METHOD FOR CONTROLLING NETWORK EQUIPMENT CONNECTIONS TO SIGNAL DISTRIBUTION ENVIRONMENT OF LOCAL COMPUTING NETWORKS IN COMPLIANCE WITH STANDARDS IEEE 802,3 10-BASE-2, 10-BASE-5 AND DEVICE FOR REALIZATION OF SAID METHOD Russian patent published in 2006 - IPC G06F12/14 G06F11/00 H04L9/00 

FIELD: computer science, namely, engineering of means for protecting information from unsanctioned access.

SUBSTANCE: one of common means utilized for unsanctioned access to information, transferred via local computing network, is a protocol analyzer. Protocol analyzers are functionally capable of copying all of network traffic, and also network frames, satisfying given filtration criterions. Protocol analyzers are connected to network in the same way as workstations. One thing in particular obstructs counteraction to malicious utilization of protocol analyzers, namely, their passiveness. It is not possible to detect presence of aforementioned device in local area network by software means. Common methods utilized to protect information from unsanctioned access within distribution environment of local area network are mainly based on cryptographic protection of files intended for transferring. Method is based on probing distribution environment of local area network by harmonic signal, recording its phase delay, introduced by legitimate network equipment, which is taken as standard, and further tracking of probing signal phase to detect uneven phase delay, introduced by current configuration of network equipment, relatively to recorded standard configuration with removal of effect from network collision and signaling when equality is not maintained. Phase monitoring of probing signal within distribution environment is performed within frequencies range, unaffecting serviceability of local computing network. As a result, continuous and masked control is provided over all physical connections of network equipment to distribution environment of local computing network to facilitate introduction of organizational and technical measures countering unsanctioned access to information. Proposed invention is directed not towards semantic closure of source information transferred by network services, but towards prevention of the very possibility of intercepting network frames in distribution environment of local computing network as a result of timely detection of unsanctioned connection to distribution environment of network equipment, thus significantly increasing level of information protection from unsanctioned access in local computing network.

EFFECT: improved protection of information from unsanctioned access.

2 cl, 8 dwg