CN110995726A - Network isolation system of FPGA chip based on embedded ARM - Google Patents
Network isolation system of FPGA chip based on embedded ARM Download PDFInfo
- Publication number
- CN110995726A CN110995726A CN201911269299.XA CN201911269299A CN110995726A CN 110995726 A CN110995726 A CN 110995726A CN 201911269299 A CN201911269299 A CN 201911269299A CN 110995726 A CN110995726 A CN 110995726A
- Authority
- CN
- China
- Prior art keywords
- control unit
- network
- data
- network data
- protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network isolation system based on an FPGA chip embedded with an ARM, wherein the FPGA chip embedded with the ARM is arranged in a network isolation control terminal, a single chip is adopted to realize the network isolation function of the network isolation system, the FPGA chip comprises an ARM module and an FPGA module, the ARM module carries out data processing on network data according to a preset protocol through an internal protocol control unit and mainly undertakes the protocol analysis of the network data, the function of a protocol encapsulation part is realized, the FPGA module carries out the verification of a black and white list on the network data through a data isolation control unit, the network data belonging to the white list is continuously transmitted, and the network data not belonging to the white list is discarded, so that the function of data isolation is realized. By implementing the embodiment of the invention, the complexity of the internal construction of the network isolation control terminal can be reduced, thereby integrally reducing the complexity of the whole network isolation system, reducing the number of interface development and improving the stability.
Description
Technical Field
The invention relates to the technical field of computer networks, in particular to a network isolation system based on an embedded ARM FPGA chip.
Background
In the era of rapid development of communication networks, the transmission performance of the networks is continuously improved, the coverage of network information is gradually enlarged, and meanwhile, illegal technologies for destroying and stealing network information are continuously spread to achieve the benefit of individuals. Therefore, the information security in the network transmission process is particularly important, and especially, the information data in the enterprise can cause irreparable loss.
In the prior art, in the aspect of FPGA-based network data isolation, an FPGA + separated ARM architecture isolation system is used, the data isolation function is realized by an FPGA chip and an ARM chip respectively, and because two independent chips are adopted to construct the network isolation device, the board forming area, the wiring and the pin connection are complex and tedious, in addition, in the aspect of interaction, the development of several groups of interfaces is required to be specially performed for the two chips, and the defect exists in stability.
Disclosure of Invention
The embodiment of the invention provides a network isolation system based on an embedded ARM FPGA chip, which can reduce the complexity of constructing the network isolation system and improve the stability of the network isolation system.
An embodiment of the present invention provides a network isolation system based on an embedded ARM FPGA chip, including:
the system comprises a first network terminal, a second network terminal and a network isolation control terminal; wherein, be provided with the FPGA chip of embedded ARM in the network isolation control terminal, the FPGA chip includes: the FPGA module is connected with the ARM module through an AXI interface; the AXI interface comprises a first AXI interface and a second AXI interface;
the FPGA module comprises: the device comprises a Pceie DMA control unit, a first AXI interface DMA control unit, a second AXI interface DMA control unit and a data isolation control unit;
the ARM module comprises: the system comprises a first data access control unit, a second data access control unit and a protocol control unit;
the Pceie DMA control unit is used for controlling network data to be transmitted between the first network terminal and the FPGA module of the network isolation control terminal through a Pceie interface;
the first AXI interface DMA control unit is used for controlling the network data to be transmitted between the FPGA module and the ARM module through the first AXI interface;
the first data access control module is configured to control the network data to be transmitted between the protocol control unit and the FPGA module through the first AXI interface;
the protocol control unit is used for carrying out data processing on the network data transmitted into the protocol control unit according to a preset protocol; wherein the data processing comprises data parsing or data encapsulation.
The second data access control unit is configured to control the network data to be transmitted between the protocol control unit and the FPGA module through the second AXI interface;
the second AXI interface DMA control unit is used for controlling the network data to be transmitted between the data isolation control unit and the protocol control unit through the second AXI interface;
and the data isolation control unit is used for judging whether the network data are network data in a preset white list, controlling the network data to be transmitted between the FPGA module and a second network terminal if the network data are the network data in the preset white list, and discarding the network data if the network data are not the network data in the preset white list.
Further, the MQTT/https protocol control unit is used for encapsulating or analyzing the network data according to an MQTT/https protocol;
and the Tcp/ip protocol control unit is used for packaging or analyzing the network data packaged or analyzed by the MQTT/https protocol control unit according to a Tcp/ip protocol.
Further, the data encryption and decryption unit is configured to encrypt or decrypt the network data;
the signature verification unit is used for adding signature information to the network data or removing the signature information of the network data.
