| The aim of network isolation is to ensure the safety of internal network, but the aim of network interconnection is to exchange data between internal network and external network. A technical proposal of safe data transmitting based on physics isolation is put forward to solve the problem of contradiction between them. The technical proposal adopts intermediate buffer,message authentication,authentication,protocol decomposition and encapsulation, realize dynamic, quasi real-time safe data transmitting in the condition of disconnecting internal network and external network, and realize physical disconnection between internal network and external network.Network separator transmits data through data reception module, data analysis module, security module, etc, ensure data integrity by message authentication to received data, prevent attacks that make use of protocol vents through data package decomposition of TCP/IP protocol and data package encapsulation of specialized protocol, ensure user identity validity through authentication of users.A system of message authentication based on MD5 algorithm is constructed. The system produces message digest of transmitting data by MD5 algorithmic, judge data integrity by compare identity of message digests of transmitting data inside processing unit and outside processing unit.An authentication system based on USB key is also designed, which realizes bilateral authentication between user and server through 3 message interchange between client and server.My network separator adopts dual channel real-time switcher technology with buffer,integrates message authentication system based on MD5 and authentication system based on USB key. These technologies can not only improve data exchange speed, but also enhance its security performance. |
PDF Full Text Request