Presentation is loading. Please wait.

Presentation is loading. Please wait.

4-th International Conference for Confidence and Security in the Information Society Mikhail Senatorov Andrey Shcherbakov Trusted information and telecommunication.

Published byBrooke Matthews Modified over 9 years ago

Similar presentations

Presentation on theme: "4-th International Conference for Confidence and Security in the Information Society Mikhail Senatorov Andrey Shcherbakov Trusted information and telecommunication."— Presentation transcript:

1 4-th International Conference for Confidence and Security in the Information Society Mikhail Senatorov Andrey Shcherbakov Trusted information and telecommunication systems: Strategy of future Hong Kong 2012

2  Demarcation of programs, data and data processing virtualization.  Centralization of computation in data processing centers, clients or users data relocation to the remote data storage field.  Latest years in scientific and methodical literature the terms "reliability", "trust" and «trusted systems» meet more often. Current tren ds

3  Search by Yandex internet searcher construction «trusted system» (russian spelling) display about 3 million links, «trusted environment» (russian spelling) – 9 million links and «Trusted system(s)» (english spelling) – 102 million links.  In 2011 number of links and web-publications increased in 10 times. Web-publication analytics

4 The Trust – is a property of system or its element objectively, reasonably and documentary demonstrate that the element of system a priori responds to the given target function of system on all stretch of its life cycle. Concept of Trust

5  To justify not only information security, but reliability, accessibility and functionality of IT System and its components also.  To speak about warranties that IT-System execution its assignment at all its functioning levels.  To speak about properties not only components, but processes also. The Trust allows…

6 U.S. Department of Defense Trusted Computer System Evaluation Criteria, TCSEC, DoD 5200.28-STD, December 26, 1985, also known as the Orange Book «Orange Book»

7 Transition to the term "trust" means an evolution from narrow understanding reliability and information security of system components to all-methodological questions of feasibility support the IT-System target function, taking into account its architecture and real life cycle. What do we see?

8 Trusted environment Life circle + target function System architecture Information Security policy warranties Information Security policy implementation Hierarchy pyramid in IT and Information Security

9  Trusted component – is the system's component with property of trust.  Trusted environment – is an area there trusted components exist and function, and there they have necessary conditions of their activity continuity and maintenance the required trust level on all its life cycle. Component and Environment

10  Trusted communication equipment and trusted data transmission environment;  Trusted computer system which based on trusted operating environment;  Trusted data storage system;  Trusted management system. Trusted environment's components

11 REQUIREMENTS:  High inventory of computational capability;  Scalability of computational capability;  Universality of operational platform;  Openness of operational platform;  Load balancing existence in a platform;  High reliability and maintainability;  Certification according to requirements of the national regulating organizations Trusted communications

12 REQUIREMENTS:  High inventory of computational capability and its scalability.  Use of the certified OS (operating system).  Monitoring and interaction controlling between computing system and external environment.  High reliability and maintainability. Trusted operating environments

13 On September 3, 2012 the decision of Russian State Organization (registration number 149/3/2/3- 1346), that z/OS together with TopCM monitor are compliance to «Requirement for protection of confidential information from unauthorized access in automated information systems located in the territory of the Russian Federation» on AK1-AK2 levels is received. Validity period till August 24, 2017. Trusted operating environments

14 Group of requirements to data storage systems:  Information security support system;  Data storage reliability;  Preventing of threats to confidentiality;  Controllability;  Responsibility fixing;  Accessibility;  Data recovery. Trusted data storage systems

15 Requirements:  Determinancy and Confidentiality of system elements;  System’s dynamics ;  Existence the controlling parameter in a system;  Existence the supervising parameter in a system;  Existence trusted back coupling channels in a system. Trusted management system

16 Trusted:  Design;  Development;  Implementation;  Maintenance;  Modification;  Extension of possibilities;  Output from maintenance. Life cycle of the trusted environment

17  Confidentiality on all or almost life cycle stages, normative and methodical support for life circle processes;  High operational reliability and accessibility to IT System resources, reservation and stability to catastrophes, remote data storage;  Extensibility and scalability with saving properties of trust;  Stability services providing, insulation users from data, the closed personal environment;  Audit and control to IT System’s resources and calculating process in general;  System's controllability, transition to security management through the user's processes (tasks) controlling. Group of requirements to trusted IT Syst ems

18 Trust levels Requirements to trusted systems include seven requirement line items to Life circle and four requirement line items to system architecture - to components, services, the channel and the interface. Structure and logic of requirements For the minimum trust level system:  not fix requirements to trusted design and trusted development. In this case the system with the minimum trust level can be implemented according to standard projects including ready components, it will allow to reduce the design price.  not fix requirements to trusted extension of possibilities and trusted output from maintenance.  not fix requirements for trusted services implementation.

19 Trust levels Requirements to trusted systems include seven requirement line items to Life circle and four requirement line items to system architecture - to components, services, the channel and the interface. Structure and logic of requirements  For the optimum trust level systems not fix requirements to trusted output from maintenance only. Remaining fix requirements for all line items is higher than for minimum trust level systems.  For the top trust level systems additional fix demands for all line items, except the trusted maintenance and the trusted interface.

20 What provides transition to IT System’s trusted environment? (1)  essential decrease system risks for National IT Systems, first of all for national payment systems;  step by step increase the current reliability and accessibility levels in a system where increase the trust properties;  created huge possibilities for internal technical support and extension of possibilities, reduces the technological risks.

21 What provides transition to IT System’s trusted environment? (2)  reduce the cumulative cost possession for the IT System's components as a result of reduction of expenses on technical support and upgrade,  IT System's architecture optimization at the expense of infrastructure consolidation around confidential components of the trust environment,  minimization of expenses on development of subsystem for support of reliability and information security as a result of using standard trusted system components and reduction of expenses for certification, assessment and embedding correctness checking,  minimization of expenses on management system and increase IT System’s controllability and mobility.

22 Trust infrastructure The trust provides not only creation of the components listed in the report, but also creation and upgrade of infrastructure technologies. For example, for trust increase to operational environments and applications is neсessary to developing means of the effective code analysis. Not smaller efforts are required for upgrade and optimization to IT System's architecture, communication systems and client service and also the state services rendering where the main problem is accessibility. Principal upgrade is necessary for management systems and monitoring also.

23 Other projects on the Trust infrastructure subject New semantics and analysis of an initial code Way to texts transformation, way of search, way of a machine translation and way of the texts automated scoring 201001550 (25/10/2010), US 13/317,480 (19/10/2011) Telecommunication architecture Telecommunication system with changeable functionality 201200081 (01/02/2012) Protection of transactions Method of financial transactions protection 201101342 (17/10/2011) Users profiling Method of context-sensitive information exchange (201200859) Trusted control Method of a mean control and its current status assessment (201200566)

24 Mikhail Senatorov Deputy Chairman, Bank of Russia Andrey Shcherbakov Adviser to Director of Information Systems Division, Bank of Russia x509@mail.rux509@mail.ru, x509@ras.ru

Download ppt "4-th International Conference for Confidence and Security in the Information Society Mikhail Senatorov Andrey Shcherbakov Trusted information and telecommunication."

Similar presentations

Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,

Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 34 Fall 2002.
Auditing Concepts.

Auditing Concepts.
Powered by SIS Technology. Debt collection challenges Increase your collections Decrease your costs Optimize your time Secure your data Organize your.

Powered by SIS Technology. Debt collection challenges Increase your collections Decrease your costs Optimize your time Secure your data Organize your.
ATTENTION This presentation breaks down the purchasing process into 6 steps, which are then detailed in the subsequent slides. While responding from either.

ATTENTION This presentation breaks down the purchasing process into 6 steps, which are then detailed in the subsequent slides. While responding from either.
Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.

Brief Synopsis of Computer Security Standards. Tenets of Information Systems Security Confidentiality Integrity Availability Over the years, standards.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Interpret Application Specifications

Interpret Application Specifications
ISO 9001 Interpretation : Exclusions

ISO 9001 Interpretation : Exclusions
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Cloud Usability Framework

Cloud Usability Framework
Introduction to Software Testing

Introduction to Software Testing
Software Verification and Validation (V&V) By Roger U. Fujii Presented by Donovan Faustino.

Software Verification and Validation (V&V) By Roger U. Fujii Presented by Donovan Faustino.
Segment Two: Business Requirements Drive the Technical Updates January 26-27, 2012 Idaho ICD-10 Site Visit Training segments to assist the State of Idaho.

Segment Two: Business Requirements Drive the Technical Updates January 26-27, 2012 Idaho ICD-10 Site Visit Training segments to assist the State of Idaho.
Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.

Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.
Privacy By Design Sample Use Case Privacy Controls Insurance Application- Vehicle Data.

Privacy By Design Sample Use Case Privacy Controls Insurance Application- Vehicle Data.
Software Evolution Planning CIS 376 Bruce R. Maxim UM-Dearborn.

Software Evolution Planning CIS 376 Bruce R. Maxim UM-Dearborn.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Similar presentations

Ads by Google