Information Technology Reference
In-Depth Information
1.
in order that the security features could successfully function, performing the tasks
assigned to them, it is imperative that they should have control over all information
interactions in the system, with no exception;
2.
in order that the information system could be successfully operated, it should both
have the required functionality and meet the requirements to the modern IT
products, i.e. it should be compatible with the solutions offered by other
manufacturers, it should be user-friendly, it should be able to provide access to the
resources of the World Wide Web etc.;
3.
security features should not lag behind the data processing functions in the extent
of their development, however, it is impractical to develop new protective
measures for each novel information technology, since it will tie up enormous
resources.
The solution for the outlined problem should be sought in the development of the
system architecture which could combine various system and application components
with security features in such a way that all the requirements formulated above would
be met.
2 Security of Information Technologies Through Secure
Operating Systems
For the modern computer systems the only way to ensure total control is to introduce
security features at the operating system level. This method of solving the problem
uses the systemic approach to the issue and guarantees results, though it involves
certain expenses. However, in this case the funds will be spent directly on protective
functions and not on the alterations made to the applications, which will inevitably
reduce their functionalities, the applications themselves becoming obsolete in the
process. On the contrary, the secure OS will be up-to-date as long as the problem of
IT security persists, and the ready availability of the source codes and of the full set of
design and operation documents will make it possible to monitor the security of
software codes.
This approach has been implemented in the Fenix secure operating system[1]
developed at the SSL of the SPSPU, making use of an original technology which
allows both to eliminate the setbacks of existing systems and obtain a comprehensive
mechanism of access control. The main objective of the project was to develop an
original secure OS to meet the domestic requirements and information security
standards, which could serve as the foundation for building a broad class of
information systems for critical purposes.
The production of a secure OS is an indispensable precondition for the solution of
the problem of IT security, however, it is not a final solution. The principal problem
which all new OS face (and the secure ones in particular) when introduced, is the lack
of a sufficient choice of user-defined application software which could be used in
working with the protected resources. Writing new applications for such OS or
importing the existing ones is a practically impossible task, in view of the time, funds,
and intellectual resources needed.
This is why the only way out of this deadlock is the creation of a secure operating
system to provide for the security of the processed information in conformity with the
