Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Data secure transmission method among multilevel information systems

An information system and data security technology, applied in the field of high-level protection, can solve the problems of unspecified safety marks, incompatibility, poor flexibility, etc., to eliminate information islands, promote information sharing, and improve efficiency.

Active Publication Date: 2012-03-07
THE PLA INFORMATION ENG UNIV
View PDF4 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in its security mark, confidentiality and integrity are defined and explained separately, and it does not indicate what content is covered by the security mark, failing to achieve the unity of confidentiality and integrity
In addition, the document only roughly explains the implementation and function of marking at each layer in the OSI seven-layer structure, and briefly explains the way intermediate nodes and end systems process marked data. However, with the development of the Internet today, many contents in the literature It is no longer suitable or cannot be applied in today's network, and the specific content and format of the security mark, as well as the specific implementation method of the security mark are not given in the literature
[0007] FIPS PUB 188 (Standard Security Label for Information Transfer) defines the format of the security label and explains it, but there are still some limitations in its definition, and the unification of multi-dimensional security attribute labels has not been realized, and in In the implementation of multi-level security policies, there are still problems of poor flexibility, and at the same time, how to bind security tags to data streams and security issues are not explained
[0008] Domestic research on safety marks focuses on the application of safety marks in the BLP and BIBA models. The main object of application research is the operating system, and the reading and writing of the limited information of safety marks has not been extended to the network, which obviously cannot meet the needs of my country's protection. Requirements for secure interconnection of multi-level information systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data secure transmission method among multilevel information systems
  • Data secure transmission method among multilevel information systems
  • Data secure transmission method among multilevel information systems

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The present invention will be described below in conjunction with the accompanying drawings and specific embodiments.

[0053] basic concept

[0054] Before describing the specific implementation of the present invention in detail, some concepts involved in the present invention will be described uniformly.

[0055] (1), subject (Subject)

[0056] The subject in this application refers to the requester who initiates access to a certain type of resource or the initiator of the communication between the two parties. For example, users, hosts, subnets, address ranges, user groups, subnet groups, and address groups can all be defined as subjects.

[0057] (2), object (Object)

[0058] The object is a concept opposite to the subject, and it refers to the resources accessed by the subject. For example, files, databases, web services, ftp services, subnets, hosts, address ranges, address groups, etc., can all be defined as objects.

[0059] (3), Secure Label

[0060] The...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a data secure transmission method among multilevel information systems. In the method, a regional border gateway of an information system at which a subject is located judges whether security processing is needed according to a security label of the subject contained in an access request; the regional border gateway of the information system at which the subject is located searches whether the corresponding label security channel exists according to the security labels of the subject and an object, if the corresponding label security channel does not exist, a new label security channel is created and the next step is executed, and otherwise, the next step is directly executed; the information in the security label of the subject is written to an IP option field of a data packet of the access request, then the data packet can be forwarded to an information system at which the object is located through the label security channel, and the regional border gateway of the information system receives the data packet via the label security channel; security policies can be compared, if the comparison results are consistent, the data packet can be permitted, and otherwise, the data packet can be abandoned; and when receiving the data packet, the object judges an operation type of the object by the subject and the subject can read or write on the object according to the operation type.

Description

technical field [0001] The invention relates to the field of hierarchical protection, in particular to a data security transmission method between multi-level information systems. Background technique [0002] As a policy that the country is committed to promoting, hierarchical protection has gradually become a means of information security protection and has become an important content in the field of information security research. It divides the information system into different security levels according to the mission and goal of the information system, and according to the importance of the system, and comprehensively balances the security cost and risk, forms different levels of security measures, and realizes the security protection of the information system. [0003] In the "Computer Information System Security Protection Level Classification Criteria" (GB 17859), my country divides the computer information system security protection capabilities into five levels, nam...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32
Inventor 张红旗陈性元杜学绘曹利峰王超孙奕
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com