WO1999018493A1 - Improved data switch - Google Patents
Improved data switch Download PDFInfo
- Publication number
- WO1999018493A1 WO1999018493A1 PCT/AU1998/000829 AU9800829W WO9918493A1 WO 1999018493 A1 WO1999018493 A1 WO 1999018493A1 AU 9800829 W AU9800829 W AU 9800829W WO 9918493 A1 WO9918493 A1 WO 9918493A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- switch
- data processing
- data switch
- processor
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/84—Protecting input, output or interconnection devices output devices, e.g. displays or monitors
Definitions
- This invention relates to an improved data switch for selectively switching a user interface (eg. keyboard, mouse and display) between two or more independent data processing systems.
- a user interface eg. keyboard, mouse and display
- the single data processing system there is the potential for data of differing security classifications to be mixed, allowing the possibility that classified data may be released to recipients not intended to possess that information.
- An alternative method is to provide a plurality of independent data processing systems and user interfaces so that the separation of data of different security classifications is achieved by full physical separation between systems.
- This approach is hardware intensive and also has ergonomic disadvantages in that the operator is forced to physically move between the different systems.
- the present invention relates to a hybrid system in which a user can, via a single user interface (eg. keyboard, mouse etc) selectively input data to one of two or more independent data processing systems.
- a single user interface eg. keyboard, mouse etc
- the invention aims to provide an improved failsafe architecture which ensures that inadvertant data transfer between independent data processing systems is avoided.
- This invention in one aspect resides in an improved data switch for selectively connecting a user interface to one of a plurality of independent data processing systems .
- a data diode may be provided between the data processing systems for allowing data from the lower classification system to pass to the higher classification system, but not in the other direction.
- the user interface is adapted so that it is incapable of transferring data between data processing systems during or after switching between processing systems.
- a standard user interface includes a processor and buffer memory in the keyboard.
- the user interface processor/buffer can retain data and can cause an inadvertant transfer of data between systems.
- the invention resides broadly in an improved data switch in which no data can remain "upstream" of the data switch after switching.
- the invention resides in a methodology of preventing inadvertant data transfer, such method involving the relocation and replication of the user interface processor/buffer on the "downstream" (or data processing system side) of the data switch.
- FIG 1 is a schematic block diagram illustrating how the invention may be implemented
- FIG 2 illustrates how the keyboard is reset when switching between processors according to the prior art
- FIG 3 illustrates detail of the modified keyboard approach .
- input devices ie. keyboard and mouse
- processors in the illustrated case - processor B
- processor B is selectively connected to the output device (ie. display monitor) of the user interface via an output switch.
- the switches may be manually actuated to the alternative position in which connection to processor A is achieved.
- the input switch includes a corresponding plurality (in this case two) of keyboard processor/buffers.
- a single processor/buffer within the keyboard ie. upstream of the switch
- the present invention has a significant architectural failsafe advantage over the prior art and is not reliant on any reset functions or the like to clear data.
- the preferred embodiment of the present invention achieves a number of objectives :- (a) separation of data of differing classifications is guaranteed by full physical separation of the data processing systems.
- (a) data from the keyboard can be directed to one (and only one) of the data processing systems at any one time.
- the input switch will ensure that no information remains within the keyboard, mouse or switching mechanism when switching takes place.
- the output switch will route the output of the selected data processing system to the display monitor. All of the fundamental requirements of both the input and output switches are implemented in hardware . This removes the requirement to utilise trusted software or firmware. This makes Government endorsement a much easier and faster task.
- the present invention provides an alternative to existing solutions. The data is separated without the need of trusted software. The architecture of the invention ensures that data cannot be transferred between systems, in contrast to the prior art arrangement in which the operator is reliant on the reset mechanism functioning as intended. Thus, the present invention is failsafe unlike the prior art.
- the user is given a clear indication of which data processing system has been selected and data cannot be transferred between systems during or after switching.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0007520A GB2346465B (en) | 1997-10-02 | 1998-10-01 | Improved data switch |
AU93323/98A AU744891B2 (en) | 1997-10-02 | 1998-10-01 | Improved data switch |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AUPO9598 | 1997-10-02 | ||
AUPO9598A AUPO959897A0 (en) | 1997-10-02 | 1997-10-02 | Data switch |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999018493A1 true WO1999018493A1 (en) | 1999-04-15 |
Family
ID=3803878
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/AU1998/000829 WO1999018493A1 (en) | 1997-10-02 | 1998-10-01 | Improved data switch |
Country Status (3)
Country | Link |
---|---|
AU (1) | AUPO959897A0 (en) |
GB (1) | GB2346465B (en) |
WO (1) | WO1999018493A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011058552A3 (en) * | 2009-11-10 | 2011-10-13 | High Sec Labs Ltd. | Secure kvm system having multiple emulated edid functions |
EP2428911A3 (en) * | 2010-09-09 | 2013-03-06 | Honeywell International, Inc. | High assurance authorization device |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102004062203B4 (en) * | 2004-12-23 | 2007-03-08 | Infineon Technologies Ag | Data processing device, telecommunication terminal and method for data processing by means of a data processing device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4641262A (en) * | 1983-03-07 | 1987-02-03 | International Business Machines Corporation | Personal computer attachment for host system display station |
US5291596A (en) * | 1990-10-10 | 1994-03-01 | Fuji Xerox Co., Ltd. | Data management method and system with management table indicating right of use |
WO1996030840A1 (en) * | 1995-03-31 | 1996-10-03 | The Commonwealth Of Australia | Method and means for interconnecting different security level networks |
-
1997
- 1997-10-02 AU AUPO9598A patent/AUPO959897A0/en not_active Abandoned
-
1998
- 1998-10-01 GB GB0007520A patent/GB2346465B/en not_active Expired - Fee Related
- 1998-10-01 WO PCT/AU1998/000829 patent/WO1999018493A1/en active IP Right Grant
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4641262A (en) * | 1983-03-07 | 1987-02-03 | International Business Machines Corporation | Personal computer attachment for host system display station |
US5291596A (en) * | 1990-10-10 | 1994-03-01 | Fuji Xerox Co., Ltd. | Data management method and system with management table indicating right of use |
WO1996030840A1 (en) * | 1995-03-31 | 1996-10-03 | The Commonwealth Of Australia | Method and means for interconnecting different security level networks |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011058552A3 (en) * | 2009-11-10 | 2011-10-13 | High Sec Labs Ltd. | Secure kvm system having multiple emulated edid functions |
US9501157B2 (en) | 2009-11-10 | 2016-11-22 | High Sec Labs Ltd. | Secure KVM system having multiple emulated EDID functions |
EP2428911A3 (en) * | 2010-09-09 | 2013-03-06 | Honeywell International, Inc. | High assurance authorization device |
US9426652B2 (en) | 2010-09-09 | 2016-08-23 | Joseph Nutaro | High assurance authorization device |
Also Published As
Publication number | Publication date |
---|---|
GB0007520D0 (en) | 2000-05-17 |
GB2346465A (en) | 2000-08-09 |
GB2346465B (en) | 2002-10-09 |
AUPO959897A0 (en) | 1997-10-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5117225A (en) | Computer display screen monitoring system | |
EP0485997A2 (en) | Printer control device and method for controlling a printer | |
JPH0668041A (en) | Computer system | |
CN101303681A (en) | Dynamic reconfiguration of PCI EXPRESS links | |
WO2005106622A1 (en) | Method and apparatus providing multiple single levels of security for distributed processing in communication systems | |
US20030163615A1 (en) | Peripheral or memory device having a combined ISA bus and LPC bus | |
KR970049639A (en) | Logical Address Bus Architecture for Multiprocessor Systems | |
EP0597013A1 (en) | Apparatus and method for frame switching | |
JPH07146826A (en) | Crossing-cable detecting system between sections | |
WO1999018493A1 (en) | Improved data switch | |
US7631129B2 (en) | Computer monitoring system and monitoring method | |
AU744891B2 (en) | Improved data switch | |
EP0353249A1 (en) | Parallel networking architecture | |
US6330694B1 (en) | Fault tolerant system and method utilizing the peripheral components interconnection bus monitoring card | |
US5790889A (en) | Method of selecting pointing device in a computer comprising responsive to a reconfiguration event, indentifying all connected pointing devices and selecting one of the devices | |
EP1482411B1 (en) | Error detection in a circuit module | |
US7802041B2 (en) | Information processing apparatus including transfer device for transferring requests | |
CN109542522A (en) | A kind of FPGA starting method and device | |
US5896514A (en) | Logic implementation of control signals for on-silicon multi-master data transfer bus | |
US6526528B1 (en) | Ticket punch watchdog monitor | |
JP3174246B2 (en) | Monitoring device and information transmitting / receiving device | |
CN111027108B (en) | Sequential logic safety detection method and device for low-speed synchronous serial bus | |
CN117825921A (en) | Test method and test system for chip pins | |
JP3008646B2 (en) | Failure information processing method | |
KR100305872B1 (en) | Duplicated system using state information of the other side |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 93323/98 Country of ref document: AU |
|
WWE | Wipo information: entry into national phase |
Ref document number: GB0007520.0 Country of ref document: GB |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09509730 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: KR |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: CA |
|
WWG | Wipo information: grant in national office |
Ref document number: 93323/98 Country of ref document: AU |