Developers: | Setec (Sitek) |
Last Release Date: | 2014/01/23 |
Technology: | Cybersecurity - Means of enciphering |
Content |
The HSS of Trinity represents the complete solution implementing technology of the protected terminal access and ensuring functioning in the entrusted hardware-software environment. Product development was complete in April, 2012, and then the first release was released.
As a part of a HSS of Trinity the recorded, entrusted information environment is used. Control of the environment is exercised both on servers, and on terminals with the built-in module HSS "Trinity-APMPs". With its help audit of integrity, control of loading from the emergency carrier is booked and function of strict two-factor authentication is provided".
In the spring of 2013 the Setec company, the Russian developer of solutions for data protection, signed the agreement on long-term technology partnership with Aktiv company, the developer and the producer of software and hardware tools of information security support.
Implementation of technology of two-factor authentication in a hardware and software system of Trinity, the innovative development of Setec company in the field of the protected terminal access became result of cooperation. As the HSS of Trinity is intended for structures with increased requirements to confidential data protection (in particular, the state, bank, industrial and commercial sectors), this solution ensures information security not only at the expense of the system of passwords, but also using the USB devices which are reliably storing encryption keys and keys of the electronic signature and also passwords and other authentication data.
Thanks to the USB tokens Rutoken developed by Aktiv company the risk of unauthorized access (NSD) to confidential information significantly decreases. Even if the hardware device will be lost or stolen, the malefactor will not be able to take the key information which is stored on it because of restrictions of input of the PIN code. In addition, unlike theft of the password, it is easy to notice loss of the device. It gives to the owner the chance to take necessary actions for prevention of NSD.
2013
The FSTEC certificate is received
On October 3, 2013 the Setec company announced obtaining the certificate of Federal Service for Technical and Export Control of Russia (FSTEC) on a HSS of Trinity.
Certification on security requirements of information No. ROSS RU.0001.01BI00 there underwent the software products "TRINITY Security Server", "TRINITY application server" and "The terminal operating system "TRINITY of TermOS". These software products are a part of a HSS of Trinity.
Existence of the FSTEC certificate allows to create solutions on information security for product-based government institutions of Setec that it is allowed only when using of the certified information security tools.
The certificate also confirms: the software of Trinity - "the software tool of protection against unauthorized access to information which is not containing the data which are the state secret, implementing functions of identification and authentication, access control, registration of events, control of integrity also conforms to requirements of the regulating document "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of absence control of not declared opportunities" – on the 4th level of control and specifications of 30289742.00001-01 90 01 specification".
HSS "Trinity-APMPs"
Certification on security requirements of information No. ROSS RU.0001.01BI00 passed in the fall of 2013 of a HSS "Trinity-APMPs", the hardware-software module of a trusted boot which is a part of a hardware and software system of Trinity, the multifunction innovative solution implementing technology of the protected terminal access. Released in three versions (both for the buses PCI and PCI Express, and for miniPCI Express), the HSS "Trinity-APMPs" can be used and as the independent solution for protection against unauthorized access not only on servers and workstations, but also in notebooks and a number of tablet computers.
The HSS of Trinity was developed, mainly, for the organizations with increased requirements to the level of personal data protection, a trade secret and confidential information. Being the complete solution, he guarantees reliable protection against a set of threats at the level of jobs, channels and server a component. Obtaining the FSTEC certificate allows to create solutions on information security for government institutions based on the products Setec that is allowed only when using of the certified information security tools.
The document certifies that the hardware and software system "Trinity-APMPs" is "the program technical tool of protection against unauthorized access to information which is not containing the data which are the state secret, implementing functions of identification and authentication, access isolation, a trusted boot, control of integrity and registration of events of security protection against unauthorized access to information conforms to requirements of the regulating document ". Part 1. Information security software. Classification by the level of absence control of not declared opportunities" - on the 4th level of control and specifications at accomplishment of the operating instructions provided in form 30289742.4012-002 FO".
2014
Trinity 2.0
On January 23, 2014 the Setec company announced completion of development of the new version of a hardware and software system - a HSS "Trinity 2.0".
Changes concerned the server platform: Windows Server 2008 succeeded Windows Server 2012. This platform gives new opportunities for creation of DPC, creation of cloud services, support of the most various modern applications and devices, allows to work with various data arrays. Mechanisms of scaling of IT infrastructure are improved.
- With transition to the new server platform the remote desktop protocol (RDP – Remote Desktop Protocol) for access to the centralized applications and data of users changed. Using RemoteFX technology possibilities of support of resource-intensive graphics on terminals significantly increased that allowed to watch, in particular, video in permission of Full HD.
- Difference of a HSS "Trinity 2.0" - a new operation mode when on the terminal not the application functioning on a terminal farm, but a remote desktop of infrastructure of VDI unrolled on servers of terminals is broadcast.
- Important change in the new version of a HSS - a possibility of "hot" reservation – simultaneous operation at once two systems at failure of one of which loading lays down on the second that guarantees smooth operation at high loads. In total with improvement of the balancer of loading it significantly increased the general fault tolerance of a system.
Main advantage of a HSS "Trinity 2.0" in comparison with the previous version - the increased system performance. It helps users to work with the resource-intensive software.
2015
the Module "Trinity-APMPs-with" is certified by FSB
On January 21, 2015 the Setec company announced obtaining certificates of Federal Security Service of the Russian Federation on the hardware-software module of a trusted boot "Trinity-APMPs-with".
The received certificates certify compliance "Trinity-APMPs-with" to requirements of FSB of Russia to hardware-software modules of a trusted boot of a computer of class 2B and can be used for protection against unauthorized access to information containing the data which are the state secret.
Means of a trusted boot "Trinity-APMPs-with" represents the "electronic lock" intended for protection against unauthorized access to information processed on a computer. Its functions:
- identification and authentication of users;
- trusted boot of the operating system;
- control of integrity program and computers hardware environments;
- registration of events of security;
- blocking of loading from external carriers;
- control of the device.
Different options of execution of the electronic lock (both for the buses PCI, PCI-Express, and for miniPCI-Express) give ample opportunities on its application – from servers to mobile computers. In addition to use as the independent solution, "Trinity-APMPs-with" it can be applied together with the hardware and software system (HSS) of Trinity.
2016
Trinity is tested for use with the equipment based on the Russian Baikal-T1 processor, and the products created by Setec company on the platform of Trinity are certified by FSB of Russia and FSTEC of Russia.