CASPIAN JOURNAL

MANAGEMENT AND HIGH TECHNOLOGIES

MODEL AND PROJECT DIAGRAMS OF THE SYSTEM OF CENTRALIZED PROTECTION OF A SUBNET OF HOSTS UNDER THE MANAGEMENT OF UNIX-LIKE OPERATIONAL SYSTEMS

Read Gorkavenko Vladimir S., Azhmukhamedov Iskandar M. MODEL AND PROJECT DIAGRAMS OF THE SYSTEM OF CENTRALIZED PROTECTION OF A SUBNET OF HOSTS UNDER THE MANAGEMENT OF UNIX-LIKE OPERATIONAL SYSTEMS // Caspian journal : management and high technologies. — 2019. — №1. — pp. 172-181.

Gorkavenko Vladimir S. - graduate student, Astrakhan State University, 20a Tatishchev St., Astrakhan, 414056, Russian Federation, slipmetal@mail.ru

Azhmukhamedov Iskandar M. - Doct. Sci. (Engineering), Professor, Head of the Department of Information Security, Astrakhan State University, 20a Tatishchev St., Astrakhan, 414056, Russian Federation, iskander_agm@mail.ru

One of the possible solutions to the task of protecting against unauthorized access of workstations running unix-like operating systems that are on the same subnet is considered through the development of a centralized vulnerability prevention system that allows to increase the level of security. The task formalization is given. It was proposed to implement five main stages, which will include an algorithm for finding and applying a solution to eliminate the diagnosed vulnerability at the workstation. According to the proposed algorithm, the workstation transmits to the server text containing information about the diagnosed vulnerability, then the server, according to information received from the workstation, initiates a search for a solution in the knowledge base. If a solution is found, the server sends it to the workstation. If no solution is found, then the centralized vulnerability prevention system notifies the decision maker. After the transfer of the found solution to eliminate the diagnosed vulnerability, the server initiates its application at the workstation. During the application of solutions to eliminate diagnosed vulnerabilities, the workstation transmits to the server information about the process of their application. If, for any reason, they were not implemented, the centralized vulnerability prevention system notifies the decision maker that the vulnerabilities have not been fixed. A logical representation of the central control system, as well as a diagram of use cases with a description of the interaction of internal modules and services, are proposed. One of the possible solutions to the problem of providing a secure connection between the workstation and the server is also considered.

Key words: операционная система, несанкционированный доступ, информационная безопасность, централизованная защита, unix, linux, ubuntu, operating system, unauthorized access, information security, centralized protection, unix, linux, ubuntu