WO2016091540A1 - Procédé et dispositif de transmission de données dans des réseaux séparés - Google Patents

Procédé et dispositif de transmission de données dans des réseaux séparés Download PDF

Info

Publication number
WO2016091540A1
WO2016091540A1 PCT/EP2015/076709 EP2015076709W WO2016091540A1 WO 2016091540 A1 WO2016091540 A1 WO 2016091540A1 EP 2015076709 W EP2015076709 W EP 2015076709W WO 2016091540 A1 WO2016091540 A1 WO 2016091540A1
Authority
WO
WIPO (PCT)
Prior art keywords
image
data
audio data
computer
memory area
Prior art date
Application number
PCT/EP2015/076709
Other languages
German (de)
English (en)
Inventor
Thomas Köhler
Original Assignee
Seciq Holding Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Seciq Holding Gmbh filed Critical Seciq Holding Gmbh
Priority to EP15801356.5A priority Critical patent/EP3231150A1/fr
Publication of WO2016091540A1 publication Critical patent/WO2016091540A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card

Definitions

  • the invention relates to a method and a usable device for transmitting data between an open or insecure computer network, in particular a network of computer networks such as the Internet, etc., and a closed computer arrangement.
  • the protocols RFB Remote Frame Buffer Protocol
  • Mac computers only suitable for remote screen transmission and for the transmission of keyboard and mouse input
  • the program VNC based thereon Virtual Network Computing
  • RDP Remote Desktop Protocol
  • the direct access of the control computer to the Internet is usually blocked by a firewall and should therefore not be vulnerable directly from the Internet.
  • firewalls and other protection mechanisms especially in a targeted attack, are bypassable.
  • An increased risk exists especially if the security-relevant software of the firewalls contains errors, which is the rule in the complexity of today's software.
  • many manufacturers are forced to incorporate back doors for government agencies in their safety components. This often explains the many recent successful break-ins in internal networks that are protected by professional firewalls.
  • This object is achieved by a method according to claim 1 and a device according to claim 10.
  • a computer of the open computer network receives incoming first picture and / or audio data, for example the current image of the Internet browser or website content, stored in a pre-precisely reserved first transfer memory of a connected to the open computer network memory.
  • This computer of the open computer network may be any instance or device which is integrated in the open computer network or connected to the open computer network, for example, has an Internet access to the image and / or Transfer audio data and store it in the memory.
  • first image and / or audio data are read out by means of a secure, preferably hardware-based, data copying unit via a unidirectional memory access from the first transfer memory. It will be then generates second image and / or audio data, which in each case represent an image that is defined by the first image and / or audio data (currently read out of the first transfer memory area). These second image and / or audio data are then forwarded to the completed computer arrangement for further processing, in particular display and / or storage.
  • the completed computer arrangement can be a single-user computer or a network to be secured with several computers or even partial networks, ie. H. also comprise a network of computer networks.
  • This completed computer arrangement is "completed" in the sense that there is no physical connection between the closed computer arrangement and the open computer network except via the method according to the invention or with the device according to the invention.
  • the audio data can be z. B. to act a digital image of the analog audio signal, z. B. in the form of amplitude values as a function of time.
  • "Moving pictures” or “moving picture data” here are to be understood sequences of individual pictures, which can also represent a video data stream.
  • the method according to the invention only the raw local images of the data are transmitted, and not the original data or part of the original data, as in the case of the above-described method described by K. Gennuso, for example.
  • it is a method of transferring images of data, ie the images of the original rendered data and not the original data itself, between the open or insecure computer network, not by the first image and / or audio data itself, but based on it newly generated second image and / or audio data are used internally.
  • no data subject to interpretation is passed, which must still be interpreted on the basis of metadata and therefore manipulated. bar and could be used for attacks on the completed computer arrangement, but only metadata-free media data. It is therefore a protocol-free memory access in which only a convention on the address of the transfer memory area is required, from which the hardware-based data copying unit can read the data.
  • a memory area, in particular transfer memory area, in the sense of the invention may also comprise a plurality of individual (partial) memory areas, which may also be assigned different data or functions, for example a memory area for the picture data and a further memory area for the audio data. These storage areas may also be arranged on different physical memories.
