RU2538329C1 - Apparatus for creating trusted environment for computers of information computer systems - Google Patents

Abstract

FIELD: information technology.

SUBSTANCE: apparatus for creating a trusted environment and protecting information from unauthorised access for computers of an information computer system comprises a flash memory chip based storage with an SPI interface, which is connected to the SPI bus of the computer motherboard chipset and contains in its write-protected area computer BIOS with additionally built-in instructions which facilitate interaction with a microcontroller and checking integrity of loaded software, and a controlled high-speed electronic switch installed on the SPI bus of the motherboard between the computer chipset and the storage, wherein the microcontroller is provided with an electronic switch control channel, which connects the control output of the input/output port of the microcontroller with the control input of the electronic switch, as well as an SPI interface controller, which enables to connect the microcontroller to the SPI bus and operation thereof in a mode of direct access to memory of the storage and in a mode of controlling instructions from the chipset to the storage via the SPI bus.

EFFECT: high efficiency of protecting a computer from unauthorised activity at all operation phases thereof.

2 cl, 3 dwg

Description

The invention relates to the field of computer technology and is intended for trusted computer boot, as well as creating a trusted environment for executing programs at all stages of the computer. Its use will allow to obtain a technical result in the form of increasing the efficiency of protecting a computer from unauthorized actions at all stages of its operation and ensuring protection against unauthorized access (NSD) to information processed and stored in personal computers (PCs) and in computer information and computing systems (IVS) )

Known devices that are hardware-software modules trusted download (APMDZ) type "Electronic lock" (EZ), which are designed to protect the resources of a personal computer from unauthorized access, starting from the stage of trusted loading of a PC (see, for example, patent RU No. 2212705, class G06F 12/14, January 24, 2002, publ. September 20, 2003; patent RU No. 2263950, class G06F 12/14, 11/28/2003, publ. 05/27/2005). Known devices perform a set of standard functions specific to devices of this class:

- registration of each user in the system, the identification and authentication procedure;

- computer lock in case of an attempt to enter the system of an unregistered user;

- registration of events in the system log;

- monitoring the integrity of important user and system files, including the operating system (OS);

- prohibition of unauthorized loading of the OS from external removable media, etc.

Closest to the proposed technical solution is a device for protecting information from unauthorized access for computers of information and computing systems, patent RU No. 2321055, cl. 7 G06F 12/14, 05/12/2006, publ. 03/27/2008, which is an APMDZ with the functions of a backbone module that provides interconnection and interaction between the components of a comprehensive protection system. This APMDZ has interfaces for interaction with other means of protection (encryption, access control system (RDS), blocking devices, etc.), as well as additional locks that increase the reliability and effectiveness of protection. In addition, critical operations related to the control and processing of information during the interaction of security equipment are performed in a secure environment on the device’s common board (in its own RAM memory), and not in the computer RAM, and when using its own trusted OS. APMDZ also includes a power control device with the ability to block the common computer bus, which provides the ability to repel attacks with power failures.

The known device has a hardware random number sensor (DCH), which provides reliable conversion of cryptographic information and the generation of encryption keys and user authentication information (AIP), which provides a multi-user mode with the ability to remotely control it, which is necessary for electronic data protection, designed to protect high-level information confidentiality, the verification of the hardware components of the protection device is implemented.

In addition, all time intervals critical during the start-up of the EZ and the boot of the PC after it is turned on (when unauthorized intervention in the start-up procedure is possible) are subjected to control, namely, the interval from the moment the PC is turned on to the transfer of control to the BIOS expansion program, the time for the user to enter system (at this time, the user password is waiting and entering), the time to download the encryption keys, the time before the authentication procedure starts, the time before the ES shell starts (from the moment the authentication program ends and to start the system integrity control program), the time for work envelope EG, time until ready EZ et al.

The well-known APMDZ also takes into account new trends in the development of information and computing systems, in particular, it implements reliable protection mechanisms against unauthorized access to the network with remote control and remote access, as well as using the thin client technology. These areas impose more stringent requirements for information security tools, primarily for authentication and restriction of user rights. For example, when creating an IVS based on the technology of the "thin client" (TC), the most important issue is security, since it is necessary to protect both the workplace (terminal) and the server part and the communication channel.

Thus, hardware and software modules have been introduced into the well-known device for trusted computer loading and protection against unauthorized access to information stored and processed on it, which increase the level of its functionality for protecting against unauthorized access and the effectiveness of the protection itself by ensuring its interaction with other means of protection, capabilities restrictions and differentiation of access to hardware and software components of PCs and protection devices, effective and reliable PC blocking during various attempts of unauthorized actions, as well as neniya most critical operations directly in the protection device.

This device is implemented and mass-produced by Firm ANKAD LLC in the form of the APMDZ KRIPTON-ZAMOK product, which is a hardware-software module designed to provide the following functions:

1) On the protected computer:

- identification and authentication of the user when starting the PC;

- registration of access events to the PC in the electronic journal;

- blocking the start of the PC with unauthorized access;

- OS boot management, hardware protection against unauthorized OS boot from external media;

- integrity control of the loaded OS and the software environment installed on the PC;

- sound signaling of APMDZ states and access events;

- control lock the opening of the PC.

2) When interacting with a remote control server:

- implementation of remote control over the network from a dedicated workstation or server, export and import user access profiles;

- differentiation and control of user access to the technical means of the computer network and their hardware resources, unlocking and blocking the user on a specific technical tool.

3) When interacting with other means of protection: loading encryption algorithms and key information into cryptographic information protection devices.

