CN209460765U - A kind of novel public network and public security Intranet isolating device - Google Patents
A kind of novel public network and public security Intranet isolating device Download PDFInfo
- Publication number
- CN209460765U CN209460765U CN201920320827.9U CN201920320827U CN209460765U CN 209460765 U CN209460765 U CN 209460765U CN 201920320827 U CN201920320827 U CN 201920320827U CN 209460765 U CN209460765 U CN 209460765U
- Authority
- CN
- China
- Prior art keywords
- module
- lvds
- intranet
- isolated
- public network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The utility model discloses a kind of novel public networks and public security Intranet isolating device, it is formed including Intranet processing module, isolated LVDS transmission module, public network service module, DC/DC isolated power supply module and AC-DC switch power module, shell, public network service module is connect by isolated LVDS transmission module with Intranet processing module, DC/DC isolated power supply module is connect with isolated LVDS transmission module, Intranet processing module, AC-DC switch power module respectively, and AC-DC switch power module is connect with public network service module.The utility model has creatively selected to be attached with isolation and according to the data/address bus of the high speed one-way transmission of level feed-back state; unidirectional data transmission is carried out using high-strength high-safety Encryption Algorithm and self-defining data packet format; and ensure the reliability of data according to level feed-back state, it is effectively protected intranet security.
Description
Technical field
The utility model relates to network safety filed, the isolating device of specifically a kind of public network and public security Intranet.
Background technique
For requirements of one's work, what public security organ specially set up includes public security video private network, checks the public security such as system of deploying to ensure effective monitoring and control of illegal activities
Intranet, these networks be all it is relatively independent, be not connected with the internet in society, information collected by public security organ all saves
It on these networks, greatly facilitates public security cadres and police and handles a case, it has also become promote public security work level, police affairs is promoted to change
Leather improves the important means that capacity of crime was fought crime and controlled in prevention.
It is increasingly deep with Informatization Construction of Public Security, for public security department routine work bring it is efficient and convenient simultaneously,
Also serious computer security issue is brought.Especially harm caused by viral subversive, hacker attacks is increasing.Country is protected
Promulgate " Regulations of Internet Security of Computer Information System " the 2nd chapter security system Article 6 rule close office on January 1st, 2000
It is fixed: " be related to the computer information system of state secret, must not directly or indirectly with Internet or other public information networks
Network is connected, it is necessary to carry out physical isolation ".
Physical-separation Technology has become indispensable important means in network security Secrecy system a few days ago, increasingly by
The great attention of each department, constituent parts.The isolation technology of public security Intranet and video private network mainly uses gateway equipment to carry out at present
Isolation, but since the bandwidth of video data is very high, when especially accessing multitude of video number, very high real-time bandwidth is needed,
Make gateway equipment need very high performance that could handle a large amount of video data in real time, cause gateway equipment cost very high, it is difficult to
Large-scale promotion application.Meanwhile even with gateway, since core software and hardware is dependent on import, there is also many for technological means
Loophole cannot guarantee that itself is not broken through by hacker.
In addition, public security Intranet is due to more than access point and dispersing, especially present public security organ gradually enables some movements and grabs
Device is clapped, and these movement grasp shoot devices are the real-time for protecting data, are all made of the communication modes such as 3G/4G/5G, microwave and are passed
It is defeated, and using virtual private network technologies such as APN, VPDN.But since the operator of some areas is due to a lack of the skill in terms of APN, VPDN
Art is supported, causes the deployment of APN, VPDN difficult, influences the use of mobile grasp shoot device.
It is how not only economical quick but also safe and reliable, and also ensure that the network for disconnecting public network and Police Information private network connects
It connects, hacker is allowed to have no exploits, be problem to be solved in the utility model.
Summary of the invention
In view of the deficienciess of the prior art, the purpose of the utility model is to provide a kind of novel public network and public security Intranet every
From device.
Realizing the technical solution of the utility model aim is:
A kind of novel public network and public security Intranet isolating device, including Intranet processing module, isolated LVDS transmission module, public affairs
Net service module, DC/DC isolated power supply module and AC-DC switch power module, shell composition, public network service module pass through isolation
Formula LVDS transmission module is connect with Intranet processing module, DC/DC isolated power supply module respectively with isolated LVDS transmission module, interior
Net processing module, the connection of AC-DC switch power module, AC-DC switch power module are connect with public network service module.
The isolated LVDS transmission module include unidirectional Multi-channel isolation LVDS module interconnected and photoelectricity every
From formula reverse state interface module, wherein the photoelectric-isolated reverse state interface module include signal detector and optocoupler every
From interface.
Further, the unidirectional Multi-channel isolation LVDS module includes the serializer chip of TI company
DS92LV3241, deserializer chip DS92LV3242, LVDS isolator chip IS07820LL, the serializer chip
Data and clock are converted to 4 road LVDS by DS92LV3241, are sent into LVDS isolator chip IS07820LL and are carried out electrical isolation
Afterwards, then deserializer chip DS92LV3242 is sent into through 4 road LVDS be reduced into 32bit data and clock.
