Method and apparatus for reliable, high speed data transfers in a high assurance multiple level secure environment
First Claim
Patent Images
1. A method of passing data from a first application to a second application, comprising the steps of:
- establishing, in a first computer executing the first application at a first security level, an upchannel communications link from the first application to a second application executing in a second computer at a second security level higher than the first security level via a data guard, the upchannel communications link complying with a user datagram protocol (UDP);
establishing, in the second computer, a backchannel communications link from the second application to the first application via the data guard, the backchannel communications link complying with a transmission control protocol (TCP);
sending a first transmission having a first portion of the data from the first application executing in the first computer to the second application executing in the second computer via the upchannel communications link;
transmitting an acknowledgement message from the second application executing in the second computer to the first application executing in the first computer via the backchannel link;
receiving the acknowledgement message in the first application executing in the first computer, the acknowledgement message comprising information describing the reception of the first portion of the data; and
sending a second transmission of the data from the first application executing in the first computer to the second application executing in the second computer according to the received acknowledgement message.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for passing data from a first application at a first security level to a second application in a second security level higher than the first security level is disclosed. A backchannel communications link is established between the first application and the second application, and the backchannel link is used to transmit information such as an acknowledgement message from the second application to the first application.
19 Citations
20 Claims
-
1. A method of passing data from a first application to a second application, comprising the steps of:
-
establishing, in a first computer executing the first application at a first security level, an upchannel communications link from the first application to a second application executing in a second computer at a second security level higher than the first security level via a data guard, the upchannel communications link complying with a user datagram protocol (UDP); establishing, in the second computer, a backchannel communications link from the second application to the first application via the data guard, the backchannel communications link complying with a transmission control protocol (TCP); sending a first transmission having a first portion of the data from the first application executing in the first computer to the second application executing in the second computer via the upchannel communications link; transmitting an acknowledgement message from the second application executing in the second computer to the first application executing in the first computer via the backchannel link; receiving the acknowledgement message in the first application executing in the first computer, the acknowledgement message comprising information describing the reception of the first portion of the data; and sending a second transmission of the data from the first application executing in the first computer to the second application executing in the second computer according to the received acknowledgement message. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for passing data, comprising:
-
a first computer, for performing processing including a first application at a first security level; a second computer, coupled to the first computer via a data guard, the second computer for performing processing including a second application on a second security level higher than the first security level; the first application, operating on the first computer, for establishing an upchannel communications link from the first application to the second application via the data guard, the upchannel link complying with a user datagram protocol (UDP); the second application, operating on the second computer, for establishing a backchannel communications link from the second application to the first application via the data guard, the backchannel communications link complying with a transmission control protocol (TCP); wherein the first application sends a first transmission having a first portion of the data to the second application via the upchannel communications link; wherein the second application transmits an acknowledgement message to the first application via the backchannel link, the acknowledgement message comprising information describing the reception of the first portion of the data by the second application; and wherein the first application sends a second transmission of the data according to the received acknowledgement message. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus for passing data from a first application to a second application, comprising:
-
means for establishing an upchannel communications link from a first application executing at a first security level to a second application executing at a second security level higher than the first security level via a data guard, the upchannel communications link complying with a user datagram protocol (UDP); means for establishing a backchannel communications link from the second application to the first application via the data guard, the backchannel communications link complying with a transmission control protocol (TCP); means for sending a first transmission having a first portion of the data from the first application to the second application via the upchannel communications link; means for transmitting an acknowledgement message from the second application to the first application via the backchannel link; means for receiving the acknowledgement message in the first application, the first acknowledgement message comprising information describing the reception of the first portion of the data; and means for sending a second transmission of the data according to the received acknowledgement message. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification