Protection of computer or data networks from undesired and unauthorized data disclosure, interception or alteration has been a perennial concern in the field of computer and network security, for which firewalls and anti-spyware software have been developed to address security threats to computers and networks connected to the Internet and to protect them from possible cyberattacks, such as Trojan horse-type viruses or worms that may trigger undesired and unauthorized data disclosure by these computers and networks. However, for high security computer networks, such as those used by government agencies, intelligence communities, and certain commercial applications, conventional network security devices such as firewalls may not provide sufficiently reliable protection from undesired disclosure.
A high level of network security can be attained through the use of one-way data links, which isolate secure networks from security breaches (i.e. undesired and unauthorized data flow out of the secure network) while still allowing data from a low security environment to enter the network in a controlled manner. Various apparatus and methods have been developed for implementing one-way data transfer to a secure network.
Methods and systems for one-way data transfer include standard Internet firewalls as well as operating systems configured with specialized rules for restricted unidirectional information flow. Systems such as these are designed to have great flexibility, but are now being asked to perform strict unidirectional data transfer. The complexity of one-way data transfer is such that it is difficult to validate and verify that the controlled interface is not strictly one-way, failsafe and resistant to reconfiguration through administrator error or malicious intent. Additionally, it is difficult to prove in complex systems that data is not bypassing the one way security feature.
As an alternative to software-based one-way data transfer, hardware-based unidirectional interfaces may also be used. A common hardware based approach has been to cut the return lines of RS-232 serial interfaces and then spoof the two-way link layer protocols of a point-to-point Ethernet connection. By maintaining the unidirectional policy of the controlled interface in hardware, the one-way nature and non-bypassable operation of the device can be validated to a high degree of assurance. However, some designs in which the unidirectional aspect of the controlled interface is provided by cable configuration between the enclaves require additional mitigations to ensure against failure due to incorrect configuration.
Highly engineered solutions, such as the Owl Computing Technologies Dual Diode, (described in U.S. Patent. App. Pub. No. US 2008/0259929 A1, whose disclosure of a highly engineered hardware-based one way data link is incorporated herein by reference) provide a direct point-to-point optical link between the enclaves. The unidirectionality of the data transfer is enforced in the circuitry of the network interface cards at both enclave endpoints and in the cable interconnects. In this way, the hardware provides an added layer of assurance of unidirectional information flow and non-bypassable operation. In contrast to software based one-way data transfer systems, it is easy to prove that data is not bypassing the Dual Diode.
Recent advancements in computers and electronics have enabled computer technology to be a routine part of front line military operations. Vehicles and foot soldiers now include multiple devices providing computer readable real-time information as to the status, locations and battle readiness of front line units. It is desirable that these devices remain part of an unclassified domain and communicate their information to a classified enclave for analysis and decision making, thereby simplifying storage, distribution, maintenance and operation of these devices.
Due to its failsafe, non-bypassable operation, a dual-diode approach to transferring data from frontline war fighters to a command and control network is highly desirable. However, existing approaches utilizing two servers and a one-way link across an optical fiber are too bulky and do not provide the level of ruggedness and protection from radio interception to be suitable for use by front line units. Additionally, the dispersed configuration of prior art systems for unidirectional data transfer, with multiple machines connected by cables makes them unsuitable for use by front units as the cables linking the send and receive machines are physically vulnerable to attack.
It is an object of the present invention to provide a ruggedized, compact, and integrated one-way network interface to ensure the confidentiality of a secure enclave.
It is yet another object of the present invention to provide a compact, ruggedized one-way network interface that is resistant to water, frost, vibration, and extremes in temperature.
It is yet another object of the present invention that the send and receive network circuitry of the network interface be physically separated and connected only through an optical interface.
It is yet another object of the present invention to provide a ruggedized network interface in which the ground and power planes are separated for complete isolation.
It is yet another object of the present invention to provide a ruggedized network interface in which the send-only and receive-only network circuitry are powered separately to achieve still further isolation.
It is yet another object of the present invention to provide a small, rugged and integrated network appliance that can provide a filtering or scan function to qualify data passing over a one-way data link.
It is yet another object of the present invention to provide a small, rugged and integrated network appliance for that uses two-way protocol interfaces to pace the data transfer across the unidirectional interface.