The protection of data networks is currently ensured by devices whose security relies on their dependability of implementation and the good mastery of the communication protocols. This is the case notably for “firewall” devices, application relays or network segmenting products (such as VLAN products, or those of the 802.1Q standard), as well as intrusion detection and prevention systems.
Several types of security architectures can exist. In very secure architectures, network interconnections are prohibited. Exchanges are made with the aid of physical elements which are attached to only one system at a time. Exchange devices with a single direction of communication exist but their reliability is limited on account of the lack of exchange control stream, and they are not necessarily used in the direction going from the least sensitive system in terms of security to the most sensitive system in terms of security. This is the case for “physical diode” devices based, for the most part, on optical fiber technologies.
It is customary to implement an “ideal” exchange architecture by way of successive firewalls delimiting an external exchange area, an internal exchange area of first level of confidentiality and an internal exchange area of second level of confidentiality, respectively managed by dedicated servers. By multiplying these exchange areas, the task of any ill-intentioned third party wishing to access, or indeed corrupt, certain data of a computerized system is made more complex.
However, numerous software flaws have been revealed in architectures of this type, thus giving rise to the compromising of the network that they were supposed to protect. The “ideal” exchange architectures have, for example, been sensitive to attacks on applications using Web technologies.
Independently of this problem of software dependability, poor application of the security policy of an enterprise or an error in the configuration of such devices can compromise the security of the entire network. These errors therefore require monitoring and procedures for continuous auditing and upgrading of such devices.
A first solution to these problems has been proposed in French patent application FR 08 58790. In this patent application, the invention consists in transferring data in a secure manner, by means of simple commands of read or write type, by way of physically frozen means as well as of an intermediate central storage space, so as to avoid seizure of control of a system connected to one of the access ports of the secure transfer system by means of a system connected to another of the access ports of this same secure transfer system.
However, a device using such a solution presents the drawback of depending on the systems which are connected to it as regards the end of the writing of a file. If such a device begins several file writes in parallel, this device is then compelled to maintain as many description tables as there are files in the course of writing, this being manifested by a needless consumption of resources.
Moreover, in a default implementation of a device according to this invention, the central storage element of such a device does not necessarily know when the digital file transferred has finished being transmitted, and this may impede the movement of this file in this element short of resorting to a particular implementation of this system, thereby complicating this solution still further.
There therefore exists, in the solutions of the prior art, a problem of managing files to be transferred, which ought to be remedied.
The present invention improves this situation.