However, this and other well-known APMDZs do not provide a fully trusted environment for processing information in a PC, since they are installed on a common PC control and data exchange bus designed to connect peripheral devices to a PC motherboard (in particular, the peripheral PCI bus - Peripheral Component Interconnect). Therefore, the operation of APMDZ does not begin with turning on the PC, but after the initialization has taken place and the BIOS (basic computer input / output system) has loaded. Therefore, in the case of loading an untrusted BIOS, unauthorized actions may occur before initialization of the APMDZ. Thus, a prerequisite for creating a trusted PC environment is to solve the problem of protecting the BIOS code from modification and unauthorized interference both when loading the PC and during operation.

At the same time, it is not enough to have a trusted BIOS at the boot stage, since unauthorized changes to its code can be made during the operation of the PC. For example, in motherboards made on modern Intel chipsets (CHIPSET - interconnecting microcircuits that provide interconnection and control of computer devices), BIOS code protection is implemented by programming the chipset registers, while the commands coming from the chipset to the BIOS are transmitted via the SPI bus, and the BIOS itself is stored in the drive (a flash memory chip with an SPI interface - SPI-Flash). At the same time, the integrity of this BIOS is guaranteed only by the statement of the Intel chipset manufacturer that there is a write lock in SPI-Flash, which is the physical storage of this BIOS.

However, full blocking of writing to the SPI-Flash chip is unacceptable, since certain areas in this chip are used for recording while the computer is running. In addition, the chipset itself can perform undeclared functions, i.e. have bookmarks. Therefore, it is possible to write compromising code in SPI-Flash, i.e. Unauthorized BIOS code modification.

It should also be noted that for special applications, protection based only on the declaration of the chipset manufacturer about the availability of such protection (without revealing the features of its implementation and proof of reliability) is unacceptable and cannot guarantee a trusted environment for computer operation.

The objective of the invention is to introduce hardware and software modules into the PC trusted boot device that provide a trusted environment for PC operation by monitoring and guaranteeing the reliability of the BIOS, as well as monitoring and blocking incorrect or unauthorized commands from the chipset via the SPI bus in SPI-Flash, in particular BIOS write commands.

To solve this problem, the claimed technical solution proposes to implement APMDZ (hardware lock) not on the common computer bus (according to the prototype - on the PCI bus), but on the SPI bus, and to ensure by means of it blocking incorrect or unauthorized write commands coming from the chipset to the SPI -Flash with a valid BIOS installed on it.

The proposed device can be implemented both in the form of a separate board installed on the PC motherboard with its slight modification (installation of a special slot), and integrated directly on the computer motherboard at the stage of its production (as agreed with the manufacturer).

The technical result of the invention is the creation of a trusted environment when working with a PC, and therefore, increasing the efficiency of protection against unauthorized access to hardware and software components and to information stored and processed in a PC by introducing hardware and software blocks into the device that provide BIOS integrity control (startup verified bootloader), control of the chipset commands received via the SPI interface to the SPI-Flash chip with the BIOS recorded in it, and blocking the SPI bus and the computer in case of BIOS integrity violation or If the chipset contains invalid commands in SPI-Flash (in particular, incorrect write commands). At the same time, the functional components of the prototype are retained for interacting with other means of protection (via the block of interfaces of external devices), which ensure effective and reliable PC blocking during various attempts of unauthorized actions.

Since the proposed APMDZ is connected to the stand-by power supply of the PC power supply, it starts functioning immediately after the PC is connected to the power supply (the plug of the network cable is plugged into the outlet) until the POWER button of the PC is turned on. Therefore, in contrast to the prototype, the claimed device will monitor the integrity of the BIOS before starting the PC and, in case of violation of the integrity of the BIOS, to restore it from the backup. In the process of loading and running the PC, the APMDZ controls the chipset commands to the BIOS and, upon passing an incorrect or invalid command, blocks its entry into SPI-Flash by blocking the SPI bus. At the same time, all the main components and functions of the prototype as a system-forming module are preserved, which makes it possible to build an integrated computer protection system on its basis.

The technical result is achieved by the fact that in the known device for protecting information from unauthorized access for computers of information and computing systems, containing a control microcontroller (MK), operating independently of the central processor of the computer and containing software modules that implement the protective functions of the device (user identification and authentication module , the module for checking the integrity and condition of the hardware components of the protection device, the key loading control module a hardware encoder, module for interacting with an access control system, module for interacting with servers of a computer system, random number sensor), as well as non-volatile flash memory with storage blocks for a trusted operating system, software for monitoring the integrity of device components, remote administration and device management, control of all critical time intervals for starting and loading the computer, the client part of the thin client software, the interface block outside these devices switch unit for selecting operation modes of the device and an audio device, the signal from the block module «POWER» button computer,

introduced

installed on the SPI bus of the motherboard of the computer is a high-speed electronic key and a drive based on a flash memory chip with an SPI interface that contains the computer BIOS with additional built-in commands that provide interaction with the MK, while the MK is equipped with an electronic key control channel and a bus communication interface SPI, forming a hardware node that monitors the integrity of the BIOS in the drive before running it and controls the commands on the SPI bus from the computer’s connecting microcircuit (chipset) to the drive with the ability to block writing to the drive using an electronic key; in addition, to implement MK communication channels with hardware components and a chipset, it is additionally equipped with USB and SMBus interfaces, and to block the computer from starting in case of BIOS integrity violation or other unauthorized actions, the control unit is included the main power of the computer, built into the corresponding control channel of the chipset, and the device itself is powered from the standby power source of the computer, and in non-volatile a flash section created a service partition, which additionally contains a BIOS backup, a long-term electronic log for recording all events that occurred during the operation of the device, and an additional device settings block designed to accommodate device settings when additional functions or devices are connected to it.

