CN109246056A - Data safe transmission method and its device - Google Patents

Data safe transmission method and its device Download PDF

Info

Publication number
CN109246056A
CN109246056A CN201710558047.3A CN201710558047A CN109246056A CN 109246056 A CN109246056 A CN 109246056A CN 201710558047 A CN201710558047 A CN 201710558047A CN 109246056 A CN109246056 A CN 109246056A
Authority
CN
China
Prior art keywords
target data
buffer area
data
sent
cached
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710558047.3A
Other languages
Chinese (zh)
Inventor
张艺
张弛
王发平
其他发明人请求不公开姓名
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BYD Co Ltd
Original Assignee
BYD Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BYD Co Ltd filed Critical BYD Co Ltd
Priority to CN201710558047.3A priority Critical patent/CN109246056A/en
Publication of CN109246056A publication Critical patent/CN109246056A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/162Implementing security features at a particular protocol layer at the data link layer

Abstract

The present invention proposes a kind of data safe transmission method and device, for in closed type track traffic communications system, method includes: to obtain target data to be transmitted, and target data is cached gradually into the first buffer area and the second buffer area, target data is read from the second buffer area, target data is handled using the first track traffic signal secure communication protocols being mutually redundant, by treated, target data is cached in third buffer area, is sent from the target data after reading process in third buffer area.In the present embodiment, due to being provided with multiple buffer areas, the application program of equipment, the network architecture and communication interface, that is, link layer can be carried out to layering isolation, RSSP- Ι has been packaged in the network architecture, can guarantee the safe transfer of data itself.Since function carries out layering isolation, the network architecture is no longer defined in specific communication mode, can call a plurality of types of communication interfaces, so that the network architecture has portable and versatility.

Description

Data safe transmission method and its device
Technical field
The present invention relates to rail communication technical field more particularly to a kind of data safe transmission methods and its device.
Background technique
In track traffic communications system, there can be a threat of network security, there are data frames to repeat in transmission, data frame It loses, data frame is inserted into, data frame is not in the right order, data frame error, the risks such as data frame transfer time-out.In rail traffic, It receives there are the train of the data of above-mentioned risk, if continuing to be controlled or run according to these data, drives a vehicle The dangerous of safety.
In order to guarantee track traffic signal can in enclosed rail traffic communication system safe transmission, need according to First track traffic signal secure communication protocols (Railway Signal Safety Protocol, abbreviation RSSP- Ι) are to will pass Defeated data are handled, to improve the safety of data.
Summary of the invention
The present invention is directed to solve at least some of the technical problems in related technologies.
For this purpose, the first purpose of this invention is to propose a kind of data safe transmission method, by a portability, Versatility network protocol framework realizes safety-oriented data transfer during track traffic communication, improves the purpose of network security, uses In solving the existing Cyberthreat as present in rail traffic communication system the specified number evidence of transmission is gone wrong, Jin Erke The problem that traffic safety can be caused lower.
Second object of the present invention is to propose a kind of data security transmission device.
Third object of the present invention is to propose a kind of data security transmission device.
Fourth object of the present invention is to propose a kind of computer program product.
5th purpose of the invention is to propose a kind of non-transitorycomputer readable storage medium.
In order to achieve the above object, first aspect present invention embodiment proposes a kind of data safe transmission method, for closing In formula rail traffic communication system, which comprises
Target data to be transmitted is obtained, and the target data is buffered in the first buffer area;
The target data is read from first buffer area, and the target data is cached in protocol layer The second buffer area in;
Using the first track traffic signal secure communication protocols being mutually redundant in the protocol layer to the target Data are handled;
By treated, the target data is cached in the third buffer area in the protocol layer;
It is sent from the target data after reading process in the third buffer area.
Data safe transmission method provided in this embodiment, for passing through acquisition in closed type track traffic communications system Target data to be transmitted, and target data is successively cached in the first buffer area and the second buffer area, from the second buffer area Middle reading target data handles target data using the first track signal secure communication protocols being mutually redundant, will locate Target data after reason is cached to third and delays in buffer area, is sent out from the target data after reading process in third buffer area It send.It, can be by the application program, the network architecture and communication interface of equipment due to being provided with multiple buffer areas in the present embodiment I.e. link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself.Due to Function carries out layering isolation, and the network architecture is no longer defined in specific communication mode, can call a plurality of types of communication interfaces, So that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data receiver and hair It send, does not need the specific implementation of concern RSSP- Ι, be easy to user's use.
In order to achieve the above object, second aspect of the present invention embodiment proposes a kind of data security transmission device, for closing In formula rail traffic communication system, described device includes:
First cache layer is buffered in the first buffer area for obtaining target data to be transmitted, and by the target data In;
Protocol layer delays for reading the target data from first buffer area, and by the target data It is stored in the second buffer area, the target data is carried out using the first track traffic signal secure communication protocols being mutually redundant Processing, and the target data is cached in third buffer area by treated;
Data send layer, for being sent from the target data after reading process in the third buffer area.
Data security transmission device provided in this embodiment, for passing through acquisition in closed type track traffic communications system Target data to be transmitted, and target data is successively cached in the first buffer area and the second buffer area, from the second buffer area Middle reading target data is handled target data using the first track traffic signal secure communication protocols being mutually redundant, By treated, target data is cached in third buffer area, is sent out from the target data after reading process in third buffer area It send.It, can be by the application program, the network architecture and communication interface of equipment due to being provided with multiple buffer areas in the present embodiment I.e. link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself.Due to Function carries out layering isolation, and the network architecture is no longer defined in specific communication mode, can call a plurality of types of communication interfaces, So that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data receiver and hair It send, does not need the specific implementation of concern RSSP- Ι, be easy to user's use.
In order to achieve the above object, third aspect present invention embodiment proposes a kind of data security transmission device, including processor And memory;Wherein, processor is run and executable program generation by reading the executable program code stored in memory The corresponding program of code, for realizing the data safety transmission method as described in first aspect embodiment.
In order to achieve the above object, fourth aspect present invention embodiment proposes a kind of computer program product, work as computer program When instruction in product is executed by processor, the data safety transmission method as described in first aspect embodiment is executed.
In order to achieve the above object, fifth aspect present invention embodiment proposes a kind of non-transitorycomputer readable storage medium, It is stored thereon with computer program, the data as described in first aspect embodiment are realized when which is executed by processor Safe transmission method.
The additional aspect of the present invention and advantage will be set forth in part in the description, and will partially become from the following description Obviously, or practice through the invention is recognized.
Detailed description of the invention
Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments Obviously and it is readily appreciated that, in which:
Fig. 1 is a kind of flow diagram of data safe transmission method provided in an embodiment of the present invention;
Fig. 2 is a kind of one of schematic diagram of the network architecture provided in an embodiment of the present invention;
Fig. 3 is the flow diagram of another data safe transmission method provided in an embodiment of the present invention;
Fig. 4 is the two of a kind of schematic diagram of the network architecture provided in an embodiment of the present invention;
Fig. 5 is the flow diagram of another data safe transmission method provided in an embodiment of the present invention;
Fig. 6 is the three of a kind of schematic diagram of the network architecture provided in an embodiment of the present invention;
Fig. 7 is the four of a kind of schematic diagram of the network architecture provided in an embodiment of the present invention;
Fig. 8 is the flow diagram of another data safe transmission method provided in an embodiment of the present invention;
Fig. 9 is the schematic diagram of equipment room data provided in an embodiment of the present invention transmission;
Figure 10 is a kind of structural schematic diagram of data security devices provided in an embodiment of the present invention;
Figure 11 is the structural schematic diagram of another data security devices provided in an embodiment of the present invention.
Specific embodiment
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached The embodiment of figure description is exemplary, it is intended to is used to explain the present invention, and is not considered as limiting the invention.
Below with reference to the accompanying drawings the data safe transmission method and system of the embodiment of the present invention are described.
Fig. 1 is a kind of flow diagram of data safe transmission method provided in an embodiment of the present invention.As shown in Figure 1, should Data safe transmission method includes:
S101 obtains target data to be transmitted, and target data is buffered in the first buffer area.
In the present embodiment, the executing subject of the data safe transmission method can be the network architecture being arranged in equipment, The network architecture is in closed type track traffic communications system.Fig. 2 is a kind of network architecture provided in an embodiment of the present invention Structural schematic diagram.Include the first buffer area, protocol layer in the network architecture, is wherein provided with redundancy in protocol layer First track traffic signal secure communication protocols and the second buffer area and third buffer area and data send layer.
Specifically, it can receive target data to be transmitted, the target data received be then buffered in the first caching Qu Zhong.In the present embodiment, target data to be transmitted can to need the external data sent outward inside equipment, can also other than Portion needs the data sent toward equipment content.The network architecture can be supported to send data outward and receive data from outside.
Herein it should be noted that target data can be the application program in the equipment for being equipped with the network architecture Transmitted data, when the application program in equipment needs to send data outward, so that it may by the network structure toward outgoing Send data.Target data to be sent is cached in the first buffer area by application program first.
In addition, target data may be the data from external opposite equip., opposite equip. needs to send data To the application program on above equipment.When opposite equip. needs the application program on above equipment to send data, network rack Structure receives the target data of opposite equip. transmission first, which is stored in the first buffer area.
S102 reads target data from the first buffer area, and second target data is cached in protocol layer In buffer area.
In the present embodiment, the second buffer area and third buffer area are provided in protocol layer.From the first buffer area Target data can be read, then the target data is cached in the second buffer area in protocol layer.
S103, using the first track traffic signal secure communication protocols being mutually redundant in protocol layer to target data It is handled.
Specifically, for target data after being cached in the second buffer area, Ι layers of RSSP- in the network architecture can be from Target data is read in two buffer areas, based on the RSSP- Ι being mutually redundant in this layer come processing target data.It needs herein It is bright, when target data is data received from external equipment, need to parse target data using RSSP- Ι, example Such as, target data is decrypted using clear crytpographic key.And when target data is the data received from application program, Since the data are an initial data, need to be packaged processing to target data using RSSP- Ι, it is close for example, by using encrypting Code encrypts target data, the format of target data is converted into format required by RSSP- Ι etc..
S104, by treated, target data is cached in the third buffer area in protocol layer.
After being handled using RSSP- Ι target data, the network architecture can target data be cached to by treated In third buffer area in protocol layer.
S105 is sent from the target data after reading process in third buffer area.
It is then right it is possible to further from the target data after reading process in the third buffer area in protocol layer Treated, and target data is sent.Specifically, the data in Fig. 2 send layer from the third buffer area in protocol layer Target data is read, then sends the target data read.
When target data is the data that application program needs to send, the network architecture can pass through the communication with opposite equip. Interface, by treated, target data is sent to opposite equip..Communication interface can be cable or serial port form.It is connect in communication Specific communication protocol is not limited in mouthful.
When target data is the data that opposite equip. needs to send to application program, the network architecture can be cached from third Target data in area after reading process is transmitted directly to application program.
Data safe transmission method provided in this embodiment, for passing through acquisition in closed type track traffic communications system Target data to be transmitted, and target data is successively cached in the first buffer area and the second buffer area, from the second buffer area Middle reading target data is handled target data using the first track traffic signal secure communication protocols being mutually redundant, By treated, target data is cached in third buffer area, is sent out from the target data after reading process in third buffer area It send.It, can be by the application program, the network architecture and communication interface of equipment due to being provided with multiple buffer areas in the present embodiment I.e. link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself.Due to Function carries out layering isolation, and the network architecture is no longer defined in specific communication mode, can call a plurality of types of communication interfaces, So that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data receiver and hair It send, does not need the specific implementation of concern RSSP- Ι, be easy to user's use.
Data safe transmission method provided by the above embodiment in order to better understand is needed with application program in the present embodiment Data are sent as a scene, a step is carried out to above-described embodiment and is explained.Fig. 3 is provided in an embodiment of the present invention another A kind of flow diagram of data safe transmission method.As indicated at 3, which includes the following steps:
S301 receives target data to be sent from application program, and target data is buffered in the first transmission buffer area In.
In the present embodiment, for the data of application program to be sent to opposite equip..
On the basis of Fig. 2, Fig. 4 provides another network architecture.The first buffer area includes the in the network architecture One sends buffer area, and the second buffer area includes the second transmission buffer area, and third buffer area includes that third sends buffer area.
In the present embodiment, multiple application programs are often installed in equipment or system, all application programs are in Application layer in Fig. 4.When application program needs to send target data, the application program in application layer can be into the network architecture The first transmission buffer area in send target data, and target data is buffered in the first transmission buffer area.
S302 reads target data from the first transmission buffer area and is cached in the second transmission buffer area.
After target data to be cached to the first transmission buffer area, in order to send the target data, network rack outward Ι layers of structure RSSP- also need to read target data from the first transmission buffer area.
S303 reads target data from the second transmission buffer area.
S304, in protocol layer using the first track traffic signal secure communication protocols being mutually redundant, respectively to mesh Mark data are packaged.
After reading target data, according to the regulation in RSSP- Ι, target data is packaged, for example, can be by According in RSSP- Ι encryption regulation encrypted, format conversion, compression and encapsulation etc. processing.
Target data after encapsulation is cached to third and sent in buffer area by S305.
After being packaged using RSSP- Ι to target data, the target data after encapsulation can be cached to third and sent and delayed It deposits in area.
S306 sends the target data after reading encapsulation in buffer area from third.
In the present embodiment, in order to continue outside transmission objectives data, need to send from third in buffer area after reading encapsulation Target data.
It can be provided in the network architecture as a kind of possible implementation in order to provide the reliability of data transmission The dual communication link of redundancy.During application program sends data, the dual communication link being arranged in the network architecture is known as the A pair of communication link.Wherein, the first dual communication link includes the first main channel and first for channel.First dual communication link can be with The target data after reading encapsulation in buffer area is sent from third respectively.
S307 calls communication interface that the target data after encapsulation is sent to corresponding opposite equip..
In the present embodiment, after the target data for sending after reading encapsulation in buffer area from second, communication can be called to connect Mouthful, the target data after encapsulation is then sent to by corresponding opposite equip. by communication interface.
As a kind of possible implementation, the first main channel and first in the first dual communication link can be divided for channel Not Tiao Yong communication interface, the target data after encapsulation is sent to by opposite equip. by the communication interface of calling.Wherein, communication connects Mouth can be serial ports or cable.In the present embodiment, the safety that local device and opposite equip. transmit for data, use is superfluous Remaining design is provided with the dual communication link of redundancy in the network architecture.First main channel of local device passes through communication interface, will Target data is sent to the main channel on opposite equip. after encapsulation, and the first of local device, by communication interface, will seal for channel Target data after dress is sent to the standby channel on opposite equip..
Further, after opposite equip. receives the message for carrying target data, in the network architecture of opposite equip. Ι layers of RSSP- need to the validity-safety check domain-secondary ordered pair of update local security parameter message carries out end to end according to message Safety check, to guarantee above four security features.
It, can be by the application program, the network architecture and communication of equipment due to being provided with multiple buffer areas in the present embodiment Interface, that is, link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself. Since function carries out layering isolation, the network architecture is no longer defined in specific communication mode, can call a plurality of types of communications Interface, so that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data and connect It receives and sends, do not need the specific implementation of concern RSSP- Ι, be easy to user's use.
Data safe transmission method provided by the above embodiment in order to better understand, to need to application in the present embodiment Program sends data as a scene, carries out a step to above-described embodiment and explains.Fig. 5 is provided in an embodiment of the present invention Another flow diagram of data safe transmission method.As figure 5 illustrates, which includes the following steps:
S501 receives the target data that opposite equip. is sent, target data is buffered in the first reception buffer area.
In the present embodiment, data are sent for application program of the opposite equip. on local device.
In the present embodiment, Ι layers of RSSP- in the network architecture on local device need to the number of targets from opposite equip. It checks according to doing for example, the authenticity of the data source i.e. source information of transmitting terminal, the correctness of data frame and integrality, data The timeliness and real-time of frame and the correctness or order of sequence of data frames.
On the basis of Fig. 2, Fig. 6 provides another network architecture.The first buffer area includes the in the network architecture One receives buffer area, and the second buffer area includes the second reception buffer area and third buffer area includes that third receives buffer area.
In the present embodiment, multiple application programs are often installed in equipment or system, all application programs are in Application layer in Fig. 6.When opposite equip. needs the application program on local device to send data, opposite equip. can be to net Target data is sent in the first reception buffer area in network framework.Specifically, number is sent in the application program on local device During, the dual communication link being arranged in the network architecture is known as the second dual communication link.Opposite equip. passes through communication interface Target data is sent to the second dual communication link of redundancy.It include that the second main channel and second are standby logical in second dual communication link Road.Specifically, it calls communication interface from the network connection between opposite equip., receives the number of targets that opposite equip. is sent According to.After communication interface receives target data, target data is connected by the second dual communication of redundancy, and target data is delayed There are first to receive in buffer area.
S502 reads target data from the first reception buffer area.
In order to continue to transmit to target data, Ι layers of RSSP- in the network architecture can be received in buffer area from first Read target data.Herein it should be noted that opposite equip. is similarly the equipment for being equipped with the network architecture, opposite equip. hair The target data brought is the data after RSSP- Ι encapsulation.
S503, second that the target data read from the first reception buffer area is cached in protocol layer, which receives, to be cached Qu Zhong.
S504 reads target data from the second reception buffer area.
S505, in protocol layer using the first track traffic signal secure communication protocols being mutually redundant respectively to target Data are parsed.
After getting target data, in order to get initial data, it is necessary to be carried out using RSSP- Ι to target data Parsing, the target data after available parsing can be applied at this point, the target data after parsing can be initial data Program is identified.For example, the processing such as de-encapsulation, decompression, decryption, format conversion can be carried out to target data.
Target data after parsing is cached to the third in protocol layer and received in buffer area by S506.
After target data is parsed, the third that the target data after parsing can be cached in protocol layer It receives in buffer area.
S507, the target data received after reading parsing in buffer area from third are sent to corresponding application program.
Further, the target data after reading parsing in caching is received from third, then by the target data after parsing It is sent to corresponding application program.
It, can be by the application program, the network architecture and communication of equipment due to being provided with multiple buffer areas in the present embodiment Interface, that is, link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself. Since function carries out layering isolation, the network architecture is no longer defined in specific communication mode, can call a plurality of types of communications Interface, so that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data and connect It receives and sends, do not need the specific implementation of concern RSSP- Ι, be easy to user's use.
In order to allow the network architecture preferably to support to send and receive.The network architecture can include that the first transmission is slow simultaneously It deposits area, the first reception buffer area, the second transmission buffer area and the second reception buffer area and third sends buffer area and third Buffer area is received, the specific structure of the network architecture is as shown in Figure 7.The application layer docked with the network architecture, net are provided in Fig. 7 Further include in network framework the first main channel and first for channel, the second main channel and second for channel.