Further, the device also comprises a storage device; the FPGA module also comprises a storage unit DMA control unit and a storage unit transceiving interface;
and the storage unit DMA control unit is used for controlling the network data to be transmitted between the storage device and the FPGA module through the storage unit transceiving interface.
Further, the FPGA module further includes: the system comprises an MAC layer protocol control unit and an Ethernet control unit; the MAC layer protocol control unit is used for analyzing or packaging the network data according to an MAC protocol and controlling the transmission of the network data between the Ethernet control unit and the data isolation control unit; and the ethernet control unit is configured to control the network data to be transmitted between the MAC layer protocol control unit and the second network terminal.
Further, the data encryption and decryption unit encrypts or decrypts the network data through the SM9 algorithm; the signature verification unit attaches signature information to the network data or removes the signature information of the network data by the SM9 algorithm.
The embodiment of the invention has the following beneficial effects:
the embodiment of the invention provides a network isolation system based on an FPGA chip embedded with an ARM, wherein the FPGA chip embedded with the ARM is arranged in a network isolation control terminal, and a single chip is adopted to realize the network isolation function of the network isolation system, the FPGA chip comprises an ARM module and an FPGA module, the ARM module processes network data according to a preset protocol through an internal protocol control unit and mainly plays roles of protocol analysis and protocol encapsulation of the network data, the FPGA module verifies a black-and-white list of the network data through a data isolation control unit, the network data belonging to the white list is continuously transmitted, and the network data not belonging to the white list is discarded, so that the function of data isolation is realized. Compared with the prior art that two chips of the FPGA and the ARM are respectively used for realizing network isolation, the technical scheme disclosed by the embodiment of the invention has the advantages that on one hand, the area of a finished board is small, the wiring and pin connection are greatly simplified, the complexity of the internal construction of the network isolation control terminal is reduced, and the complexity of the whole network isolation system is integrally reduced. On the other hand, the number of interface development can be reduced in the aspect of interaction, redundant external pins are not needed, and the stability is improved.
Drawings
Fig. 1 is a system architecture diagram of a network isolation system based on an FPGA chip embedded with an ARM according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, a network isolation system based on an FPGA chip embedded with an ARM according to an embodiment of the present invention includes:
the system comprises a first network terminal, a second network terminal and a network isolation control terminal; wherein, be provided with the FPGA chip of embedded ARM in the network isolation control terminal, the FPGA chip includes: the FPGA module is connected with the ARM module through an AXI interface; the AXI interface comprises a first AXI interface and a second AXI interface;
the FPGA module comprises: the device comprises a Pceie DMA control unit, a first AXI interface DMA control unit, a second AXI interface DMA control unit and a data isolation control unit;
the ARM module comprises: the system comprises a first data access control unit, a second data access control unit and a protocol control unit;
the Pceie DMA control unit is used for controlling network data to be transmitted between the first network terminal and the FPGA module of the network isolation control terminal through a Pceie interface;
the first AXI interface DMA control unit is used for controlling the network data to be transmitted between the FPGA module and the ARM module through the first AXI interface;
the first data access control module is configured to control the network data to be transmitted between the protocol control unit and the FPGA module through the first AXI interface;
the protocol control unit is used for carrying out data processing on the network data transmitted into the protocol control unit according to a preset protocol; wherein the data processing comprises data parsing or data encapsulation.
The second data access control unit is configured to control the network data to be transmitted between the protocol control unit and the FPGA module through the second AXI interface;
the second AXI interface DMA control unit is used for controlling the network data to be transmitted between the data isolation control unit and the protocol control unit through the second AXI interface;
and the data isolation control unit is used for judging whether the network data are network data in a preset white list, controlling the network data to be transmitted between the FPGA module and a second network terminal if the network data are the network data in the preset white list, and discarding the network data if the network data are not the network data in the preset white list.
In a preferred embodiment, the protocol control unit includes: an MQTT/https protocol control unit and a Tcp/ip protocol control unit; the MQTT/https protocol control unit is used for packaging or analyzing the network data according to an MQTT/https protocol; and the Tcp/ip protocol control unit is used for packaging or analyzing the network data packaged or analyzed by the MQTT/https protocol control unit according to a Tcp/ip protocol.
In a preferred embodiment, the FPGA module further comprises a data encryption and decryption unit and a signature verification unit; the data encryption and decryption unit is used for encrypting or decrypting the network data; the signature verification unit is used for adding signature information to the network data or removing the signature information of the network data. Preferably, the data encryption and decryption unit encrypts or decrypts the network data through an SM9 algorithm; the signature verification unit attaches signature information to the network data or removes the signature information of the network data by the SM9 algorithm.
In a preferred embodiment, further comprising a storage device; the FPGA module also comprises a storage unit DMA control unit and a storage unit transceiving interface; and the storage unit DMA control unit is used for controlling the network data to be transmitted between the storage device and the FPGA module through the storage unit transceiving interface. The storage device is preferably a storage device provided with a DDR3, and before data interaction between the FPGA module and the ARM module, the storage device provided with a DDR3 is used for storage, so as to ensure the continuity and stability of the operation of the whole system;
in a preferred embodiment, the FPGA module further comprises: the system comprises an MAC layer protocol control unit and an Ethernet control unit;
the MAC layer protocol control unit is used for analyzing or packaging the network data according to an MAC protocol and controlling the transmission of the network data between the Ethernet control unit and the data isolation control unit; and the ethernet control unit is configured to control the network data to be transmitted between the MAC layer protocol control unit and the second network terminal.
Preferably, the first network terminal is an intranet device or a network device of a local area network; the second network terminal is an external network device and is an ethernet network device.
To better explain the above technical solution of the present invention, the following describes the above solution with a first network terminal as a data originating end and a second network terminal as a data receiving end:
firstly, a first network terminal (intranet equipment) is connected with an FPGA module (or PL end) of an FPGA chip of a network isolation control terminal through a Pceie interface
The intranet equipment initiates network data transmission and starts to transmit network data to the network isolation control terminal; the Pcie DMA control unit of the FPGA module adjusts the structure state of the network data at the PL end and receives the network data sent by the intranet equipment through the Pcie interface; and then transmitting the network data to a data encryption and decryption unit, encrypting the network data by an SM9 algorithm, transmitting the encrypted data to a signature verification unit, and attaching signature information by the signature verification unit. And the safe isolation of data is realized.
The network data are continuously transmitted to a storage unit DMA control unit, the storage unit DMA control unit firstly transmits the network data to a storage device provided with a DDR3 through a storage unit transceiving interface for caching, and transmits the network data to a first AXI interface DMA control unit;
the first AXI interface DMA control unit transmits network data from the FPGA module to an ARM module (PS end) through the first AXI interface;
the first data access control unit transmits the network data to the MQTT/https protocol control unit, and the MQTT/https protocol control unit packages the network data by an MQTT/https protocol to realize Ethernet encryption transmission; then transmitting to a Tcp/ip protocol control unit;
the Tcp/ip protocol control unit encapsulates network data by a Tcp/ip protocol to realize Ethernet protocol transmission;
the second data access control unit transmits the network data positioned in the Tcp/ip protocol control unit back to the FPGA module; specifically, the FPGA module is transmitted through a second AXI interface;
the second AXI interface DMA control unit continuously transmits the network data to a data isolation control unit (a network data firewall), the data isolation control unit verifies the network data, and if the network data is data in a preset white list, the network data passes through the data isolation control unit, and the network data is continuously transmitted to the MAC layer protocol control unit; and if the network data is the data in the preset blacklist, discarding the network data. Thereby realizing network data isolation;
assuming that the network data is the network data in the preset white list, the data isolation control unit continues to transmit the network data to the MAC layer protocol control unit;
the MAC layer protocol control unit adds MAC layer package for network data and transmits user data packet protocol; and then the Ethernet control unit transmits the network data to a second network terminal (Ethernet equipment), and the second network terminal and the FPGA module perform data transmission through an Ethernet interface.
The embodiment of the invention has the following beneficial effects:
1. the FPGA chip with the embedded ARM is used for reasonably distributing functions of a PL (FPGA module) and a PS (ARM module), and the function of the FPGA single chip with the embedded ARM is exerted to the maximum extent;
2. the whole network isolation system is realized through the inside of a single chip, no redundant external pin is provided, the stability is greatly improved, and the system is more convenient and faster in research, development, transplantation and use;
3. the design of handling the card to hardware uses the single-chip to replace the multicore piece, and the area of integrated circuit board can reduce, and is more light, and the consumption also can reduce, and the overall arrangement wiring is also more convenient, can save other chip resources indirectly, for example chip, consumption chip etc. all the time.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention.
