Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Single processing system and network security isolation method based on hardware data conversion technology

A technology of data conversion and single processing, which is applied in transmission systems, electrical components, etc., can solve the problems of network data transmission efficiency reduction, CPU resource occupation, and complicated maintenance operations, so as to eliminate penetrating links, improve efficiency, and operate reliably Effect

Active Publication Date: 2018-04-20
珠海市鸿瑞信息技术股份有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method has the following problems: the use of two sets of processing systems, the structure is complex, and it is easy to increase the probability of failure, and it needs to be configured separately for the two sets of processing systems, so the maintenance operation is complicated; reconnection, timeout, blockage, interruption, etc. occur in the internal and external networks. In the event of an error, the processing process will be very complicated, and because the two processing systems are independent of each other, an internal data exchange mechanism is required between them to ensure reliable data transmission; the CPU completes the TCP / IP protocol network traffic processing, especially for Gigabit and above network environment, which will take up a lot of CPU resources and lead to a decrease in the efficiency of network data transmission

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single processing system and network security isolation method based on hardware data conversion technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Such as figure 1 As shown, the single processing system based on the hardware data conversion technology of the present invention includes a main processing system 1, a parameter configuration interface 2, a data bus 3, an intranet network interface unit 4 containing multiple network ports, and a network interface unit containing multiple network ports. External network network interface unit 5 . The main processing system 1 may be composed of a CPU and related peripherals, or may be composed of an FPGA and related peripherals. The internal network interface unit 4 and the external network interface unit 5 can be composed of dedicated ASIC chips, or can be composed of FPGA and related peripherals that have been solidified and whose parameters cannot be changed online. Both the internal network interface unit 4 and the external network interface unit 5 have TCP / UDP network protocol offloading and hardware data conversion capabilities, and the hardware data conversion me...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a uniprocessing system based on a hardware data transformation technology and a network security isolation method thereof, wherein the system and method have advantages of high security and reliability, simple structure, convenient maintenance, and high efficiency. According to the invention, the system is deployed at a network boundary that needs to protect an inner network from being attached by an outer network and prevent leakage of data of the inner network to the outer network; and unidirectional information inputting from a low-security zone of the outer network to a high-security zone of the inner network in fields including but not limited to government and defense fields as well as unidirectional information transmission from a high-security zone of the inner network to a low-security zone of the outer network in the industrial control field can be realized. On the basis of combination of the uniprocessing system with the hardware network protocol unloading structure, a TCP / UDP application layer data flow at a network input / output terminal is monitored and the application data flow direction and the return data channel width are limited. Therefore, the structure becomes simple, the maintenance becomes convenient, and the operation becomes reliable, and the efficiency is substantially improved; and the system and the method are suitable for the uniprocessing security isolation network boundary with the high bandwidth flow requirement.

Description

technical field [0001] The present invention relates to a method and system for network security isolation, in particular to a single processing system based on hardware data transformation technology and a network security isolation method, which are applied to protect the internal network from external network attacks or prevent internal network data from being exported to the outside world. The network boundary of network leakage belongs to the technical field of computer network security isolation. Background technique [0002] With the widespread use of computer and network technology, for an internal network system of an enterprise or functional department that is directly connected to the external public network, its network security features usually require that the internal network and the external network realize the necessary information communication at the same time. , which can effectively protect the internal network from illegal intrusion attacks from the ext...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0209
Inventor 邹春明刘智勇
Owner 珠海市鸿瑞信息技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products