Data transfer between networks operating at different security levels
First Claim
Patent Images
1. A method of transferring data between networks operating at different security levels, comprising the following steps:
- (a) initiating a connection of a source host to a secure network server, said source host having a first security level;
(b) creating a receiving process and a forwarding process in response to initiation of said connection;
(c) subsequent to step (b), establishing a connection between said forwarding process and a destination host, said destination host having a second security level different than said first security level;
(d) sending a message from said forwarding process to said receiving process indicating that said connection between said forwarding process and said destination host has been established;
(e) establishing a connection between said receiving process and said source host;
(f) transmitting data from said source host to said receiving process only if said message was received by said receiving process;
(g) storing the transmitted data in a file having a file name;
(h) changing security data in said file to said second security level; and
(i) said forwarding process reading the data from said changed file and forwarding the read data to said destination host.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure network server wherein both the forwarding process and the receiving process are created upon connection initialization, and the receiving process is held off from communicating with the source host until the forwarding process has created a connection with the destination host. This solves the problem of message loss when the destination host is unreachable.
42 Citations
18 Claims
-
1. A method of transferring data between networks operating at different security levels, comprising the following steps:
-
(a) initiating a connection of a source host to a secure network server, said source host having a first security level;
(b) creating a receiving process and a forwarding process in response to initiation of said connection;
(c) subsequent to step (b), establishing a connection between said forwarding process and a destination host, said destination host having a second security level different than said first security level;
(d) sending a message from said forwarding process to said receiving process indicating that said connection between said forwarding process and said destination host has been established;
(e) establishing a connection between said receiving process and said source host;
(f) transmitting data from said source host to said receiving process only if said message was received by said receiving process;
(g) storing the transmitted data in a file having a file name;
(h) changing security data in said file to said second security level; and
(i) said forwarding process reading the data from said changed file and forwarding the read data to said destination host. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A secure network server for transferring data between networks operating at different security levels, said server being programmed to perform the following steps:
-
(a) establishing a connection with a source host having a first security level;
(b) creating a receiving process and a forwarding process in response to initiation of said connection;
(c) subsequent to step (b), establishing a connection between said forwarding process and a destination host, said destination host having a second security level different than said first security level;
(d) sending a message from said forwarding process to said receiving process indicating that said connection between said forwarding process and said destination host has been established;
(e) establishing a connection between said receiving process and said source host;
(f) transmitting data from said source host to said receiving process only if said message was received by said receiving process;
(g) storing the transmitted data in a file having a file name;
(h) changing security data in said file to said second security level; and
(i) said forwarding process reading the data from said changed file and forwarding the read data to said destination host. - View Dependent Claims (7, 8, 9)
-
-
10. A method of transferring data between networks operating at different security levels, comprising the following steps:
-
(a) initiating a connection of a source host to a secure network server;
(b) creating an active task group and a passive task group within said secure network server, said active task group being downstream of said passive task group;
(c) establishing a connection between said active task group and a destination host that operates at a security level within said destination host'"'"'s range;
(d) sending a message from said active task group to said passive task group indicating that said connection between said active task group and said destination host has been established;
(e) establishing a connection between said passive task group and said source host, said passive task group operating at the source-specified security level;
(f) transmitting data from said source host to said passive task group only if said message was received by said receiving process, said passive task group executing a first proxy protocol with said source host;
(g) storing the transmitted data in a file having a file name;
(h) changing security data in said file to the security level of said destination host; and
(i) said active task group reading the data from said changed file and executing a second proxy protocol with said destination host to forward the data to said destination host. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A secure network server for transferring data between networks operating at different security levels, said server being programmed to perform the following steps:
-
(a) establishing a connection with a source host having a first security level;
(b) creating an active task group and a passive task group within said secure network server, said active task group being downstream of said passive task group;
(c) establishing a connection between said active task group and a destination host that operates at a security level within said destination host'"'"'s range;
(d) sending a message from said active task group to said passive task group indicating that said connection between said active task group and said destination host has been established;
(e) establishing a connection between said passive task group and said source host, said passive task group operating at the source-specified security level;
(f) transmitting data from said source host to said passive task group only if said message was received by said receiving process, said passive task group executing a first proxy protocol with said source host;
(g) storing the transmitted data in a file having a file name;
(h) changing security data in said file to the security level of said destination host; and
(i) said active task group reading the data from said changed file and executing a second proxy protocol with said destination host to forward the data to said destination host. - View Dependent Claims (16, 17, 18)
-
Specification