CN203618020U - Internal and external network security access mode - Google Patents
Internal and external network security access mode Download PDFInfo
- Publication number
- CN203618020U CN203618020U CN201320674063.6U CN201320674063U CN203618020U CN 203618020 U CN203618020 U CN 203618020U CN 201320674063 U CN201320674063 U CN 201320674063U CN 203618020 U CN203618020 U CN 203618020U
- Authority
- CN
- China
- Prior art keywords
- intranet
- extranet
- unit
- switch
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The utility model provides an internal and external network security access mode. An input terminal interface unit of an internal and external network security device is connected with a first control unit and a second control unit through an either-or switch unit. After an external network mode is selected by a portable computer device, a processing unit controls the either-or switch unit to switch on the second control unit, turns on a second power source control switch and enters into an external network system. At the same time, a first power source control switch is turned off and connection with an internal network system is cut off. After an internal network mode is selected by the portable computer device, the processing unit controls the either-or switch unit to switch on the first control unit, turns on the first power source control switch and enters into the internal network system. At the same time, the second power source control switch is turned off and connection with the external network system is cut off. The utility model provides the internal and external network security access mode used for realizing isolation and safety protection of the internal network and the external network, so that information security of the inner network system can be protected effectively.
Description
Technical field
The utility model relates to a kind of internet arena, particularly the safe access module of a kind of intranet and extranet.
Background technology
Along with developing rapidly of internet (Internet), each office and enterprises and institutions utilize the Internet to carry out the work becomes irreversible trend.In recent years, the carrying out of " enterprise online " and government accessing Internet project, the particularly construction of " E-Government " system, the existing a large amount of computer of constituent parts and all departments is connected into internet by variety of way.But because internet is the network system of an opening, the computer of any networking all may suffer hacker's attack, in this computer, canned data has possibility stolen or that be tampered.Internet is also the main path of Computer Virus Spread in addition.At present, common security precautions technology, as software cryptography, fire compartment wall etc., its core technology all rests in foreign corporation's hand, can not reach the relevant security stipulation of country.Therefore, National Administration for the Protection of State Secrets is used the Internet to provide as follows to national confidential departments: " relate to the computer information system of state secret, must not be direct or indirect be connected with Internet or other public information networks, must carry out " physical isolation ".So-called " physical isolation ", if refer to that enterprises lan does not exist and the direct physical connection in the Internet at any time, the network security of enterprise is just really protected.
Guarantee that although existing safe method is a lot, as: fire compartment wall multiple filtration, passage control, invasion and attack are reported to the police etc., but because these technology are all a kind of control methods based on software, exist and handled the possibility of controlling, can not guarantee absolute safety, therefore, need to guarantee by " physical isolation " the real safety of the confidential departments such as army, government, finance, media.
In informatization in a government office, ' country has proposed the concept in construction " three net one storehouses ".Wherein " three nets " refers to Intranet (internal office work net), outer net (network being connected with internet) and private network (for the computer network of the special-purposes such as the superior and the subordinate unit's networking).Between internal, external network, require to carry out row physical isolation, to guarantee being perfectly safe of classified information.
In the face of this specific demand of national confidential departments to network security, some producers release the products such as physical isolation terminal computer and physical isolation card one after another at present.
1. two physical isolation terminal computers access respectively intranet and extranet as the most direct intranet and extranet isolation way of realization, fail safe is the strongest, but it needs two station terminal computers, this has increased the input of hardware cost undoubtedly, also cost increase of the maintenance of terminal computer and configuration expense simultaneously, two station terminal computers take up room and have tightened especially greatly user's working space, and user needs artificial differentiation intranet and extranet terminal computer in use at every turn, uses inconvenient.
2. physical isolation card is on a computer, to increase a hard disk, by controlling hard disk and switching netting twine, only a corresponding network is effective in the environment of intranet and extranet, to make a hard disk, on its network physical line, be separate completely and there is not common memory information, thereby realize unit real physical isolation between two networks.Physical isolation card is physically-isolated rudimentary way of realization, and physical isolation card can only Guan Yitai personal computer, need to be configured every computer, and each switching all needs switching on and shutting down once, uses very inconvenience.The hardware platform management of two hard disks is very loaded down with trivial details, also can make setting up with maintenance cost of whole network significantly raise.In addition, to there is the duplicate network of two covers (double line, the double network equipment) with the network of isolation card design, on every machine, want two network interface cards, two hard disks.Not only installation and maintenance are extremely inconvenient, and maintenance cost is also high, and the expense of upgrading and expansion is multiplied more.
No matter be that two station terminal computers are realized physical isolation, still use physical isolation card, this series products scheme has following shortcoming:
Computer has single mainboard, two independent hard disks, two of the connection intranet and extranet that provide on two slots network ports independently, instant handoff functionality after starting by intranet and extranet built-in in Bios, two kinds of different operating states are provided, can connect respectively internal office work net and external the Internet.
All enterprise desktop computers that need online are changed or upgraded to " physical isolation " computer, and every of computer cost increases by 20% left and right.
Enterprises comprehensive wiring will be set up inside and outside dual net physical framework, and switching equipment also will provide inside and outside double, and intranet data is stored in local disk, and data are dangerous.
Network security is achieved, but that engineering cost in implementation process, cost of equipment drop into is higher, and technological service amount is larger, and system maintenance is loaded down with trivial details.
Utility model content
The utility model provides a kind of intranet and extranet safe access module, for realizing isolation and the security protection of Intranet system and outer net system, can effectively protect the information security of Intranet system.
For addressing the above problem, the utility model provides a kind of intranet and extranet safe access module, and the safe access module of described intranet and extranet comprises: intranet and extranet access terminal safely and mobile computer device;
Described intranet and extranet access terminal and comprise safely: intranet and extranet safety means and processing unit;
Described intranet and extranet safety means comprise input end interface unit, either-or switch unit, the first power control switch, second source control switch, Intranet interface unit and outer net interface unit, the first control unit, the second control unit;
Described input end interface unit is directly or indirectly connected with described mobile computer device, is connected respectively by described either-or switch unit with described the first control unit, the second control unit; Described the first control unit is connected with described Intranet interface unit, and described the second control unit is connected with described outer net interface unit; Described Intranet interface unit is connected with described the first power control switch, and described outer net interface unit is connected with described second source control switch;
Described processing unit, with described first, second power control switch, and described either-or switch unit is connected, for in the time that mobile computer device is selected outer net pattern, control described either-or switch one-cell switching the second control unit, control described second source control switch and close, for described the second control unit power supply, enter outer net system, and now control described the first power control switch disconnection, cut off and be connected with Intranet system; In the time that mobile computer device is selected Intranet pattern, control described either-or switch one-cell switching the first control unit, controlling described the first power control switch closes, for described the first control unit power supply, enter Intranet system, and now control described second source control switch and disconnect, now cut off and be connected with outer net system.
Preferably, described intranet and extranet access terminal safely and further comprise that 1 turns the interface unit of multichannel;
Described 1 interface unit that turns multichannel comprises a Upstream Interface being connected with described mobile computer device, and multiple downstream interface, and the input end interface unit of described intranet and extranet safety means is connected with described downstream interface.
Preferably, described intranet and extranet access terminal safely and further comprise the authenticating unit being connected with described downstream interface.
Preferably, between described downstream interface and described authenticating unit, also comprise Current limited Control unit.
Preferably, described intranet and extranet access terminal safely and further comprise that the system being connected with described downstream interface starts memory cell.
Preferably, described intranet and extranet access terminal safely and further comprise the network monitoring unit being connected with described processing unit.
Preferably, described intranet and extranet access terminal safely and further comprise the alarm unit being connected with described processing unit.
Preferably, described input end interface unit is USB interface, is directly or indirectly connected with computer equipment by usb bus.
Preferably, described either-or switch unit is electromagnetic relay mechanical switch.
