System optimization of the structure of the kernel of open operating systems information security requirements

 

(57) Abstract:

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional (for example, a dedicated secure server, Proxy server, firewall and so on ) servers based on open operating systems (OS) such as Windows 95/98, NT, Unix, Solaris, FBSD and others, by optimizing the structure of the kernel of the OS according to the requirements of information security extension protections, which include the inventive system. Technical result - increase the security level of the mentioned stations. To achieve the system contains a storage unit checksums, block the formation of checksums, block compare checksums, the control unit, the storage unit of recoverable files, unit identification and authentication, access rights, storage unit access rights, M storage units allow list of events list of events, list of mandatory events, blocks comparison of permitted events, Smoking events and mandatory events, L blocks storing the list of reactions is found, the computer systems and networks, and can be used to protect information resources in workstations, informational, and functional (for example, a dedicated secure server, Proxy server, firewall and so on) servers, built on open (public) operating systems (OS) such as Windows 95/98/NT, Unix, Solaris, Linux, FBSD and others, by optimizing the structure of the kernel of the OS according to the requirements of information security extension protections, which include the inventive system.

Currently, the rapid growth of open source technologies noticeable changes trends to ensure the secrecy of platforms and interfaces. This takes place both at the level of the system software (for example, quite clearly illustrated by the development of Windows OS for several years, the transition from virtually unprotected platforms Windows 95/98 system with advanced built-in protection Windows NT 5.0; those same features can be illustrated by the example of the development of DBMS, such as Oracle), and at the level of network protocols and interfaces (see for example, development to VPN technology, and so on).

Naturally, any transition to the closed nature of the technology, undoubtedly providing higher level informedness their implementation, as well as bringing undoubted inconvenience to the user.

Particularly relevant to the practical problem of improving information security in almost any system is to implement a secure platform OS installed on informational and functional servers, since any means added protection and, generally speaking, any functional software (FPO), uses, ultimately, it is the opportunities provided by the OS. Of course, in terms of ensuring the security of the OS the best result can be obtained by building its own OS, but here, obviously, there is the issue of compatibility, processing all "piles" FPO, which should support the OS, etc. So such a radical approach is possible only for a very functionally limited applications (e.g., various management tasks). Partly this path go and developers of system software, which is located above the platform, such as Oracle, which, in the system, is responsible for part of the tasks, thereby improving the information security of the database server. However, today a range of such systems, partially solving Sadie met information at what cost, both in terms of performance, and increases the cost, this is achieved.

In other words, perhaps, this approach is impractical, private decisive task of the protection of databases, be considered as a General technology to improve information security, OS, because in this approach, each application must have its own protection system OS.

Therefore, you should talk about the incremental protection systems that are installed with the OS and limit its function in providing the necessary information security, for example, prohibit to run some processes and services, prohibit (OS-level) connectivity, close the ports, prohibit addressing to specific hosts, and so on, in Other words, these funds added protection designed to convert open OS in a closed in imposing constraints on its structure for a particular application.

Known protection system of information resources of the computing system and a network of Secret Net (see "System access Secret Net. User manual, 1996"). It represents a software package installed on a standalone computer, doubt the STI) programs and data, in particular the structure of the OS when the system is turned on.

Closest to the technical nature of the claimed (prototype) is a system of information protection built into the operating system Windows NT Server 4.0 (see kN. Valda of Hilla "Secrets of Windows NT Server 4.0". -K. "Dialectics", 1997, S. 14-15). There is a finding checksums of files at system startup. If the contents of the file was somehow changed, adapted, and the current checksum of the file, which will not coincide with the reference amount. If not, displays a message about the violation of integrity, then the file can be restored from a backup.

The system shown in Fig. 1. The system includes a storage unit checksum 1, the shaping unit checksum 2, block compare checksums 3, the control unit 4, the storage unit of recoverable files 5, and the first input of the comparison checksum 3 is connected to the output of the storage unit checksum 1, the second input - output processing unit checksum 2, the first input connected to the input of forming checksum 6, the second input is connected to the first output control unit 4, the second output of which is connected to the 8, the first input-output control unit 4 is connected to the input-output unit the compare checksums 3, the second input-output control unit 4 - managing input / output 7.

The system solves the problem of monitoring the integrity of neiskrennosti programs and data. If the number of monitored files set in the configuration files of the OS, the system solves the problem of fixing means OS kernel structures and control its integrity (unchanged) supplementary tool integrity monitoring that is carried out as follows. Periodically to control input-output 7 command integrity control, whereby the control unit 4 issues a command in the set of checksum 2, which, using the information coming from the entrance of formation checksum 6, generates sum and displays them in a block of comparison checksum 3. There also receives the reference checksum to the storage unit checksum 1. The results of the comparison are given in the control unit 4, which is indicated on the availability of mismatch (if it exists) with input - output 7 and, if necessary (may not be implemented for all occasions distortion integrity), issue a command to the storage unit recovered what about the file is output file recovery 8.

The disadvantages of the system include the following:

1. If continuously monitor the integrity of all files in the operating system, the control will take minutes. Therefore, any implementation of this approach will lead to the fact that all of the CPU time will be occupied by protected OS files from distortion - OS will not have time to function for its intended purpose, or a similar control can be started with a long period of time, but then it becomes meaningless.

2. The use of control at the file level will only state the fact of change, but will not allow to counteract this event, i.e. the task of protecting itself in this case is not solved.

3. Impossible flexible configuration system.

In other words, the control mechanism of the integrity of the files is not suitable to solve the problem in principle, because it is not designed to prevent certain events, and for their remarks.

The aim of the invention is to increase the level of protection of workstations, functional and information servers by optimizing the structure of the OS kernel on information security requirements incremental protection to Colortronic amounts the set of checksums, block compare checksums, the control unit, the storage unit of recoverable files, and the first input of the comparison checksum is connected to the output of the storage unit checksum, the second input - output processing unit checksum, the first input connected to the input of forming the checksum, the second input is connected to the first output control unit, the second output of which is connected to the input of the storage unit of recovered files, the output of which is connected to the output file recovery, the first input-output control unit connected to the input-output unit the compare checksums, the second input-output control unit - with control input-output, inputs: unit identification and authentication, access rights, storage unit access rights, M blocks of storage from the list of permitted events, block comparison of permitted events, M blocks generate a list of current events, M blocks store a list of events, the block comparison-Smoking event, M blocks storing the list of mandatory events, the block comparison of binding events, L blocks store a list of reactions to the detected event, and the first whadup, the second input-output connected to the third input-output control unit, the input unit identification and authentication access rights connected to the output of block storage access rights, the first M output control unit connected to respective inputs of M storage units from the list of permitted events, the second M outputs to the corresponding inputs of M units of storage of the list of prohibited events, the third output control unit connected to the first input of the block comparison of permitted events, the fourth output from the first input unit of comparison-Smoking event, the fifth output to the first input of the block comparison of binding events, third M outputs a control unit connected with the first inputs of the M blocks the formation of current events, L outputs a control unit connected to respective inputs of L blocks store a list of responses to detected events, the outputs of which are connected to the L outputs of the reactions, the outputs of the M blocks of storage from the list of permitted events connected with the first M inputs of the block comparison of permitted events, the second M inputs connected to the outputs of the M blocks generate a list of current events, with the second M inputs of the block comparison-Smoking event, with the second M inputs Comparer about the second input of which is connected to the output of the Comparer-Smoking event, the first input - output unit the compare binding events, the first M inputs of the block comparison-Smoking events connected with the corresponding outputs of M storage units are a list of events, the first M inputs Comparer binding events connected to respective outputs of the M blocks storing the list of mandatory events, the second inputs of the M blocks the formation of current events connected with M inputs generate a list of current events.

Diagram of the SYSTEM STRUCTURE OPTIMIZATION ENGINE OPEN OPERATING SYSTEMS ACCORDING to the REQUIREMENTS of INFORMATION SECURITY PROTECTION is shown in Fig. 2, it includes: a storage unit checksum 1, the shaping unit checksum 2, block compare checksums 3, the control unit 4, the storage unit of recoverable files 5, unit identification and authentication access rights 6, block storage access rights 7, M blocks store a list of allowed events 8, block comparison of permitted events 9, M blocks generate a list of current events 10, M block storage block 11, block comparison-Smoking event 12, M blocks storing the list of mandatory events 14, block comparison of binding events 15, L storage units lists Loka store checksums 1, second input - output processing unit checksum 2, the first input connected to the input of forming checksums 17, the second input is connected to the first output control unit 4, the second output of which is connected to the input of the storage unit of recoverable files 5, the output of which is connected to the output file recovery 19, the first input-output control unit 4 is connected to the input-output unit the compare checksums 3, the second input-output control unit 4 - managing input / output 18, the first input-output unit identification and authentication access rights 6 is connected to the input-output authentication access rights 16, the second input-output connected to the third input / output control unit 4, the input unit identification and authentication access rights 6 is connected to the output of block storage access rights 7, the first M outputs of the control unit 4 connected to respective inputs of M storage units allow list event 8, the second M outputs to the corresponding inputs of M units of storage of the list of prohibited events of 11, the third output control unit 4 is connected to the first input of the comparison of the resolved events 9, the fourth output from the first input unit of comparison-Smoking event 12, the fifth you evrimi inputs M blocks the formation of current events 10, L outputs of the control unit 4 is connected to the corresponding inputs L of the block storing the list of reactions to detected events 13, the outputs of which are connected to the L outputs of the reactions 21, the outputs of the M blocks of storage from the list of permitted events 8 is connected with the first M inputs Comparer permitted event 9, the second M inputs connected to the outputs of the M blocks generate a list of current events 10, with the second M inputs of the block comparison-Smoking event 12, with the second M inputs Comparer mandatory event 15, the output of the Comparer permitted events 9 is connected to the third input of the control unit 4, a second input connected to the output of the Comparer-Smoking event 12, the first input - output unit the compare binding events 15, the first M inputs of the block comparison-Smoking event 12 connected to respective outputs of the M blocks storing a list of 11 events, the first M inputs Comparer binding events 15 connected to respective outputs of the M blocks storing the list of mandatory events 14, the second inputs of the M blocks the formation of current events 10 is connected with M inputs generate a list of current events 20.

The system works as follows. Blocks the ructure OS kernel. For example, you can define allowed to run processes, it is forbidden to start the processes, the processes that must be running (the latter relate primarily to processes, information security); devices that are allowed or prohibited (e.g., floppy drive, COM port and so on); the addresses of the hosts that are allowed or prohibited to be addressed; network services that are permitted or prohibited, and so on When a corresponding one of M, each of which has its own list) events it is recorded by the processing unit of current events and is issued for the comparison with the permitted, prohibited, mandatory events - comparison respectively carried by the blocks 9, 12, 15. Information about the mismatch is transmitted to the control unit 4, which gives the command to the corresponding block (from L, where in General L<= M, for each change list may be a reaction unit storing a list of responses to detected events 13, which generates the appropriate command to the OS, for example, to complete the unauthorized process to restore the original (reference) table access rights to files and so on, however, attempt to gain unauthorized d is carried out in block 5, and the checksum in the block 1. After making the reaction to the unauthorized action of the control unit 4 starts the shaping unit checksum 2 forming the checksum of the OS files, then the block comparison checksum 3 (reference and current files). If not, the control unit 4 issues a command to the storage unit of recoverable files 5 for recovery of controlled OS files, in which an error was detected. To enable dynamic configuration of the OS kernel in the operating system (for example, to allow access to the Internet to start the FTP service, one session in the presence of the person responsible for this interaction) can be changed by the control unit 4 list of allowed and prohibited events stored respectively in blocks 8 and 11, the person who passed the identification and authentication unit identification and authentication access rights 6, lists the storage access rights (allowed individuals to dynamically configure the structure of the OS) are located in the block storage access rights 7.

Thus, the claimed system provides the possibility of introducing external constraints on the structure of the nucleus of an open OS on Premeno, have to be dynamic (operating system) protected (when required identification and authentication) to adjust the properties of the kernel allows to obtain fundamentally new properties secure access to OS resources and, as a consequence, any system resources of the computer where the OS, including functional software and DBMS.

The blocks used in the inventive protection system can be implemented as follows.

Blocks 1, 5, 7, 8, 11, 13, 14 represent a region or a separate memory, or RAM, or located on an external media - represent stored data arrays.

Unit 2 is a software or hardware checksum. This block stores the current value of the checksum, before entering the next command to count the current checksum.

Unit 3 is a software or hardware tool pairwise comparison values checksums.

The block 10 is a software or hardware blocks read or analysis of the lists of current events, for example, the read program table of demand is i.i.d. software blocks in the OS, etc.

Blocks 6, 9, 12, 15 is a software or hardware tool line-by-line comparison of the two tables (reference and current events), recording the discrepancies.

Unit 4 is a software or a hardware analyzer events and the development team may be implemented in a multitude of ways, the simplest choice of table rows, where the prescribed command to the address that is associated with the event.

Thus, the implementation of all used blocks is achieved by standard means, based on the classical principles of the foundations of computing.

The advantages of the proposed system can be attributed to the following.

