The system of access to information


G11C8/20 - Address safety or protection circuits, i.e. arrangements for preventing unauthorized or accidental access

 

(57) Abstract:

The invention relates to railway automatics and is used in fleet management. Technical result - increase the effectiveness of the system of protection of the information stored in the computer. Due to the introduction of new units, and new relationships between the functional nodes provides the possibility of introducing a multi-level verification of authorized access to information, registration of user access to the different memory areas, multi-level access to information depending on the code, the password of the users, it is possible to erase information in the memory device after completing the user information so that subsequent user would not be able to use the information in the random access memory device left over from the previous user, with a higher level of access to information. Enables self-test device reading information from the electronic key. 2 C.p. f-crystals, 1 Il.

The invention relates to railway automatics and is used in the management of vehicles, in particular in the region of Cheraw widely used hardware and software and computing resources (computers), which require the organization authorized access to it man. This is directly related to the reliability of the control vehicles.

We know a considerable number of methods and devices for the protection of information in computer systems for various purposes (including those related to the management of vehicles), which are based on restricting access to information at various levels of confidentiality, the use of passwords during logon, lock individual memory blocks, the use of cryptographic protection, suppression of spurious electromagnetic radiation computing devices and communication channels (inventor's certificate SU 557414, 1513458, patents FR 2673477, 2690258, 2702857, application DE 4315732, 4103173, patents US 5136712, 5339427). All these known methods and devices do not provide adequate protection of the computer system from unauthorized access.

The closest in technical essence is a system of access to information described in the application EP 0449256 that contains a microcontroller that includes the first memory block, which is in inverse order are stored encrypted program data, the second block p. the Central processor, managing recording or reading data from the first or second memory blocks, and a block, which is based on the key stored in the second memory block, descrambler cipher program data stored in the first memory block when the processor accesses the memory based on proektirovaniya data. In this known device is not detected unauthorized access attempts of potential offenders to resources of the computing system and no additional action to prevent these attempts, which, inter alia, does not sufficiently effective protection of the computer system from unauthorized access.

The basis of the invention is to create a system of access to information stored in computers, which is due to the introduction of new units, and new relationships between the functional nodes was achieved, the possibility of introducing multi-level verification of authorized access to information, registered users from accessing certain memory areas, multi-level access to information depending on the code, password, user, software erase data in the memory device after completing subje the surrounding device, remaining from the previous subject, having a higher level of access to information, enabling self-test device reading information from the electronic key.

The technical result for which the invention is directed, is to increase the effectiveness of the system of protection of information stored in computer memory.

This technical result is achieved due to the fact that the system of access to information includes the electronic key device reading information from an electronic key associated two-way communication with the storage device and information processing, where the device information retrieval from the electronic key module includes polling and receiving information from an electronic key associated two-way communication with the Central processing unit of the information retrieval from the electronic key, the simulator electronic key, and one input simulator dongle is connected to the output of the Central processor, and the other input-output - module survey and receive information from the electronic key (the link labeled input-output shows two-way communication between blocks). The storage device and information processing vklyuchae information block password and user identification, the control unit permits an access level, block registration of users to access information memory device, the cleaning unit random access memory device while the memory device comprises N memory areas corresponding to N levels of access to the memory, the output block input passwords and user identification associated with the first input of the control unit permits the access level, the first output of which is connected with each of the N memory areas of the storage device, and the second output unit registration of user access to information, the output of each of the N memory areas of the storage device associated with the first input of the operational storage device, the second input-output of which is connected two-way communication with a second input-output system operating unit, a third output of which is connected to the input of the cleaning unit random access memory device, the output of which is connected with the third input of the memory device, the fourth output system operating unit connected with the first input of the password and user identification and the second input of the control unit level permissions access the water information and registration unit for registering user access to information, as for RAM storage device is connected two-way communication with the input device and output information, which is another two-way communication is associated with a block of input data, the output of which is connected to the input of the control unit permits an access level, and the readout device information from the electronic key through the controller port connected two-way communication with a power input of passwords and user identification. Preferably, the polling module and receiving information from the electronic key was made with the possibility of generating the excitation signal and receiving the probing signal, modulated by the electronic key. Under the system operational block storage device and information processing refers to the processor. In the storage device and information processing entered the testing unit associated with the system operating unit, the control unit permits the access level and block registration of user access to information.

Diagram of the system of access to information is shown in the drawing.

The system consists of the electronic key 1, device 2 information retrieval from the electronic key 1, device 3 storing and processing information and device 4 enter the SOR 5, module 6 survey and receive information from the electronic key 1, the simulator 7 electronic key 1 and the controller port 8.

Device 3 storing and processing information includes a storage device 9 with N levels of access, block 10 of the control of access level, block 11 registration of user access to information, block 12 of the input data, the unit 13 to enter passwords and user identification, random access memory 14, block 15 cleaning RAM, system operating unit 16. The system is equipped with a device 17 input and output information representing, for example, a keyboard and a monitor and/or printer. In the storage device and information processing 3 may be a testing unit 18 associated with the system operational block 16, block 10 control permission level access and block 11 registration of user access to information.

The operation of the system is as follows.

To the storage device and information processing 3 (PC) is connected to device 2 information retrieval from the electronic key 1. Checks the readiness of the system to work. After confirmation of readiness simemet electronic key 1 in the working area of the device 2 reads the electronic key 1, not touching her.

Electronic key 1 contains information (password) stored in the memory key. For example, the electronic key may contain in-memory 64-bit code. Electronic key 1 may not contain a power source. In this case, the approximation of the electronic key 1 to the device 2 information reading module 6 irradiates the electronic key 1 excitation signal, while providing power electronic key 1. Electronic key 1 modulates the excitation signal in accordance with the code stored in the memory of the electronic key 1. Module 6 survey and receive information from the electronic key 1 receives a modulated signal, decrypts it and checks for accuracy. When correctly receiving the code of the electronic key 1 device 2 information retrieval queries the device 3 storing and processing information, the willingness to accept the key password of the electronic key 1. Structurally, the electronic key may be in the form of solid metal keychain, on the outer surface of which is coated with a unique number of this keychain.

The operating modes of the device reading the information managed by the Central processor 5. To implement self-test reader and sposobnosti all nodes of the device reading information from an electronic key.

Unit 13 to enter passwords and user identification ensures the reception of the code of the password from the device reading information and determines whether the user ID password to work with the information.

Information to which access is provided, is stored in the storage device 9 in a certain area of memory from 1 to N and there are N levels of access depending on code password. Each password is a well-defined level of access allowed to the information.

To provide a specific access unit 10 of the control of access level table is stored codes, passwords, the necessary data for the user (surname, name, patronymic, position, individual password assigned to this code, a password, and permitted levels of access to information in the storage device 9. Information about individual password for each individual user known only to the user. As this individual password can be used any phrase, word, phrase, digital code, and so on, the Use of individual user passwords, which are not present in any of the documentation, provide updat the block 12 of the input data. It uses a hierarchical access of individuals (users) when turning on the system for its operation. So, for example, until you have entered your data, passwords, some of the representatives of the administration (chief engineer, Deputy Director and so on) and the wizard, access for other users (managers) to information stored in the storage device, will be closed.

Block 11 of the registration of access users have to the data registers data on users who appealed to the different memory areas, the date and time of access, the nature of reference data for users who were trying to gain access to information, access to which for them is prohibited.

Accessing information stored in the storage device 9, by using the device 4 input and output information representing, for example, a keyboard and a monitor and/or printer. If access to information is allowed, the user has the information.

Intermediate storage of information and it provides random access memory 14.

The cleaning unit 15 random access memory device provides the Erasure of information in the operational sapolil not able to use the information in the random access memory device, remaining after the previous user has a higher level of access to information.

System operating unit 16 controls the operation of the entire storage device and information processing 3.

The testing unit is entered in the storage device and information processing associated with the system operating unit, the control unit permits the access level and block registration of user access to information, designed to test at every start of the software information stored in these blocks, thereby increasing the reliability of the system.

Thus, the system of access to information stored in computers, described the proposed original collection of blocks and connections between them and the functional nodes, provides high reliability guaranteed above all a high degree of protection against unauthorized access and unauthorized user activity system during the whole session of their interaction.

1. The system of access to information, including electronic key, the device reading information from an electronic key associated two-way communication with the device is receiving information from the electronic key, associated two-way communication with the Central processing unit of the information retrieval from the electronic key, the simulator electronic key, and one input simulator dongle is connected to the output of the Central processing unit of the information retrieval from the electronic key, and the other input-output - module survey and receive information from the electronic key, the storage device and processing information includes a storage device, operating system block, the block of input data, the input device and output information block password and user identification, the control unit permits an access level, block registration of user access to information, random access memory, the cleaning unit random access memory device while the memory device comprises N memory areas corresponding to N levels of access to the memory, the output block input passwords and user identification associated with the first input of the control unit permits the access level, the first output of which is connected with each of the N memory areas of the storage device, and the second output unit registration of user access to information, the output of each of the N memory areas memory of australiana communication with the second input-output system operating unit, the third output of which is connected to the input of the cleaning unit random access memory device, the output of which is connected with the third input of the memory device, the fourth output system operating unit connected with the first input of the password and user identification and the second input of the control unit permits an access level, in addition, the operating unit is associated with a block of input data, the input device and output information and a registration unit for registering user access to information, and random access memory connected two-way communication with the input device and output information, which is another two-way communication is associated with a block of input data, the output of which is connected to the input of the control unit permits an access level, and the readout device information from the electronic key through the controller port connected two-way communication with a power input of passwords and user identification.

2. The system under item 1, characterized in that the module of the survey and receiving information from the electronic key configured to generate a probing signal and reception of the probing signal, modulated by the electronic key.


 

Same patents:

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional (for example, a dedicated secure server, Proxy server, firewall, and t

The invention relates to computing, and in particular to information and computer systems and networks, and can be used for implementing the principles of distributed resources protection of computer systems and networks

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations and information servers

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional servers

The invention relates to distributed information and control systems (RIUS), mainly to RIUS with "star" topology, operating information of a confidential nature

The invention relates to computing, and in particular to computing and information systems, implemented on computer networks, and can be used to protect information resources in corporate networks

The invention relates to a method of accessing files on the operating system level

The invention relates to distributed information and control systems, mainly for systems operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to railway automatics

The invention relates to railway transport and can be used in automated digital systems Supervisory control of railway transport

The invention relates to railway automation, in particular to the centralized traffic control devices on humps

The invention relates to a centralized traffic control devices for railway transport with cyclical monitoring

The invention relates to automated control systems of railway transport

FIELD: railway transport; signaling and communication.

SUBSTANCE: proposed group of invention relates to railway automatic controls and is designed for shunting of electric trains and complies with specific requirements to monorail transport system. Electric depot of monorail transport system consists of outer and inner parking tracks for electric trains before entrance and exit gates and inside depot and also transborder. Control line contains digital computer complex connected by communication lines with stationary and mobile control objects outside and inside depot and furnished with subscriber devices and transmit-receive antenna distributed along parking tracks and make in form of radio radiating cables, and stationary and mobile control objects state pickups, stationary and mobile devices generating control signals and system to determine position of electric trains. Stationary control objects are assembled into device representing mimic diagram of depot, alarm bell drive, gate and transborder drives, light signals. Mobile control objects are grouped in electric trains, on parking tracks outside and inside depot and on transborder. Stationary devices for generating control signals are grouped in workstations with stationary control panels, and mobile control signal generating devices, in carry-on remote control panels of depot operator on duty and control cabin of electric train. Stationary control objects, state pickups found of said objects, workstations and system to determine position of electric train are connected with computer complex by wire and/or wireless communication lines by means of access units, and mobile control objects are connected with computer complex by wireless communication lines through access units. Method to control shunting operations in electric depot of monorail transport system includes three steps: receiving of electric train at depot from route of monorail transport system, departing of electric train from depot to route of monorail transport system and re-positioning of electric train inside depot. Depot dispatcher, operator on duty and electric train driver are engaged in said operations.

EFFECT: improved shunting in depot of monorail transport system owing to optimization of control.

14 cl, 3 dwg

FIELD: railway transport; signaling and communication; traffic control.

SUBSTANCE: proposed system containers two processor sets operating synchronously according to similar program, built-in hardware circuit to which indicated processor sets are connected and which is designed to compare operation of processor sets and to act onto operation of system if one of sets fails. System is essentially monoblock of multimodule structure including module of central processor consisting of said two processor sets, at least one interface data acquisition module concerning condition of objects of railway station and adjoining block sections, interface modules forming control signals acting onto actuating signaling devices and interface modules to transmit important orders. All modules are intercoupled by system bus consisting of two identical buses, each being connected to corresponding processor set. Invention is aimed at enlarging functional capabilities of system i.e. developing failure-free system to control large number of objects at stations and track block section with possibility of control, improving stability of operation owing to use of transition into protected disconnection state or protected failure in modules designed for implementing important orders.

EFFECT: enlarged operating capability of system.

7 cl, 2 dwg

Up!