Credit Security Soft Examination Chapter 11 Network Physical Isolation Technology and Application

   directory summary

1. Overview of network physical isolation

1.1 Concept of network physical isolation

  With the continuous improvement of network attack technology, the risk of malicious intrusion into the internal network has also increased dramatically. At the same time, due to weak security awareness, intranet users may intentionally or unintentionally leak sensitive data. Therefore, some experts suggested that "internal and external networks and computers connected to the Internet should be physically isolated to reduce threats from the external network." Article 6 of Chapter 2 of the "Regulations on the Administration of Confidentiality in the International Networking of Computer Information Systems" stipulates that "Computer systems involving state secrets must not be directly or indirectly connected to the Internet or other public information networks, and must be physically isolated". Although physical isolation can strengthen the security of confidential information systems, it is not convenient for information exchange between different security domains, especially when low-level security domains import data to high-level security domains.

  At present, the application of network and big data is becoming more and more popular, and the data exchange between the important information systems of the country and enterprises and institutions is becoming more and more frequent. All units and organizations have higher and higher requirements for the timeliness of information and data, completely cutting off the gap between different security cities. The exchange of information and data is no longer realistic. thus,It can meet the information and data exchange needs of internal and external networks, and can prevent network security incidentsThe emerging security technology should be backed up. This technology is called "physical isolation technology", and its basic principle isAvoid direct information exchange and physical communication between two computers. To block direct online network attacks between two computers. The purpose of isolation is to block direct network attack activities, avoid leakage of sensitive data to the outside, and ensure information and data exchange between different network security cities.

1.2 Physical isolation security risk

  Network physical isolation is conducive to strengthening the guarantee of network security and enhancing the security of secret-related networks, but it cannot completely ensure the security of the network. A network that adopts physical isolation security protection measures still faces the following network security risks.

• Internet Illegal Outreach
• U disk ferry attack . The attacker copies the sensitive data to the USB flash drive, and then the insider leaks it through the USB flash drive.
• Network physical isolation product security risks . Security vulnerabilities in network physical isolation products lead to Dos/DDos attacks and make network physical devices unavailable. Or the attack value bypasses physical isolation measures by constructing malicious data files, thereby causing the internal network to be attacked
• New methods of attack against physical isolation.

2. Network Physical Isolation System and Type

• The network physical isolation system refers to the establishment of a system that can realize physical isolation, information exchange and trusted control between different network security areas through physical isolation technology, so as to meet the requirements of information or data exchange in different security areas.
• Types of network physical isolation
    (1) According to the isolated objects : network physical isolation systems can generally be divided into single-point isolation systems and regional isolation systems . Among them, the single-point isolation system is mainly to protect a separate computer system and prevent external direct attacks and interference. The area isolation system is aimed at the network environment, preventing external attacks and internally protecting the network.
    (2) According to the information transmission direction of network physical isolation , network physical isolation system can be divided into two-way network physical isolation system and unidirectional network physical isolation system.

3. Network Physical Isolation Mechanism and Implementation Technology

The focus of this chapter is to remember these mechanisms and techniques

3.1 Network Physical Isolation Mechanism

• Dedicated computer to access the Internet: Designate a computer in the internal network, and this computer is only connected to the external network, not to the internal network. Users must go to a designated computer to access the Internet and are required to leave their work environment
• Multi-PC: In the intranet, two PCs are placed on the desktop of the user connected to the external network, and they are respectively connected to two separate physical networks. One is used to connect to the external network, and the other is used to connect to the internal network.

• Extranet proxy service: Designate one or more computers on the intranet to act as servers, responsible for collecting specified information on the extranet, and then manually import the extranet information into the intranet for use by internal users, so as to realize "Internet access" for internal users, Also cut off the physical connection between the internal network and the external network to prevent the computers on the internal network from being attacked from the external network, as shown in the figure.

• Internal and external network line switcher: In the internal network, a physical line A/B switch is connected to the computer connected to the external network, and the network physical connection of the computer is controlled through the switch of the switch box, as shown in the figure

• Internal and external partition of a single hard disk: separate a single hard disk into different areas. On the physical layer of the IDE bus, an IDE bus signal control card intercepts the IDE bus signal to control the access of the disk channel. At any time, only the operating system is allowed to access specified partition.

