Тищенко Е.Н., Буцик К.А. Исследование и моделирование систем доверенной загрузки «тонкого клиента»

INVESTIGATION AND MODELING OF THIN-CLIENT TRUSTED PLATFORM SYSTEM

Evgeniy Nikolaevich Tishchenko

Doctor of Economic Sciences,

Head of Department of Information Technologies and Information Protection,

Rostov State Economic University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Bolshaya Sadovaya St., 69, 344002 Rostov-on-Don, Russian Federation

Kirill Aleksandrovich Butsik

Postgraduate Student,

Department of Information Technologies and Information Protection,

Rostov State Economic University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Bolshaya Sadovaya St., 69, 344002 Rostov-on-Don, Russian Federation

Abstract. The article discusses the process of trusted boot “hardware thin client” in a typical automated system. The process of loading the operating system into memory workstations is carried out using removable media, and technology network PXE boot. The analytical modeling of this process is performed from the perspective of the impacts of internal and external violators. The authors develop a formal model of the violators – a conditional mathematical representation of their impacts on the process of trusted boot. The factors that characterize the increased risk of attack from internal intruder, are outlined. An ideal boot process, characterized by the complete counter-attacks of the violators is simulated. The factors required of any trusted boot process for the approximation to the ideal state, are outlined. The authors identify the limitations of the modern systems for trusted boot based solely on the control of implemented protective mechanisms. The research provides a list of characteristics that require optimization with the aim of developing an alternative method of ensuring trusted boot “hardware thin client”. Alternatively, it is proposed to control not conditions (reactions) of defense mechanisms, but the temporal characteristics of the regular boot process. These characteristics are subjected to standardization – obtaining and recording staffing values based on statistics collected during the operation of the automated system in the absence of effects offenders. During each subsequent run of the boot process, its transient characteristics are compared with normalized values. On the basis of valid or invalid values differences, the conclusion about the possible impact of domestic violator on the boot process is made. That enables controlling all stages of boot, and not just the status of the protective mechanisms that occupies only part of the stages.

Key words: intruder, vulnerability, success of attack, loading stage, time of execution.

This work is licensed under a Creative Commons Attribution 4.0 International License.