Protection of a computer or data network against undesired and unauthorized data disclosure has been a perennial concern in the field of computer and network security. For example, firewall and anti-spyware software have been developed to address security concerns for computers and networks connected to the Internet and to protect them from possible cyberattacks such as Trojan horse-type viruses or worms that may trigger undesired and unauthorized data disclosure by these computers and networks. However, for high security computer networks such as those used by government agencies and intelligence communities and certain commercial applications, the conventional network security devices such as firewalls may not provide sufficiently reliable protection from undesired data disclosure.
Alternative network security methods and devices have been devised to address the network security concern. For example, U.S. Pat. No. 5,703,562 to Nilsen (the '562 patent”), the contents of which are hereby incorporated by reference in their entirety, provides an alternative way to address the network security concern. The '562 patent discloses a method of transferring data from an unsecured computer to a secured computer over a one-way optical data link comprising an optical transmitter on the sending side and an optical receiver on the receiving side. By providing such an inherently unidirectional data link to a computer/data link to be protected, one can eliminate any possibility of unintended data leakage out of the computer/data network over the same link.
As attacks on computers and networks generally require a bidirectional link over which the attacking computer can make unauthorized retrieval of data from a target computer or network, a one-way data link provides a structural defense by insulating the target computer or network against unintended leakage from “probing” attacks from the outside, while still allowing data transfer from the external source in a controlled fashion. FIG. 1 schematically illustrates an example of one such one-way data transfer system 100. In the one-way data transfer system shown in FIG. 1, two computing platforms (or nodes) 101 and 102 (respectively, “the Send Node” and “the Receive Node”) are connected to the unsecured external network 104 (“the source network”) and the secure network 105 (“the destination network”), respectively. The Send Node 101 is connected to the Receive Node 102 by a one-way data link 103, which may be an optical link comprising, for example, a high-bandwidth optical fiber. This one-way data link 103 may be configured to operate as a unidirectional data gateway from the source network 104 to the secure destination network 105 by having its ends connected to an optical transmitter on the Send Node and to an optical receiver on the Receive Node.
This configuration physically enforces one-way data transfer at both ends of the optical fiber connecting the Send Node 101 to the Receive Node 102, thereby creating a truly unidirectional one-way data link between the source network 104 and the destination network 105 shown in FIG. 1. Unlike the conventional firewalls, one-way data transfer systems based on a one-way data link are designed to transfer data or information only in one direction and it is physically impossible to transfer data or information of any kind in the reverse direction. No information or data of any kind, including handshaking protocols such as those used in data transport protocols such as TCP/IP, SCSI, USB, Serial/Parallel Ports, etc., can travel in the reverse direction from the Receive Node back to the Send Node across the one-way data link. Such physically imposed unidirectionality in data flow cannot be hacked by a programmer, as is often done with firewalls. Accordingly, the one-way data transfer system based on a one-way data link ensures that data residing on the isolated secure computer or network is maximally protected from any undesired and unauthorized disclosure.
While the use of a one-way data link affords significant improvements in network security, it also introduces novel problems in performing common network functions, such as updating of databases, that have been developed for bilateral communication channels. Updating, or replicating, networked databases is common network function involved in a number of applications including but not limited to, data archival, disaster recovery, and “mining” data for analysis without undue consumption of network resources. While the database update techniques for databases networked via bilateral links is a mature art which has been developed by many companies such as Oracle, such techniques cannot be directly applied to databases coupled via a unidirectional link, because implementation of the conventional database update techniques often requires a large amount of bilateral communications.
Because of many advantages in network security that are discussed above, it is often desirable and necessary to update databases through a one-way data link. Such system would be of great value to, for example, governmental agencies, intelligence communities, secure commercial applications and other users of highly secure networks that require constant updating of databases in their network.
One possible approach for updating databases through a one-way link would be a “brute force” method of replicating an entire database across the one-way link. However, such approach is inefficient in the use of available network resources and furthermore may be impractically slow depending on the size of the database to be copied.
It is an object of the present invention to provide an efficient approach for updating and replicating databases through a one-way data link.
It is yet another object of the present invention to provide a database update technique capable of effectuating incremental database updates in real time through a one-way data link.
It is yet another object of the present invention to provide a command-based database replication/update approach for databases connected by one-way data links.
It is yet another object of the present invention to utilize the functionalities of the conventional database update techniques based on bilateral communications in a data transfer system based on a one-way data link.
It is yet another object of the present invention to resolve sequencing conflicts and implement database update through a one-way data link in a sequential manner.
It is yet another object of the present invention to provide a mechanism for verifying the operability of a one-way data link in connection with database update function through the one-way data link.
It is yet another object of the present invention to provide a mechanism for detecting an error during the database update through a one-way data link and initiating necessary recovery procedures in case of detecting an error.
Other objects and advantages of the present invention will become apparent from the following description.