Claims (6)
1. The utility model provides a network isolation system of FPGA chip based on embedded ARM which characterized in that includes: the system comprises a first network terminal, a second network terminal and a network isolation control terminal; wherein, be provided with the FPGA chip of embedded ARM in the network isolation control terminal, the FPGA chip includes: the FPGA module is connected with the ARM module through an AXI interface; the AXI interface comprises a first AXI interface and a second AXI interface;
the FPGA module comprises: the device comprises a Pceie DMA control unit, a first AXI interface DMA control unit, a second AXI interface DMA control unit and a data isolation control unit;
the ARM module comprises: the system comprises a first data access control unit, a second data access control unit and a protocol control unit;
the Pceie DMA control unit is used for controlling network data to be transmitted between the first network terminal and the FPGA module of the network isolation control terminal through a Pceie interface;
the first AXI interface DMA control unit is used for controlling the network data to be transmitted between the FPGA module and the ARM module through the first AXI interface;
the first data access control module is configured to control the network data to be transmitted between the protocol control unit and the FPGA module through the first AXI interface;
the protocol control unit is used for carrying out data processing on the network data transmitted into the protocol control unit according to a preset protocol; wherein the data processing comprises data parsing or data encapsulation.
The second data access control unit is configured to control the network data to be transmitted between the protocol control unit and the FPGA module through the second AXI interface;
the second AXI interface DMA control unit is used for controlling the network data to be transmitted between the data isolation control unit and the protocol control unit through the second AXI interface;
and the data isolation control unit is used for judging whether the network data are network data in a preset white list, controlling the network data to be transmitted between the FPGA module and a second network terminal if the network data are the network data in the preset white list, and discarding the network data if the network data are not the network data in the preset white list.
2. The network isolation system of an embedded ARM-based FPGA chip of claim 1, wherein the protocol control unit comprises: an MQTT/https protocol control unit and a Tcp/ip protocol control unit;
the MQTT/https protocol control unit is used for packaging or analyzing the network data according to an MQTT/https protocol;
and the Tcp/ip protocol control unit is used for packaging or analyzing the network data packaged or analyzed by the MQTT/https protocol control unit according to a Tcp/ip protocol.
3. The network isolation system based on the FPGA chip with the embedded ARM as claimed in claim 1, wherein the FPGA module further comprises a data encryption and decryption unit and a signature verification unit;
the data encryption and decryption unit is used for encrypting or decrypting the network data;
the signature verification unit is used for adding signature information to the network data or removing the signature information of the network data.
4. The network isolation system based on an embedded ARM FPGA chip of claim 1, further comprising a storage device; the FPGA module also comprises a storage unit DMA control unit and a storage unit transceiving interface;
and the storage unit DMA control unit is used for controlling the network data to be transmitted between the storage device and the FPGA module through the storage unit transceiving interface.
5. The network isolation system of an embedded ARM based FPGA chip of claim 1 wherein said FPGA module further comprises: the system comprises an MAC layer protocol control unit and an Ethernet control unit;
the MAC layer protocol control unit is used for analyzing or packaging the network data according to an MAC protocol and controlling the transmission of the network data between the Ethernet control unit and the data isolation control unit;
and the ethernet control unit is configured to control the network data to be transmitted between the MAC layer protocol control unit and the second network terminal.
6. The network isolation system based on the FPGA chip with embedded ARM as claimed in claim 3, wherein the data encryption and decryption unit encrypts or decrypts the network data through SM9 algorithm; the signature verification unit attaches signature information to the network data or removes the signature information of the network data by the SM9 algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911269299.XA CN110995726B (en) | 2019-12-11 | 2019-12-11 | Network isolation system of FPGA chip based on embedded ARM |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911269299.XA CN110995726B (en) | 2019-12-11 | 2019-12-11 | Network isolation system of FPGA chip based on embedded ARM |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110995726A true CN110995726A (en) | 2020-04-10 |
CN110995726B CN110995726B (en) | 2021-03-30 |
Family
ID=70092552
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911269299.XA Active CN110995726B (en) | 2019-12-11 | 2019-12-11 | Network isolation system of FPGA chip based on embedded ARM |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110995726B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111914267A (en) * | 2020-07-01 | 2020-11-10 | 博依特(广州)工业互联网有限公司 | Soc framework data isolation system based on FPGA |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140380001A1 (en) * | 2012-02-24 | 2014-12-25 | Missing Link Electronics, Inc. | Partitioning systems operating in multiple domains |
US20160057045A1 (en) * | 2014-08-22 | 2016-02-25 | Honeywell International, Inc. | Hardware assist for redundant ethernet network |
CN105871836A (en) * | 2016-03-30 | 2016-08-17 | 华东师范大学 | GAP information extraction method combining with fingerprint verification |
CN107426229A (en) * | 2017-08-03 | 2017-12-01 | 华东师范大学 | The security gateway that Medical Devices are isolated with server in a kind of medical Internet of Things |
CN108628791A (en) * | 2018-05-07 | 2018-10-09 | 北京智芯微电子科技有限公司 | Based on the High Speed Security Chip framework of PCIE interfaces and the data processing method of high speed |
CN109558366A (en) * | 2018-11-15 | 2019-04-02 | 浙江国利网安科技有限公司 | A kind of firewall based on multiple processor structure |
CN109842585A (en) * | 2017-11-27 | 2019-06-04 | 中国科学院沈阳自动化研究所 | Network information security protective unit and means of defence towards industrial embedded system |
CN110061999A (en) * | 2019-04-28 | 2019-07-26 | 华东师范大学 | A kind of network data security analysis ancillary equipment based on ZYNQ |
-
2019
- 2019-12-11 CN CN201911269299.XA patent/CN110995726B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140380001A1 (en) * | 2012-02-24 | 2014-12-25 | Missing Link Electronics, Inc. | Partitioning systems operating in multiple domains |
US20160057045A1 (en) * | 2014-08-22 | 2016-02-25 | Honeywell International, Inc. | Hardware assist for redundant ethernet network |
CN105871836A (en) * | 2016-03-30 | 2016-08-17 | 华东师范大学 | GAP information extraction method combining with fingerprint verification |
CN107426229A (en) * | 2017-08-03 | 2017-12-01 | 华东师范大学 | The security gateway that Medical Devices are isolated with server in a kind of medical Internet of Things |
CN109842585A (en) * | 2017-11-27 | 2019-06-04 | 中国科学院沈阳自动化研究所 | Network information security protective unit and means of defence towards industrial embedded system |
CN108628791A (en) * | 2018-05-07 | 2018-10-09 | 北京智芯微电子科技有限公司 | Based on the High Speed Security Chip framework of PCIE interfaces and the data processing method of high speed |
CN109558366A (en) * | 2018-11-15 | 2019-04-02 | 浙江国利网安科技有限公司 | A kind of firewall based on multiple processor structure |
CN110061999A (en) * | 2019-04-28 | 2019-07-26 | 华东师范大学 | A kind of network data security analysis ancillary equipment based on ZYNQ |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111914267A (en) * | 2020-07-01 | 2020-11-10 | 博依特(广州)工业互联网有限公司 | Soc framework data isolation system based on FPGA |
CN111914267B (en) * | 2020-07-01 | 2022-04-05 | 博依特(广州)工业互联网有限公司 | Soc framework data isolation system based on FPGA |
Also Published As
Publication number | Publication date |
---|---|
CN110995726B (en) | 2021-03-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109842585B (en) | Network information safety protection unit and protection method for industrial embedded system | |
US8769257B2 (en) | Method and apparatus for extending transport layer security protocol for power-efficient wireless security processing | |
CN113194097B (en) | Data processing method and device for security gateway and security gateway | |
US7634650B1 (en) | Virtualized shared security engine and creation of a protected zone | |
US9003199B2 (en) | Modular cryptographic device providing multi-mode wireless LAN operation features and related methods | |
CN100594690C (en) | Method and device for safety strategy uniformly treatment in safety gateway | |
US11086810B2 (en) | Intelligent controller and sensor network bus, system and method including multi-layer platform security architecture | |
US11729042B2 (en) | IPSec acceleration method, apparatus, and system | |
CN112910932B (en) | Data processing method, device and system | |
CN110636052B (en) | Power consumption data transmission system | |
CN109714292A (en) | The method and apparatus of transmitting message | |
CN112270020B (en) | Terminal equipment safety encryption device based on safety chip | |
CN111262823B (en) | Security gateway and data processing method thereof | |
CN108810011A (en) | A kind of universal network secure accessing sound zone system and message processing method suitable for power private network | |
CA2543236C (en) | Method and apparatus to provide inline encryption and decryption for a wireless station | |
CN110022374A (en) | Method for connecting network, device, communication equipment and storage medium based on Internet of Things | |
CN210469376U (en) | Data encryption and decryption equipment based on ZYNQ7020 and security chip | |
CN110995726B (en) | Network isolation system of FPGA chip based on embedded ARM | |
CN112910646B (en) | Data processing method and device of server cipher machine and server cipher machine | |
CN114070606B (en) | Network security terminal device based on domestic operating system and working method | |
CN113094762B (en) | Data processing method and device and signature verification server | |
CN111914267B (en) | Soc framework data isolation system based on FPGA | |
Hohmann et al. | Bridge me if you can! evaluating the latency of securing profinet | |
CN210578645U (en) | Encryption communication device and terminal | |
CN111885062B (en) | RS485 bus-based communication system and method with authentication encryption function |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |