A One-way Transmission System Based On BLP Model

Along with the advancement of network construction and the development ofnetwork technology in our country, network has played an important role in economy,national defense, science, education and other fields of human society. The developmentand prevalence of network brings us much convenience and also causes many securitythreats at the same time. As a result, network security has become a critical issue closelyrelated to national security, social stability and harmony. Therefore, huge manpowerand investment are invested to conduct the research of network security technology bymost countries in the world. As the limitations of the traditional security technologiessuch as firewall, Intrusion Detection System (IDS) and so on, network isolationtechnology appeared in later1990s, and it has the supreme security until now. Usingnetwork isolation technology, two or more trust domains of different security levelswithout direct interconnections and intercommunication can transmit data under control.Now, network isolation is one of the most important technologies to guarantee thenetwork security.In the situation of physical isolation, data can only transmit from the low securitylevel network to the high one to ensure the safety of the internal network. Withoutmessage feedback, one-way network protocol makes the traditional databasesynchronization technology unusable, and information loss or information error in thetransmission process occurs frequently. Based on the principles and requirements of thenetwork isolation, this paper applies the BLP model in the one-way transmission system,and introduces a One-Way Data Transmission Protocol (ODTP). As the BLP model hasa limitation that can only guarantee the security instead of the reliability in the systemtransmission process, we employ RS code to reinforce BLP model. The databases oftwo networks physically isolated need coherence maintenances, so we apply our systemin one-way database synchronization which also accords with the principles of BLPmodel.Finally, According to the requirement of an actual project, the paper introduces theimplement of the one-way transmission system in the environment between intranet ofGALAXYWIND and internet. The performance test and availability analysis for theone-way transmission system based on our solution is also provided, which convincesthat it has very good application effects．...