CN108881158A - Data interaction system and method - Google Patents
Data interaction system and method Download PDFInfo
- Publication number
- CN108881158A CN108881158A CN201810420789.4A CN201810420789A CN108881158A CN 108881158 A CN108881158 A CN 108881158A CN 201810420789 A CN201810420789 A CN 201810420789A CN 108881158 A CN108881158 A CN 108881158A
- Authority
- CN
- China
- Prior art keywords
- file
- server
- information
- destination
- file destination
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The present invention provides a kind of data interaction system and method, which includes:First predetermined server, for obtaining file destination to be exchanged from first file server according to the exchange files task of starting;First predetermined server is also used to send the file destination to second predetermined server by the described first unidirectional gateway;Second predetermined server, for receiving the file destination by the described first unidirectional gateway and the file destination being uploaded to second file server;Second predetermined server is also used to that the upload result of the file destination is sent to first predetermined server by the described second unidirectional gateway.
Description
Technical field
The present invention relates to technical field of data security, more particularly to a kind of data interaction system and method.
Background technique
In some concerning security matters units, especially public security system, data network can generally be divided into Intranet and outer net.Wherein, Intranet
For local area network, generally concerning security matters network, outer net is internet/wide area network, Intranet and the mutual physical isolation of outer net.And it actually answers
In, it is usually present the scene that outer net needs to obtain the file in Intranet or the file in the desired acquisition outer net of Intranet.And this
The problem of having related to the file interaction between heterogeneous networks, currently, still not guaranteeing Intranet or outer net in the prior art
Under the safety of the file interacted, the scheme of the exchange files between different network environments is realized.
Summary of the invention
The present invention provides a kind of data interaction system and method, with solve to be not possible in the prior art guarantee Intranet or
Under the safety of outer net institute interaction data, realize different network environments between exchange files the problem of.
To solve the above-mentioned problems, according to an aspect of the present invention, the invention discloses a kind of data interaction system, packets
It includes:First file server, the second file server, the first predetermined server, the second predetermined server, the first unidirectional gateway and
Second unidirectional gateway, wherein first file server and first predetermined server are respectively positioned on first network, and described
Two file servers and second predetermined server are respectively positioned on the second network, and the first network and the second network object
Reason isolation;
First predetermined server, for being obtained according to the exchange files task of starting from first file server
File destination to be exchanged;
First predetermined server is also used to send the file destination by the described first unidirectional gateway to described the
Two predetermined servers;
Second predetermined server, for receiving the file destination by the described first unidirectional gateway and by the mesh
Mark file is uploaded to second file server;
Second predetermined server is also used to the upload result of the file destination through the described second unidirectional gateway
It is sent to first predetermined server.
According to another aspect of the present invention, the invention also discloses a kind of data interactive methods, are applied to data interaction system
System, the system comprises the first file server, the second file server, the first predetermined server, the second predetermined server, the
One unidirectional gateway and the second unidirectional gateway, wherein first file server and first predetermined server are respectively positioned on
One network, second file server and second predetermined server are respectively positioned on the second network, and the first network and
The second network physical isolation.
This method includes:
First predetermined server is obtained from first file server wait hand over according to the exchange files task of starting
The file destination changed;
First predetermined server is preset by the described first unidirectional gateway transmission file destination to described second
Server;
Second predetermined server by the described first unidirectional gateway receives the file destination and by the target text
Part is uploaded to second file server;
The upload result of the file destination is sent to by second predetermined server by the described second unidirectional gateway
First predetermined server.
Compared with prior art, the present invention includes the following advantages:
Two unidirectional gateways, the letter between two networks is arranged in the embodiment of the present invention between first network and the second network
Breath transmission requires to ensure that the safety of the data of transmission to form a data loop via corresponding unidirectional gateway;And
And acted on behalf of by the way that predetermined server is respectively set as one in two network sides, to realize the exchange files between heterogeneous networks,
In the case where guaranteeing the safety of Intranet or outer net institute mutual files data, the exchange files between different network environments are realized.
Detailed description of the invention
Fig. 1 is a kind of structural block diagram of data interaction system embodiment of the invention;
Fig. 2 is a kind of step flow chart of data interactive method embodiment of the invention.
Specific embodiment
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, with reference to the accompanying drawing and specific real
Applying mode, the present invention is described in further detail.
One of the core concepts of the embodiments of the present invention is, by being respectively set in physically-isolated outer net and Intranet two sides
Two servers for the data exchange between two networks, referred to herein as file-swapping service device, by file-swapping service
Device extracts and uploads file data to be exchanged from the file server of network where it, and passes through the two of Intranet and outer net
A unidirectional gateway carries out the mutual biography of file data, realizes the exchange files between heterogeneous networks, and then ensure that outer net, Intranet
Data safety.
Referring to Fig.1, a kind of structural block diagram of data interaction system embodiment of the invention is shown, can specifically include:
First file server 11, the second file server 12, the first predetermined server (that is, the first file-swapping service device, here for
Outer net file-swapping service device) the 13, second predetermined server is (that is, the second file-swapping service device, is here Intranet exchange files
Server) the 14, first unidirectional gateway 15 and the second unidirectional gateway 16, wherein first file server 11 and described first
Predetermined server 13 is respectively positioned on first network, and second file server 12 and second predetermined server 14 are respectively positioned on
Two networks;
Wherein, whether the first file server 11 or the second file server 12, in the specific implementation, they can be with
It is any one file server in known technology, such as FTP (File Transfer Protocol, File Transfer Protocol)
Server, SFTP (Secure File Transfer Protocol, secure file transportation protocol) server, Samba
(Server Messages Block, information service block) server, and the first file server 11 and the second file server 12
Protocol type can be identical or different, the present invention does not limit this.
Wherein, in embodiments of the present invention, due to the main function of the first predetermined server 13 and the second predetermined server 14
It can all be the alternating transmission of the progress file data between first network and the second network, therefore hereinafter can be pre- to first
If server 13 is referred to as the first file-swapping service device, the second file-swapping service device is referred to as to the second predetermined server 14.
Wherein, first network and the second network are mutually physically-isolated, they can be outer net, are also possible to Intranet,
In one embodiment, when the first network is Intranet, second network is outer net;In another embodiment, when
When the first network is outer net, second network is Intranet.
Here by taking first network is outer net, the second network is Intranet as an example, that is, one will be acquired in the file server of outer net
For a little file securities are transferred on the file server of Intranet, the workflow of the system described in Fig. 1 of the embodiment of the present invention
It is described in detail.
Wherein, since first network is outer net, the second network is Intranet, therefore for the ease of reader's understanding, here by Fig. 1
In the first predetermined server 13 be referred to as outer net file-swapping service device, by the second predetermined server 14 be referred to as Intranet exchange files
First file server 11 is referred to as outer net file server, the second file server 12 is referred to as to Intranet file clothes by server
Business device.
S101 first, outer net file-swapping service device new files switching task.
Wherein, in new files switching task, exchange files can be carried out by the external online article part swap server of user
Task creates, and therefore, in new files switching task, the outer net file-swapping service device of the embodiment of the present invention be can receive
The task configuration-direct of user, to go new files switching task according to task configuration-direct.
Wherein, user can create one or more exchange files tasks, such as exchange files task 1:It will be outer online
The file on store path 1 on ftp server uploads on the store path 2 on the SFTP server of Intranet;Exchange files
Task 2:File on store path 3 on outer online ftp server is uploaded to the storage on the SFTP server of Intranet
On path 2.
Wherein, it is illustrated so that the file of outer net is transferred to Intranet as an example due to the method for the embodiment of the present invention,
Here newly-built exchange files task may only upload to the file of outer net in Intranet, and can not create on the file by Intranet
Pass to the exchange files task of outer net.
It is different below according to the mission bit stream in newly-built exchange files task, respectively to different mission bit streams configure into
Row brief description.
S10 configures the outer net file server (being here the first file server 11) for sending file of outer net
Outer net file server information;
Wherein, which may include the address ip of outer net file server, port numbers, protocol class
Type, account, password, affiliated area (outer net or Intranet);
Wherein, outer net file-swapping service device can be according in the file server information in newly-built exchange files task
Affiliated area still fall within the file of Intranet to determine that this document server info is the file server for belonging to outer net
Server.
S11 configures the store path of file destination to be sent outside on net file server;
That is, user can be by depositing on the file/listed files uploaded outside net file server
Path is stored up, outer net file server is sent to by way of sending task configuration-direct, in this way, outer net file server can
To configure the file destination storage road on net file server outside of (that is, to be exchanged) to be sent of this document switching task
Diameter;
It wherein, may include one or more files under the store path.
It should be noted that in other embodiments, the store path in S11 also can be only fitted to outer net file server
File server information in.
S12 configures the Intranet file server information of the Intranet file server for receiving file of Intranet;
Wherein, which may include the address ip of Intranet file server, port numbers, protocol class
Type, account, password, affiliated area (outer net or Intranet);
Wherein, Intranet file-swapping service device can be according in the file server information in newly-built exchange files task
Affiliated area still fall within the file of Intranet to determine that this document server info is the file server for belonging to outer net
Server.
S13 is configured when the file destination is uploaded to Intranet file server (being here the second file server 12),
Upload path including file destination on net file server.
That is, file/listed files of upload can be uploaded to the upload road in Intranet file server by user
Diameter is sent to outer net file server by way of sending task configuration-direct, in this way, outer net file server can match
Set the upload path including the file destination of this document switching task on net file server;
It should be noted that in other embodiments, the upload path in S13 also can be only fitted to Intranet file server
File server information in.
Optionally, S14, configuration file filtering policy information.
I.e. in this exchange files task, need to be filtered file/listed files under store path, filtering
It is regular then according to the file filter policy information in this document switching task.
Wherein, in specific implementation, this document filtering policy information may include that file format white list, file format are black
List, file size etc., wherein file format white list and file format blacklist mutual exclusion, in file filter policy information only
It may include alternative one, and they can be combined with file size, or be separately formed file filter policy information.
Optionally, whether S15, configuration carry out virus scan.
That is, whether user can be added in exchange files task in new files switching task under store path
File/listed files carry out virus scan information.
Optionally, S16 configures the task execution cycle T of this document switching task.
That is, when in some exchange files task including task execution cycle T, then whenever reaching task execution time, outside
Online article part swap server all can periodically start this document switching task automatically, and the file for executing corresponding this document switching task is handed over
It changes.
Certainly, if exchange files task is configured without task execution cycle T, this document switching task is touched by user
Hair starting, only irregularly repeats, Exactly-once, so, whether cycle T, which configures, has no effect on the present invention
Outer net and Intranet between exchange files.
So after performing above-mentioned S10~S16, an exchange files task has just been created, it can be to the upper of configuration
It states information to be saved, generates an exchange files task.
Wherein, the present invention does not limit the execution sequence of S10~S16.
Then, S102, outer net file-swapping service device is according to the exchange files task of starting from first file service
Device 11 obtains file destination to be exchanged;
It can be realized by S20 and S21 when specific implementation:
S20, the outer net file-swapping service device are used for when some exchange files task start, according to the file
Outer net file server information (that is, first server information) in switching task, with the corresponding outer net file server information
The first file server 11 establish connection;
Specifically, outer net file-swapping service device, it can be according to two groups of servers in the exchange files task of starting
Affiliated area in information, to determine the corresponding network area of every group of server info institute, i.e. outer net, Intranet here can
Using according to affiliated area as the address ip in the outer net file server information of outer net, port numbers, protocol type, account, password,
To establish connection with the first file server 11 of outer net.
Wherein, the task start that the operation of triggering this document switching task starting can be user's triggering instructs, can also be with
It is that the execution cycle T of this document switching task reaches the time and automatic trigger, the present invention do not limit this.
S21, the outer net file-swapping service device, for according to the store path in the exchange files task, from even
File destination to be exchanged is obtained in the first file server 11 connect;
That is, outer net file-swapping service device can obtain this document exchange and appoint from the first file server 11 of connection
File in business under the store path, file destination as to be exchanged.
Optionally, in one embodiment, it when in this document switching task including file filter policy information, is then holding
When row S21, it is accomplished by the following way:
The outer net file-swapping service device is also used to according to the store path in the exchange files task, from connection
The first file server 11 in obtain the corresponding store path listed files the file information;
Wherein, this document information may include the texts such as file name (unique identification of file), file format, file size
Part attribute information.
Such as the file information of this document list include file 1- format be .doc-3M, file 2- format is Excel-2M
Deng.
The outer net file-swapping service device is also used to the file information and the file filter according to the listed files
Policy information carries out the file information filtering to the file information of the listed files, obtains the file information of file destination;
Wherein, as described in above-described embodiment, file filter policy information can be file format white list;File format is black
List;File size;File format white list and file size;File format blacklist and file size etc..
Called file format white list, which describe some file formats, are carrying out text using this document format white list
When the filtering of part information, in the file information of listed files, only file format belongs to the file in file format white list
The file of format can stay, other require to filter out;
Called file format blacklist, which describe some file formats, are carrying out text using this document format blacklist
When the filtering of part information, in the file information of listed files, as long as file format belongs to the file in file format blacklist
The file of format can all be filtered, and the file information of other remaining file formats is retained;
And for file size, it is, for example, 2M that the expression of this document size, which can be used for the file full-size of exchange files,
For in the file information of listed files, all file sizes are more than that the file information of full-size 2M will be all filtered,
The file information of remaining file is retained.
So after the filtering of the file information of above-mentioned various strategies, the file information that residue retains all is corresponded to i.e.
By the file destination exchanged.
Wherein, the quantity of the file destination exchanged can be one or more.
The outer net file-swapping service device, is also used to the file information according to the file destination, from the first of connection
The file destination of the corresponding store path is obtained in file server 11.
It wherein, can be according to the file information of determining file destination come from connection after through above-mentioned filter operation
Under store path in first file server 11, corresponding file destination is obtained.
In this way, the embodiment of the present invention is carried out by each file under the store path to the first file server of outer net 11
Filtering ensure that the file security transmission between outer net and Intranet so that it is determined that the secure file of Intranet will be uploaded to.
Wherein, in one embodiment, it is local that file destination can be downloaded to outer net file-swapping service device, and at this
Ground caches the file destination.
Optionally, in another embodiment, when further including corresponding to S15 in this document switching task to store path
Under file/listed files carry out virus scan information when, when executing S21, according to the system in the embodiment of the present invention, this is outer
Online article part swap server is also used to carry out virus scan to the file destination of caching, deletes the virus found in cache file
File, and record virus scan result information, that is, which file is that virus does not upload, which can be with
It is seen as audit information to user, wherein which text user can directly determine by checking audit information on the server
Part is not uploaded.In this way, passing through virus scan, so that it may obtain safe file destination.
In this way, by carrying out virus scan to file to be transmitted, it is ensured that the network environment of Intranet is not because of intranet and extranet
Between exchange files and be contaminated, ensure that the safety of network environment.
Then, S103, the outer net file-swapping service device send the target text by the described first unidirectional gateway 15
Part is to the Intranet file-swapping service device;
In addition, in the present embodiment, S104, the outer net exchange files clothes can also be performed in outer net file-swapping service device
The file destination (can be the target by filtering with obtaining after virus scan by the described first unidirectional gateway 15 by business device
File), it is the Intranet file server information of Intranet file-swapping service device, described when the file destination is uploaded to the Intranet
Upload path when file server is sent to the Intranet swap server;
Wherein, the Intranet file server information, upload path can be extracted from exchange files task.
Wherein, each information in the file destination and S104 uploaded in S103 can pass through the first unidirectional gateway 15 together
It is uploaded to Intranet swap server.
It wherein, in example 1, can be by S31 and S32 come real when outer online article part swap server executes S104
It is existing:
S31, the outer net file-swapping service device are also used to carry out piecemeal processing to the file destination, obtain multiple
Data block, by the file information of the file destination, upper when the file destination is uploaded to the Intranet file server
The Intranet file server information for passing path and the Intranet file server is encapsulated with each data block, obtains multiple data
Packet;
That is, be divided into multiple data blocks for for file destination, when dividing data block, blocks of files it is big
It is small any division, such as file size equal part, non-equal part etc. to be carried out according to the partition strategy of known file block.And it is different
The partition strategy of the blocks of files of file destination can be identical or different.
Then, each data block of a file destination is packaged, when encapsulation can be by the text of the file destination
Part information, the upload path when the file destination is uploaded to the Intranet file server and the Intranet file service
The Intranet file server information of device is encapsulated into each data packet.
Wherein, this document information may include the attribute information of the files such as file name, file size.
Optionally, in another embodiment, when the quantity of file destination is multiple, i.e., this document switching task is corresponding
The quantity of file to be exchanged be multiple, then after in order to avoid carrying out piecemeal to file, data between different target file
Block is mutually obscured, and Intranet file-swapping service device side can not distinguish, and here, the outer net exchange files of the embodiment of the present invention take
Business device can also distribute file identification to each file destination, wherein the file information of each file destination includes corresponding to
The file identification of file destination.
In this manner it is possible to determine which the data block in the data packet belongs to by the file information carried in data packet
File, since the file identification of each file destination is unique.
Optionally, in one embodiment, it (is handed over that is, being buffered in outer net file in above-described embodiment to file destination
Change the cache file of server local) carry out piecemeal when, outer net file-swapping service device can also to each data block be arranged only
One block identification when so that packet loss occurs, can make outer net file-swapping service device timely retransmit the data packet of loss.
S32, the outer net file-swapping service device are also used to send the multiple number by the described first unidirectional gateway 15
According to packet to the Intranet file server.
When due to transmitting the single cache file for corresponding to file destination by unidirectional gateway, file is larger, is easy unidirectional
Transmission failure when transmitting at gateway causes data exchange failure rate high, and system stability is poor, therefore, in embodiments of the present invention,
The outer net file-swapping service device is when being transmitted to the Intranet file-swapping service device for file destination, the outer net file
Swap server is also used to carry out the transmission of file destination in a manner of multiple data packets to file destination piecemeal processing,
To reduce data exchange failure rate, lifting system stability.
After the embodiment of the present invention is by carrying out piecemeal processing to the file destination of transmission, it is sent to via unidirectional gateway interior
Net, even if outer net file-swapping service device side may be used also so that data packet the case where packet loss occurs when sending by unidirectional gateway
To be retransmitted at any time for the single data packet lost, data exchange failure rate can be reduced with lifting system stability.
S105, the Intranet file-swapping service device, for receiving the target text by the described first unidirectional gateway 15
The file destination is simultaneously uploaded to the Intranet file server by part;
Wherein, in the present embodiment, when executing S105, Intranet file-swapping service device can pass through following steps S41
~S43 is realized:
S41, the Intranet file-swapping service device, for receiving the target text by the described first unidirectional gateway 15
Part, the Intranet file server Intranet file server information, described be uploaded to the interior online article when the file destination
Upload path when part server;
Wherein, on the basis of the above embodiment 1, when executing S41, the Intranet file-swapping service device, for leading to
It crosses the described first unidirectional gateway 15 and receives multiple data packets from the outer net file-swapping service device, to the multiple data
Packet is parsed, and obtains the file information of the file destination of multiple data blocks, corresponding the multiple data block, when the mesh
Mark file is uploaded to the Intranet file service for uploading path and the Intranet file server when Intranet file server
Device information.
In example 1, the Intranet file-swapping service device is also used to determine multiple numbers according to the file information
According to the data block for belonging to file destination in block, cache file is written into multiple data blocks of the file destination.
Wherein, the file name of the data block of same file is consistent, file identification is consistent due to being subordinated to,
And in this document information may include file name, file identification etc., therefore, can according to the file information in data packet come
Determine which data block belongs to the same file destination, so that the database for being subordinated to the same file destination is written to Intranet
In the local cache of file-swapping service device.
Optionally, in another embodiment, since the one or more file destinations downloaded after filtering are cachings
Local in outer online article part swap server, therefore, in the present embodiment, outer net file-swapping service device can also be by target text
Part is in the file information that the buffer address on outer online article part swap server is written to file destination, so that the text of file destination
Part information includes buffer address of the file destination on the outer net file-swapping service device.
The so described Intranet file-swapping service device when cache file is written in multiple data blocks of the file destination,
Cache file can be being locallyd create according to the buffer address in the file information, and by multiple numbers of the file destination
The cache file is written according to block.
In this way, the file destination that outer net file-swapping service device is downloaded from outer net file server, net exchange files outside
Buffer address on server, when being transmitted to Intranet file-swapping service device with the file destination, net file-swapping service inside
Buffer address on device is consistent, when so that multiple files in an exchange files task transmit between intranet and extranet,
Local management is carried out convenient for file destination of the Intranet file-swapping service device side to exchange.
S42, the Intranet file-swapping service device are used for according to the Intranet file server information, with the Intranet
File server establishes connection;
Wherein, Intranet file-swapping service device can be according to the Intranet file server in Intranet file server information
The address ip, port numbers, protocol type, account, password with the Intranet file server establish connection.
S43, the Intranet file-swapping service device, for according to the upload path, the file destination to be uploaded to
At upload path in the Intranet file server of connection.
That is, Intranet file-swapping service device, can be Intranet file server, i.e. the second file server 12
After connection, the file destination from outer net file-swapping service device received is uploaded into the upper of second file server 12
Pass path at, exchange files task of the upload path due to being derived from starting, which specify file destination will including
Specific storage location on net file server.
Wherein, on the basis of the above embodiment 1, when executing S43, the Intranet file-swapping service device is used for root
According to the upload path, the data content in the cache file is uploaded to upper in the Intranet file server of connection
It passes at path.
S106, the Intranet file-swapping service device are also used to by the described second unidirectional gateway 16 that the target is literary
The upload result (information including uploading successfully or uploading failure) of part is sent to the outer net file-swapping service device.
Wherein, which can also carry above-mentioned cache file, the i.e. file identification of file destination.If target
File uploads successfully, then sending indicates to upload successfully upload as a result, opposite send indicates to upload the upload result to fail.
Two unidirectional gateways, the letter between two networks is arranged in the embodiment of the present invention between first network and the second network
Breath transmission requires to ensure that the safety of the data of transmission to form a data loop via corresponding unidirectional gateway;And
And acted on behalf of by the way that predetermined server is respectively set as one in two network sides, to realize the exchange files between heterogeneous networks,
In the case where guaranteeing the safety of Intranet or outer net institute mutual files data, the exchange files between different network environments are realized.
The system of the embodiment of the present invention is described in detail by the file data transfer in outer net into Intranet in above-described embodiment
File server process, and as the process of the file server by the file data transfer in Intranet into outer net with it is upper
The principle for stating process is similar, only exchanges the work of outer net file-swapping service device and Intranet file-swapping service device here not
It repeats again.
By means of the technical solution of the above embodiment of the present invention, the present invention passes through literary in the source of file to be transmitted by user
Configuration file switching task on part swap server, source file-swapping service device execute exchange files task, are handed over according to file
The mission bit stream changed in task determines source file server, source file destination, target side file server, target side target
The upload path of file, and connect source file server and therefrom obtain file destination to source file-swapping service device;With
And the operation such as filtering of file is carried out according to the filtering policy information in exchange files task, the file destination that will eventually determine is slow
It is stored to source file-swapping service device, file destination is taken by the exchange files that the first unidirectional gateway 15 is dealt into target side network
File destination is uploaded to the target side file service of target side network by business device processing, the file-swapping service device of target side network
The upload path of device sends the file-swapping service for uploading result to source-end networks by the second unidirectional gateway 16 after the completion of uploading
Device completes the secure exchange of the file data between physically-isolated heterogeneous networks.
In addition, the system of the embodiment of the present invention utilize above-mentioned two unidirectional gateways, it is ensured that heterogeneous networks it
Between be in physical segregation state, and the transmission of data is at unidirectionally.All exchange files tasks are existed by user
It is configured on file-swapping service device, and can be by selecting the first specified file server 11, the second file server
12, file destination on the first file server 11 store path and file destination on the second file server 12
Path, filtering policy information, virus scan etc. are uploaded, to filter out the sensitive document data in store path, filter virus
File, and specified file is only exchanged, it ensure that the secure exchange of the file between heterogeneous networks.
In addition, the embodiment of the present invention is matched on file-swapping service device by the way that file-swapping service device is clearing agent
The relevant information for setting source file server and target side file server, to the respective protocol type of source file server
File destination carries out dissection process, and file destination is removed from agreement, the file storage after getting parsing to exchange files
Server local, then file destination is transferred to target side file-swapping service device by source file server;Again by target side
File-swapping service device, will be on file destination according to the protocol type for the target side file server that will store the file destination
Target side file server is passed to, realizes the exchange files between the file server of different agreement.
It is described herein according to the system in the embodiment of the present invention come realize will be in public security outer net in a specific example
Process of the exchange files to Intranet.
Some concerning security matters mechanisms, such as public security system, network and internet inside usual public security are physical isolations, but public
Many business of peace need the file data of external some application acquisitions, can be real well using the system of the embodiment of the present invention
Existing secure exchange of the file data between outer net and Intranet.Realize that steps are as follows:
Prepare two file-swapping service devices and two unidirectional gateways;One ftp file server, a Samba service
Device;Ftp server is placed on outer net and is placed in outer net;Samba server is placed on Intranet;Two unidirectional gateways, one as upper
Row gateway receives intranet data, and data is sent to outer net;One downlink gateway receives outer network data, and data is sent to interior
Net;
The new files switching task on outer online article part swap server configures the server of source outer net ftp server
Routing information, file filter strategy, the target side Intranet Samba clothes of information and its file to be transmitted on the ftp server
The server info and this document of business device routing information to be stored (i.e. above-mentioned upload path), text on the Samba server
Starting period of part switching task etc..
Running environment is built according to the process step of above-described embodiment outer net file can be realized and upload to public security Intranet, have
Body is referring to the detailed description of the above system embodiment, and which is not described herein again.
In another specific example, when Intranet is wanted to obtain the confidential document of outer net, basic procedure shows with above-mentioned
Example is identical, differs only in outer net and wants to obtain the file data of Intranet, then then needing in configuration file switching task
It is configured on the file-swapping service device of public security Intranet, and input data source is Samba server, output data source is FTP clothes
Business device.
It should be noted that for simple description, therefore, it is stated as a series of action groups for system embodiment
It closes, but those skilled in the art should understand that, embodiment of that present invention are not limited by the describe sequence of actions, because according to
According to the embodiment of the present invention, some steps may be performed in other sequences or simultaneously.Secondly, those skilled in the art also should
Know, the embodiments described in the specification are all preferred embodiments, and the related movement not necessarily present invention is implemented
Necessary to example.
It is corresponding with system provided by the embodiments of the present invention, referring to Fig. 2, show a kind of data interaction of the present invention
The step flow chart of embodiment of the method, this method are applied to data interaction system shown in FIG. 1, and the system is as shown in Figure 1, tool
Body includes the first file server 11, the second file server 12, the first predetermined server 13, the second predetermined server 14, the
One unidirectional gateway 15 and the second unidirectional gateway 16, wherein first file server 11 and first predetermined server 13
It is respectively positioned on first network, second file server 12 and second predetermined server 14 are respectively positioned on the second network, and institute
First network and second network physical isolation are stated, can specifically include following steps:
Step 201, first predetermined server 13 is according to the exchange files task of starting from first file service
Device 11 obtains file destination to be exchanged;
Step 202, first predetermined server 13 sends the file destination extremely by the described first unidirectional gateway 15
Second predetermined server 14;
Step 203, second predetermined server 14 receives the file destination simultaneously by the described first unidirectional gateway 15
The file destination is uploaded to second file server 12;
Step 204, second predetermined server 14 passes through the described second unidirectional gateway 16 for the upper of the file destination
It passes result and is sent to first predetermined server 13.
Optionally, before executing step 201, further include according to the method for the embodiment of the present invention:
First predetermined server 13 receives the task configuration-direct of user, according to the newly-built text of the task configuration-direct
Part switching task, wherein the exchange files task include at least first file server 11 first server information,
The second server information of second file server 12, file destination to be exchanged are on first file server 11
Store path, the upload path when the file destination is uploaded to second file server 12;
, can be when the exchange files task start when executing step 201,13 basis of the first predetermined server
First server information in the exchange files task establishes connection with first file server 11;Described first is pre-
If server 13 is obtained from the first file server 11 of connection wait hand over according to the store path in the exchange files task
The file destination changed;
First predetermined server 13 is according to the store path in the exchange files task, from the first file of connection
After obtaining file destination to be exchanged in server 11, method according to embodiments of the present invention further includes:
First predetermined server 13 is by the described first unidirectional gateway 15 by the of second file server 12
Two server infos, the upload path when the file destination is uploaded to second file server 12, are sent to
Second predetermined server 14;
When executing step 203, can be accomplished by the following way:
Second predetermined server 14 receives the file destination, second text by the described first unidirectional gateway 15
It is the second server information of part server 12, described upper when the file destination is uploaded to second file server 12
Pass path;
Second predetermined server 14 is established according to the second server information with second file server 12
Connection;
The file destination is uploaded to described in connection by second predetermined server 14 according to the upload path
At upload path in second file server 12.
Optionally, the exchange files task further includes file filter policy information;
First predetermined server 13 is according to the store path in the exchange files task, from the first file of connection
File destination to be exchanged is obtained in server 11, including:
First predetermined server 13 is according to the store path in the exchange files task, from the first file of connection
The file information of the listed files of the corresponding store path is obtained in server 11;
The file information and the file filter policy information of first predetermined server 13 according to the listed files,
The file information filtering is carried out to the file information of the listed files, obtains the file information of file destination;
First predetermined server 13 is according to the file information of the file destination, from the first file server of connection
The file destination of the corresponding store path is obtained in 11.
Optionally, first predetermined server 13 passes through the described first unidirectional gateway 15 for second file server
12 second server information, the upload path when the file destination is uploaded to second file server 12,
It is sent to second predetermined server 14, including:
First predetermined server 13 carries out piecemeal processing to the file destination, obtains multiple data blocks, will be described
The file information of file destination, the upload path when the file destination is uploaded to second file server 12 and described
The second server information of second file server 12 is encapsulated with each data block, obtains multiple data packets;
First predetermined server 13 sends the multiple data packet to described by the described first unidirectional gateway 15
Two predetermined servers 14;
Second predetermined server 14 receives the file destination, second text by the described first unidirectional gateway 15
It is the second server information of part server 12, described upper when the file destination is uploaded to second file server 12
Path is passed, including:
Second predetermined server 14 is received by the described first unidirectional gateway 15 and comes from first predetermined server
13 multiple data packets, parse the multiple data packet, obtain the institute of multiple data blocks, corresponding the multiple data block
State the file information of file destination, the upload path when the file destination is uploaded to the Intranet file server and described
The second server information of second file server 12;
Further include according to the method for the embodiment of the present invention:
Second predetermined server 14 determines the number for belonging to file destination in multiple data blocks according to the file information
According to block, cache file is written into multiple data blocks of the file destination;
The file destination is uploaded to described in connection by second predetermined server 14 according to the upload path
At upload path in second file server 12, including:
Data content in the cache file is uploaded to by second predetermined server 14 according to the upload path
At upload path in second file server 12 of connection.
Optionally, when the quantity of the file destination is multiple, first predetermined server 13 is to the target text
Part carries out piecemeal processing, obtains multiple data blocks, is uploaded to institute by the file information of the file destination, when the file destination
The second server information for uploading path and second file server 12 when stating the second file server 12 is and each
Data block encapsulation, before obtaining multiple data packets, the method also includes:
First predetermined server 13 distributes file identification to each file destination, wherein the institute of each file destination
State the file identification that the file information includes corresponding file destination.
Optionally, the file information of the file destination includes the file destination in first predetermined server 13
Buffer address, second predetermined server 14 received by the described first unidirectional gateway 15 and comes from first preset service
Multiple data packets of device 13, parse the multiple data packet, obtain multiple data blocks, correspond to the multiple data block
The file information of the file destination, the upload path when the file destination is uploaded to the Intranet file server and institute
After the second server information for stating the second file server 12, the method also includes:
Second predetermined server 14 is localling create cache file according to the buffer address in the file information,
And the cache file is written into multiple data blocks of the file destination.
Optionally, the quantity of the file destination is one or more.
Optionally, when the first network is Intranet, second network is outer net;When the first network is outer net
When, second network is Intranet.
For embodiment of the method, since it is substantially similar to system embodiment, so be described relatively simple, it is related
Place illustrates referring to the part of system embodiment.
All the embodiments in this specification are described in a progressive manner, the highlights of each of the examples are with
The difference of other embodiments, the same or similar parts between the embodiments can be referred to each other.
It should be understood by those skilled in the art that, the embodiment of the embodiment of the present invention can provide as method, apparatus or calculate
Machine program product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine software and
The form of the embodiment of hardware aspect.Moreover, the embodiment of the present invention can be used one or more wherein include computer can
With in the computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) of program code
The form of the computer program product of implementation.
The embodiment of the present invention be referring to according to the method for the embodiment of the present invention, terminal device (system) and computer program
The flowchart and/or the block diagram of product describes.It should be understood that flowchart and/or the block diagram can be realized by computer program instructions
In each flow and/or block and flowchart and/or the block diagram in process and/or box combination.It can provide these
Computer program instructions are set to general purpose computer, special purpose computer, Embedded Processor or other programmable data processing terminals
Standby processor is to generate a machine, so that being held by the processor of computer or other programmable data processing terminal devices
Capable instruction generates for realizing in one or more flows of the flowchart and/or one or more blocks of the block diagram
The device of specified function.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing terminal devices
In computer-readable memory operate in a specific manner, so that instruction stored in the computer readable memory generates packet
The manufacture of command device is included, which realizes in one side of one or more flows of the flowchart and/or block diagram
The function of being specified in frame or multiple boxes.
These computer program instructions can also be loaded into computer or other programmable data processing terminal devices, so that
Series of operation steps are executed on computer or other programmable terminal equipments to generate computer implemented processing, thus
The instruction executed on computer or other programmable terminal equipments is provided for realizing in one or more flows of the flowchart
And/or in one or more blocks of the block diagram specify function the step of.
Although the preferred embodiment of the embodiment of the present invention has been described, once a person skilled in the art knows bases
This creative concept, then additional changes and modifications can be made to these embodiments.So the following claims are intended to be interpreted as
Including preferred embodiment and fall into all change and modification of range of embodiment of the invention.
Finally, it is to be noted that, herein, relational terms such as first and second and the like be used merely to by
One entity or operation are distinguished with another entity or operation, without necessarily requiring or implying these entities or operation
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant meaning
Covering non-exclusive inclusion, so that process, method, article or terminal device including a series of elements not only wrap
Those elements are included, but also including other elements that are not explicitly listed, or further includes for this process, method, article
Or the element that terminal device is intrinsic.In the absence of more restrictions, being wanted by what sentence "including a ..." limited
Element, it is not excluded that there is also other identical elements in process, method, article or the terminal device for including the element.
Above to a kind of method for interchanging data provided by the present invention and a kind of data exchange system, detailed Jie has been carried out
It continues, used herein a specific example illustrates the principle and implementation of the invention, and the explanation of above embodiments is only
It is to be used to help understand method and its core concept of the invention;At the same time, for those skilled in the art, according to this hair
Bright thought, there will be changes in the specific implementation manner and application range, in conclusion the content of the present specification should not manage
Solution is limitation of the present invention.
Claims (16)
1. a kind of data interaction system, which is characterized in that the system comprises the first file server, the second file server,
First predetermined server, the second predetermined server, the first unidirectional gateway and the second unidirectional gateway, wherein the first file clothes
Business device and first predetermined server are respectively positioned on first network, second file server and second predetermined server
It is respectively positioned on the second network, and the first network and second network physical isolation;
First predetermined server, for being obtained from first file server wait hand over according to the exchange files task of starting
The file destination changed;
First predetermined server is also used to send the file destination by the described first unidirectional gateway to described second in advance
If server;
Second predetermined server, for by the described first unidirectional gateway receive the file destination and by the target it is literary
Part is uploaded to second file server;
Second predetermined server is also used to send the upload result of the file destination by the described second unidirectional gateway
To first predetermined server.
2. system according to claim 1, which is characterized in that
First predetermined server is also used to receive the task configuration-direct of user, newly-built according to the task configuration-direct
Exchange files task, wherein the exchange files task include at least first file server first server information,
The second server information of second file server, file destination to be exchanged depositing on first file server
Store up path, the upload path when the file destination is uploaded to second file server;
First predetermined server is used for when the exchange files task start, according in the exchange files task
First server information establishes connection with first file server;
First predetermined server, for according to the store path in the exchange files task, from the first file of connection
File destination to be exchanged is obtained in server;
First predetermined server is also used to the second clothes by the described first unidirectional gateway by second file server
It is engaged in device information, the upload path when the file destination is uploaded to second file server, is sent to described the
Two predetermined servers;
Second predetermined server, for receiving the file destination, second file by the described first unidirectional gateway
The second server information of server, the upload road when the file destination is uploaded to second file server
Diameter;
Second predetermined server, for establishing and connecting with second file server according to the second server information
It connects;
The file destination is uploaded to described the of connection for according to the upload path by second predetermined server
At upload path in two file servers.
3. system according to claim 2, which is characterized in that the exchange files task further includes file filter strategy letter
Breath;
First predetermined server is also used to according to the store path in the exchange files task, from the first text of connection
The file information of the listed files of the corresponding store path is obtained in part server;
First predetermined server is also used to be believed according to the file information of the listed files and the file filter strategy
Breath carries out the file information filtering to the file information of the listed files, obtains the file information of file destination;
First predetermined server, is also used to the file information according to the file destination, from the first file service of connection
The file destination of the corresponding store path is obtained in device.
4. system according to claim 2, which is characterized in that
First predetermined server is also used to carry out piecemeal processing to the file destination, obtains multiple data blocks, will be described
The file information of file destination, the upload path when the file destination is uploaded to second file server and described
The second server information of two file servers is encapsulated with each data block, obtains multiple data packets;
First predetermined server is also used to send the multiple data packet to described second by the described first unidirectional gateway
Predetermined server;
Second predetermined server is also used to receive by the described first unidirectional gateway from first predetermined server
Multiple data packets parse the multiple data packet, obtain the mesh of multiple data blocks, corresponding the multiple data block
Mark the file information, the upload path when the file destination is uploaded to the Intranet file server and described second of file
The second server information of file server;
Second predetermined server is also used to determine in multiple data blocks according to the file information and belong to file destination
Cache file is written in multiple data blocks of the file destination by data block;
Second predetermined server is also used to be uploaded the data content in the cache file according to the upload path
At upload path into second file server of connection.
5. system according to claim 4, which is characterized in that when the quantity of the file destination is multiple;
First predetermined server is also used to distribute file identification to each file destination, wherein the institute of each file destination
State the file identification that the file information includes corresponding file destination.
6. system according to claim 4, which is characterized in that the file information of the file destination includes the target text
Buffer address of the part in first predetermined server;
Second predetermined server is also used to localling create cache file according to the buffer address in the file information,
And the cache file is written into multiple data blocks of the file destination.
7. system according to claim 1, which is characterized in that the quantity of the file destination is one or more.
8. system according to claim 1, which is characterized in that when the first network is Intranet, second network
For outer net;When the first network is outer net, second network is Intranet.
9. a kind of data interactive method, which is characterized in that be applied to data interaction system, the system comprises the first file services
Device, the second file server, the first predetermined server, the second predetermined server, the first unidirectional gateway and the second unidirectional gateway,
In, first file server and first predetermined server are respectively positioned on first network, second file server and
Second predetermined server is respectively positioned on the second network, and the first network and second network physical isolation, the side
Method includes:
First predetermined server obtains according to the exchange files task of starting from first file server to be exchanged
File destination;
First predetermined server sends the file destination to second preset service by the described first unidirectional gateway
Device;
Second predetermined server receives the file destination by the described first unidirectional gateway and will be on the file destination
Reach second file server;
The upload result of the file destination is sent to described by second predetermined server by the described second unidirectional gateway
First predetermined server.
10. according to the method described in claim 9, it is characterized in that,
First predetermined server obtains according to the exchange files task of starting from first file server to be exchanged
Before file destination, the method also includes:
First predetermined server receives the task configuration-direct of user, is exchanged according to the task configuration-direct new files
Task, wherein the exchange files task includes at least the first server information of first file server, described second
Store path of the second server information, file destination to be exchanged of file server on first file server,
Upload path when the file destination is uploaded to second file server;
First predetermined server obtains according to the exchange files task of starting from first file server to be exchanged
File destination, including:
When the exchange files task start, first predetermined server is according to the first clothes in the exchange files task
Business device information, establishes connection with first file server;
First predetermined server is according to the store path in the exchange files task, from the first file server of connection
It is middle to obtain file destination to be exchanged;
First predetermined server is according to the store path in the exchange files task, from the first file server of connection
After middle acquisition file destination to be exchanged, the method also includes:
First predetermined server is believed the second server of second file server by the described first unidirectional gateway
It is default to be sent to described second for breath, the upload path when the file destination is uploaded to second file server
Server;
Second predetermined server receives the file destination by the described first unidirectional gateway and will be on the file destination
Second file server is reached, including:
Second predetermined server receives the file destination, second file server by the described first unidirectional gateway
Second server information, the upload path when the file destination is uploaded to second file server;
Second predetermined server establishes connection according to the second server information, with second file server;
The file destination is uploaded to second text of connection according to the upload path by second predetermined server
At upload path in part server.
11. according to the method described in claim 10, it is characterized in that, the exchange files task further includes file filter strategy
Information;
First predetermined server is according to the store path in the exchange files task, from the first file server of connection
Middle acquisition file destination to be exchanged, including:
First predetermined server is according to the store path in the exchange files task, from the first file server of connection
The file information of the middle listed files for obtaining the corresponding store path;
The file information and the file filter policy information of first predetermined server according to the listed files, to described
The file information of listed files carries out the file information filtering, obtains the file information of file destination;
First predetermined server is obtained from the first file server of connection according to the file information of the file destination
The file destination of the corresponding store path.
12. according to the method described in claim 10, it is characterized in that,
First predetermined server is believed the second server of second file server by the described first unidirectional gateway
It is default to be sent to described second for breath, the upload path when the file destination is uploaded to second file server
Server, including:
First predetermined server carries out piecemeal processing to the file destination, obtains multiple data blocks, by the target text
The file information of part, the upload path when the file destination is uploaded to second file server and second file
The second server information of server is encapsulated with each data block, obtains multiple data packets;
First predetermined server sends the multiple data packet to the described second default clothes by the described first unidirectional gateway
Business device;
Second predetermined server receives the file destination, second file server by the described first unidirectional gateway
Second server information, the upload path when the file destination is uploaded to second file server, including:
Second predetermined server receives multiple numbers from first predetermined server by the described first unidirectional gateway
According to packet, the multiple data packet is parsed, obtains the file destination of multiple data blocks, corresponding the multiple data block
The file information, the upload path when the file destination is uploaded to the Intranet file server and second file clothes
The second server information of business device;
The method also includes:
Second predetermined server determines the data block for belonging to file destination in multiple data blocks according to the file information,
Cache file is written into multiple data blocks of the file destination;
The file destination is uploaded to second text of connection according to the upload path by second predetermined server
At upload path in part server, including:
Second predetermined server is uploaded to connection according to the upload path, by the data content in the cache file
At upload path in second file server.
13. according to the method for claim 12, which is characterized in that described when the quantity of the file destination is multiple
First predetermined server carries out piecemeal processing to the file destination, multiple data blocks is obtained, by the file of the file destination
Information uploads path and second file server when the file destination is uploaded to second file server
Second server information is encapsulated with each data block, before obtaining multiple data packets, the method also includes:
First predetermined server distributes file identification to each file destination, wherein the file of each file destination
Information includes the file identification of corresponding file destination.
14. according to the method for claim 12, which is characterized in that the file information of the file destination includes the target
Buffer address of the file in first predetermined server, second predetermined server are connect by the described first unidirectional gateway
Receive multiple data packets from first predetermined server, the multiple data packet is parsed, obtain multiple data blocks,
The file information of the file destination of corresponding the multiple data block takes when the file destination is uploaded to the Intranet file
After the second server information for uploading path and second file server when business device, the method also includes:
Second predetermined server is localling create cache file according to the buffer address in the file information, and by institute
The cache file is written in the multiple data blocks for stating file destination.
15. according to the method described in claim 9, it is characterized in that, the quantity of the file destination is one or more.
16. according to the method described in claim 9, it is characterized in that, when the first network be Intranet when, second network
For outer net;When the first network is outer net, second network is Intranet.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810420789.4A CN108881158A (en) | 2018-05-04 | 2018-05-04 | Data interaction system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810420789.4A CN108881158A (en) | 2018-05-04 | 2018-05-04 | Data interaction system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108881158A true CN108881158A (en) | 2018-11-23 |
Family
ID=64326954
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810420789.4A Pending CN108881158A (en) | 2018-05-04 | 2018-05-04 | Data interaction system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108881158A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109547162A (en) * | 2018-12-06 | 2019-03-29 | 普康迪(北京)数码科技股份有限公司 | Data communications method based on two sets of unidirectional boundaries |
| CN110891052A (en) * | 2019-11-06 | 2020-03-17 | 北京吉威数源信息技术有限公司 | Cross-network query system and method for spatial data of natural resources |
| CN111083158A (en) * | 2019-12-26 | 2020-04-28 | 深圳市东晟数据有限公司 | Processing method and system for bidirectional message transmission through two unidirectional network gates |
| WO2020206904A1 (en) * | 2019-04-12 | 2020-10-15 | 平安科技(深圳)有限公司 | File transmission method and system, and storage medium |
| CN112073442A (en) * | 2020-11-11 | 2020-12-11 | 杭州云嘉云计算有限公司 | Data transmission method and monitoring system based on double one-way protocol mutual conversion channel |
| CN112217848A (en) * | 2019-07-11 | 2021-01-12 | 千寻位置网络有限公司 | Emergency positioning method and system thereof |
| CN112565393A (en) * | 2020-12-01 | 2021-03-26 | 平安科技(深圳)有限公司 | File uploading method, file downloading method, file uploading device, file downloading device, computer equipment and storage medium |
| CN112583918A (en) * | 2020-12-11 | 2021-03-30 | 广州润普网络科技有限公司 | Intranet and extranet document interaction system, method and storage medium |
| CN112835972A (en) * | 2019-11-22 | 2021-05-25 | 北京中电普华信息技术有限公司 | Method and system for synchronizing unstructured data |
| CN112866351A (en) * | 2020-12-31 | 2021-05-28 | 成都佳华物链云科技有限公司 | Data interaction method, device, server and storage medium |
| CN115242422A (en) * | 2022-05-17 | 2022-10-25 | 阿里巴巴(中国)有限公司 | Data intercommunication processing method and device and information management system |
| CN115277149A (en) * | 2022-07-21 | 2022-11-01 | 北京天融信网络安全技术有限公司 | Security domain communication method and device, electronic equipment and storage medium |
| CN116846546A (en) * | 2023-04-24 | 2023-10-03 | 广州智臣信息科技有限公司 | Information loss-proof and repetition-proof cross-network data exchange system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020038371A1 (en) * | 2000-08-14 | 2002-03-28 | Spacey Simon Alan | Communication method and system |
| CN102404182A (en) * | 2010-09-07 | 2012-04-04 | 中国移动通信集团公司 | Transmission control method and device |
| CN104104651A (en) * | 2013-04-02 | 2014-10-15 | 杭州市电力局 | Data processing method, device and electric vehicle network management system |
| US20140337407A1 (en) * | 2013-05-10 | 2014-11-13 | Owl Computing Technologies, Inc. | Nfs storage via multiple one-way data links |
| CN105282174A (en) * | 2015-11-10 | 2016-01-27 | 浪潮(北京)电子信息产业有限公司 | Secure transmission system and method |
| CN107454094A (en) * | 2017-08-23 | 2017-12-08 | 北京明朝万达科技股份有限公司 | A kind of data interactive method and system |
-
2018
- 2018-05-04 CN CN201810420789.4A patent/CN108881158A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020038371A1 (en) * | 2000-08-14 | 2002-03-28 | Spacey Simon Alan | Communication method and system |
| CN102404182A (en) * | 2010-09-07 | 2012-04-04 | 中国移动通信集团公司 | Transmission control method and device |
| CN104104651A (en) * | 2013-04-02 | 2014-10-15 | 杭州市电力局 | Data processing method, device and electric vehicle network management system |
| US20140337407A1 (en) * | 2013-05-10 | 2014-11-13 | Owl Computing Technologies, Inc. | Nfs storage via multiple one-way data links |
| CN105282174A (en) * | 2015-11-10 | 2016-01-27 | 浪潮(北京)电子信息产业有限公司 | Secure transmission system and method |
| CN107454094A (en) * | 2017-08-23 | 2017-12-08 | 北京明朝万达科技股份有限公司 | A kind of data interactive method and system |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109547162B (en) * | 2018-12-06 | 2021-06-29 | 普康迪(北京)数码科技股份有限公司 | Data communication method based on two sets of one-way boundaries |
| CN109547162A (en) * | 2018-12-06 | 2019-03-29 | 普康迪(北京)数码科技股份有限公司 | Data communications method based on two sets of unidirectional boundaries |
| WO2020206904A1 (en) * | 2019-04-12 | 2020-10-15 | 平安科技(深圳)有限公司 | File transmission method and system, and storage medium |
| CN112217848A (en) * | 2019-07-11 | 2021-01-12 | 千寻位置网络有限公司 | Emergency positioning method and system thereof |
| CN112217848B (en) * | 2019-07-11 | 2022-04-19 | 千寻位置网络有限公司 | Emergency positioning method and system thereof |
| CN110891052A (en) * | 2019-11-06 | 2020-03-17 | 北京吉威数源信息技术有限公司 | Cross-network query system and method for spatial data of natural resources |
| CN112835972A (en) * | 2019-11-22 | 2021-05-25 | 北京中电普华信息技术有限公司 | Method and system for synchronizing unstructured data |
| CN112835972B (en) * | 2019-11-22 | 2024-04-16 | 北京中电普华信息技术有限公司 | Unstructured data synchronization method and system |
| CN111083158B (en) * | 2019-12-26 | 2022-03-08 | 深圳市东晟数据有限公司 | Processing method and system for bidirectional message transmission through two unidirectional network gates |
| CN111083158A (en) * | 2019-12-26 | 2020-04-28 | 深圳市东晟数据有限公司 | Processing method and system for bidirectional message transmission through two unidirectional network gates |
| CN112073442A (en) * | 2020-11-11 | 2020-12-11 | 杭州云嘉云计算有限公司 | Data transmission method and monitoring system based on double one-way protocol mutual conversion channel |
| CN112565393B (en) * | 2020-12-01 | 2024-01-05 | 平安科技(深圳)有限公司 | File uploading method, downloading method, device, computer equipment and storage medium |
| CN112565393A (en) * | 2020-12-01 | 2021-03-26 | 平安科技(深圳)有限公司 | File uploading method, file downloading method, file uploading device, file downloading device, computer equipment and storage medium |
| CN112583918A (en) * | 2020-12-11 | 2021-03-30 | 广州润普网络科技有限公司 | Intranet and extranet document interaction system, method and storage medium |
| CN112583918B (en) * | 2020-12-11 | 2022-11-18 | 广州润普网络科技有限公司 | Intranet and extranet document interaction system, method and storage medium |
| CN112866351A (en) * | 2020-12-31 | 2021-05-28 | 成都佳华物链云科技有限公司 | Data interaction method, device, server and storage medium |
| CN115242422A (en) * | 2022-05-17 | 2022-10-25 | 阿里巴巴(中国)有限公司 | Data intercommunication processing method and device and information management system |
| CN115242422B (en) * | 2022-05-17 | 2024-01-02 | 阿里巴巴(中国)有限公司 | Data intercommunication processing method and device and informationized management system |
| CN115277149B (en) * | 2022-07-21 | 2023-09-26 | 北京天融信网络安全技术有限公司 | Security domain communication method and device, electronic equipment and storage medium |
| CN115277149A (en) * | 2022-07-21 | 2022-11-01 | 北京天融信网络安全技术有限公司 | Security domain communication method and device, electronic equipment and storage medium |
| CN116846546A (en) * | 2023-04-24 | 2023-10-03 | 广州智臣信息科技有限公司 | Information loss-proof and repetition-proof cross-network data exchange system |
| CN116846546B (en) * | 2023-04-24 | 2024-03-22 | 广州智臣信息科技有限公司 | Information loss-proof and repetition-proof cross-network data exchange system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108881158A (en) | Data interaction system and method | |
| US10868893B2 (en) | Network interface device | |
| CN103650436B (en) | Service path distribution method, router and business perform entity | |
| CN110572460B (en) | Data transmission method and device based on block chain system and computer equipment | |
| CN107409089A (en) | Business function login mechanism and ability authorized index | |
| CN106105115A (en) | The service chaining originated by service node in network environment | |
| CN107078957A (en) | The link of network service function in communication network | |
| EP2833585B1 (en) | Communication system, upper layer switch, control device, switch control method, and program | |
| CN106453474A (en) | Network transfer of large files in unstable network environments | |
| CN104394080A (en) | Method and device for achieving function of security group | |
| CN108964880A (en) | A kind of data transmission method and device | |
| CN108933774A (en) | Data interaction system and method | |
| CN106850568B (en) | Session aging method and device of multi-channel protocol | |
| CN102780779A (en) | Gateway equipment and method and device for optimization of campus network export P2P (peer-to-peer) traffic | |
| US9871848B1 (en) | Integration engine for communications between source and target applications | |
| US20150127837A1 (en) | Relay apparatus and data transfer method | |
| Makowski et al. | Evaluation of virtualization and traffic filtering methods for container networks | |
| CN106878072A (en) | A kind of message transmitting method and device | |
| CN109417556B (en) | System and method for secure service collaboration | |
| US10999303B2 (en) | Capturing data | |
| CN102315918B (en) | Method and device for intercommunicating TCP (Transmission Control Protocol) connection with SCTP (Stream Control Transmission Protocol) connection | |
| CN108306934A (en) | A kind of cross-server document transmission method and system | |
| CN110609746B (en) | Method, apparatus and computer readable medium for managing network system | |
| CN112637081A (en) | Bandwidth speed limiting method and device | |
| CN114422160B (en) | Virtual firewall setting method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181123 |