CN1964272B - A method and device to safely exchange computer data - Google Patents
A method and device to safely exchange computer data Download PDFInfo
- Publication number
- CN1964272B CN1964272B CN2005101012721A CN200510101272A CN1964272B CN 1964272 B CN1964272 B CN 1964272B CN 2005101012721 A CN2005101012721 A CN 2005101012721A CN 200510101272 A CN200510101272 A CN 200510101272A CN 1964272 B CN1964272 B CN 1964272B
- Authority
- CN
- China
- Prior art keywords
- data
- security switch
- files
- file
- exchange
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The provided safe data exchange method comprises: setting a safe data exchange device between the inner computer system and external network system; keeping the device to connect with one of inner computer and external system. This invention ensures data transmission and exchange.
Description
Technical field
The present invention relates to network security product, saying so exactly is applied to method and the device of guaranteeing the exchange computer data that information security accurately exchanges between computer system and the network information exchange.
Background technology
The application of network brings great convenience for our present life and work; For example information transmission timely, E-Payment; But because there are many potential safety hazards in the Internet, secret department of China country require government's office net must with the Internet physical isolation, though this has guaranteed the fail safe of internal network; But how to guarantee between two networks, to carry out safety, rapidly, exchanges data exactly, just become a problem demanding prompt solution.At present, general unit method in common is exactly the artificial instrument that uses floppy disk as exchange files between the intranet and extranet, in case the maximum limitation of this method is exactly that file is bigger, surpasses the memory space of floppy disk, just has no idea to have utilized the floppy disk swap data.
For this reason, as the improvement with the floppy disk swap data, some users' considerations are coiled with the bigger USB of capacity and are replaced floppy disk; Though this has solved the problem of the memory space of data to a certain extent, artificial data exchange ways has a lot of operation inconvenience, need file repeatedly be shifted; Also need arrive on the appointed equipment and just can transmit; And, can't manage the bad identification of responsibility out of joint concentratedly because exchange files is to disperse to carry out; Operating personnel's business or technical merit uneven can cause the examination of the data content that exchanged wide sternly immoderately, and misoperation is wayward; And the most important thing is that it can't accomplish regularly automatically to accomplish exchange files work, aspect the renewal of the E-Government that needs the frequent exchange data, webpage, obviously not good, a ripe solution.
Recently some companies have also released one after another and have solved the package of exchange files between isolation network or visit; As utilize and isolate fire compartment wall and add that some supplementary meanss such as intrusion detection carry out the exchanges data between the intranet and extranet; But because there is the possibility of being attacked in the switching plane of himself; Simultaneously, because the defective in its design, the trojan horse program of some particular design also possibly stolen sensitive information through this type systematic.
Summary of the invention
In order to solve the problem that exists in the available data exchange process; The invention provides a kind of method and device of safely exchange computer data; This method and device can connect complete physics with inner and outside network and cut off, and can carry out transfer of data and the exchange between the two effectively.
Another object of the present invention provides a kind of computer data switching method and device that can only exchange the safety of specific data; This method and apparatus can be provided with unique identity authorization system; Prevent inadvertent disclosure, make existing virus and the hacker can't the attacking network switching plane.
The present invention is achieved in that
A kind of method of safely exchange computer data; Computer system has embedded computer system and external network system; It is characterized in that between embedded computer system and external network system, being provided with can be with the data security switch of the complete physics partition of said two devices, and the exchanges data step is:
A log-on data secure exchange device,
B data security switch connects embedded computer system, and at this moment, the data security switch only is connected with embedded computer system,
C selectes the data that need exchange, and it is transferred to the data security switch,
The d interruption is connected with embedded computer system,
E connects the external network system,
F arrives the external network system with transfer of data,
G interrupt data secure exchange device is connected with the external network system.
The exchanges data of external network system during to embedded computer system, the steps include:
A data security switch connects the external network system, and (this moment, it was connected with the external network system),
B selectes the data that need exchange, and it is transferred to the data security switch,
The c interruption is connected with the external network system,
D data security switch connects embedded computer system
E arrives embedded computer system with transfer of data,
F interrupt data secure exchange device is connected with embedded computer system.