Since non-volatile flash memory contains software running on the computer’s central processor, this memory can be accessed by both the MK device and the computer’s central processor (but with the permission of the MK device). Therefore, in the proposed device in non-volatile flash memory, in contrast to the prototype, it is proposed to additionally store a copy of the BIOS and a long-term log of unauthorized actions (NSD), recorded by the device and other means of protection integrated with it during computer operation, and to ensure reliable storage of the BIOS and the long-term log The tamper on the flash memory is allocated a service memory partition, inaccessible to external devices.

As a result of the analysis of the prior art by the applicant, including a search by patent and scientific and technical sources of information and identification of sources containing information about analogues of the claimed technical solution, no source was found characterized by features identical to all the essential features of the claimed technical solution. The definition from the list of identified analogues of the prototype, as the closest in the totality of the characteristics of the analogue, made it possible to establish a set of essential distinctive features pertaining to the applicant's technical result of the claimed device trusted computer boot and protection against unauthorized access to information stored and processed on it, set forth in the claims . Therefore, the claimed technical solution meets the criterion of "novelty."

An additional search carried out by the applicant did not reveal known solutions containing signs matching the distinctive features of the claimed device for protection against unauthorized access to information stored and processed on a computer. The claimed technical solution does not follow for the specialist explicitly from the prior art and is not based on a change in quantitative characteristics. Therefore, the claimed technical solution meets the criterion of "inventive step".

Graphic Images

Figure 1 presents the installation diagrams on the computer APMDZ according to the prototype and the proposed technical solution, where:

1 - hardware-software module trusted boot (APMDZ);

2 - a flash memory chip with an SPI interface (SPI-Flash) with a recorded computer BIOS;

3 - standby power supply (Stand-by);

4 - computer power supply;

5 - computer connecting chip (CHIPSET);

6 - PC central processor;

7 - random access memory (RAM) computer;

Figure 2 shows a block diagram of an implementation of the proposed device, where:

1 - control microcontroller;

2 - SPI-Flash drive with a recorded trusted BIOS of the computer;

3 - high-speed electronic key;

4 - high-capacity flash memory with a flash disk implemented on it;

5 - computer connecting chip (CHIPSET);

6 - computer power supply.

Figure 3 presents the structural diagram of the proposed device to create a trusted environment for computers of information and computing systems, where:

1 - the total board of the device;

2 - control microcontroller;

3 - high-speed electronic key;

4 - SPI-Flash drive with a recorded trusted BIOS of the computer;

5 - non-volatile flash memory of large capacity with a flash disk implemented on it;

6 - non-volatile high-speed FRAM-memory;

7 - block of switches;

8 - sound device;

9 - block interfaces of external devices;

components of the control microcontroller 2:

10 - user identification and authentication module;

11 - module for checking the integrity of the software of the control microcontroller and BIOS code in SPI Flash;

12 - module for diagnosing the state of the hardware components of the device;

13 - module for monitoring critical time intervals of the procedure for starting and loading a computer;

14 - key information loading control module;

15 - a module for supporting interaction with a computer access control system;

16 - a module for supporting interaction with servers of an information-computing system;

17 - device settings module;

18 - control module and lock the main power of the computer;

19 - random number sensor;

SPI-Flash 4 drive components:

20 - write-protected area of SPI-Flash with a trusted BIOS;

21 - open area SPI-Flash for recording working information when the computer;

non-volatile flash memory components 5:

22 - block with software (software) for checking the integrity of program-controlled objects and dialogue with the operator;

23 is a block with a list of controlled hardware and software objects;

24 - block with remote device management software;

25 - block with a trusted OS;

26 - block with the client part of the software "thin client";

27 - backup of a reliable computer BIOS in the service section of non-volatile flash memory;

28 - long-term event log in the service section of non-volatile flash memory;

29 - block advanced settings;

6 high-speed FRAM components:

30 - online electronic journal;

31 - block with user credentials;

32 - block with settings and remote control keys;

components of the external device interface unit 9:

33 - interface iButton identifier type Touch Memory;

34 - USB Host interface;

35 - intermodule interface;

computer components:

36 - standby power supply (Stand-by);

37 - computer power supply;

38 - computer connecting chip (CHIPSET);

39 - button to turn on the power supply of the computer "POWER".

In accordance with figure 1, the proposed device 1 is installed on a computer and operates as follows. To provide the ability to check the integrity of the BIOS of a computer located in a flash memory chip with an SPI interface (SPI-Flash) 2, before loading it, as well as protecting it during the operation of the computer, device 1 is installed on the SPI bus and connected to a standby source -by) 3 power supplies 4 computers (dark arrows from / to pos.1), starting to work before turning on the computer (main power supply from unit 4). Thus, before the connecting chip (CHIPSET) 5, which provides interconnection and control of the computer’s devices, and the computer’s central processor 6 load the BIOS from the microcircuit 2 into the computer’s random access memory (RAM) 7, the device 1 has the ability to check the BIOS integrity in SPI-Flash 2. In addition, after turning on the computer, device 1 can control the passage of commands on the SPI bus from the chipset 5 to SPI-Flash 2 and prevent attempts to transmit commands that can carry out unauthorized modifications BIOS BIOS.

