Cryptographic information protection tools are used to protect personal or secret information transmitted over communication lines. To maintain the confidentiality of data, it is recommended to undergo authorization, authenticate the parties using the TLS, IPSec protocols, and ensure the security of the electronic signature and the communication channel itself.

ISBC offers effective branded solutions regarding the use of secure storage facilities for important information, electronic signature, access protection when using control systems. The largest government organizations cooperate with us, including the Federal Tax Service of Russia, leading manufacturers of cryptographic information security tools and developers software, certification centers operating in different regions of Russia.

CIPF: types, application

When using CIPF, the following methods are used:

1. Authorization of data, ensuring cryptographic protection of their legal significance during transmission and storage. For this purpose, algorithms are used to generate an electronic key and verify it in accordance with the specified regulations.
2. Cryptographic protection of personal or secret information, control over its integrity. Application of asymmetric encryption, imitation protection (elimination of the possibility of data substitution).
3. Cryptographic protection of application and system software. Ensuring control over unauthorized changes and incorrect operation.
4. Management of the main elements of the system in accordance with established regulations.
5. Authentication of parties that exchange data.
6. Cryptographic protection of information transmission using the TLS protocol.
7. Using cryptographic protection for IP connections using ESP, IKE, AH.

A full description of the use of cryptographic information protection means is contained in relevant documents.

CIPF solutions

In the process of securing information security CIPF uses the following methods:

1. Authentication in applications is carried out thanks to the Blitz Identity Provider. The authentication server allows, using a single account, manage connected resources of any type (Native, Web, Desktop applications), provides strict authentication of users using a token, smart card.
2. At the moment of establishing communication, identification of the parties is ensured thanks to an electronic signature. Inter-PRO provides HTTP traffic protection, editing and control capabilities digital signature online.
3. Cryptographic protection tools used for the confidentiality of digital document flow also use an electronic signature. To work with electronic key The Blitz Smart Card Plugin is used in the web application format.
4. The use of cryptographic security means eliminates the introduction of embedded devices and malware, as well as system modification.

CIPF classification

Tools used for cryptographic protection of open information in different systems,Providing confidentiality in open networks, aims to protect ,data integrity. It is important that the use of such tools for storing state secrets is prohibited by law, but is quite suitable for ensuring the safety of personal information.

The means used for cryptographic information protection are classified depending on the probable threat and an assessment of the likely method of hacking the system. They depend on the presence of undocumented capabilities or non-compliance with the stated characteristics, which may contain:

1. system software;
2. application software;
3. other disadvantages of the storage medium.

Software protection is represented by a set of solutions designed to encrypt messages located on various storage media. Such storage media can be memory cards, flash drives or hard drives. The simplest of them can be found in the public domain. Software cryptographic protection includes virtual networks designed for exchanging messages operating “on top of the Internet,” for example, VPNs, extensions that have HTTP protocol, supporting extensions for HTTPS, SSL encryption. The protocols used to exchange information are used to create Internet applications in IP telephony.

Software cryptographic protection is convenient to use on home computers, for surfing the Internet, and in other areas where high demands are not placed on the functionality and reliability of the system. Or, as when using the Internet, you need to create a large number of different secure connections.

Hardware cryptographic protection systems

Hardware cryptographic protection means are physical devices associated with a data transmission system that provide encryption, recording, and transmission of information. The devices can be personal devices or look like:

• USB encryptors, flash drives.

Using these devices you can build perfectly secure computer networks.

Hardware cryptographic protection tools are easy to install and provide a high response rate. The information necessary to provide a high level of cryptographic protection is located in the device memory. It can be read contact or non-contact.

When using CIPF produced under the ESMART brand, you will receive effective technologies that provide effective cryptographic protection online or offline, user authentication using tokens, smart cards or biometric data. Combination of hardware methods with software solutions allows you to get the most high level protection with little time and effort in the process of information exchange.

An important feature of the ESMART® cryptographic protection product line is the presence of a one-of-a-kind product - based on the domestic MIK 51 chip from Mikron PJSC, with which you can effectively solve many problems related to security and data protection. It is a CIPF with hardware support for Russian GOST cryptographic algorithms based on a domestic chip.

CIPF ESMART® Token GOST is issued in the form of smart cards and tokens. The development of the ESMART company is certified by the FSB of Russia in classes KS1/KS2/KS3. Certificate No. SF/124-3668 certifies that the CIPF ESMART Token GOST complies with the requirements of the FSB of Russia for encryption (cryptographic) means of class KS1/KS2/KS3, the requirements for electronic signature means approved by FSB Order No. 796 and can be used for cryptographic information protection , not containing information constituting a state secret. Notice ABPN.1-2018 allows the use of GOST R 34.10-2001 in the CIPF ESMART Token GOST during the validity period of the certificate due to the postponement of the transition to GOST R 34.10-2012 until January 1, 2020. Also, ESMART® Token GOST can be used to generate keys, generate and verify electronic signatures, strict multi-factor user authentication, etc.

The ESMART company offers to purchase modern CIPF at best prices from the manufacturer. Our engineering R&D center and production are located in Zelenograd. Use of chips Russian production allows us to offer the best, most competitive prices for cryptographic information protection tools for government projects, enterprises and organizations.

Cryptographic information protection tools, or CIPF for short, are used to ensure comprehensive protection of data transmitted over communication lines. To do this, it is necessary to ensure authorization and protection of the electronic signature, authentication of communicating parties using the TLS and IPSec protocols, as well as protection of the communication channel itself, if necessary.

In Russia, the use of cryptographic means of information security is mostly classified, so there is little publicly available information on this topic.

Methods used in CIPF

• Authorization of data and ensuring the safety of their legal significance during transmission or storage. To do this, they use algorithms for creating an electronic signature and verifying it in accordance with the established regulations RFC 4357 and use certificates according to the X.509 standard.
• Protecting data confidentiality and monitoring its integrity. Asymmetric encryption and imitation protection are used, that is, counteracting data substitution. Complied with GOST R 34.12-2015.
• Protection of system and application software. Monitor for unauthorized changes or incorrect functioning.
• Management of the most important elements of the system in strict accordance with the adopted regulations.
• Authentication of parties exchanging data.
• Securing the connection using the TLS protocol.
• Protecting IP connections using the IKE, ESP, AH protocols.

The methods are described in detail in the following documents: RFC 4357, RFC 4490, RFC 4491.

CIPF mechanisms for information protection

1. The confidentiality of stored or transmitted information is protected by the use of encryption algorithms.
2. When establishing a connection, identification is provided by means of an electronic signature when used during authentication (as recommended by X.509).
3. Digital document flow is also protected by electronic signatures together with protection against imposition or repetition, while the authenticity of the keys used to verify electronic signatures is monitored.
4. The integrity of information is ensured by means of a digital signature.
5. Using asymmetric encryption functions helps protect your data. In addition, hashing functions or impersonation algorithms can be used to check data integrity. However, these methods do not support determining the authorship of a document.
6. Repetition protection occurs using cryptographic functions of an electronic signature for encryption or imitation protection. In this case, a unique identifier is added to each network session, long enough to exclude its random coincidence, and verification is implemented by the receiving party.
7. Protection against imposition, that is, from penetration into communication from the outside, is provided by means of electronic signature.
8. Other protection - against bookmarks, viruses, modifications of the operating system, etc. - is provided using various cryptographic means, security protocols, anti-virus software and organizational measures.

As you can see, electronic signature algorithms are a fundamental part of a means of cryptographic information protection. They will be discussed below.

Requirements for using CIPF

CIPF is aimed at protecting (by checking an electronic signature) open data in various information systems ah general use and ensuring their confidentiality (electronic signature verification, imitation protection, encryption, hash verification) in corporate networks.

A personal cryptographic information protection tool is used to protect the user’s personal data. However, special emphasis should be placed on information related to state secrets. According to the law, CIPF cannot be used to work with it.

Important: before installing CIPF, the first thing you should check is the CIPF software package itself. This is the first step. Typically, the integrity of the installation package is verified by comparing checksums received from the manufacturer.

After installation, you should determine the level of threat, based on which you can determine the types of CIPF required for use: software, hardware, and hardware-software. It should also be taken into account that when organizing some CIPF, it is necessary to take into account the placement of the system.

Protection classes

According to the order of the FSB of Russia dated July 10, 2014, number 378, regulating the use of cryptographic means of protecting information and personal data, six classes are defined: KS1, KS2, KS3, KB1, KB2, KA1. The protection class for a particular system is determined from an analysis of data about the model of the intruder, that is, from an assessment possible ways hacking the system. Protection in this case is built from software and hardware cryptographic information protection.

AC (current threats), as can be seen from the table, are of 3 types:

1. Threats of the first type are associated with undocumented capabilities in the system software used in the information system.
2. Threats of the second type are associated with undocumented capabilities in the application software used in the information system.
3. The third type of threat refers to all the others.

Undocumented features are functions and features of the software that are not described in the official documentation or do not correspond to it. That is, their use may increase the risk of violating the confidentiality or integrity of information.

For clarity, let’s look at the models of intruders whose interception requires one or another class of cryptographic information protection means:

• KS1 - the intruder acts from the outside, without assistants inside the system.
• KS2 is an internal intruder, but does not have access to CIPF.
• KS3 is an internal intruder who is a user of CIPF.
• KV1 is an intruder who attracts third-party resources, for example, CIPF specialists.
• KV2 is an intruder, behind whose actions is an institute or laboratory working in the field of studying and developing CIPF.
• KA1 - special services of states.

Thus, KS1 can be called the basic protection class. Accordingly, the higher the protection class, the fewer specialists capable of providing it. For example, in Russia, according to data for 2013, there were only 6 organizations that had a certificate from the FSB and were capable of providing KA1 class protection.

Algorithms used

Let's consider the main algorithms used in cryptographic information protection tools:

• GOST R 34.10-2001 and updated GOST R 34.10-2012 - algorithms for creating and verifying an electronic signature.
• GOST R 34.11-94 and the latest GOST R 34.11-2012 - algorithms for creating hash functions.
• GOST 28147-89 and more new GOST R 34.12-2015 - implementation of encryption and data protection algorithms.
• Additional cryptographic algorithms are found in RFC 4357.

Electronic signature

The use of cryptographic information security tools cannot be imagined without the use of electronic signature algorithms, which are gaining increasing popularity.

An electronic signature is a special part of a document created by cryptographic transformations. Its main task is to identify unauthorized changes and determine authorship.

An electronic signature certificate is a separate document that proves the authenticity and ownership of an electronic signature to its owner using a public key. Certificates are issued by certification authorities.

The owner of an electronic signature certificate is the person in whose name the certificate is registered. It is associated with two keys: public and private. The private key allows you to create an electronic signature. The purpose of a public key is to verify the authenticity of a signature through a cryptographic link to the private key.

Types of electronic signature

According to Federal Law No. 63, electronic signatures are divided into 3 types:

• regular electronic signature;
• unqualified electronic signature;
• qualified electronic signature.

A simple electronic signature is created through passwords imposed on opening and viewing data, or similar means that indirectly confirm the owner.

An unqualified electronic signature is created using cryptographic data transformations using a private key. Thanks to this, you can confirm the person who signed the document and determine whether unauthorized changes have been made to the data.

Qualified and unqualified signatures differ only in that in the first case the certificate for electronic signature must be issued by a certification center certified by the FSB.

Scope of use of electronic signature

The table below discusses the scope of application of electronic signatures.

Electronic signature technologies are most actively used in document exchange. In internal document flow, the electronic signature acts as an approval of documents, that is, as a personal signature or seal. In the case of external document flow, the presence of an electronic signature is critical, as it is a legal confirmation. It is also worth noting that documents signed with electronic signatures can be stored indefinitely and not lose their legal significance due to factors such as erased signatures, damaged paper, etc.

Reporting to regulatory authorities is another area in which electronic document flow is increasing. Many companies and organizations have already appreciated the convenience of working in this format.

In law Russian Federation Every citizen has the right to use an electronic signature when using government services (for example, signing an electronic application for authorities).

Online trading is another interesting area in which electronic signatures are actively used. It confirms the fact that a real person is participating in the auction and his offers can be considered reliable. It is also important that any contract concluded with the help of an electronic signature acquires legal force.

Electronic signature algorithms

• Full Domain Hash (FDH) and Public Key Cryptography Standards (PKCS). The latter represents a whole group of standard algorithms for various situations.
• DSA and ECDSA are standards for creating electronic signatures in the USA.
• GOST R 34.10-2012 - standard for creating electronic signatures in the Russian Federation. This standard replaced GOST R 34.10-2001, which officially expired after December 31, 2017.
• The Eurasian Union uses standards completely similar to Russian ones.
• STB 34.101.45-2013 - Belarusian standard for digital electronic signature.
• DSTU 4145-2002 - standard for creating an electronic signature in Ukraine and many others.

It is also worth noting that algorithms for creating electronic signatures have different purposes and goals:

• Group electronic signature.
• One-time digital signature.
• Trusted electronic signature.
• Qualified and unqualified signature, etc.

1.1. This Policy for the Application of Cryptographic Information Protection Tools ( Further - Policy ) determines the procedure for organizing and ensuring the functioning of encryption ( cryptographic) means intended to protect information that does not contain information constituting a state secret ( Further - CIPF, crypto-means ) if they are used to ensure the security of confidential information and personal data during their processing in information systems.

1.2. This Policy has been developed in pursuance of:

• Federal Law "About personal data" , regulations of the Government of the Russian Federation in the field of ensuring the security of personal data;
• Federal Law No. 63-FZ "About electronic signature" ;
• Order of the FSB of the Russian Federation No. 378 "On approval of the composition and content of organizational and technical measures to ensure the security of personal data during their processing in personal data information systems using cryptographic information protection tools necessary to fulfill the requirements established by the Government of the Russian Federation for the protection of personal data for each level of security";
• FAPSI Order No. 152 “ On approval of the Instructions on organizing and ensuring the security of storage, processing and transmission via communication channels using means of cryptographic protection of information with limited access that does not contain information constituting a state secret»;
• Order of the FSB of the Russian Federation N 66 " On approval of the Regulations on the development, production, sale and operation of encryption (cryptographic) information security means (PKZ-2005 Regulations) »;

1.3. This Policy applies to crypto tools designed to ensure the security of confidential information and personal data when processed in information systems;

1.4. Cryptographic means of information protection ( Further - CIPF ), implementing encryption and electronic signature functions are used to protect electronic documents transmitted over public communication channels, for example, the public Internet, or via dial-up communication channels.

1.5. To ensure security, it is necessary to use CIPF, which:

• allow embedding into technological processes processing electronic messages, ensure interaction with application software at the level of processing requests for cryptographic transformations and issuing results;
• are supplied by the developers with a full set of operational documentation, including a description key system, rules for working with it, as well as justification for the necessary organizational and staffing support;
• support the continuity of the processes of logging the operation of the CIPF and ensuring the integrity of the software for the CIPF operating environment, which is a set of hardware and software tools with which the normal functioning of the CIPF occurs and which can affect the fulfillment of the requirements for the CIPF;
• certified by an authorized state body or have permission from the FSB of Russia.

1.6. CIPF used to protect personal data must have a class of at least KS2.

1.7. CIPF is implemented on the basis of algorithms that comply with the national standards of the Russian Federation and the terms of the agreement with the counterparty.

1.8. CIPF, licenses, accompanying key documents, instructions for CIPF are purchased by the organization independently or can be obtained from a third party that initiates secure document flow.

1.9. CIPF, including installation media, key documents, descriptions and instructions for CIPF, constitute a trade secret in accordance with the Regulations on Confidential Information.

1. Procedure for using CIPF

2.1. Installation and configuration of cryptographic information protection tools is carried out in accordance with operational documentation, instructions of the FSB of Russia and other organizations participating in secure electronic document flow. Upon completion of installation and configuration, the readiness of the CIPF for use is checked, conclusions are drawn up on the possibility of their operation, and the CIPF is put into operation.

The placement and installation of CIPF, as well as other equipment operating with crypto-assets, in secure premises should minimize the possibility of uncontrolled access of unauthorized persons to these funds. Maintenance of such equipment and change of crypto keys are carried out in the absence of persons not authorized to work with CIPF data. It is necessary to provide organizational and technical measures to exclude the possibility of using CIPF by unauthorized persons. The physical placement of CIPF must ensure the security of CIPF and prevent unauthorized access to CIPF. Access of persons to the premises where protective equipment is located is limited in accordance with official needs and is determined by a list approved by the director.

The embedding of crypto funds of class KS1 and KS2 is carried out without control by the FSB of Russia ( if this control is not provided for in the terms of reference for the development (modernization) of the information system).

The embedding of cryptocurrencies of class KS3, KB1, KB2 and KA1 is carried out only under the control of the FSB of Russia.

Embedding of crypto-tools of class KS1, KS2 or KS3 can be carried out either by the user of the crypto-tool himself if he has the appropriate license from the FSB of Russia, or by an organization that has the appropriate license from the FSB of Russia.

The embedding of cryptocurrencies of class KV1, KV2 or KA1 is carried out by an organization that has the appropriate license from the FSB of Russia.

Decommissioning of CIPF is carried out subject to procedures that ensure guaranteed removal of information, the unauthorized use of which may harm the business activities of the organization, and information used by information security tools, from permanent memory and from external media ( with the exception of archives of electronic documents and protocols of electronic interaction, the maintenance and preservation of which for a certain period are provided for by the relevant regulatory and (or) contractual documents) and is formalized by the Act. CIPF is destroyed ( dispose of) by decision of the owner of the crypto-fund, and with notification of the organization responsible in accordance with the organization of copy-by-instance accounting of crypto-funds.

Destined for destruction ( recycling) CIPF are subject to removal from the hardware with which they functioned. In this case, crypto-tools are considered removed from the hardware if the procedure for removing the software of crypto-tools, provided for in the operational and technical documentation for CIPF, has been completed and they are completely disconnected from the hardware.

General-purpose hardware components and parts suitable for further use, not specifically designed for hardware implementation of cryptographic algorithms or other CIPF functions, as well as equipment working together with crypto-tools ( monitors, printers, scanners, keyboards, etc.), may be used after the destruction of CIPF without restrictions. In this case, information that may remain in the equipment memory devices ( for example, in printers, scanners), must be securely removed ( erased).

2.2. The operation of CIPF is carried out by persons appointed by order of the director of the organization and who have been trained to work with them. If there are two or more CIPF users, responsibilities are distributed between them, taking into account personal responsibility for the safety of crypto assets, key, operational and technical documentation, as well as for assigned areas of work.

Users of crypto funds are obliged to:

• not disclose information to which they are authorized, including information about CIPF and other protection measures;
• do not disclose information about key documents;
• do not allow copies to be made of key documents;
• prevent key documents from being displayed ( monitor) personal computer or printer;
• do not allow extraneous information to be recorded on the key media;
• do not allow installation of key documents on other personal computers;
• comply with the requirements for ensuring the security of information, the requirements for ensuring the security of CIPF and key documents thereto;
• report on attempts by outsiders that have become known to them to obtain information about the CIPF used or key documents for them;
• immediately notify about the facts of loss or shortage of CIPF, key documents to them, keys to premises, storage facilities, personal seals and other facts that may lead to the disclosure of protected information;
• submit CIPF, operational and technical documentation for them, key documents upon dismissal or removal from duties related to the use of cryptocurrencies.

The security of information processing using CIPF is ensured by:

• compliance by users with confidentiality when handling information that is entrusted to them or has become known through their work, including information about the functioning and procedure for ensuring the security of the CIPF used and key documents to them;
• accurate compliance by CIPF users with information security requirements;
• reliable storage of operational and technical documentation for CIPF, key documents, limited distribution media;
• timely detection of attempts by unauthorized persons to obtain information about the protected information, about the CIPF used or key documents to them;
• immediate adoption of measures to prevent the disclosure of protected information, as well as its possible leak when facts of loss or shortage of CIPF, key documents for them, certificates, passes, keys to premises, storage facilities, safes are identified ( metal cabinets), personal seals, etc.

If it is necessary to transmit restricted access service messages over technical communication means concerning the organization and operation of CIPF, these messages must be transmitted only using crypto-means. Transfer of cryptokeys via technical means of communication is not permitted, with the exception of specially organized systems with a decentralized supply of cryptokeys.

CIPF are subject to accounting using indices or conventional names and registration numbers. The list of indices, code names and registration numbers of crypto-assets is determined by the Federal Security Service of the Russian Federation.

CIPF used or stored, operational and technical documentation for them, key documents are subject to copy-by-copy recording. The form of the CIPF Logbook is given in Appendix No. 1, the Key Media Logbook in Appendix No. 2 to this Policy. In this case, software cryptographic information protection systems must be taken into account together with the hardware with which their normal operation is carried out. If hardware or hardware-software CIPF is connected to system bus or to one of the internal hardware interfaces, then such crypto-means are also taken into account together with the corresponding hardware.

The unit of copy-by-copy accounting of key documents is considered to be a reusable key media, a key notepad. If the same key medium is used repeatedly to record crypto keys, then it should be registered separately each time.

All received copies of crypto-assets, operational and technical documentation for them, and key documents must be issued against receipt in the appropriate copy-by-instance journal to users of crypto-assets who bear personal responsibility for their safety.

The transfer of CIPF, operational and technical documentation for them, and key documents is allowed only between users of crypto-assets and (or) the responsible user of crypto-assets against a receipt in the appropriate journals of each instance. Such transfer between users of crypto funds must be authorized.

Storage of CIPF installation media, operational and technical documentation, key documents is carried out in cabinets ( boxes, storage) for individual use under conditions that preclude uncontrolled access to them, as well as their unintentional destruction.

The hardware with which the CIPF operates normally, as well as hardware and hardware-software CIPF, must be equipped with means of control over their opening ( sealed, sealed). Place of sealing ( sealing) cryptocurrencies, hardware must be such that it can be visually monitored. In the presence of technical feasibility During the absence of users of crypto-funds, these funds must be disconnected from the communication line and placed in sealed storage.

Changes to the CIPF software and technical documentation for the CIPF are carried out on the basis of received from the CIPF manufacturer and documented updates with recording of checksums.

Operation of CIPF involves maintaining at least two backup copies of software and one backup copy key media. Restoring the functionality of the CIPF in emergency situations is carried out in accordance with the operational documentation.

2.3. The production of key documents from the initial key information is carried out by responsible users of CIPF, using standard crypto-tools, if such a possibility is provided for in the operational and technical documentation in the presence of a license from the FSB of Russia for the production of key documents for crypto-tools.

Key documents can be delivered by courier ( including departmental) communication or with specially designated responsible users of crypto funds and employees, subject to measures to prevent uncontrolled access to key documents during delivery.

To send key documents, they must be placed in durable packaging that excludes the possibility of physical damage and external influence. The packaging indicates the responsible user for whom the packaging is intended. Such packages are marked “Personally”. The packages are sealed in such a way that it is impossible to remove the contents from them without breaking the packages and seals.

Before initial deportation ( or return) the addressee is informed in a separate letter of the description of the packages sent to him and the seals with which they can be sealed.

To send key documents, a covering letter is prepared, which must indicate: what is being sent and in what quantity, document registration numbers, as well as, if necessary, the purpose and procedure for using the item being sent. The covering letter is included in one of the packages.

The received packages are opened only by the responsible user of the crypto funds for which they are intended. If the contents of the received package do not correspond to what is specified in the cover letter or the packaging itself and the seal do not correspond to their description ( imprint), and also if the packaging is damaged, resulting in free access to its contents, then the recipient draws up a report, which he sends to the sender. Key documents received with such shipments are not permitted to be used until instructions are received from the sender.

If defective key documents or crypto keys are discovered, one copy of the defective product should be returned to the manufacturer to establish the causes of the incident and eliminate them in the future, and the remaining copies should be stored until additional instructions are received from the manufacturer.

Receipt of key documents must be confirmed to the sender in the manner specified in the cover letter. The sender is obliged to control the delivery of his items to the recipients. If the appropriate confirmation is not received from the addressee in a timely manner, the sender must send him a request and take measures to clarify the location of the items.

The order for the production of the next key documents, their production and distribution to places of use for the timely replacement of existing key documents is made in advance. The instruction to put into effect the next key documents is given by the responsible user of crypto funds only after receiving confirmation from them that the next key documents have been received.

Unused or deactivated key documents must be returned to the responsible user of crypto funds or, at his direction, must be destroyed on site.

Destruction of crypto keys ( initial key information) can be done by physically destroying the key media on which they are located, or by erasing ( destruction) crypto keys ( initial key information) without damaging the key media ( to ensure its reusability).

Cryptokeys ( initial key information) are washed using the technology adopted for the corresponding key reusable media ( floppy disks, compact discs (CD-ROM), Data Key, Smart Card, Touch Memory, etc.). Direct actions to erase crypto keys ( initial key information), as well as possible restrictions on the further use of the corresponding reusable key media are regulated by the operational and technical documentation for the relevant CIPF, as well as instructions from the organization that recorded the crypto keys ( initial key information).

Key media are destroyed by causing irreparable physical damage to them, excluding the possibility of their use, as well as by restoring key information. Direct actions to destroy a specific type of key media are regulated by the operational and technical documentation for the relevant CIPF, as well as instructions from the organization that recorded the crypto keys ( initial key information).

Paper and other combustible key media are destroyed by burning or using any paper cutting machines.

Key documents are destroyed within the time limits specified in the operational and technical documentation for the relevant CIPF. The fact of destruction is recorded in the corresponding copy-by-instance journals.

Destruction according to the act is carried out by a commission consisting of at least two people. The act specifies what is destroyed and in what quantity. At the end of the act, a final entry is made (in numbers and in words) about the number of items and copies of key documents being destroyed, installation media for CIPF, operational and technical documentation. Corrections in the text of the act must be agreed upon and certified by the signatures of all members of the commission who took part in the destruction. About the destruction carried out, notes are made in the appropriate journals for individual records.

Cryptokeys that are suspected of being compromised, as well as other cryptokeys operating in conjunction with them, must be immediately taken out of action, unless a different procedure is specified in the operational and technical documentation of the CIPF. In emergency cases, when there are no crypto keys to replace compromised ones, it is allowed, by the decision of the responsible user of crypto funds, agreed with the operator, to use compromised crypto keys. In this case, the period of use of compromised crypto keys should be as short as possible, and the protected information should be as valuable as possible.

About violations that may lead to compromise of cryptokeys, their components or transmitted ( stored) with their use of data, users of crypto funds are obliged to inform the responsible user of crypto funds.

Inspection of reusable key media by unauthorized persons should not be considered as a suspicion of compromise of crypto keys, if this excludes the possibility of their copying ( reading, reproduction).

In cases of shortage, non-presentation of key documents, as well as uncertainty of their location, the responsible user takes urgent measures to find them and localize the consequences of compromising key documents.

1. Key system management procedure

Registration of persons with rights to manage keys is carried out in accordance with the operational documentation for the CIPF.

Key management is an information process that includes three elements:

— key generation;

— accumulation of keys;

— distribution of keys.

Organizational information systems use special hardware and software methods for generating random keys. As a rule, pseudo random number sensors are used ( Further - PSCH ), with enough high degree randomness of their generation. Software key generators that calculate the PFR as a complex function of the current time and ( or) number entered by the user.

The accumulation of keys refers to the organization of their storage, accounting and removal.

Private keys must not be written explicitly on a medium that can be read or copied.

All information about the keys used must be stored in encrypted form. Keys that encrypt key information are called master keys. Each user must know master keys by heart; storing them on any tangible media is prohibited.

To ensure information security, it is necessary to periodically update key information in information systems. In this case, both regular keys and master keys are reassigned.

When distributing keys, the following requirements must be met:

— efficiency and accuracy of distribution;

— secrecy of distributed keys.

An alternative is for two users to obtain a shared key from a central authority, the Key Distribution Center (KDC), through which they can communicate securely. To organize the exchange of data between the CRC and the user, the latter is allocated a special key during registration, which encrypts messages transmitted between them. Each user is allocated a separate key.

KEY MANAGEMENT BASED ON PUBLIC KEY SYSTEMS

Before using a public key cryptosystem to exchange regular private keys, users must exchange their public keys.

Public keys can be managed through an online or offline directory service, and users can also exchange keys directly.

1. Monitoring and control of the use of CIPF

To increase the level of security when operating CIPF, the system should implement monitoring procedures that record all significant events that took place during the exchange process by email, and all information security incidents. The description and list of these procedures must be established in the operational documentation for the CIPF.

Control over the use of cryptographic information protection provides:

• monitoring the compliance of the setup and configuration of information security tools, as well as hardware and software that can affect the fulfillment of the requirements for information security tools, regulatory and technical documentation;
• monitoring compliance with the rules for storing restricted access information used in the operation of information security tools ( in particular, key, password and authentication information);
• control of the possibility of access of unauthorized persons to information security means, as well as to hardware and software that can affect the fulfillment of the requirements for information security means;
• monitoring compliance with the rules for responding to information incidents ( about facts of loss, compromise of key, password and authentication information, as well as any other information of limited access);
• control of compliance of hardware and software tools of CIPF and documentation for these tools with reference samples ( supplier guarantees or control mechanisms that allow you to independently establish such compliance);
• monitoring the integrity of the hardware and software of CIPF and documentation for these tools during storage and commissioning of these tools ( using both control mechanisms described in the documentation for CIPF, and using organizational).

Download ZIP file (43052)

If the documents are useful, please like or:

The requirements for information security when designing information systems indicate the characteristics that characterize the information security means used. They are defined by various acts of regulators in the field of information security, in particular by the FSTEC and the FSB of Russia. What security classes there are, types and types of protective equipment, as well as where to find out more about this, is reflected in the article.

Introduction

Today, issues of ensuring information security are the subject of close attention, since technologies being implemented everywhere without ensuring information security become a source of new serious problems.

The Russian FSB reports on the seriousness of the situation: the amount of damage caused by attackers over several years around the world ranged from $300 billion to $1 trillion. According to information provided by the Prosecutor General of the Russian Federation, in the first half of 2017 alone in Russia the number of crimes in the field of high technology increased sixfold, the total amount of damage exceeded $18 million. An increase in targeted attacks in the industrial sector in 2017 was noted throughout the world. In particular, in Russia the increase in the number of attacks compared to 2016 was 22%.

Information technologies began to be used as weapons for military-political, terrorist purposes, to interfere in the internal affairs of sovereign states, as well as to commit other crimes. The Russian Federation stands for the creation of an international information security system.

On the territory of the Russian Federation, information holders and information system operators are required to block attempts of unauthorized access to information, as well as monitor the security status of the IT infrastructure on an ongoing basis. At the same time, information protection is ensured by taking various measures, including technical ones.

Information security tools, or information protection systems, ensure the protection of information in information systems, which are essentially a collection of information stored in databases, information technologies that ensure its processing, and technical means.

Modern information systems are characterized by the use of various hardware and software platforms, the territorial distribution of components, as well as interaction with open data networks.

How to protect information in such conditions? The corresponding requirements are presented by authorized bodies, in particular, FSTEC and the FSB of Russia. Within the framework of the article, we will try to reflect the main approaches to the classification of information security systems, taking into account the requirements of these regulators. Other ways of describing the classification of information security systems, reflected in regulatory documents Russian departments, as well as foreign organizations and agencies, are beyond the scope of this article and are not considered further.

The article may be useful to novice specialists in the field of information security as a source of structured information on methods of classifying information security based on the requirements of the FSTEC of Russia (to a greater extent) and, briefly, the FSB of Russia.

The structure that determines the procedure and coordinates the provision of non-cryptographic information security methods is the FSTEC of Russia (formerly the State Technical Commission under the President of the Russian Federation, State Technical Commission).

If the reader had to see the State Register of Certified Information Security Tools, which is formed by the FSTEC of Russia, then he certainly paid attention to the presence in the descriptive part of the purpose of the information protection system such phrases as “RD SVT class”, “level of absence of non-compliance with non-compliance”, etc. (Figure 1) .

Figure 1. Fragment of the register of certified information protection devices

Classification of cryptographic information security tools

The FSB of Russia has defined classes of cryptographic information protection systems: KS1, KS2, KS3, KV and KA.

The main features of KS1 class IPS include their ability to withstand attacks carried out from outside the controlled area. This implies that the creation of attack methods, their preparation and implementation is carried out without the participation of specialists in the field of development and analysis of cryptographic information security. It is assumed that information about the system in which the specified information security systems are used can be obtained from open sources.

If a cryptographic information security system can withstand attacks blocked by means of class KS1, as well as those carried out within the controlled area, then such information security corresponds to class KS2. In this case, it is allowed, for example, that during the preparation of an attack it could become available information on physical measures to protect information systems, ensuring a controlled area, etc.

If it is possible to resist attacks if there is physical access to computer equipment with installed cryptographic security information, such equipment is said to comply with the KS3 class.

If cryptographic information security resists attacks, the creation of which involved specialists in the field of development and analysis of these tools, including research centers, and it was possible to conduct laboratory studies of security means, then we are talking about compliance with the HF class.

If specialists in the field of using NDV system software were involved in the development of attack methods, the corresponding design documentation was available and there was access to any hardware components of cryptographic information security systems, then protection against such attacks can be provided by means of the KA class.

Classification of electronic signature protection means

Electronic signature tools, depending on their ability to withstand attacks, are usually compared with the following classes: KS1, KS2, KS3, KB1, KB2 and KA1. This classification is similar to that discussed above in relation to cryptographic information security.

conclusions

The article examined some methods of classifying information security in Russia, the basis of which is the regulatory framework of regulators in the field of information protection. The considered classification options are not exhaustive. Nevertheless, we hope that the presented summary information will allow a novice specialist in the field of information security to quickly navigate.

The means of cryptographic information protection (CIPF) include hardware, software-hardware and software, implementing cryptographic algorithms for converting information with the purpose of:

Protection of information during its processing, storage and transmission through the AS transport environment;

Ensuring the reliability and integrity of information (including using digital signature algorithms) during its processing, storage and transmission through the AS transport environment;

Generating information used to identify and authenticate subjects, users and devices;

Generation of information used to protect the authenticating elements of a protected AS during their generation, storage, processing and transmission.

It is assumed that CIPF is used in some AS (in a number of sources - an information and telecommunication system or communication network), together with mechanisms for implementing and guaranteeing security policy.

Cryptographic transformation has a number of significant features:

CIPF implements some algorithm for converting information (encryption, electronic digital signature, integrity control)

The input and output arguments of the cryptographic transformation are present in the AS in some material form (AS objects)

CIPF uses some confidential information(keys)

The cryptographic transformation algorithm is implemented in the form of some material object that interacts with the environment (including subjects and objects of the protected AS).

Thus, the role of CIPF in a protected AS is the transformation of objects. In each specific case, this transformation has its own peculiarities. Thus, the encryption procedure uses an object - plaintext and an object - key as input parameters, the result of the transformation is an object - ciphertext; on the contrary, the decryption procedure uses the ciphertext and the key as input parameters; the procedure for affixing a digital signature uses an object - a message and an object - a secret signature key - as input parameters; the result of the digital signature is an object - a signature, usually integrated into an object - a message. We can say that CIPF protects objects at the semantic level. At the same time, objects - parameters of cryptographic transformation are full-fledged AS objects and can be objects of some security policy (for example, encryption keys can and should be protected from unauthorized access, public keys to check the digital signature against changes). So, CIPF as part of protected systems have a specific implementation - it can be a separate specialized device built into a computer, or a specialized program. The following points are essential:

CIPF exchanges information with the external environment, namely: keys are entered into it, plaintext during encryption

CIPF in the case of hardware implementation uses an elemental base of limited reliability (i.e., the parts that make up the CIPF are subject to malfunctions or failures)

CIPF in the case of software implementation is executed on a processor of limited reliability and in a software environment containing third-party programs that can affect various stages of its operation

CIPF is stored on a tangible medium (in the case of software implementation) and may be intentionally or accidentally distorted during storage

CIPF interacts with the external environment indirectly (powered by the mains, emits electromagnetic fields)

CIPF is manufactured and/or used by a person who can make errors (intentional or accidental) during development and operation

Existing data protection tools in telecommunication networks can be divided into two groups based on the principle of constructing a key system and an authentication system. The first group includes tools that use symmetric cryptographic algorithms to build a key system and an authentication system, and the second group includes asymmetric ones.

Let us conduct a comparative analysis of these systems. An information message ready for transmission, initially open and unprotected, is encrypted and thereby converted into a ciphergram, that is, into closed text or a graphic image of a document. In this form, the message is transmitted over a communication channel, even if it is not secure. An authorized user, after receiving a message, decrypts it (i.e., opens it) by reverse transforming the cryptogram, resulting in the original, clear form of the message, accessible to authorized users. The conversion method in a cryptographic system corresponds to the use of a special algorithm. The operation of such an algorithm is triggered by a unique number (sequence of bits), usually called an encryption key.

For most systems, the key generator circuit may be a set of instructions and commands, either a piece of hardware or computer program, or all of this together, but in any case, the encryption (decryption) process is implemented only by this special key. For the exchange of encrypted data to be successful, both the sender and the recipient need to know the correct key setting and keep it secret. The strength of any closed communication system is determined by the degree of secrecy of the key used in it. However, this key must be known to other network users so that they can freely exchange encrypted messages. In this sense, cryptographic systems also help solve the problem of authentication (establishing the authenticity) of received information. In the event of a message being intercepted, an attacker will only deal with the encrypted text, and the true recipient, receiving messages closed with a key known to him and the sender, will be reliably protected from possible misinformation. In addition, it is possible to encrypt information and more in a simple way- using a pseudo-random number generator. The use of a pseudo-random number generator involves generating a cipher gamma using a pseudo-random number generator given a certain key and applying the resulting gamma to the open data in a reversible manner. This method of cryptographic protection is quite easy to implement and provides a fairly high encryption speed, but is not sufficiently resistant to decryption.

Classical cryptography is characterized by the use of one secret unit - a key, which allows the sender to encrypt a message and the recipient to decrypt it. In the case of encrypting data stored on magnetic or other storage media, the key allows you to encrypt information when writing to the media and decrypt it when reading from it.

"Organizational and legal methods of information security"

Basic regulatory guidance documents relating to state secrets, regulatory and reference documents

Today, our country has created a stable legislative framework in the field of information protection. The fundamental law can be called the Federal Law of the Russian Federation “On Information, information technology and on the protection of information." “State regulation of relations in the field of information protection is carried out by establishing requirements for the protection of information, as well as liability for violation of the legislation of the Russian Federation on information, information technology and information protection.” The Law also establishes the responsibilities of information owners and operators of information systems.

As for the “codified” regulation of information security, the norms of the Code of Administrative Offenses of the Russian Federation and the Criminal Code of the Russian Federation also contain the necessary articles. In Art. 13.12 of the Code of Administrative Offenses of the Russian Federation talks about violation of information protection rules. Also Art. 13.13, which provides for punishment for illegal activities in the field of information security. And Art. 13.14. which provides penalties for disclosing restricted information. Article 183. The Criminal Code of the Russian Federation provides for punishment for the illegal receipt and disclosure of information constituting commercial, tax or banking secrets.

The Federal Law “On Information, Informatization and Information Protection” stipulates that state information resources of the Russian Federation are open and publicly accessible. The exception is documented information classified by law as restricted access.

The concept of state secret is defined in the Law “On State Secrets” as “information protected by the state in the field of its military, foreign policy, economic, intelligence, counterintelligence and operational investigative activities, the dissemination of which may harm the security of the Russian Federation.” Thus, based on the balance of interests of the state, society and citizens, the scope of application of the Law is limited certain types activities: military, foreign policy, economic, intelligence, counterintelligence and operational investigative.

The law determined that the main criterion is that classified information belongs to the state.

The law also established the creation of a number of bodies in the field of protection of state secrets, in particular, the interdepartmental commission for the protection of state secrets, introduced the institution of officials empowered to classify information as state secrets, while simultaneously assigning them personal responsibility for activities to protect state secrets in area of ​​their jurisdiction.

The general organization and coordination of work in the country to protect information processed by technical means is carried out by a collegial body - the Federal Service for Technical and Export Control (FSTEK) of Russia under the President of the Russian Federation, which monitors security in government bodies and at enterprises conducting work on defense and other classified topics.

Purpose and tasks in the field of ensuring information security at the state level

The state policy of ensuring information security of the Russian Federation determines the main directions of activity of federal government bodies and government bodies of constituent entities of the Russian Federation in this area, the procedure for consolidating their responsibilities for protecting the interests of the Russian Federation in the information sphere within the framework of their activities and is based on maintaining a balance of interests of the individual , society and state in the information sphere. The state policy of ensuring information security of the Russian Federation is based on the following basic principles: compliance with the Constitution of the Russian Federation, the legislation of the Russian Federation, generally recognized principles and norms of international law when carrying out activities to ensure information security of the Russian Federation; openness in the implementation of the functions of federal government bodies, government bodies of constituent entities of the Russian Federation and public associations, providing for informing the public about their activities, taking into account the restrictions established by the legislation of the Russian Federation; legal equality of all participants in the process of information interaction, regardless of their political, social and economic status, based on the constitutional right of citizens to freely search, receive, transmit, produce and disseminate information in any legal way; priority development of domestic modern information and telecommunication technologies, production of hardware and software capable of ensuring the improvement of national telecommunication networks, their connection to global information networks in order to comply with the vital interests of the Russian Federation.

The state, in the process of implementing its functions to ensure the information security of the Russian Federation: conducts an objective and comprehensive analysis and forecasting of threats to the information security of the Russian Federation, develops measures to ensure it; organizes the work of legislative (representative) and executive bodies of state power of the Russian Federation to implement a set of measures aimed at preventing, repelling and neutralizing threats to the information security of the Russian Federation; supports the activities of public associations aimed at objectively informing the population about socially significant phenomena public life, protecting society from distorted and unreliable information; exercises control over the design, creation, development, use, export and import of information security tools through their certification and licensing of activities in the field of information security; pursues the necessary protectionist policy towards manufacturers of informatization and information protection tools on the territory of the Russian Federation and takes measures to protect the domestic market from the penetration of low-quality informatization tools and information products; contributes to providing individuals and legal entities with access to world information resources and global information networks; formulates and implements the state information policy of Russia; organizes the development of a federal program for ensuring information security of the Russian Federation, combining the efforts of state and non-state organizations in this area; promotes the internationalization of global information networks and systems, as well as Russia’s entry into the global information community on the terms of an equal partnership.

Improving legal mechanisms for regulating public relations arising in the information sphere is a priority direction of state policy in the field of ensuring information security of the Russian Federation.

This involves: assessing the effectiveness of the application of existing legislative and other regulatory legal acts in the information sphere and developing a program for their improvement; creation of organizational and legal mechanisms to ensure information security; determining the legal status of all subjects of relations in the information sphere, including users of information and telecommunication systems, and establishing their responsibility for compliance with the legislation of the Russian Federation in this area; creation of a system for collecting and analyzing data on the sources of threats to the information security of the Russian Federation, as well as the consequences of their implementation; development of normative legal acts that determine the organization of the investigation and the trial procedure for facts of illegal actions in the information sphere, as well as the procedure for eliminating the consequences of these illegal actions; development of offenses taking into account the specifics of criminal, civil, administrative, disciplinary liability and inclusion of relevant legal norms in the criminal, civil, administrative and labor codes, in the legislation of the Russian Federation on public service; improving the system of training personnel used in the field of ensuring information security of the Russian Federation.

Legal support for information security of the Russian Federation should be based, first of all, on compliance with the principles of legality, the balance of interests of citizens, society and the state in the information sphere. Compliance with the principle of legality requires federal government bodies and government bodies of the constituent entities of the Russian Federation, when resolving conflicts arising in the information sphere, to strictly be guided by legislative and other regulatory legal acts governing relations in this area. Compliance with the principle of balancing the interests of citizens, society and the state in the information sphere presupposes legislative consolidation of the priority of these interests in various areas of society, as well as the use of forms of public control over the activities of federal government bodies and government bodies of the constituent entities of the Russian Federation. The implementation of guarantees of constitutional rights and freedoms of man and citizen relating to activities in the information sphere is the most important task of the state in the field of information security. The development of mechanisms for legal support of information security in the Russian Federation includes measures to informatize the legal sphere as a whole. In order to identify and coordinate the interests of federal government bodies, government bodies of constituent entities of the Russian Federation and other subjects of relations in the information sphere, and develop the necessary decisions, the state supports the formation of public councils, committees and commissions with a wide representation of public associations and facilitates the organization of their effective work.

Features of certification and standardization of cryptographic services

In almost all countries with developed cryptographic technologies, the development of CIPF is subject to government regulation. State regulation, as a rule, includes licensing of activities related to the development and operation of cryptographic tools, certification of CIPF and standardization of cryptographic transformation algorithms.

The following types of activities are subject to licensing: development, production, certification testing, sale, operation of encryption tools intended for cryptographic protection of information containing information constituting a state or other legally protected secret during its processing, storage and transmission via communication channels, as well as provision of services in the field of encryption of this information; development, production, certification testing, operation of telecommunications systems and complexes of the highest government bodies of the Russian Federation; development, production, certification testing, implementation, operation of closed systems and telecommunication complexes of government bodies of the constituent entities of the Russian Federation, central bodies of the federal executive power, organizations, enterprises, banks and other institutions located on the territory of the Russian Federation, regardless of their departmental affiliation and forms of ownership (hereinafter referred to as closed systems and telecommunications complexes) intended for the transmission of information constituting a state or other secret protected by law; conducting certification tests, implementation and operation of encryption tools, closed systems and telecommunications complexes intended for processing information that does not contain information constituting a state or other legally protected secret during its processing, storage and transmission via communication channels, as well as providing services in the field encryption of this information

Encryption tools include: hardware, software and hardware-software tools that implement cryptographic algorithms for converting information, ensuring the security of information during its processing, storage and transmission via communication channels, including encryption technology; hardware, software and hardware-software means of protection against unauthorized access to information during its processing and storage that implement cryptographic algorithms for converting information; implementing cryptographic algorithms for converting information, hardware, software and hardware-software means of protection against the imposition of false information, including means of imitation protection and “digital signature”; hardware, hardware-software and software for the production of key documents for encryption tools, regardless of the type of key information carrier.

TO closed systems and telecommunications complexes include systems and telecommunications complexes that ensure information protection using encryption tools, secure equipment and organizational measures.

Additionally, the following types of activities are subject to licensing: operation of encryption tools and/or digital signature tools, as well as encryption tools to protect electronic payments using plastic credit cards and smart cards; provision of information protection (encryption) services; installation, installation, adjustment of encryption tools and/or digital signature tools, encryption tools for protecting electronic payments using plastic credit cards and smart cards; development of encryption tools and/or digital signature tools, encryption tools for protecting electronic payments using plastic credit cards and smart cards

The procedure for certification of CIPF is established by the Certification System for Cryptographic Information Protection Tools ROSS.R11.0001.030001 of the Russian State Standard.

Standardization of cryptographic transformation algorithms includes comprehensive research and publication in the form of standards of elements of cryptographic procedures with the aim of using proven cryptographically strong transformations by CIPF developers, ensuring the possibility of joint operation of various CIPF, as well as the ability to test and verify compliance of the CIPF implementation with the algorithm specified by the standard. The following standards have been adopted in Russia: cryptographic transformation algorithm 28147-89, hashing, digital signature creation and verification algorithms R34.10.94 and R34.11.94. Among the foreign standards, the encryption algorithms DES, RC2, RC4, hashing algorithms MD2, MD4 and MD5, and the algorithms for affixing and verifying digital signatures DSS and RSA are widely known and used.

Legislative framework for information security

Basic concepts, requirements, methods and tools for designing and assessing an information security system for information systems (IS) are reflected in the following fundamental documents:

"Orange Book" of the National Computer Security Center

"Harmonized criteria of European countries (ITSEC)";

Concept of protection against illegal activities of the State Commission under the President of the Russian Federation.

Information security concept

The security concept of the system being developed is “a set of laws, rules and norms of behavior that determine how an organization processes, protects and distributes information. In particular, the rules determine in which cases the user has the right to operate with certain sets of data. The more reliable the system, the stricter and the security concept should be more diverse. Depending on the formulated concept, specific mechanisms can be selected to ensure the security of the system. The security concept is an active component of protection, including the analysis of possible threats and the selection of countermeasures."

According to the Orange Book, the security concept of the system being developed should include the following elements:

Random access control;

Security of object reuse;

Security labels;

Enforced access control.

Let's consider the content of the listed elements.

Random access control is a method of restricting access to objects, based on taking into account the identity of the subject or group to which the subject belongs. Arbitrariness of control is that some person (usually the owner of an object) can at his own discretion give or take away from other subjects access rights to the object.

The main advantage of random access control is flexibility, the main disadvantages are the dispersion of control and the complexity of centralized control, as well as the isolation of access rights from data, which allows you to copy secret information into public files.

Object reuse security is an important addition to access controls in practice, protecting against accidental or intentional retrieval of sensitive information from garbage. Reuse safety must be guaranteed for areas random access memory(in particular, for buffers with screen images, decrypted passwords, etc.), for disk blocks and magnetic media in general.

Security labels are associated with subjects and objects to enforce access control. The subject's label describes its trustworthiness, the object's label describes the degree of confidentiality of the information it contains. According to the Orange Book, security labels consist of two parts - a security level and a list of categories. the main problem The issue that needs to be addressed with tags is ensuring their integrity. First, there should be no untagged subjects or objects, otherwise there will be easily exploitable holes in tagged security. Secondly, during any operations with data, the labels must remain correct. One means of ensuring the integrity of security labels is to separate devices into multi-level and single-level devices. Multi-level devices can store information of different levels of secrecy (more precisely, lying in a certain range of levels). A single-level device can be considered as a degenerate case of a multi-level device, where the allowable range consists of a single level. Knowing the level of the device, the system can decide whether it is permissible to write information with a certain label to it.

Enforced access control is based on matching the security labels of the subject and the object. This method of access control is called forced, since it does not depend on the will of the subjects (even system administrators). Enforced access control comes in many flavors operating systems and DBMS, characterized by enhanced security measures.