• Dual hard disks: install two hard disks on the PC, and switch and control the hard disks through the hard disk control card. When the user connects to the external network, connect the external network hard disk, and when the internal network works, restart the system and connect the internal network office hard disk . (This is very inconvenient and not easy to manage in a unified manner)

• Gatekeeper: By using a GAP technology (Air Gap), two or more networks can realize safe data exchange and sharing when they are not connected. Its technical principle is to use a switch with control function to read and write storage security equipment, and to connect or cut off the data exchange of two independent host systems through the setting of the switch

The advantages of single hard disk internal and external partition technology are:

• Storage and processing according to data classification
• It can effectively prevent external theft of intranet data
• Realize multiple functions of one pc, saving resource expenses

However, the technology still presents security threats

• Operation errors, such as mistakenly storing sensitive data in external hard disk partitions
• driver software bug
• computer virus infiltrates
• Insiders intentionally leak data
• Trojan horse program

3.2 Network Physical Isolation Technology

• Protocol Isolation Technology: Protocol isolation technology means that networks in different security domains are physically connected, and the protected information is logically isolated by means of protocol conversion. Only information that is required to be transmitted by the system and whose content is limited can pass through .

• One-Way Propagation Components: Refers to a pair of transmission parts with physical unidirectional transmission characteristics. The transmission part is composed of a pair of independent sending and receiving parts. The sending and receiving parts can only work in simplex mode, and the sending part has only a single receiving part. function, the two constitute a credible one-way channel without any feedback information. Among them, the definition of protocol conversion is the stripping and rebuilding of the protocol. The application data in the network-based public protocol is stripped, encapsulated into a system-specific protocol, and delivered to the other end of the isolation product belonging to another security domain, and then the dedicated protocol is stripped and encapsulated into the required format.

• information ferry technology: It is a way of information exchange, and the physical transmission channel only exists during transmission. When information is transmitted, the information is first transmitted from one end of the security domain where the information source is located to the intermediate buffer area, and at the same time, the connection between the intermediate buffer area and the security domain where the information destination is located is physically disconnected; then the transmission channel between the intermediate buffer area and the security domain where the information destination is located is connected , the information is transmitted to the security domain where the information destination is located, and at the same time, the connection between the security domain where the information source is located and the intermediate cache area is physically disconnected on the channel. At any time, the intermediate cache area is only connected to one security domain.

• Physical Disconnect Technology: It means that networks in different security zones cannot be directly or indirectly connected. In a physical network environment, the implementation of physical disconnection of networks in different security domains should technically ensure the disconnection of information in physical transmission and physical storage. Physical disconnection is often accomplished by an electronic switch

4. Main products and technical indicators of network physical isolation

4.1 Main Products

• Terminal Isolation Products

  The terminal isolation product is used to connect two different security domains at the same time, using physical disconnection technology to realize the security isolation card or security isolation computer on the terminal to realize the physical isolation of the security domain.

  Terminal isolation products are generally connected to the target host in the form of an isolation card . The isolation card is connected to the hard disk connected to security domain A, the hard disk connected to security domain A or security domain B, and security domain B at the same time through the electronic switch in the form of mutual exclusion, so as to realize the physical isolation of the internal and external security domains. This type of product can also integrate the isolation card into the host, and use it as a product in the form of a complete machine. The typical operating environment of terminal isolation products is shown in the figure.

• Network Isolation Products

  Network isolation products are used to connect two different security domains to realize functions such as application proxy service, protocol conversion, information flow access control, content filtering and information ferry between the two security domains. The technical principle of the product adopts the "2+1" framework, which is composed of two hosts + special isolation components, and uses protocol isolation technology and information Baidu technology to realize security domain security isolation and information exchange on the network.

• Network one-way import products

  The network one-way import product is located between two security devices, and constructs the only channel for one-way information transmission through physical means (based on electrical signal transmission or optical signal transmission), realizes one-way information import, and ensures that only security policies allow transmission Information can pass through without any information transmission feedback in the opposite direction.

4.2 Physical isolation technical indicators

  The technical indicators of network and terminal isolation products mainly include security function indicators, security assurance indicators, and performance indicators.

• Security function indicators are mainly about product quality and service assurance requirements, such as configuration management, delivery and operation, development and guidance documents, testing, vulnerability assessment, etc.
• The performance requirements are to specify the performance indicators that the network and terminal isolation products should achieve, including the switching rate and hardware switching time

5. Application of network physical isolation

5.1 An example of safe Internet access on a working computer

  In order to be able to access the Internet and prevent internal information from leaking to the Internet, a physical isolation card is installed in the user's computer so that the working computer is disconnected from the internal network when it is connected to the Internet. , thus reducing the security threats to the internal network.

5.2 Application examples of gatekeepers in e-government