Multilevel architecture of client/server

In the contemporary information systems, built in the architecture of client/server, usually are separated three levels:

* the level of idea (realizing the functions of introduction and mapping of data);

* applied level (corresponding for the universal services, and also the functions, specific for the specific subject area);

* the level of access to the information resources (fulfilling the characteristic functions of storage and control of information-computing resources).

The manager of transactions and communications ensures the connection between the levels. The application of technology Internet/Intranet it introduced its changes in this classical diagram, after arranging at the level of the ideas universal client - Web- navigator (is possible, replenished by applied applets) and after laying the functions of information concentrator (which expedient to combine with the responsibilities of the manager of transactions and communications) on Web- server. As a result the diagram, depicted in figure, is obtained.

Client work sites are connected with Web- server and by local, and global networks. As the apparatus platform of client systems serve both the full-functional computers (stationary and/or mobile) and the simpler communicators.

The server systems of the majority of organizations are spread on several production areas, connected, as a rule, by the communication channels of general use. Grindings of the sight of users, this separation is imperceptible, since they interact with Web- server; however, this circumstance is very substantial from the point of view of protection. The program configuration of client work sites is not rigid. It they can dynamically supplement applet or other active agents, obtained visit.

Subsequently let us examine the protection of the described configurations of client/server, i.e., the distributed, different, multi-service, evolving systems.

Net threats are most dangerous for them, since the direct work of users is not allowed on the servers. If criminal obtained access to the server, which means, at least, one shielding boundary already bypassed.

Threats in the net medium

Threats in the net medium can be divided into the following forms:

* hearing network;

* a change in the corporate flows of the data:

* action on the infrastructure net services:

* the forgery of the net packets:

* the message of the anomalous packets:

* the generation of the anomalous traffic:

* refusal of the perfect actions.

Criminals for achievement of the following purposes can undertake hearing network:

* the interception of sent information:

* the interception of the authorized information:

* the analysis of traffic.

A change in the corporate flows of data entails the following disturbances of safety:

* theft, reordering, duplicating information;

* change and the insert of its own data (illegal mediator).

It indicates action on the infrastructure net services:

* the interference in the work of the service of names;

* a change in the routes of corporate information flows.

The forgery of net packets can take the following forms:

* the forgery of addresses;

* the interception of the connections:

* the imitation of the work of other servers.

The message of anomalous packets and the generation of anomalous traffic are the attacks on the accessibility, which received recently relatively wide acceptance. Finally, refusal of the perfect actions - this is the threat of applied level, it is real, in the first place, in view of the distributed systems of client/server.

Services of safety and requirement for them

Requirements for the services of the safety

The protection of the systems, created in the architecture of client/server, it is most expedient to construct according to the same diagram, i.e., to isolate the collection of the services of safety, which both the servers and the clients can use. A similar approach frees applied components from the functions unusual to them, which is important for increasing in the reliability, simplification and acceleration of their development and renovation. Certainly, some functions (for example, the differentiation of access) can be realized in the limits of applied component or operating system, but this, is faster, exception, than rule.

The totality of the services of safety is called to provide protection from the threats, enumerated in the previous division. Furthermore, the necessary condition in this case - this is the observance of architectural safety and, in particular, the impossibility of the circuit of protective agents.

The services of safety are called to be technologically effective, that allow simple incorporation into the existing systems and development in the process of the evolution of systems. In order to obtain this, it is necessary to follow standards, first of all to standards the Internet as most common and viable.

The services of safety must have the convenient, in detail described program interface, supported by the producers of software.

Furthermore, they are compulsorily controlled. This means that in the distributed medium are supported centralized configuration and Audit, steady with respect to the net threats. Furthermore, the services of safety must be integrated with the extended systems for control.

The services of safety as far as possible must be transparent, the caused by them overhead expenses and inconvenience - minimum.

For the protection of the systems of client/server most important are the following services of safety:

* authorization;

* the differentiation of access;

* internetwork screening;

* coding;

* the control of integrity and authorization.

Identification/Authorization

The contemporary means of Identification/ Authorization are obligated to satisfy two conditions:

* to be resistant to the net threats;

* to support the concept of the united entrance into the network.

The first requirement can be satisfied, using cryptographic methods. Are today universally recognized the approaches, based on system Kerberos or service of catalogs with the certificates in standard X.509.

United entrance into the network - this requirement of transparency, convenience for the users. If in the corporate network there are many information services, which allow the independent rotation, then repeated identification/authorization becomes too burdensome.

The united entrance into the network is achieved due to the centralized storage of data, utilized with the authorization, i.e., by the determination of the authorities of user. Authorization - region, boundary between control and information safety; therefore the solutions for authorization of the scale of enterprise can rest both on the administrative and on the purely protective agents.