Skip to main content
SpringerLink
Log in

Security Validation for Data Diode with Reverse Channel

  • Conference paper
  • First Online:
Critical Information Infrastructures Security (CRITIS 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10242))

Abstract

Hardware-based data diode is a powerful security method that removes the reverse channel for network intrusion. However, simple removal leads to data unreliability and user inconvenience. A reverse channel is forbidden if it affects physical unidirectionality without an exact security analysis. If a reverse channel is used restrictively and its security is validated, the data diode can be a secure solution. Thus, we propose security criteria based on an application environment for a data diode that was implemented with a reverse channel and validate the data diode’s security by unit/integration/system testing based on our security criteria.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://www.ssi.gouv.fr/uploads/2014/01/industrial_security_WG_detailed_measures.pdf.

  2. 2.

    https://en.wikipedia.org/wiki/Medium-dependent_interface.

  3. 3.

    TestMidas co., Ltd. (http://www.testmidas.com).

  4. 4.

    https://en.wikipedia.org/wiki/Unit_testing.

  5. 5.

    http://www.suresofttech.com/products/controller-tester/.

  6. 6.

    https://en.wikipedia.org/wiki/Integration_testing.

  7. 7.

    https://en.wikipedia.org/wiki/System_testing.

References

  1. Forsberg, K., Mooz, H.: The relationship of system engineering to the project cycle. In: Proceedings of the First Annual Symposium of National Council on System Engineering, pp. 57–65, October 1991

    Google Scholar 

  2. Cai, J., Chen, C.: FEC-based video streaming over packet loss networks with pre-interleaving. In: Proceeding of International Conference on Information Technology: Coding and Computing, pp. 10–14 (2001)

    Google Scholar 

  3. Namioka, Y., Miyao, T.: Data communication method and information processing apparatus for acknowledging signal reception by using low-layer protocol. Hitachi Ltd., U.S. Patent 20060026292 A1, 2 February 2006

    Google Scholar 

  4. Kim, K., Na, E., Kim, I.: Gateway device of physically unidirectional communication capable of re-transmitting data, as single device, and method of transferring data using the same. NNSP, Korea Patent 1015623120000, 15 October 2015

    Google Scholar 

  5. Kim, K., Chang, Y., Kim, H., Yun, J., Kim, W.: Reply-type based agent generation of legacy service on one-way data transfer system. KIISC 23(2), 299–305 (2013)

    Google Scholar 

  6. Wallace, D.R., Kuhn, D.R.: Failure modes in medical device software: an analysis of 15 years of recall data. Int. J. Reliab. Qual. Saf. Eng. 8(4), 351–371 (2001)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Security Research Institute, Jeonmin-dong, Yuseong-gu, Daejeon, Korea

    Jeong-Han Yun, Yeop Chang, Kyoung-Ho Kim & Woonyon Kim

Authors
  1. Jeong-Han Yun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yeop Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kyoung-Ho Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Woonyon Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Jeong-Han Yun , Yeop Chang , Kyoung-Ho Kim or Woonyon Kim .

Editor information

Editors and Affiliations

  1. International Union of Railways, Paris, France

    Grigore Havarneanu

  2. University Campus Bio-Medico, Rome, Italy

    Roberto Setola

  3. Ecole des Ingénieurs de la Ville de Paris (EIVP), Paris, France

    Hypatia Nassopoulos

  4. Royal Holloway, University of London, London, United Kingdom

    Stephen Wolthusen

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yun, JH., Chang, Y., Kim, KH., Kim, W. (2017). Security Validation for Data Diode with Reverse Channel. In: Havarneanu, G., Setola, R., Nassopoulos, H., Wolthusen, S. (eds) Critical Information Infrastructures Security. CRITIS 2016. Lecture Notes in Computer Science(), vol 10242. Springer, Cham. https://doi.org/10.1007/978-3-319-71368-7_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-71368-7_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-71367-0

  • Online ISBN: 978-3-319-71368-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation