HIGH ASSURANCE SEGREGATED GATEWAY INTERCONNECTING DIFFERENT DOMAINS
First Claim
1. A gateway adapted to interconnect a first domain to a second domain, comprising:
- a gateway internal protocol,first and second protocol adapters configured to be hosted respectively within the first and second domains and configured to make a conversion between an application data formatted according to an applicative protocol relative to said first and second domains and a gateway data formatted according to said gateway internal protocol, anda security module hosted on a separate hosting platform and configured to communicate with the first and second protocol adapters via respectively first and second data links according to the gateway internal protocol,wherein said first protocol adapter, second protocol adapter and security module are physically segregated from each other and wherein said security module comprises a set of functional blocs configured to authorize secure bidirectional flow of gateway data along two different and separate first and second unidirectional paths between the first protocol adapter and the second protocol adapter.
1 Assignment
0 Petitions
Accused Products
Abstract
A gateway having an architecture authorizing bidirectional communication between applications located in different domains and presenting a high assurance level of protection. The gateway interconnects a first and second domain. The gateway comprises an internal protocol, first and second protocol adapters hosted within the first and second domains and configured to make a conversion between application data formatted according to an applicative protocol relative to the two domains and gateway data formatted according to the gateway internal protocol, and a security module hosted on a separate platform to communicate with the first and second protocol adapters via first and second data links according to the gateway internal protocol. The first and second protocol adapters and security module are each physically segregated and the security module comprises functional blocs configured to authorize secure bidirectional flow of gateway data along two different and separate unidirectional paths between the two protocol adapters.
-
Citations
15 Claims
-
1. A gateway adapted to interconnect a first domain to a second domain, comprising:
-
a gateway internal protocol, first and second protocol adapters configured to be hosted respectively within the first and second domains and configured to make a conversion between an application data formatted according to an applicative protocol relative to said first and second domains and a gateway data formatted according to said gateway internal protocol, and a security module hosted on a separate hosting platform and configured to communicate with the first and second protocol adapters via respectively first and second data links according to the gateway internal protocol, wherein said first protocol adapter, second protocol adapter and security module are physically segregated from each other and wherein said security module comprises a set of functional blocs configured to authorize secure bidirectional flow of gateway data along two different and separate first and second unidirectional paths between the first protocol adapter and the second protocol adapter. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An embedded infrastructure comprising a gateway adapted to interconnect a first domain to a second domain, the gateway comprising:
-
a gateway internal protocol, first and second protocol adapters configured to be hosted respectively within the first and second domains and configured to make a conversion between an application data formatted according to an applicative protocol relative to said first and second domains and a gateway data formatted according to said gateway internal protocol, and a security module hosted on a separate hosting platform and configured to communicate with the first and second protocol adapters via respectively first and second data links according to the gateway internal protocol, wherein said first protocol adapter, second protocol adapter and security module are physically segregated from each other and wherein said security module comprises a set of functional blocs configured to authorize secure bidirectional flow of gateway data along two different and separate first and second unidirectional paths between the first protocol adapter and the second protocol adapter.
-
-
15. An aircraft communication system comprising a gateway adapted to interconnect a first domain to a second domain, the gateway comprising:
-
a gateway internal protocol, first and second protocol adapters configured to be hosted respectively within the first and second domains and configured to make a conversion between an application data formatted according to an applicative protocol relative to said first and second domains and a gateway data formatted according to said gateway internal protocol, and a security module hosted on a separate hosting platform and configured to communicate with the first and second protocol adapters via respectively first and second data links according to the gateway internal protocol, wherein said first protocol adapter, second protocol adapter and security module are physically segregated from each other and wherein said security module comprises a set of functional blocs configured to authorize secure bidirectional flow of gateway data along two different and separate first and second unidirectional paths between the first protocol adapter and the second protocol adapter.
-
Specification