The fault-tolerant structure of multilevel secure access to the resources of the public network

Abstract

The paper presents the evaluation of the effectiveness of the structural organization of the system of multi-level secure access to external network resources. We conducted a comparative analysis and optimization of the pattern of access ‘Direct connection’, with its various forms of implementation during the organization of a secure connection of end-node internal network to the resources located in the external network. The study was conducted on the basis that each security element is included in the pattern of the secure access is able to detect and eliminate the threats of the other elements of the system of protection. Pattern of access ‘Direct connection’ in a general form has four variants of construction, differing from each other by mutual arrangement of the key elements: firewall with packet-filtering, firewall with adaptive detailed packet inspection and the router. It was a mathematical model to calculate the reliability of the ways of construction of the pattern of access. It is shown that the most reliable way of construction of pattern of access is one that includes a single group of routers for the entire system. Ways are not very different from each other reliability value that include two groups of routers on the overall system.