System protection and control integrity tsr

 

(57) Abstract:

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional servers. The technical result is to ensure the continuous integrity monitoring (correctly functioning) resident program, which, in particular, can use software for data protection, which will increase the protection level of the system. This objective is achieved in that the system includes a software component system integrity monitoring, hardware component of the system of monitoring the integrity of the containing block authentication TSR, control unit and control unit disconnect external devices. 5 Il.

The invention relates to computing, and in particular to information and computer systems and networks, and can be used to protect information resources in workstations, informational, and functional servers.

The technical result is a hardware and software company the information), provided that the computer can function only when properly functioning on it-stay-resident program, which, for example, may be a software complex information protection, in particular the control system file integrity.

The known method of monitoring the integrity of information that is implemented when the system boots. Such a method of monitoring the integrity of the data is implemented, for example, in Windows NT Server 4.0 (see kN. Valda Of Hilla. The secrets of Windows NT Server 4.0. - K.: Dialectics, 1997, S. 14-15). This method is finding the checksum controlled files at system boot and comparing the calculated and the reference checksum. If you do not match the corresponding checksums displays a message about the violation of the integrity of the relevant information.

Closest to the technical nature of the claimed (prototype) system is the protection of information resources of the computing system and a network of Secret Net (see "System access Secret Net. User manual, 1996"). It is a software package installed on a standalone computer or on computers in the computer set is systematic in Fig.1. System (software system) 1 includes a control unit 2, block integrity check on lengths of 3 files, checksum files 4, other parameters of the objects 5, block the production of results 6, the control input of the start control 7, the input data control 8 control output 9, and the input of the control unit 2 is connected to the input of the start control 7, the output from the first input unit integrity by lengths of 3 files, checksum files 4, other parameters of the objects 5, block the production of results 6, the third input unit integrity checksum files 4, other parameters of the objects 5, block the production of results 6 is connected to the second input of the block integrity check on lengths of 3 files, input data control 8, the output of block integrity check length of file 3 is connected with the second input unit integrity checksum files whose output is the second input of the block integrity check on other parameters of the objects 6, the output of which is with the second input unit production results 6, the output of which is to control the output 9.

The system works as follows. When the command is received at the control input 7, the control unit 2 I scan the file system and receive input from 8 information about the current state of the file system. Then the blocks 3, 4, 5 is the comparison of the obtained and respectively stored their reference information, the results of the comparison are passed to block production of the 6, which is formed by reaction (command) on the detected distortion of the integrity of the file is outputted to the output 9.

The disadvantages of the system can be attributed to the fact that it is controlled only file system and is not controlled by the integrity (integrity), the actual control system 1 running as a TSR (service). In other words, the prototype - software protection is not guaranteed control, as this program can be deleted, respectively dysfunction of file protection. You can either remove the protection program, or you can run the operating system from external media without such programs. The task of monitoring the integrity of the resident program, in particular software system monitoring the integrity of the files is not solved, it could not provide a high level of security of the system.

The aim of the invention is to develop a system (software and hardware), provides for the continuous monitoring of the integrity (correctness F. amny complex information protection, that will increase the protection level of the system.

This objective is achieved in that in the system containing the software component of the system integrity control that contains the control unit, and its input is connected with the control input of the start control, added hardware component of the system of monitoring the integrity of the containing block authentication TSR, control unit and control unit disconnect external devices, and the first M outputs of the control unit software components of system integrity control is connected to M outputs authentication TSR software components of a control system integrity, (M+1) th output from the output control integrity the first M inputs of the block authentication TSR hardware components of the control system integrity connected with M inputs authentication TSR hardware components of the control system integrity, (M+1)-th input - with input control integrity, the second M inputs with M inputs set the password of the hardware components of the system integrity control, the output from the second input unit disconnect external devices, with the first input of the control unit and the control and management - with the first input block off external devices with the input "Reset", the third L inputs with L inputs of the task of the control period, the third input unit disconnect external devices connected to the input supply voltage to external devices, the fourth input to the third output control unit and control the second output of which - with the release of "Reset", R outputs block off external devices connected to the R outputs supply power to an external device, M outputs authentication TSR software components of system integrity control connected to respective M inputs authentication TSR hardware components of the system integrity control, output control of the integrity of the software components of system integrity control is connected to the control input of the integrity of the hardware components of the control system integrity.

The circuit system protection and control the integrity of the TSR is shown in Fig.2. It contains a software component system integrity control 1, the hardware component of the system integrity control 2, component system integrity control 1 contains a control unit 3, and its entrance aademy integrity control 1 is connected to M outputs authentication TSR 5 software components of a control system integrity 1, (M+1) th output from the output control integrity 6, the hardware component of the system integrity control unit 2 authentication TSRs 7, control unit and control 8, block off the external device 9, the first M inputs of the block authentication TSRs 7 hardware components of the system integrity control 2 is connected with M inputs authentication TSRs 10 hardware components of the control system integrity 2, (M+1)-th input - with input control integrity 11, the second M inputs with M inputs set the password 12 hardware components of the control system integrity 2, the output from the second input unit disconnect external devices 9, with the first input of the control unit and control 8, the first output of which - (2M+2)-th input block authentication TSRs 7, the second input of the control unit and control 8 - with the first input of the unit disconnecting the external device 9 with the input "Reset" 14, the third L inputs with L inputs set period of control 13, the third input of the unit disconnecting the external device 9 is connected to the input supply voltage to external devices 15, the fourth input to the third output control unit and control 8, the second output of which is out Reset (Reset)" 16, R outputs bacteriocin TSR 5 software components of system integrity control 1 is connected with the corresponding M inputs authentication TSRs 10 hardware components of the control system integrity 2, the output control integrity 6 software components of system integrity control 1 is connected to the control input of integrity 11 hardware components of the control system integrity 2.

The system works as follows. The software component of the system integrity control 1 is embedded in the resident program, the integrity of which needs to be monitored, for example in software for information security. The hardware component of the system integrity control 2 is implemented on-Board, embedded in a slot of the computer. When the computer cover must be securely closed and sealed computer, in order to avoid removing the card from the slot. Supply voltage for all external media (floppy, CDROM and so forth), except Winchester, served on these devices with the corresponding output 17 of the hardware components of the control system integrity 2, where it is served from input 15. In the function block off the external device 9 is enable boot from that media, which is controlled program - component system integrity control 1 (Winchester), other external media in the initial state is disabled. When the system is turned on, and the 1 is a periodic signal (e.g., using the built-in clock) integrity control in which the control device 3 first issues an M bit code (password) to the outputs 5, then the signal integrity at the output 6. The password is required for the function of monitoring the integrity could not catch substituted by an attacker program. The password input 10 is supplied to the unit authentication TSR, where the reference value of the password is served (for example, the jumpers on the Board) with the respective inputs 12. Signal integrity is authentication TSRs and with a positive outcome, a control signal is sent to the control unit and control 8. The functions of this block include the following: - to carry out periodic monitoring of the integrity of the TSR (proceeds from the signal), in case of violation of the integrity of the machine in off mode, as well as control of external devices. Receiving the first signal from block 7 block 8 indicates that the control was successful. The same signal from unit 7 input to the block 9, unlocked the external device (with the respective inputs 17 is energized), the computer in normal mode function is shoditi period integrity, asked from the entrance 4. If during the period specified input 13, a software component, system integrity monitoring 1 sends a signal (pre-authentication), the computer remains in the normal mode, otherwise the control unit and the control 8 is formed by the signal "Reset" output 16 and simultaneously disconnects the external device from the output 17, and then the computer can be enabled only by loading the operating system from the hard disk, provided that simultaneously loaded and controlled TSR program, otherwise, again, will be elaborated reset signal. Input signal "Reset" the system standard is translated to its original state.

Thus, the claimed system provides protection and continuous monitoring of the integrity of the TSR, which is a necessary condition for the functioning of software systems of information protection, such as encryption software, software protection against unauthorized access, and so on, because this system guarantees the impossibility of functioning of the computer without the protected program, provided that the computer will not be removed hardware component system (Board), the counter what is achieved organisms the way.

Unit 3 is a program that implements the transmission of the password and the control signal at set intervals.

The block 7 may be implemented, for example, according to the scheme shown in Fig. 3. Unit 7 includes a register 7.1 and the comparison circuit 7.2, and M information inputs of the register is connected with the first M inputs 7.3 unit 7 (with M inputs 10 systems), (M+1)-d input - s (M+1)-th input unit 7 (11 entry system) (M+2)-th input register (input R) - (2M+2) th input 7.7 unit 7 (with the first output 8.9 unit 8, see Fig.4), M output register 7.1 - with the first M inputs of the comparison circuit 7.2, the second M inputs which - with the second M inputs 7.5 unit 7 (with M inputs 12 system), the output of the comparison circuit 7.2 connected to the output of 7.6 unit 7 (to the first input of 8.6 block 8, see Fig.4, with a second entrance 9.4 block 9, see Fig.5). Work unit as follows. Exhibited at the M inputs 7.3 the value of the password input 7.4 entered in the register 7.1, if its coincidence with the values present at the inputs 7.5 comparison circuit 7.2 produces a signal on output 7.6. The input 7.7 contents of the register is set to zero.

Unit 8 may be implemented, for example, according to the scheme shown in Fig. 4. Unit 8 comprises a generator 8.1 element 8.2, counter 8.3, scheme sravneniyam output 8.9 unit 8 ((2M+2) th input 7.7 block 7, see Fig.3), with the output element OR 8.2, the first input with the first input 8.6 block 8 (7.6 block 7, see Fig. 3), the second input with the second input element OR 8.5, with a second entrance 8.8 block 8 (entrance system 14), L outputs of the counter 8.3 connected with the first L inputs of the comparison circuit 8.4, the second L inputs of which with third L inputs 8.7 unit 8 (L inputs system 13), the output of the comparison circuit 8.4 - with the third output 8.11 block 8 (with the fourth input 9.5 unit 9, see Fig.5), the output element OR 8.5 is connected with the second output 8.10 block 8 (system 16). Work unit as follows. Generator 8.1 gives the meander of pulses counted by the counter 8.3. The input 7.6 clears the contents of the counter control signal from the comparison circuit 7.2). The comparison circuit 8.4 compares the current contents of the counter 8.3 and set with L inputs 8.7 (13) reference value. When the coincidence circuit 8.4 comparison produces a signal constituting a signal "Reset" output 8.10 (16) and the signal to disable external devices coming on the yield of 8.11. The input signal "Reset" input from 8.8 (14) resets the counter to zero 8.3, 8.9 output is fed to the block 7, the output of 8.10 is transmitted next. The input 8.6 serves to return the unit 7 in the initial state in the normal mode function element OR 9.1, trigger 9.2, relay 9.3, and the first input of the trigger 9.2 is connected with the second input 9.4 block 9 (with the first release 7.6 block 7, see Fig. 3), the second input - high level potential (logic "1"), the third input - 6 output element OR 9.1, the first input to the fourth input 9.5 unit 9 (with the third output 8.11 block 8, see Fig.4), the second input to the first input of 9.6 block 9 (system 14), the first input of the relay 9.3 is connected with the third input 9.7 block 9 (entry 15), a second entrance - exit trigger 9.2, R relay outputs 9.3 - R outputs 9.8 block 9 (R outputs system 17). Work unit as follows. In the initial state, the trigger 9.2 is in the zero state and the relay 9.3 is open to all R outputs 9.8 voltage from input 9.7 is not passed. The signal from the second input 9.4 block (successful authentication TSRs), the trigger is set in one state after confirm the integrity of the TSR connect external devices - voltage is applied to the R outputs 9.8. Is reset to zero trigger 9.2 (disabled external device) under two conditions - General command "Reset" input 9.6, any input 9.5 control unit and control 8. reporting unit 9 that the specified and the proposed system can be attributed to the following:

1. The system continuously monitors the integrity (in this case, confirm the operability) resident program running during the entire time of operation of the system.

2. The system ensures the impossibility, first, the operation when removing (destroying) controlled program, and secondly, when you try to boot without controlled program.

3. Due to the implementation of the hardware components of the control system, when it is embedded in the slot of the computer, the system provides the impossibility of overcoming protection without physically removing hardware components (motherboard) of the slot, i.e., without removing the chassis.

4. It is versatile in the sense that its a software component can be embedded in any controlled resident program, almost without restriction, including software to protect your computer from unauthorized access and data encryption.

System protection and control the integrity of a memory-resident program that contains a software component of the system protection and control the integrity of a memory-resident program that contains the control unit, and its input is connected with the control input of the start control, the ex who we are, containing block authentication TSR, control unit and control unit disconnect external devices, and the first M outputs of the control unit software components of the system protection and control the integrity of the TSRs are connected to M outputs authentication TSR software components of the system protection and control the integrity of the TSRs, (M+1) th output from the output control integrity, the first M inputs of the block authentication TSR hardware components of the system protection and control the integrity of the TSRs are connected with M inputs authentication TSR hardware components of the system protection and control the integrity of the TSRs, (M+1)-d input - with input control integrity, the second M inputs with M inputs set the password of the hardware components of the system protection and control the integrity of the TSR, the output from the second input unit disconnect external devices, with the first input control, the first of which - (2M+2)-th input block authentication TSRs, the second input of the control unit and controls the first input unit disconnect external devices, input Reset (Rese supply voltage to external devices, the fourth input to the third output control unit and control the second output of which - with the release of "Reset", R outputs block off external devices connected to the R outputs supply power to external devices, M outputs authentication TSR software components of the system protection and control the integrity of the TSR - with the corresponding M inputs authentication TSR hardware components of the system protection and control the integrity of the TSR, the output control of the integrity of the software components of the system protection and control the integrity of the TSR is connected to the control input of the integrity of the hardware components of the system protection and control the integrity of the TSRs.

 

Same patents:

The invention relates to microelectronic technology and is intended for use in both analog and digital microelectronic devices

The invention relates to computing, and in particular to an electronic banking system or to the shared database institutional server

The invention relates to computing, and in particular to computing and information systems, implemented on computers of all types, and can be used for protection of information resources as workstations and servers

The invention relates to the field of computer technology, automation and information systems, as well as protection from unauthorized access

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to cryptography and can be used when building devices commercial closed communication to ensure information security in commercial computer communication networks, as well as for protection of information in computer from unauthorized access

Storage device // 2055391
The invention relates to computer technology, in particular to the protection of data from unauthorized access storage devices

The invention relates to computer technology and can be used to protect the memory cells when power is

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems designed to identify correspondents in communication networks

The invention relates to the field of cryptography, namely the authentication of objects, and can be used as a separate element when building authentication systems designed to identify correspondents in communication networks

The invention relates to the field of computer engineering and can be used when building secure corporate virtual private networks, using as braced infrastructure public access network, in particular the Internet

The invention relates to computing, and in particular to information and computer systems and networks, and can be used in part integrity monitoring for protection of information resources in workstations, informational, and functional servers

The invention relates to computing

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating confidential information

The invention relates to distributed information and control systems (RIUS), mainly to RIUS, operating in real time, and can be used in various application systems, operating information of a confidential nature

The invention relates to gain access to resources of a computer system or a computer (computing) network, which is protected by a firewall, in response to requests from objects outside the firewall

The invention relates to communication technology and can be used for input and storage of confidential information, including shirokiya

The invention relates to railway automatics and is used in the management of vehicles

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

FIELD: technologies for authentication of information.

SUBSTANCE: method includes performing absolute identification for confirming legality of data carrier according to first rule in preset time. Authentication information is recorded on this data carrier in previously set position. Process of arbitrary authentication is performed for confirming legality of said data carrier in accordance to second rule in arbitrary time. First rule includes announcing confirmation of standard match, if information for authentication is detected as registered in selected preset position. Second rule in given arbitrary authentication process includes announcing standard match, if information for authentication is detected as not registered in arbitrary positions, different from given preset position.

EFFECT: higher reliability.

6 cl, 12 dwg

FIELD: computers.

SUBSTANCE: method includes, on basis of contents of central processor registers, received after processor performs some sort of command, by means of mathematical logical operation, forming certain finite control sum and storing it in memory, and on basis of contents of registers, received before start of execution by said processor of directly next command, certain starting checksum is formed, while if starting checksum mismatches finite checksum, error message is generated, which can be followed by halting of processor operation or blocking of chip board with its removal from circulation.

EFFECT: higher reliability.

2 cl, 2 dwg

Up!