PROTECTION OF DATA TRANSMISSION CHANNEL ON THE BASIS OF VPN
TECHNOLOGIES IN SYSTEMS FOR ENVIRONMENTAL MONITORING
N.L. Korepanova, M.A. Lebedeva
Sevastopol State University, Russian Federation, Sevastopol, Universitetskaya St., 33
In the present article they consider means for information protection when transmitting it by open commutative channels, based on technology of the virtual private nets. The problem itself represents the fact that components of modern informative systems including those of ecological monitoring systems can be distanced from each other considerably. Usage of measuring and monitoring information of the computer nets as means for transmission permits to organize effective, speedy, cheap and reliable data exchange. But net protocols of the data transmission does not provide protection of information. Technology of virtual private nets permits to isolate information circulating in a system from the other currents of the commonly acceptable net and guarantees confidentiality, preservation and acceptability of the information transmitted due to mechanisms of tunneling, ciphering, authenticity and authorization.
Complex approach to development of protective sub-system, which uses VPN technology at the stage of projecting the architecture of the ecological monitoring system is a perspective one. In the article they give analysis of such protective mechanisms as tunneling, cryptography and authentification. Monitoring systems functioning as a part of the state system of the nature-protective activity must use certified means for cryptographic protection: symmetric algorithms of ciphering “Magma”, ”Grasshopper” and algorithm for hash-function “Stribog” calculation. In the work they have found close evaluations of the cryptographic algorithms data resource capacity, depending on labor, needed memory resources and input data volume. The technology of virtual private nets supposes data block transmission, that is why the length of block was chosen as an argument. When comparing algorithms they considered linear dependence of labor expenses of algorithms on the input data, taking into account that algorithm “Magma” processes 64 –bites blocks, algorithm “Grasshopper” –blocks of 128 bites and algorithm “Stribog” – blocks of 512 bites algorithm “Magma” is less labor expending, but all the algorithms have possibility to minimize resources due to parallel calculations, key schedules, usage of graphical processors,apparatus realization of algorithms.
Productivity of VPN depends also on realization of authenting and tunneling mechanisms. The procedure of tunneling when additional headline not less than 20 bite length is added to initial block, is of great effect for productivity if compared with authenting limited by several exchanges of the data between system users.
Advantages of VPN technology make purposeful its usage for protection of the data I in the systems of ecological monitoring. Here it is necessary to use low-resource cryptography, try to lessen tunnel being late to increase protection sub-system productivity, to realize management of the cryptographic keys for providing informative safety.
LIST OF REFERENCES
- Браун С. Виртуальные частные сети VPN. М.: Лори, 2001. 503 с.
- Ульянов М.В. Ресурсно-эффективные компьютерные алгоритмы. Разработка и анализ. М.: Наука, 2007. 376 с.
- ГОСТ Р 34.12-2015. Информационная технология. Криптографическая защита информации. Блочные шифры; введ. 2016-01-01. М.: Стандартинформ, 2016. 16 с.
- ГОСТ Р 34.11-2012. Информационная технология. Криптографическая защита информации. Функция хеширования; введ. 2013-01-01. М.: Стандартинформ, 2013. 24 с.
- Шаньгин В.Ф. Защита информации в компьютерных системах и сетях. M.: «ДМК», 2012. 592 с.