1. Implementation of a fundamentally new approach to improving information security resources workstations, informational, and functional (for example, a dedicated secure server, Proxy server, firewall and so on ) server built on open (public) operating systems (OS) such as Windows 95/98/NT, Unix, Solaris, Linux, FBSD and others, by optimizing the structure of the kernel of the OS according to the requirements of information security extension protections, which include the inventive system. You receive a reimbursement for the optimization of the kernel open OS according to the requirements of the information security of their own system settings added protection.

2. The flexibility of the protection and the emergence of a fundamentally new possibilities when using the proposed approach, by implementing a dynamic list of events that leads to the minimization of (optimal assignment) at each point in time of the system.

3. A fundamentally new ability to effectively control the integrity of the OS files from the asynchronous start this slow control procedures, provided the detection of unauthorized access attempts on circumstantial evidence - flawed list of relevant events, the integrity of which is thousands of times faster than the control of the OS files. This advantage should not be seen as an opportunity to improve the effectiveness of control procedures integrity, and as the possibility of its use in principle, because otherwise, when using such procedures, information system begins to work on his own protection.

The system of protection of information resources containing the storage unit checksums, block the formation of checksums, block compare checksums, the control unit, the storage unit of recoverable files, and the first input unit servirovania checksums, first input connected to the input of forming the checksum, the second input is connected to the first output control unit, the second output of which is connected to the input of the storage unit of recovered files, the output of which is connected to the output file recovery, the first input-output control unit connected to the input-output unit comparing a checksum value of the second input-output control unit - with control input / output, wherein the inputs of the block identification and authentication, access rights, storage unit access rights, M blocks of storage from the list of permitted events, block comparison of permitted events, M blocks generate a list of current events, M blocks store a list of events, the block comparison-Smoking event, M blocks storing the list of mandatory events, the block comparison of binding events, L blocks store a list of reactions to the detected event, and the first input-output unit identification and authentication access rights connected to the input-output authentication of access rights, the second input-output connected to the third input-output control unit, the input unit identification and authentication access rights connected to the output of the block Frantiska permitted events, the second M outputs to the corresponding inputs of M units of storage of the list of prohibited events, the third output control unit connected to the first input of the block comparison of permitted events, the fourth output from the first input unit of comparison-Smoking event, the fifth output to the first input of the block comparison of binding events, the third M outputs a control unit connected with the first inputs of the M blocks the formation of current events, L outputs a control unit connected to respective inputs of L blocks store a list of responses to detected events, the outputs of which are connected to the L outputs of the reactions, the outputs of the M blocks of storage from the list of permitted events connected with the first M inputs of the block comparison of permitted events, the second M inputs connected to the outputs of the M blocks generate a list of current events, with the second M inputs of the block comparison-Smoking event, with the second M-unit comparison of binding events, the output of the Comparer permitted events connected with the third input of the control unit, a second input connected to the output of the Comparer-Smoking event, the first input - output unit the compare binding events, the first M input unit comparing Smoking with the Oka comparison of binding events connected to respective outputs of the M blocks storing the list of mandatory events, the second inputs of the M blocks the formation of current events connected with M inputs generate a list of current events.

 

Same patents:

The invention relates to information processing systems for data management

The invention relates to digital computing and can be used to build tools switching multiprocessor computer networks

The invention relates to computer technology and can be used in computer systems for various applications to transfer information between different parts of the distributed computing systems

The invention relates to computer technology and can be used in computer systems for various applications to transfer information between different parts of the distributed computing systems

The invention relates to computing, and in particular to computing and information systems, implemented on computer networks, and can be used to protect information resources in corporate networks

The invention relates to computing, and in particular to computing and information systems, implemented on computer networks, and can be used to protect information resources in corporate networks

The invention relates to computing, and in particular to computing and information systems, implemented on computer networks, and can be used to protect information resources in corporate networks

The invention relates to computing, and in particular to computing and information systems, implemented on computer networks, and can be used to protect information resources in corporate networks

The invention relates to computer technology and can be used in computer systems for various applications to transfer information between different parts of the distributed computing systems

The invention relates to computing, and in particular to information and computer systems and networks, and can be used for implementing the principles of distributed resources protection of computer systems and networks

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations and information servers

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional servers

The invention relates to distributed information and control systems (RIUS), mainly to RIUS with "star" topology, operating information of a confidential nature

The invention relates to computing, and in particular to computing and information systems, implemented on computer networks, and can be used to protect information resources in corporate networks

The invention relates to a method of accessing files on the operating system level

The invention relates to distributed information and control systems, mainly for systems operating in real time, and can be used in various application systems, operating information of a confidential nature
The invention relates to computing and can be used to protect the software from unauthorized use, distribution, and research

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

Up!