Preferably, the supply power mode that intranet and extranet access terminal is safely bus-powered and/or self-powered mode.
Preferably, described mobile computer device is the portable set with input function and Presentation Function.
Compared with prior art, the safe access module of intranet and extranet described in the utility model embodiment, in the time that mobile computer device is selected outer net pattern, control described either-or switch one-cell switching the second control unit, control described second source control switch and close, for described the second control unit power supply, enter outer net system, and now control described the first power control switch and disconnect, cut off and be connected with Intranet system; In the time that mobile computer device is selected Intranet pattern, control described either-or switch one-cell switching the first control unit, controlling described the first power control switch closes, for described the first control unit power supply, enter Intranet system, and now control described second source control switch and disconnect, now cut off and be connected with outer net system.So just can realize isolation and the security protection of Intranet system and outer net system, can effectively protect the information security of Intranet system.
Accompanying drawing explanation
Fig. 1 is safe access module the first example structure block diagrams of the concrete described intranet and extranet of the utility model;
Fig. 2 is safe access module the second example structure block diagrams of the concrete described intranet and extranet of the utility model;
Fig. 3 is the safe access module application of the concrete described intranet and extranet of the utility model schematic diagram.
Embodiment
The utility model provides a kind of intranet and extranet safe access module, for realizing isolation and the security protection of Intranet system and outer net system, can effectively protect the information security of Intranet system.
Please refer to Fig. 1 and Fig. 3, Fig. 1 is safe access module the first example structure block diagrams of the concrete described intranet and extranet of the utility model, and Fig. 3 is the safe access module application of the concrete described intranet and extranet of the utility model schematic diagram.
Described in the utility model the first embodiment, the safe access module of intranet and extranet comprises: intranet and extranet access terminal safely 100 and mobile computer device 200.
Described intranet and extranet access terminal safely 100, comprising: intranet and extranet safety means 1 and processing unit 2.
Described intranet and extranet safety means 1 comprise input end interface unit 11, either-or switch unit 12, the first power control switch 13, second source control switch 14, Intranet interface unit 15 and outer net interface unit 16, the first control unit 17, the second control units 18.
Described input end interface unit 11 is directly or indirectly connected with mobile computer device 200, is connected respectively by described either-or switch unit 12 with described the first control unit 17, the second control unit 18; Described the first control unit 17 is connected with described Intranet interface unit 15, and described the second control unit 18 is connected with described outer net interface unit 16; Described Intranet interface unit 15 is connected with described the first power control switch 13, and described outer net interface unit 16 is connected with described second source control switch 14.
Described mobile computer device is the portable set that notebook computer or panel computer or mobile communication equipment etc. have input function and Presentation Function.
Described input end interface unit 11 can be the various interface forms such as USB, in the time that described input end interface unit 11 is USB interface, can directly or indirectly be connected with mobile computer device by usb bus.
In order to guarantee the physical isolation of interior network, electromagnetic relay mechanical switch is preferably selected in described either-or switch unit 12.
Described processing unit 2, with described first, second power control switch 13,14, and described either-or switch unit 12 is connected, for in the time that mobile computer device 200 is selected outer net pattern, control described either-or switch unit 12 gating the second control units 18, control described second source control switch 14 and close, for described the second control unit 18 is powered, enter outer net system, and now control described the first power control switch 13 and disconnect, cut off and be connected with Intranet system; In the time that mobile computer device 200 is selected Intranet pattern, control described either-or switch unit 12 gating the first control units 17, controlling described the first power control switch 13 closes, for described the first control unit 17 is powered, enter Intranet system, and now control described second source control switch 14 and disconnect, now cut off and be connected with outer net system.
Intranet and extranet safety means 1 can comprise one the one intranet and extranet safety means that enter two interface shapes that go out, " one enters " is that security terminal input port can be USB interface, " two go out " is that the output port of security terminal can be two RJ45 (interior network interfaces, an outer network interface), it is terminal computer that the input port of intranet and extranet safety means 1 can be connected in client by USB line, the output of intranet and extranet safety means 1 connects respectively Inside and outside network netting twine, intranet and extranet safety means just can not need external power supply like this, employing low-power consumption power supply, power-off or from PC end pulls out data just lose, prevent from greatly stealing storage.And installation process is simple to operate and easily capable, only need on intranet and extranet safety means, patch 1 data lines and 2 grid lines.
It is larger that the USB of intranet and extranet safety means 1 turns Eth network interface card power dissipation ratio, need to consider low power dissipation design, described the first control unit 17, the second control unit 18 specifically can adopt low-power consumption USB2.0To10/100Fast Ethernet Controller chip, the first power control switch 13, second source control switch 14 adopts mains switch to control the power supply of two-way network card chip, synchronization Zhi Gei mono-road network card chip power supply, thus realize low-power consumption.
Intranet and extranet access terminal safely and 100 specifically can design according to USB equipment complex (compund) model, intranet and extranet access terminal safely and can adopt bus-powered mode, or two kinds of modes of self-powered, also can adopt bus-powered and self-powered mode.
Intranet and extranet access terminal safely 100 under bus-powered mode, and usb host maximum provides 5V-500mA current drain, use for the convenience of the user, simplify the installation process that intranet and extranet access terminal safely, do not need to patch externally fed power supply.Whole system design all needs to consider low-power consumption problem like this, and parts selection and circuit design all will be considered based on low-power consumption, prevent load overcurrent.
Referring to Fig. 2, this figure is safe access module the second example structure block diagrams of the concrete described intranet and extranet of the utility model.
Intranet and extranet described in the utility model the second embodiment access terminal safely 200, may further include 1 interface unit 3 that turns multichannel.
Described 1 interface unit 3 that turns multichannel comprises a Upstream Interface 31 being connected with mobile computer device 200, and multiple downstream interface, and the input end interface unit 11 of described intranet and extranet safety means 1 is connected with described downstream interface.
1 interface unit 3 that turns multichannel is specifically as follows 1 and turns multichannel USB Hub, Upstream Interface 31 is that upstream USB port (interface of main frame and USB Hub) is one, be connected with terminal computer USB port, based on the feature of USB device plug and play, intranet and extranet access terminal safely and 100 have effectively avoided the numerous and diverse drawback of physical isolation card installation steps, have given full play to operating procedure and be simple and easy to the feature of use.1 turns multichannel USBHub downstream USB port (interface of equipment and USB Hub) for multiple, can connect all kinds of USB device.
1 interface unit 3 that turns multichannel can be selected according to USB peripheral functionality, at least needs 5 tunnel USB device access host simultaneously, and 1 interface unit 3 that turns multichannel specifically can adopt 1 to turn 7USB Hub.In order to consider low power dissipation design, can adopt the chip with low-power consumption characteristic and OEM configuration.OEM configuration adopts SMBUS bus to arrange, and SMBUS bus is connected in processing unit (CPU), and after powering on, CPU completes the layoutprocedure to USB by SMBUS bus.
Shown in Figure 2, described in the utility model embodiment, intranet and extranet access terminal safely and 100 can further include the authenticating unit 4 being connected with described 1 downstream interface that turns the interface unit 3 of multichannel, for the command code of encryption is sent to client, after client decryption command code, the control switch that terminal authentication and/or user are authenticated is opened, for the power supply of Intranet network card chip, carry out authorization terminal whether checking.
The USB interface that described in the utility model embodiment, the user of authenticating unit 4 authenticates USB-Key is open to user, does authentication after needing user to insert USB-Key at Cloud Server end.
Excessive for preventing user's interventional instrument power consumption, between described downstream interface and described authenticating unit 4, also comprise Current limited Control unit 41, for subscriber equipment is limited.Current limited Control unit 41 can adopt the current limiting switch of 200mA, also can select the current limiting switch of 250mA according to system requirements.
