Article

Article title ENSURING DATA INTEGRITY REGISTRATION AND ACCOUNTING SUBSYSTEM BASED METHOD «WRITE-ONCE»
Authors S.V. Savin, O.A. Finko
Section SECTION III. CRYPTOGRAPHIC PROTECTION OF INFORMATION
Month, Year 05, 2015 @en
Index UDC 004.056
DOI
Abstract The paper solves the problem of increasing the security of data records in storage subsystem registration and account information protection system of the automated system. Relevance of the solution of this task consists in need of information security from deliberate influence from legal users. These deliberate actions can hide traces of earlier realized destructive influences. It usilivt their harmful effect or prevents occurrence of legal responsibility for perfect wrong or illegal actions. A new method of applying an electronic signature (or cryptographic hash function). For this purpose, a well-known method of "write-once". In contrast to known methods, the article proposes a concrete application of a structured method of electronic signature, using parameters such as: the nesting depth of the electronic signature in the protected data block, the number of used cryptographic keys and how to use cryptographic keys. The procedure for using signatures – is the key. An electronic signature can be simple or reinforced (qualified or unqualified). Signature can be replaced by a cryptographic hash function. The order of application keys – decentralized (systemic signature of the signature and the specified number of users (dynamic parameter)). Schema definition of the signatures may be some "space key" encryption procedure for the use of said users. Change the settings for the application of signatures and their composition technique allows us to solve the problem of data protection subsystem registration and accounting requirements in a wide range of technical specifications of the customer.

Download PDF

Keywords Security system; registration and accounting subsystem; data security; data integrity; the method of «write-once»; electronic signature.
References 1. GOST R 50739 – 95 (pereizdan 2006). Sredstva vychislitel'noy tekhniki. Zashchita ot nesanktsionirovannogo dostupa k informatsii. Obshchie tekhnicheskie trebovaniya [State Standard R 50739 – 95 (reprinted 2006). Computing facilities. Protection against unauthorized access to information. General technical requirements]. Moscow: Gosstandart Rossii, 1996.
2. Rukovodyashchiy dokument GosTekhKomissii. «Avtomatizirovannye sistemy. Zashchita ot nesanktsionirovannogo dostupa k informatsii. Klassifikatsiya avtomatizirovannykh sistem i trebovaniya po zashchite informatsii» [Guidance document to gasteromycete. "Automated systems. Protection against unauthorized access to information. Classification of automated systems and requirements for information protection.]. Moscow: Gosstandart Rossii, 1992.
3. GOST 50922 – 06. Zashchita informatsii. Osnovnye terminy i opredeleniya [State Standard 50922 – 06. The protection of information. Basic terms and definitions]. Moscow: Gosstandart Rossii, 2006.
4. Savin S.V. Analiz neobkhodimosti sovershenstvovaniya podsistemy registratsii i ucheta sistemy zashchity informatsii AS VN [Analysis of the need to improve the registration subsystem and system accounting information protection AC HV], Sbornik trudov VI-VII Vserossiyskoy nauchno-tekhnicheskoy shkoly – seminar [Proceedings of the VI-VII all-Russian scientific-technical school-seminar] (g. Gelendzhik – 2013). Krasnodar: FVAS, 2013. Vol. 1, pp. 179-182.
5. Savin S.V. Zashchishchennoe khranenie dannykh audita bezopasnosti AS [Secure storage of audit data security AC], Sbornik nauchnykh trudov Shestoy Mezhdunarodnoy nauchno-tekhnicheskoy konferentsii (Infokom – 6) [Proceedings of the Sixth International scientific and technical conference (InfoCom – 6)]. Stavropol': Severo-Kavkazskiy federal'nyy universitet, 2014, Part 2, pp. 480-484.
6. Shan'gin V.F. Zashchita komp'yuternoy informatsii [Protection of computer information]. Moscow: DMK Press, 2010, 542 p.
7. Operatsionnaya sistema MS VS 3.0. Sistemnoe administrirovanie. Komplekt tekhnicheskoy dokumentatsii na operatsionnuyu sistemu MSVS 3.0 FLIR.80001-01, 2010 [Operating system MS SA 3.0. System administration. The technical documentation on the operating system MSVS 3.0 FLIR.80001-01, 2010].
8. Midsize Business Security Guidance. Microsoft Corporation. Security Monitoring and Attack Detection // Microsoft Corporation. August 2006. Available at: http://www.microsoft.com/technet/ security/ midsizebusiness/default.mspx, 2006.
9. GOST 53110 – 08. Sistema obespecheniya informatsionnoy bezopasnosti seti svyazi obshchego pol'zovaniya [State Standard 53110 – 08. The system of ensuring information security of the public communications network]. Moscow: Gosstandart Rossii, 2009.
10. GOST R ISO/MEK 15408-2 – 13. Informatsionnaya tekhnologiya. Metody i sredstva obespecheniya bezopasnosti. Kriterii otsenki bezopasnosti informatsionnykh tekhnologiy. Ch. 2. Funktsional'nye komponenty bezopasnosti [State Standard R ISO/IEC 15408-2 – 13. Information technology. Methods and means of security. Evaluation criteria information technology security. Part 2. Functional security components]. Moscow: Gosstandart Rossii, 2013.
11. Biham E., Dunkelman O. A framework for iterative hash functions. HAIFA, IACR ePrint 2007/278. eprint.iacr.org/2007/278, July, 2007.
12. Mendel F., Pramstaller N., Rechberger C., Kontak M., Szmidt J. Cryptanalysis of the GOST hash function. CRYPTO 2008, D. Wagner, Ed., vol. 5157 of LNCS, Springer. 2008, pp. 162-128.
13. Toshimitsu Inomata, Susumu Itagaki, Masakazu Soga, Masakatsu Nishigaki. A Method of Tamper-proof Using Digital Signature and Patrol, and Its Application to the WWW, Information Processing Society of Japan Journal, 2003, Vol. 44, No. 8, pp. 2072-2084.
14. Bellare M. New Proofs for NMAC and HMAC: Security without Collision-Resistance. – CRYPTO 2006, ePrint Archive, Report 2006/043. Available at: http://www.eprint.iacr.org/ 2006/043.pdf, 2006.
15. Jongsung Kim, Alex Biryukov, Bart Preneel1, Seokhie Hong. On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1. Center for Information Security Technologies(CIST), Korea University, Seoul, Korea, 2006.
16. Wang X., Yu H. How to Break MD5 and Other Hash Functions. EUROCRYPT 2005, LNCS 3494. Springer-Verlag, 2005, pp. 19-35.
17. Atsushi Harada, Masakatsu Nishigaki, Masakazu Soga, Akio Takubo, Itsukazu Nakamura. A Write-Once Data Management System, ICITA 2002. Shizuoka University, 3-5-1 Johoku, Hamamatsu, 432-8011, Japan, 2002.
18. GOST R 34.10 – 2012. Informatsionnaya tekhnologiya. Kriptograficheskaya zashchita infor-matsii. Protsessy formirovaniya i proverki elektronnoy tsifrovoy podpisi [State Standard R 34.10 – 2012. Information technology. Cryptographic protection of information. The processes of formation and verification of digital signature]. Moscow: Gos-standart Rossii, 2012.
19. GOST R 34.11 – 2012. Informatsionnaya tekhnologiya. Kriptograficheskaya zashchita informatsii. Funktsiya kheshirovaniya [State Standard R 34.11 – 2012. Information technology. Cryptographic protection of information. The hash function]. Moscow: Gosstandart Rossii, 2012.
20. Federal'nyy zakon ot 06 aprelya 2011 goda, № 63-FZ «Ob elektronnoy podpisi» [The Federal law from 06 April 2011, № 63-FZ "On electronic signature"].

Comments are closed.