The public network service module, Intranet processing module are connected with unidirectional Multi-channel isolation LVDS module.In described
Net processing module, isolated LVDS transmission module, public network service module, DC/DC isolated power supply module and AC-DC Switching Power Supply mould
Block is arranged horizontally on same wiring board to be connected by PCB trace.
The utility model has the beneficial effects that: the utility model has creatively selected band to be isolated and according to level feed-back
The data/address bus of the high speed one-way transmission of state is attached, and this method is using high-strength high-safety Encryption Algorithm and makes by oneself
Adopted data packet format carries out unidirectional data transmission, and ensures the reliability of data according to level feed-back state, due to attacker without
Method, which obtains, data packet format and can not obtain key, can not decrypt, so even if in extreme environments, Intranet processing module quilt
Attacker's manipulation, and data are sent using the soft serial ports of realization by the information wire of transmission state level outward, on these signal wires
Signal by signal detector inspection and can filter, as signal detector can not be handled and its data generated can also be taken by public network
Business block intercepts, can not be transferred to Intranet, to be fully disconnected Intranet to the data return path of public network, be effectively protected interior
Net safety.
Detailed description of the invention
Fig. 1 is the isolating device system structure diagram of the utility model embodiment public network and public security Intranet;
Fig. 2 is schematic diagram of the isolating device in practical engineering application of the utility model embodiment public network and public security Intranet.
In figure: the isolated LVDS transmission module of 2. public network service module of isolating device 3. of 1. public networks and public security Intranet
4. Intranet processing module 5.DC/DC isolated power supply module 6.AC-DC switch power module.
Specific embodiment
The content of the present invention is further elaborated with reference to the accompanying drawings and examples, but is not to the utility model
Restriction.
Embodiment:
The utility model established between outer net and public security Intranet can only receive high strength encrypting candid photograph data and only
The isolated high speed data transfer pipeline of energy one-way transmission captures data to corresponding letter realizing to push in real time in Intranet
When ceasing platform, guarantee public network and Intranet be on network it is physically-isolated, on public network cannot by network mode to Intranet into
Row access, or any other data is obtained from Intranet.
As shown in Figs. 1-2, a kind of novel public network and public security Intranet isolating device 1, by Intranet processing module 4, isolated
LVDS transmission module 3, public network service module 2, DC/DC isolated power supply module 5 and AC-DC switch power module 6 form;Public network clothes
Business module 2 connect by isolated LVDS transmission module 3 with Intranet processing module 4, DC/DC isolated power supply module 5 respectively with every
It is connected from formula LVDS transmission module 3, Intranet processing module 4, AC-DC switch power module 6, AC-DC switch power module 6 and public affairs
Net service module 2 connects, and Intranet service module 4, isolated LVDS transmission module 3, public network service module 2 are arranged in same
On pcb board, and it is connected by cabling.When vehicle-mounted capturing system and mobile capturing system will capture data AES256 algorithm for encryption
Afterwards, public network service module 2 is sent to by 4G public network, public network service module 2 receive after the candid photograph data of encryption such as without
Decryption, then be messy code.
Public network service module 2 is repacked after the encryption data received is generated check code with SHA256, is then passed through
Multi-channel isolation LVDS data/address bus delivers a packet to Intranet processing module 4, and Intranet processing module 4 unpacks to data packet
After extracting the candid photograph data of encryption and the check code of outer net module, data are captured to encryption and carry out SHA256 calculating, by what is obtained
Value is compared with the check code of outer net, whether there is mistake when LVDS data bus transmission is isolated with detection.
When capturing, data are without exception, then to data progress AES256 decryption is captured, after obtaining former candid photograph data, pass through Intranet
Third party's manufacturer data mating interface for providing of relevant information platform carry out autonomous propelling data.There is exception when capturing data,
Or Intranet processing module occurs exception when unpacking, then corresponding state is arranged, and requests outer net service module retransmission data.It is complete
At public network to Intranet one-way transmission function.
Specifically, isolated LVDS transmission module 3 is anti-by unidirectional Multi-channel isolation LVDS module and photoelectric-isolated
It is formed to state interface module, unidirectional Multi-channel isolation LVDS module is mainly by the serializer chip of TI company
DS92LV3241, deserializer chip DS92LV3242, LVDS isolator chip IS07820LL composition.
Data are listened overcoupling serializer chip DS92LV3241 to be converted into 4 road LVDS signals by public network service module 2, through LVDS every
After device chip I S07820LL coupling, 4 road LVDS signals are converted into the data of 32bit by deserializer DS92LV3242, and subsidiary
Clock.By the data and clock of 32bit after deserializer DS92LV3242 conversion, it is sent to the processor of Intranet processing module
On 32bit data/address bus, the processor of Intranet processing module is read out data/address bus according to clock, Intranet processing module
After processor handles the data received, corresponding mark is arranged by photoelectric-isolated state feedback module, with logical
Cross public network service module.
