1 / 34

Moscow, 2007

OKB SAPR. OKB SAPR S pecial D esign B ureau for Computer-Aided D esign www.accord.ru 1@accord.ru. Information Security Policy that Accords Protection. Moscow, 2007. A personal computer. is only an instrument. Are you sure that YOUR PC. is only YOUR instrument?.

hazina
Download Presentation

Moscow, 2007

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OKB SAPR OKB SAPR Special Design Bureau for Computer-AidedDesign www.accord.ru 1@accord.ru Information Security Policy that Accords Protection Moscow, 2007

  2. A personal computer is only an instrument.

  3. Are you sure thatYOURPC is only YOUR instrument?

  4. Are you sure about itEACH TIME that you turn it on?

  5. You need the assurance that while you were away no PC hardware has been changed; no PC software has been changed; no data, stored on your PC, has been changed or became known to an intruder.

  6. The first task of information protection is protecting your PC from an unauthorized access (UA).

  7. What should an UA protection tool be like? Checking the integrity of the software environment with the help of some program — can we be sure in its own integrity? First, we need to check that program. And before that — check the programthat is going to check it…

  8. What should an UA protection tool be like? Can you pull yourself out of a swamp? You can. If you have a support point, which isoutside of the swamp.

  9. What should an UA protection tool be like? independent from the PC operating and file system inaccessiblefor the introduction of modifications hardware-based.

  10. At the end of last century, we have developed a concept of hardware protection and an data security system (DSS), which became and still remains a standard for all of the developers.

  11. Accord-TSHM: Trusted Startup HardwareModule Provides a secure boot of the operating system, irrespective of its type, for an authenticated user.

  12. What is secure boot? The operating system boot is performed only aftera successful completion of the following procedures: the user identification/authentication. integrity checking of the PC hardware and the software utilities, using a step-by-step integrity inspection algorithm; blocking the operating system boot from the external storage mediums;

  13. Accord-TSHM: has been patented has18conformance certificates and has about200 000 implementations in the governmental authorities and commercial organizations.

  14. The main versions of Accord-TSHM include the controllers: for PCs with bussed interface PCI Accord-5MX, Accord-5.5 with a powerful cryptographicsubsystem.

  15. Accord-TSHM may also include the controllers: Accord-5.5.e for PCs with bussed interfacePCI-Express; Accord-5.5mini-PCI for notebooks and other computers with bussed interface mini-PCI; Accord-5.5 mini-PCIe for PCs with mini-PCI-Express standard.

  16. Accord-TSHMAccord-6 controller-based In addition to the Accord-5.5 characteristics, also has a hardware communication subsystem: Ethernet; USB-host and USB-slave.

  17. Individual packaging: in accordance with the customer’s requirement, Accord-TSHMand Accord-TSHM-based systems may use various identifiers: TM-identifiers (standard packaging), smart-cards, fingerprint reading devices, PCDST (personal cryptographic data security tool) SHIPKA.

  18. Reliability in an unreliable world: introducing modification into the Accord-TSHM firmware is impossible; the controller’s even log is accessible only to the information security administrator, that is why concealing an attempt of UA from him is impossible; on the basis of Accord-TSHM, there have been developed the access delimitation and information protection control systems (when installing special software).

  19. Information access isolation is provided by the hardware/software complexes, based on Accord-TSHM and special software Accord-1.95 – for the MS DOS, Windows 9x and Windows Millenium operating systems; Accord-NT/2000 – for the Windows NT, Windows 2000, Windows XP, Windows 2003 andVista operating systems;

  20. Data SecurityManagement based on the protected network data exchange is provided by the Accord-DAC (distributed audit and control)subsystem, which combines an information security administrator's workstation (ISA WKS) and workstations equipped with DSS (data security systems) belonging to the ACCORD family .

  21. OKB SAPR Special Design Bureau for Computer-AidedDesign www.accord.ru 1@accord.ru PERSONALcryptographic data security tool (PCDST)SHIPKA-1.5

  22. Mobile • User-friendly • Protected and Ideal information interoperability:

  23. Mobile • User-friendly • Protected OR Reallifeconfronts youwith an alternative:

  24. Of two evils choose the lesser!

  25. Of two evils choose the lesser!

  26. PCDST SHIPKA-1.5 Mobility:doesn’t require software installation from additional carriers; may be used at any PC, which has an USB-plug. User-friendliness:doesn’t require cryptographic libraries installation on PC; provides safe storage and application of the personal confidential data; doesn’t require any special skills when operating on PC or in the Internet. Protectability:hardware implementation of the cryptographic algorithms, protected randomnumber generator, protected permanent memory, applying the keys without transferring them to PC.

  27. The advantages of using SHIPKA-1.5 as a smart-card • Beingan USB-device (Vendor ID USB-association — 17e4), SHIPKA doesn’t require using the card-readers. • The characteristics of the SHIPKA-1.5 device are just as good as the characteristics of the smart-cards. • Using the device as a smart-card doesn’t exhaust the possibilitiesofPCDST SHIPKA-1.5.

  28. OKB SAPR solutions, using SHIPKA-1.5 OKB SAPR offers using PCDST SHIPKA-1.5: • forthe encryption and/or signing of the files;

  29. OKB SAPR solutions, using SHIPKA-1.5 OKB SAPR offers using PCDST SHIPKA-1.5: • for theautomatic filling of the WEB-formsof variousWEB-services and for storing passwords and other data, required for that;

  30. OKB SAPR solutions, using SHIPKA-1.5 OKB SAPR offers using PCDST SHIPKA-1.5: • for thehardware identification and authentication on PCs and notebooks when booting OS Windows, as well as in the terminal solutions;

  31. OKB SAPR solutions, using SHIPKA-1.5 OKB SAPR offers using PCDST SHIPKA-1.5: • as a keys storage and a hardware-based random number monitor for the cryptographic applications;

  32. OKB SAPR solutions, using SHIPKA-1.5 OKB SAPR offers using PCDST SHIPKA-1.5: • as a“smart-card” in the template solutions, for example, the authorization when entering the Windows domain, encryption and/or signing of the messages in the mail programs (Outlook Expressand so on), for obtaining the Verification Center certificates;

  33. Today PCDST SHIPKA is not only USB-device But also • PCCARD • ExpressCard • Compact Flash

  34. OKB SAPR OKB SAPR Special Design Bureau for Computer-AidedDesign www.accord.ru 1@accord.ru Information Security Policy that Accords Protection Moscow, 2007

More Related