4-th International Conference for Confidence and Security in the Information Society Mikhail Senatorov Andrey Shcherbakov Trusted information and telecommunication systems: Strategy of future Hong Kong 2012

 Demarcation of programs, data and data processing virtualization.  Centralization of computation in data processing centers, clients or users data relocation to the remote data storage field.  Latest years in scientific and methodical literature the terms "reliability", "trust" and «trusted systems» meet more often. Current tren ds

 Search by Yandex internet searcher construction «trusted system» (russian spelling) display about 3 million links, «trusted environment» (russian spelling) – 9 million links and «Trusted system(s)» (english spelling) – 102 million links.  In 2011 number of links and web-publications increased in 10 times. Web-publication analytics

The Trust – is a property of system or its element objectively, reasonably and documentary demonstrate that the element of system a priori responds to the given target function of system on all stretch of its life cycle. Concept of Trust

 To justify not only information security, but reliability, accessibility and functionality of IT System and its components also.  To speak about warranties that IT-System execution its assignment at all its functioning levels.  To speak about properties not only components, but processes also. The Trust allows…

U.S. Department of Defense Trusted Computer System Evaluation Criteria, TCSEC, DoD STD, December 26, 1985, also known as the Orange Book «Orange Book»

Transition to the term "trust" means an evolution from narrow understanding reliability and information security of system components to all-methodological questions of feasibility support the IT-System target function, taking into account its architecture and real life cycle. What do we see?

Trusted environment Life circle + target function System architecture Information Security policy warranties Information Security policy implementation Hierarchy pyramid in IT and Information Security

 Trusted component – is the system's component with property of trust.  Trusted environment – is an area there trusted components exist and function, and there they have necessary conditions of their activity continuity and maintenance the required trust level on all its life cycle. Component and Environment

 Trusted communication equipment and trusted data transmission environment;  Trusted computer system which based on trusted operating environment;  Trusted data storage system;  Trusted management system. Trusted environment's components

REQUIREMENTS:  High inventory of computational capability;  Scalability of computational capability;  Universality of operational platform;  Openness of operational platform;  Load balancing existence in a platform;  High reliability and maintainability;  Certification according to requirements of the national regulating organizations Trusted communications

REQUIREMENTS:  High inventory of computational capability and its scalability.  Use of the certified OS (operating system).  Monitoring and interaction controlling between computing system and external environment.  High reliability and maintainability. Trusted operating environments

On September 3, 2012 the decision of Russian State Organization (registration number 149/3/2/ ), that z/OS together with TopCM monitor are compliance to «Requirement for protection of confidential information from unauthorized access in automated information systems located in the territory of the Russian Federation» on AK1-AK2 levels is received. Validity period till August 24, Trusted operating environments

Group of requirements to data storage systems:  Information security support system;  Data storage reliability;  Preventing of threats to confidentiality;  Controllability;  Responsibility fixing;  Accessibility;  Data recovery. Trusted data storage systems

Requirements:  Determinancy and Confidentiality of system elements;  System’s dynamics ;  Existence the controlling parameter in a system;  Existence the supervising parameter in a system;  Existence trusted back coupling channels in a system. Trusted management system

Trusted:  Design;  Development;  Implementation;  Maintenance;  Modification;  Extension of possibilities;  Output from maintenance. Life cycle of the trusted environment

 Confidentiality on all or almost life cycle stages, normative and methodical support for life circle processes;  High operational reliability and accessibility to IT System resources, reservation and stability to catastrophes, remote data storage;  Extensibility and scalability with saving properties of trust;  Stability services providing, insulation users from data, the closed personal environment;  Audit and control to IT System’s resources and calculating process in general;  System's controllability, transition to security management through the user's processes (tasks) controlling. Group of requirements to trusted IT Syst ems

Trust levels Requirements to trusted systems include seven requirement line items to Life circle and four requirement line items to system architecture - to components, services, the channel and the interface. Structure and logic of requirements For the minimum trust level system:  not fix requirements to trusted design and trusted development. In this case the system with the minimum trust level can be implemented according to standard projects including ready components, it will allow to reduce the design price.  not fix requirements to trusted extension of possibilities and trusted output from maintenance.  not fix requirements for trusted services implementation.

Trust levels Requirements to trusted systems include seven requirement line items to Life circle and four requirement line items to system architecture - to components, services, the channel and the interface. Structure and logic of requirements  For the optimum trust level systems not fix requirements to trusted output from maintenance only. Remaining fix requirements for all line items is higher than for minimum trust level systems.  For the top trust level systems additional fix demands for all line items, except the trusted maintenance and the trusted interface.

What provides transition to IT System’s trusted environment? (1)  essential decrease system risks for National IT Systems, first of all for national payment systems;  step by step increase the current reliability and accessibility levels in a system where increase the trust properties;  created huge possibilities for internal technical support and extension of possibilities, reduces the technological risks.

What provides transition to IT System’s trusted environment? (2)  reduce the cumulative cost possession for the IT System's components as a result of reduction of expenses on technical support and upgrade,  IT System's architecture optimization at the expense of infrastructure consolidation around confidential components of the trust environment,  minimization of expenses on development of subsystem for support of reliability and information security as a result of using standard trusted system components and reduction of expenses for certification, assessment and embedding correctness checking,  minimization of expenses on management system and increase IT System’s controllability and mobility.

Trust infrastructure The trust provides not only creation of the components listed in the report, but also creation and upgrade of infrastructure technologies. For example, for trust increase to operational environments and applications is neсessary to developing means of the effective code analysis. Not smaller efforts are required for upgrade and optimization to IT System's architecture, communication systems and client service and also the state services rendering where the main problem is accessibility. Principal upgrade is necessary for management systems and monitoring also.

Other projects on the Trust infrastructure subject New semantics and analysis of an initial code Way to texts transformation, way of search, way of a machine translation and way of the texts automated scoring (25/10/2010), US 13/317,480 (19/10/2011) Telecommunication architecture Telecommunication system with changeable functionality (01/02/2012) Protection of transactions Method of financial transactions protection (17/10/2011) Users profiling Method of context-sensitive information exchange ( ) Trusted control Method of a mean control and its current status assessment ( )

Mikhail Senatorov Deputy Chairman, Bank of Russia Andrey Shcherbakov Adviser to Director of Information Systems Division, Bank of Russia