  • the transfer memory area for the image data can be, for example, a video frame buffer of the computer connected to the open computer network, so that images, and / or moving image data in the form of individual images (frames) are stored there repeatedly, in particular cyclically at defined time intervals and be picked up by the data copying unit.
  • an audioring memory may preferably be used as the transfer memory area.
  • the unidirectional memory access to multiple physical and / or logical memory areas can be done.
  • a "hardware-based" data copying unit is understood to mean a data copying unit whose essential components, in particular also the definition of the addresses of the transfer memory area, are determined by hardware and which, in particular, are not determined by any software that comes via the open computer network If this data copying unit also contains software components at all, these are at most implemented by a separate access directly to the physical data copying unit, but particularly preferably there is no possibility of software manipulation, but the entire data copying unit is constructed only in the form of hardware , For example, by means of suitable ASICS, etc., where - if an adjustment of addresses in principle should be allowed - this example, by hardware switching banks or the like can be adjusted, which then z. B. are sealed or their setting can only be changed by specially authorized personnel.
  • a corresponding device according to the invention for the transmission of data between the open computer network and the closed computer arrangement has for this purpose an "external" computer unit which is designed to receive first picture and / or audio data from a computer of the open computer network
  • this device has the said, preferably hardware-based, data copying unit
  • the device comprises an "internal" computer unit, which is designed to store the data second image and / or audio data in the completed computer arrangement to pass.
  • outer and inner computer units are to be understood that the external computer unit is connected to the open computer network and thus ultimately forms part of this open computer network, whereas the internal computer unit just no connection except via the hardware-based Data Copy unit has to the open computer network, but instead is connected to the completed computer arrangement or is a part of this.
  • inside or “internally” and “externally” or “externally” are also to be understood below.
  • the image data within the hardware-based data copying unit can use a type of display and an image recording device, for example a camera, which displays the image displayed on the display, which is actually based on the current data Transferred storage area deposited image data, records and outputs the data generated as second image data again or stored in a further memory area.
  • the audio data could be outputted to a sound output device and recorded by means of a microphone or the like second audio data as an "image" of the first audio data, in which case the image data is transmitted purely optically and the audio data is transmitted acoustically.
  • the second image and / or audio data are particularly preferably generated on the basis of the first image and / or audio data with a method which is carried out independently by the data copying unit and is neither processed by the open computer system. Network is still completely controllable from the completed computer arrangement.
  • the generation of the second image and / or audio data on the basis of the first image and / or audio data is not completely determinable or predictable from the outside.
  • the data may be changed slightly, but preferably so that in the image data this is optically not visible to a user and not audible with respect to the audio data, but on the other hand not the original bits of the first image and / or audio data are transmitted.
  • the second image and / or audio data are generated on the basis of the first image and / or audio data using random numbers.
  • these are true random numbers, which in turn can be generated based on hardware, for example based on noise at a PN junction of a semiconductor or the like.
  • a pseudo or quasi-random number generator it is preferably ensured that it is restarted in relatively short time intervals with new start parameter values, whereby these start parameter values can be generated on the basis of a true random event so as not to cause any long quasi-randomization. or generate pseudo-random number chains which, with a correspondingly high outlay, could possibly be predictable again.
  • the change of the image and / or audio data preferably takes place so that they are below the markability threshold for the human eye (for the image data) or for the human ear (for the audio data), so that the image and / or audio data for the user apparently unadulterated transmitted.
  • keyboard inputs and / or inputs by means of a pointer arrangement, such as a mouse are required by the user.
  • input data from the closed computer arrangement are preferably provided.
  • an input device of a user interface for example a simple input device such as a keyboard or mouse, copied from a first input memory of the completed computer arrangement in a connected to the open computer network second input memory area.
  • the first and / or the second input memory area can also have several
  • (Partial) memory areas include, for example, a keypad memory, a mouse ring memory, etc. Again, at least the second input memory area, but preferably also the first input memory area are defined in advance precisely, ie. H. the address ranges are specified in advance.
  • the copying of the input data from the first input memory into the second input memory preferably takes place with the aid of a hardware-based data copying unit, particularly preferably with the data copying unit described above.
  • This copying process is preferably also unidirectional, in which case it is only possible to write to the second input memory, which is in fact connected to the open computer network, ie no read access on the part of the open computer network to the first input memory is possible.
  • the data rate is very particularly preferably limited to a predetermined, preferably input device-dependent, safety limit value when copying the input data into the second input memory.
  • This limitation provides for increased protection against attacks from the inside itself, ie by persons who have access to the closed computer arrangement, but want to create unauthorized data via the open computer network to the outside, for example, to spy on an organization.
  • a suitable safety limit it can be ensured that maximally as much data per time is given out to the outside via this interface, as described, for example, in US Pat. B. are usually required to operate an Internet application.
  • a transport of larger amounts of data is deliberately impeded in such a way that Data usage via this route is extremely unattractive or even completely impractical.
  • the security threshold is preferably selected so that no more than 10 keystrokes per second, more preferably no more than 5 keystrokes per second, can be transmitted.
  • a mouse as input device, it is ensured that not more than 1000 actions per second, particularly preferably not more than 100 actions per second, for example mouse clicks or position updates or the like, can be transmitted or copied into the second input memory.
  • the first input memory and / or the second input memory are dimensioned correspondingly small and / or the memory access frequency is lowered.
  • data limitation can of course also be dispensed with.
  • third image and / or audio data preferably originating from the completed computer arrangement can preferably be stored in a preferably also previously precisely reserved third transfer memory area within the closed area.
  • the third image and / or audio data are read out again via a unidirectional memory access from the third transfer memory area by means of a preferably hardware-based, data copying unit, preferably the same hardware-based data copying unit which is also used for the first image and / or audio data.
  • Corresponding fourth image and / or audio data are then generated, each representing a (local) image, which is defined by the third image and / or audio data currently being fetched from the third transfer memory area.
  • the fourth image and / or audio data is then processed for further processing and / or storage in the open network via a unidirectional memory access in one again stored in advance precisely reserved fourth transfer memory area of a connected to the open computer network memory. Again, no read access from the outside is possible, but the data copy unit writes in this fourth specified transfer memory area.
  • the fourth image and / or audio data on the basis of the third image and / or audio data can preferably also be generated with a method that can not be controlled from the outside, particularly preferably with the aid of a random number generator.
  • the first image and / or audio data before depositing in the first transfer memory area and / or the second image and / or audio data prior to transfer to the closed computer arrangement cached.
  • the third image and / or audio data and the fourth image and / or audio data are also temporarily stored. The same is also preferable for the input data.
  • the first image and / or audio data can preferably be stored in the first transfer memory area using a remote access protocol (also abbreviated to FZP below) and / or the input data of the input device can preferably be retrieved from the second input memory area using a FZP.
  • a remote access protocol can preferably be used in Microsoft applications, an RDP protocol (Remote Desktop Protocol) and in Unix or MAC applications, an RFB protocol (Remote Frame Buffer Protocol).
  • the device according to the invention preferably comprises an external remote access protocol server with an interface for integration into the open or insecure computer network.
  • This interface may be a standard WLAN or LAN interface or an interface via a mobile radio network or the like.
  • this remote access log server has an Internet application program such as a browser or the like.
  • the external computer unit of the device according to the invention then additionally has a remote access protocol client to communicate with the Remote Access Log Server To exchange data according to the defined remote access protocol.
  • a remote access protocol is preferably also used on the secure, inner side,
  • the second image and / or audio data are made using a remote access protocol second, already located in the safe area transfer memory area of the completed computer arrangement passed and / or the inputs of the input area are stored using a remote access protocol in the first input memory area.
  • an RFB protocol or an RDP protocol can be used.
  • the inventive apparatus preferably comprises an internal remote access protocol client having a user interface, such as a user's laptop or computer in the secure area, and the internal computer unit of the device comprises a remote access protocol server for communicating with the internal remote access protocol client data to replace the defined remote access protocol.
  • the non-secure outer side and the secure inner side are provided with remote access protocol servers and clients chained one after the other, with the remote access protocol server on the inner side with the remote access protocol client on the outer side Page is coupled via the data copier unit.
  • the device comprises a number of (ie, at least one) virtual remote access remote protocol servers on a computing device integrated with the open computer network.
  • the inventive device or the external computing unit of the device according to the invention can directly via the open computer network by means of a suitable network interface, such as a LAN connection, wireless LAN connection, Mobile network or the like, be coupled to the open computer network.
  • a suitable network interface such as a LAN connection, wireless LAN connection, Mobile network or the like
  • the method according to the invention and the device according to the invention should not only be available for use on single-user computers, but it should also be possible to securely connect closed-loop networks with several computer units, for example a company intranet
  • the device it is particularly preferred for the device to have a plurality of virtual external remote access protocol servers on a computer device integrated in the open computer network, and to provide access to applications in the open computer network
  • the external computer unit can correspondingly have a first transfer memory area with a multiplicity of individual (partial) memory areas for the picture and / or audio data of the different types en separately parallel running channels, wherein for each parallel channel in each case second image and / or audio data are to be generated as local images.
  • the virtual remote access protocol servers can otherwise be permanently set up, ie, a separate virtual FZP server with its own memory area is assigned to different users operating on the secure side within the computer device in the open computer network, so that the user has presettings there deposit for yourself and use again in a later session can.
  • the remote access log server is recreated, for example, with generally default settings. After completing the session, this FZP server is completely deleted again. This has the additional benefit of automatically destroying any malware received on the remote access log server after the session ends.
  • the internal computer unit can accordingly have a plurality of remote access protocol servers and the completed computer arrangement then indicates e.g. comprise a number of internal remote access protocol clients, each coupled to a user interface and each accessing a remote access protocol server of the internal processing unit, especially dedicated during a session.
  • FIG. 1 shows a schematic illustration of a first exemplary embodiment of a device according to the invention
  • FIG. 2 shows a schematic illustration of a second exemplary embodiment of a device according to the invention
  • Figure 3 is a schematic representation of a third embodiment of a device according to the invention.
  • the non-secure computer network 2 is one or more computers which are connected to the Internet 27 or are integrated in the latter and via which it is correspondingly possible
  • the open, so potentially unsafe computer network 2 of the completed computer assembly 1 in Figure 1 as the simplest example a Single-user computer 5, for example a laptop
  • a part of this device 50 is already part of the insecure computer network 2, whereas another part of the device 50 is already counted to the completed computer arrangement 1 could.
  • the device 50 here consists of an external computer unit 7, which is integrated in the open computer network 2, an internal computer unit 9, which is connected in the closed computer arrangement 1 or connected to the laptop 5, and a hardware-based data copying unit 11 which enables the internal computer unit 9 to read or write to precisely defined storage areas of the external computer unit 7.
  • This hardware-based data copying unit 1 1 provides in the manner according to the invention for a data transport, without forming a true network connection in the conventional sense, but only a logless memory access for a well-defined mapping of data from certain memory areas of the external computer unit in memory areas of the internal processing unit and vice versa , All memory accesses are only unidirectional, wherein the memory areas in the outer computer unit 7 by the data copying unit incoming data only read-only or outgoing data only write-access. On the part of the external computer unit 7, no read or write access in the direction of the data copying unit 11 or the internal computer unit 9 is possible at all.
  • the closed computer arrangement 1 (also referred to below more generally as “internal network” 1) is completely network-technically separated from the insecure computer network 2 (also referred to below as “external network” 2).
  • the internal network 1 is under no circumstances directly accessible from the external network 2 and thus not vulnerable via the external network 2.
  • Only images (in particular also of the web page content) can be transported unidirectionally between the outer computer unit 7 and the inner computer unit 9 by means of the data copying unit 11.
  • the memory copies can only be performed by the internal computer unit 9.
  • the memory areas from which the images for the internal network 1 are generated are true end stations.
  • FIG. 1 access to the Internet 27 by means of a computer 3, which is connected directly to the Internet, for example via LAN, WLAN or other network interface.
  • a computer 3 which is connected directly to the Internet, for example via LAN, WLAN or other network interface.
  • This can, as will be explained later, also be a virtualized computer.
  • This computer 3 is remotely controlled via a remote access protocol (FZP).
  • FZP remote access protocol
  • an FZP server 4 is installed on the computer 3.
  • On the outer computer unit 7, a matching FZP client 8 is installed on the outer computer unit 7.
  • an FZP client 6 is installed in the internal network 1 on the computer 5 and an FZP server 10 is installed on the internal computer unit 9 of the device 50.
  • a client application 18 can be remotely controlled on the external computer 3 by means of the local FZP server, the device 50 according to the invention with the external computer unit 7 with the external FZP client 8 and the internal computer unit 9 with the internal FZP server 10 and the data copying unit 1 1 operating in the form of special hardware acting therebetween as a proxy for the FZP. is used.
  • This proxy forwards the necessary for remote control FZP data streams, but at the same time ensures the separation according to the invention, so that no network data, but only secure images of the information, namely image and / or audio data or control information from input devices, such as the keyboard 5T or the mouse 5M, the computer 5 are transmitted.
  • the necessary data exchange takes place as follows: In the main memory of the external computer unit 7 there is a precisely defined addressable memory area 13U for the audio data AD1 of the external computer 3. For example, these are taken from the audioring memory of the computer 3. Likewise located in the main memory of the outer computer unit 7 is a precisely defined memory area 16U for the image or moving image data VD1 which are taken over by the external computer 3 via the remote access protocol, for example from the frame buffer of the external computer 3.
  • This first audio data AD1 and first video data VD1 in the sub-memory areas 13U, 16U are cyclically updated, as otherwise provided in accordance with the remote access protocol.
  • the data from the data copying unit 11 are cyclically transferred from the memory areas 13U , 16U read out. This is a read-only access to the precisely predefined memory areas 13U, 16U.
  • the data copying unit 1 1 has a reading unit for each of the storage areas 13U, 16U.
  • the read data is then fed to another unit, which could also be called an entropy unit, which adds variability to the data. That is, second audio data AD2 and second image data VD2, which are a relatively accurate local image of the first audio data AD1 and AD2, are generated from the incoming first audio data AD1 and first image data VD1 first image data are VD1, but are not completely identical to these.
  • the added variability in the data is such that it is below the perceivable threshold for the user.
  • a random number generator 12 is preferably used for this, which generates random numbers, for example, from the noise of a PN junction of a semiconductor. These random numbers are then used in the algorithm for generating the second audio data AD2 and second image data VD2 on the basis of the first audio data AD1 and first image data VD1 from the entropy unit.
  • a modification of the data is shown in Figure 1 by the circles in the unidirectional memory access 20 (or memory access path 20).
  • the generated slightly different second audio data AD2 and image data VD2 are stored in precisely predefined memory areas 13S, 16S in the main memory of the internal computer unit 9 and can be further processed there from the internal FZP server 10 implemented on the internal computer unit 9 or to the FZP Client 6 are routed to the computer 5 of the user and output there. Therefore, the user sees on his computer 5 a client application 22, as it corresponds to the client application 18 on the external computer 3, for example, the current image of the Internet browser.
  • the access of the data copying unit 1 1 to the memory areas 13U, 16U, 13S, 16S of the outer computer unit 7 and the inner computer unit 9 takes place as explained unidirectionally, ie only read in the direction of the outer computer unit 7 and in the direction of the inner computer unit 9 only.
  • this access can also be implemented by means of DMA (Direct Memory Access) or RDMA (Remote Direct Memory Access), in order to achieve the highest possible diziness to realize.
  • the data copying unit 1 1 is realized here as a pure hardware device. If an implementation using firmware is desired, this is also possible. In this case, however, the firmware should be through a separate physical access, such as a USB plug, that is completely separate from the other networks, so that a technician with an appropriate level of confidentiality can update the data copying unit 1 1 via this USB access or the like.
  • Control data or input data TD, MD from the keyboard 5T and the mouse 5M of the internal computer 5 are first transferred from the keyboard ring memory and mouse ring memory of the computer 5 in corresponding memory areas 14S, 15S in the main memory of the internal computer arrangement 9 by means of the remote access protocol. From there, it is then possible to copy these data TD, MD again via a unidirectional memory access 23 into corresponding memory areas 14U, 15U which have been defined in advance for this purpose in the main memory of the external computer unit 7. In this case, only one write access of the data copy unit 1 1 to these memory areas 14U, 15U of the outer computer unit 7 takes place.
  • this copying takes place using a data rate limiter which ensures that the channel for the control data is not broadband Data channel can be used.
  • the memory areas 14U, 15U are designed only limited. For example, it ensures that no more than 10 keystrokes per second are transmitted and no more than 1000 mouse actions, such as clicks or position updates.
  • the memory areas 14S, 15S, 14U, 15U for this input data TD, MD may be constructed as usual keyboard ring memory or mouse ring memory and from their respective FZP servers (on the internal processing unit 9) and FZP client 8 (on the outer Computer unit 7) as usual be driven.
  • a transfer of larger amounts of data, such as secret software programs, CAD files etc. via these channels, would then take a long time and would ultimately not be practical. Unauthorized data transport to the outside with the help of unfair persons Those who work as users in the organization with the internal network are then almost completely prevented from doing so.
  • the data transmission of the input data or control data via keyboard, mouse or the like can also take place without such a data limitation. If such a data limitation for outgoing data from the internal network 1 into the external network 2 does not have to be taken into consideration, video data and / or audio data in particular can also be transmitted from the internal network 1 to the external network 2.
  • the moving image data VD3 can be stored, for example, from a frame buffer or in a precisely defined memory area 25S in the main memory of the inner computer unit 9 and correspondingly can audio data AD3 be stored in an audioring memory or precisely defined memory area 24S of the main memory of the internal computer unit 9 ,
  • the data copier unit 1 1 then reads in these third audio data AD3 and third motion picture data VD3, respectively, and generates fourth audio data AD4 and fourth motion picture data VD4 thereon in a similar manner as described above for the path from the external network 2 to the internal network 1 is.
  • Audio data AD4 and moving image data VD4 are written in correspondingly well-defined memory areas 24U, 25U in the main memory of the external computer unit 7, whereby again only a write access from the data copying unit 11 into the memory areas of the external computer unit 7 is possible and no access on the part of external computer unit 7 in the direction of the data copying unit 1 1 or in the direction of the internal network 1.
  • Changes in the audio data AD3, AD4 or moving image data VD3, VD4, z. B. by random numbers, in this way are optional. In principle, a simple copying of the data may also be permitted in this way, unless it is to be feared that software in the image and / or audio data will be smuggled out of the internal network in encrypted form.
  • the outer FZP client 8 on the outer computer unit 7 transmits both the control data or input data from the memory 14U, 15U as well as possibly the audio data AD4 and / or moving image data VD4 to the external computer 3, see FIG that the data can then be further used within the application 18 on the external computer 3.
  • Such a transfer of moving image and audio data to the external computer 3 would be useful, for example, if the user in the internal network 1 is to be allowed to perform a video conference or video call or the like over the Internet.
  • FIG. 2 shows a simplified representation of a variant of the device 50 according to the invention.
  • the internal network 1 is represented symbolically as a composite of several computers.
  • the external computer 3 is realized as a virtual computer on the outer computer unit 7 within the device 50.
  • This virtual computer 3 then has a corresponding FZP server 4, d. H. the whole operation is exactly as in the variant of Figure 1, but one less device is needed.
  • the device 50 can thus be made available as a physical unit or box and simply interposed in the usual Internet connection between the internal network 1 and the Internet 27.
  • FIG. Another variant is shown in FIG.
  • a server 3 is connected, on which virtually several FZP servers 4 are realized.
  • the device 50 ie both the external computer unit 7 and the internal computer unit 9 and the data copying unit 1 1, are designed so that several channels or sessions for the individual FZP devices Server 4 can be operated.
  • several users of the internal network 1 with their computers can each access the FZP servers 4 assigned to them in the server 3 via the device 50 and use the Internet in the manner according to the invention.
  • the internal and external computer units 9, 7 each have a corresponding number of (likewise virtual) FZP servers and FZP clients, and more memory areas for the audio data, video data, and input data of the various channels must correspond to the number of channels to be provided.
  • the data copying unit 1 1 must be designed so that it can operate several channels in parallel.
  • the FZP server 4 on the server 3 can be designed so that they are each newly created when a session is opened by a user of a computer in the internal network 1, and at the end of the session, this FZP server 4 is deleted again and thus destroyed all possible malware.
  • VD1 first video data
  • VD3 third video data

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

L'invention concerne un procédé et un dispositif (50) destiné à transmettre des données entre un réseau informatique ouvert (2) et un ensemble informatique isolé (1). Selon l'invention, les données vidéo et/ou audio (VD1, AD1) d'un ordinateur (3) du réseau informatique ouvert (2) sont mémorisées dans une première zone de mémoire de transfert (16U, 13U), exactement réservée à l'avance, d'une mémoire reliée au réseau informatique ouvert (2). Ces premières données vidéo et/ou audio (VD1, AD1) sont lues par une unité de copie de données (11) par le biais d'un accès mémoire unidirectionnelle (20) de la première zone de mémoire de transfert (16U, 13U). À partir de là, des secondes données vidéo et/ou audio (VD2, AD2) sont générées qui représentent chacune une image qui est définie par les premières données vidéo et/ou audio (VD1, AD1). Les secondes données vidéo et/ou audio (VD2, AD2) sont ensuite transmises à l'ensemble informatique isolé (1).
PCT/EP2015/076709 2014-12-08 2015-11-16 Procédé et dispositif de transmission de données dans des réseaux séparés WO2016091540A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP15801356.5A EP3231150A1 (fr) 2014-12-08 2015-11-16 Procédé et dispositif de transmission de données dans des réseaux séparés

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102014118069.0 2014-12-08
DE102014118069.0A DE102014118069A1 (de) 2014-12-08 2014-12-08 Verfahren und Vorrichtung zur Übertragung von Daten

Publications (1)

Publication Number Publication Date
WO2016091540A1 true WO2016091540A1 (fr) 2016-06-16

Family

ID=54705568

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2015/076709 WO2016091540A1 (fr) 2014-12-08 2015-11-16 Procédé et dispositif de transmission de données dans des réseaux séparés

Country Status (3)

Country Link
EP (1) EP3231150A1 (fr)
DE (1) DE102014118069A1 (fr)
WO (1) WO2016091540A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021198447A1 (fr) 2020-04-01 2021-10-07 Gregor Siebenkotten Procédé et dispositif pour commander de manière contrôlée la communication entre des dispositifs de traitement de données séparés physiquement

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110302624A1 (en) * 2010-06-04 2011-12-08 Xuemin Chen Method and system for secure content distribution by a broadband gateway
US20130305344A1 (en) * 2012-05-14 2013-11-14 Alcatel-Lucent India Limited Enterprise network services over distributed clouds
US20130305320A1 (en) * 2012-05-08 2013-11-14 Guest Tek Interactive Entertainment Ltd. Automatic service activation for user device upon detecting its device identifier on network of hospitality establishment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110302624A1 (en) * 2010-06-04 2011-12-08 Xuemin Chen Method and system for secure content distribution by a broadband gateway
US20130305320A1 (en) * 2012-05-08 2013-11-14 Guest Tek Interactive Entertainment Ltd. Automatic service activation for user device upon detecting its device identifier on network of hospitality establishment
US20130305344A1 (en) * 2012-05-14 2013-11-14 Alcatel-Lucent India Limited Enterprise network services over distributed clouds

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
GENNUSO K., DISCONNECT FROM THE INTERNET - WHALE'S E-GABP IN-DEPTH. SANS INSTITUTE, 13 September 2001 (2001-09-13)
KEVIN GENNUSO: "Disconnect from the Internet -Whale's e-Gap In-Depth", 13 September 2001 (2001-09-13), pages 1 - 9, XP055239492, Retrieved from the Internet <URL:https://www.sans.org/reading-room/whitepapers/firewalls/disconnect-internet-whales-e-gap-in-depth-802> [retrieved on 20160108] *
OWL COMPUTING TECHNOLOGIES: "Multi-level Data Retrieval Service", 15 October 2014 (2014-10-15), pages 1 - 2, XP055239501, Retrieved from the Internet <URL:http://www.owlcti.com/pdfs/datasheets/government/MDRS.pdf> [retrieved on 20160108] *

Also Published As

Publication number Publication date
DE102014118069A1 (de) 2016-06-09
EP3231150A1 (fr) 2017-10-18

Similar Documents

Publication Publication Date Title
DE60302276T2 (de) Verfahren zur ferngesteuerten Änderung eines Kommunikationspasswortes
DE102005051577B4 (de) Verfahren zur Verschlüsselung bzw. Entschlüsselung von Datenpaketen eines Datenstroms sowie Signalfolge und Datenverarbeitungssystem zur Ausführung des Verfahrens
DE102012213807A1 (de) Steuerung des Lightweight-Dokumentenzugriffs mithilfe von Zugriffskontrolllisten im Cloud-Speicher oder auf dem lokalen Dateisystem
DE102014113582A1 (de) Vorrichtung, Verfahren und System für die kontextbewusste Sicherheitssteuerung in einer Cloud-Umgebung
WO2017042320A1 (fr) Système électronique de surveillance de thérapie assisté par réseau
EP3152874B1 (fr) Procédé de routage pour transférer des instructions de tâches entre des systèmes informatiques, infrastructure de réseau d&#39;ordinateurs ainsi que produit-programme d&#39;ordinateur
DE102009054128A1 (de) Verfahren und Vorrichtung zum Zugriff auf Dateien eines sicheren Fileservers
DE10241974B4 (de) Überwachung von Datenübertragungen
EP3529967B1 (fr) Procédé de liaison d&#39;appareils avec ce qu&#39;il est convenu d&#39;appeler les nuages, programme informatique impliquant une mise en oeuvre du procédé et unité de traitement destinée à exécuter le procédé
WO2015121060A1 (fr) Procédé de communication entre des systèmes informatiques sécurisés et infrastructure de réseau informatique
WO2016091540A1 (fr) Procédé et dispositif de transmission de données dans des réseaux séparés
DE112004000125T5 (de) Gesichertes Client-Server-Datenübertragungssystem
EP3152880B1 (fr) Procédé de communication entre des systèmes informatiques sécurisés, infrastructure de réseau d&#39;ordinateurs ainsi que produit-programme d&#39;ordinateur
EP3318033A1 (fr) Procédé de déconnexion de systèmes informatiques externes dans une infrastructure de réseau informatique, réseau d&#39;ordinateurs répartis comportant une telle infrastructure de réseau informatique, et produit-programme d&#39;ordinateur
DE112012000780T5 (de) Verarbeiten von Berechtigungsprüfungsdaten
DE102012007217A1 (de) IT-Verfahren für den sicheren Umgang mit Sensitiven Daten im Kontext des Cloud Computings
DE102014213454A1 (de) Verfahren und System zur Erkennung einer Manipulation von Datensätzen
DE102014008059A1 (de) System und Verfahren für eine sichere und anonyme Kommunikation in einem Netzwerk
EP2436166B1 (fr) Interface de service
EP3170295A1 (fr) Procédé de libération de systèmes informatiques externes dans une infrastructure de réseau informatique, réseau informatique distribué ayant une telle infrastructure de réseau informatique, et un produit programme d&#39;ordinateur
DE602004005992T2 (de) Datenverarbeitungssystem und Verfahren
DE102021114687A1 (de) Verfahren, Computerprogrammprodukt und System zum Schutz einer Computerstruktur
EP3241332B1 (fr) Procédé de création et de configuration de clés pour un deuxième terminal
DE102005050336B4 (de) Verfahren und Anordnung zum Betreiben eines Sicherheitsgateways
WO2021198447A1 (fr) Procédé et dispositif pour commander de manière contrôlée la communication entre des dispositifs de traitement de données séparés physiquement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15801356

Country of ref document: EP

Kind code of ref document: A1

REEP Request for entry into the european phase

Ref document number: 2015801356

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE