Today's speakers: Maxim Kurtin, Deputy Director of the Information Security Department, Astra Group, and Andrey Seledkin, Product Manager, Digital Technologies.
Maxim Kurtin began his story about the protection mechanisms of "Astra Linux", how it protects against information security threats independently and in conjunction with other external information security tools. He started with the regulators - these are the FSTEC of Russia, the FSB of Russia, the Ministry of Defense of Russia and Roskomnadzor. The latter's main task is to deal with personal data. There is also the Bank of Russia, which operates in the financial sector, and the Ministry of Digital Development.
And the main current directions in terms of regulatory requirements are the transition to domestic protection equipment. Both hardware and software.
The main emphasis, of course, is on critical infrastructure systems (CIS). In this area, the Astra Group has been actively working for many years, starting with the release of the operating system and other products that are part of its ecosystem.
The Astra Group now actively wants to provide its customers with both system and application software that not only functions on its own and helps solve some problems, but also integrates with other systems both in terms of functionality and in terms of protection mechanisms. We are now actively certifying our products. The Astra Linux operating system is certified by the FSTEC of Russia, the FSB of Russia, and the Ministry of Defense of Russia, up to level 1. That is, Astra Linux can be used at all levels of protection, in any information and automated systems. We are actively moving towards certification of products such as ALD Pro, Tantor DBMS, RuBackUp backup and recovery systems, and Brest virtualization systems and VMmanager.
For the most part, these are certifications to the fourth level of trust and the use of these products in confidential information processing systems. But these are only the first steps. Next is "Brest", where we are moving to the second level.
Astra Linux is used up to state secrets, up to OVs, and the rest of our products are up to the first classes and levels of protection for confidential systems. The Astra Linux operating system has several versions. The uncertified version is the "Orel" version. It can only be used where there is no need to protect information. In those information systems where regulators do not impose any requirements. The "Smolensk" and "Voronezh" versions are certified for different classes. "Voronezh" is an operating system version for confidential information processing systems. "Smolensk" is a classic old version of the operating system that is suitable for use, including for state secrets. How do they differ?
The "Orel" version is the so-called basic mode. It includes a classic set of protection mechanisms, such as discretionary access control and extended auditing. Moving up the level, to the enhanced mode in "Voronezh", it already begins to include mechanisms such as "Mandatory Integrity Control" (MIC) and "Closed-Program Environment", "KIOSK". In the maximum mode "Smolensk", "Mandatory Access Control" (MAC) is added. Protection mechanisms include functions such as a closed software environment.
This corresponds to signing all executable and launchable files with an electronic digital signature issued by our company, all executable files that are part of Astra Linux, as well as all proprietary software released by our partners or other software manufacturers. If the software environment mechanism is running, no file will run without an EDS check. Kiosk mode is a classic application whitelist mode. We only run what is allowed to a specific user, a specific group, and so on.
Access control mechanism. It is already deeper, it works on access control for reading and writing. Standard classic discretionary access control is standard RVX - read, write, execute by access lists, that is, by file assignment. This is what exists in all operating systems, applications, and so on.
Mandatory access control. This is already a more classic scheme, this is when we have levels of confidentiality: DSR, secret, and so on. This is when we can read from above what is below, but not write there. From below we can write, but not read what is above. But at the same time, our MAC mechanism is supplemented with categories. That is, we not only divide information vertically, but also divide it horizontally. Simply put, we divide information from the personnel department, information from the accounting department, and so on. That is, users, if their categories are equal, have access to this category of information.
Mandatory integrity control. This is a mechanism for dividing all entities within the operating system into levels. Roughly speaking, users work at the zero level, and the administrator is at the highest, 63rd level. This gives write control. The picture now shows mandatory integrity control. Subjects with the same level can work with each other, and subjects with a lower level will not be able to reach a higher level. This is precisely the control of protection against malicious software, this is ensuring the integrity of system components. That is, we have divided the entire system into conditional 63 levels and control the interaction within the system between themselves.
But these are not all the protection mechanisms that are present in Astra Linux. We also have built-in mechanisms. Such as marking documents when printing, marking macros, interpreters, marking the console. They have graphical interfaces, they can be turned on and off. Everything is again determined by the security administrator and depends on the degree of threats to the information system, on the requirements imposed on this information system.
If we consider the entire set of Astra Linux protection mechanisms at a certain stage of an attack on the system, we can say that Astra Linux allows you to stop the attack, stop it, starting from the moment the attacker gains access to the information system, to the operating system itself. And at each subsequent stage, the protection mechanism prevents the attacker from attempting to install malicious software or gain access. But, unfortunately, the Astra Linux OS itself cannot protect against all the threats that exist, fulfill all the requirements that regulators impose on information systems.
Naturally, we need to integrate and work together with external protection equipment that will provide a comprehensive protection system.
We do not have an antivirus in the OS and it is necessary to protect against the introduction of malicious software, this is a firewall for traffic control, for traffic filtering, a trusted boot tool to ensure trusted boot of the operating system from the desired media and control the immutability of files on the hard drive and the operating system itself at the boot stage. To implement all this, we work with our partners in terms of testing, integrating mechanisms and some joint development solutions.
If we consider a comprehensive protection system and how Astra Linux itself can help protect, using the example of the same FSTEC of Russia Order No. 17, we see that Astra Linux cannot independently provide all protection measures. In certain groups of protection measures, we need additional protection equipment, such as "Access Control" (UPD). There are some levels that are not subject to us at all. This is antivirus protection and intrusion detection tools. But by ensuring compatibility with the products of vendors producing external protection equipment, we will allow you to protect your system from all possible threats.
But the protection mechanisms themselves, integration with other protection tools, will also not be able to ensure maximum security. Therefore, we have implemented a methodology for developing the security of system software in the company when developing products. It allows us to control both the source code and the functions of the operating system at all stages of development. Testing is also carried out, including monitoring delivery, monitoring the availability of vulnerability searches and subsequent operating system updates. The introduction of protection mechanisms, support for external protection tools, and a secure software development system – all this together ensures the maximum level of security of the operating system itself. This is GOST 56939, it is open, but it is currently being finalized. But the GOST that is posted is valid and you can work with it.
We also have a service part. We use a product-service strategy, we provide services such as Ready for Astra – this is a service that tests the compatibility of protection equipment, software, and hardware. We have been working in this direction for a long time and actively. We provide technical support to partners, assistance with implementation, we also provide assistance in developing architecture, protection systems and integration.
Our advantages are shown on the next slide.
We have launched a Bug Bounty program jointly with Bizon, where we provided everyone with the opportunity to check our operating system for vulnerabilities, for any holes, for the operation of all protection mechanisms. Anyone can come in, participate, and try to hack the operating system. And indeed, if this is a proven hack, then there will be a financial reward.
Then the floor was taken by Andrey Seledkin, Product Manager, Digital Technologies Company.
We have been developers of solutions in the field of secure electronic document management in the market since 1999. Our main one is CryptoARM.
We also have a solution for protecting channels for web servers Thrusted JS. There is Thrusted Java - this is a set of cryptographic algorithms implemented in accordance with the requirements of JSSE and JCE architectures. We have already sold more than a million licenses for CryptoARM.
CryptoARM is a program that allows you to sign any document at any workplace, sign, encrypt and send it to the final recipient. This is the direction of submitting electronic reports for interaction with government agencies. First of all, this is the Bank of Russia and Rosalkogol-regulation, as well as Rosobrnadzor.
The reporting file is generated at the sender's workplace. Usually, these report files are certified with a qualified electronic signature and encrypted with a department certificate in order to safely transmit, for example, through a personal account. CryptoARM is also used for interaction with government portals in terms of obtaining certain public services. For example, in Rosreestr you can get a number of services from registering ownership of real estate, registering for cadastral registration, or disputing the cadastral value of real estate. CryptoARM in this case is used so that you can sign additional documents to applications and requests. These are various kinds of certificates, scans of documents. Another option for interacting with the state, where CryptoARM is used, is electronic legal proceedings, that is, the ability to file lawsuits through the GAS "Justice". CryptoARM is also used to attach materials to applications of various kinds of documents. All of them are certified with a qualified electronic signature. It also ensures the organization of electronic document management, both internal and external. External document management is direct document management between companies, or the exchange of documents with employees, remote employees, remote remote employees, freelancers or self-employed.
Secure document exchange. Here, of course, an electronic signature is not used, but encryption is used. CryptoARM can be used as a tool to verify an electronic signature.
You can use it as a personal tool to locally verify an electronic signature on your device. At the same time, CryptoARM does not require licenses to verify an electronic signature. CryptoARM is not a completely independent program, it is still some kind of web interface for interacting with external providers. Providers can be both software and hardware. For calls to cryptographic operations, an appeal is made to cryptographic providers.
CryptoARM version 3 differs from the previous version of our product in that it has an integrated mail client that sends documents to the recipient in a secure form. This uses end-to-end encryption technology, while all content and attached documents are encrypted on the device with the recipient's public key, and then on the receiving device, he can decrypt both the contents of the letter and access the documents.
It is possible to send documents confidentially and the ability to send documents with knowledge of legal significance.
We support different types of electronic signature standards. There is a traditional CMS signature. There is an advanced electronic signature. Signatures with time stamps, signatures with additional attributes are supported. There are signatures that allow you to verify the validity of an electronic signature after the expiration of the certificate itself. An archival signature that allows you to organize long-term storage of documents for a period of 30 years or more, provided they are re-signed. Also, in the latest versions, we have supported an advanced signature for pdf documents. We also support CryptoPro CSP 5.0.