Abstract [eng] |
Nowadays more and more information is being stored in the digital world and it is important that the stored information is not tampered or compromised. Computer system integrity guarantee that the computer subsystem will perform as the creator of the system intended and that the data is not altered when it is in transit or stored on disk. The integrity problem is a formulation of access control policies and mechanisms that provide a system with the isolation necessary for protection from corruption. System integrity can be compromised by evil actors trying to destroy or manipulate data on the system. Also, malware and viruses can alter system files and programs become persistent in the system and allow people with bad intent to do harmful activities. Hardware integrity can also be compromised by changing component of the system replacing them with inferior ones or by ones that are not to the specification. Also adding unauthorized hardware to the system would qualify as compromised integrity as the unauthorized hardware would have access to the system resources and would be able to extract sensitive information from it, like passwords, private keys and other personally identifiable information. Usually those kinds of hardware can work independent from the host system and security measure like anti-virus programs cannot detect them. Especially now when cloud services are growing rapidly, most of the time we do not know where our system is located, and we do not have access to the hardware. The objective of this work is to develop and research a model for computer system integrity assurance. The structure of this work: – The first part of the work discusses the problem of computer system integrity assurance, the analysis of computer system integrity assurance methods and the analysis of computer system integrity assurance products; – The second part of the work presents the computer system integrity assurance model, system vision, architecture, operating principle; – The third part of the work presents a system prototype, experimental study and its results; – Conclusions are presented at the end of the work. |