Investigation and modeling of thin-client trusted platform system
Автор: Tishchenko Evgeniy Nikolaevich, Butsik Kirill Aleksandrovich
Журнал: НБИ технологии @nbi-technologies
Рубрика: Инновации в информатике, вычислительной технике и управлении
Статья в выпуске: 4 (27), 2017 года.
Бесплатный доступ
The article discusses the process of trusted boot “hardware thin client” in a typical automated system. The process of loading the operating system into memory workstations is carried out using removable media, and technology network PXE boot. The analytical modeling of this process is performed from the perspective of the impacts of internal and external violators. The authors develop a formal model of the violators - a conditional mathematical representation of their impacts on the process of trusted boot. The factors that characterize the increased risk of attack from internal intruder, are outlined. An ideal boot process, characterized by the complete counter-attacks of the violators is simulated. The factors required of any trusted boot process for the approximation to the ideal state, are outlined. The authors identify the limitations of the modern systems for trusted boot based solely on the control of implemented protective mechanisms. The research provides a list of characteristics that require optimization with the aim of developing an alternative method of ensuring trusted boot “hardware thin client”. Alternatively, it is proposed to control not conditions (reactions) of defense mechanisms, but the temporal characteristics of the regular boot process. These characteristics are subjected to standardization - obtaining and recording staffing values based on statistics collected during the operation of the automated system in the absence of effects offenders. During each subsequent run of the boot process, its transient characteristics are compared with normalized values. On the basis of valid or invalid values differences, the conclusion about the possible impact of domestic violator on the boot process is made. That enables controlling all stages of boot, and not just the status of the protective mechanisms that occupies only part of the stages.
Intruder, vulnerability, success of attack, loading stage, time of execution
Короткий адрес: https://sciup.org/149129737
IDR: 149129737 | DOI: 10.15688/jvolsu10.2017.4.4