The prototype, in contrast to the proposed device, is connected to the PCI bus (the light arrow from the device is 1 to the left), and its functioning starts after turning on the computer and loading its BIOS, while the integrity of the BIOS code of the device is not monitored either before loading or during computer operation .

To carry out operations to verify the integrity of the computer’s BIOS before loading it and blocking invalid commands in SPI-Flash from the recorded computer BIOS during its operation, the proposed device includes the following main components (Fig. 2). A hardware node is installed on the computer’s motherboard, including a microcontroller (MK) 1, which controls the device and is connected to the SPI bus, an SPI-Flash 2 drive with a recorded computer BIOS and additional built-in commands that ensure its interaction with MK 1, a high-speed electronic key 3, which allows you to block the receipt of commands via the SPI bus from the chipset 5 to SPI-Flash 2 by the MK 1 command. A high-capacity flash memory 4 is connected to the MK 1 via a dedicated bus with a flash disk implemented on it of software (software) that implements all necessary functions APMDZ. The device implements communication channels (via SMBus and USB) between the control MK 1, the chipset 5 of the motherboard and other devices with which the integration of the proposed device is possible. In the case of unauthorized access or violation of the integrity of the BIOS, the device can block the PC’s power supply through the “Power” control channel by the power supply unit 6 (prohibit the power supply being turned on during the BIOS integrity check or turn off the power when it detects unauthorized access during computer operation).

A detailed structural diagram of the inventive device for creating a trusted environment for computers of information and computing systems, providing trusted PC boot, protection of the BIOS code from unauthorized access and protection from unauthorized access to information stored and processed on a PC, is presented in Fig.3.

The device contains a common board 1 with a control microcontroller 2 located on it, connected via a controller to the SPI bus of the computer motherboard, a high-speed electronic key 3 installed on the SPI bus, an SPI-Flash 4 drive connected to the SPI bus similar to that used in the original motherboard the board and containing the recorded BIOS of the computer, non-volatile flash memory 5 with a large capacity flash drive implemented on it and high-speed FRAM-memory 6, access to which is made only by MK 2, with a transfer unit lyuchateley 7 to select the mode of the device, an audio device 8 for additional information about detected unauthorized actions interface unit 9 external devices. At the same time, a high-speed electronic key 3 allows you to disconnect drive 4 from the SPI bus by a control command from MK 2 via a communication channel from its input-output port, and the device itself is connected to the stand-by computer power supply unit 36 (Stand-by) 36 as part of the main power supply 37 , as well as to the computer motherboard (chipset 38) via SMBus and USB.

The microcontroller 2 contains a number of software modules that provide the implementation of the protective functions of the device: module 10 identification and authentication of users; MK 11 software integrity check module and BIOS code in SPI Flash; module 12 for diagnosing the state of the components of the device; module 13 for monitoring all critical time intervals of the procedure for starting and loading the computer; key information loading control module 14; module 15 to support interaction with the access control system installed on the computer; module 16 support interaction with servers; module 17 of us three devices; a module 18 for monitoring and blocking the main power of the computer via the control channel of the power supply; random number sensor 19.

The SPI-Flash 4 drive contains two areas: a write-protected area 20 with a trusted BIOS and an open 21, into which working information is written and rewritten during the operation of the computer. In a closed area, the BIOS additionally has built-in commands that ensure the interaction of microcontroller 2 with the BIOS.

The non-volatile flash memory 5 of large capacity, connected to a dedicated MK bus and divided into several parts, contains the following memory blocks: block 22 with software for checking the integrity of software-controlled objects and dialogue with the operator, block 23 with a list of controlled hardware and software objects, block 24 with software for remote control of the device, block 25 with a trusted OS (“truncated” versions of MS DOS, Linux, Windows CE, etc. can be used as a trusted OS, in which user security parameters can be stored in advance ateli), block 26 with the client part of the thin client software. In the service section, accessible only by MK 2, there is a backup of a reliable BIOS 27 of the computer, a long-term event log 28, which periodically overwrites the events recorded in the operational log 30 of high-speed memory 6, and an additional settings block 29, designed to accommodate device settings when connecting additional functions or devices to it.

Part of the blocks can be supplied optionally. In particular, the need for a block 25 with a trusted OS may arise in the case of the use of technology "thin client" (block 26).

Since non-volatile flash memory 5 contains software running on the central processor of the computer, access to this memory can be made by both MK 2 and the central processor of the computer (but with permission of microcontroller 2). Access is via the USB device interface as a USB drive. The service area is accessed only by microcontroller 2.

Non-volatile high-speed FRAM-memory 6 contains: an online electronic journal 30 for recording events during PC operation, block 31 with user credentials and block 32 with settings and remote control keys. Access to this memory is made only by MK 2. This type of memory is characterized by high speed and an almost unlimited number of overwrites. It is used for non-volatile storage of frequently changing data (APMDZ settings, user profiles, recent entries of the NSD log, etc.). The memory is connected to a dedicated MK bus.

As the operational log 30 is filled, its data is periodically rewritten in the long-term log 28 located in the service area of the flash memory 5. The presence of the online log allows to increase the durability of the flash memory 5 by reducing the cycles of writing to the log 28 during the operation of the computer.

Block 9 of the external device interfaces contains the iButton ID 33 interface type Touch Memory (electronic tablet), USB Host interface 34 for connecting external devices, as well as the intermodule interface 35 for connecting to other protection hardware.

Connection interfaces

1. SPI. The device is connected to the SPI bus of the 38 chipset of the motherboard instead of the computer BIOS chip. A managed key 3 of the device is installed on this bus, after which drive 4 is connected via the SPI interface (a microcircuit with a BIOS similar to that used in the motherboard without a device).

