Air Gapping / Offboarding of Software

摘要

The invention is to provide an ‘air gap’ or ‘offboarding’ of the administrative functions/software that are available on any device that contains a built in web server that allows the user to configure the device via a web browser. Removal of the administrative software from the main board to an external data holding source, such as a USB device (internal/external), memory card, or separate disk housed within the device. Removal of the administrative software removes the attack vector, providing protection regardless of patch updates or any future advanced attack methods. The offboarded administrative tools are accessible by manual reconnection of the storage device or automated relays via an alternative method such as a snmp activation. The storage device can detach itself manually or by automated timer circuits that can be set for a desired time.

主权项

1. The present invention seeks introduce the concept (and method of doing so via a prototype) of air gapping software or offboarding software to another data storage device, a working prototype will demonstrate this capability. Applicable to any Internet/network capable device that utilizes internal or on board administrative tools in order for the device to be configured. This implementation comprising:
Modifying or (creating a new operating system) the underlying operating system; Copying the administrative tools from the onboard data storage device to an offboard data storage device; Extracting (decompiling) the operating system (firmware) from the IP enabled device, modifying the underlying files by removing the administrative tools and creating links, such as symlinks, symbolic links, shortcuts or any form of referral commands found open and proprietary systems that direct the devices/software making function or calls to the administrative tools, expecting to find it in the onboard data storage device to be redirected to the offboard data storage device; Off board storage devices are those that can be physically disconnected and reconnected to the primary IP enabled device to which the administrative tools were on; Recompiling the modified operating system or firmware software; Reloading the new modified operating system or firmware; Connecting the offboard data storage devices containing the administrative software This method allows for transparent operation of the administrative tools in that the user, the operating system and the software are not aware that there is any software based air gapping or offboarding going on. Any air gapped software residing on the offboard data storage device that the user does not require, simply disengaging the offboard storage device manually or automatically will remove the administrative software or any software from any potential threat vectors. The administrative tools and other software are available when needed and an air gap is created from the mainboard when not needed.