摘要
对公安信息网与其他网络间的跨网络与跨信任域的安全数据交换进行了研究,提出了一种数据安全传输控制系统设计方案,底层硬件设计上基于光单向传输特点,保证数据的单向安全传输,实现网络间的物理隔离,上层系统软件通过采用完整性校验、数据加解密、数据重发、病毒扫描、内容过滤等多种技术保证系统传输数据的完整性、保密性、可靠性和内容合规性;整个系统由通道资源调度、通道资源上报、通道任务管理、队列任务管理以及主任务管理等模块组成,可实现设备信息注册、设备状态上报、通道任务管理、安全访问控制、监控与审计等功能,满足不同网络间文件数据、流数据、数据库数据、请求服务数据的安全、高效传输需求。
The security data exchange model between the public security information network and other networks is studied,and propose a design scheme of data security transmission control system.The underlying hardware design is based on the characteristics of one-way light transmission,which can ensure the one-way safe transmission of data,and realize the physical isolation between networks.In order to ensure the integrity,confidentiality,reliability and content compliance of the transmission data,we adopt the integrity check,data encryption and decryption,data re-transmission,virus scanning,content filtering and other technologies in the upper system design.The whole system is composed of channel resource scheduling,channel resource reporting,channel task management,queue task management and main task management.It can realize the functions of device information registration,device status reporting,channel task management,security access control,monitoring and auditing.Meanwhile,the proposed system can meet the security and efficient transmission of file data,stream data,database data and request service data between different networks.
作者
樊志杰
胡正梁
熊已兴
芦毅
刘毅
Fan Zhijie;Hu Zhengliang;Xiong Yixing;Lu Yi;Liu Yi(Research and Development Center,Shanghai Chenrui Information Technology Company,Shanghai 200031,China)
出处
《计算机测量与控制》
2021年第2期103-107,115,共6页
Computer Measurement &Control
基金
国家重点研发计划(2018YFC0807105)。
关键词
单向光
公安信息网
数据安全传输
完整性校验
数据加解密
one-way light
public security information network
data security transmission
integrity check
data encryption and decryption