Claims (6)
1. a kind of novel public network and public security Intranet isolating device, it is characterized in that: including Intranet processing module, isolated LVDS transmission
Module, public network service module, DC/DC isolated power supply module and AC-DC switch power module, public network service module pass through isolated
LVDS transmission module is connect with Intranet processing module, DC/DC isolated power supply module respectively with isolated LVDS transmission module, Intranet
Processing module, the connection of AC-DC switch power module, AC-DC switch power module are connect with public network service module.
2. novel public network according to claim 1 and public security Intranet isolating device, it is characterized in that: the isolated LVDS is passed
Defeated module includes unidirectional Multi-channel isolation LVDS module and photoelectric-isolated reverse state interface module interconnected, wherein
The photoelectric-isolated reverse state interface module includes signal detector and light-coupled isolation interface.
3. novel public network according to claim 2 and public security Intranet isolating device, it is characterized in that: the unidirectional multichannel every
From serializer chip DS92LV3241, deserializer chip DS92LV3242, LVDS isolator that formula LVDS module includes TI company
Data and clock are converted to 4 road LVDS by chip I S07820LL, the serializer chip DS92LV3241, are sent into LVDS isolation
After device chip I S07820LL carries out electrical isolation, then deserializer chip DS92LV3242 is sent into through 4 road LVDS and is reduced into 32bit
Data and clock.
4. novel public network according to claim 1 and public security Intranet isolating device, it is characterized in that: the Intranet handles mould
Block, isolated LVDS transmission module, public network service module, DC/DC isolated power supply module and AC-DC switch power module are arranged in
On same wiring board, and it is connected by PCB trace.
5. novel public network according to claim 1 and public security Intranet isolating device, it is characterized in that: the public network services mould
Block, Intranet processing module are connected with unidirectional Multi-channel isolation LVDS module, unidirectional Multi-channel isolation LVDS inside modules
For electrical isolation, to realize the physical isolation of data transmission channel.
6. novel public network according to claim 1 and public security Intranet isolating device, it is characterized in that: DC/DC isolation electricity
Public network service module and the power supply circuit of Intranet processing module are realized isolation by source module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201920320827.9U CN209460765U (en) | 2019-03-14 | 2019-03-14 | A kind of novel public network and public security Intranet isolating device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201920320827.9U CN209460765U (en) | 2019-03-14 | 2019-03-14 | A kind of novel public network and public security Intranet isolating device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN209460765U true CN209460765U (en) | 2019-10-01 |
Family
ID=68047199
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201920320827.9U Active CN209460765U (en) | 2019-03-14 | 2019-03-14 | A kind of novel public network and public security Intranet isolating device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN209460765U (en) |
-
2019
- 2019-03-14 CN CN201920320827.9U patent/CN209460765U/en active Active
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109842585B (en) | Network information safety protection unit and protection method for industrial embedded system | |
EP2706723B1 (en) | Streaming video security device | |
CN105007272A (en) | Information exchange system with safety isolation | |
US10474613B1 (en) | One-way data transfer device with onboard system detection | |
US8891546B1 (en) | Protocol splitter | |
JP2005287024A (en) | Modular cryptographic device providing multi-mode wireless lan operation feature and related method | |
CN204350029U (en) | Data interaction system | |
CN104391672A (en) | Earphone mic virtualization implementation system based on virtual desktop and audio frequency transmission method of earphone mic virtualization implementation system | |
CN105656655B (en) | A kind of network safety managing method, device and system | |
CN109660565A (en) | A kind of isolation gap equipment and implementation method | |
CA3086589C (en) | One-way data transfer device with onboard system detection | |
CN102710638A (en) | Device and method for isolating data by adopting non-network manner | |
CN209460765U (en) | A kind of novel public network and public security Intranet isolating device | |
CN103152328B (en) | A kind of conferencing information control system based on wireless network and control method thereof | |
CN201315596Y (en) | Dial safety gateway device | |
CN209419652U (en) | A kind of isolation gap equipment | |
CN114553577A (en) | Network interaction system and method based on multi-host double-isolation security architecture | |
CN217935630U (en) | Network isolation encryption system with KVM function | |
CN201898580U (en) | Portable communication equipment | |
CN205594636U (en) | Computer network security controller | |
CN111131793A (en) | Video network access safety device | |
KR101860091B1 (en) | Unidirectional data transmission device | |
CN109688155A (en) | A kind of network data security processing method, device and platform | |
EP3662640B1 (en) | Data communication with devices having no direct access or only restricted access to communication networks | |
CN211830822U (en) | Homemade safety local area network equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |