sofia, 2008 valery konyavsky new approaches to ensure cybersecurity vniipvti all-russia...
DESCRIPTION
Are you sure that YOUR PC is only YOUR instrument?TRANSCRIPT
![Page 1: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/1.jpg)
Sofia, 2008
Valery Konyavsky
New Approaches to Ensure Cybersecurity
VNIIPVTIAll-Russia Research-and-Development Institute for Problems of Computing Equipment and Informatization
![Page 2: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/2.jpg)
A personal computer
is only an instrument.
![Page 3: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/3.jpg)
Are you sure that YOUR PC is only YOUR instrument?
![Page 4: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/4.jpg)
Are you sure about it EACH TIME
that you turn it on?
![Page 5: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/5.jpg)
You need the assurance
no PC hardware has been changed; no PC software has been changed; no data, stored on your PC, has been changed or became known to an intruder.
that while you were away
![Page 6: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/6.jpg)
In order to provide security,
it is necessary to understand what exactly is the
OBJECT OF PROTECTION.
and not simply protect,
![Page 7: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/7.jpg)
The objects of information protection
the computer equipment (CE); the data that is stored and processed by the CE; data processing technologies; data transmission channels.
are defined by the things that the intruder’s activities may be aimed at:
![Page 8: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/8.jpg)
The goals of the information protection
protecting your computer from the unauthorized access; delimitating the data access rights; providing the invariability of the data processing technology; transferring data in a protected form.
are defined in accordance with the objects:
![Page 9: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/9.jpg)
The goals of the information protection
Accord-TSHMand the information protection systems, which are based on it.
are solved by using the unauthorized access control product
![Page 10: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/10.jpg)
The first task of information protection is
protecting your PC from an unauthorized access (UA).
![Page 11: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/11.jpg)
An UA protection tool must:
allow working on this PC only for those users who have a right to work on this PC, according to the security policy;
control the state of the computer hardware and software for the absence of any unauthorized modifications.
![Page 12: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/12.jpg)
What should an UA protection tool be like?Checking the integrity of the software environment with the help of some program — can we be sure in its own integrity?
First, we need to check that program.
And before that — check the program that is going to check it…
![Page 13: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/13.jpg)
What should an UA protection tool be like?
Can you pull yourself out of a swamp?
You can.
If you have a support point, which is outside of the swamp.
![Page 14: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/14.jpg)
What should an UA protection tool be like? independent from the PC operating and file system
inaccessible for the introduction of modifications
hardware-based.
![Page 15: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/15.jpg)
At the end of last century, we have developed a concept of hardware protection and an Data Security Tool (DST),
which became and still remains a standard for all of the developers.
![Page 16: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/16.jpg)
Provides a secure boot of the operating system, irrespective of its type, for an authenticated user.
Accord-TSHM:
Trusted Startup Hardware Module
![Page 17: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/17.jpg)
What is secure boot?
the user identification/authentication. integrity checking of the PC hardware and the software utilities, using a step-by-step integrity inspection algorithm; blocking the operating system boot from the external storage mediums;
The operating system boot is performed only after a successful completion of the following procedures:
![Page 18: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/18.jpg)
Accord-TSHM:
has been patented has 28 conformance certificates and has more than 250 000 implementations in the governmental authorities and commercial organizations, as of the end of the year 2008.
![Page 19: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/19.jpg)
SHIPKA
PERSONAL cryptographic data security
tool (PCDST)
![Page 20: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/20.jpg)
Ideal information interoperability:
Mobile User-friendly
and Protected
![Page 21: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/21.jpg)
Real life confronts you with an alternative:
Mobile User-friendly
OR Protected
![Page 22: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/22.jpg)
Real life confronts you with an alternative:
Using confidential information
Mobile User-friendly
OR Protected
![Page 23: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/23.jpg)
Real life confronts you with an alternative:
Storing the passwords for the web-services and the encryption keys/ Electronic Digital Signature (EDS)
Mobile User-friendly
OR Protected
![Page 24: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/24.jpg)
Real life confronts you with an alternative:
Banking account administration
Mobile User-friendly
OR Protected
![Page 25: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/25.jpg)
Of two evils choose the lesser!
![Page 26: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/26.jpg)
Of two evils choose the lesser!
![Page 27: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/27.jpg)
In order to have everything you need, it’s enough to have PCDST
SHIPKA with you.
![Page 28: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/28.jpg)
PCDST SHIPKA
Mobility: doesn’t require software installation from additional carriers; may be used at any PC, which has an USB-plug.
User-friendliness: doesn’t require cryptographic libraries installation on PC; provides safe storage and application of the personal confidential data; doesn’t require any special skills when operating on PC or in the Internet.
Protectability: hardware implementation of the cryptographic algorithms, protected random number generator, protected permanent memory, applying the keys without transferring them to PC.
![Page 29: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/29.jpg)
Main solutions, using SHIPKA
for the encryption and/or signing of the files;
We offer to use PCDST SHIPKA:
![Page 30: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/30.jpg)
Main solutions, using SHIPKA
for the automatic filling of the WEB-forms of various WEB-services and for storing passwords and other data, required for that;
We offer to use PCDST SHIPKA:
![Page 31: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/31.jpg)
Main solutions, using SHIPKA
for the hardware identification and authentication on PCs and notebooks when booting OS Windows, as well as in the terminal solutions;
We offer to use PCDST SHIPKA:
![Page 32: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/32.jpg)
Main solutions, using SHIPKA
as a keys storage and a hardware-based random number monitor for the cryptographic applications;
We offer to use PCDST SHIPKA:
![Page 33: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/33.jpg)
Main solutions, using SHIPKA
as a “smart-card” in the template solutions, for example, the authorization when entering the Windows domain, encryption and/or signing of the messages in the mail programs (Outlook Express and so on), for obtaining the Verification Center certificates;
We offer to use PCDST SHIPKA:
![Page 34: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/34.jpg)
Main solutions, using SHIPKA
for the informational technologies protection with the help of the Authentication Protection Code.
We offer to use PCDST SHIPKA:
![Page 35: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/35.jpg)
PCCARDExpressCardCompact Flash
Today PCDST SHIPKA is not only USB-device
But also
![Page 36: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/36.jpg)
Carry everything you need with you!
![Page 37: Sofia, 2008 Valery Konyavsky New Approaches to Ensure Cybersecurity VNIIPVTI All-Russia Research-and- Development Institute for Problems of Computing Equipment](https://reader034.vdocuments.us/reader034/viewer/2022051710/5a4d1ae17f8b9ab0599776a9/html5/thumbnails/37.jpg)
Sofia, 2008
Valery Konyavsky
New Approaches to Ensure Cybersecurity
VNIIPVTIAll-Russia Research-and-Development Institute for Problems of Computing Equipment and Informatization
Please, ask your questions!