V.I. Budzko - Dr. Sc. (Eng.), Corresponding Member of Academy of Cryptography of RF, Deputy Director of R&D, FRC «Computer Science and Control» RAS (Moscow) E-mail: vbudzko@ipiran.ru D.A. Melnikov - Ph. D. (Eng.), Associate Professor, Leading Research Scientist, FRC «Computer Science and Control» RAS (Moscow); Associate Professor, National Research Nuclear University «MEPhI» (Moscow) E-mail: mda-17@yandex.ru V.M. Fomichev - Dr. Sc. (Phys.-Math.), Professor, Leading Research Scientist, FRC «Computer Science and Control» RAS (Moscow); Professor, National Research Nuclear University «MEPhI» (Moscow); Professor, Financial University under the Government of the Russian Federation E-mail: fomichev@nm.ru

The basic design documentation set for construction, appropriating and estimation of key providing subsystems are discussed. Formation strategy for this basic design documentation set is stated. The main requirements for key management subsystems in high availability information technology systems are presented. Here the authors examine the basic requirements for key providing subsystems as a list of alternatives that should be reflected, in particular, in the documentation (project) and can be selected by system designers.

 

1. Melnikov D.A., Ivanenko V.G., Kondrateva T.A., Melnikov A.D. Prakticheskaja realizacija razlichnykh modelejj infrastruktury otkrytykh kljuchejj // Bezopasnost informacionnykh tekhnologijj. 2016. № 1. S. 100−114.
2. Melnikov D.A., Durakovsky A.P., Gorbatov V.S., Ivanenko V.G., Modestov A.A. Russian Model of Public Keys and Validation Infrastructure as Base of the Cloud Trust // Proceedings of the 4th International Conference on Future Internet of Things and Cloud (FiCloud 2016). 2016. P. 123−130.
3. Budzko V.I., Melnikov D.A., Fomichev V.M. Protokoly obespechenija kljuchami polzovatelejj informacionno-tekhnologicheskikh sistem vysokojj dostupnosti s ispolzovaniem simmetrichnojj kriptografii // Sistemy vysokojj dostupnosti. 2014. T. 10. № 3. S. 36−51.
4. Budzko V.I., Melnikov D.A., Fomichev V.M. Sposoby soglasovanija kljuchejj polzovateljami informacionno-tekhnologicheskikh sistem vysokojj dostupnosti na osnove asimmetrichnykh kriptograficheskikh metodov // Sistemy vysokojj dostupnosti. 2015. T. 11. № 4. S. 17−31.
5. Budzko V.I., Melnikov D.A., Fomichev V.M. Sposoby dostavki kljuchejj polzovateljam informacionno-tekhnologicheskikh sistem vysokojj dostupnosti na osnove asimmetrichnykh kriptograficheskikh metodov // Sistemy vysokojj dostupnosti. 2015. T. 11. № 4. S. 32−44.
6. NIST SP 800-130: A Framework for Designing Cryptographic Key Management Systems. August 2013.
7. NIST SP 800-57 Part 1 Rev. 4: Recommendation for Key Management. Part 1: General. January 2016.
8. Fomichev V.M., Melnikov D.A. Kriptograficheskie metody zashhity informacii (v 2-kh chastjakh): Uchebnik. M.: JUrajjt. 2016.
9. Fomichev V.M. Metody diskretnojj matematiki v kriptologii. M.: Dialog-MIFI. 2010. 424 s.
10. Alferov A.P., Zubov A.JU., Kuzmin A.S., CHeremushkin A.V. Osnovy kriptografii. M.: Gelios ARV. 2001.