Described embedded computer system need be when outside network system swap data, earlier the legitimacy of the data that exchange to this device is carried out authentication, and this device restarted after authentication finished; Carry out exchanges data, after exchanges data was accomplished, the data security switch emptied its data of storing immediately; Retrieval has or not the data of external network system need exchange to embedded computer system then; If have, the data of required exchange are sent to the data security switch, and the data that exchange to this device are carried out the legitimacy authentication; Restart this device after the authentication, again transfer of data is arrived embedded computer system.
Operating system and application program that described control data secure exchange device starts and carry out exchanges data are solidificated in this device.
Describedly can carry out encryption to the transmission of data, the data security switch is only deciphered transmission to the data of carrying out correct encryption, and other is not encrypted or encrypt incorrect data deletion.
The legitimacy authentication information of above-mentioned transfer of data is stored in the particular memory region of data security switch, and each startup can only be discerned once.This information does not externally all have backup on any computer in network system and the embedded computer system, makes and has only just qualified swap data of authorized user.
A kind of device of safely exchange computer data; Computer system has embedded computer system and external network system, and it is characterized in that between embedded computer system and external network system, being provided with can be with the data security switch of the complete physics partition of said two devices.
Be provided with the hard card that solidifies its operating system and application program in the described data security switch.
Described when embedded computer system employing internal network server, when the external network system adopted external network server, the data security switch can adopt the secure exchange server; When embedded computer system adopted independent computer, the data security switch can be set to independently hard disk, and the hard card that solidifies its operating system and application program directly is plugged in the PC slot of computer.
Described this device also is provided with guarantees the accurately encrypting and decrypting module of transmission of data.
Described this device can also wooden horse be set and unknown virus stops module, and to carrying three kinds of data files of wooden horse or virus: the script file of the word file of executable file, portability macrovirus, browser capable of using or VB operation is provided with interception.
Leak the classified information in the embedded computer system unintentionally for preventing the user; This device can also be provided with keyword inspection module; The user can be provided with the keyword message that needs inspection as the case may be voluntarily, before the data of needs exchange are encrypted, automatically the data file is carried out keyword search; Can transmit according to setting refusal the file that includes keyword, retransfer after perhaps pointing out the user to examine.
Described this device also can be provided with the information audit module, through this module being set, data directory in the time of can writing down swap data, the transmission situation of understanding data file.
Core of the present invention is to utilize the transition instrument of an intermediate data secure exchange device as exchanges data; This device is a platform with single-threaded operating system; Utilize procotol to be connected with embedded computer system that NT or WINDOWS2000SERVER version are installed or external network system (the normally webserver); Then with these servers in the appointment Shared Folders set up network and hint obliquely at, at last the data of desire exchange are carried out swap operation.In exchange process; This intermediate data secure exchange device all the time only with embedded computer system, external network system in a maintenance be connected; Guarantee it whenever all is physically-isolated between embedded computer system and the external network system; And can carry out transfer of data and the exchange between the two effectively, the present invention is applicable to the exchanges data of any computer of embedded computer system or many computer realization and external network system.
This method and apparatus can be provided with unique identity authorization system, prevents inadvertent disclosure, makes existing virus and the hacker can't the attacking network switching plane.
Description of drawings
Fig. 1 connects the structural representation of the inside and outside webserver for the present invention,
Fig. 2 carries out the control flow chart of exchanges data for the present invention,
Fig. 3 is the circuit diagram of PCI plug-in card of the present invention,
Fig. 4 is the circuit diagram of RJ45 mouth.
Embodiment
As shown in Figure 1, inner computer system is to connect through interior network server, and the external network system connects through outer network server, and the secure exchange server that carries out exchanges data is set in the middle of the two.The secure exchange server is provided with the hard card that solidifies its operating system and application program, and promptly this secure exchange server mainly is integrated on the PC server by a PCI plug-in card (its structure is as shown in Figure 3) and forms, and it is used for accomplishing following work:
(1) when startup of server, can automatically perform boot on the card,
(2) this PCI plug-in card should provide the above memory space of 4M with deposit operation system and application program at least,
(3) can dos operating system be embedded in the card, and get into dos operating system as boot guidance system behind startup of server,
(4) provide flexible method to write and revise the application program on the card,
(5) the program memory space on the card can be arranged to readable writing or read-only mode with the hand switch mode as required,
(6) on the card special area is set, these regional data must can read through special calling, and can only read once after the system start-up, and this zone is used for depositing sensitive datas such as networking information, encrypted ones,
(7) this PCI plug-in card integrated network card function, and two RJ45 mouths are arranged, as shown in Figure 4, connect intranet and extranet respectively, get into the intranet and extranet signal physical isolation in the card, by software control network interface card and which bar network line communication.
