1. Technical Field
The present invention relates generally to a one-way data transmission and reception system and method and, more particularly, to a system and method that enable reliable one-way data transfer between a transmission system and a reception system that are connected via a single hop using a wired/wireless one-way interface.
2. Description of the Related Art
In order to fundamentally prevent intrusion from a network having a low security level into a network having a high security level, it is general practice to operate networks by physically separating networks having high security levels from networks having low security levels.
However, completely and physically separating networks having different security levels makes it difficult to transfer data from a terminal in a network having a high security level to a terminal in a network having a low security level, or from a terminal in a network having a low security level to a terminal in a network having a high security level. For example, FIG. 1 illustrates a network before physical network separation is applied, and FIG. 2 illustrates a network after physical network separation has been applied. In FIG. 1, terminals 1, 2, and 3 may use Transmission Control Protocol (TCP)-based or User Datagram Protocol (UDP)-based data transfer programs so as to transfer data to terminals 4, 5, and 6, respectively. However, if network separation is realized, as shown in FIG. 2, the transmission of data between networks is impossible.
Physical one-way data transfer technology refers to technology for supporting one-way data transfer between networks. As related preceding technology, U.S. Patent Application Publication No. 2012-0151075 is disclosed. An example of the application of physical one-way data transfer technology is shown in FIG. 3. In FIG. 3, a physical one-way data transfer system includes a transmission system 9 and a reception system 10. The transmission system 9 is connected to a first network 7 and the reception system 10 is connected to a second network 8. Further, for a connection between the transmission system 9 and the reception system 10, only a unidirectional physical line is permitted, and a physical line from the reception system 10 to the transmission system 9 is disconnected.
The transmission system 9 receives data that is transmitted from the terminals 1, 2, and 3 of the first network 7 to the terminals 4, 5 and 6 of the second network 8 during the transmission of the data, and transmits the data to the reception system 10. At this time, the unidirectional physical line is used. The reception system 10 transmits the received data to the terminals 4, 5 and 6 of the second network 8.
In this way, the physical one-way data transfer technology is advantageous in that it can support TCP- or UDP-based data transfer between networks to which physical network separation is applied. However, current physical one-way data transfer technology is vulnerable to the loss of data frames.
The reason why the technology is vulnerable to the loss of data frames is described using data transfer between terminating devices by way of example. In an environment in which six devices A-B-C-D-E-F are connected in an end-to-end manner via a physical line, A attempts to transmit data to F, and B, C, D, and E become intermediating devices acting as routers to participate in the transmission of data. During this data transmission procedure, the loss of data may occur, and the reason for this is chiefly divided into two factors.
First, data loss attributable to a link error may occur. An error may be caused in a received signal due to the problem of a physical line or noise, resulting in the loss of data bits. When an IEEE 802.3-based Media Access Control (MAC) protocol is used, C calculates Cyclic Redundancy Check (CRC) of a received data frame, checks whether an error has occurred, and if a data frame having a bit error is received, deletes the corresponding frame. That is, while A is transmitting data to F, data loss of a predetermined portion may occur in sections A-B, B-C, C-D, D-E, and E-F of the physical line.
Second, data loss caused by network congestion may occur. When a network is congested during the transmission of data from A to F and then the amount of data that has reached B to F becomes greater than the amount of data that can be processed by B to F, a buffer overflow problem may occur in B to F. Due to this, the loss of data may occur.
Accordingly, in order to guarantee reliable data transfer between terminating devices, a TCP may be used. In this case, after A has transmitted TCP data, retransmission is performed until a TCP Acknowledgment (ACK) frame for the data is successfully received, thus guaranteeing lossless data transmission. Below, a case where a physical one-way data transfer system is applied will be described. In the above-described example, it is assumed that C is the transmission system of the one-way data transfer system, and D is the reception system of the one-way data transfer system. In this case, since the connection of a physical line from D to C is not present, the use of TCP enabling bidirectional (two-way) communication is impossible, and thus lossless data transmission from A to F cannot be provided. That is, the loss of data frames between B to F directly influences loss of data on the application layer of F. This does not cause any special problem in the case of an application program using a UDP which accepts a predetermined amount of data loss, but may cause a problem in the case of a program using a TCP which performs lossless data transmission. In other words, an example is assumed in which a single piece of data having a size of 15 Mbytes (e.g., a compressed file) is transferred from the terminal 1 to the terminal 4 of FIG. 3 using a TCP-based transfer program. Further, it is assumed that the maximum size of the data frame of IEEE 802.3 is about 1500 bytes, and a data file of 15 Mbytes is divided into about 100 data frames and transferred using TCP. In this case, due to the problem of a physical line between the transmission system 9 and the reception system 10 of the physical one-way data transfer system or the problem of data loss caused by congestion in the first network 7 or the second network 8, when even a single data frame among 100 data frames is not received (that is, when the terminal 4 receives 99 data frames), it is impossible to reconstruct the received data frames into original data of 15 Mbytes, thus resulting in the same problem as that obtained when the entirety of original data is not received.
In order to mitigate the problem of data loss in a communication system, the following technology may be utilized. In order to mitigate the loss of data caused by error, the transmission system 9 may use a Forward Error Correction (FEC) technique for adding a predetermined amount of redundancy information to data frames to be transmitted and correcting an error. In order to solve the problem of data loss caused by network congestion, the buffer size of a network node or a destination node may be increased, or technology disclosed in U.S. Patent Application Publication No. 2012-0151075 may be used. However, even if the above-described patent is utilized, the problem of data loss caused by link error between the transmission system 9 and the reception system 10 and the problem of data loss caused by the buffer overflow of the reception system 10 may occur. The buffer overflow of the reception system 10 may occur when a data transfer rate between of the terminals 1, 2 and 3 of the first network 7 and the transmission system 9 is greater than a data transfer rate between the reception system 10 and the terminals 4, 5 and 6 of the second network 8.
As another related preceding technology, Korean Patent No. 10-1334240 discloses technology for unidirectionally transmitting data from a network having a high security level to a network having a low security level and receiving the results of verification of data through a separate line.