基于移动存储介质的单向数据传输设备的设计与实现

发布时间：2018-06-04 10:20

本文选题：Bell-LaPadula模型 + 单向传输　；参考：《中国科学院研究生院（长春光学精密机械与物理研究所）》2012年硕士论文

【摘要】：根据国家保密局的规定,涉密单位需要对计算机进行定密和标密。普通计算机和涉密计算机之间要求物理隔离,且不可混用移动存储设备。然而,在信息化时代的今天,人们需要从外部获取大量信息,尤其是实时性高的前沿信息。物理断开的保密方式严重降低了工作效率、提高了工作成本。因此,研究跨安全等级的数据传输具有十分重要的意义。根据Bell-LaPadula模型,提出了一种基于移动存储介质的单向通信解决方案。在低安全级别的计算机上,只能把数据写入,而不能从存储介质中读取数据；相反的,在高安全级别的计算机上,只能从存储介质中读取数据,而不能把数据写入。这样,就保证了移动存储介质中始终只包含非敏感信息,从而防止了敏感信息的泄露。系统中包含USB接口和单向数据传输两个模块。USB接口模块负责读写U盘和与上位机通信,分别由两块ARM芯片来完成,并在其上构建了嵌入式Linux以降低开发难度。单向数据传输模块用来完成两块ARM芯片之间的通信,从而实现整个系统的单向性。本文首先介绍了课题的研究背景、内容和发展现状,提出了研究单向数据传输系统的重要性和必要性。其次,论文在提出了系统总体设计后,详细介绍了系统的数字电路设计和底层软件实现,这部分是全文的重点。最后,论文对所做工作进行总结,并对未来工作提出展望。经测试,单向数据传输模块发送端与USB接口模块的接口速度为202Mbps,接收端的接口速度为135Mbps。文件传输的平均速率能够达到103Mbps,高于一般U盘的传输速率,基本满足应用要求。
[Abstract]:According to the regulations of the State Secrets Bureau, secret units need to make computer secret and standard secret. Physical isolation is required between ordinary computers and secret computers, and mobile storage devices are not to be mixed. However, in the information age, people need to obtain a lot of information from the outside, especially the high real-time frontier information. The confidentiality of physical disconnection seriously reduces the working efficiency and increases the work cost. Therefore, it is of great significance to study the data transmission across the security level. Based on the Bell-LaPadula model, a single-way communication solution based on removable storage medium is proposed. On a low-security computer, data can only be written, not read from a storage medium; on a high-security computer, data can only be read from a storage medium, rather than written. In this way, only non-sensitive information is always included in the mobile storage medium, thus preventing the leakage of sensitive information. The system consists of two modules: USB interface and unidirectional data transmission. USB-interface module is responsible for reading and writing U disk and communicating with host computer. It is completed by two ARM chips, and embedded Linux is constructed on it to reduce the difficulty of development. The unidirectional data transmission module is used to complete the communication between two ARM chips, so as to realize the unidirectional of the whole system. This paper first introduces the research background, content and development status of the subject, and puts forward the importance and necessity of the study of one-way data transmission system. Secondly, after putting forward the overall design of the system, the paper introduces the digital circuit design of the system and the implementation of the underlying software in detail, which is the focus of the paper. Finally, the paper summarizes the work done, and puts forward the prospects for future work. The test results show that the interface speed of one-way data transmission module and USB interface module is 20Mbpsand 135Mbpsrespectively. The average speed of file transfer can reach 103 Mbpss, which is higher than that of normal U disk, which basically meets the requirement of application.
【学位授予单位】：中国科学院研究生院（长春光学精密机械与物理研究所）
【学位级别】：硕士
【学位授予年份】：2012
【分类号】：TP309;TP333

【参考文献】