Secure acknowledgment device for one-way data transfer system
First Claim
1. An acknowledgement apparatus, comprising:
- an inlet interface for receiving a message from a first node;
a first hash number calculator for hashing the message from the inlet interface;
an outlet interface;
a first one-way data link for unidirectional transfer from the inlet interface to the first hash number calculator; and
a second one-way data link for unidirectional transfer from the first hash number calculator to the outlet interface;
wherein the outlet interface is coupled to a second node and comprises;
a second hash calculator for hashing a second message corresponding to the first message received from the second node; and
a comparison engine having a first input coupled to the second one way link to receive the hashed message from the first hash number calculator, a second input coupled to the second hash calculator to receive the hashed second message and an output coupled to the second node, the comparison engine configured to compare the hashed message and the hashed second message and to forward the results of the comparison on the output.
6 Assignments
0 Petitions
Accused Products
Abstract
An apparatus for relaying a hashed message from a first node to a second node, comprising an inlet interface for receiving a message from the first node, a hash number calculator for hashing the message from the inlet interface, an outlet interface for sending the hashed message to the second node, a first one-way data link for unidirectional transfer from the inlet interface to the hash number calculator, and a second one-way data link for unidirectional transfer from the hash number calculator to the outlet interface, is provided. The apparatus provides a secure mechanism and communication channel for relaying hashed acknowledgment messages from a receive node to a send node to inform the status of data transfer from the send node to the receive node across a one-way data link. The apparatus may be further implemented with the capability of comparing hashed messages from the two nodes.
-
Citations
50 Claims
-
1. An acknowledgement apparatus, comprising:
-
an inlet interface for receiving a message from a first node; a first hash number calculator for hashing the message from the inlet interface; an outlet interface; a first one-way data link for unidirectional transfer from the inlet interface to the first hash number calculator; and a second one-way data link for unidirectional transfer from the first hash number calculator to the outlet interface; wherein the outlet interface is coupled to a second node and comprises; a second hash calculator for hashing a second message corresponding to the first message received from the second node; and a comparison engine having a first input coupled to the second one way link to receive the hashed message from the first hash number calculator, a second input coupled to the second hash calculator to receive the hashed second message and an output coupled to the second node, the comparison engine configured to compare the hashed message and the hashed second message and to forward the results of the comparison on the output. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A data transfer system comprising:
-
a send node; a receive node; a first one-way data link for unidirectional transfer from the send node to the receive node; and a secure acknowledgment device, wherein the secure acknowledgment device comprises; an inlet interface for receiving from the receive node an acknowledgment message relating to receipt of data from the send node by the receive node via the first one-way data link; a first hash number calculator for hashing the acknowledgment message from the inlet interface; an outlet interface; a second one-way data link for unidirectional transfer from the inlet interface to the hash number calculator; and a third one-way data link for unidirectional transfer from the hash number calculator to the outlet interface; wherein the outlet interface is coupled to the send node and comprises; a second hash calculator for hashing a second message corresponding to the first message, the second message received from the send node; and a comparison engine having a first input coupled to the third one way link to receive the hashed message from the first hash number calculator, a second input coupled to the second hash calculator to receive the hashed second message and an output coupled to the send node, the comparison engine configured to compare the hashed message and the hashed second message and to forward the results of the comparison on the output. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A data transfer system comprising:
-
a send server communicatively coupled to a data source platform; a receive server communicatively coupled to a data destination platform; a first one-way data link for unidirectional transfer from the send server to the receive server; and a secure acknowledgment device, wherein the secure acknowledgment device comprises; an inlet interface for receiving from the data destination platform an acknowledgment message relating to receipt of data from the send server by the receive server via the first one-way data link; a first hash number calculator for hashing the acknowledgment message from the inlet interface; an outlet interface; a second one-way data link for unidirectional transfer from the inlet interface to the hash number calculator; and a third one-way data link for unidirectional transfer from the hash number calculator to the outlet interface, wherein the outlet interface is coupled to the send node server and comprises; a second hash calculator for hashing a second message corresponding to the first message, the second message received from the send server; and a comparison engine having a first input coupled to the third one way link to receive the hashed message from the first hash number calculator, a second input coupled to the second hash calculator to receive the hashed second message and an output coupled to the send server, the comparison engine configured to compare the hashed message and the hashed second message and to forward the results of the comparison on the output. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
-
42. An apparatus for comparing hashed messages, comprising:
-
an inlet interface for receiving a message from a first node; a first hash number calculator for hashing the message from the inlet interface; an outlet interface for receiving the hashed message from the first hash number calculator and communicating with a second node; a first one-way data link for unidirectional transfer from the inlet interface to the first hash number calculator; and a second one-way data link for unidirectional transfer from the first hash number calculator to the outlet interface, wherein the outlet interface comprises; a second hash number calculator for hashing an expected message from the second node; and a comparator for comparing the hashed message from the first hash number calculator with the hashed expected message from the second hash number calculator, and for forwarding the results of the comparison to the second node. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50)
-
Specification