When described authenticating unit 4 is terminal authentication USB-Key, can be connected in USB Hub downstream USB port by the control switch of authenticating unit 4, the open function of closing of the control switch of authenticating unit 4 is controlled by processing unit 2 (CPU).
Described in the utility model embodiment, intranet and extranet access terminal safely and can further include the system startup memory cell 5 being connected with described downstream interface.
System starts memory cell 5 specifically can system start storage USB (Mass Storage Flash, USB flash disk) to be directly connected in described 1 downstream interface that turns the interface unit 3 of multichannel be USB Hub downstream USB port, system starts and the Intranet operating system program system that all can be stored in starts in storage USB.
Described in the utility model embodiment, intranet and extranet access terminal safely and 100 can further include the network monitoring unit 6 being connected with described processing unit 2, for monitoring network server behavior in the unauthorized access of outer net grid.
Described in the utility model embodiment, intranet and extranet access terminal safely and 100 further comprise the alarm unit 8 being connected with described processing unit 2, when monitor in the unauthorized access of outer net grid network server behavior in described network monitoring unit 6, described processing unit 2 is controlled and is reported to the police.
As mentioned before, it is larger that USB turns Eth network interface card power dissipation ratio, need to consider low power dissipation design, adopt low-power consumption USB2.0To10/100Fast Ethernet Controller chip, control the power supply of two-way network card chip by mains switch, synchronization is only given a road network card power supply, reaches low power dissipation design.This chip also has Reverse-RMII interface, support direct MAC-to-MAC communication, connect external network PHY chip by RMII interface like this, RMII interface is connected on the CPU with MAC and monitors simultaneously, monitor the safety of whole network, in the time there is illegal access to netwoks, directly close circuit network by CPU, specifically can, by the alarm unit alarm user illegal operation of the modes such as buzzer, so greatly guarantee the safety of whole network.
User passes through serial port terminal, intranet and extranet described in the utility model embodiment are accessed terminal safely and 100 carry out network configuration, CPU adopts intranet and extranet to access terminal safely and can design for USB unit equipment (Composite Device) under the situation of only having a road USB Slave interface, do not increasing on the basis of hardware configuration, by the combination of the different USB device of multiple Interface realizations, the USB function of CPU need to be developed the unit equipment of HID and Virtual COM like this, user under Virtual COM except configuration network, can also upgrade the intranet and extranet system firmware that accesses terminal safely, carry out IAP system upgrade.
Main communication details can adopt following design:
The report descriptor input and output of this agreement can all be set to 8 bytes.Content can be self-defined as required.
The form of data: the 0th to the 3rd byte can be number of seconds (random number), 4 to 7 bytes can be concrete control command.
Wherein the 4th control command to the 7th byte, is defined as follows:
First use the lowest order of the 4th byte, " 0 " represents to close Intranet system, opens outer net system; " 1 " represents to close outer net system, opens Intranet system.
Other positions retain.
Whole 8 byte numbers can use D E S to be encrypted.
The gating end of the control switch of each road USB device is all connected in CPU, CPU can be integrated USB Slave peripheral hardware, be modeled to HID equipment by USB Slave, the USB end of HID equipment is connected in USBHub, CPU receives network switching command by HID equipment, after CPU resolve command, be used for controlling USB device and when access USB Hub.
The double authentication that can adopt terminal identity and user identity under Intranet system pattern, suspension needs the mechanism of the authentication again authenticating, and has guaranteed greatly the safety of Intranet grid state.
The computer center that mobile computer device 200 enters under the operation preferable case after Intranet pattern all beyond the clouds completes, and in order to guarantee data security, the result that described scheduled operation system can stop described computer center to complete downloads to client.
When user has selected Intranet system, like this, mobile computer device 200 starts to guide Intranet operating system, specifically for example Intranet uClinux operating system code can be copied to, after client (notebook) internal memory, starts to start the operating system.In the time that needs carry out authentication, operating system can be passed through HID USB interface, the command code of encryption is sent to CPU, the control switch that terminal authentication and/or user is authenticated to USB-KEY after CPU decryption command is opened, specifically can switch USB network by either-or switch unit 12 is that Intranet is powered Intranet network card chip simultaneously, carry out authorization terminal whether checking, after terminal authentication is correct, can select username and password, also can select No. ID, USER-KEY and password to carry out authentication logs in, if there is netting twine disconnection under Intranet pattern, or user USB-KEY disconnects phenomenon, the step that need to re-start authentication all can be set.
For the ease of those skilled in the art's understanding, illustrate the safe access process of intranet and extranet of the safe access module of intranet and extranet described in the utility model embodiment below.
Described in the utility model embodiment, the safe access process of the intranet and extranet of the safe access module of intranet and extranet specifically comprises:
S100, enter intranet and extranet select interface;
Described step S100 is specifically as follows: after mobile computer device 200 systems power on, directly enter the intranet and extranet selection interface in conjunction with the virtual desktop of cloud application.
On the display of for example notebook of mobile computer device 200, show and select operation system interface, user can select to start by keyboard the system of Intranet dedicated system or local hard drive.
After described step S100, can also comprise:
In the time entering intranet and extranet selection interface, start timing; When user does not make a choice while entering Intranet or outer net pattern in the given time, directly enter outer net pattern, and now cut off and be connected with Intranet system.
The described scheduled time can be set according to user's needs, is specifically as follows 10 seconds, 20 seconds or 30 seconds etc.
In the time that user presses mobile computer device 200 power key, now computer CPU completes the initialization of whole system.
It is that intranet and extranet select interface to start that system the first startup item is set in the BIOS of mobile computer device 200, mobile computer device 200 just can guidance system start intranet and extranet selection interface GRUB program, mobile computer device 200 display screens present intranet and extranet and select interface, give tacit consent to the outer net system startup scheduled time (for example 20 seconds) countdown simultaneously and start.
S200, in the time that mobile computer device 200 is selected outer net pattern, enter outer net system, and now cut off be connected with Intranet system; In the time that mobile computer device 200 is selected Intranet pattern, enter Intranet pattern, and now cut off and be connected with outer net system.
When described in described step S200, mobile computer device 200 enters Intranet pattern, guiding scheduled operation system, to local host internal memory, is moved described scheduled operation system in described internal memory, and intranet data is directly lost when power-off or suspension.
Described scheduled operation system can be based on linux system, requires kernel to be equipped with for security of system.
Scheduled operation system is mainly to forbid client (this locality) network equipment (as Ethernet, wireless network card, bluetooth etc.), forbids client (this locality) memory device (hard disk, CD etc.).
The computer center that described mobile computer device 200 enters under the operation preferable case after Intranet pattern all beyond the clouds completes, and in order to guarantee data security, the result that described scheduled operation system can stop described computer center to complete downloads to client.
The safe access module of intranet and extranet described in the utility model embodiment, in the time that mobile computer device 200 is selected outer net pattern, enters outer net system, and now cuts off and be connected with Intranet system; In the time that mobile computer device 200 is selected Intranet pattern, enter Intranet pattern, and now cut off and be connected with outer net system.So just can realize isolation and the security protection of Intranet system and outer net system, can effectively protect the information security of Intranet system.
The safe access module of intranet and extranet described in the utility model embodiment, in order to guarantee fail safe, when client described in described step S200 is selected Intranet pattern, can also comprise the step of authentication;
The step of described authentication specifically comprises:
The command code of encryption is sent to mobile computer device 200 by described scheduled operation system, after v decryption command code, the control switch that terminal authentication and/or user are authenticated is opened, for the power supply of Intranet network card chip, carry out authorization terminal whether checking, after terminal authentication is correct, carry out authentication and log in, enter Intranet pattern.
Therefore; embodiment of the present utility model is only unrestricted the utility model for the utility model is described; any those of ordinary skill in the art are departing from the change of having done in protection range of the present utility model, within all should being encompassed in the scope that claim of the present utility model limits.
Claims (11)
1. the safe access module of intranet and extranet, is characterized in that, the safe access module of described intranet and extranet comprises: intranet and extranet access terminal safely and mobile computer device;
Described intranet and extranet access terminal and comprise safely: intranet and extranet safety means and processing unit;
Described intranet and extranet safety means comprise input end interface unit, either-or switch unit, the first power control switch, second source control switch, Intranet interface unit and outer net interface unit, the first control unit, the second control unit;
Described input end interface unit is directly or indirectly connected with described mobile computer device, is connected respectively by described either-or switch unit with described the first control unit, the second control unit; Described the first control unit is connected with described Intranet interface unit, and described the second control unit is connected with described outer net interface unit; Described Intranet interface unit is connected with described the first power control switch, and described outer net interface unit is connected with described second source control switch;
Described processing unit, with described first, second power control switch, and described either-or switch unit is connected, for in the time that mobile computer device is selected outer net pattern, control described either-or switch one-cell switching the second control unit, control described second source control switch and close, for described the second control unit power supply, enter outer net system, and now control described the first power control switch disconnection, cut off and be connected with Intranet system; In the time that mobile computer device is selected Intranet pattern, control described either-or switch one-cell switching the first control unit, controlling described the first power control switch closes, for described the first control unit power supply, enter Intranet system, and now control described second source control switch and disconnect, now cut off and be connected with outer net system.
2. the safe access module of intranet and extranet according to claim 1, is characterized in that, described intranet and extranet access terminal safely and further comprise that 1 turns the interface unit of multichannel;
Described 1 interface unit that turns multichannel comprises a Upstream Interface being connected with described mobile computer device, and multiple downstream interface, and the input end interface unit of described intranet and extranet safety means is connected with described downstream interface.
3. the safe access module of intranet and extranet according to claim 2, is characterized in that, described intranet and extranet access terminal safely and further comprise the authenticating unit being connected with described downstream interface.
4. the safe access module of intranet and extranet according to claim 3, is characterized in that, between described downstream interface and described authenticating unit, also comprises Current limited Control unit.
5. the safe access module of intranet and extranet according to claim 2, is characterized in that, described intranet and extranet access terminal safely and further comprise that the system being connected with described downstream interface starts memory cell.
6. the safe access module of intranet and extranet according to claim 2, is characterized in that, described intranet and extranet access terminal safely and further comprise the network monitoring unit being connected with described processing unit.
7. the safe access module of intranet and extranet according to claim 6, is characterized in that, described intranet and extranet access terminal safely and further comprise the alarm unit being connected with described processing unit.
8. the safe access module of intranet and extranet according to claim 1, is characterized in that, described input end interface unit is USB interface, is directly or indirectly connected with computer equipment by usb bus.
9. the safe access module of intranet and extranet according to claim 1, is characterized in that, described either-or switch unit is electromagnetic relay mechanical switch.
10. the safe access module of intranet and extranet according to claim 1, is characterized in that, the supply power mode that intranet and extranet access terminal is safely bus-powered and/or self-powered mode.
The safe access module of 11. intranet and extranet according to claim 1, is characterized in that, described mobile computer device is the portable set with input function and Presentation Function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201320674063.6U CN203618020U (en) | 2013-10-30 | 2013-10-30 | Internal and external network security access mode |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201320674063.6U CN203618020U (en) | 2013-10-30 | 2013-10-30 | Internal and external network security access mode |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN203618020U true CN203618020U (en) | 2014-05-28 |
Family
ID=50770636
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201320674063.6U Expired - Fee Related CN203618020U (en) | 2013-10-30 | 2013-10-30 | Internal and external network security access mode |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN203618020U (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445182A (en) * | 2016-08-30 | 2017-02-22 | 中铁信安(北京)信息安全技术有限公司 | Safe switch and isolation system and method of keyboard, mouse and screen suitable for dual-computer environment |
| CN109522760A (en) * | 2018-10-29 | 2019-03-26 | 北京博衍思创信息科技有限公司 | A kind of data forwarding controlling method and system based on hardware control logic |
| CN109543475A (en) * | 2018-10-29 | 2019-03-29 | 北京博衍思创信息科技有限公司 | A kind of circumscribed terminal protection equipment and guard system |
| CN109561071A (en) * | 2018-10-29 | 2019-04-02 | 北京博衍思创信息科技有限公司 | A kind of the circumscribed terminal protection equipment and guard system of data traffic control |
| RU2748333C1 (en) * | 2020-05-23 | 2021-05-24 | Василий Александрович Краснов | Methods for preparing and providing information confidentiality in designated area |
-
2013
- 2013-10-30 CN CN201320674063.6U patent/CN203618020U/en not_active Expired - Fee Related
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445182A (en) * | 2016-08-30 | 2017-02-22 | 中铁信安(北京)信息安全技术有限公司 | Safe switch and isolation system and method of keyboard, mouse and screen suitable for dual-computer environment |
| CN109522760A (en) * | 2018-10-29 | 2019-03-26 | 北京博衍思创信息科技有限公司 | A kind of data forwarding controlling method and system based on hardware control logic |
| CN109543475A (en) * | 2018-10-29 | 2019-03-29 | 北京博衍思创信息科技有限公司 | A kind of circumscribed terminal protection equipment and guard system |
| CN109561071A (en) * | 2018-10-29 | 2019-04-02 | 北京博衍思创信息科技有限公司 | A kind of the circumscribed terminal protection equipment and guard system of data traffic control |
| WO2020087781A1 (en) * | 2018-10-29 | 2020-05-07 | 北京博衍思创信息科技有限公司 | External connection type terminal protection device and protection system |
| US10885230B1 (en) | 2018-10-29 | 2021-01-05 | Beijing Beyondinfo Technology Co., Ltd. | External terminal protection device and protection system |
| US11170133B2 (en) * | 2018-10-29 | 2021-11-09 | Beijing Beyondinfo Technology Co., Ltd. | External terminal protection device and protection system for data flow control |
| RU2748333C1 (en) * | 2020-05-23 | 2021-05-24 | Василий Александрович Краснов | Methods for preparing and providing information confidentiality in designated area |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103532978A (en) | Secure access mode for intranet and extranet | |
| CN103532980A (en) | Secure access terminal for intranet and extranet | |
| CN103546478A (en) | Internal and external network secure access method and system | |
| CA2799932C (en) | Computer motherboard having peripheral security functions | |
| US10061928B2 (en) | Security-enhanced computer systems and methods | |
| CN203618020U (en) | Internal and external network security access mode | |
| CN203618018U (en) | Internal and external network security access terminal | |
| US11481521B2 (en) | Secure red-black air-gapped portable computer | |
| CN202694329U (en) | Wireless storage equipment | |
| DE112016002895T5 (en) | Authentication of a multi-protocol connection | |
| CN100437618C (en) | Portable information safety device | |
| CN108681677A (en) | Based on the double net computer methods of USB interface security isolation, apparatus and system | |
| CN109086634A (en) | A kind of BMC chip management method, system and BMC chip and storage medium | |
| EP3757838B1 (en) | Warm boot attack mitigations for non-volatile memory modules | |
| EP3494482A1 (en) | Systems and methods for storing administrator secrets in management controller-owned cryptoprocessor | |
| CN103532977A (en) | Secure access equipment for intranet and extranet | |
| CN114340051B (en) | Portable gateway based on high-speed transmission interface | |
| WO2015127831A1 (en) | Anti-intrusion method and access device | |
| Sun et al. | Analysis and prevention of information security of USB | |
| CN203618019U (en) | Internal and external network security access device | |
| CN210629540U (en) | Safety isolation control computer system | |
| CN202103700U (en) | Double network isolation system | |
| CN111742315B (en) | Safe red-black air gap portable computer | |
| CN209488619U (en) | A kind of network security computer system | |
| CN201237787Y (en) | Computer hard disk information protection apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140528 Termination date: 20161030 |