Accordingly with Fig. 7, which can provide another data safe transmission method, and Fig. 8 is that the present invention is implemented The flow diagram for another data safe transmission method that example provides.The data safe transmission method the following steps are included:
S801, task start.
In the present embodiment, data can be sent or be received as a task, after task starts, starting can be executed The network architecture.
S802, the network architecture obtain the first data from communication interface.
When there is task instruction to need to obtain the first data from communication interface, then the network architecture starts to obtain from communication interface The first data are taken, herein it should be noted that the first data are the target data from external opposite equip..
S803 judges whether to receive the first data.
If it is judged that receiving the first data, then S804 is executed;If it is judged that not receiving the first data, then execute S815 waits next task, i.e., task terminates at this time.
S804 receives the first data buffer storage to first in buffer area.
S805 carries out safety check to the first data using RSSP-I.
In order to guarantee that the data of external transmission have enough safeties, RSSP-I can use to the safety of the first data Property is verified.
S806, judges whether safety check succeeds.
If it is determined that safety check successfully illustrates the first data safety, then S807 is executed, if it is judged that safety check loses It loses, then executes S816 and mistake is handled and fed back.
S807 parses the first data and is successively cached in second and third reception buffer area.
S808 is received to read in buffer area from third and the first Data Concurrent is sent to give corresponding application program in application layer.
Herein it should be noted that above-mentioned steps are that external opposite equip. needs to send out in application program on local device Send the scene of data.About this scene lower network framework in each step to the concrete processing procedure of the first data, reference can be made on The record of related content in embodiment is stated, details are not described herein again.
Second data are sent to the network architecture by S809, the application program in application layer.
S810, the network architecture receive the second data and are successively cached in the first and second transmission buffer areas.
S811 reads the second data from the first transmission buffer area.
S812 judges whether to read the second data.
If it is judged that reading the second data, then S813 is executed;If it is judged that it is unread to the second data, then it executes S815。
S813 encapsulates the second data using RSSP-I.
S814 sends the second data by communication interface.
Call communication interface that the second data after encapsulation are sent to opposite equip..
S809~S815 needs to send the scene of data outward for the application program in application layer.About this scene lower network Framework in each step to the concrete processing procedure of the first data, reference can be made in above-described embodiment related content record, herein It repeats no more.
Herein it should be noted that stringent sequential relationship is not present in the implementation procedure of two scenes, can concurrently hold Row, can also execute respectively, or sequence executes.
In the present embodiment, since multiple buffer areas are arranged, the application program of equipment, the network architecture and communication can be connect Mouth is that link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself.By Layering isolation is carried out in function, the network architecture is no longer defined in specific communication mode, and a plurality of types of communications can be called to connect Mouthful, so that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data receiver And transmission, the specific implementation of concern RSSP- Ι is not needed, user's use is easy to.
As shown in figure 9, needing to carry out data transmission between equipment A and equipment B, equipment A is local device, equipment herein B is opposite equip..Equipment A and equipment B are mounted on the network architecture shown in Fig. 7.In order to enable data two equipment it Between transmitted, need to select roles in advance for two equipment, wherein role is divided into calling terminal and called end.Show as one kind Example, the role of equipment A are calling terminal, and the role of equipment B is called end.In order to guarantee data can safe transmission, from Target data is read in first buffer area, target data is carried out to handle it using the first track traffic signal secure communication protocols Before, need to establish safe transmission connection between both devices.In RSSP- Ι require only have calling terminal equipment could actively with The equipment of called end carries out safe transmission establishment of connection.In Fig. 9, when equipment B sends target data to equipment A, Ke Yitong It crosses in figure and is denoted as the flow direction of grey box composition, and also pass through dotted line frame, for example, application layer, RSSP- Ι and communication interface. And when equipment A and equipment B sends target data, it can be by being denoted as the flow direction of white box composition in figure, and also pass through Dotted line frame, for example, application layer, RSSP- Ι and communication interface.
Wherein, two network architectures of the redundancy in equipment can identify logical independently as a source address and source Believe node.For the angle of equipment A, when the principal series network architecture is connected by safe transmission sends target data to equipment B, Identical target data need to be passed through the binary channels that is mutually redundant be sent to equipment B the principal series network architecture and it is standby be network Structure.And it is the network architecture that equipment A, which sends the standby of equipment A for target data by synchronization between being, standby is that the network architecture is also answered Encapsulation target data and be sent to equipment B principal series and it is standby be the network architecture.
For equipment B, principal series and it is standby be the network architecture in one cycle, can receive equipment A principal series network The standby message and equipment A for the carrying target data that framework is sent by the binary channels of redundancy is that the network architecture passes through redundancy The message for the carrying target data that binary channels is sent.
Figure 10 is a kind of structural schematic diagram of data security transmission device provided in an embodiment of the present invention.As shown in Figure 10, The rich data security transmission device includes: that the first cache layer 11, protocol layer 12 and data send layer 13.
Wherein, the first cache layer 11 is buffered in first for obtaining target data to be transmitted, and by the target data In buffer area.
Protocol layer 12, for reading the target data from first buffer area, and by the target data Be cached in the second buffer area, using the first track traffic signal secure communication protocols being mutually redundant to the target data into Row processing, and the target data is cached in third buffer area by treated.
Data send layer 13, for being sent from the target data after reading process in the third buffer area.
On the basis of Figure 10, Figure 11 is that the structure of another data security transmission device provided in an embodiment of the present invention is shown It is intended to.Wherein, first buffer area includes the first transmission buffer area, and second buffer area includes the second transmission buffer area, Third buffer area includes that third sends buffer area.
When the application program on local device needs to send data, then first cache layer 11, is specifically used for from institute It states and receives the target data to be sent in application program, the target data is buffered in the first transmission buffer area;
Protocol layer 12 will be from described specifically for reading the target data from the first transmission buffer area The target data that first transmission buffer area is read is cached to second in the protocol layer and sends in buffer area, and The target data is read from the second transmission buffer area, utilizes first track traffic signal safety being mutually redundant Communication protocol is respectively packaged the target data and the target data after encapsulation is cached to the third transmission In buffer area.
Data send layer 13, specifically for sending the target data after reading encapsulation in buffer area from the third, Call communication interface that the target data after encapsulation is sent to corresponding opposite equip..
Further, the second cache layer 13, specifically for the first dual communication link by redundancy respectively from the third Read the target data after encapsulation in buffer area, and described in calling respectively by the first dual communication link of the redundancy Communication interface, by the communication interface and the communication connection between the opposite equip., by the number of targets after encapsulation According to being sent to the opposite equip.;Wherein, the first dual communication link includes the first main channel and first for channel.
Further, the first buffer area further includes the first reception buffer area, and second buffer area further includes the second reception Buffer area, the third buffer area further include that third receives buffer area.
When opposite equip. needs the application program on local device to send data, the first cache layer 11 is specifically used for The target data that the opposite equip. is sent is received, the target data is buffered in the first reception buffer area.
Protocol layer 12 will be from described specifically for reading the target data from the first reception buffer area The target data that first reception buffer area is read is cached in the second reception buffer area in the protocol layer, And the target data is read from the second reception buffer area, in the protocol layer using described in being mutually redundant First track traffic signal secure communication protocols respectively parse the target data, and by the number of targets after parsing According to being cached in the third buffer area.
Data send layer 13, send out specifically for receiving the target data after reading parsing in buffer area from the third Give corresponding application program.
First cache layer 11 connects specifically for calling communication interface from the communication connection between the opposite equip. The target data that the opposite equip. is sent is received, it will be described by the second dual communication link of the communication interface and redundancy Target data is buffered in described first and receives in buffer area;Wherein, the second dual communication link includes the second main channel and the Two for channel.
It, can be by the application program, the network architecture and communication of equipment due to being provided with multiple buffer areas in the present embodiment Interface, that is, link layer has carried out layering isolation, is packaged with RSSP- Ι in the network architecture, can guarantee the safe transfer of data itself. Since function carries out layering isolation, the network architecture is no longer defined in specific communication mode, can call a plurality of types of communications Interface, so that the network architecture has portable and versatility.And the corresponding user of application program can only focus on data and connect It receives and sends, do not need the specific implementation of concern RSSP- Ι, be easy to user's use.
In order to realize goal of the invention, the embodiment of the invention provides another data security transmission devices, including processor And memory.Wherein, the processor run by reading the executable program code stored in the memory with it is described The corresponding program of executable program code, for realizing data safe transmission method in above-described embodiment.
In order to realize goal of the invention, the embodiment of the invention provides a kind of computer program products, when the computer journey When instruction in sequence product is executed by processor, the data safe transmission method in above-described embodiment is executed.
In order to realize goal of the invention, the embodiment of the invention provides a kind of non-transitorycomputer readable storage medium, On be stored with computer program, which is characterized in that the computer program realizes data in above-described embodiment when being executed by processor Safe transmission method.
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not It must be directed to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be in office It can be combined in any suitable manner in one or more embodiment or examples.In addition, without conflicting with each other, the skill of this field Art personnel can tie the feature of different embodiments or examples described in this specification and different embodiments or examples It closes and combines.
In addition, term " first ", " second " are used for descriptive purposes only and cannot be understood as indicating or suggesting relative importance Or implicitly indicate the quantity of indicated technical characteristic.Define " first " as a result, the feature of " second " can be expressed or Implicitly include at least one this feature.In the description of the present invention, the meaning of " plurality " is at least two, such as two, three It is a etc., unless otherwise specifically defined.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes It is one or more for realizing custom logic function or process the step of executable instruction code module, segment or portion Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, to execute function, this should be of the invention Embodiment person of ordinary skill in the field understood.
Expression or logic and/or step described otherwise above herein in flow charts, for example, being considered use In the order list for the executable instruction for realizing logic function, may be embodied in any computer-readable medium, for Instruction execution system, device or equipment (such as computer based system, including the system of processor or other can be held from instruction The instruction fetch of row system, device or equipment and the system executed instruction) it uses, or combine these instruction execution systems, device or set It is standby and use.For the purpose of this specification, " computer-readable medium ", which can be, any may include, stores, communicates, propagates or pass Defeated program is for instruction execution system, device or equipment or the dress used in conjunction with these instruction execution systems, device or equipment It sets.The more specific example (non-exhaustive list) of computer-readable medium include the following: there is the electricity of one or more wirings Interconnecting piece (electronic device), portable computer diskette box (magnetic device), random access memory (RAM), read-only memory (ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk is read-only deposits Reservoir (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other are suitable Medium, because can then be edited, be interpreted or when necessary with it for example by carrying out optical scanner to paper or other media His suitable method is handled electronically to obtain described program, is then stored in computer storage.
It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage Or firmware is realized.Such as, if realized with hardware in another embodiment, following skill well known in the art can be used Any one of art or their combination are realized: have for data-signal is realized the logic gates of logic function from Logic circuit is dissipated, the specific integrated circuit with suitable combinational logic gate circuit, programmable gate array (PGA), scene can compile Journey gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould Block both can take the form of hardware realization, can also be realized in the form of software function module.The integrated module is such as Fruit is realized and when sold or used as an independent product in the form of software function module, also can store in a computer In read/write memory medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..Although having been shown and retouching above The embodiment of the present invention is stated, it is to be understood that above-described embodiment is exemplary, and should not be understood as to limit of the invention System, those skilled in the art can be changed above-described embodiment, modify, replace and become within the scope of the invention Type.

Claims (15)

1. a kind of data safe transmission method, which is characterized in that be used in closed type track traffic communications system, the method packet It includes:
Target data to be transmitted is obtained, and the target data is buffered in the first buffer area;
For reading the target data from first buffer area, and the target data being cached in protocol layer In two buffer areas;
Using the first track traffic signal secure communication protocols being mutually redundant in the protocol layer to the target data It is handled;
By treated, the target data is cached in the third buffer area in the protocol layer;
It is sent from the target data after reading process in the third buffer area.
2. data safe transmission method according to claim 1, which is characterized in that first buffer area includes the first hair Buffer area is sent, second buffer area includes the second transmission buffer area and the third buffer area includes that third sends caching Area;
It is when the application program on local device needs to send data, then described to obtain target data to be transmitted, and will be described Target data is buffered in the first buffer area, comprising:
The target data to be sent is received from the application program, and the target data is buffered in the first transmission caching Qu Zhong;
It is described that the target data is read from first buffer area, and the target data is cached in protocol layer The second buffer area in, comprising:
The target data is read from the first transmission buffer area;
Second that the target data read from the first transmission buffer area is cached in the protocol layer sends In buffer area;
It is described using the first track traffic signal secure communication protocols being mutually redundant in the protocol layer to the target Data are handled;
The target data is read from the second transmission buffer area;
In the protocol layer using the first track traffic signal secure communication protocols being mutually redundant, respectively to described Target data is packaged;
It is described that by treated, the target data is cached in the third buffer area in the protocol layer, comprising:
The target data after encapsulation is cached to the third to send in buffer area;
The target data after reading process in the third buffer area is sent, comprising:
The target data after reading encapsulation in buffer area is sent from the third;
Call communication interface that the target data after encapsulation is sent to corresponding opposite equip..
3. data safe transmission method according to claim 2, which is characterized in that described to send buffer area from the third The middle target data read after encapsulation, comprising:
By the first dual communication link of redundancy respectively from the target data after reading encapsulation in the third buffer area;
The target data after encapsulation is sent to corresponding opposite equip. by the calling communication interface, comprising: wherein, described First dual communication link includes the first main channel and first for channel;
The communication interface is called respectively by the first dual communication link of the redundancy;By the communication interface and with it is described The target data after encapsulation is sent to the opposite equip. by the communication connection between opposite equip..
4. data safe transmission method according to claim 2, which is characterized in that described to be read from first buffer area The target data is taken, before handling using the first track traffic signal secure communication protocols the target data, also Include:
It is connected based on safe transmission is established between the first track traffic signal secure communication protocols and the opposite equip.;Its In, the role of the local device is calling terminal, and the role of the opposite equip. is called end, and the safe transmission connection is by angle Color is that the local device of calling terminal is actively initiated.
5. data safe transmission method according to claim 1-4, which is characterized in that first buffer area is also Buffer area is received including first, second buffer area further includes the second reception buffer area and the third buffer area further includes Third receives buffer area;
It is when opposite equip. needs the application program on local device to send data, then described to obtain number of targets to be transmitted According to, and the target data is buffered in the first buffer area, comprising:
The target data that the opposite equip. is sent is received, the target data is buffered in the first reception buffer area;
For reading the target data from first buffer area, and the target data being cached in protocol layer In two buffer areas;
The target data is read from the first reception buffer area;
Described second target data read from the first reception buffer area is cached in the protocol layer It receives in buffer area;
It is described using the first track traffic signal secure communication protocols being mutually redundant in the protocol layer to the target Data are handled, comprising:
The target data is read from the second reception buffer area;
In the protocol layer using the first track traffic signal secure communication protocols being mutually redundant respectively to described Target data is parsed;
It is described that by treated, the target data is cached in third buffer area, comprising:
The target data after parsing is cached to the third to receive in buffer area;
The target data after reading process in the third buffer area is sent, comprising:
The target data received after reading parsing in buffer area from the third is sent to the application program.
6. data safe transmission method according to claim 5, which is characterized in that further include:
The target data for receiving the opposite equip. and sending, is buffered in the first reception buffer area for the target data In, comprising:
It calls communication interface from the communication connection between the opposite equip., receives the mesh that the opposite equip. is sent Mark data;
The target data is buffered in described first and received by the second dual communication link of the communication interface and redundancy and is delayed It deposits in area;Wherein, the second dual communication link includes the second main channel and second for channel.
7. a kind of data security transmission device, which is characterized in that be used in closed type track traffic communications system, described device packet It includes:
First cache layer is buffered in the first buffer area for obtaining target data to be transmitted, and by the target data;
Protocol layer is cached to for reading the target data from first buffer area, and by the target data In second buffer area, using the first track traffic signal secure communication protocols being mutually redundant to the target data at Reason, and the target data is cached in third buffer area by treated;
Data send layer, for being sent from the target data after reading process in the third buffer area.
8. data security transmission device according to claim 7, which is characterized in that first buffer area includes the first hair Buffer area is sent, second buffer area includes the second transmission buffer area and the third buffer area includes that third sends caching Area;
When the application program on local device needs to send data, then first cache layer, is specifically used for from the application The target data to be sent is received in program, and the target data is buffered in described first and is sent in buffer area;
The protocol layer will be from described the specifically for reading the target data from the first transmission buffer area The target data that one transmission buffer area is read is cached to second in the protocol layer and sends in buffer area, Yi Jicong The target data is read in the second transmission buffer area, it is logical safely using first track traffic signal being mutually redundant Believe agreement, the target data is packaged respectively and the target data after encapsulation is cached to the third and sent and is delayed It deposits in area;
The data send layer, specifically for sending the target data after reading encapsulation in buffer area from the third, adjust The target data after encapsulation is sent to corresponding opposite equip. with communication interface.
9. data security transmission device according to claim 8, which is characterized in that second cache layer is specifically used for By the first dual communication link of redundancy respectively from the target data after reading encapsulation in the third buffer area, Yi Jitong The the first dual communication link for crossing the redundancy calls the communication interface respectively, sets by the communication interface and with the opposite end Communication connection between standby, is sent to corresponding opposite equip. wherein for the target data after encapsulation, first bilateral Believe that link includes the first main channel and first for channel.
10. data security transmission device according to claim 8, which is characterized in that the protocol layer process layer is also used to It is connected based on safe transmission is established between the first track traffic signal secure communication protocols and the opposite equip.;Wherein, The local device is caller end equipment, and the opposite equip. is called end equipment;Safe transmission connection is by based on role The local device at end is made actively to initiate.
11. according to the described in any item data security transmission devices of claim 7-10, which is characterized in that first buffer area It further include the first reception buffer area, second buffer area further includes that the second reception buffer area and the third buffer area also wrap It includes third and receives buffer area;
When opposite equip. needs the application program on local device to send data, first cache layer, specifically for connecing The target data that the opposite equip. is sent is received, the target data is buffered in described first and is received in buffer area;
The protocol layer will be from described the specifically for reading the target data from the first reception buffer area The target data that one reception buffer area is read is cached in the second reception buffer area in the protocol layer, with And the target data is read from the second reception buffer area, described the be mutually redundant is utilized in the protocol layer One track traffic signal secure communication protocols respectively parse the target data, and by the target data after parsing It is cached in the third buffer area;
The data send layer, send specifically for receiving the target data after reading parsing in buffer area from the third The application program.
12. data security transmission device according to claim 10, which is characterized in that further include:
First cache layer is received specifically for calling communication interface from the network connection between the opposite equip. The target data that the opposite equip. is sent, by the second dual communication link of the communication interface and redundancy by the mesh Scalar data cache receives in buffer area described first;Wherein, the second dual communication link includes the second main channel and second Standby channel.
13. a kind of data security transmission device, which is characterized in that including processor and memory;
Wherein, the processor is run by reading the executable program code stored in the memory can be performed with described The corresponding program of program code, for realizing data safe transmission method such as claimed in any one of claims 1 to 6.
14. a kind of computer program product is executed when the instruction in the computer program product is executed by processor as weighed Benefit requires data safe transmission method described in any one of 1-6.
15. a kind of non-transitorycomputer readable storage medium, is stored thereon with computer program, which is characterized in that the calculating Such as data safe transmission method of any of claims 1-6 is realized when machine program is executed by processor.
CN201710558047.3A 2017-07-10 2017-07-10 Data safe transmission method and its device Pending CN109246056A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710558047.3A CN109246056A (en) 2017-07-10 2017-07-10 Data safe transmission method and its device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710558047.3A CN109246056A (en) 2017-07-10 2017-07-10 Data safe transmission method and its device

Publications (1)

Publication Number Publication Date
CN109246056A true CN109246056A (en) 2019-01-18

Family

ID=65083006

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710558047.3A Pending CN109246056A (en) 2017-07-10 2017-07-10 Data safe transmission method and its device

Country Status (1)

Country Link
CN (1) CN109246056A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202857A (en) * 2020-09-21 2021-01-08 青岛国信会展酒店发展有限公司 Intelligent management system applied to exhibition center

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1726663A (en) * 2002-12-18 2006-01-25 美国博通公司 Multi-processor platform for wireless communication terminal having partitioned protocol stack
US20120009976A1 (en) * 2008-04-17 2012-01-12 Ho-In Ryu Recess gate transistor
CN106375298A (en) * 2016-08-30 2017-02-01 湖南中车时代通信信号有限公司 Method for realizing configurable secure communication protocol

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1726663A (en) * 2002-12-18 2006-01-25 美国博通公司 Multi-processor platform for wireless communication terminal having partitioned protocol stack
US20120009976A1 (en) * 2008-04-17 2012-01-12 Ho-In Ryu Recess gate transistor
CN106375298A (en) * 2016-08-30 2017-02-01 湖南中车时代通信信号有限公司 Method for realizing configurable secure communication protocol

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202857A (en) * 2020-09-21 2021-01-08 青岛国信会展酒店发展有限公司 Intelligent management system applied to exhibition center

Similar Documents

Publication Publication Date Title
CN110519742B (en) Audio synchronous playing method and device and TWS Bluetooth headset
CN105518611B (en) A kind of remote direct data access method, equipment and system
CN101953224B (en) Message processing engine with a virtual network interface
DE60138747D1 (en) A transmission apparatus having a radio connection control layer in a radio communication system and a corresponding data transmission method
CN104935594B (en) Message processing method and device based on virtual expansible LAN tunnel
CN106375298A (en) Method for realizing configurable secure communication protocol
CN110061996A (en) A kind of data transmission method, device, equipment and readable storage medium storing program for executing
ES2266099T3 (en) POINTS FOR DATA ENCRYPTED IN THE HEAD OF PROTOCOL IN REAL TIME (RTP).
NO20045244L (en) System and method for prioritizing transmission of protocol data units to assist radio link transmission
CN101286997B (en) Data reliability verifying method, system, transmitting device and receiving device
CN109886692A (en) Data transmission method, device, medium and electronic equipment based on block chain
CN110417756A (en) Across a network data transmission method and device
CN110035058A (en) Resource request method, equipment and storage medium
CN107222759A (en) Method, system, equipment and the medium of media file encryption and decryption
CN109246061A (en) Data safe transmission method and its device
CN109660565A (en) A kind of isolation gap equipment and implementation method
CN109246056A (en) Data safe transmission method and its device
CN114339739A (en) Intelligent management system of wireless communication protocol
CN104243347B (en) The method and apparatus for being sent based on symmetrical high-speed digital subscriber line SHDSL and receiving data
CN209419652U (en) A kind of isolation gap equipment
WO2002069597A3 (en) Implementing a virtual backbone on a common network infrastructure
CN107800502A (en) The method and device switched between encryption and decryption pattern
CN101478428A (en) Software and hardware cooperative Ethernet failure security communication system and data transmission method
CN110457171A (en) A kind of embedded apparatus debugging method and system
JP2007086608A (en) Falsification prevention processing device for network terminating device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190118

RJ01 Rejection of invention patent application after publication