The control MK 2 is connected to the bus using the SPI interface controller, and to key 3 - by the communication channel from the GPIOD MK I / O port. MK 2 can work in two modes: Master and Slave.

In Master mode, MK 2 has direct access to the memory of drive 4, which allows you to check its integrity (integrity of the contents of area 20 with the BIOS) and (if necessary) restore the BIOS from a backup before starting the computer. The backup copy is stored in the service area of flash memory 5 connected to MK 2.

In Slave mode, MK 2 controls the chipset 38 commands passing through the SPI bus to drive 4 (it conducts “listening”). When an invalid command is detected, it closes the key 3, blocking access to drive 4 and thereby prohibiting the passage of an invalid command into it.

Thus, the node on the SPI bus formed by MK 2, key 3 and drive 4, allows, firstly, before turning on the main power of the PC using key 3, disconnect drive 4 from the SPI bus and connect it to MK 2 to control the integrity of the BIOS, and secondly, when working with MK 2, monitor the commands coming from the chipset 38 via the SPI bus to the drive 4 and, if necessary, interrupt their execution by disconnecting the drive 4 from the SPI bus using key 3, thus blocking the execution of the chipset command.

2. SMBus. This bus, used for communication between nodes on the motherboard, is used to control the operation of the device and to control the transfer of BIOS control. On this bus, a BIOS or other program running on a computer can communicate with the device.

3. USB device. The device appears on the USB bus as a high-speed USB Mass Storage Device (i.e., a USB flash drive). In combination with high-capacity flash memory installed on the device, this allows the device to be used to download additional software, for example, for APMDZ software, or for other purposes.

4. USB host. Block 9 of the device implements a USB full-speed host (item 34), to which external USB devices can be connected. This interface can be implemented directly on MK 2 with an output to the connector located in block 9. It can be used to connect external key carriers, smart-card readers or eToken, ruToken. It is possible to connect other devices with a USB interface, up to a separate keyboard for entering user passwords. Smart card readers can theoretically be used to work with electronic bank cards in e-commerce applications.

5. iButton interface (1 Wire, Touch Memory). In block 9, item 33 is used to connect key and authentication media with this interface.

6. Intermodular interface. In block 9, pos. 35, it is used to connect to other hardware protection devices, for example, to download encryption keys into the devices of the KRIPTON series by ANKAD.

7. Nutrition. The device is powered from a stand-by source (Stand-by) 36 voltage +3.3 Vaux, available even when the main computer power is off. This allows you to carry out self-monitoring of the device and checking the BIOS before turning on the main power of the computer (power supply 37).

8. Power management. Unlike the prototype, in which only power is turned off by acting on a specific relay contact in the power circuit, this device controls power, i.e. both turning on and off (locking) the power supply 37. For this, the device is included in the open circuit of the control circuit of the chipset 38 by the main power of the computer (block 18 of the microcontroller 2). The signal to turn on the power when the POWER button 39 is pressed is received from the chipset 38 to the control unit 18 for blocking and blocking the main power supply of the computer, and then to the power supply unit 37. This allows you to effectively block turning on the main power of the computer in the event of a malfunction of the components of the device or violation of the BIOS integrity , and also allows you to turn off the computer at any time during operation when it detects tampering by removing the PS_ON signal from the power supply, which leads to a blackout of the computer.

A device for creating a trusted environment for computers of information and computing systems according to the scheme of figure 3 works as follows.

Before using the computer with the installed protection device (the device’s board is installed on the computer’s motherboard in a special slot) and the software for interacting with other protection tools preinstalled on it (part of the software can be installed optionally at the request of the customer), the device is configured and users are registered, for which purpose using the software for protection against unauthorized access to the registration files write variable parameters - control information that determines the access rights of each zovatelya computer resources:

- in block 23 of flash memory 5 — a list of monitored objects (a list of programs protected from changes, including the OS, and files, as well as the full path to each monitored file and / or coordinates of each boot sector — the name of the startup program for this user) and the table control vectors of controlled objects (checksum values or the calculated value of the hash function of files and / or boot sectors of the hard disk protected from changes);

- in block 31 of FRAM-memory 6 - credentials for all users of this computer (user name (registration number), his credentials (user access rights - each user can have his own set of rights), serial number of the user's key personal carrier (PN) , standard for user authentication, password control vector (image), user password expiration date, number of allowed failed login attempts, etc.);

- in block 32 of the FRAM-memory 6 - settings data and remote control keys;

- in block 13 of the microcontroller 2 - controlled intervals of the startup procedure, including two main (the time for the user to enter the system (for waiting and entering the password) and the time for downloading the encryption keys);

- to block 17 of microcontroller 2 — device settings (list of users (names - registration numbers), number of allowed attempts to access the computer, blocking methods, etc.).

Decisions on all issues related to security are made by microcontroller 2, which operates independently of the main processor of the computer using the software stored in its memory. In particular, it controls access to blocks 28, 30, and 31 of non-volatile memory 5 and 6, respectively, while for block 31 of non-volatile memory 6, read / write is allowed to exchange service information with application software for protection against unauthorized access (module 10), which user authentication.

The protection device software consists of three interacting parts: microcontroller 2 software (firmware); software modules built into the BIOS; Software running on the main computer processor (software), which is downloaded to the computer from the non-volatile memory 5 of the protection device. MK software cannot be changed unauthorized, because it is not accessible from the computer side. The modules built into the BIOS are protected by the MK, and the integrity of the software running on the central processor of the PC is controlled by trusted BIOS software.

When operating a computer at the initial stage of loading, after connecting the power supply to the mains, power is supplied to the device from the stand-by unit 36, which is part of the power supply unit of the computer 37, after which the microcontroller 2 starts.

First, diagnostics and integrity monitoring of the components of the microcontroller are performed (module 12 tests the state of the device components), then the MK sends a command to key 3, which disconnects drive 4 from the chipset SPI bus, and then MK (module 11) via the SPI interface in Master mode monitors the integrity of the BIOS code 20 in drive 4, and then checks the integrity of the high-speed FRAM-memory 6. If the verification is successful, the device waits for the power to turn on (pressing the 39 “POWER” button).

After pressing the 39 “POWER” button, the power control signal passes through the 38 chipset, enters the MK unit 18, designed to control and lock the main power supply of the PC, after which the MK 2 sends a command to the key 4 to connect the SPI bus to drive 4, and block 18 MK skips a command to the 37 PC power supply to turn on its main power. In this case, MK 2 goes into Slave mode (external clocking) and receive-only (receive only - eavesdropping on the SPI bus).

After turning on the main power, a regular computer boot is performed: BIOS 20 is read and, in accordance with the boot program, all the components necessary for the computer to work are initialized. In this case, the BIOS 20, which contains additional built-in commands for interacting with MK 2 and the software integrity check module, contacts the MK to connect the USB device bus, then downloads and checks the flash memory software 5 (block 22), after which block 22 is launched .

Downloaded software implements the functions of an electronic "lock", and module 10 MK performs identification and authentication of the user logging into the system. After a successful login to the system, MK 2 disconnects the USB device bus, and the computer's OS boots.

During the PC boot process, the time intervals of the startup and login procedures are monitored, and if they deviate from the nominal values, access is blocked. Information about the controlled time intervals for which the access is blocked comes from module 13 MK 2.

The device communicates with other nodes on the motherboard, controls the operation of the device, and controls the transfer of BIOS control via the SMBus bus. On this bus, a BIOS or other program running on a PC can communicate with the device.

If a violation is detected at any of the above stages of PC boot or NSD attempts, the computer’s power will not be turned on, and if it is already turned on, it will be turned off, and subsequent steps to boot the computer will be blocked. In addition, if the diagnostic revealed errors in the operation of the components of the device, violation of the integrity of the contents of flash memory 5 or an attempt by the HDD to enter the system, a warning message is displayed on the PC display about the violation, the user is not allowed to enter the system, the PC is blocked, and the event log (block 30 non-volatile memory 6) registers the corresponding record. Fixing violations or unauthorized access may additionally be accompanied by a sound signal of a certain type associated with the type of violation, which is implemented by the sound device 8.

In the case of a successful PC boot, the device works like a normal APMDZ, similar to the prototype, performing its protective functions, including when interacting with other protection tools integrated with it.

The process of identifying and authenticating a user is as follows. The PC displays an invitation to the user to enter information into the computer with its MON. Identification and authentication operations are implemented in the RAM of MK 2. The user sets his payload in the appropriate reader. As a PN, an identifier such as Touch Memory (ТМ), a plastic card, a USB identifier, a biometric identifier, etc. can be used. To read information to the interface unit of external devices 9, a contact or reader for a specific medium is connected, in particular, a contact TM device is connected to interface 33, and the USB identifier to interface 34.

In the case when the presented payload is not registered in the registration file in module 17 MK 2, a warning and a repeated invitation to carry out user identification are issued on the PC display. After the number of unsuccessful identification attempts, predetermined in block 17 of the MC, the user is prohibited from logging on to the system, and an attempt to unauthorized access to the computer is recorded in the event log (in block 30 of non-volatile memory 6).

In the case when the presented payload is registered in the registration file in block 17 MK, module 10 MK authenticates the user, for which he prompts the user to enter his password on the PC display from the PC keyboard, then determines the image of the entered password and compares it with the control image of the password registered in block 31 of non-volatile memory 6. In case of a mismatch of the control image of the presented password with registered in block 31 of non-volatile memory 6 or expired time, the time allotted On entering the password in module 13 MK, a warning and a repeated invitation to authenticate the user are displayed on the PC display. After the number of unsuccessful authentication attempts, predetermined in block 17 of the MC, the user is not allowed to enter the system, and an attempt to access the PC to the PC is recorded in the event log (in block 30 of non-volatile memory 6).

In the case when the control image of the presented password matches the one registered in the block 31 of non-volatile memory 6, the integrity of the monitored objects for this user is checked using the software stored in the block 22 of flash memory 5. For this, the specified software calculates the values of the control vectors of the objects ( values of checksums or hash functions of files and / or boot sectors of the computer’s hard drive) listed in the list of monitored objects located in block 23 of flash memory 5, and then estimating translates the received values with the corresponding values of the control vectors listed in the table above control vectors controlled objects stored in the nonvolatile memory unit 23 5. When checking the integrity of the controlled objects used by the trusted execution environment. If the calculated values of the control vectors of the objects for this user do not coincide with the corresponding values of the control vectors stored in the non-volatile memory block 23, the user is denied access to the PC, while the PC OS is also blocked.

If the calculated values of the control vectors of the objects for a given user coincide with the corresponding values of the control vectors stored in the block 23 of non-volatile memory 5, the user is allowed access to the PC, and the computer's OS is also allowed to start. At the same time, the possibility of unauthorized loading of the OS from removable media by blocking access to the reading devices of the corresponding media when starting the PC is prohibited.

After that, control is transferred to the standard hardware and software of the computer to complete the BIOS and boot the OS from the PC hard drive. After successful completion of the OS boot, access to removable media readers is restored with a special driver program included in the software for the anti-tamper system.

Thus, the main features of the protective functions of the proposed device are as follows.

1. The device protects the BIOS code from unauthorized changes by:

- checking the integrity of the BIOS based on the calculation of checksums (insert) and / or by comparison with the standard stored on the flash drive, before turning on the main power of the computer;

- checking the commands received by the BIOS chip from the chipset for validity and, in the case of an invalid command (or address for writing to the SPI-Flash closed area with the BIOS code), blocking the passage of the rest of the command or address using the key on the SPI bus .

2. In the event of a device malfunction, a violation of the integrity of the BIOS or software, as well as attempts of unauthorized actions, the device hardware locks the computer by:

- blocking the signal to turn on the main power of the PC;

- power off the PC;

- disabling access to the drive with the BIOS code, as a result of which it is impossible to modify the BIOS code and boot the PC.

As a result of the implementation of the aforementioned functions by the proposed device, as well as the known functions of the prototype, a fully trusted environment is guaranteed that will increase the efficiency of protecting the PC from unauthorized actions at all stages of its operation, including protection against unauthorized access to information processed and stored in the PC and computer IVS.

After a user logs on to the system and loading the OS during the user’s further work, the device allows to implement a number of additional functions similarly to the prototype, which increases the level of its functionality and the effectiveness of protection from unauthorized access to information stored and processed on a PC and in an IVS, while ensuring its use as backbone module.

Firstly, MK module 10 implements an additional function, performing not only one-time authentication of the user when entering the system, but also further (permanent) authentication, thereby controlling the location of the authorized user at the PC. In the simplest case, it is not allowed to extract the identifier from the reader, otherwise the PC will be blocked. Additionally, periodic (at certain intervals) polling of the identifier with verification of information authenticating the user and the medium itself is possible. If the read information does not match the control values, the computer is also blocked. Finally, through the corresponding interfaces of block 9, for continuous authentication, data of external identification and authentication devices, for example, biometric devices, the absence or mismatch of the signal from which the computer also blocks, can be used. The presence of a permanent authentication channel is necessary to prevent the substitution of a registered user at the stage of system operation.

The presence of the intermodular interface 35 allows the device to communicate with another hardware and software security tool, for example, a cryptographic data protection device (UKZD) or a cryptographic network interface adapter (CIA), which protects information in computer networks. In this case, the protection device using the block 14 MK provides control of the loading of encryption keys in UKZD or KSIA, excluding the encryption keys from entering the RAM of the computer. All the necessary calculations are carried out in the device’s RAM, which completely eliminates the possibility of intercepting encryption keys or interfering with the process of downloading key information.

The presence in the MC unit 15 of the support of the access control system (DDS) ensures the interaction of the device with the computer's SDR, while the device transmits the user identification and authentication results and its identifier to the SRD, eliminating the need to repeat this procedure during the operation of the SRD. In addition, in the case of fixing the DRS of unauthorized access attempts, the DRS can send a command to the hardware device to lock the computer. At the same time, in the event log (in block 30 of non-volatile memory 6), a registered DRR attempt of unauthorized access to a PC is recorded.

Using block 15 MK, support is provided for interaction with servers when working in remote control mode, as well as when operating in a system built on the architecture of a "thin client" (TC). The presence in flash-memory 5 of block 26 with the client part of the TC software allows you to use the device to operate the TC terminals in protected mode. To work in the TC mode, together with the TC software, a trusted OS is loaded from the unit 25 of the flash memory 5 of the device.

The proposed device protects against unauthorized access to information stored and processed on a computer, can be implemented using well-known purchased components.

For example, in the prototype device implemented by the applicant, the microcontroller 2 is implemented on the STM32F405VGT6 chip, the key 3 is on the SN74CB3Q3125RGYR chip, the SPI-Flash 4 drive is on the W25Q128BVEIG chip, and the high-capacity flash memory 5 is on the KLGEC2 KLGFC2-microcircuit KLGFC2 4M IT “Micron”), and module 6 - on the FM25V02-G FRAM-memory, which is characterized by high speed and almost unlimited number of overwrites.

Block 7, which sets the operating modes of the device, is an NHDS-04 switch. Block 9 contains the interfaces of external devices. When using an electronic key of type TM as a personal carrier, its connection is carried out through block 33 through the PLS-3 connector. USB interface 34 is a USB Host Controller and is implemented in MK 2 itself.

The intermodule interface 35 is a serial interface, executed on the chip SN74AHC1G125DCKR and connected through the connector WK-R-2. Key loading operations are carried out similarly to the interaction of the protection device with the UKZD.

Based on these components, the applicant implemented a prototype APMD3-I device to create a trusted environment for executing programs at all stages of the computer. The tests of the prototype carried out by the applicant confirmed the possibility of its implementation with the achievement of the specified positive technical result.

The above information indicates the fulfillment of the following set of conditions when using the claimed technical solution:

- means that embody the claimed device in its implementation, are intended for use in industry, namely in computer-based automated information processing systems to protect processed and stored information from unauthorized access;

- for the claimed device in the form as described in the independent clause of the claims, the possibility of its implementation using the means described in the application is confirmed.

Therefore, the claimed technical solution meets the criterion of "industrial applicability".

When using the proposed device for creating a trusted environment on a computer, the BIOS code is protected from modification both at the boot stage and during the operation of the computer, access to the PC and information resources of unregistered users is prevented by creating a closed program-logical environment for each user.

At the same time, the microcontroller 2 located on the device’s common board 1 in cooperation with the BIOS drive 4 located in the write-off area 20 of the BIOS, which additionally has integrated commands for interacting with MK 2, not only user identification and authentication programs are executed, but also all critical operations on trusted boot of the computer, including checking the integrity of the BIOS before turning on the computer and protecting the BIOS from modification when the computer boots and operates, while ensuring control of all critical intervals strap, when the possibility of unauthorized interference with the startup procedure. In addition, all operations related to the conversion of critical information, in particular, cryptographic operations and the generation of encryption keys, are carried out by the microcontroller in its own RAM, and not by the central processor in the RAM of the computer, using the DSCH 19 and its own trusted OS, which achieves a positive the result is reliable execution of the most important protection operations in a trusted environment, which ensures the security of their implementation and increase the effectiveness of protection against unauthorized access.

Increases the reliability and effectiveness of protection as well as the presence of additional locks implemented during various attempts of unauthorized actions. The device implements testing of its hardware components, provides a multi-user mode with the ability to remotely control it, which is necessary for electronic protection, designed to protect information with a high level of confidentiality, and implements the ability to limit and differentiate access to the hardware and software components of a computer.

In addition, a high level of functionality and high protection efficiency of the proposed device is ensured by the presence of communication interfaces with other means of protection (encryption, access control system, etc.), which allows you to use the claimed device as a backbone module and build hardware-software complexes on its basis protection of information from unauthorized access based on existing means of protection. The device also takes into account new trends in the development of information and computer systems, in particular, it provides reliable protection for remote control and remote access, as well as in information and computer systems using the “thin client” technology.

Thus, due to its broad functionality, as well as to perform the most critical operations directly in the protection device, the proposed device for trusted computer boot and protection against unauthorized access to information stored and processed on it has retained the advantages of the prototype, namely the ability to perform system-forming functions and the ability to build a comprehensive system for efficient PC protection (workstation - AWP) and information and computing system. At the same time, the proposed device installed on the SPI bus protects the BIOS code from unauthorized changes, which ensures the creation of a trusted environment from the initial stage of loading immediately after connecting the computer's power supply to the mains, which is not provided by the prototype.

Based on the proposed device, it is advisable to produce protected computers by integrating it directly into motherboards.

Information sources

1. Patent RU No. 2212705, cl. G06F 12/14, January 24, 2002, publ. September 20, 2003

2. Patent RU No. 2263950, cl. G06F 12/14, 11/28/2003, publ. May 27, 2005

3. RU patent No. 2321055, cl. 7 G06F 12/14, 05/12/2006, publ. 03/27/2008 - a prototype.

Claims (2)

1. A device for creating a trusted environment and protecting information from unauthorized access for computers of information and computing systems, containing a control microcontroller, non-volatile flash memory with large storage units of the software of the device, non-volatile high-speed memory with an electronic journal for recording events during the operation of the device, unit with user credentials and a block with settings and with remote control keys, a block of switches for the choice of the device’s operating mode, an audio device for additional informing about detected unauthorized actions, an interface block of external devices, as well as a computer power lock device,
moreover, the control microcontroller includes a user identification and authentication module, modules for checking the integrity and condition of the hardware and software components of the protection device, a module for monitoring all critical time intervals for starting and loading the computer, a module for managing keys for loading the hardware encoder, a module for interacting with the access control system , a module for interacting with servers of an information-computing system, a device settings module, a random number sensor l
and non-volatile flash memory of large capacity contains a trusted operating system, modules for monitoring the integrity of the device components, remote administration and device management, the client part of the thin client software, and the internal microcontroller I / O via the device’s local bus highway non-volatile flash memory and high-speed memory trunk I / O, and external mic I / O trunk a controller connected to inputs of the external device interface unit including USB Host interface, iButton interface identifier type and intermodule Touch Memory interface hardware token,
characterized in that a device based on a flash memory chip with an SPI interface is introduced into the device, which connects to the SPI bus of the computer motherboard chipset and contains in its write-protected area of the computer BIOS with additional built-in commands that provide interaction with the control microcontroller and check the integrity of the downloadable software, and a controllable high-speed electronic key installed on the motherboard SPI bus between the computer chipset and the drive m, the microcontroller is equipped with an electronic key control channel that connects the control output of the I / O port of the microcontroller to the control input of the electronic key, as well as an SPI interface controller that connects the microcontroller to the SPI bus and operates in direct access to the drive’s memory and in control commands from the chipset to the drive via the SPI bus, thus forming a hardware node that monitors the BIOS integrity in the drive before loading it with the possibility of subsequent control on the bus not SPI commands of the chipset to the drive and their blocking with an electronic key; moreover, for implementing the microcontroller’s communication channels with hardware components and the chipset, it is additionally equipped with USB and SMBus interfaces, and to block the computer from starting in case of BIOS integrity violation or other unauthorized actions the microcontroller includes a control unit for the main power of the computer, built into the corresponding control channel of the chipset, and the device itself is connected to the standby power source of the computer pa. 2. The device according to claim 1, characterized in that in the non-volatile flash memory of large capacity, an additional service section is available that is available only for the device’s control controller, which contains a backup of the trusted BIOS, a long-term electronic journal, which periodically overwrites those registered in the operational the high-speed memory log of events that occurred during the operation of the device, and the unit for additional device settings designed to accommodate settings when connecting additional functions or hardware components to it.

Images