This invention relates to data transfer between networks operating at different security levels.
A known Secure Network Server (SNS) integrates networks and components operating at different security classification levels. In that known system, separate processes, called the receiving and forwarding processes, were respectively used to communicate with the source and destination hosts. These two processes were completely isolated from each other, with no backward flow of information. Messages received by the process communicating with the source host were forwarded to a trusted process that would dynamically spawn a process to communicate with the destination host for each message.
The foregoing approach has two drawbacks: (1) if the destination host were not available or crashes during the transfer, the source host will never know, and may act as if the messages had been reliably delivered; and (2) the creation of the forwarding process for each message and passing the messages through an intermediate trusted process reduces message throughput.
There is a need to develop an architecture, design and implementation that improves the reliability of data transfer between networks.