CN116545749A - Intelligent data safety transmission system - Google Patents
Intelligent data safety transmission system Download PDFInfo
- Publication number
- CN116545749A CN116545749A CN202310662222.9A CN202310662222A CN116545749A CN 116545749 A CN116545749 A CN 116545749A CN 202310662222 A CN202310662222 A CN 202310662222A CN 116545749 A CN116545749 A CN 116545749A
- Authority
- CN
- China
- Prior art keywords
- module
- external
- networking system
- detection
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 40
- 230000006855 networking Effects 0.000 claims abstract description 89
- 238000001514 detection method Methods 0.000 claims abstract description 86
- 241000700605 Viruses Species 0.000 claims description 53
- 231100000252 nontoxic Toxicity 0.000 claims description 9
- 230000003000 nontoxic effect Effects 0.000 claims description 9
- 238000007789 sealing Methods 0.000 claims description 8
- 238000000034 method Methods 0.000 claims description 7
- 238000011895 specific detection Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 claims description 5
- 230000008859 change Effects 0.000 claims description 2
- 238000002955 isolation Methods 0.000 abstract description 2
- 238000005192 partition Methods 0.000 description 4
- 230000001954 sterilising effect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009385 viral infection Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 230000010460 detection of virus Effects 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 231100000956 nontoxicity Toxicity 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 238000004659 sterilization and disinfection Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses an intelligent data security transmission system, which relates to the technical field of data transmission and comprises an external networking system, an internal closed system, a closed module, a detection module, a mobile token module and external equipment; the external networking system is connected with the Internet and is used for data transmission and exchange of users through the external networking system; the external network isolation of the internal closed system is used for storing secret data and isolating the stored secret data; according to the intelligent data security transmission system, an internal closed system, a closed module, a mobile token module and a detection module are arranged, the internal closed system and an external network are physically isolated through the closed module, secret data can be accessed and downloaded or uploaded through a secret key token stored in the mobile token module through cooperation, and then the internal closed system and the external network are continuously isolated, so that network hackers are prevented from acquiring the secret data through a remote attack means.
Description
Technical Field
The invention relates to the technical field of data transmission, in particular to an intelligent data security transmission system.
Background
With the development of the internet, the transmission and acquisition of information are more and more convenient, and the confidentiality problem is caused, so that some enterprises or companies have partial data to be stored and transmitted in a confidentiality manner.
The Chinese patent with the publication number of CN113553296A discloses a data security transmission system, which comprises interface equipment and an interface equipment access unit, wherein the interface equipment access unit is used for being installed in a computer system different from the interface equipment, and a unique identification relationship is established between the interface equipment and the interface equipment through a designated interface; the interface device access unit comprises a display unit and an operation unit; the interface device comprises a read-only partition and a hidden partition; the display unit is used for displaying the files of the hidden partition of the interface equipment and the local files at the same time after the interface equipment access unit is connected with the interface equipment; the operation unit is used for realizing file transmission between the interface equipment and the local. According to the method, the unique identification relationship is established between the interface device and the interface device access unit, so that the interface device access unit can identify the interface device with the hidden partition, the risk of leakage of the data file is greatly reduced, and the safety of data transmission is improved.
However, the unit for storing the secret data is not physically independent, and the secret data is kept connected with an external network, so that the secret data is likely to be stolen and divulged in the storage or transmission process due to remote attack of a network hacker; or when the external equipment is accessed, the external equipment carries virus infection, and the system safety is affected.
Disclosure of Invention
The invention aims to provide an intelligent data security transmission system which aims to solve the defects in the prior art.
In order to achieve the above object, the present invention provides the following technical solutions: an intelligent data security transmission system comprises an external networking system, an internal closed system, a closed module, a detection module, a mobile token module and external equipment; the external networking system is connected with the Internet and is used for data transmission and exchange of users through the external networking system; the external network isolation of the internal closed system is used for storing secret data and isolating the stored secret data; the closed module is used for connecting or disconnecting the external networking system, the internal closed system, the mobile token module and the external equipment, and is only connected with zero or one of the external networking system and the internal closed system at the same time; the detection module is used for detecting whether viruses exist in the external networking system, the mobile token module and the external equipment, the control sealing module is connected with or disconnected from the external networking system and the internal sealing system, the detection module is connected with the mobile token module and carries out key matching, and the external equipment is connected with the external networking system after being detected by the detection module; the mobile token module comprises a secret key token unit and a mobile storage unit, wherein the secret key token unit stores secret keys which continuously change and is used for being matched with the detection module to obtain the connection authority of the internal closed system.
Further, the system also comprises a display module, wherein the display module is connected with the closed module and is used for visually displaying the external networking system and the internal closed system.
Further, the detection module comprises a virus detection and killing unit, a secret key detection unit and a command control unit; the virus detection and killing unit is connected with the cloud virus library and used for acquiring and updating virus information, comparing the internal data of the external networking system, the mobile token module and the external equipment with the virus information to judge whether the external networking system, the mobile token module and the external equipment are infected with viruses, and killing the detected viruses; the key detection unit is used for carrying out key matching with the key token unit when the mobile token module is connected with the detection module, sending an instruction to the command control unit when the key detection unit is correctly matched, and controlling the closed module to be disconnected with the external networking system and connected with the internal closed system through the command control unit.
Further, the sealing module comprises an automatic sealing unit and a hardware control unit, wherein the automatic sealing unit automatically performs connection and disconnection operations through a logic control circuit, and the hardware control unit is used for manually controlling connection of an external networking system, a mobile token module and external equipment, and disconnection of the external networking system, an internal sealing system, the mobile token module and the external equipment.
Further, the specific detection flow of the virus detection and killing unit to the external networking system is as follows:
the virus detection and killing unit regularly performs virus detection on the external networking system, kills the external networking system when detecting viruses, and meanwhile controls the closing module to disconnect the interface between the mobile token module and the external device through the command control unit until the external networking system is detected to be nontoxic and automatically released or manually released.
Further, the specific detection flow of the virus detection and killing unit on the mobile token module and the external equipment is as follows:
after detecting that the mobile token module or the external equipment is accessed, virus detection is carried out on the mobile token module or the external equipment, and the detection is nontoxic, so that the mobile token module or the external equipment is allowed to exchange data with an external networking system; virus is detected to kill it and data exchange with external networking systems is prohibited.
Further, the detection flow of the key detection unit is as follows:
when detecting that a mobile token module or external equipment is accessed and nontoxic, the key detection unit detects whether the accessed equipment has a key token, and if the key token does not exist, the external equipment is judged to be the external equipment, and the process is ended; if the key token is available, the mobile token module is judged, and key matching is carried out with the key token unit, and if the key token is successfully matched, the closed module can be controlled by the command control unit to be disconnected with the external networking system and connected with the internal closed system.
Further, after the mobile token module is connected with the internal closed system, the confidential data in the internal closed system is visually displayed on the display module; the internal secret data transmission flow of the internal closed system is as follows: selecting the needed secret data to transmit and store to the mobile storage unit, and then ejecting the mobile token module to realize the transfer of the secret data through the physical transfer mobile token module.
Further, the internal secret data transmission flow of the internal closed system is as follows: selecting the needed secret data to be transmitted and temporarily stored in the mobile storage unit, controlling the closed module to be disconnected with the internal closed system through the command control unit, connecting the closed module with the external networking system, and transmitting the secret data temporarily stored in the mobile storage unit through the external networking system by the network.
1. Compared with the prior art, the intelligent data security transmission system provided by the invention has the advantages that the internal closed system, the closed module, the mobile token module and the detection module are arranged, the internal closed system and the external network can be physically isolated through the closed module, the secret data can be accessed and downloaded or uploaded through the secret key token stored in the internal closed system through the cooperation of the mobile token module, and then the internal closed system is continuously isolated from the external physical system, so that a network hacker is prevented from acquiring the secret data through a remote attack means.
2. Compared with the prior art, the intelligent data security transmission system provided by the invention has the advantages that the external networking system is matched with the closed module, so that secret data downloaded to the secret key token can be transmitted through the network by the external networking system, and the transmission is convenient.
3. Compared with the prior art, the intelligent data security transmission system provided by the invention has the advantages that the detection module is arranged to detect viruses on the external networking system, the mobile token module and the external equipment, so that the security of the external networking system, the mobile token module and the external equipment is ensured, and the possibility of secret leakage caused by virus infection is further reduced.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present invention, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
FIG. 1 is a block diagram of an overall system architecture according to an embodiment of the present invention;
FIG. 2 is a flow chart of detection of an external networking system provided by an embodiment of the present invention;
FIG. 3 is a flow chart of detection of a mobile token module and an external device according to an embodiment of the present invention;
fig. 4 is a detection flow chart of the key detection unit according to the embodiment of the present invention.
Reference numerals illustrate:
1. an external networking system; 2. an internal closure system; 3. a closing module; 31. an automatic closing unit; 32. a hardware control unit; 4. a detection module; 41. a virus detection and killing unit; 42. a key detection unit; 43. a command control unit; 5. a mobile token module; 51. a key token unit; 52. a mobile storage unit; 6. and a display module.
Detailed Description
In order to make the technical scheme of the present invention better understood by those skilled in the art, the present invention will be further described in detail with reference to the accompanying drawings.
Example embodiments will be described more fully hereinafter with reference to the accompanying drawings, but may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Embodiments of the disclosure and features of embodiments may be combined with each other without conflict.
As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used herein, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
Embodiments described herein may be described with reference to plan and/or cross-sectional views with the aid of idealized schematic diagrams of the present disclosure. Accordingly, the example illustrations may be modified in accordance with manufacturing techniques and/or tolerances. Thus, the embodiments are not limited to the embodiments shown in the drawings, but include modifications of the configuration formed based on the manufacturing process. Thus, the regions illustrated in the figures have schematic properties and the shapes of the regions illustrated in the figures illustrate the particular shapes of the regions of the elements, but are not intended to be limiting.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and the present disclosure, and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
Referring to fig. 1-4, an intelligent data security transmission system includes an external networking system 1, an internal closed system 2, a closed module 3, a detection module 4, a mobile token module 5, and an external device; the intelligent data security transmission system further comprises a display module 6, wherein the display module 6 is connected with the closed module 3 and used for carrying out visual display on the external networking system 1 and the internal closed system 2, the display module 6 can be a display screen, and the display module 6 is connected with the closed module 3 and connected with the external networking system 1, the internal closed system 2 and the detection module 4 through the closed module 3 and used for visually displaying the intelligent data security transmission system, so that a user can conveniently operate and view information.
The external networking system 1 is connected with the Internet, and is used for transmitting and exchanging data by a user through the external networking system 1, for example, the external networking system 1 is connected with the Internet, and the data is transmitted through the Internet;
the internal closed system 2 is isolated from external network, and is used for storing secret data and isolating the stored secret data, and the internal closed system 2 can be an internal network or local area network formed by a computer, a server and the like which are not connected with the external network, so that the stored secret data is isolated from the external network, and the secret data can not be stolen remotely by a network hacker.
The closed module 3 is used for connecting or disconnecting the external networking system 1, the internal closed system 2, the mobile token module 5 and the external equipment, and the closed module 3 is only connected with zero or one of the external networking system 1 and the internal closed system 2 at the same time, namely the external networking system 1 and the internal closed system 2 cannot be connected with the closed module 3 at the same time, one is connected with the other and can be disconnected at the same time, the closed module 3 is also connected with the detection module 4, an interface used for connecting the mobile token module 5 and the external equipment, such as a USB interface, a Type-C interface and the like, is arranged on the detection module 4, and the connection and the disconnection of the interface and the circuit of the detection module 4 can be controlled in a physical or logical sense through the arrangement of a logic control circuit, an electromagnetic relay and the like, so that the connection and the disconnection of the mobile token module 5 and the external equipment connected with the detection module 4 through the interface are controlled.
The closed module 3 comprises an automatic closed unit 31 and a hardware control unit 32, wherein the automatic closed unit 31 automatically performs connection and disconnection operations through a logic control circuit, preferably, the automatic closed unit 31 can be controlled by an electromagnetic relay and a data wire through the logic circuit, and the electromagnetic relay switch and the data wire can be controlled to cooperate to control the physical on-off of an external networking system 1, an internal closed system 2, a mobile token module 5 and external equipment connected with the automatic closed unit 31, so that the possibility of stealing data through means such as network hackers and viruses is broken; and the on-off of the circuit in the logic sense of the equipment connected with the automatic closing unit 31 can also be controlled by a logic control circuit. The hardware control unit 32 is used for manually controlling and connecting the external networking system 1, the mobile token module 5 and the external device, and disconnecting the external networking system 1, the internal closed system 2, the mobile token module 5 and the external device, and can be realized by a physical switch of a manual switch, such as a button, and the like, and can not be actively connected with the internal closed system 2 through the hardware control unit 32, and the function can be realized by a function of controlling on-off of a circuit in the logic sense of the device connected with the logic control circuit of the automatic closed unit 31.
The detection module 4 is used for detecting whether viruses exist in the external networking system 1, the mobile token module 5 and the external equipment, and controlling the closed module 3 to connect or disconnect the external networking system 1 and the internal closed system 2, connect with the mobile token module 5 and carry out secret key matching, and the external equipment is connected with the external networking system 1 after being detected by the detection module 4; the detection module 4 comprises a virus detection and killing unit 41, a key detection unit 42 and a command control unit 43; the mobile token module 5 includes a key token unit 51 and a mobile storage unit 52, where the key token unit 51 stores a continuously changing key, and is used for matching with the detection module 4 to obtain the connection authority with the internal closed system 2, and the key token unit 51 adopts a dynamic token.
The virus detection and killing unit 41 is connected with the cloud virus library and is used for acquiring and updating virus information, comparing the internal data of the external networking system 1, the mobile token module 5 and the external equipment with the virus information to judge whether the external networking system is infected with viruses or not, and killing the detected viruses; the specific detection flow of the virus detection and killing unit 41 to the external networking system 1 is as follows:
a1, the virus detection and killing unit 41 periodically performs virus detection on the external networking system 1, for example, performs virus detection on the external networking system 1 once every day, preferably, the external networking system 1 can be subjected to virus detection at leisure, so that the performance influence on the external networking system 1 is reduced;
a2, when detecting that the external networking system 1 has viruses, sterilizing the external networking system 1, and simultaneously controlling the closed module 3 to disconnect the interface between the mobile token module 5 and the external device through the command control unit 43, so as to prevent the mobile token module 5 inserted into the interface or the connection between the external device and the external networking system 1 from being infected by the viruses in the external networking system 1;
a3, returning to a1 until the external networking system 1 detects the command of disconnection of the nontoxic automatic disconnection interface or manually disconnecting and recovering the connection of the interface, wherein the manual contact recovery interface connection can be used for connecting external equipment for sterilization.
The virus detection and killing unit 41 may detect the mobile token module 5 and the external device after a detection process of the external networking system 1, where the specific detection process is:
b1, detecting that the mobile token module 5 or external equipment is accessed;
b2, virus detection is carried out on the mobile token module 5 or external equipment, the detection of non-toxicity is switched to b3, and the detection of virus is switched to b4;
b3, allowing the mobile token module 5 or external equipment to exchange data with the external networking system 1;
and b4, sterilizing the mobile token module 5 or external equipment with viruses, prohibiting the mobile token module or external equipment from exchanging data with the external networking system 1, and returning to b2.
The key detection unit 42 is configured to perform key matching with the key token unit 51 when the mobile token module 5 is connected to the detection module 4, and if the matching is correct, send an instruction to the command control unit 43, and control the closed module 3 to disconnect from the external networking system 1 and connect to the internal closed system 2 through the command control unit 43. The detection flow of the key detection unit 42 is specifically the detection flow after the detection flow of the virus detection and killing unit 41 on the mobile token module 5 and the external device:
c1, detecting that the mobile token module 5 or the external equipment is accessed and nontoxic, wherein the nontoxic is judged by the detection flow of the mobile token module 5 and the external equipment through the virus detection and killing unit 41;
c2, the key detection unit 42 detects whether the accessed device has a key token, if the accessed device does not have the key token, the accessed device is judged to be an external device, and the process is ended; if the key token exists, judging that the key token is a mobile token module 5;
c3, performing key matching with the key token unit 51, and if the matching is successful, controlling the closed module 3 to disconnect from the external networking system 1 and connect with the internal closed system 2 through the command control unit 43; the failed match prohibits connection with the internal closed system 2 and remains prohibited for at least 1 minute, and the prohibition time is incremented with the number of failed matches, preferably, when the number of failed matches exceeds 3, the key detection unit 42 will issue an alarm message to the personal terminal of the preset administrator to alert the administrator that someone is attempting to intrude into the system.
After the mobile token module 5 is connected with the internal closed system 2, the confidential data in the internal closed system 2 is visually displayed on the display module 6;
the internal secret data transmission flow of the internal closed system 2 is as follows: the required secret data is selected to be transmitted and stored in the mobile storage unit 52, and then the mobile token module 5 is popped up to realize the transfer of the secret data through the physical transfer of the mobile token module 5, or the secret data required to be secret-stored can be stored in the mobile storage unit 52 first, and then the secret data in the mobile storage unit 52 is uploaded to the internal closed system 2.
The internal secret data transmission flow of the internal closed system 2 is as follows: the required secret data is selected to be transmitted and temporarily stored in the mobile storage unit 52, the closed module 3 is controlled by the command control unit 43 to be disconnected with the internal closed system 2 and connected with the external networking system 1, the secret data temporarily stored in the mobile storage unit 52 is transmitted through the network by the external networking system 1, and a secure socket layer (Secure Socket Layer) protocol, abbreviated as SSL protocol, is used for ensuring the security of the secret data during transmission when the secret data is transmitted through interconnection.
While certain exemplary embodiments of the present invention have been described above by way of illustration only, it will be apparent to those of ordinary skill in the art that modifications may be made to the described embodiments in various different ways without departing from the spirit and scope of the invention. Accordingly, the drawings and description are to be regarded as illustrative in nature and not as restrictive of the scope of the invention, which is defined by the appended claims.
Claims (9)
1. An intelligent data security transmission system, which is characterized in that: the system comprises an external networking system, an internal closed system, a closed module, a detection module, a mobile token module and external equipment;
the external networking system is connected with the Internet and is used for data transmission and exchange of users through the external networking system;
the internal closed system is isolated from an external network and is used for storing secret data and isolating the stored secret data;
the closed module is used for connecting or disconnecting the external networking system, the internal closed system, the mobile token module and the external equipment, and is only connected with zero or one of the external networking system and the internal closed system at the same time;
the detection module is used for detecting whether viruses exist in the external networking system, the mobile token module and the external equipment, the control sealing module is connected with or disconnected from the external networking system and the internal sealing system, the detection module is connected with the mobile token module and carries out key matching, and the external equipment is connected with the external networking system after being detected by the detection module;
the mobile token module comprises a secret key token unit and a mobile storage unit, wherein the secret key token unit stores secret keys which continuously change and is used for being matched with the detection module to obtain the connection authority of the internal closed system.
2. An intelligent data security transmission system according to claim 1, wherein: the system also comprises a display module, wherein the display module is connected with the closed module and is used for visually displaying the external networking system and the internal closed system.
3. An intelligent data security transmission system according to claim 1, wherein: the detection module comprises a virus detection and killing unit, a key detection unit and a command control unit;
the virus detection and killing unit is connected with the cloud virus library and used for acquiring and updating virus information, comparing the internal data of the external networking system, the mobile token module and the external equipment with the virus information to judge whether the external networking system, the mobile token module and the external equipment are infected with viruses, and killing the detected viruses;
the key detection unit is used for carrying out key matching with the key token unit when the mobile token module is connected with the detection module, sending an instruction to the command control unit when the key detection unit is correctly matched, and controlling the closed module to be disconnected with the external networking system and connected with the internal closed system through the command control unit.
4. An intelligent data security transmission system according to claim 3, wherein: the closed module comprises an automatic closed unit and a hardware control unit, wherein the automatic closed unit automatically performs connection and disconnection operations through a logic control circuit, and the hardware control unit is used for manually controlling connection of an external networking system, a mobile token module and external equipment, and disconnection of the external networking system, an internal closed system, the mobile token module and the external equipment.
5. An intelligent data security transmission system according to claim 4, wherein: the specific detection flow of the virus detection and killing unit to the external networking system is as follows:
the virus detection and killing unit regularly performs virus detection on the external networking system, kills the external networking system when detecting viruses, and meanwhile controls the closing module to disconnect the interface between the mobile token module and the external device through the command control unit until the external networking system is detected to be nontoxic and automatically released or manually released.
6. An intelligent data security transmission system according to claim 4, wherein: the specific detection flow of the virus detection and killing unit on the mobile token module and the external equipment is as follows:
after detecting that the mobile token module or the external equipment is accessed, virus detection is carried out on the mobile token module or the external equipment, and the detection is nontoxic, so that the mobile token module or the external equipment is allowed to exchange data with an external networking system; virus is detected to kill it and data exchange with external networking systems is prohibited.
7. An intelligent data security transmission system according to claim 6, wherein: the detection flow of the key detection unit is as follows:
when detecting that a mobile token module or external equipment is accessed and nontoxic, the key detection unit detects whether the accessed equipment has a key token, and if the key token does not exist, the external equipment is judged to be the external equipment, and the process is ended; if the key token is available, the mobile token module is judged, and key matching is carried out with the key token unit, and if the key token is successfully matched, the closed module can be controlled by the command control unit to be disconnected with the external networking system and connected with the internal closed system.
8. An intelligent data security transmission system according to claim 2, wherein: after the mobile token module is connected with the internal closed system, confidential data in the internal closed system is visually displayed on the display module;
the internal secret data transmission flow of the internal closed system is as follows: selecting the needed secret data to transmit and store to the mobile storage unit, and then ejecting the mobile token module to realize the transfer of the secret data through the physical transfer mobile token module.
9. An intelligent data security transmission system in accordance with claim 8, wherein: the internal secret data transmission flow of the internal closed system is as follows: selecting the needed secret data to be transmitted and temporarily stored in the mobile storage unit, controlling the closed module to be disconnected with the internal closed system through the command control unit, connecting the closed module with the external networking system, and transmitting the secret data temporarily stored in the mobile storage unit through the external networking system by the network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310662222.9A CN116545749A (en) | 2023-06-06 | 2023-06-06 | Intelligent data safety transmission system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310662222.9A CN116545749A (en) | 2023-06-06 | 2023-06-06 | Intelligent data safety transmission system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116545749A true CN116545749A (en) | 2023-08-04 |
Family
ID=87450803
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310662222.9A Pending CN116545749A (en) | 2023-06-06 | 2023-06-06 | Intelligent data safety transmission system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116545749A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2845327Y (en) * | 2005-11-09 | 2006-12-06 | 陈宏宪 | Device for computer data switching exchange safely |
| CN202587022U (en) * | 2012-04-24 | 2012-12-05 | 杭州美全网络技术有限公司 | Network security isolation system |
| WO2016051615A1 (en) * | 2014-09-29 | 2016-04-07 | 株式会社日立ソリューションズ | Data management system, data management method, and client terminal |
| CN105915561A (en) * | 2016-07-04 | 2016-08-31 | 安徽天达网络科技有限公司 | Double authenticated network security system |
| CN110505055A (en) * | 2019-07-12 | 2019-11-26 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system |
| CN114500068A (en) * | 2022-02-10 | 2022-05-13 | 广州云羲网络科技有限公司 | Information data exchange system based on safety isolation network gate |
-
2023
- 2023-06-06 CN CN202310662222.9A patent/CN116545749A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN2845327Y (en) * | 2005-11-09 | 2006-12-06 | 陈宏宪 | Device for computer data switching exchange safely |
| CN202587022U (en) * | 2012-04-24 | 2012-12-05 | 杭州美全网络技术有限公司 | Network security isolation system |
| WO2016051615A1 (en) * | 2014-09-29 | 2016-04-07 | 株式会社日立ソリューションズ | Data management system, data management method, and client terminal |
| CN105915561A (en) * | 2016-07-04 | 2016-08-31 | 安徽天达网络科技有限公司 | Double authenticated network security system |
| CN110505055A (en) * | 2019-07-12 | 2019-11-26 | 如般量子科技有限公司 | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system |
| CN114500068A (en) * | 2022-02-10 | 2022-05-13 | 广州云羲网络科技有限公司 | Information data exchange system based on safety isolation network gate |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103227776B (en) | Configuration method, configuration device, computer program product and control system | |
| CN105635094B (en) | Safe verification method, safety verification device and security authentication systems | |
| JP4855147B2 (en) | Client device, mail system, program, and recording medium | |
| WO1992003001A1 (en) | Access controller for local area network | |
| CN108881298A (en) | A kind of network safety system and implementation method based on big data platform | |
| Oman et al. | Safeguarding IEDs, substations, and SCADA systems against electronic intrusions | |
| US7409563B2 (en) | Method and apparatus for preventing un-authorized attachment of computer peripherals | |
| CN107851159A (en) | Control configuration data holder | |
| ES2291629T3 (en) | METHOD AND PROVISION FOR AUTOMATICALLY CONTROLLING ACCESS BETWEEN A COMPUTER AND A COMMUNICATION NETWORK. | |
| EP0869462A1 (en) | Security systems | |
| US8954624B2 (en) | Method and system for securing input from an external device to a host | |
| US6871281B2 (en) | Method and system for sending data between computers using a secure pipeline | |
| CN213782407U (en) | Network cable port socket with insertion detection function | |
| CN116545749A (en) | Intelligent data safety transmission system | |
| EP2084880A2 (en) | Method and a first device for associating the first device with a second device | |
| US11146550B2 (en) | Communication line mutual authentication system in IP network | |
| CN107968777B (en) | Network security monitoring system | |
| CN105635090B (en) | System access method, system access mechanism and terminal | |
| RU2325770C2 (en) | Method of remote control and/or regulation of system | |
| CN108900481A (en) | A kind of interchanger safety access system and method | |
| CN109275136A (en) | Block the method and system of Wi-Fi malicious attack | |
| CN115859393A (en) | Emergent physics self-destruction device of storage equipment | |
| JP2007166347A (en) | Network repeater | |
| CN108390893A (en) | A kind of login method, mobile terminal and computer readable storage medium | |
| CN113704061A (en) | Secret-related computer protection system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |