本文選題：Bell-LaPadula模型 + 單向傳輸　； 參考：《中國科學(xué)院研究生院（長春光學(xué)精密機(jī)械與物理研究所）》2012年碩士論文

【摘要】：根據(jù)國家保密局的規(guī)定,涉密單位需要對計(jì)算機(jī)進(jìn)行定密和標(biāo)密。普通計(jì)算機(jī)和涉密計(jì)算機(jī)之間要求物理隔離,且不可混用移動存儲設(shè)備。然而,在信息化時代的今天,人們需要從外部獲取大量信息,尤其是實(shí)時性高的前沿信息。物理斷開的保密方式嚴(yán)重降低了工作效率、提高了工作成本。因此,研究跨安全等級的數(shù)據(jù)傳輸具有十分重要的意義。 根據(jù)Bell-LaPadula模型,提出了一種基于移動存儲介質(zhì)的單向通信解決方案。在低安全級別的計(jì)算機(jī)上,只能把數(shù)據(jù)寫入,而不能從存儲介質(zhì)中讀取數(shù)據(jù)；相反的,在高安全級別的計(jì)算機(jī)上,只能從存儲介質(zhì)中讀取數(shù)據(jù),而不能把數(shù)據(jù)寫入。這樣,就保證了移動存儲介質(zhì)中始終只包含非敏感信息,從而防止了敏感信息的泄露。系統(tǒng)中包含USB接口和單向數(shù)據(jù)傳輸兩個模塊。USB接口模塊負(fù)責(zé)讀寫U盤和與上位機(jī)通信,分別由兩塊ARM芯片來完成,并在其上構(gòu)建了嵌入式Linux以降低開發(fā)難度。單向數(shù)據(jù)傳輸模塊用來完成兩塊ARM芯片之間的通信,從而實(shí)現(xiàn)整個系統(tǒng)的單向性。 本文首先介紹了課題的研究背景、內(nèi)容和發(fā)展現(xiàn)狀,提出了研究單向數(shù)據(jù)傳輸系統(tǒng)的重要性和必要性。其次,論文在提出了系統(tǒng)總體設(shè)計(jì)后,詳細(xì)介紹了系統(tǒng)的數(shù)字電路設(shè)計(jì)和底層軟件實(shí)現(xiàn),這部分是全文的重點(diǎn)。最后,論文對所做工作進(jìn)行總結(jié),并對未來工作提出展望。 經(jīng)測試,單向數(shù)據(jù)傳輸模塊發(fā)送端與USB接口模塊的接口速度為202Mbps,接收端的接口速度為135Mbps。文件傳輸?shù)钠骄俾誓軌蜻_(dá)到103Mbps,高于一般U盤的傳輸速率,基本滿足應(yīng)用要求。
[Abstract]:According to the regulations of the State Secrets Bureau, secret units need to make computer secret and standard secret. Physical isolation is required between ordinary computers and secret computers, and mobile storage devices are not to be mixed. However, in the information age, people need to obtain a lot of information from the outside, especially the high real-time frontier information. The confidentiality of physical disconnection seriously reduces the working efficiency and increases the work cost. Therefore, it is of great significance to study the data transmission across the security level. Based on the Bell-LaPadula model, a single-way communication solution based on removable storage medium is proposed. On a low-security computer, data can only be written, not read from a storage medium; on a high-security computer, data can only be read from a storage medium, rather than written. In this way, only non-sensitive information is always included in the mobile storage medium, thus preventing the leakage of sensitive information. The system consists of two modules: USB interface and unidirectional data transmission. USB-interface module is responsible for reading and writing U disk and communicating with host computer. It is completed by two ARM chips, and embedded Linux is constructed on it to reduce the difficulty of development. The unidirectional data transmission module is used to complete the communication between two ARM chips, so as to realize the unidirectional of the whole system. This paper first introduces the research background, content and development status of the subject, and puts forward the importance and necessity of the study of one-way data transmission system. Secondly, after putting forward the overall design of the system, the paper introduces the digital circuit design of the system and the implementation of the underlying software in detail, which is the focus of the paper. Finally, the paper summarizes the work done, and puts forward the prospects for future work. The test results show that the interface speed of one-way data transmission module and USB interface module is 20Mbpsand 135Mbpsrespectively. The average speed of file transfer can reach 103 Mbpss, which is higher than that of normal U disk, which basically meets the requirement of application.
【學(xué)位授予單位】：中國科學(xué)院研究生院（長春光學(xué)精密機(jī)械與物理研究所）
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2012
【分類號】：TP309;TP333

【參考文獻(xiàn)】

相關(guān)期刊論文 前7條

1 李麗宏;郝志剛;;嵌入式Linux的USB驅(qū)動設(shè)計(jì)[J];電子設(shè)計(jì)工程;2011年11期

2 周金秋;李佩s，

本文編號：1977003