Threat Model of the Speech Information Confidentiality in Modern Office Based on Convergence of Functions of Optical Networks
1. AIR AND VIBRATION ACOUSTIC CHANNEL OF SPEECH INFORMATION LEAKAGE
Efficiency of functioning of speech information leakage via technical channels in many respects is defined by physics of processes of generation, propagation and transformation of sound waves. The speech signal is initially an elastic wave of speech frequency band in air (sound wave) which by propagating and reaching the structures of the building will be transformed into elastic waves in solid bodies (structural sound). Propagation conditions of elastic waves in air and solid body significantly differ by wave types, speed, absorption, dispersion. Essential distinctions between the sound wave and structural sound when propagating and registering allow us to distinguish two ways of forming of technical leakage channel of acoustic (speech) information (Fig. 1): air acoustic and vibration acoustic.
• the sound wave in air is an elastic longitudinal wave in the limited space (room) or in air wave guide (conditioning air duct);
• structural sound is  Lamb waves, i. e. normal symmetric and asymmetric elastic waves in thin plates (building walls), as well as elastic waves in bars (fittings of walls, pipes of water supply and heating).
The ways of registration of elastic waves in different environments [6,7] differ significantly:
• microphones with transformation of mechanical oscillations of membrane influenced by sound vibrations of air into electric oscillations based on induction, piezoelectric, optical-acoustic and other effects are used for registration of sound waves;
• sensors of vibrations of surface of building structures which are functioning based on the same physical effects, but having distinctions in design are used for registration of structural sound;
• also in technical channels of speech information leakage spurious acoustic modulations and crosstalk are used for transformation and registration of speech signal by technical means of investigation.
The essential distinctions of the physical principles of functioning of air and vibration TCIL result in considerable distinctions in methods and technology of speech information protection. If it is required to control the course of air streams in the protected room for neutralization of the air acoustic leakage channel, it is required to control passing of structural sound over building structures for vibration acoustic, which is much more difficult. It is simpler to use active systems of protection in the form of radiators of noise for the first leakage channel, than for the second one, since possible air streams will define location of protection devices, which is difficult to be defined for structural sound. Judging from the general physical concepts of sound propagation, it is possible to claim higher level of threat from vibration and acoustic leakage channel in comparison with air and acoustic one.
2. FEATURE OF THREAT MODEL OF CONFIDENTIALITY OF SPEECH INFORMATION IN MODERN OFFICE
The modern office of a large company, a bank or a state institution, as a rule, represents a detached high-rise building with perimeter of a controlled zone near other public buildings. The main architectural and constructive supporting elements (foundations, walls, frameworks, overlapping and roofing) and protecting elements (external and internal walls, floors, partitions, filling of windows and doorways) of buildings are made of reinforced concrete, brick, and metalwork. Modern office building is an object of informatization with the developed infrastructure for intensive operation with confidential information using technical means with the rooms allocated for carrying out confidential negotiations, as well as the rooms with the controlled access of the employees where the speech information subject to protection can also circulate .
The most dangerous speech TCIL for the protected room is vibration and acoustic channel of speech information leakage (Fig. 2) based on structural sound created in the building. If the allocated room can be isolated completely from free passing of air, thereby excluding the air leakage channel, it will be very difficult to prevent forming of informative signal in the form of structural sound. Indeed, when carrying out negotiations, sound waves propagate in the limited space of the allocated room until they are absorbed by walls and interior of the room. Reverberation time RT60 during which the power of sound wave decreases by six orders, i. e. sound almost completely disappears, is the important characteristic of the room influencing comfortable negotiating [1, 7]. RT60 value can exceed second and can exceed inertance of hearing of the person in duration, i. e. the ability to reduce the sounds carried on time into uniform sound perception which exceeds 50 ms. During reverberation time, the sound can pass distance of over 350 m in air and over 3500 m in the material of the building walls without essential change of quality of speech perception.
Energy of sound wave at propagation both in air and in solid bodies is poorly absorbed [7,8]. By order of magnitude, the absorption coefficient in homogeneous environments makes such a value where the sound-energy flux density at some frequencies falls three times at distances of hundreds kilometers, therefore transformation of sound wave energy into heat can be neglected. The main mechanism of sound weakening can be considered as divergence and dispersion not effective for sound in the limited space and in the wave guides. Until the sound from air environment completely pass into structural sound in the walls of the allocated room, it will be audible with the reverberation effect, and then in the form of echo. In architectural acoustics, decrease in RT60 is reached by increase of sound absorption of the walls of the room which simply transfers sound from air into building structures, i. e. into structural sound (noise). When the sound propagates in air, when interacting with walls and interior of the room, the part of energy of sound wave converts into heat, and this part cannot be considered significant in the rooms without special sound absorber, as in reverberation rooms, recording studios, etc.
The structural sound when propagating is scattered on non-uniformities of walls, constructive elements of the building, however the wave keeps its total energy, increasing reverberation time. If you consider delay time (RT60≈1 sec) between scattered parts of the wave, then passable distances should make over 3 km that significantly exceeds the sizes of the whole building. The structural sound fills all space of the building structures and its intensity remains invariable in all horizontal sections of walls of the building with the constant thickness of the supporting elements (Fig. 2). The main losses of energy of structural sound occur when external surfaces of the building radiate in surrounding air space which can be neglected for modern office buildings with heat insulation of external surfaces or through the building base in surrounding earth’s environment, i. e. soil. Thus, structural waves can lose the main part of the energy when propagating into the building foundation, owing to divergence of elastic wave in the earth environment, while retaining the possibility for their registration in the soil near the building.
Let’s assess the intensity of informative signal in the form of structural sound in the walls at the level up to the foundation of modern office building with a height of H and the total floor area (building footprint area) S and cross-sectional area of the walls η from the total floor area, i. e. the area of ηS. When negotiating in the allocated room, the sound pressure level L0 at a distance of R = 1 m from the negotiators is about 60 dB, quiet conversation. This loudness level corresponds to intensity of the sound wave I = 106 . I0 = 1 microwatt/m2, where I0 is audibility threshold, and total power of sound source is P = 4 π R2 I = 4 π microwatt. Only some part k passes into the power of structural sound from the total power of sound in air, let’s assume it equal to approximately 1/π, the rest will be converted to heat. The value of 32% is slightly underestimated for standard steel concrete walls, but is slightly overestimated for the walls with special coverings. Let’s evaluate the floor area of the building S = l2 / 16 = 104 m2, and cross-sectional area of the walls of office building is ηS = 4 l d = 400 m2 where l ≈ 400 m is a perimeter of the building, d≈0,25 m is a thickness of walls, i. e. we assume η = 4%. With height of the building H < 100 m, losses of sound energy can be neglected, then average intensity of structural waves in the building up to the foundation will make ( k P / η S ) = 104 . I0 = 0,01 microwatt/m2. This value of intensity of structural waves corresponds to sound pressure level in air equal to L = L0 + ΔL ≈ 40 dB where attenuation
will make ΔL = L – L0 = 10 ≈ lg ( k P / η S I ) ≈ –20 dB. Thus, the loudness level corresponds to level for a listener at a distance of 10 m from the negotiators in free space that corresponds to direct interception by the violator near completely sound-absorbing wall of the allocated room.
The provided estimates concern the building structure with structurally homogeneous walls; but of course, heterogeneities of the structure, such as utility communications, stair cases, lift shafts, monolithic supporting frameworks, etc., create conditions for re-propagation of energy of structural waves and emergence of especially dangerous sites of the building for creation of the vibration and acoustic leakage channel.
The constructed threat model for security of speech information in modern technical systems of information security is solved by installation of vibration and acoustic radiators of noise near the allocated room. The similar protection system can effectively neutralize any vibration and acoustic speech of TCIL at the simplest schemes of implementation of threat, but it is not effective when using more complex "interception" schemes with modern systems of isolation of informative signal.
3. ROLE OF FIBER OPTIC CHANNEL OF ACOUSTIC (SPEECH) INFORMATION LEAKAGE
The existence of informative structural sound propagating in the building structure jointly with structural noise in principle allows anyone to implement a complex scheme of threat for unauthorized access to the speech information circulating in the allocated room by noise filtering. The suggested threat model is based on the fiber optic channel of speech information leakage which consists in convergence of functions in information and measurement optical networks of the object [2,3,9].
Availability of optical networks of different designation in modern office is an objective need, which in addition to effective implementation of its main function of different information transfer, also allows for measurement of physical fields. In particular, optical fiber is used in telecommunication and local communication systems; it is applied in fiber optic extenders of different interfaces; in connection of separate elements of branched control and monitoring systems such as video surveillance systems. On the other hand, optical fiber is a base for creation of measuring systems of physical fields of the object which can also include fiber optic systems of perimeter security, systems of security and fire alarms. All this leads to wide utilization of fiber optic technologies in the object of informatization, while the fiber of same type can be used for transfer and measurement, resulting in the possibility to use any optical cable both for distributed measuring system of acoustic fields, and for information transfer.
Placement of optical cable in modern office is made according to Structured Cable Systems (SCS) technology where cable channels for information and power cable pass across the whole building covering and connecting all its parts. Provision of information services for users within the object and for communication with external users is carried out using the technology of passive optical networks (PON) where the technology of communication without intermediate active elements is implemented physically, i. e. when light from one user to another passes directly without transformation. Range of such direct link depends on the used standard of network, and reaches over 60 km (for GPON technology).
Optical fiber and cable of regular optical networks completely cover all object of informatization, go beyond the controlled zone, and alternatively the optical cable can be laid near the object. This optical cable system, separately carrying out different regular functions, can be used as the stationary distributed phased space fiber optic grid of acoustic receivers (microphones/vibration sensors) replaced by optical heterogeneities randomly distributed across the cable system [10,11]. Thus, we have a distributed structure of acoustic fiber optic sensors in the space of office building around the source of sound (Fig. 3) forming 3D-grid of vibration sensors which the violator can use for forming of speech TCIL.
The efficiency of functioning of the technical channel of speech information leakage built on these physical principles depends on many conditions: from number of the used fibers and their branching; from proximity to the allocated room; from non-uniformities of optical cable; from the precision of setup of the phased space structure, etc. One should note the capability of the described TCIL to bypass systems of active protection of the allocated room by filtering received signal by phase. Such filtering can be effective owing to diversity in space of speech signal source and arrangement of vibroacoustic noise which will have different phases when registering in 3D-grid of acoustic receivers. One more danger is connected with impossibility to detect the functioning channel and to neutralize it using known technical protection systems.
4. DEMONSTRATION OF CAPABILITIES OF FIBER OPTIC CHANNEL OF ACOUSTIC (SPEECH) INFORMATION LEAKAGE
Capability of creation of speech TCIL based on the phased space structure (3D-grids) of distributed fiber optic acoustic converters has been shown at the experimental stand by comparison of air acoustic and vibration acoustic methods of forming of spurious modulations of light in optical connection with the help of LC–LC adapter of two terminated fibers.
Modeling of optical network was carried out by means of wall distribution frame ShKON‑8 where the optical connection modeling real optical networks with passive elements (Fig. 4) was placed. Computer loudspeakers modeling the air acoustic leakage channel were placed near optical distribution frame. Household vibroloudspeaker KIT MT6030 (Goodfon) with range of reproduced frequencies from 150 Hz to 18 kHz, signal/noise ratio at least 60db, total harmonic distortion at least 0.5%, with an output power about 3 W, dimensions 80.7 mm (diameter) by 44 mm (height) which was mounted on the wall about 400 mm thick in the neighboring room opposite to optical distribution frame was used to form structural waves. Thus, the sound pressure level created in the room with vibroloudspeakers did not exceed 40 dB. The optical scheme of sounding was adjusted to passing of laser radiation through optical connection of fibers. The continuous He-Ne-laser with fiber optic outlet with power at least 0.5 MW on the wavelength of the radiation of 632.85 microns was used as technical means of investigation. Laser radiation was injected into the optical cable about 2 m long connected via LC–LC adapter to the other analogous cable terminated with FD‑21KP photodetector connected in the photovoltaic mode to the selective nanovoltmeter UNIPAN‑233. The nanovoltmeter was used as the measuring instrument and amplifier, which signal transmitted to the earphones for articulation control of efficiency of the speech leakage channel by the degree of verbal intelligibility.
The conducted researches have shown existence of spurious acoustic modulation of light stream both via direct influence of sound wave through air and via excitation of structural sound. The intelligibility made about 100% starting from minimum levels of sound of both air and vibration excitation. And even slight increase of loudness level under air influence has led to transition of the registration system to a condition of saturation with high noise level. In general, sensitivity of system is such that steps and the speech in the corridor behind closed doors were easily audible though the speech remained indistinct.
Thus, experiment studies of the fiber optic channel of speech information leakage have confirmed qualitative analysis of possibility to increase the range of functioning of the leakage channel upon transition to the vibration and acoustic mechanism of registration of speech signal that allows anyone to bypass all existing technical systems of protection.
5. POSSIBILITIES OF PROTECTION OF SPEECH INFORMATION AGAINST LEAKAGE VIA FIBER OPTIC COMMUNICATIONS
The main ways of counteraction to the fiber optic channel of speech information leakage are connected with optical separation of sites of network inside and near the allocated rooms from the parts of global network . Generally, such TCIL completely exclude leakages when forming informative signal during air acoustic impact on elements of communications, but it is impossible to completely exclude forming of informative signal during vibration and acoustic influence as it is difficult to limit propagation of structural sound by means of walls of the allocated room. Active protection methods, such as the vibroacoustic radiators of noise installed for forming structural noise for the purpose of suppression of informative structural sound can be bypassed by filtering signal from noise by phase. Therefore, the discussed TCIL demands new technical solutions.
According to physics of forming and functioning of the fiber optic channel of speech information leakage based on the principles of the distributed space grid, we will group the suggestions of protection as passive methods connected with attenuation of intensity of informative signal and active methods connected with physical impossibility of implementation for noise masking of the leakage channel environment and control of light streams.
Passive methods of protection of speech information can be reduced to the following standard measures [1,4] with some modifications:
• acoustic insulation of the allocated rooms using the materials not only with high acoustic absorption coefficient (surface), but also with high sound absorption coefficient (in volume) in all speech frequency band;
• obligatory acoustic insulation of cable channels from the supporting building structures;
• use of system of passive elements for forming of internal optical cable with the minimum response to spurious vibration and acoustic modulations and crosstalk;
• restriction of free placement of cable channels near the allocated room and the object of informatization.
Active methods of protection of speech information are connected with the use of modern technical means of protection of speech information, such as
• devices of neutralization of unauthorized sounding of optical network by reflectometric methods [see patent of the Russian Federation No. 2 551 802];
• control facilities of optical streams in the protected optical networks [see patent of the Russian Federation No. 2 428 798];
• installation of devices of spurious acoustic modulations and crosstalk on the light streams in optical networks [see patent of the Russian Federation No. 2 416 166];
• inclusion of devices with noise optical radiation into optical networks [see patent of the Russian Federation No. 2 416 167].
Among the given methods of protection, the most effective technical means of counteraction to sounding of optical network are based on using reflectometric methods which do not allow anyone to implement the distributed spacial dimensions of structural sound. Deprivation of informational content of returnable optical radiations in reflectometry completely excludes unauthorized sounding of network by a violator.