOT TROUBLED while system building

  32. Remote Access • the remote source itself, • clients’ workplaces and • their interaction is safe, if you protect And components of DSS are to be the parts of the whole system, not the set of uncoordinated tools.

  33. Bottleneck of the remote access system is the trusted environment at the client’s workplace • HSC «Center-Т»(operation with terminal server in terminal session) • TST «MARСH!»(operation through the web-interface with theweb-resource and mixed systems) HSC «Center-Т» andTST «MARСH!» can be used in the same system in the same time, or in different systems, remote clients of which use the same computers for access to the remote resource.

  34. TST “MARСH!”

  35. Trusted Session definition Trusted session (TS) –is the computer operation period when following conditions are provided: • the trusted startup of the OS • the trusted connection • EDS using conditions

  36. «MARСH!» operation scheme

  37. Center-Т Protected network software loading system

  38. System purpose • Organization of terminal access fromworkstations by software images loading to the terminal stations through the network. • Ensuring of centralized management and audit of process of loading of images. • Control of loaded images integrity. • Realization of user entrance to the terminal server protected by HCS Accord TSE.

  39. Users’ operation order User starts terminal client with SHIPKA-Kconnection; Image of Initial Loading is loaded from SHIPKA-K, PIN-code is requested; After PIN-code input software image is loaded, its integrity is checked; After successfull integrity check management is transferred to loaded software image; Terminal session is starting by means of loaded image.

  40. Remote Access • You are not to reequip your system or change its operation regulations • Security costs are less then for traditional approaches • You don’t loose investments as you can use quit different computers as clients’ workstations Protected with TST “MARCH!” and/or HSC “Center-T” doesn’t loose its benefits

  41. Personal Cryptographic Data Security ToolSHIPKA

  42. Функциональность ПСКЗИ ШИПКА • Hardware CDST • Hardware identification/authentification of users in Accord (on PC and also in terminal decisions) • Hardware identification/authentification of users in OS Windows • Hardware identification/authentification of users in domain • Protected keys storehouse for software CDST, including VPN • Web-forms and Windows-forms autofilling, protected passcards storage (login/password) PCDST SHIPKA is the base of HSC «Center-Т» andPrivacy

  43. Cryptographic functions • File enciphering and signing (by means of keys or certificates) • E-mail messages enciphering and signing • Self signed digital certificates generation, getting CA certificates, storage and usage of certificates • Key generating and management in three paradigms : • exchanging keys and using them as is • using keys through the certificates • using keys in “web of trust” mode

  44. «Accord-U»

  45. «Accord-U» <–>SHIPKA entirely compatible: • can exchange keys; • can provide all cross-operations; • users’ software is absolutely the same. It is reasonable to build systems, which combine the devices of both kinds. That will allow to getflexible and budget solution.

  46. Certificate of compliance to requirements of FSS of Russia “Accord-U” versions has FSS certificates as CDST and EDS tool for FSS classes KC3 and KB2

  47. «Autograph» certification authority, built on the base of OKB SAPR devices: • PCDST SHIPKA • Accord-U • HSC Accord

  48. Official Storage DeviceSECRET

  49. Using the external storage devices threats • You can loose it – and someone can find it. • Inside threats can be realized (unauthorized usage of the official data). • Corporation computers can be infected with viruses.

  50. Traditional protection methods • when using storage devices • PIN-code or fingerprint authentification; • Encryption of data on the storagein a background mode after authentification (unitary password input); • USB-filters (operation with “alien”storage devices barring); • Full usage barring.

More Related