Москва, 2011

OKB SAPR

Если Вам есть что скрывать.

www.okbsapr.ruokbsapr@okbsapr.ru

Why do we insist on hardware?

How to provide the integrity of the software which checks the integrity?

Using some other software?

And how to check THAT software integrity?

Using…

What should the unauthorized access protection tool be like?

independent from operation and file system of the PC

inaccessible for making changes

hardware.

Basis: trusted startup

Superstructure: trusted environment

Superstructure: trusted system

Superstructure: trusted infrastructure

Superstructure: trusted virtual infrastructure

Data Security Systems for Unauthorized Access Protection

Stationary

Based on Accord (Trusted Startup Hardware Module – TSHM) controllers

Mobile

Based on Enough TSHM controllers

Cryptographic Data Security Tools

Stationary

Accord-U КВ2, Accord-U КС3

Mobile

PCDST SHIPKA, HSC Privacy

Infrastructural solutions

Stationary

Accord-V., Accord-DAC, RCCS

Mobile

HSC «Center-Т», TST «MARSH!»

Safe Official Storage Device

SECRET

For usage on separate PC or in LAN

ACCORD

it is the very user, who has a right to work on this PC;

it is the very PC, which the very user must use.

Can be achieved by the trusted startup mode, that confirms the following:

Unauthorized Access Protection

Accord-TSHM. Trusted Startup

Trusted Startup

the user identification/authentication.

 integrity checking of the PC hardware and the software utilities, using a step-by-step integrity inspection algorithm;

 blocking the operating system boot from the external storage mediums;

The operating system boot is performed only after a successful completion of the following procedures:

Reliability in an unreliable world:

introducing modification into the Accord-TSHM firmware is impossible;

the controller’s even log is accessible only to the information security administrator, that is why concealing an attempt of UA from him is impossible;

on the basis of Accord-TSHM, there have been developed the access isolation and information protection control systems.

Accord-TSHM architecture provides

Access Isolation

Access Isolation

Accord-Win32, Accord-Win64 – for Windows;

Accord-Х – for Linux

Hardware-and-Software Complexes based on Accord-TSHM and special software

HSC Accord

Identification/authentification of users (local and remote);

An isolated working software environment for each user on an individual basis;

Mutual authentification of interacting devices;

The users' access to data arrays and programs isolation (discretional access control method);

The access of users and processes to data arrays isolation (capability-based access control method).

Terminal System Protection

The user interacts only with the protected server;

With the server interacts only the user of protected “thin client”.

Interaction mode confirming that

Terminal System Protection

Components of HSC Accord TSE

RDP and

ICA

This fact makes possible using already set channel for interacting instead of setting the new one.

Installed both into terminal servers and into users terminals interact through virtual channels based on protocols:

Trusted infrastructure

Trusted startup of the OS of the terminal client can be provided either by installing in it the Accord-TSHM, or by using HSC “Center-T” or TST “MARСH!”, entirely integrated with DSS UAA Accord.

of the remote access contains the protected terminal client – the trusted startup of its OS

Trusted infrastructure

Trusted Virtual Infrastructure

Accord-V.

Entirely integrates into the virtual infrastructure, so doesn’t need any additional servers;

Realizes the correct start conception at all levels of the system startup;

Doesn’t narrow the features of virtual infrastructure in safety sake, all its benefits stay available.

Data protection system

Remote Access

Remote Access

Terminal access (operation with terminal server in terminal session)

Web-access (operation through the web-interface with the web-resource)

Mixed system (operation in both modes)

Remote access systems can be built in several ways

Remote Access

Thin clients are cheaper then PC It needs less costs for data protection tools with

the same security level You can use a lot of different computer kinds as

the client’s workplaces

is reasonable because it makes the system more budget

Remote Access

Thin clients are cheaper then PC It needs less costs for data protection tools with

the same security level You can use a lot of different computer kinds as

the client’s workplaces

is reasonable if these principals ARE NOT TROUBLED while system building

Remote Access

the remote source itself,clients’ workplaces and their interaction

is safe, if you protect

And components of DSS are to be the parts of the whole system, not the set of uncoordinated tools.

Bottleneck

HSC «Center-Т»(operation with terminal server in terminal session)

TST «MARСH!»(operation through the web-interface with the web-resource and mixed systems)

of the remote access system is the trusted environment at the client’s workplace

HSC «Center-Т» and TST «MARСH!» can be used in the same system in the same time, or in different systems, remote clients of which use the same computers for access to the remote resource.

TST “MARСH!”

Trusted Session definition

Trusted session (TS) – is the computer operation period when following conditions are provided:

the trusted startup of the OS the trusted connectionEDS using conditions

«MARСH!» operation scheme

Center-ТProtected network software

loading system

System purpose

Organization of terminal access from workstations by software images loading to the terminal stations through the network. Ensuring of centralized management and audit of process of loading of images. Control of loaded images integrity. Realization of user entrance to the terminal server protected by HCS Accord TSE.

Users’ operation order1. User starts terminal client

with SHIPKA-K connection;

2. Image of Initial Loading is loaded from SHIPKA-K, PIN-code is requested;

3. After PIN-code input software image is loaded, its integrity is checked;

4. After successfull integrity check management is transferred to loaded software image;

5. Terminal session is starting by means of loaded image.

Remote Access

You are not to reequip your system or change its operation regulations

Security costs are less then for traditional approaches

You don’t loose investments as you can use quit different computers as clients’ workstations

Protected with TST “MARCH!” and/or HSC “Center-T” doesn’t loose its benefits

Personal Cryptographic Data Security Tool

SHIPKA

Функциональность ПСКЗИ ШИПКА

Hardware CDST Hardware identification/authentification of users in Accord

(on PC and also in terminal decisions) Hardware identification/authentification of users in OS

Windows Hardware identification/authentification of users in domain Protected keys storehouse for software CDST, including

VPN Web-forms and Windows-forms autofilling, protected

passcards storage (login/password)

PCDST SHIPKA is the base of HSC «Center-Т» and Privacy

Cryptographic functions

File enciphering and signing (by means of keys or certificates)

E-mail messages enciphering and signing Self signed digital certificates generation, getting CA

certificates, storage and usage of certificates Key generating and management in three

paradigms :- exchanging keys and using them as is- using keys through the certificates- using keys in “web of trust” mode

«Accord-U»

«Accord-U» <–> SHIPKAentirely compatible:

can exchange keys;can provide all cross-operations;users’ software is absolutely the same.

It is reasonable to build systems, which combine the devices of both kinds. That will allow to get flexible and budget solution.

Certificate of compliance to requirements of FSS of Russia

“Accord-U” versions has FSS certificates as CDST and EDS tool for FSS classes KC3 and KB2

«Autograph» certification authority, built on the

base of OKB SAPR devices:

PCDST SHIPKA Accord-U HSC Accord

Official Storage Device

SECRET

Using the external storage devices threats

You can loose it – and someone can find it.

Inside threats can be realized (unauthorized usage of the official data).

Corporation computers can be infected with viruses.

Traditional protection methodswhen using storage devices

PIN-code or fingerprint authentification; Encryption of data on the storage in a

background mode after authentification (unitary password input);

USB-filters (operation with “alien” storage devices barring);

Full usage barring.

Official Storage Device “SECRET”

special USB storage device (mass storage), which can be used just on the legal computers (allowed by administrator):

Personal Secret; Trade Secret; Distinctive Secret.

Москва, 2011

OKB SAPR

Если Вам есть что скрывать.

Any offers?