FIELD: movement of data.
SUBSTANCE: invention relates to a method and system for controlling the movement of data. The method includes external connection of an external terminal security device to a secure host computer, where the terminal protection device is additionally equipped with an interface control module; the hardware control logic node, internal interface, external interface and transmission interface are located on the interface control module; and the transmission interface is connected to the system control module; connecting, by means of a hardware control logic node, the main communication line between the external interface accessing the external device and the transmission interface, and maintaining the main communication line between the transmission interface and other interfaces in a disabled state when the external device needs to transmit data to the secure host computer; moving the transmitted data to the system control module using the transmission interface and maintaining the secure host computer in a data disconnected state; connecting, using a hardware control logic node, the main communication line between the external interface in the terminal protection device and the system control module; performing a security access check on an external device using the system management module and determining whether the external device has access rights; disabling, through hardware control logic node, the primary communication link between the external interface that has access to the external device and other interfaces after the system management module performing a secure access right check on the external device and determining that the external device does not have access right, in order to filter and prohibit data transfer after gaining access to an external device; and/or connecting, via a hardware control logic node, the primary communication link between an external interface having access to an external device and an external interface having access to a secure host computer after the system management module performing a secure access right check on the external device and determining that the external device is a device with access rights to enable communication between the external device and the protected host computer.
EFFECT: increasing the security of access to the computer.
9 cl, 6 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| PROTECTION APPARATUS OF AN EXTERNAL TERMINAL AND PROTECTION SYSTEM | 2019 |
|
RU2764292C1 |
| COMPUTER SYSTEM WITH REMOTE CONTROL BY SERVER AND DEVICE FOR CREATING TRUSTED ENVIRONMENT AND METHOD FOR IMPLEMENTATION OF REMOTE CONTROL | 2016 |
|
RU2633098C1 |
| DEVICE TO CREATE TRUSTED EXECUTION ENVIRONMENT FOR SPECIAL PURPOSE COMPUTERS | 2014 |
|
RU2569577C1 |
| METHOD AND DEVICE FOR TRUSTED COMPUTER BOOTING WITH CONTROL OF PERIPHERAL INTERFACES | 2020 |
|
RU2748575C1 |
| APPARATUS FOR CREATING TRUSTED ENVIRONMENT FOR COMPUTERS OF INFORMATION COMPUTER SYSTEMS | 2013 |
|
RU2538329C1 |
| COMPUTER SYSTEM WITH REMOTE MANAGEMENT OF SERVER AND DEVICE FOR CREATING TRUSTED ENVIRONMENT | 2017 |
|
RU2690782C2 |
| DEVICE FOR PROTECTING INFORMATION FROM UNSANCTIONED ACCESS FOR COMPUTERS OF INFORMATIONAL AND COMPUTING SYSTEMS | 2006 |
|
RU2321055C2 |
| METHOD AND SYSTEM FOR REMOTE CONTROL OF REMOTE ELECTRONIC DEVICES | 2021 |
|
RU2766542C1 |
| PROTECTED COMPUTER STORING ITS SERVICEABILITY AT DAMAGE | 2015 |
|
RU2591180C1 |
| DEVICE FOR NETWORK SYSTEMS PROTECTION AGAINST ATTACKS | 2013 |
|
RU2552135C2 |
