Abstract
The paper presents the evaluation of the effectiveness of the structural organization of the system of multi-level secure access to external network resources. We conducted a comparative analysis and optimization of the pattern of access ‘Direct connection’, with its various forms of implementation during the organization of a secure connection of end-node internal network to the resources located in the external network. The study was conducted on the basis that each security element is included in the pattern of the secure access is able to detect and eliminate the threats of the other elements of the system of protection. Pattern of access ‘Direct connection’ in a general form has four variants of construction, differing from each other by mutual arrangement of the key elements: firewall with packet-filtering, firewall with adaptive detailed packet inspection and the router. It was a mathematical model to calculate the reliability of the ways of construction of the pattern of access. It is shown that the most reliable way of construction of pattern of access is one that includes a single group of routers for the entire system. Ways are not very different from each other reliability value that include two groups of routers on the overall system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aliev, T.I., Rebezova, M.I., Russ, A.A.: Statistical methods for monitoring travel agencies. Autom. Control Comput. Sci. 49(6), 321–327 (2015)
Bogatyrev, V.A., Bogatyrev, S.V., Golubev, I.Y.: Optimization and the process of task distribution between computer system clusters. Autom. Control Comput. Sci. 46(3), 103–111 (2012)
Arustamov, S.A., Bogatyrev, V.A., Polyakov, V.I.: Back Up Data Transmission in Real-Time Duplicated Computer Systems. In: Abraham, A., Kovalev, S., Tarassov, V., Snášel, V. (eds.) IITI 2016. AISC, vol. 451, pp. 103–109. Springer, Heidelberg (2016). doi:10.1007/978-3-319-33816-3_11
Kolomoitcev, V.S.: A comparative analysis of approaches to organizing of secure connection of the corporate network nodes to the public network. Cybern. Program. (2), 46–58 (2015). http://en.e-notabene.ru/kp/article_14349.html
Whitmore, J.J.: A method for designing secure solutions. IBM Syst. J. 40(3), 747–768 (2001)
Peisert, S., Talbot, E., Bishop, M.: Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems. In: Proceedings of 2012 New Security Paradigms Workshop (NSPW 2012), Bertinoro, Italy, pp. 15–26 (2012)
Ellison, R.J., Fisher, D.A., Linger, R.C., Lipson, H.F., Longstaff, T.A., Mead, N.R.: Survivability: protecting your critical systems. IEEE Internet Comput. 3(6), 55–63 (1999)
Kolomoitcev, V.S.: Choice of option for implementation of the multilevel secure access to the external network. Sci. Tech. J. Inf. Technol. Mech. Opt. 16(1), 115–121 (2016)
Bogatyrev, V.A., Bogatyrev, A.V.: Functional reliability of a real-time redundant computational process in cluster architecture systems. Autom. Control Comput. Sci. 49(1), 46–56 (2015)
Bogatyrev, V.A.: Exchange of duplicated computing complexes in fault tolerant systems. Autom. Control Comput. Sci. 45(5), 268–276 (2011)
Bogatyrev, V.A.: Fault tolerance of clusters configurations with direct connection of storage devices. Autom. Control Comput. Sci. 45(6), 330–337 (2011)
Bogatyrev, V.A., Bogatyrev, A.V.: The reliability of the cluster real-time systems with fragmentation and redundant service requests. Inf. Technol. 22(6), 409–416 (2016)
Bogatyrev, V.A., Slastikhin, I.A.: Efficiency of redundant query execution in multi-channel service system. Sci. Tech. J. Inf. Technol. Mech. Opt. 16(2), 311–317 (2016)
Bogatyrev, V.A., Parshutina, S.A.: Redundant distribution of requests through the network by transferring them over multiple paths. In: Vishnevsky, V., Kozyrev, D. (eds.) DCCN 2015. CCIS, vol. 601, pp. 199–207. Springer, Heidelberg (2016). doi:10.1007/978-3-319-30843-2_21
Bogatyrev, V.A.: An interval signal method of dynamic interrupt handling with load balancing. Autom. Control Comput. Sci. 34(6), 51–57 (2000)
Bogatyrev, V.A.: Protocols for dynamic distribution of requests through a bus with variablelogic ring for reception authority transfer. Autom. Control Comput. Sci. 33(1), 57–63 (1999)
Bogatyrev, V.A.: On interconnection control in redundancy of local network buses with limited availability. Eng. Simul. 16(4), 463–469 (1999)
Aliev, T.: The synthesis of service discipline in systems with limits. In: Vishnevsky, V., Kozyrev, D. (eds.) DCCN 2015. CCIS, vol. 601, pp. 151–156. Springer, Heidelberg (2016). doi:10.1007/978-3-319-30843-2_16
Kolomoitcev, V.S., Bogatyrev, V.A.: Selecting multilevel structure secure access to resources external network. In: Conference of Distributed Computer and Communication Networks: Control, Computation, Communications (DCCN-2015), pp. 525–532 (2015)
Kolomoitcev, V.S., Bodrov, K.U., Krasilnikov, A.V.: Calculating the probability of detection and removal of threats to information security in data channels. In: 2016 XIX IEEE International Conference on Soft Computing and Measurements (SCM), St. Petersburg, Russia, pp. 25–27 (2016)
Ellison, R.J., Fisher, D.A., Linger, R.C., Lipson, H.F., Longstaff, T.A., Mead, N.R.: Survivable network systems: an emerging discipline. http://www.cert.org/research/97tr013.pdf
Kenneth, I., Stephanie, F.: A history and survey of network firewalls. University of New Mexico, p. 42 (2002)
Acknowledgments
The work is partially supported by Government of St. Petersburg grant.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Kolomoitcev, V., Bogatyrev, V.A. (2016). The Fault-Tolerant Structure of Multilevel Secure Access to the Resources of the Public Network. In: Vishnevskiy, V., Samouylov, K., Kozyrev, D. (eds) Distributed Computer and Communication Networks. DCCN 2016. Communications in Computer and Information Science, vol 678. Springer, Cham. https://doi.org/10.1007/978-3-319-51917-3_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-51917-3_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51916-6
Online ISBN: 978-3-319-51917-3
eBook Packages: Computer ScienceComputer Science (R0)