摘要
阻止黑客攻击,预防上网终端机密信息泄漏已成为信息安全领域研究的重要课题。基于双硬盘实现网络信息物理隔离是目前采用较多的技术方案,但该方案实现成本较高。讨论了在单硬盘双网环境下,如何实现基于单硬盘的内外网信息的物理隔离。对硬盘的分区表结构及分区表链进行了深入分析,给出了一种单硬盘网络终端信息物理隔离的硬件设计实现方案,重点讨论了双网信息物理隔离的机制和实现方法,详细介绍了控制程序的设计方法和流程。根据设计方案研发的安全产品经国内多家单位安装使用反应较好,达到了低成本高安全性地实现上网终端双网信息物理隔离的设计目标。
Stopping the attack of hackers and preventing the information leak of on-line terminals have become the important task in the field of information security. Now the scheme of physical separation of network information based on the double hard disks is more adopted, but it costs much. The scheme of physical separation between two networks on single hard disk is discussed. Firstly, the structure and chain of partition table of hard disk is studied, and then a scheme of information physical separation on on-line terminals of single hard disk is brought forward, and the mechanism and method of physical separation between two networks is discussed, and the method and flow of control programs is introduced. The products designed according to this scheme are installed and used in many units in our country and are welcome. It achieves the goal of low cost and high security in information physical separation between two networks on on-line terminals.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第2期460-462,465,共4页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2006AA01Z404)
关键词
硬盘分区
分区表链
单硬盘
扩展ROM
物理隔离
hard disk partition
partition table chain
single hard disk
extended ROM
physical isolation