CN103618753A - Trans-secret-region data exchange method based on one-way transmission equipment - Google Patents
Trans-secret-region data exchange method based on one-way transmission equipment Download PDFInfo
- Publication number
- CN103618753A CN103618753A CN201310697522.7A CN201310697522A CN103618753A CN 103618753 A CN103618753 A CN 103618753A CN 201310697522 A CN201310697522 A CN 201310697522A CN 103618753 A CN103618753 A CN 103618753A
- Authority
- CN
- China
- Prior art keywords
- data
- exchange
- list
- transmission equipment
- transmission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a trans-secret-region data exchange method based on one-way transmission equipment. According to the method, a data exchange list is established on the basis of a deprivation network protocol and the non-feedback one-way transmission equipment and is used to feed back an exchange result, and data exchange between two different secret regions can be automatically performed through a one-stop exchange processing algorithm. The trans-secret-region data exchange method has the remarkable characteristics of simple application, data consistency, high data safety, high degree of automation and the like, and is particularly applied to the field of trans-secret-region data exchange service based on one-way transmission equipment.
Description
Technical field
The present invention relates in Kua Mi district field of data exchange based on unidirectional transmission equipment Kua Mi district exchanges data, be specially adapted to carry out in different concerning security matters region the application of data security exchange.
Background technology
In the business network of different security level, all respectively have a set of mechanism and approach that obtains dedicated service data at present, shared service data resource and technology between the network of different security level, can effectively realize resource consolidation, improves constructing benefits.But corresponding business network belongs to two dedicated networks that level of confidentiality is different, dedicated service data are carried out information exchange and are related to serious safe and secret problem between them.Unidirectional transmission equipment adopt physics absolute one-way transmission, peel off procotol, without the transmission means of feedback information, make data share exchange process can obtain effective security control, but feedback and data high consistency that thing followed problem is exchange message can not be protected.
Summary of the invention
The technical problem of solution required for the present invention be to avoid the weak point in above-mentioned background technology and provide a kind of based on unidirectional transmission equipment with exchanges data inventory feedback exchange result Kua Mi district's data exchange processing method.It is comprehensive that the present invention has flow process, the workable and high feature of automaticity.
Technical problem to be solved by this invention is realized by following technical scheme:
The present invention specifically comprises the following steps:
(1) trigger Kua Mi district exchanges data: in sending area, by message mechanism or time cycle property trigger mechanism, start transmitting apparatus and carry out Kua Mi district exchanges data;
(2) generated data clearing returns: in sending area, transmitting apparatus is according to the corresponding exchanges data inventory of the Generating Data File in list of exchange, and exchanges data inventory comprises data file name and swap status, before carrying out exchanges data, swap status is put to sky;
(3) transmitting apparatus is assigned transmission instruction: in sending area, transmitting apparatus is assigned transmission instruction to unidirectional transmission equipment, requires unidirectional transmission equipment to send the data file in transmission list of exchange;
(4) receive the transmission instruction that transmitting apparatus is assigned: unidirectional transmission equipment receives the transmission instruction that transmitting apparatus is assigned;
(5) from catalogue read data files and exchanges data inventory: unidirectional transmission equipment is from sending area list of exchange read data files and exchanges data inventory;
(6) transmission data file and exchanges data inventory: unidirectional transmission equipment is transferred to reception area list of exchange by data file and exchanges data inventory;
(7) resolve also deal with data clearing returns: in reception area, receiving equipment is according to the data file update exchanges data inventory receiving, the swap status corresponding to data file of transmission success is updated to " transmission success ", and the swap status corresponding to data file of bust this is updated to " bust this ";
(8) receiving equipment is assigned transmission instruction: in reception area, receiving equipment is assigned transmission instruction to unidirectional transmission equipment, requires unidirectional transmission equipment to send the data file in transmission list of exchange;
(9) receive the transmission instruction that receiving equipment is assigned: unidirectional transmission equipment receives the transmission instruction that receiving equipment is assigned;
(10) from catalogue reading out data clearing returns: unidirectional transmission equipment is from reception area list of exchange reading out data clearing returns;
(11) transmission exchanges data inventory: unidirectional transmission equipment is transferred to exchanges data inventory the list of exchange of sending area;
(12) data file of cleaning transmission success: in sending area, the data file that transmitting apparatus is " transmission success " according to exchanges data inventory by state is deleted from list of exchange;
(13) cleaning exchanges data inventory: in sending area, exchanges data inventory is deleted from list of exchange;
(14) judge whether the data file of bust this: in sending area, transmitting apparatus judges whether that according to exchanges data inventory state is the data file of " bust this ", if having, resends the data file of bust this, forwards step (2) to; If nothing, forwards step (15) to;
(15) process ends.
Wherein, the sending area described in step (1) is a concerning security matters region, comprises transmitting apparatus and list of exchange; In the reception area described in step (7), be a concerning security matters region, comprise receiving equipment and list of exchange; Sending area concerning security matters grade is lower than the concerning security matters grade of reception area; Between sending area and reception area, by unidirectional transmission equipment, carry out the transmission of data.
Wherein, the list of exchange described in step (2) needs the data file of exchange and the exchanges data inventory generating at exchange process for storing.
Wherein, the unidirectional transmission equipment described in step (4) is based on optical communication, without the information unidirectional transmission equipment in any control signal or data-signal loop.
The present invention compares tool with background technology and has the following advantages:
1, the present invention adopts exchanges data inventory feedback mechanism, can greatly promote the data consistency based on unidirectional transmission equipment Kua Mi district exchanges data;
2, the present invention has the advantages that application is easy, with strong points and automaticity is high, is applicable to apply based on unidirectional transmission equipment Kua Mi district exchanges data;
3, also to have simple flow understandable, stable and reliable for performance in the present invention, Information Security advantages of higher.
Accompanying drawing explanation
Fig. 1 is schematic flow sheet of the present invention.
Embodiment
Below, in conjunction with Fig. 1, the invention will be further described.
Based on unidirectional transmission equipment Kua Mi district method for interchanging data, this know-why is for building exchanges data inventory feedback exchange result, and its technological difficulties are mainly the data of difference exchange result automatically to process, and carry out automatic feedback in time.
The present invention includes following steps:
(1) trigger Kua Mi district exchanges data: in sending area, by message mechanism or time cycle property trigger mechanism, start transmitting apparatus and carry out Kua Mi district exchanges data;
Sending area is a concerning security matters region, comprises transmitting apparatus and list of exchange.Transmitting apparatus can receive after the message that other equipment or system send and trigger and start Kua Mi district exchanges data flow process, or transmitting apparatus triggers startup Kua Mi district exchanges data by formulating periodic clock, these two kinds of trigger mechanisms, all without manual intervention, can be realized automatic startup.
(2) generated data clearing returns: in sending area, transmitting apparatus is according to the corresponding exchanges data inventory of the Generating Data File in list of exchange, and exchanges data inventory comprises data file name and swap status, before carrying out exchanges data, swap status is put to sky;
List of exchange needs the data file of exchange and the exchanges data inventory generating at exchange process for storing.The effect of exchanges data inventory is that record needs the data file information of exchange, comprises data file name, swap status, exchange carry out before swap status be sky, after exchange completes, swap status is " transmission success " or " bust this ".
(3) transmitting apparatus is assigned transmission instruction: in sending area, transmitting apparatus is assigned transmission instruction to unidirectional transmission equipment, requires unidirectional transmission equipment to send data file and the exchanges data inventory in transmission list of exchange;
Transmitting apparatus is assigned transmission instruction by Socket interface to unidirectional transmission equipment, in instruction, comprising swap status in exchanges data inventory is empty data file and exchanges data inventory, and unidirectional transmission equipment will read and transmission data file and exchanges data inventory successively according to instruction.
(4) receive the transmission instruction that transmitting apparatus is assigned: unidirectional transmission equipment receives the transmission instruction that transmitting apparatus is assigned;
Unidirectional transmission equipment is based on optical communication, without the information unidirectional transmission equipment in any control signal or data-signal loop.
(5) from catalogue read data files and exchanges data inventory: unidirectional transmission equipment is from sending area list of exchange read data files and exchanges data inventory;
(6) transmission data file and exchanges data inventory: unidirectional transmission equipment is transferred to the data file reading from sending area list of exchange and exchanges data inventory the list of exchange of reception area;
(7) resolve also deal with data clearing returns: in reception area, receiving equipment is according to the data file update exchanges data inventory receiving, the swap status corresponding to data file of transmission success is updated to " transmission success ", and the swap status corresponding to data file of bust this is updated to " bust this ";
Reception area is a concerning security matters region, comprises receiving equipment and list of exchange, and sending area concerning security matters grade, lower than the concerning security matters grade of reception area, is carried out the transmission of data by unidirectional transmission equipment between sending area and reception area.Receiving equipment illustrates that the data file before exchanges data inventory is all transmitted after receiving exchanges data inventory, receiving equipment is the data file in ergodic data clearing returns successively, judge whether each data file is present in list of exchange, if exist, illustrate that this data file is successfully transferred in list of exchange, the swap status that upgrades this data file in exchanges data inventory is " transmission success "; If do not exist, illustrate that this data file is not transferred in list of exchange, the swap status that upgrades this data file in exchanges data inventory is " bust this ".
(8) receiving equipment is assigned transmission instruction: in reception area, receiving equipment is assigned transmission instruction to unidirectional transmission equipment, requires unidirectional transmission equipment to send the exchanges data inventory in transmission list of exchange;
Receiving equipment is assigned transmission instruction by Socket interface to unidirectional transmission equipment, comprises exchanges data inventory in instruction, and unidirectional transmission equipment will read and transmit exchanges data inventory according to instruction.
(9) receive the transmission instruction that receiving equipment is assigned: unidirectional transmission equipment receives the transmission instruction that receiving equipment is assigned;
(10) from catalogue reading out data clearing returns: unidirectional transmission equipment is from reception area list of exchange reading out data clearing returns;
(11) transmission exchanges data inventory: unidirectional transmission equipment is transferred to exchanges data inventory the list of exchange of sending area;
(12) data file of cleaning transmission success: in sending area, the data file that transmitting apparatus is " transmission success " according to exchanges data inventory by state is deleted from list of exchange;
Transmitting apparatus receives after exchanges data inventory, data file in ergodic data clearing returns successively, judge the swap status of each data file, if the swap status of data file is " transmission success ", illustrate that this document is successfully transferred to reception area, deletes this data file from list of exchange; If the swap status of data file is " bust this ", illustrate that this document is not successfully transferred to reception area, need to regenerate exchanges data inventory, again send.
(13) cleaning exchanges data inventory: in sending area, exchanges data inventory is deleted from list of exchange;
Exchanges data inventory is only responsible for the feedback that this secondary data sends result, after step (12) completes, deletes the exchanges data inventory that this secondary data sends.
(14) judge whether the data file of bust this: in sending area, transmitting apparatus judges whether that according to exchanges data inventory state is the data file of " bust this ", if having, resends the data file of bust this, forwards step (2) to; If nothing, forwards step (15) to;
(15) process ends.
Claims (4)
1. based on unidirectional transmission equipment Kua Mi district method for interchanging data, it is characterized in that comprising the following steps:
(1) trigger Kua Mi district exchanges data: in sending area, by message mechanism or time cycle property trigger mechanism, start transmitting apparatus and carry out Kua Mi district exchanges data;
(2) generated data clearing returns: in sending area, transmitting apparatus is according to the corresponding exchanges data inventory of the Generating Data File in list of exchange, and exchanges data inventory comprises data file name and swap status, before carrying out exchanges data, swap status is put to sky;
(3) transmitting apparatus is assigned transmission instruction: in sending area, transmitting apparatus is assigned transmission instruction to unidirectional transmission equipment, requires unidirectional transmission equipment to send the data file in transmission list of exchange;
(4) receive the transmission instruction that transmitting apparatus is assigned: unidirectional transmission equipment receives the transmission instruction that transmitting apparatus is assigned;
(5) from catalogue read data files and exchanges data inventory: unidirectional transmission equipment is from sending area list of exchange read data files and exchanges data inventory;
(6) transmission data file and exchanges data inventory: unidirectional transmission equipment is transferred to reception area list of exchange by data file and exchanges data inventory;
(7) resolve also deal with data clearing returns: in reception area, receiving equipment is according to the data file update exchanges data inventory receiving, the swap status corresponding to data file of transmission success is updated to " transmission success ", and the swap status corresponding to data file of bust this is updated to " bust this ";
(8) receiving equipment is assigned transmission instruction: in reception area, receiving equipment is assigned transmission instruction to unidirectional transmission equipment, requires unidirectional transmission equipment to send the data file in transmission list of exchange;
(9) receive the transmission instruction that receiving equipment is assigned: unidirectional transmission equipment receives the transmission instruction that receiving equipment is assigned;
(10) from catalogue reading out data clearing returns: unidirectional transmission equipment is from reception area list of exchange reading out data clearing returns;
(11) transmission exchanges data inventory: unidirectional transmission equipment is transferred to exchanges data inventory the list of exchange of sending area;
(12) data file of cleaning transmission success: in sending area, the data file that transmitting apparatus is " transmission success " according to exchanges data inventory by state is deleted from list of exchange;
(13) cleaning exchanges data inventory: in sending area, exchanges data inventory is deleted from list of exchange;
(14) judge whether the data file of bust this: in sending area, transmitting apparatus judges whether that according to exchanges data inventory state is the data file of " bust this ", if having, resends the data file of bust this, forwards step (2) to; If nothing, forwards step (15) to;
(15) process ends.
2. according to claim 1 based on unidirectional transmission equipment Kua Mi district method for interchanging data, it is characterized in that: in the sending area described in step (1), be a concerning security matters region, comprise transmitting apparatus and list of exchange; In the reception area described in step (7), be a concerning security matters region, comprise receiving equipment and list of exchange; Sending area concerning security matters grade is lower than the concerning security matters grade of reception area; Between sending area and reception area, by unidirectional transmission equipment, carry out the transmission of data.
3. according to claim 1 based on unidirectional transmission equipment Kua Mi district method for interchanging data, it is characterized in that: at the list of exchange described in step (2), be used for storing the data file of needs exchange and the exchanges data inventory generating at exchange process.
4. according to claim 1 based on unidirectional transmission equipment Kua Mi district method for interchanging data, it is characterized in that: at the unidirectional transmission equipment described in step (4) based on optical communication, without the information unidirectional transmission equipment in any control signal or data-signal loop.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310697522.7A CN103618753B (en) | 2013-12-18 | 2013-12-18 | Trans-secret-region data exchange method based on one-way transmission equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310697522.7A CN103618753B (en) | 2013-12-18 | 2013-12-18 | Trans-secret-region data exchange method based on one-way transmission equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103618753A true CN103618753A (en) | 2014-03-05 |
| CN103618753B CN103618753B (en) | 2017-03-22 |
Family
ID=50169457
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310697522.7A Active CN103618753B (en) | 2013-12-18 | 2013-12-18 | Trans-secret-region data exchange method based on one-way transmission equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103618753B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106529313A (en) * | 2016-11-04 | 2017-03-22 | 中国电子科技集团公司第五十四研究所 | Optical disk library equipment-based cross-secret-region data exchange method |
| CN112532603A (en) * | 2020-11-20 | 2021-03-19 | 中国电子科技集团公司第十五研究所 | Cross-domain file exchange leading-in device and method based on exchange authorization file |
| CN113713395A (en) * | 2021-08-31 | 2021-11-30 | 网易(杭州)网络有限公司 | Game data reading method, device, equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050022023A1 (en) * | 2003-07-25 | 2005-01-27 | Stanley Chincheck | Systems and methods for providing increased computer security |
| CN201087949Y (en) * | 2007-06-01 | 2008-07-16 | 福州宙斯盾信息技术有限公司 | Physical isolation and document unidirectional transmission device |
| CN201690471U (en) * | 2010-06-11 | 2010-12-29 | 深圳市维信联合科技有限公司 | One-way transmission equipment |
-
2013
- 2013-12-18 CN CN201310697522.7A patent/CN103618753B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050022023A1 (en) * | 2003-07-25 | 2005-01-27 | Stanley Chincheck | Systems and methods for providing increased computer security |
| CN201087949Y (en) * | 2007-06-01 | 2008-07-16 | 福州宙斯盾信息技术有限公司 | Physical isolation and document unidirectional transmission device |
| CN201690471U (en) * | 2010-06-11 | 2010-12-29 | 深圳市维信联合科技有限公司 | One-way transmission equipment |
Non-Patent Citations (2)
| Title |
|---|
| 丁惠丽: "网络信息安全单向传输系统的设计与实现", 《计算机安全》 * |
| 唐晋: "网络单向隔离控制系统的设计与实现", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106529313A (en) * | 2016-11-04 | 2017-03-22 | 中国电子科技集团公司第五十四研究所 | Optical disk library equipment-based cross-secret-region data exchange method |
| CN112532603A (en) * | 2020-11-20 | 2021-03-19 | 中国电子科技集团公司第十五研究所 | Cross-domain file exchange leading-in device and method based on exchange authorization file |
| CN112532603B (en) * | 2020-11-20 | 2023-04-07 | 中国电子科技集团公司第十五研究所 | Cross-domain file exchange leading-in device and method based on exchange authorization file |
| CN113713395A (en) * | 2021-08-31 | 2021-11-30 | 网易(杭州)网络有限公司 | Game data reading method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103618753B (en) | 2017-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2017219557A1 (en) | Data transmission method and data transmission apparatus | |
| EP2356753B1 (en) | Link data transmission method, node and system | |
| US10103940B2 (en) | Local network and method of updating a device in a local network | |
| CN101883108B (en) | Document transmission method and system of dynamic authentication | |
| CN104811459A (en) | Processing method, processing device and system for message services and message service system | |
| CN103595559A (en) | System and method for transmitting big data and service system thereof | |
| CN201886473U (en) | Configuration file-updating system, configuration server and application servers | |
| WO2008100114A1 (en) | Method for transmitting data transmitted incompletely between server and client | |
| CN109451032A (en) | A kind of messaging system | |
| CN104796922A (en) | CSE (Common Service Entity) trigger management method, device, CSE and carrying network element | |
| CN107852369B (en) | Method for acquiring power line communication route | |
| WO2016173194A1 (en) | Updating method, device and system for information about resources | |
| CN105472024A (en) | Cross-region data synchronizing method based on message pushing mode | |
| CN103618753A (en) | Trans-secret-region data exchange method based on one-way transmission equipment | |
| CN103209195A (en) | Data acquisition method, terminal and far-end device | |
| CN105978796A (en) | Message communication method and system based on unstable mobile network | |
| EP3660679B1 (en) | Data backup method, device and system | |
| CN109831404B (en) | Instant communication system and method compatible with multiple terminals | |
| CN104009956A (en) | Communication method based on embedded multi-core co-processing gatekeeper system | |
| CN105933140B (en) | A kind of intelligence across a network O&M monitoring method | |
| CN105471654A (en) | FC network based configuration data automatic uploading method | |
| CN104994333A (en) | Medical image transfer device, client terminal, transmission system and transmission method thereof | |
| CN102904764A (en) | Data transmission device and transmission method thereof | |
| JP2023089118A (en) | Core network node and communication method for the same | |
| CN107295057B (en) | Apparatus for relaying data transmission in SCADA system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Liu Weiqiang Inventor after: Fan Shiwei Inventor after: Yuan Jianxia Inventor after: Sun Hanchang Inventor after: Wang Shicheng Inventor after: Liu Bintao Inventor after: Peng Huixiang Inventor after: Chen Yong Inventor after: Li Feng Inventor before: Liu Weiqiang Inventor before: Yuan Jianxia Inventor before: Wang Shicheng Inventor before: Peng Huixiang |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20170421 Address after: 050081 Hebei Province, Zhongshan, West Road, No. 589, the Ministry of the accused, the fifty-fourth Co-patentee after: The Chinese People's Liberation Army of 63921 Troops Patentee after: No.54 Inst., China Electronic Sci. & Tech. Group Co. Address before: 050081 Hebei Province, Zhongshan, West Road, No. 589, the Ministry of the accused, the fifty-fourth Patentee before: No.54 Inst., China Electronic Sci. & Tech. Group Co. |