1. Technical Field
The present invention relates generally to an apparatus and a method for multilateral one-way communication and, more particularly, to an apparatus and a method capable of ensuring the reliability of data transmission in a one-way section of a network while maintaining advantages of physical one-way data transmission technology.
2. Description of the Related Art
Recently, network separation technology capable of transmitting data to an external network while protecting an internal network has been developed. Thus, various network separation technologies have also been developed.
One-way data transmission technology is one of such network separation technologies. One-way data transmission technology is classified into logical one-way data transmission technology and physical one-way data transmission technology according to an implementation scheme.
Among the logical one-way data transmission technology are approaches of designating read authority and write authority for sharing storage or of recruiting PC virtualization. These approaches, however, are vulnerable to external intrusion due to various problems including their own structural weakness, difficulty in materialization, etc.
Structured such that the physical path itself is one way, a physical one-way data transmission technology enjoys the advantage of making internal intrusion impossible when the system is attacked from outside. However, in a physical one-way data transmission scheme, since it is not possible for the transmission side to know the state of the reception side, the reliability of data transmission may not be ensured in a one-way section of a network. Additionally, for conventional existing apparatuses, only 1:1 communication is possible. Thus, the implementation of N:M communication requires additional necessary communication network sections with respective capable equipment, or with respective relay servers, resulting in a complicated and inefficient network configuration, which is problematic.
A physical one-way data transmission apparatus is network security equipment allowing data to travel in only one direction, that is, from an internal network to an external network, and is used in guaranteeing information security, while physically blocking data transmission from an external network to an internal network thereby fundamentally preventing intrusion via the external network. In the physical one-way data transmission scheme, transmission is usually carried out through an unshielded twisted pair (UTP) cable in which the RX line is cut, through a serial cable in which the reception line is cut, or with an optical converter in which the RX line is removed.
However, the approach of physically transmitting data in one direction by cutting a reception line has the risk of data loss. There are several suggested solutions to this problem, such as adjusting a buffer size and transmission speed, the employment of a separate control line (exclusive for data), and the like. However, in the state in which it is not possible for the transmission side to know the state of the reception side, the methods of adjusting buffer size or transmission speed are not perfect solutions for the situation where it is impossible to know the state of the reception side. Additionally, the separate control line itself may be abnormally used as an intrusion path.
A related prior art is found in Korean Patent Application Publication No 10-2011-0040004 which discloses the transmission of data from a high security network to a low security network