THE END of the 20th century was marked by an avalanche-like spread of the Internet: access speeds grew exponentially, more and more new territories were covered, and it was possible to establish a fast connection via the network between almost any two points in the world. But the transfer of information was not secure; attackers could intercept, steal, or change it. At this time, the idea of ​​organizing a reliable channel that would use publicly available communications for communication, but would protect the transmitted data through the use of cryptographic methods, began to gain popularity. The cost of organizing such a channel was many times less than the cost of laying and maintaining a dedicated physical channel. Thus, the organization of a secure communication channel became available to medium and small enterprises and even individuals.

ViPNet system

The ViPNet system provides transparent protection of information flows of any applications and any IP protocols for both individual workstations, file servers, application servers, routers, remote access servers, etc., and segments of IP networks. At the same time, it functions as a personal firewall for each computer and a firewall for IP network segments.

The key structure is of a combined nature, has both a symmetric key distribution scheme, which allows for a rigid centralized management system, and an open key distribution system, and is used as a trusted environment for PKI operation. Application programs of the ViPNet system additionally provide secure real-time services for broadcast messaging, conferencing, and negotiations; for services for guaranteed delivery of postal correspondence with electronic signature procedures and access control to documents; for autoprocessing services for automatic file delivery. In addition, separately designed cryptographic functions of the kernel (signing and encryption) and implemented support for the MS Crypto API, if necessary, can be built directly into various application systems (for example, electronic document management systems).

The ViPNet system software operates in Windows and Linux operating environments.

ViPNet CUSTOM

Each ViPNet CUSTOM component contains a built-in firewall and a system for monitoring application network activity, which allows you to obtain a reliable distributed system of firewalls and personal firewalls.

To resolve possible conflicts of IP addresses in local networks included in a single secure network, ViPNet CUSTOM offers a developed system of virtual addresses. In many cases, this makes it possible to simplify the configuration of the user's application software, since the overlay virtual network with its virtual addresses will hide the real complex structure of the network. ViPNet CUSTOM supports inter-networking capabilities, which allows you to establish the necessary secure communication channels between an arbitrary number of secure networks built using ViPNet CUSTOM. In addition, the system ensures information protection in modern multi-service communication networks providing IP telephony and audio and video conferencing services. Traffic prioritization and H.323, Skinny protocols are supported.

Protection of communication channels

Protecting information in communication channels is the most important issue in organizing security in an enterprise. Today, many methods are used to successfully protect information transmitted through communication channels within a corporation or to the outside world.

Protection of communication channels and its main methods

Protection of communications and information is carried out using two methods. This is a protection method based on physically restricting access directly to the communication channel, as well as signal conversion (encryption), which will not allow an attacker to read the transmitted information without a special key.

In the first method, protection of the communication channel is organized by restricting access to the equipment through which information is transmitted. Used mainly in large companies and government agencies. This method only works if the information does not reach the outside world.

In all other cases, information in communication channels is protected through data encryption. Encryption of transmitted information, if we talk about classical computer networks, can be performed at various levels of the OSI network model. Most often, data conversion occurs at the network or application levels.

In the first case, data encryption is carried out directly on the equipment, which is the sender of the information, and decryption is carried out on the receiver. This option will most effectively protect the transmitted data, but its implementation requires third-party software that would work at the application level.

In the second case, encryption is carried out directly at the nodes of the communication channel in a local or global network. This method of protecting communications is less effective than the first, and for the proper level of information protection it requires the implementation of reliable encryption algorithms.

Protection of information in communication channels is also organized when constructing VPN virtual channels. This technology allows you to organize a secure connection with the specified encryption over a special virtual channel. This technology ensures the integrity and confidentiality of information transmitted over the communication channel.

Communication channel protection devices

Such devices include:

• all kinds of mufflers,
• communication suppressors,
• antibugs,
• detectors,

thanks to which you can take control of the state of the air inside or outside the enterprise. This is one of the effective methods of protecting communications at an early stage to neutralize unauthorized access to the source of information.

Kerberos protocol

Authentication protocols:

3. Public Key Authentication

Description of DSA

p = prime number of length L bits, where L is a multiple of 64, ranging from 512 to 1024.

q= 160-bit prime - multiplier p-1

g = , where h is any number less than p-1 for which more than 1

x = number less than q

A one-way hash function is used: H(m).

The first three parameters, p, q, g, are open and can be shared among network users. The private key is x and the public key is y. To sign a message, m:

1. A generates a random number k, less than q

2. A generates

His signature is the parameters r and s, he sends them to B

3. B verifies the signature by calculating

If v=r, then the signature is correct.

Summary

The IPSec standards system incorporates progressive techniques and achievements in the field of network security. The IPSec system firmly occupies a leading position in the set of standards for creating VPNs. This is facilitated by its open construction, capable of incorporating all new advances in the field of cryptography. IPsec allows you to protect your network from most network attacks by “dropping” foreign packets before they reach the IP layer on the receiving computer. Only packets from registered communication partners can enter the protected computer or network.

IPsec provides:

• authentication - proof of sending packets by your interaction partner, that is, the owner of the shared secret;
• integrity - the impossibility of changing the data in the package;
• confidentiality - impossibility of disclosing transmitted data;
• strong key management - the IKE protocol calculates a shared secret known only to the recipient and sender of the packet;
• tunneling - complete masking of the enterprise local network topology

Working within the framework of IPSec standards ensures complete protection of the information flow of data from sender to recipient, closing traffic to observers at intermediate network nodes. VPN solutions based on the IPSec protocol stack ensure the construction of virtual secure networks, their secure operation and integration with open communication systems.

Application level protection

SSL protocol

The SSL (Secure Socket Layer) protocol, developed by Netscape Communications with the participation of RSA Data Security, is designed to implement secure information exchange in client/server applications. In practice, SSL is only widely implemented in conjunction with the HHTP application layer protocol.

Security features provided by the SSL protocol:

• data encryption to prevent disclosure of sensitive data during transmission;
• signing data to prevent disclosure of sensitive data during transmission;
• client and server authentication.

The SSL protocol uses cryptographic information security methods to ensure the security of information exchange. This protocol performs mutual authentication and ensures the confidentiality and authenticity of the transmitted data. The core of the SSL protocol is a technology for the integrated use of symmetric and asymmetric cryptosystems. Mutual authentication of the parties is carried out by exchanging digital certificates of the client and server public keys, certified by a digital signature of special certification centers. Confidentiality is ensured by encrypting the transmitted data using symmetric session keys, which the parties exchange when establishing a connection. The authenticity and integrity of information is ensured through the formation and verification of a digital signature. The RSA algorithm and the Diffie-Hellman algorithm are used as asymmetric encryption algorithms.

Figure 9 Crypto-protected tunnels formed based on the SSL protocol

According to the SSL protocol, crypto-secure tunnels are created between virtual network endpoints. The client and server operate on computers at the end points of the tunnel (Fig. 9)

The SSL conversation protocol has two main stages in forming and maintaining a secure connection:

• establishing an SSL session;
• secure interaction.

The first stage is worked out before the actual protection of the information exchange and is performed using the initial greeting protocol (Handshake Protocol), which is part of the SSL protocol. When a reconnection is established, it is possible to generate new session keys based on the old shared secret.

In the process of establishing an SSL session, the following tasks are solved:

• authentication of parties;
• coordination of cryptographic algorithms and compression algorithms that will be used in secure information exchange;
• generation of a shared secret master key;
• generation of shared secret session keys for cryptoprotection of information exchange based on the generated master key.

Figure 10 Process of client authentication by server

The SSL protocol provides two types of authentication:

• server authentication by client;
• client authentication by server.

SSL-enabled client/server software can use standard public key cryptography techniques to verify that the server/client certificate and public key are valid and were issued by a trusted certificate authority. An example of the client authentication process by the server is presented in Figure 10.

Protocol application diagram

Before transmitting a message over a data link, the message goes through the following processing steps:

1.The message is fragmented into blocks suitable for processing;

2.Data is compressed (optional);

3. A MAC key is generated;

4.Data is encrypted using a key;

1.Using the key, the data is decrypted;

2. The MAC key is checked;

3.Data decompression occurs (if compression was used);

4.The message is assembled from blocks and the recipient reads the message.

Authentic key distribution

A, Client	C.A. Verification Center	B, Server
Generating a digital signature key pair: . Transfer to CA	- symmetric encryption scheme; - open encryption scheme; - CPU circuit; - any functions (preferably ONF)	Generating a key pair for an open encryption scheme: . Transfer to CA
K- random session key.
		If , That K accepted as an authentic shared secret key

Working stage

A		B
	Symmetric encryption scheme
. . .	etc.	. . .

Attacks on the SSL protocol

Like other protocols, SSL is susceptible to attacks related to an untrusted software environment, the introduction of bookmark programs, etc.:

• Response attack. It consists of the attacker recording a successful communication session between the client and the server. Later, it establishes a connection to the server using the client's recorded messages. But by using a unique connection identifier, "nonce", SSL defeats this attack. The codes of these identifiers are 128 bits long, so an attacker needs to write down 2^64 identifiers in order to have a 50% chance of guessing. The number of records required and the low probability of guessing make this attack pointless.
• Handshake protocol attack. An attacker could try to influence the handshake process so that the parties choose different encryption algorithms. Because many implementations support exported encryption, and some even support 0-encryption or MAC algorithms, these attacks are of great interest. To carry out such an attack, an attacker needs to spoof one or more handshake messages. If this happens, the client and server will calculate different hash values ​​for the handshake message. As a result, the parties will not accept “finished” messages from each other. Without knowing the secret, the attacker will not be able to correct the "finished" message, so the attack may be detected.
• Unraveling ciphers. SSL depends on several cryptographic technologies. RSA public key encryption is used to forward session keys and client/server authentication. Various cryptographic algorithms are used as the session cipher. If these algorithms are successfully attacked, SSL can no longer be considered secure. Attacks against certain communication sessions can be carried out by recording the session and then attempting to guess the session key or RSA key. If successful, the opportunity to read the transmitted information opens.
• The attacker is in the middle. A Man-in-the-Middle attack involves three parties: a client, a server, and an attacker. An attacker, located between them, can intercept the exchange of messages between the client and server. The attack is only effective if the Diffie-Halman algorithm is used for key exchange, since the integrity of the received information and its source cannot be verified. In the case of SSL, such an attack is impossible due to the server's use of certificates certified by a certificate authority.

TLS protocol

Purpose of creation and advantages

The purpose of creating TLS is to increase the security of SSL and more accurately and completely define the protocol:

• More reliable MAC algorithm
• More detailed warnings
• Clearer definitions of gray area specifications

TLS provides the following security enhancements:

• Hashing Keys for Message Authentication - TLS uses hashing in the Message Authentication Code (HMAC) to prevent the record from being modified when transmitted over an unsecured network, such as the Internet. SSL version 3.0 also supports message authentication using keys, but HMAC is considered more secure than the MAC feature used in SSL version 3.0.
• Improved Pseudorandom Function (PRF) The PRF is used to generate key data. In TLS, the PRF is defined using HMAC. PRF uses two hashing algorithms to ensure its security. If one of the algorithms is hacked, the data will be protected by the second algorithm.
• Improved "Ready" message verification - TLS version 1.0 and SSL version 3.0 send a "Ready" message to both end systems, indicating that the delivered message has not been modified. However, in TLS this check is based on PRF and HMAC values, which provides a higher level of security than SSL version 3.0.
• Consistent certificate processing - Unlike SSL version 3.0, TLS attempts to specify a certificate type that can be used by different TLS implementations.
• Specific warning messages - TLS provides more accurate and complete warnings about problems detected by one of the end systems. TLS also contains information about when which warning messages should be sent.

SSH protocol

The SSH (Secure Shell) protocol is a set of public key authentication protocols that allows a client-side user to log in securely to a remote server.

The main idea of ​​the protocol is that the user on the client side must download a public key from a remote server and establish a secure channel with it using a cryptographic mandate. The user's cryptographic credentials are his password: this can be encrypted using the resulting public key and transmitted to the server.

All messages are encrypted using IDEA.

SSH protocol architecture

SSH is performed between two untrusted computers running on an unsecured network (client - server).

The SSH protocol suite consists of three components:

• The SSH Transport Layer Protocol provides server authentication. A public key is used for this. The initial information for this protocol, both on the server side and on the client side, is a pair of public keys - “head computer keys”. The result of the protocol is a mutually authenticated secure channel that guarantees the secrecy and integrity of the data.

• SSH User Authentication Protocol. Performed over a one-way authentication channel established by the SSH transport layer protocol. To perform authentication from client to server, various one-way authentication protocols are supported. These protocols can use either a public key or a password. For example, they can be created based on a simple password authentication protocol. The result of the protocol is a mutually authenticated secure channel between the server and the user. The following methods are used:

publickey- the client is sent an electronic signature, the server verifies the trust in the client’s public key using the copy of the key available on the server, then verifies the authenticity of the client using Sc.

password- the client confirms his authenticity with a password.

hostbased- similar to publickey, but uses a key pair for the client host; Having confirmed the authenticity of the host, the server trusts the username.

• The SSH Connection Protocol runs over a mutually authenticated secure channel established by previous protocols. The protocol ensures the operation of a secure channel while dividing it into several secure logical channels.

Key distribution protocol

The protocol includes 3 stages. The first phase is the "Hello" phase, where the first identifier is the string, I, sent to start the protocol, followed by a list of supported algorithms, X.

In stage 2, the parties agree on a secret key, s. For this, the Diffie-Hellman algorithm is used. The server confirms its identity by sending clients its public key, verified by a digital signature, , and digest signature, h. The identifier sid is set to h.

In stage 3, the secret key, session ID and digest are used to create 6 "application keys" calculated using .

Summary

The advantages of the protocol include:

• the ability to act on an end-to-end basis with implementing TCP/IP stacks and existing application programming interfaces;
• increased efficiency compared to slow channels;
• absence of any problems with fragmentation, determining the maximum volume of blocks transmitted along a given route;
• combination of compression and encryption.

JSC "VOLGA UNIVERSITY NAMED AFTER V.N. TATISHCHEV"

FACULTY OF INFORMATION SCIENCE AND TELECOMMUNICATIONS

Department of Informatics and Control Systems

COURSE WORK

in the discipline: “Methods and means of protecting computer information”

subject: " Protection of communication channels»

IS-506 group student

Utyatnikov A.A.

Teacher:

M.V. Samokhvalova

Tolyatti 2007

Introduction

Protection of information in communication channels and creation of secure telecommunication systems

Remote access to information resources. Protection of information transmitted over communication channels

1 Solutions based on certified crypto gateways

2 Solutions based on the IPSec protocol

Information security technologies in information and telecommunication systems (ITS)

Conclusion

Introduction

Protection (security) of information is an integral part of the general problem of information security, the role and significance of which in all spheres of life and activity of society and the state is steadily increasing at the present stage.

Production and management, defense and communications, transport and energy, banking, finance, science and education, and the media increasingly depend on the intensity of information exchange, completeness, timeliness, reliability and security of information.

In this regard, the problem of information security has become a subject of acute concern for heads of government bodies, enterprises, organizations and institutions, regardless of their organizational, legal forms and forms of ownership.

The rapid development of computer technology has opened up unprecedented opportunities for humanity to automate mental work and led to the creation of a large number of various kinds of automated information, telecommunications and control systems, and to the emergence of fundamentally new, so-called information technologies.

When developing approaches to solving the problem of computer and information security, one should always proceed from the fact that protecting information and a computer system is not an end in itself. The ultimate goal of creating a computer security system is to protect all categories of subjects directly or indirectly involved in information interaction processes from causing them significant material, moral or other damage as a result of accidental or intentional impacts on information and systems for its processing and transmission.

1. Protection of information in communication channels and creation of secure

telecommunication systems

In the context of growing integration processes and the creation of a single information space in many organizations, LANIT proposes to carry out work to create a secure telecommunications infrastructure connecting remote offices of companies into a single whole, as well as ensuring a high level of security of information flows between them.

The technology used for virtual private networks makes it possible to unite geographically distributed networks using both secure dedicated channels and virtual channels passing through global public networks. A consistent and systematic approach to building secure networks involves not only protecting external communication channels, but also effectively protecting internal networks by isolating closed internal VPN loops. Thus, the use of VPN technology allows you to organize secure user access to the Internet, protect server platforms and solve the problem of network segmentation in accordance with the organizational structure.

Protection of information during transmission between virtual subnets is implemented using asymmetric key algorithms and electronic signatures that protect information from forgery. In fact, data to be transmitted intersegmentally is encoded at the output of one network and decoded at the input of another network, while the key management algorithm ensures its secure distribution between end devices. All data manipulations are transparent to applications running on the network.

2. Remote access to information resources. Protection

information transmitted via communication channels

When interconnecting between geographically remote company objects, the task arises of ensuring the security of information exchange between clients and servers of various network services. Similar problems occur in wireless local area networks (WLAN), as well as when remote subscribers access the resources of a corporate information system. The main threat here is considered to be unauthorized connection to communication channels and interception (listening) of information and modification (substitution) of data transmitted through channels (mail messages, files, etc.).

To protect data transmitted over these communication channels, it is necessary to use appropriate cryptographic protection tools. Cryptographic transformations can be carried out both at the application level (or at the levels between application protocols and the TCP/IP protocol) and at the network level (conversion of IP packets).

In the first option, encryption of information intended for transportation via a communication channel through an uncontrolled territory must be carried out at the sending node (workstation - client or server), and decryption - at the recipient node. This option involves making significant changes to the configuration of each interacting party (connecting cryptographic protection means to application programs or the communication part of the operating system), which, as a rule, requires large costs and installation of appropriate protection means on each node of the local network. Solutions for this option include the SSL, S-HTTP, S/MIME, PGP/MIME protocols, which provide encryption and digital signature of email messages and messages transmitted using the http protocol.

The second option involves installing special tools that carry out crypto-transformations at the points of connection of local networks and remote subscribers to communication channels (public networks) passing through uncontrolled territory. When solving this problem, it is necessary to ensure the required level of cryptographic data protection and the minimum possible additional delays during their transmission, since these tools tunnel the transmitted traffic (add a new IP header to the tunneled packet) and use encryption algorithms of different strengths. Due to the fact that the tools that provide crypto-transformations at the network level are fully compatible with any application subsystems running in the corporate information system (they are “transparent” to applications), they are most often used. Therefore, in the future we will dwell on these means of protecting information transmitted over communication channels (including over public networks, for example, the Internet). It is necessary to take into account that if cryptographic information protection means are planned for use in government agencies, then the issue of their choice should be decided in favor of products certified in Russia.

.1 Solutions based on certified crypto gateways

To implement the second option and ensure the confidentiality and reliability of information transmitted between company facilities via communication channels, you can use certified crypto gateways (VPN gateways). For example, Continent-K, VIPNet TUNNEL, ZASTAVA-Office of the companies NIP Informzaschita, Infotex, Elvis+. These devices provide encryption of transmitted data (IP packets) in accordance with GOST 28147-89, and also hide the structure of the local network, protect against outside penetration, route traffic and have certificates from the State Technical Commission of the Russian Federation and the FSB (FAPSI).

Crypto gateways allow remote subscribers to securely access the resources of the corporate information system (Fig. 1). Access is made using special software that is installed on the user’s computer (VPN client) to ensure secure interaction between remote and mobile users with the crypto gateway. The crypto gateway software (access server) identifies and authenticates the user and communicates with the resources of the protected network.

Figure 1. - “Remote access via a secure channel with

using a crypto gateway"

Using crypto gateways, you can form virtual secure channels in public networks (for example, the Internet), guaranteeing confidentiality and reliability of information, and organize virtual private networks (Virtual Private Network - VPN), which are an association of local networks or individual computers connected to a public network. use into a single secure virtual network. To manage such a network, special software (control center) is usually used, which provides centralized management of local security policies for VPN clients and crypto gateways, sends key information and new configuration data to them, and maintains system logs. Crypto gateways can be supplied as software solutions or as hardware-software systems. Unfortunately, most of the certified crypto gateways do not support the IPSec protocol and, therefore, they are not functionally compatible with hardware and software products from other manufacturers.

.2 IPSec based solutions

The IP Security (IPSec) protocol is the basis for building network-level security systems; it is a set of open international standards and is supported by most manufacturers of network infrastructure protection solutions. The IPSec protocol allows you to organize secure and authentic data flows (IP packets) at the network level between various interacting principals, including computers, firewalls, routers, and provides:

· authentication, encryption and integrity of transmitted data (IP packets);

· protection against retransmission of packets (replay attack);

· creation, automatic updating and secure distribution of cryptographic keys;

· use of a wide range of encryption algorithms (DES, 3DES, AES) and data integrity monitoring mechanisms (MD5, SHA-1). There are software implementations of the IPSec protocol that use Russian encryption algorithms (GOST 28147-89), hashing (GOST R 34.11-94), electronic digital signature (GOST R 34.10-94);

· authentication of network interaction objects based on digital certificates.

The current set of IPSec standards includes the core specifications defined in RFCs (RFC 2401-2412, 2451). Request for Comments (RFC) is a series of documents from the Internet Engineering Task Force (IETF), begun in 1969, containing descriptions of the Internet protocol suite. The system architecture is defined in RFC 2401 "Security Architecture for Internet Protocol", and the specifications of the main protocols are in the following RFCs:

· RFC 2402 “IP Authentication Header” - specification of the AH protocol, which ensures the integrity and authentication of the source of transmitted IP packets;

· RFC 2406 “IP Encapsulating Security Payload” - ESP protocol specification that ensures confidentiality (encryption), integrity and source authentication of transmitted IP packets;

· RFC 2408 “Internet Security Association and Key Management Protocol” - specification of the ISAKMP protocol, which ensures parameter negotiation, creation, modification, destruction of secure virtual channels (Security Association - SA) and management of the necessary keys;

· RFC 2409 "The Internet Key Exchange" - a specification of the IKE protocol (includes ISAKMP), which provides parameter negotiation, creation, modification and destruction of SAs, negotiation, generation and distribution of the key material necessary to create the SA.

The AH and ESP protocols can be used both together and separately. The IPSec protocol uses symmetric encryption algorithms and corresponding keys to ensure secure network communication. The IKE protocol provides mechanisms for generating and distributing such keys.

Secure Virtual Channel (SA) is an important concept in IPSec technology. SA is a directed logical connection between two systems supporting the IPSec protocol, which is uniquely identified by the following three parameters:

· secure connection index (Security Parameter Index, SPI - a 32-bit constant used to identify different SAs with the same recipient IP address and security protocol);

· IP address of the recipient of IP packets (IP Destination Address);

· security protocol (Security Protocol - one of the AH or ESP protocols).

As an example, Figure 2 shows a remote access solution over a secure channel from Cisco Systems based on the IPSec protocol. Special Cisco VPN Client software is installed on the remote user's computer. There are versions of this software for various operating systems - MS Windows, Linux, Solaris.

Figure 2. - “Remote access via a secure channel with

using a VPN concentrator"

The VPN Client interacts with the Cisco VPN Series 3000 Concentrator and creates a secure connection, called an IPSec tunnel, between the user's computer and the private network behind the VPN concentrator. A VPN concentrator is a device that terminates IPSec tunnels from remote users and manages the process of establishing secure connections with VPN clients installed on user computers. The disadvantages of this solution include the lack of support by Cisco Systems for Russian encryption, hashing and electronic digital signature algorithms.

3. Information security technologies in information technology

telecommunication systems (ITS)

telecommunications protection information channel communication

Effective support of public administration processes using tools and information resources (IIR) is possible only if the system has the property of “security”, which is ensured by the implementation of a comprehensive information security system, including basic security components - an access control system for ITS facilities, a video surveillance and information security system.

The cornerstone of an integrated security system is an information security system, the conceptual provisions of which arise from the design features of the system and its constituent subsystems and the concept of a “protected” system, which can be formulated as follows:

A secure ITS is an information and telecommunication system that ensures the stable execution of the target function within the framework of a given list of security threats and the model of the intruder’s actions.

The list of security threats and the pattern of actions of the violator are determined by a wide range of factors, including the operational process of the ITS, possible erroneous and unauthorized actions of service personnel and users, equipment failures and malfunctions, passive and active actions of violators.

When building an ITS, it is advisable for public authorities (GBOs) to consider three basic categories of threats to information security that can lead to disruption of the system’s main target function - effective support of public administration processes:

· failures and malfunctions in the system hardware, emergency situations, etc. (events without human participation);

· erroneous actions and unintentional unauthorized actions of service personnel and system subscribers;

Unauthorized actions of the violator may relate to passive actions (interception of information in a communication channel, interception of information in technical leakage channels) and active actions (interception of information from storage media with a clear violation of the rules of access to information resources, distortion of information in a communication channel, distortion, including destruction of information on storage media in clear violation of the rules of access to information resources, introduction of disinformation).

The violator may also take active actions aimed at analyzing and overcoming the information security system. It is advisable to classify this type of action as a separate group, since, having overcome the security system, the intruder can perform actions without clearly violating the rules of access to information resources.

In the above type of actions, it is advisable to highlight possible actions aimed at introducing hardware and software components into ITS equipment, which is primarily determined by the use of foreign equipment, components and software.

Based on the analysis of the ITS architecture and threats, a general architecture of the information security system can be formed, including the following main subsystems:

· information security system management subsystem;

· security subsystem in the information subsystem;

· security subsystem in the telecommunications subsystem;

· security subsystem for internetwork interaction;

· subsystem for identifying and countering the active actions of violators;

· a subsystem for identifying and countering possible hardware and software bookmarks.

It should be noted that the last three subsystems, in the general case, are components of the second and third subsystems, but taking into account the features formulated above, it is advisable to consider them as separate subsystems.

The basis of the information security system in the ITS and each of its subsystems is the Security Policy in the ITS and its subsystems, the key provisions of which are the requirements for the use of the following basic mechanisms and means of ensuring information security:

· identification and authentication of ITS subscribers, ITS equipment, processed information;

· control of information flows and information life cycle based on security labels;

· access control to ITS resources based on a combination of discretionary, mandatory and role-based policies and firewalling;

· cryptographic information protection;

· technical means of protection;

· organizational and regime measures.

The given list of protection mechanisms is determined by the goals of the information security system in the ITS, among which we will highlight the following five main ones:

· access control to ITS information resources;

· ensuring the confidentiality of protected information;

· monitoring the integrity of protected information;

· non-denial of access to information resources;

· readiness of information resources.

The implementation of the specified mechanisms and means of protection is based on the integration of hardware and software protection means into the hardware and software of the ITS and the processed information.

Note that the term “information” in ITS refers to the following types of information:

· user information (information necessary for management and decision-making);

· service information (information that provides control of ITS equipment);

· special information (information that ensures the management and operation of protective equipment);

· technological information (information that ensures the implementation of all information processing technologies in ITS).

In this case, all listed types of information are subject to protection.

It is important to note that without the use of automated information security system management tools, it is impossible to ensure stable operation of the security system in a geographically distributed information processing system that interacts with both protected and non-protected systems in the ITS circuit and processes information of varying levels of confidentiality.

The main objectives of the information security management subsystem are:

· generation, distribution and accounting of special information used in security subsystems (key information, password information, security labels, access rights to information resources, etc.);

· configuration and management of information security tools;

· coordination of security policies in interacting systems, including special information;

· security system monitoring;

· updating the Security Policy in ITS taking into account different periods of operation, introducing new information processing technologies into ITS.

The implementation of the information security management subsystem requires the creation of a single control center that interacts with local security control centers for the telecommunications and information subsystems of the ITS, information security control centers in interacting networks and information security agents at system facilities.

The architecture of the information security management system should be virtually identical to the architecture of the ITS itself, and from the point of view of its implementation, the following principles should be followed:

· the information security control center and local control centers must be implemented on dedicated hardware and software using domestic means;

· security management agents must be integrated into the hardware and software of the system’s workplaces with the possibility of independent control from them by the center and local centers.

The information security subsystem in the ITS information subsystem is one of the most complex subsystems both in terms of protection mechanisms and their implementation.

The complexity of this subsystem is determined by the fact that it is in this subsystem that the bulk of information processing is performed, while the main resources for accessing information of system subscribers are concentrated in it - subscribers directly have authorized access to both information and the functions of its processing. That is why the basis of this subsystem is a system for controlling access to information and its processing functions.

The basic mechanism for implementing authorized access to information and its processing functions is the mechanism for protecting information resources from unauthorized actions, the main components of which are:

· organizational and technical means of controlling access to system objects, information and functions for its processing;

· registration and accounting system for the operation of the system and system subscribers;

· integrity assurance subsystem;

· cryptographic subsystem.

The basis for the implementation of the noted protection is the architectural construction of the information component of the ITS - the creation of logically and informationally separated objects of the information component of the ITS (data banks, information and reference complexes, situation centers). This will make it possible to implement cryptographically independent isolated objects operating using client-server technology and not providing direct access to information storage and processing functions - all processing is carried out at the authorized request of users based on the powers granted to them.

For the authorized provision of information resources to subscribers, the following methods and mechanisms are used:

· information security labels;

· identification and authentication of subscribers and system equipment;

· cryptographic protection of information during storage;

· cryptographic control of information integrity during storage.

When implementing a security subsystem in the telecommunications component of an ITS, it is necessary to take into account the availability of communication channels in both controlled and uncontrolled territories.

A justified way to protect information in communication channels is cryptographic protection of information in communication channels in an uncontrolled territory in combination with organizational and technical means of protecting information in communication channels in a controlled territory, with the prospect of transition to cryptographic information protection in all ITS communication channels, including using VPN technology methods. A resource for protecting information in the telecommunications subsystem (taking into account the presence of violators with legal access to telecommunications resources) is the delimitation of access to telecommunications resources with registration of information flows and subscriber operating regulations.

A typical solution for protecting information in communication channels is the use of subscriber and line protection loops in combination with algorithmic and technical means of protection, providing (both directly and indirectly) the following protection mechanisms:

· protection against information leakage into communication channels and technical channels;

· control of the safety of information during transmission via communication channels;

· protection from possible attacks by an intruder via communication channels;

· identification and authentication of subscribers;

· control access to system resources.

The security subsystem for internetwork exchange in ITS is based on the following security mechanisms:

· access control to internetwork resources (firewalling);

· identification and authentication of subscribers (including cryptographic authentication methods);

· identification and authentication of information;

· cryptographic protection of information in communication channels in uncontrolled territory, and in the future - in all communication channels;

· cryptographic isolation of interacting systems.

Of great importance in the subsystem under consideration is the implementation of virtual private network (VPN) technology, the properties of which largely solve the issues of both protecting information in communication channels and countering attacks by intruders from communication channels.

· one of the functions of ITS is making decisions on the management of both individual departments and enterprises, and the state as a whole, based on analytical processing of information;

· the existence of violators among subscribers interacting with ITS systems cannot be ruled out.

The subsystem for identifying and countering the active actions of an intruder is implemented on two main components: hardware and software for identifying and countering possible attacks by intruders via communication channels and the architecture of a secure network.

The first component - the component for identifying possible attacks, is intended for protection in those ITS subsystems in which the intruder's actions in terms of attacks on information resources and ITS equipment are fundamentally possible, the second component is intended to eliminate such actions or significantly complicate them.

The main means of the second component are hardware and software that ensure the implementation of protection methods in accordance with virtual private network (VPN) technology, both during the interaction of various ITS objects in accordance with their structure, and within individual objects and subnets based on firewalls or firewalls with built-in cryptographic protection.

We emphasize that the most effective counteraction to possible attacks is provided by cryptographic means of a linear protection loop and an internetwork cryptographic gateway for external intruders and means of controlling access to information resources for legal users belonging to the category of intruder.

The subsystem for identifying and countering possible hardware and software defects is implemented by a set of organizational and technical measures during the manufacture and operation of ITS equipment, including the following main activities:

· special inspection of foreign-made equipment and components;

· software standardization;

· checking the properties of the element base that affect the effectiveness of the protection system;

· checking software integrity using cryptographic algorithms.

Along with other tasks, the issue of countering possible hardware and software bookmarks is also provided by other means of protection:

· linear cryptographic protection circuit, providing protection against the activation of possible software bookmarks via communication channels;

· archiving of information;

· redundancy (hardware duplication).

By means of ITS at various system objects, OGV users can be provided with various services for information transfer and information services, including:

· secure document flow subsystem;

· certification centers;

· secure subsystem for transmitting telephone information, data and organizing video conferences;

· a secure subsystem of official information, including the creation and maintenance of official websites of leaders at the federal and regional levels.

Note that the secure document flow subsystem is tightly connected with certification centers that ensure the implementation of the digital signature mechanism.

Let us consider in more detail the integration of information security tools into the electronic document management system, into the telephone information transmission subsystem, the official information subsystem and the official website of managers at various levels.

The basic mechanism for protecting information in an electronic document management system is a digital electronic signature, which ensures identification and authentication of documents and subscribers, as well as control of their integrity.

Since the features of the ITS document flow system are determined by the presence of information exchange between various objects and departments (including possible information exchange between secure and unprotected systems), as well as the use of various document processing technologies in different departments, the implementation of secure document flow, taking into account the stated factors, requires the following activities:

· unification of document formats in various departments;

· coordination of security policies in various departments.

Of course, the noted requirements can be partially solved by using gateways between interacting systems.

Certification centers are essentially a distributed database that ensures the implementation of a digital signature in a document flow system. Unauthorized access to the information resources of this database completely destroys the security properties of electronic document management. This leads to the main features of the information security system at certification centers:

· management of access to database resources of certification centers (protection from unauthorized access to resources);

· ensuring stable operation of certification centers in conditions of possible failures and failures, emergency situations (protection against destruction of database information).

The implementation of these mechanisms can be carried out in two stages: at the first stage, protection mechanisms are implemented using organizational and technical protection measures and security measures, including the use of a domestic certified operating system, and at the second stage, cryptographic protection methods are integrated into hardware and software during storage and information processing at certification centers.

Features of protecting various types of traffic transmitted to the ITS (telephone traffic, data and video conferencing traffic) can be divided into two classes:

· features of the protection of subscriber equipment, which are determined by the need to protect information of various types, including simultaneously (video information and speech, and, possibly, data), as well as the need to protect information of various types from leakage into technical channels.

· features of the protection of equipment of a certain type of information transmission system, which are determined by the need to protect against unauthorized access to telephone services, data transmission, conference calls and its resources.

For these classes, the basic protection mechanisms are:

· technical means of protecting information from leakage into technical channels, implemented by standard means;

· access control to resources that support the organization of various types of communications, which is based on the identification and authentication of possible connections of various users and equipment to communications equipment.

A feature of the secure subsystem of official information is the presence of information flows in two directions - from ITS to external systems, including individual citizens of the country, as well as from external systems to ITS (information exchange with unprotected objects).

Based on information received from external systems, decisions are developed in the interests of both individual organizations, departments and regions, and the state as a whole, and the execution of the decisions made also at all levels of government depends on the information received by external systems.

Therefore, in the first case, the main requirements for the functioning of the system from the point of view of its security are the integrity of the information provided, the efficiency of providing information, including its updating, the reliability of the source of information, and control of the delivery of information to the recipient.

In the second case - the reliability of the information provided, the reliability of the source of information, the efficiency of delivering information, as well as control of delivering information to the recipient. Basically, the listed requirements are provided by standard security mechanisms (cryptographic methods for monitoring the integrity of information, identification and authentication of subscribers and information).

A distinctive feature characteristic of this subsystem is the need to control the reliability of information coming from external systems and which is the source material for making decisions, including in the interests of the state. This problem is solved using analytical methods for monitoring the reliability of information, ensuring the stability of the solutions developed in the face of the receipt of unreliable information, and organizational and technical measures that ensure confirmation of incoming information.

The main goals of the information security system on the website of federal and regional leaders are to prevent information from entering the website that is not intended for this purpose, as well as to ensure the integrity of the information presented on the website.

The basic security mechanism implemented on the site must ensure control of access to the site by the internal system that provides information to the site, as well as control of access by external systems to the site’s resources.

The implementation of protection is based on the creation of a “demilitarized” zone based on firewalls (gateways), providing:

Filtering information in the direction from the internal system to the site with control of access to the site from the internal system (identification and authentication of the source of information) and filtering information using security labels;

Monitoring the integrity of information resources on the site and ensuring stable operation of the site in the face of possible information distortions;

control of access from external systems to site resources;

filtering requests coming to the site from external systems.

One of the most important issues when solving problems of ensuring information security is improving the regulatory framework regarding information security.

The need to improve the regulatory framework is determined by two main factors - the presence of information exchange between various departments, the presence of a large number of types and types of information circulating in the ITS.

In terms of ensuring information security in ITS, the regulatory framework must be improved in the following areas:

· creation of uniform requirements for ensuring information security and, on their basis, a unified security concept, ensuring the possibility of harmonizing security policies in various departments and ITS as a whole, including different periods of operation;

· creation of a unified standard for documentary information, ensuring the implementation of unified security labels and reducing the cost of transmitting documents during interdepartmental interaction;

· creation of provisions for interdepartmental interaction that ensure constant monitoring of information security during interdepartmental interaction.

Conclusion

In this course work the following principles were considered:

· ITS architecture and basic information processing technologies in ITS should be created taking into account the evolutionary transition to domestically developed means;

· automated workstations of ITS information security systems must be created on a domestically produced hardware and software platform (domestic assembled computer, domestic operating system, domestic software);

· ITS architecture and basic information processing technologies in ITS should be created taking into account the possibility of using existing hardware and software security tools at the first stage with their subsequent replacement with promising information security tools.

Fulfillment of these requirements will ensure the continuity and specified efficiency of information protection during the transition period from the use of information processing technologies in ITS in combination with information security technologies to the use of secure information processing technologies in ITS.

Bibliography

1. Konstantin Kuzovkin. Remote access to information resources. Authentication. // Director of information service - 2003 - No. 9.

2. Konstantin Kuzovkin. Secure platform for Web applications. // Open systems - 2001 - No. 4.

Alexey Lukatsky. Unknown VPN. // Computer-Press - 2001 - No. 10.

Internet resources: http://www.niia.ru/document/Buk_1, www.i-teco.ru/article37.html.

The task of implementing a company's corporate network within one building can be solved relatively easily. However, today the infrastructure of companies has geographically distributed departments of the company itself. Implementing a secure corporate network in this case is a more complex task. In such cases, secure VPN servers are often used.

The concept of building virtual secure VPN networks

The concept of creating VPN virtual networks is based on a simple idea - if there are 2 nodes on a global network that need to exchange data, then between them you need to create a virtual secure tunnel to ensure the integrity and confidentiality of data transmitted through open networks.

Basic concept and functions of a VPN network

When there is a connection between a corporate local network and the Internet, two types arise:

• unauthorized access to local network resources via login
• unauthorized access to information when transmitted over the open Internet

Data protection during transmission over open channels is based on the implementation of virtual secure VPN networks. A virtual secure network VPN is a connection between local networks and individual PCs through an open network into a single virtual corporate network. The VPN network allows using VPN tunnels to create connections between offices, branches and remote users, while safely transporting data (Fig. 1).

Picture 1

A VPN tunnel is a connection passing through an open network where cryptographically protected data packets are transported. Data protection during transmission through the VPN tunnel is implemented based on the following tasks:

• cryptographic encryption of transported data
• virtual network user authentication
• checking the integrity and authenticity of transmitted data

VPN client is a software or hardware complex running on a personal computer. Its network software is modified to implement encryption and authentication of traffic.

VPN server- can also be a software or hardware complex that implements server functions. It protects servers from unauthorized access from other networks, as well as organizes a virtual network between clients, servers and gateways.

VPN Security Gateway- a network device that connects to 2 networks and implements authentication and encryption functions for many hosts behind it.

The essence of tunneling is to encapsulate (pack) data into a new packet. A lower-level protocol packet is placed in the data field of a higher or the same level protocol packet (Fig. 2). The encapsulation process itself does not protect against tampering or unauthorized access; it does protect the confidentiality of the encapsulated data.

Figure - 2

When a packet arrives at the endpoint of the virtual channel, the internal source packet is extracted from it, decrypted and used further along the internal network (Fig. 3).

Figure - 3

Encapsulation also solves the problem of conflict between two addresses between local networks.

Options for creating virtual secure channels

When creating a VPN, there are two popular methods (Fig. 4):

• virtual secure channel between local networks (LAN-LAN channel)
• virtual secure channel between the local network and the host (client-LAN ​​channel)

Figure - 4

The first connection method allows you to replace expensive dedicated channels between individual nodes and create always-on secure channels between them. Here, the security gateway serves as the interface between the local network and the tunnel. Many businesses implement this type of VPN to replace or complement .

The second circuit is needed to connect to mobile or remote users. Tunnel creation is initiated by the client.

From an information security point of view, the best option is a secure tunnel between the endpoints of the connection. However, this option leads to decentralization of management and redundancy of resources, because you need to install a VPN on every computer on the network. If the local network that is part of the virtual network does not require traffic protection, then the end point on the local network side can be a router of the same network.

VPN Security Implementation Methods

When creating a secure virtual network, VPN implies that the transmitted information will have criteria protected information, namely: confidentiality, integrity, availability. Confidentiality is achieved using asymmetric and symmetric encryption methods. The integrity of transported data is achieved using . Authentication is achieved using one-time/reusable passwords, certificates, smart cards, protocols.

To implement the security of transported information in virtual secure networks, it is necessary to solve the following network security problems:

• mutual authentication of users upon connection
• implementation of confidentiality, authenticity and integrity of transported data
• access control
• network perimeter security and
• network security management

VPN solutions for creating secure networks

Classification of VPN networks

Almost all types of traffic can be implemented on the basis of the global Internet. There are different VPN classification schemes. The most common scheme has 3 classification criteria:

• operating layer of the OSI model
• VPN technical solution architecture
• VPN technical implementation method

Secure channel- a channel between two network nodes, along a specific virtual path. Such a channel can be created using system methods based on different layers of the OSI model (Fig. 5).

Figure - 5

You may notice that VPNs are created at fairly low levels. The reason is that the lower down in the stack the secure channel methods are implemented, the easier it is to implement them transparently to applications. At the data link and network layers, applications are no longer dependent on security protocols. If a protocol from the upper levels is implemented to protect information, then the method of protection does not depend on the network technology, which can be considered a plus. However, the application becomes dependent on a specific security protocol.

Link Layer VPN. Methods at this level allow you to encapsulate third-level (and higher) traffic and create point-to-point virtual tunnels. These include VPN products based on the .

Network layer VPN. VPN products of this level implement IP-to-IP encapsulation. For example, they use the protocol.

Session layer VPN. Some VPNs implement a "channel broker" approach, which works above the transport layer and relays traffic from the secure network to the public Internet on a socket-by-socket basis.

VPN classification by technical solution architecture

Divided into:

• intracorporate VPNs - needed to implement secure work between departments within the company
• VPN with remote access - needed to implement secure remote access to corporate information resources
• inter-corporate VPNs - needed between separate parts of a business that are geographically separated

VPN classification by technical implementation method

Divided into:

• Router-based VPN - protection tasks fall on the router device
• Firewall-based VPN - protection tasks fall on the firewall device
• VPN based on software solutions - software is used that wins in flexibility and customization, but loses in throughput
• VPN based on special hardware devices - devices where encryption is implemented by special separate chips provide high performance for a lot of money