CN103338112A - Data unidirectional lead-in method and system - Google Patents
Data unidirectional lead-in method and system Download PDFInfo
- Publication number
- CN103338112A CN103338112A CN2013103025311A CN201310302531A CN103338112A CN 103338112 A CN103338112 A CN 103338112A CN 2013103025311 A CN2013103025311 A CN 2013103025311A CN 201310302531 A CN201310302531 A CN 201310302531A CN 103338112 A CN103338112 A CN 103338112A
- Authority
- CN
- China
- Prior art keywords
- data
- packet
- receiving terminal
- type
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a data unidirectional lead-in method and a system. According to the method, a UDP (User Datagram Protocol) communication protocol is adopted on a transport layer between a sending end and a receiving end; the sending end is used for reading data in a removable storage medium, fractionating the data on the basis of the data type and encapsulating the data into a data package; the encapsulated data package are sent to the receiving end through an optical fiber transmission channel; documents are restored and reassembled by the receiving end according to the data type in the data package. The sending end of the system comprises a communication module, an outer end lead-in module and an inner end lead-out module. According to the data lead-in method and the system, a sending mechanism based on the optical fiber transmission channel is adopted, the unidirectionality of the information flow is ensured on physical layer and application layer aspects, the system deployment is simple, the utilization is convenient, and the stability and reliability are high.
Description
Technical field
The invention belongs to field of information security technology, be specifically related to a kind of data sheet to importing method and system, be used for data sheet with the Low Security Level mobile memory medium and import in the High Security Level system such as relating computer, realize that safety isolates and information exchange.
Background technology
Along with the development of information technology, the use of computer is more and more general.But the threat that simultaneously also brings information security with regard to the present information security secrecy technology level of China, is isolated the good solution of can yet be regarded as with the concerning security matters system physical.But physical isolation is also brought the difficulty of information exchange when solving information security.
The BLP model of computer security and secrecy regulation: the data of Low Security Level can be written in the High Security Level system, but the data of High Security Level can not be written in the system of Low Security Level (do not read, do not write down).Therefore when the data importing in the Low Security Level mobile memory mediums such as USB flash disk is in the High Security Level systems such as relating computer, need prevent that confidential data " backflow " is in mobile memory medium.
Unidirectional importing belongs to safety and isolates and message-switching technique, also claims AirGap or Gap technology abroad.This technology is set up " logic connection " between physically-isolated system, guarantee " safety is isolated " when finishing information exchange.Safety is isolated with information exchange and is at first needed safety zone and non-safety zone are scratched, and best mode is dug " moat " on every side in " city " exactly certainly, and then builds several " suspension bridges " that can control, keeps the intercommunication with outside the city.The guard technology on " bridge " is studied in the development of Data Interchange Technology exactly.Exchanges data has following several technology at present:
1) repair the bridge strategy: service protocol directly passes through, and data are not recombinated, and is little to the speed influence, a little less than the fail safe.
Fire compartment wall FW: the filtration of network layer;
Maltilevel security gateway: the filtration from the network layer to the application layer, multiple outpost of the tax office strategy.
2) ferryboat strategy: service protocol does not directly pass through, and data will be recombinated, and fail safe is good.
Gateway: agreement is landed, and safety detection depends on existing safe practice;
Switching network: set up exchange buffering, three-dimensional security monitoring and protection.
3) artificial strategy: do not do physical connection, manually use move media swap data (optical disc copy), fail safe is good.
Different business networks can be selected different Data Interchange Technology according to the demand for security of oneself, mainly is that amount size, the real-time of seeing exchanges data requires, the requirement of business service mode.Table 1 pair several switching technologies compare.
The comparison of several switching technologies of table 1.
Present most unidirectional introducing equipment is system-level application, disposes complexity, and is expensive, uses loaded down with trivial details.Under information-based condition, secret contradiction with information sharing becomes increasingly conspicuous, and the information exchange demand between classified network and the non-classified network is bigger, and the unidirectional importing product that presses for the desktop level is realized the one-way data transmission of safety.
Summary of the invention
The present invention is directed to the problems referred to above, propose and realized a kind of data sheet to importing method and system, by a kind of high-efficiency reliable transmission mechanism, aspect two of physical layer and application layers, guaranteed the one-way of information flow.
The technical solution used in the present invention is as follows:
A kind of data sheet is to introduction method, and it comprises:
Transport layer between transmitting terminal and the receiving terminal adopts UDP communication protocol;
Transmitting terminal reads the data in the mobile memory medium, carries out the data fractionation and is packaged into packet according to its type, and the packet that is packaged into is sent to receiving terminal by optical fiber transport channel;
Receiving terminal carries out the reduction reorganization of file according to the data type in the described packet.
Further, described transmitting terminal adopts depth-first algorithm traversal file and file according to the file path structure in the mobile memory medium, and traversal carries out the data fractionation according to its type when node and package sends.
Further, the content of described packet comprises: the size of data type, serial number, current transfer files or sequence number, data division and the check code of bag; The type of described packet comprises: control type data packets, data type packet, type of error correction packet.
Further, described length of data package is not less than the available maximum length of UDP datagram, and less than 64K.
Further, in transmission course, detect losing of data type packet and control type data packets.
Further, packet is carried out in two threads with processing in the reception of receiving terminal, adopts named pipes communication between the thread.
A kind of data sheet comprises transmitting terminal and receiving terminal to import system, and the transport layer between described transmitting terminal and the described receiving terminal adopts UDP communication protocol; Described transmitting terminal reads the data in the mobile memory medium, carries out the data fractionation and is packaged into packet according to its type, and the packet that is packaged into is sent to receiving terminal by optical fiber transport channel; Described receiving terminal carries out the reduction reorganization of file according to the data type in the described packet.
Further, described transmitting terminal comprises:
The one-way communication module adopts optical fiber as transmission channel, is used for realizing the unidirectional import feature of data;
The outer end imports module, and the one end links to each other with mobile memory medium, and the other end links to each other with the one-way communication module, is responsible for reading the file in the mobile memory medium, and transfers to the one-way communication module;
The inner module that derives, the one end links to each other with the one-way communication module, and the other end links to each other with receiving terminal (as relating computer), is responsible for receiving the data of one-way communication module output, and is forwarded to receiving terminal.
Further, described outer end importing module links to each other with described mobile memory medium by USB interface.
Further, the software of described receiving terminal realizes comprising that network settings, condition monitoring, data receive and four parts of user interface, adopts thread to realize respectively.
The present invention proposes also to have realized a kind of unidirectional importings mechanism, and the software and hardware that has provided system realizes, for user's routine office work provides a kind of data sheet of simple and fast to serve to importing.The native system scale is light and handy, has low, easy to use, the stable and reliability advantages of higher of cost, has practical value.Specifically, its advantage is as follows:
1) employing has guaranteed no feedback information based on the transmit mechanism of optical fiber transport channel at physical layer, has guaranteed the absolute one-way of physical channel;
2) by self-defining message format for communications, improved efficiency of transmission and reliable data check mechanism is provided; Host-host protocol and algorithm have improved stability and the efficiency of transmission of system efficiently, effectively avoid because the risk of divulging a secret that hide Info " transmitted in both directions " brought;
3) be applied to the desktop level system, hardware cost is cheap, and system disposes simple, and is easy to use, provides that data import automatically, import feature again, based on USB, supports hot plug;
4) at desktop operating system, compatible Windows, Linux.
Description of drawings
Fig. 1 is data packet format schematic diagram among the embodiment.
Fig. 2 is the structural representation of mac frame among the embodiment.
Fig. 3 is catalogue traversal of tree schematic diagram among the embodiment.
Fig. 4 is transmission state transition diagram among the embodiment.
Fig. 5 is the unusual schematic diagram in the file among the embodiment.
Fig. 6 is use and the deterministic process schematic diagram of file lock among the embodiment.
Fig. 7 is the hardware logic structure figure of transmitting terminal among the embodiment.
Fig. 8 is the component relation schematic diagram of cross-thread among the embodiment.
Fig. 9 is the user interface schematic diagram that software is realized among the embodiment.
Embodiment
Below by specific embodiments and the drawings, the present invention is described in detail.Form and the agreement of at first concise and to the point data of description bag transmission respectively from the algorithm of transmitting terminal and receiving terminal two aspect illustrative systems realizations, provide specific implementation in conjunction with previously described algorithm then at last.
1. data packet transmission
System is divided into transmitting terminal and receiving terminal two parts, and wherein transmitting terminal reads the data in the mobile memory medium automatically, sends to receiving terminal after the fractionation encapsulation.Receiving terminal reduces the reorganization file according to the data type in the following data packet format.Udp protocol is adopted in the communication of transport layer between the two.
1.1 data packet format
As shown in Figure 1, the form of communication data packet mainly comprises following four parts.
1) data type (uiFrameType): the sign of data division is the foundation that logic is judged, the processing mode that different types of data is corresponding different.
2) serial number (uLID): additional message according to the difference of data type, has specific value.Can be the size of current transfer files or the sequence number of bag.When data type is filename, this data representation file size; When data type is file data, the sequence number of this data representative data bag.
3) data division (ucData[]): its value has the polytype implication, and most important have filename and a file data.
4) check code (uBCC): identical with the ucData array element type, be used for data portion and carry out verification.
1.2 host-host protocol
Owing to the mobile of packet is unidirectional, can't set up to have communicating to connect of feedback, so udp protocol is adopted in the transmission of data.The size of packet can influence transmitting speed and reliability, be to guarantee transmission quality, and data packet length should be not less than the available maximum length of UDP datagram, and less than 64K(UDP protocol requirement bag less than 64K).
Based on Ethernet (Ethernet) physical characteristic, the MTU(MTU of link layer) be 1500 bytes.Remove 28 bytes (20+8byte) of IP and UDP datagram stem, the data field maximum length of available UDP datagram is 1472 bytes.Fig. 2 is the structural representation of mac frame.
When data packet length surpassed 1472 bytes, transmitting terminal IP layer need carry out burst (fragmentation).Receiving terminal IP layer reorganization burst and the UDP datagram that reduces, these extra operations can cause the rising of packet loss.Therefore, present embodiment definition data packet length be 1472 bytes (with UDP datagram can be identical with maximum length).To and test labor verification msg packet length to the influence of systematic function by theory later.
2. algorithm is realized
2.1 transmitting terminal
Above-mentioned packet is the minimum logical block that transmitting terminal is communicated by letter with receiving terminal.Transmitting terminal to the file in the mobile memory medium by path structure travel through, in a certain order file and file path are sent to receiving terminal again.
2.1.1 type of data packet
The data that transmitting terminal sends are surrounded by following three types:
The control type data packets
TaskStart, TaskEnd: beginning and the end of subtask transmission.
FileName, FileEnd: the beginning of a file transfer and end.
The data type packet
DirName: the relative pathname of file.
Data: file content.
The type of error correction packet
VerifyPassWord: verifying field when task begins, assurance inserts the legitimacy of hardware and this transmission.
UDiskFileMountFalse: label represent that the USB flash disk file can not be identified or USB flash disk for empty.
2.1.2 data check
In packet, add integrality and the accuracy that check digit can detect data division, because complicated checking algorithm can increase the system time expense, here adopted a kind of simple exclusive or check method (block check character), namely the initial value of data and an appointment (normally complete 0) XOR once, last result is as check value.Implementation is: definition verification initial value is R
0, the data field value of ucDATA is R
1, R
2, R
3... ..R
k(1≤k≤DATASIZE), successively with R
kWith R
0Carry out XOR (R
kXor R
0), the end value that draws is filled into the uBCC field.
The recipient calculates back contrast check value and judges whether the transmission of this packet makes a mistake.This verification mode provides checking feature, but because the unidirectional restriction of physics does not provide error correction.
2.1.3 message sends
Once complete data sheet is divided into following two steps to the importing task:
(1) according to the file path structure in the mobile memory medium, depth-first travels through file and file (Depth-First Traversal).
(2) traversal is carried out data according to its type and is split also package transmission when node.
Be example with Fig. 3, according to the path of depositing that sends file, make up the file directory tree.According to the depth-first algorithm, access node A at first.The type of A is file path, sends behind the padding data bag.Follow access node D, P, Q etc., last access node M.When node type is that file and file size can directly encapsulate into packet during less than ucData field maximum; When its length during greater than ucData field maximum, need carry out burst earlier.Be example with file M, establish its size and be s that the ucData field maximum of data packet format is DATASIZE.If s mod DATASIZE merchant is j, i.e. s=DATASIZE*k+j for the k remainder.File data will be divided into the k+1 sheet and send, and the size of preceding k sheet data field is DATASIZE, and the size of k+1 sheet is j.In the traversal by way of the mode of node padding data bag as shown in table 2.
Table 2. data filling mode
Correct transformation task once, the conversion of transmission state is fixed, as shown in Figure 4.Taken place unusually in the unknown state conversion proof transmission course, described how to analyze Exception Type and occurrence cause in detail in next joint.Concrete state transition table is as shown in table 3.
The conversion of table 3. legal state
2.2 receiving terminal
Receiving terminal adopts corresponding processing mode according to its type after receiving packet from transmitting terminal.Type and the sequence number of receiving packet should meet the transmission state conversion sequence.
2.2.1 data reduction
Control bag and packet are data types main in the transmission course, and its processing mode is as shown in table 4:
Table 4. different types of data processing mode
2.2.2 abnormality processing
File is split into a plurality of packets and sends, and the possibility of the more many packet losses of packet is more high.Udp protocol has unreliability, a packet lose the bust this that can cause whole file.
Unusual main in the transmission comprises two kinds of situations:
(1) unusual in the file.Be part Data categorical data packet loss, with reference to the state transition graph 4 that preamble provides, the uLID field in the packet has continuity.The uLID value that receiving terminal is received increases progressively since 1, if the current uLID value of receiving is k, then the uLID value of next packet is k+1, if discontinuous then the generation unusually, the packet that this document has been received is with deleted, and the follow-up data bag of this document will be left in the basket, as shown in Figure 5.
(receive the FileEnd type data packets) when file transfer finishes, judge whether the packet sum of receiving meets expection, if be less than the receivable quantity that arrives, the data-bag lost in the file has taken place then.
(2) unusual between file.In order to detect losing of control type data packets, one " the file lock " that be used for the sign transmission course in the receiving terminal program maintenance.Its initial condition is unLock, and can change its state earlier when certain file begins to transmit is Lock, and recovering its state when finishing transmission is unLock.
If the FileEnd data-bag lost of a last file, then the state of file lock can't be reset.After receiving terminal obtained the FileStart packet of next file, by judging file lock state, the transmission that can detect a file had taken place unusually.
If the FileStart data-bag lost of current file, then the state of file lock is uLock.After receiving terminal obtains the Data packet, by judging file lock state, can detect the current file handle and fail correctly to create.
When receiving terminal is received the FileEnd packet, if file lock state is uLock, the FileStart data-bag lost of current file then, file handle fails to create, and file data does not write, the current file bust this.The use of file lock and deterministic process are as shown in Figure 6.
In transmission course, two kinds of judgment modes cooperatively interact, and are used for detecting losing of data type and control type bag.When two kinds of packet loss modes took place simultaneously, the actual detection process was more complicated, had just briefly described the judgement flow process under the single situation here.
3. the specific implementation of system
Message format and transmission mechanism according to the preamble definition have been realized system prototype at (SuSE) Linux OS respectively.The transmitting terminal software and hardware system operates on the built-in Linux operating system; Receiving terminal runs on respectively on the desktop computer of linux system.Present embodiment highlights the software of system and realizes.
3.1 The Hardware Design
System has only transmitting terminal to relate to hardware circuit design, and the hardware logic structure of transmitting terminal specifically comprises as shown in Figure 7 with lower module:
1. one-way communication module
The one-way communication module is the core component of multi-functional import system, is used for realizing the unidirectional import feature of data.These parts adopt optical fiber as transmission channel, because the unidirectional transmission property of light has guaranteed the definitely unidirectional of physical channel.
2. the outer end imports module
This module directly links to each other with mobile memory medium by USB interface, is responsible for reading the file in the mobile memory medium, and imports in the relating computer by the one-way communication module.The outer end imports module one end and links to each other with mobile memory medium, and the other end links to each other with the one-way communication module.
3. module is derived in the inner
Inner module one end of deriving links to each other with the one-way communication module, and the other end links to each other with relating computer.This module is responsible for receiving the outer end and is imported module by the data of one-way communication module transmission, and the data that receive are transmitted to relating computer.
3.2 transmitting terminal software design
The transmitting terminal introducing equipment can read configuration file after starting, and carries out initialization according to configuration mode.When USB port detects the USB flash disk insertion, begin to send packet.
The function of program realizes mainly comprising following module:
(1) file and file traversal.According to the model that the 2.1.3 joint provides, search sends the data under the catalogue.
(2) packet encapsulation and transmission.Search sends in the process of catalogue, and according to the value of each field in the data type padding data packet format, filling mode sends to receiving terminal after the encapsulation shown in the 2.1.3 joint.
(3) generate check code.Transmitting terminal generates the end that check code appends to packet according to the content of ucData field.The generation of check code and account form are shown in the 2.1.2 joint.
(4) user arranges.Arrange by the sending mode of dedicated program to transmitting terminal, as size and the transmission interval of revising packet, it is single or circulation etc. that send mode is set.
3.3 receiving terminal software design
The receiving terminal program receives file and carries out showing accepting state in real time alternately with the user.
Major function is divided into four parts, uses thread to realize respectively.Fig. 8 is the component relation schematic diagram between the thread, describes respectively below:
(1) network settings.
Need carry out initialization to the USB network interface card during program start, information such as its IP, gateway are set.Program timing detects network interface card and whether keeps connection status, and parameter arranges normally.Shown in thread among Fig. 81.
(2) condition monitoring.
This thread is monitored transmission state in real time, and the data packet number that the usage counter statistics receives calculates transmission information such as inbound pacing, remaining time.When the type of data packet that receives does not satisfy the state transition graph that preamble describes or do not receive receivable packet for a long time, system judges that Exception Type also provides corresponding prompting.Shown in thread among Fig. 82.
(3) data receive.
This thread is set up the Socket based on udp protocol, and reads data from the Socket buffer memory, according to type of data packet original also.This module is divided into two threads, and first continuous read data is written in the buffer memory, second from buffer memory read data carry out corresponding disk operating then.
Consider that to write the CPU time that disk takies longer, carry out if packet receives with handling in a thread serial, can cause disk buffering to overflow and packet loss takes place.The reception of packet is carried out in two threads with processing, shown in thread among Fig. 83 and thread 5.Adopt named pipes communication between the thread, can evade preferably because handling the untimely packet loss problem that causes.
The named pipes FIFO(first-in that is otherwise known as first-out), is a kind of special device file, and the principle of first in first out is followed in strictness, and the data that write FIFO will be added to end position, can be from beginning return data when reading the data among the FIFO.Though it exists with document form, write the data of FIFO by linux kernel transmission and storage, do not directly write in the file system, have and be easy to safeguard and advantages such as processing speed is fast.
(4) user interface.Shown in thread among Fig. 84, the running status of this thread real-time display program, the current file that is transmitting and size thereof, transmission speed is finished required remaining time; The result that shows each file, success or failure etc.; Provide the user to operate, by UI file storage location can be set voluntarily, the preserving type of file of the same name (covering or rename) etc., Fig. 9 is the user interface schematic diagram that software is realized.
In sum, communicate by letter mutually during the concurrent execution of four parts, mutually the function of coordinating of finishing receiving terminal.The obstruction of thread relies on the message of communicating by letter between them with waking up.
Although disclose specific embodiments of the invention and accompanying drawing for the purpose of illustration, its purpose is to help to understand content of the present invention and implement according to this, but it will be appreciated by those skilled in the art that: without departing from the spirit and scope of the invention and the appended claims, various replacements, variation and modification all are possible.The present invention should not be limited to this specification most preferred embodiment and the disclosed content of accompanying drawing, and the scope of protection of present invention is as the criterion with the scope that claims define.
Claims (10)
1. a data sheet is characterized in that to introduction method:
Transport layer between transmitting terminal and the receiving terminal adopts UDP communication protocol;
Transmitting terminal reads the data in the mobile memory medium, carries out the data fractionation and is packaged into packet according to its type, and the packet that is packaged into is sent to receiving terminal by optical fiber transport channel;
Receiving terminal carries out the reduction reorganization of file according to the data type in the described packet.
2. the method for claim 1 is characterized in that: described transmitting terminal adopts depth-first algorithm traversal file and file according to the file path structure in the mobile memory medium, and traversal carries out according to its type when node that data split and package sends.
3. the method for claim 1, it is characterized in that: the content of described packet comprises: the size of data type, serial number, current transfer files or sequence number, data division and the check code of bag; The type of described packet comprises: control type data packets, data type packet, type of error correction packet.
4. the method for claim 1, it is characterized in that: described length of data package is not less than the available maximum length of UDP datagram, and less than 64K.
5. the method for claim 1 is characterized in that: detect losing of data type packet and control type data packets in transmission course.
6. the method for claim 1 is characterized in that: packet is carried out in two threads with handling in the reception of receiving terminal, adopts named pipes communication between the thread.
7. a data sheet comprises transmitting terminal and receiving terminal to import system, it is characterized in that: the transport layer between described transmitting terminal and the described receiving terminal adopts UDP communication protocol; Described transmitting terminal reads the data in the mobile memory medium, carries out the data fractionation and is packaged into packet according to its type, and the packet that is packaged into is sent to receiving terminal by optical fiber transport channel; Described receiving terminal carries out the reduction reorganization of file according to the data type in the described packet.
8. system as claimed in claim 7 is characterized in that, described transmitting terminal comprises:
The one-way communication module adopts optical fiber as transmission channel, is used for realizing the unidirectional import feature of data;
The outer end imports module, and the one end links to each other with mobile memory medium, and the other end links to each other with the one-way communication module, is responsible for reading the file in the mobile memory medium, and transfers to the one-way communication module;
The inner module that derives, the one end links to each other with the one-way communication module, and the other end links to each other with receiving terminal, is responsible for receiving the data of one-way communication module output, and is forwarded to receiving terminal.
9. as claim 7 or 8 described systems, it is characterized in that: described outer end imports module and links to each other with described mobile memory medium by USB interface.
10. as claim 7 or 8 described systems, it is characterized in that: the software of described receiving terminal realizes comprising that network settings, condition monitoring, data receive and four parts of user interface, adopts thread to realize respectively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103025311A CN103338112A (en) | 2013-07-15 | 2013-07-15 | Data unidirectional lead-in method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103025311A CN103338112A (en) | 2013-07-15 | 2013-07-15 | Data unidirectional lead-in method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103338112A true CN103338112A (en) | 2013-10-02 |
Family
ID=49246217
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013103025311A Pending CN103338112A (en) | 2013-07-15 | 2013-07-15 | Data unidirectional lead-in method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103338112A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850188A (en) * | 2017-01-24 | 2017-06-13 | 中国航天系统科学与工程研究院 | A kind of data transmission system based on multichannel isomery one-way transmission path |
| CN107277813A (en) * | 2017-07-19 | 2017-10-20 | 南京邮电大学 | A kind of uni-directional wireless network security isolation Transmission system and method |
| CN107329920A (en) * | 2017-07-06 | 2017-11-07 | 中国航空工业集团公司西安飞机设计研究所 | A kind of common interface frame design method of reflective memory |
| CN107437034A (en) * | 2016-05-28 | 2017-12-05 | 南京水晶石数字科技有限公司 | A kind of ferrying data safely system and its matching method |
| CN109412891A (en) * | 2018-10-19 | 2019-03-01 | 郑州云海信息技术有限公司 | A kind of method and apparatus detecting client state |
| CN109510794A (en) * | 2017-09-14 | 2019-03-22 | 蓝盾信息安全技术股份有限公司 | A kind of intelligent file scanning technique based on data unidirectional introducing equipment |
| CN110809138A (en) * | 2019-11-19 | 2020-02-18 | 北京国保金泰信息安全技术有限公司信息安全技术研究中心 | Video one-way transmission system based on no feedback light |
| CN111277602A (en) * | 2020-01-23 | 2020-06-12 | 奇安信科技集团股份有限公司 | Network data packet identification processing method and device, electronic equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202178780U (en) * | 2011-08-31 | 2012-03-28 | 公安部第三研究所 | Internal-and-external network safety isolation system based on one-way transmission |
| CN202679410U (en) * | 2012-05-25 | 2013-01-16 | 南京烽火星空通信发展有限公司 | Convenient unidirectional file transmission apparatus |
-
2013
- 2013-07-15 CN CN2013103025311A patent/CN103338112A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202178780U (en) * | 2011-08-31 | 2012-03-28 | 公安部第三研究所 | Internal-and-external network safety isolation system based on one-way transmission |
| CN202679410U (en) * | 2012-05-25 | 2013-01-16 | 南京烽火星空通信发展有限公司 | Convenient unidirectional file transmission apparatus |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107437034A (en) * | 2016-05-28 | 2017-12-05 | 南京水晶石数字科技有限公司 | A kind of ferrying data safely system and its matching method |
| CN106850188A (en) * | 2017-01-24 | 2017-06-13 | 中国航天系统科学与工程研究院 | A kind of data transmission system based on multichannel isomery one-way transmission path |
| CN107329920A (en) * | 2017-07-06 | 2017-11-07 | 中国航空工业集团公司西安飞机设计研究所 | A kind of common interface frame design method of reflective memory |
| CN107329920B (en) * | 2017-07-06 | 2020-09-18 | 中国航空工业集团公司西安飞机设计研究所 | Public interface frame design method of reflective memory |
| CN107277813A (en) * | 2017-07-19 | 2017-10-20 | 南京邮电大学 | A kind of uni-directional wireless network security isolation Transmission system and method |
| CN109510794A (en) * | 2017-09-14 | 2019-03-22 | 蓝盾信息安全技术股份有限公司 | A kind of intelligent file scanning technique based on data unidirectional introducing equipment |
| CN109412891A (en) * | 2018-10-19 | 2019-03-01 | 郑州云海信息技术有限公司 | A kind of method and apparatus detecting client state |
| CN109412891B (en) * | 2018-10-19 | 2022-04-22 | 郑州云海信息技术有限公司 | Method and device for detecting client state |
| CN110809138A (en) * | 2019-11-19 | 2020-02-18 | 北京国保金泰信息安全技术有限公司信息安全技术研究中心 | Video one-way transmission system based on no feedback light |
| CN111277602A (en) * | 2020-01-23 | 2020-06-12 | 奇安信科技集团股份有限公司 | Network data packet identification processing method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103338112A (en) | Data unidirectional lead-in method and system | |
| CN105991384B (en) | The space flight ethernet communication method of compatible time trigger Ethernet and 1553B | |
| CN106534317B (en) | A kind of calamity based on block chain technology is for cloud storage system construction method | |
| Li et al. | Research based on OSI model | |
| CN107480559A (en) | Safe storage system and method for a kind of block chain from chain data | |
| CN105379208A (en) | Multi-connection system and method for service using internet protocol | |
| CN103078921B (en) | A kind of transmission, the method and device of reception message | |
| CN105337991A (en) | Integrated message flow searching and updating method | |
| CN105279254A (en) | Layout data stream file system, operation apparatus for system and realization method for apparatus | |
| CN102196321A (en) | Method for transmitting 100GE (100gigabit Ethernet) data in OTN (Optical Transport Network) and data sending device | |
| CN103561033B (en) | User remotely accesses the device and method of HDFS cluster | |
| CN112651046A (en) | Data synchronization method, device and system for cross-chain transaction and terminal equipment | |
| CN104038505A (en) | Method and device for preventing IPSec (internet protocol security) replaying | |
| CN106094800A (en) | A kind of management system of novel CAN FD controller | |
| CN101552931B (en) | System and method for realizing encapsulation mode frame recombination of gigabit passive optical network | |
| WO2020038424A1 (en) | Data packet transmission method and apparatus, storage medium, and electronic apparatus | |
| CN104639328A (en) | GOOSE message authentication method and GOOSE (Generic Object Oriented Substation Event) message authentication system | |
| CN110138635B (en) | Protocol conversion function verification device and method supporting FC and Ethernet | |
| CN104767828A (en) | Inter-chip high-speed interconnection link layer design method and system | |
| CN102388594B (en) | Method, device and system for data transmission | |
| CN101820425B (en) | RSVP (Respondez Sil Vous Plait) authentication method and system | |
| US9337959B2 (en) | Defect propagation of multiple signals of various rates when mapped into a combined signal | |
| CN104184678A (en) | Method for dropping frame duplicates to achieve highly-reliable seamless redundancy ring network | |
| CN102768351A (en) | Method, system and intelligent tool device for detecting prior mounting function of electric meter | |
| CN102438273B (en) | Method and relevant device for Internet protocol (IP) communication among cluster network elements as well as communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20131002 |
|
| RJ01 | Rejection of invention patent application after publication |