09/25/2020, Fri, 18:18, Moscow time
, Text: Denis Voeikov
The Pension Fund decided to adapt the module of its AIS PFR-2, associated with electronic signatures and encryption, to work with the domestic OS Astra Linux and ALT Linux. Now the module works on Windows and CentOS.
Russian Linux for FIU
As CNews found out, the Pension Fund of Russia (PFR) intends to adapt a fragment of its new generation automated system (AIS PFR-2) to work with the Russian OS Astra Linux and ALT Linux (“Alt”). Specifically, we are talking about the module “Management of electronic signature and encryption” (UESH), which is part of the component “Cryptographic information security” of the subsystem “Information security” AIS PFR-2.
The developers of Astra Linux and ALT Linux from the companies Rusbitech and Basalt SPO, respectively, in a conversation with CNews, confirmed that their operating systems had not previously been widely used in the FIU, the FIU got acquainted with them only in test mode.
The Pension Fund allocated 39 million rubles for the finalization of the applied and northern software of the UESH module. This amount is declared as the initial maximum contract price in the thematic tender of the FIU. The state customer launched it on September 16, 2020 in the format of an electronic auction. Applications from applicants were accepted until the morning of September 24. The auction took place on September 25.
The name of the winner has not yet been released to the public. According to the tender documents, one can only conclude that there were two participants in the auction. One of them reduced the lot price to RUB 38.76 million. The second – up to 38.57 million rubles. The future contractor of the contract will have to complete all work no later than December 21, 2020.
The Pension Fund of Russia starts the transition to the Russian Linux “Alt” and Astra
The Pension Fund refused to comment on this project to CNews. In particular, the questions of the editors remained unanswered about whether the Russian operating systems will be used in parallel with the foreign ones currently in use or will replace them, and also whether the FIU plans to use Astra Linux and ALT Linux in other modules or systems of the fund in the future.
General Director of “Basalt SPO” Alexey Smirnov in a conversation with CNews he said that his company with the Pension Fund has been systematically testing the capabilities of Alt OS for several years. And the new PFR project, in his understanding, testifies to serious plans for the fund’s transition to domestic software. “It is important not only to use disparate domestic products, but also to ensure the holistic operation of the entire software stack, and this tender speaks of a serious approach,” he adds.
What operating systems are used by the FIU now
It follows from the tender documents that now the application software in the UESH module operates on the basis of the OS of the American company Microsoft – Windows 7, Windows 8, Windows 8.1, Windows Server 2008 R2, Windows 2012 R2, installed on users’ workstations.
As for the server software of the module, it runs on the basis of the CentOS 7.2 OS based on the American commercial Red Hat Enterprise Linux 7.2. The operating system CentOS is installed on the servers of information systems of the Pension Fund of Russia
Some project details
According to the state customer, the development and development of the software for the Electronic Signature and Encryption Management module was carried out under contracts of different years with the companies Online, Information Protection Agency and Technoserv.
To ensure the correct operation of the UEPSh application software on Russian operating systems, the contractor will have to implement a new cryptographic kernel for interaction with certified cryptographic protection tools VipNet CSP for Linux 4.2 and higher, as well as CryptoPro CSP running the OS of the Unix / Linux 4.0 family and higher.
It is also necessary to make corrections of the source codes of the program into a programming language that supports the assembly of executable files for OS Astra Linux and Alt Linux, configure the library calls, change the call algorithm to run alternative libraries, or develop your own implementation, if the implementation of dependencies is missing, create implementation of the interface supported by Russian operating systems, implement plugins for connecting to the kernel and interactions, create a new implementation of the installation distribution, etc.
For the module server software to work correctly, the executor needs to define all dependent libraries on Astra Linux and Alt Linux OS, implement the ability to call methods and versions of standard libraries, as well as build packages and start scripts for the package manager of Russian OS. In addition, you need to create additional configuration sets to build the package in the .deb format and make corrections to the service management settings for the OS.
The FIU emphasizes that when modifying the application and server software of the module, their functionality should not be changed, as well as the existing principles of interaction of programs with calling systems in which the software was implemented should not be violated.
In particular, the performance indicators of the UEPS should not be degraded: the maximum size of processed content is 400 MB, the number of requests per month is at least 500 thousand with a document size of no more than 1 MB, processing is at least 30 documents per second with a document size of no more 1 MB.