Security Validation for Data Diode with Reverse Channel
Hardware-based data diode is a powerful security method that removes the reverse channel for network intrusion. However, simple removal leads to data unreliability and user inconvenience. A reverse channel is forbidden if it affects physical unidirectionality without an exact security analysis. If a reverse channel is used restrictively and its security is validated, the data diode can be a secure solution. Thus, we propose security criteria based on an application environment for a data diode that was implemented with a reverse channel and validate the data diode’s security by unit/integration/system testing based on our security criteria.
KeywordsUnidirectional network Data diode Security Control system Unidirectional gateway One-way data transfer
- 1.Forsberg, K., Mooz, H.: The relationship of system engineering to the project cycle. In: Proceedings of the First Annual Symposium of National Council on System Engineering, pp. 57–65, October 1991Google Scholar
- 2.Cai, J., Chen, C.: FEC-based video streaming over packet loss networks with pre-interleaving. In: Proceeding of International Conference on Information Technology: Coding and Computing, pp. 10–14 (2001)Google Scholar
- 3.Namioka, Y., Miyao, T.: Data communication method and information processing apparatus for acknowledging signal reception by using low-layer protocol. Hitachi Ltd., U.S. Patent 20060026292 A1, 2 February 2006Google Scholar
- 4.Kim, K., Na, E., Kim, I.: Gateway device of physically unidirectional communication capable of re-transmitting data, as single device, and method of transferring data using the same. NNSP, Korea Patent 1015623120000, 15 October 2015Google Scholar
- 5.Kim, K., Chang, Y., Kim, H., Yun, J., Kim, W.: Reply-type based agent generation of legacy service on one-way data transfer system. KIISC 23(2), 299–305 (2013)Google Scholar