Developers: | Digital technologies (Trusted) |
Technology: | Cybersecurity - Means of enciphering |
Trusted TLS allows to differentiate access to corporate web applications (the portal, an electronic document management system, etc.) on the basis of digital GOST certificates and also to provide protection of the used highways against unauthorized access.
Process automation of receiving an information access by citizens requires, on the one hand, its general availability, and from other reliable protection. All information stream placed on official portals and storages is subdivided into two views:
- public information (for example, samples of documents, forms of references, statistical calculations, etc.)
- closed (confidential, confidential) information (for example, financial references, etc.)
Earlier access to the restricted information was provided using the classical scheme - an input by the login/password - and entirely controlled by the system administrator.
Market development of information services requires giving of the legal importance to the actions of users made in an automated system. Besides it is important to provide safe information transfer on communication channels and reliable access isolation to data. These problems are solved with the help of technology of the electronic digital signature (EDS). Use in a complex of the Trusted TLS software products ("Digital technologies") and CryptoPro CSP ("Krypto-PRO") allows to work with the EDS in the Russian legal space.
For storage of private key users can use Rutoken (solves problems of safe storage of passwords, encryption keys, digital certificates, these users). So, in the CIPF complex of CryptoPro CSP Rutoken it is capable to store private key of the client and the certificate confirming it containing public key. Rutoken represents means of user authentication instead of storing of a set of passwords of access it is enough to them to have such charm and to remember the PIN code to it (so-called two-factor authentication upon existence of a key and on knowledge of the PIN code).