CN1294504C - Data separation switching transmitting method based on USB bus - Google Patents
Data separation switching transmitting method based on USB bus Download PDFInfo
- Publication number
- CN1294504C CN1294504C CNB200410017023XA CN200410017023A CN1294504C CN 1294504 C CN1294504 C CN 1294504C CN B200410017023X A CNB200410017023X A CN B200410017023XA CN 200410017023 A CN200410017023 A CN 200410017023A CN 1294504 C CN1294504 C CN 1294504C
- Authority
- CN
- China
- Prior art keywords
- read
- usb
- write
- data
- switch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Information Transfer Systems (AREA)
Abstract
The present invention relates to a data isolation switching transmission method based on a USB bus, which is used for the technical field of data exchange and information security. The present invention adopts an isolation switching hardware system to realize the alternate time slot switch on a USB 2.0 bus connected with a host computer system with double host computers, and the isolation switching hardware system comprises a switch control switch and a USB memory. Only when a switch control switch is connected to the USB memory and the host computers, the host computers can read and write the USB memory, and only one host computer of the host computer system reads and writes the USB memory at any moment. The on-off condition of the switch is detected by switching control software arranged in the host computer system to ensure the read-write operation on the switch only when the USB memory is connected to the host computer system; a data two-way transmission passage is established between the double host computer system through the organization and the management of data in the USB memory to realize the two-way data switching transmission. The present invention avoids the complicated SCSI equipment design and the SCSI bus control, and is a data transmission method with low price and high efficiency.
Description
Technical field
The present invention relates to a kind of data isolation switched transmission method, specifically is a kind of data isolation switched transmission method based on usb bus, is used for network data exchange, field of information security technology.
Background technology
The controlled message exchange of safety that how to realize external network and internal network is the major issue of information security field always.The Network Isolation of current employing and preventive means mainly are at network boundary fire wall to be installed, the safety that the traffic monitor and the control of turnover network is guaranteed exchange message by fire wall.But fire wall can only adopt the mode of logic isolation to control to the network connection, and its system easily is broken, and the fire wall after breaking through performs practically no function.Safety is isolated series products can divide two classes from the range of application aspect, one class is based on the isolation card of main frame, typical way is to switch the realization isolation by network interface and hard-disk interface switch to unit, is fit to unit visit external network, is not suitable for real-time network application continuously.Another kind of is that network security is isolated switching equipment, and this kind equipment can be realized safety isolation and controlled message exchange by at network boundary network application data being switched between the network of different security domains.At present existing network security isolation is worked with the mode that the message exchange implementation adopts xegregating unit to be connected the intranet and extranet control module mostly, connects the bus mode of switching and mainly contains SCSI and IDE etc.For example, the U.S. Whale company that is found in 1998 is the leading manufacturer of safety isolation at present and Information Exchange System series products, the major product of the said firm comprises the SSL VPN of e-Gap series and application firewall (Application Firewall) etc., these products all based on the unified switching hardware platform of isolating that is called Air Gap technology, mainly be made up of switch and storer based on SCSI bus by this hardware platform.In general, the switching of SCSI bus and transmission speed are higher than the IDE bus, but the SCSI bus more complicated, and do not have scsi controller in most of control processing system, increase the increase that new SCSI expansion card must bring cost.
Summary of the invention
The present invention is directed to the above-mentioned deficiency and the defective of prior art, a kind of data isolation switched transmission method based on usb bus is provided, make it make full use of usb bus, be issued to or surpass the performance of the isolation switching equipment of realizing based on SCSI bus in more convenient and cheap condition.The present invention is by being provided with the technology such as cooperation processing of corresponding switching controls software in switch, use USB storage and the main frame on usb bus, a data path transparent, zero defect, orderly and that have the higher data exchange rate can be provided between dual systems, solve at present based on method cost and the high shortcomings of complexity such as SCSI bus.
The present invention is achieved by the following technical solutions, the present invention adopts the realization of isolation switching hardware system the usb bus that connects dual systems to be carried out the time slot switching that takes turns, isolate the switching hardware system and comprise switching controls switch and USB storage, have only when the switching controls switch is communicated with USB storage and main frame and could be read and write USB storage by main frame, any time can only have a main frame that USB storage is read and write; Come detector switch break-make situation by the switching controls software in the main frame, guarantee to have only when USB storage is connected on the main frame and just it is carried out read-write operation, and by organization and management to data storage method in the USB storage, between two main frames, set up a data double-way transmission channel, carry out real time bidirectional data switching transmission in the two main frames that are equipped with the usb bus interface thereby be implemented in.
Below the present invention is further illustrated, particular content is as follows:
1) switching controls switch
The switching controls switch connects two main frames by two USB interface respectively with usb bus, and two interfaces all are connected on the switching controls switch, and its other end is connecting a USB storage with USB interface.At any time, the control of switching controls switch has only a main frame to be connected with USB storage.According to usb protocol, whether the USB HUB on the main frame comes judgment device to insert by the voltage of data line on the monitor port.Therefore the switching controls switch is set on the data line of usb bus, produces the spacing pulse gauge tap automatic switchover data line of fixing time by hardware clock circuit, and usb protocol detects the level of data line and judges just whether USB storage is received on the main frame.Its working method is similar to the switch of a single-pole double-throw (SPDT), and after data line cuts off (being equivalent to switch " opens "), the USB ROOT HUB on the main frame can notify main process equipment to disconnect, and causes that system carries out associative operation.Therefore when switch is " opening ", be equivalent to USB storage is inserted main frame, and when switch is " pass ", be equivalent to USB storage is extracted.Usb bus was in high-impedance state when switch cut out.Hence one can see that, and this switching controls switch can make two main frames take turns connected sum read-write USB storage according to the fixed cycle, but connected sum read-write simultaneously.The switching controls switch can not change not being subjected to software control powering up the back just according to this native mode work.
2) switching controls software detection switch on and off situation
When the switching controls software in the main frame carries out read-write operation in preparation to USB storage, must understand the break-make situation of current switching controls switch, so the connection status of a data structural identification USB storage to be safeguarded in program inside.If USB storage is current to be connected, then accessing operation is normally carried out; If USB storage does not connect, then accessing operation is delayed execution, and the read-write process gets clogged.It still is not enough that light has above-mentioned detection protection; be not subjected to software control owing to isolate the working method of change-over switch; so the situation that USB storage in the storage operation process pulls away system might occur; therefore for guaranteeing zero defect read-write to data; must predict some switching time of switch according to the switching controls switching frequency; when the switching controls switch will switch to " pass ", stop waiting a period of time not do accessing operation, unusual to avoid occurring read-write.In addition, for guaranteeing reliable read write to USB storage, switching controls software must have error recovery mechanisms when the read-write USB storage, promptly each rreturn value that detects read-write operation, if read-write operation is failed, then when obtain read-write USB storage authority next time, read and write the content of malloc failure malloc last time again.
3) tissue of data in USB storage
The USB storage that switching controls software in the main frame connects the switching controls switch is regarded the storage area of a linearity as, adopts physical address to carry out addressing and read-write.Get a particular storage in USB storage, first sector as USB storage is used to deposit the read-write pointer information as the boot section, and other storage unit is organized into annular chain meter.When data need access, read the boot section earlier and determine current read-write pointer position, do real read-write operation again, move the read-write pointer at last and upgrade boot section information.Program can judge whether USB storage is empty or has filled up by the relative position of relatively reading and writing pointer.Because the content when equipment has just been started working in the boot section is at random, therefore must before beginning, operate as normal carry out initialization to content wherein.Different independently two sections memory blocks, address of dividing of direction according to transmission make two main frames independently finish initialization operation.It is normal that one side's initialization operation causes the loss of data of write store, does like this to adapt to the demand that begins operate as normal after main frame restarts.
4) main frame is to the read-write of USB storage
Read-write call function and device initialize function are the unique channels of host access USB storage.Reading function and write function all must employing obstruction mode.Switching controls software has been opened read-write interface and device initialize function for upper-layer protocol software.Because the management the memory location of data carried out of switching controls software,, only need to use the read-write call function to provide or to obtain the datagram of fixed size just passable to bottom so the upper-layer protocol software in the main frame needn't be concerned about the place of depositing of data again.Simultaneously, upper-layer protocol software needn't be concerned about also whether underlying device connects, and it can at any time call read, and just it can block when underlying device does not connect.
Major advantage of the present invention has: adopt based on the data isolation switched transmission method ratio of usb bus more convenient based on the similar approach of buses such as SCSI, IDE, cheap and efficient.This method can constitute general two host datas isolation switching transmission platforms by isolating the cooperation of switching hardware system and switching controls software, this platform can carry out the data transmission of real-time, two-way, orderly and zero defect under the situation that two main frame direct link disconnect, can develop various safety based on this platform and isolate and Information Exchange System, realize the security information exchange under data isolation is switched between the different trust domain of network.
Description of drawings
The functional block diagram of Fig. 1 the inventive method implementation system
The fundamental diagram of Fig. 2 switching controls switch of the present invention
Fig. 3 switching controls software block diagram of the present invention
Embodiment
Technical solution of the present invention will be further described below in conjunction with accompanying drawing.
As shown in Figure 1, the functional block diagram of the inventive method implementation system comprises: two main frames with USB interface, the switching controls switch has the USB storage of USB interface.Two main frames are connected with the switching controls switch by usb bus, and the switching controls switch also is connected by usb bus with USB storage.The switching controls switch switches USB storage by the control of electronic switch and is connected with two main frames, makes any time have only a main frame to read and write USB storage.
As shown in Figure 2, the fundamental diagram of switching controls switch of the present invention.Two USB interface link to each other with on-off circuit respectively, connect main frame by usb bus, and on-off circuit is connected with the USB storage with USB interface (can select the USB portable hard drive) by the 3rd USB interface.Like this, USB storage links to each other with two main frame USB interface by on-off circuit, and conducting at a time is whether by the control signal decision of on-off circuit.Control signal obtains after producing original signal process counter frequency division by crystal oscillator, will fix on 1.2s (maximum time of being detected USB device by system adds an amount of access time decision) signal period and can obtain the transmission that the shortest switching cycle is supported usb bus.Select for use suitable frequency divider to facilitate for the modification of later circuit switching time.The cycle square wave that produces by counter can be opened the switch of first USB interface and the 3rd USB interface just at positive half period, negative half-cycle is opened the switch of second USB interface and the 3rd USB interface, and the two control signal is mutual exclusion.Switch was that 1 time slot switches with 0.6 second, switch the data line in the break-make usb bus, can guarantee the exclusive reference of two main frames like this to USB storage, have only a main frame to conduct interviews at any time, and the link of another main frame and USB storage disconnect to USB storage.In addition, can realize the pressure of first USB interface is hung up by a keyswitch is set.The level signal that is derived from keyswitch is with logic gate and the common control that constitutes switch chip of prime signal: when pressing switch, the high level that comes from keyswitch can mask the control signal of prime frequency divider by logic gate, makes the switch conduction of the 3rd USB interface and second USB interface and disconnects with the switch of first USB interface.
Switching controls software in the main frame is to isolate switching hardware as device driver for other process visits interface is provided.With the example that is embodied as in the LINUX system, the switching controls software inhouse can be divided into the registration of equipment and cancellation, be the open calling interface in upper strata, protocol conversion and four parts of transmission operation that the relation of various piece as shown in Figure 3.Switching controls software will be isolated switching hardware system (switching controls switch and USB storage) and be invented a character device, its device file is called/dev/sgap, upper-layer protocol software can use read, write system call access means, call read, it provides or accepts the datagram of fixed size at every turn.When the user carries out read-write operation to character device, can call the read that defines in the character device file_operations structure respectively.Attention will isolate switch hardware system as character device but not block device handle and can drive magnetic head easily and carry out reading and writing data, and accelerate response speed.
Foundation or the release of isolating necessary resource when switching the hardware system insertion or extracting main frame is mainly finished in the registration of equipment and cancellation.It is pointed out that the process that this part is inserted for the first time to equipment and insertion is after this handled is different, when detecting the equipment insertion system for the first time, need carry out the distribution of resource.Program can judge for the first time still be after this insert action by the guid value of computing equipment.For making user's attitude program isolate the switching hardware system by the system call visit, the open calling interface in upper strata becomes possibility.Upper-layer protocol software can use read, write system call visit USB storage, read-write operation all the obstruction mode realize.Protocol conversion is converted to the usb protocol order with read-write operation, and submits to the transmission operational processes.The read-write of data to USB storage mainly finished in the transmission operation, and operation mainly sends packets of information according to Control and Bulk transport-type to the USB system software.The function that uses during transmission is the systems programming interface that the USB system software provides.The USB system software is meant the software that is used for supporting usb protocol in a specific operation system, and it provides unified systems programming interface SPI to client software, helps the upper access USB device.For guarantee under switch instances, to carry out the zero defect read-write to USB storage at every turn, need in program, set timer, the size of predicting excess time according to the length of switching time slot after at every turn switching acquisition read-write USB storage access limit then stops the transmission order if the size of excess time is not enough to finish a read-write operation.Generally need reserve 0.3 second guard time at least.Assurance on light is free is not enough to realizing that fully reliable orderly read-write channel is still, so the mechanism of wrong recovery also in the program.Bottom operation is finished Shi Douhui and is obtained rreturn value each time, and whether program can successful by the rreturn value decision operation.If unsuccessful, the program relevant content of can reforming automatically when then obtain the USB storage access limit next time.
The tissue of data in USB storage is counted as the annular chain meter that is formed by the storage unit linear array.The following global variable of definition in switching controls software: variable ch_size has write down the size of a transmission channel, and variable pk_size has write down the size of a packet, and they are unit with 512 bytes all.Input channel for certain direction, variable i n_ch represents channel number, the packet sum that variable i n_nr representative obtains from input channel, variable i n_rpos represents the position of current input channel read pointer, and variable i n_wpos represents the position of current input channel write pointer.Output channel and input channel are identical to the meaning of dependent variable representative.Switch hardware system swap data between two main frames by isolating, the modification that one end main frame is done channel content must allow the main frame of the other end know, therefore being necessary for each passage increases a guidance information district (boot district), is used to deposit the read-write pointer information.Can obtain correct read and write position according to following method:
The position of first storage unit of ■ transmission channel
In_ch*ch_size or out_ch*ch_size;
The position in ■ guidance information district
(in_ch+1) * ch_size-1 or (out_ch+1) * ch_size-1;
There are not data to read in the ■ transmission channel
in_rpos==in_wpos;
There is not the space store data in the ■ transmission channel
out_rpos-pk_size+ch_size-1==out_wpos||out_rpos-pk_size==out_wpos;
The inventive method is through the concrete enforcement of system prototype, but is proved to be line stabilization, and it has avoided the design of complicated scsi device and to the control of SCSI bus, and is cheap, realized isolating between two main frames the data transmission of switching efficiently.
Claims (5)
1, a kind of data isolation switched transmission method based on usb bus, it is characterized in that, adopt to isolate switching hardware system realizes carrying out time slot in turn and switching connecting twin-engined usb bus, isolate the switching hardware system and comprise switching controls switch and USB storage, have only when the switching controls switch is communicated with USB storage and main frame and just by main frame USB storage is read and write, any time has only a main frame that USB storage is read and write; Come detector switch break-make situation by the switching controls software in the main frame, guarantee to have only when USB storage is connected on the main frame and just it is carried out read-write operation, and by organization and management to data in the USB storage, between two main frames, set up a data double-way transmission channel, carry out real time bidirectional data switching transmission in the two main frames that are equipped with the usb bus interface thereby be implemented in.
2, the data isolation switched transmission method based on usb bus according to claim 1 is characterized in that, described switching controls switch is specific as follows:
The switching controls switch connects two main frames by two USB interface respectively with usb bus, two interfaces all are connected on the switching controls switch, the other end of switch is connecting a USB storage, at any time, the control of switching controls switch has only a main frame to be connected with USB storage, the switching controls switch is set on the usb data line, and it is equivalent to the insertion of USB storage to the break-make of usb data line and extracts.
3, the data isolation switched transmission method based on usb bus according to claim 1 is characterized in that, described switching controls software detection switch on and off situation is specific as follows:
Connecting if USB storage is current; then accessing operation is normally carried out; otherwise accessing operation is delayed execution; the read-write process gets clogged; for guaranteeing correct read-write to data; must predict some switching time of switch according to the switching controls switching frequency; guarantee data write by this time reservation read-write protection and error recovery mechanisms; the promptly each rreturn value that detects read-write operation of error recovery mechanisms; if read-write operation is failed, then when obtain read-write USB storage authority next time, read and write the content of malloc failure malloc last time again.
4, the data isolation switched transmission method based on usb bus according to claim 1 is characterized in that, the tissue of described data in USB storage is specific as follows:
The USB storage that switching controls software in the main frame connects the switching controls switch is regarded the storage area of a linearity as, adopt physical address to carry out addressing and read-write, in USB storage, get a storage unit, be used to deposit the read-write pointer information as the boot section, other storage unit is organized into annular chain meter, when data need access, read the boot section earlier and determine current read-write pointer position, do real read-write operation again, move the read-write pointer at last and upgrade boot section information, program judges by the relative position of relatively reading and writing pointer whether storer is empty or has filled up, independently two sections memory blocks, address are divided according to the direction of transmission in the boot section, and two main frames must independently be finished initialization operation.
5, the data isolation switched transmission method based on usb bus according to claim 1 is characterized in that described main frame is to the read-write of USB storage, and is specific as follows:
Switching controls software has been opened read-write interface and device initialize function for upper-layer protocol software, and read-write call function and device initialize function are that the unique channel of switching hardware system is isolated in host access, read function and write function all to adopt the obstruction mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB200410017023XA CN1294504C (en) | 2004-03-18 | 2004-03-18 | Data separation switching transmitting method based on USB bus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB200410017023XA CN1294504C (en) | 2004-03-18 | 2004-03-18 | Data separation switching transmitting method based on USB bus |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1564142A CN1564142A (en) | 2005-01-12 |
| CN1294504C true CN1294504C (en) | 2007-01-10 |
Family
ID=34478729
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB200410017023XA Expired - Fee Related CN1294504C (en) | 2004-03-18 | 2004-03-18 | Data separation switching transmitting method based on USB bus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1294504C (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100696111B1 (en) | 2005-07-15 | 2007-03-20 | 삼성전자주식회사 | Communication system |
| CN101404580B (en) * | 2008-11-07 | 2010-12-22 | 江苏科技大学 | Data isolation method with self-checking ability |
| CN101697180B (en) * | 2009-11-06 | 2012-07-04 | 深圳市优特普科技有限公司 | Computer data communication isolation management system and data monitoring method |
| CN102117182B (en) * | 2009-12-31 | 2013-09-04 | 联想(北京)有限公司 | Multi-hardware system data processing equipment and storage equipment switching method thereof |
| CN101901559B (en) * | 2010-07-30 | 2011-12-28 | 中国船舶重工集团公司第七0九研究所 | Safety control method for USB (Universal Serial Bus) interface |
| CN102685119A (en) * | 2012-04-28 | 2012-09-19 | 上海杰之能信息科技有限公司 | Data transmitting/receiving method, data transmitting/receiving device, transmission method, transmission system and server |
| CN104361277A (en) * | 2014-10-22 | 2015-02-18 | 成都卫士通信息产业股份有限公司 | Identity authentication module and method for USB interface equipment |
| CN108959153B (en) * | 2018-08-01 | 2021-04-06 | 广州视源电子科技股份有限公司 | All-in-one machine, data continuous transmission method, device, equipment and storage medium |
| CN111125801A (en) * | 2019-12-27 | 2020-05-08 | 北京安天网络安全技术有限公司 | USB-based automatic switching one-way remote file transmission method and device |
| CN113094319B (en) * | 2021-03-25 | 2022-11-25 | 成都普沛科技有限公司 | System and method for synchronously controlling one-way data transmission between two hosts |
| CN115146323B (en) * | 2022-07-13 | 2023-03-10 | 成都麦动信息技术有限公司 | Data interaction safety device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2520526Y (en) * | 2001-12-21 | 2002-11-13 | 钱跃良 | Network computer and personal computer dynamic switching device |
| CN1412677A (en) * | 2001-10-15 | 2003-04-23 | 英业达股份有限公司 | Control system of high density server peripheral equipment |
| US6675250B1 (en) * | 2001-02-13 | 2004-01-06 | Cisco Technology, Inc. | Fault tolerant communications using a universal serial bus |
-
2004
- 2004-03-18 CN CNB200410017023XA patent/CN1294504C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6675250B1 (en) * | 2001-02-13 | 2004-01-06 | Cisco Technology, Inc. | Fault tolerant communications using a universal serial bus |
| CN1412677A (en) * | 2001-10-15 | 2003-04-23 | 英业达股份有限公司 | Control system of high density server peripheral equipment |
| CN2520526Y (en) * | 2001-12-21 | 2002-11-13 | 钱跃良 | Network computer and personal computer dynamic switching device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1564142A (en) | 2005-01-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1294504C (en) | Data separation switching transmitting method based on USB bus | |
| CN100471156C (en) | Data bus bridge and its working method | |
| CN104794028B (en) | A kind of disaster tolerance processing method, device, primary data center and preliminary data center | |
| JP4107083B2 (en) | High-availability disk controller, its failure handling method, and high-availability disk subsystem | |
| CN101267361B (en) | A high-speed network data packet capturing method based on zero duplication technology | |
| US7600157B2 (en) | Recovering from a failed I/O controller in an information handling system | |
| CN103744790A (en) | Smart scalable storage switch architecture | |
| CN106201332A (en) | Drive Array Policy Control | |
| JP2007128437A (en) | Disk array device and path fault detection method thereof | |
| JP2006302287A (en) | Redundant i/o interface management | |
| US20090300308A1 (en) | Partitioning of a Multiple Logic-Unit-Number SCSI Target | |
| CN102681699A (en) | System and method for realizing keyboard video mouse remote management | |
| CN117278890B (en) | Optical module access method, device and system, electronic equipment and readable storage medium | |
| CN109946955A (en) | A kind of double-network redundant ethernet controller Linux trawl performance controller | |
| CN110692058B (en) | Auxiliary storage device for providing independent backup and recovery functions and equipment suitable for auxiliary storage device | |
| CN104170307B (en) | Failover methods, devices and systems | |
| CN113911169A (en) | Computer interlocking system for quickly switching execution representation layer and switching method thereof | |
| CN1333333C (en) | Code flow broadcast card and driving method of code flow collection card | |
| CN107294759A (en) | server system and data access method | |
| US6970961B1 (en) | Reliable and redundant control signals in a multi-master system | |
| CN1204500C (en) | DMA controller and DMA control method | |
| CN101101558B (en) | Method and system for initialization after a power interruption | |
| CN107423167A (en) | A kind of ISCSI target redundancy control methods and system based on dual control storage | |
| CN2582282Y (en) | Physical isolation equipment for network safety | |
| CN1532701B (en) | System for maintaining system stability while storage is unstable and storage control method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070110 Termination date: 20140318 |