Also be provided with encrypting and decrypting module, wooden horse and unknown virus on the secure exchange server and stop module, keyword inspection module, information audit module, to strengthen the strick precaution to virus and external hacker, accuracy, the security management of transmission information.
The secure exchange server is built-in to be solidificated in the dos operating system and all application programs on the hard card, and the hard disk on this server initially has no file in start, only is used for swap data.The data that exchanged can be accomplished exchange automatically through prior setting.
After the system hardware connection finishes; The switch that is provided with of secure exchange server is set; Connect its power supply; System can automatically get into be provided with the interface, content is set comprises: Intranet domain name and machine name, Intranet PWL file password, outer net domain name and machine name, external user name, outer net PWL file password, interior network server send data directory, interior network server and receive data directory, Intranet and send Data Filename characteristic, file encryption password, outer network server and send data directory, outer network server and receive data directory, outer net and send Data Filename characteristic, outer net and mail to intranet data and whether encrypt, receive intranet data running time, receive the outer net data run time.
After above-mentioned parameter had been set, the system of secure exchange server was retained in the specific zone after this partial information is encrypted, and this zone is read-write being provided with under the state, but under swap status, can only read and can not write; After accomplishing the reservation of above-mentioned information, just can carry out data exchange operation.
The software section of switching system mainly is made up of three parts such as authenticating user identification, exchange files and information audits, and it is designed to basically:
(1) file that will carry out exchange files is called authentication module earlier and with the password that has only authorized user just to know it is encrypted, the document storage after the encryption sends catalogue in the appointment of server.
(2) swap server regularly is communicated with inside and outside two servers respectively, after the connection, with the Data Receiving catalogue of the file copy in the hard disk in the interior or outer server, deletes the All Files in the hard disk earlier.
(3) All Files that sends in the data directory in the interior or outer server is copied to swap server.
(4) break off network and connect, with the file decryption in the hard disk, deletion is with the file of wrong password encryption.
(5) restart swap server, be connected, repeat above work with the another one webserver.
Below we introduce the implementation method of these three parts respectively:
(1) authentication part:
We are through encrypting with the password of user's input file; The password of setting with the keeper is then encrypted; Judge then the method whether two files conform to judges whether a file is legal swap file, selecting for use and we have considered following problem during the design document AES:
The intensity of encrypting is high, is difficult for being cracked by hacker and trojan horse program.
Enciphering rate is fast.
The file encryption password is not present in any station server and client to file encryption, is not present in encrypt file itself yet, but encrypt file is when arriving intermediate server, and the deciphering module of intermediate server should be able to judge whether this encrypted ones is correct.
For the purpose of safety; At the Intranet end to the encryption of file and slightly different to its processing procedure of file encryption from the outer net end: during in Intranet; The file that the user will exchange away at first should guarantee to carry classified information; In order to prevent that the user from divulging a secret unintentionally, before to file encryption, system can at first call content inspection module this document is carried out the keyword inspection.And when the outer net end, what at first should consider is to exchange into whether the file of Intranet contains virus, and therefore, system can call virus checker this document is carried out virus checking before exchange.
(2) exchange files part:
This part operates on the swap server, mainly accomplishes the work of following aspect:
The hardware of control swap server is connected with the network of appointment.
Read control information from the specific region.
User with appointment signs in to corresponding server.
With the specified server swap data.
Break off network, with the deciphering of the data file in the hard disk, deletion is with the file of wrong password encryption.
Restart server.
Below we introduce the above realization situation of introducing each several part respectively.
A. be connected with various network and be to realize through the pci card that the front is introduced; This card can be provided with network connection state through an interrupt call; But only after machine restarted, this was provided with just and can comes into force, and guaranteed that like this one-shot of server can only connect a network.
B. at swap server with after interior or outer network server is connected, swap server signs in to interior or outer network server with the user of appointment with the NETBUI agreement.
C. be used for respectively setting up two share directories on the interior or outer network server of swap data, be used separately as and send data and receive data.At swap server with after this server is connected; Swap server at first (is initially sky with all data in its hard disk; All be from the transmission catalogue of another one server, to duplicate to obtain later on) copy in the reception data directory; All Files in the deletion hard disk duplicates All Files in the hard disk of swap server then, and in internal memory, sets up the table of file name of these files from send data directory.
D. because native system adopts is the operating system and the application program of solidifying; Therefore unique function of hard disk is used for depositing swap file exactly on the intermediate server; That is to say on the hard disk that except depositing the data file that will exchange, other any file all is illegal data.Utilize this characteristics, in the exchange files process, we can carry out validity checking to the All Files in the hard disk, guarantee to have only the file that will exchange to be exchanged out.After All Files in sending catalogue copies to hard disk, break off network from hardware, this moment, specially designed hardware not permission system reconnected any one network before restarting, and at this moment, intermediate server becomes the stand-alone environment of a sealing.We just can adopt the method for a kind of being similar to " killing of dog behind closed doors " to check whether there is invalid data in the hard disk afterwards.At first All Files in the hard disk and the table of file name that before had been based upon in the internal memory are compared, all not files in table of file name are not the files of being come by system copies, and we assert that it is an invalid data, with its deletion.Then the All Files in the hard disk is carried out decryption processing; Have only the file of correct encryption finally to be retained on the hard disk; Whether final system also can be checked the script file of the word file of executable file, portability macrovirus, IE browser capable of using or VB operation according to keeper's setting decision, to prevent that trojan horse program from being exchanged.
E. set the network state that next time starts, restart computer, repeat with cocycle.
Whether (3) information audit part: audit software operates in the server end that is used for sending and receiving data, is used to write down all and carries out the operation of file read-write to sending data directory, write down this document simultaneously and successfully exchanged by document exchange system.In addition, this system also generates a cryptographic operation log sheet based on the information of swap server passback, and whether make things convenient for the client user to inquire about its file transfer operation successful.This software may operate under NT and the WINDOWS 2000 SERVER end.
As shown in Figure 2, the detailed process of exchanges data is following:
1. the secure exchange server system is connected it with interior network server, isolates with outer network server simultaneously;
2. get into DOS after the said system self check finishes, automatically perform the systems exchange program;
3. at first reading system is provided with information from the specific region; Read should the zone after finishing before system restart, all be not read-write together with system; System all reads this area information earlier behind so each startup of server, has guaranteed the safety of the information that is provided with effectively;
4. the secure exchange server system uses the user name that is provided with in the information to be connected to the specified domain of interior network server;
5. on the hard disk of said system inspection secure exchange server free of data is arranged, its appointment that copies to interior network server is received catalogue, delete all data on the hard disk then,, carry out next step operation if do not have if having;
6. said system specifies all data that transmit in the data directory to copy in the hard disk of secure exchange server interior network server, and transmission is preceding with all data encryptions;
7. disconnection is connected with the network of Intranet, after this before restarting, does not allow the secure exchange server to be connected with any end of Intranet, outer net;
8. the data on the inspection secure exchange server hard disc confirm that all data on the hard disk are that switching system reads from the appointed area, and to not being the data that above-mentioned channel exchange comes, system thinks illegal, will automatically it be deleted from hard disk;
9. the data on the above-mentioned hard disk are deciphered; Character string (normally 8 bytes) and the length information (4 bytes) of file and preceding 8 bytes of file with the fixed password encryption; And the Crypted password of appointment is set in the information deciphers; System uses preceding 8 bytes of fixed password declassified document earlier; Judge that then whether with before encrypting file size meets; If do not meet, then generation error daily record, and deletion this document; The designated pin that from information is set, obtains of system is deciphered file then; With 8 byte datas obtaining after the deciphering with by 8 byte datas that obtain after the fixed password deciphering relatively, if identical, then think correct encrypt file; Otherwise deletion this document, and generation error daily record;
10. the data after the deciphering are carried out the file structure inspection; Confirm whether it is the word file of executable file, portability macrovirus, the script file that can utilize IE browser or VB to allow; And, confirm whether to delete above this part type file based on prior setting;
Link to each other 11. the network of secure exchange server connected to be made as with outer network server, make after the secure exchange server restarts to link to each other with outer network server automatically;
12. check system is waited for as if then continuing less than the time that appointment in the information is set from starting to present total permission time, otherwise restarting systems;
13. the secure exchange server links to each other with outer network server, and isolates with Intranet;
The back gets into DOS 14. the said system self check finishes, and automatically performs the systems exchange program;
15. reading system is provided with information from the specific region;
16. the secure exchange server system uses the user name that is provided with in the information to be connected to the specified domain of outer network server;
17. data on the hard disk of said system inspection secure exchange server, and, delete all data on the hard disk then with its appointment reception data directory that copies to outer network server;
18. if, behind the last EOS data that will exchange in the outer net are copied to the hard disk of secure exchange server, and delete the original data on the hard disk automatically there are data need exchange to Intranet on the outer network server;
19. the secure exchange server restarts again then, and transfer of data is arrived Intranet.
Claims (8)
1. the method for a safely exchange computer data; Computer system has embedded computer system and external network system; It is characterized in that between embedded computer system and external network system, being provided with can be with the data security switch of the complete physics partition of said two devices; The authentication information of transfer of data is stored in the particular memory region of data security switch, and each startup can only be discerned once; The data security switch mainly is integrated on the PC server by a PCI plug-in card to be formed, and the exchanges data step is:
A log-on data secure exchange device can automatically perform the boot on the PCI plug-in card during PC startup of server,
B data security switch connects embedded computer system,
The selected data that need exchange of c; Read information from particular memory region and carry out authentication; Through file is encrypted with the password of user input respectively, and encrypt, judge that then the method whether two files conform to judges whether a file is legal swap file with the password that the keeper sets; And it is transferred to the data security switch
The d interruption is connected with embedded computer system,
E data security switch connects the external network system,
F arrives the external network system with transfer of data; Externally network system be used for respectively set up two share directories on the PC server of swap data; Be used separately as and send data and receive data, with after external network is connected, the data security switch at first copies to all data in its hard disk in the reception data directory at the data security switch; All Files in the deletion hard disk; From send data directory, duplicate All Files in the hard disk of data security switch then, and in internal memory, set up the table of file name of these files
The g exchanges data is accomplished being connected of back interrupt data secure exchange device and external network system, and setting is the network state of startup next time, restarts computer.
2. the method for safely exchange computer data as claimed in claim 1 when it is characterized in that exchanges data with the external network system is to embedded computer system, the steps include:
A data security switch connects the external network system,
The selected data that need exchange of b; Carry out authentication; Through file is encrypted with the password of user input respectively, and encrypt, judge that then the method whether two files conform to judges whether a file is legal swap file with the password that the keeper sets; And it is transferred to the data security switch
The c interruption is connected with the external network system,
D data security switch connects embedded computer system,
E arrives embedded computer system with transfer of data; The internal network system be used for respectively set up two share directories on the PC server of swap data; Be used separately as and send data and receive data, with after internal network is connected, all data that the data security switch at first will receive copy in the reception data directory at the data security switch; All Files in the deletion hard disk; From send data directory, duplicate All Files in the hard disk of data security switch then, and in internal memory, set up the table of file name of these files
F interrupt data secure exchange device is connected with embedded computer system, sets the network state that next time starts, and restarts computer.
3. according to claim 1 or claim 2 the method for safely exchange computer data after it is characterized in that sending All Files in the catalogue and copying to hard disk, is broken off from hardware and to be connected.
4. according to claim 1 or claim 2 the method for safely exchange computer data; It is characterized in that in the exchange files process; At first All Files in the hard disk and the table of file name that before had been based upon in the internal memory are compared, all not files in table of file name are not the files of being come by system copies; Be invalid data, with its deletion; Then the All Files in the hard disk is carried out decryption processing, have only the file of correct encryption finally to be retained on the hard disk.
5. the device of a safely exchange computer data; Computer system has embedded computer system and external network system; It is characterized in that between embedded computer system and external network system, being provided with can be with the data security switch of the complete physics partition of said two devices; The authentication information of transfer of data is stored in the particular memory region of data security switch, and each startup can only be discerned once; The data security switch is the secure exchange server, and the secure exchange server mainly is integrated on the PC server by a PCI plug-in card to be formed;
The PCI plug-in card is provided with network connection state through an interrupt call, but only after machine restarts, this is provided with just and can comes into force;
To the selected data that need exchange; The data security switch connects embedded computer system; Earlier read information and carry out authentication, through file is encrypted with the password of user's input, and encrypt with the password that the keeper sets from particular memory region; Judge then the method whether two files conform to judges whether a file is legal swap file, and it is transferred to the data security switch; This device restarted after authentication finished, and interruption is connected with embedded computer system, carries out exchanges data;
Transfer of data is arrived the external network system; Externally network system be used for respectively set up two share directories on the PC server of swap data, be used separately as and send data and receive data, at the data security switch with after external network is connected; The data security switch at first copies to all data in its hard disk and receives in the data directory; All Files in the deletion hard disk duplicates All Files in the hard disk of data security switch then, and in internal memory, sets up the table of file name of these files from send data directory; Again transfer of data is arrived external computer system; Exchanges data is accomplished being connected of back interrupt data secure exchange device and external network system, and setting is the network state of startup next time, restarts computer.
6. the device of safely exchange computer data as claimed in claim 5; It is characterized in that when embedded computer system adopts independent computer; The data security switch is set to independently hard disk, and the hard card that solidifies its operating system and application program directly is plugged in the PC slot of computer.
7. the device of safely exchange computer data as claimed in claim 5 is characterized in that this PCI plug-in card integrated network card function, and two RJ45 mouths is arranged, and connects intranet and extranet respectively, gets into the intranet and extranet signal physical isolation in the card.
8. the device of safely exchange computer data as claimed in claim 7; It is characterized in that on this PCI plug-in card a special area being set; These regional data must can read through special calling; And can only read once after the system start-up, this zone is used for depositing networking information, encrypted ones sensitive data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2005101012721A CN1964272B (en) | 2005-11-09 | 2005-11-09 | A method and device to safely exchange computer data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2005101012721A CN1964272B (en) | 2005-11-09 | 2005-11-09 | A method and device to safely exchange computer data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1964272A CN1964272A (en) | 2007-05-16 |
| CN1964272B true CN1964272B (en) | 2012-01-04 |
Family
ID=38083178
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2005101012721A Expired - Fee Related CN1964272B (en) | 2005-11-09 | 2005-11-09 | A method and device to safely exchange computer data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1964272B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101697180B (en) * | 2009-11-06 | 2012-07-04 | 深圳市优特普科技有限公司 | Computer data communication isolation management system and data monitoring method |
| CN102065148A (en) * | 2011-01-12 | 2011-05-18 | 无锡网芯科技有限公司 | Memory system access authorizing method based on communication network |
| CN102377697A (en) * | 2011-11-16 | 2012-03-14 | 华为技术有限公司 | Data processing method under condition of network physical isolation |
| CN104967760B (en) * | 2014-10-17 | 2018-07-06 | 北京宇航系统工程研究所 | A kind of digital facsimile system of the operation of the automatic ferry between network is physically isolated |
| CN105787324A (en) * | 2016-02-03 | 2016-07-20 | 周口师范学院 | Computer information security system |
| CN105871902A (en) * | 2016-05-25 | 2016-08-17 | 安徽问天量子科技股份有限公司 | Data encryption and isolation system |
| CN110443038A (en) * | 2019-08-02 | 2019-11-12 | 贵州电网有限责任公司 | A kind of portable ciphering type network security compliance automatic inspection device of desktop terminal |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1421794A (en) * | 2001-11-22 | 2003-06-04 | 何鸿君 | Network safety control equipment based on physical isolation and data exchange monitoring |
| CN1534920A (en) * | 2003-04-02 | 2004-10-06 | 联想(北京)有限公司 | Method of realizing internal external network physical partition and its device |
-
2005
- 2005-11-09 CN CN2005101012721A patent/CN1964272B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1421794A (en) * | 2001-11-22 | 2003-06-04 | 何鸿君 | Network safety control equipment based on physical isolation and data exchange monitoring |
| CN1534920A (en) * | 2003-04-02 | 2004-10-06 | 联想(北京)有限公司 | Method of realizing internal external network physical partition and its device |
Non-Patent Citations (4)
| Title |
|---|
| 张震.物理隔离技术分析及其数据安全转发模型.微计算机应用25 1.2004,25(1),第32-36页正文第1,2节,图1. |
| 张震.物理隔离技术分析及其数据安全转发模型.微计算机应用25 1.2004,25(1),第32-36页正文第1,2节,图1. * |
| 马永杰,刘建平,陈仲明.网际数据隔离器的设计与实现.计算机应用研究 2.2003,(2),第108-110页,正文第3.2节,第4.2节,图1. |
| 马永杰,刘建平,陈仲明.网际数据隔离器的设计与实现.计算机应用研究 2.2003,(2),第108-110页,正文第3.2节,第4.2节,图1. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1964272A (en) | 2007-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6275653B2 (en) | Data protection method and system | |
| KR101522445B1 (en) | Client computer for protecting confidential file, server computer therefor, method therefor, and computer program | |
| US8719956B2 (en) | Method and apparatus for sharing licenses between secure removable media | |
| US7681037B2 (en) | Network connection system | |
| CN1964272B (en) | A method and device to safely exchange computer data | |
| GB2517016A (en) | Secure data storage | |
| KR101387600B1 (en) | Electronic file sending method | |
| CN105827574A (en) | File access system, file access method and file access device | |
| CN107948235A (en) | Cloud data safety management and audit device based on JAR | |
| KR20080005785A (en) | System for preventing access and expose documents in group | |
| JP2009015766A (en) | User terminal, access management system, access management method, and program | |
| JP2014089685A (en) | Data sharing system having safety and execution method | |
| JP2008026925A (en) | File management program | |
| CN2845327Y (en) | Device for computer data switching exchange safely | |
| Loftus et al. | Android 7 file based encryption and the attacks against it | |
| KR100390086B1 (en) | Total system for preventing information outflow from inside | |
| KR101056423B1 (en) | Program Execution Management Method and Record Media Using Logged-In Account Control | |
| KR102405977B1 (en) | System and method for preventing network hacking | |
| CN106534275B (en) | Universal safe and reliable data exchange method | |
| KR100955347B1 (en) | Apparatus and method for information management of terminal | |
| CN2927185Y (en) | Data safety transmission equipment | |
| JP4713916B2 (en) | Data protection service system and data protection method | |
| WO2023140826A1 (en) | Device and methods for protecting computer systems against unauthorized access | |
| CN115987604A (en) | PDF encryption and release method suitable for electronic file | |
| WO2005084177A2 (en) | Secure data management system with mobile data management capability |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: HUANG XIAOGANG Free format text: FORMER OWNER: CHEN HONGXIAN Effective date: 20120720 Owner name: NI ZHIGANG SHU YANG Effective date: 20120720 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 518031 SHENZHEN, GUANGDONG PROVINCE TO: 518000 SHENZHEN, GUANGDONG PROVINCE |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20120720 Address after: No. 2 building 518000 Guangdong city in Shenzhen Province, Futian District Shennan Road, Zhuzilin Jianye Industrial Zone, six layer A Co-patentee after: Ni Zhigang Patentee after: Huang Xiaogang Co-patentee after: Shu Yang Address before: 518031 No. 2006 Shennan Middle Road, Shenzhen, Guangdong, Futian District Patentee before: Chen Hongxian |
|
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20070516 Assignee: Shenzhen Tiptop Information Technology Co., Ltd. Assignor: Chen Hongxian Contract record no.: 2014440020064 Denomination of invention: A method and device to safely exchange computer data Granted publication date: 20120104 License type: Exclusive License Record date: 20140213 |
|
| LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
| ASS | Succession or assignment of patent right |
Free format text: FORMER OWNER: NI ZHIGANG SHU YANG Effective date: 20140929 Owner name: SHENZHEN LIPU MESSAGE TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: HUANG XIAOGANG Effective date: 20140929 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20140929 Address after: Shenzhen Nanshan District City, Guangdong province 518000 Liuxian Avenue No. 1183 Nanshan Valley innovation industrial park landscape building B floor 5 Patentee after: Shenzhen Tiptop Information Technology Co., Ltd. Address before: 518000 Guangdong city in Shenzhen Province, Futian District Shennan Road, Zhuzilin Jianye Company Industrial Zone No. 2 building six layer A Patentee before: Huang Xiaogang Patentee before: Ni Zhigang Patentee before: Shu Yang |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120104 Termination date: 20151109 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |