| 摘要 |
The present invention proposes a gateway having an architecture which authorises a bidirectional communication between applications located in different domains and presents a high assurance level of protection. The gateway is adapted to interconnect a first domain to a second domain, said gateway (1) comprising:
- a gateway internal protocol (8),
- first and second protocol adapters (10, 12) intended to be hosted respectively within the first and second domains (5, 7) and configured to make a conversion between an application data formatted according to an applicative protocol relative to said first and second domains and a gateway data formatted according to said gateway internal protocol, and
- a security module (14) hosted on a separate hosting platform (18) and intended to communicate with the first and second protocol adapters (10, 12) via respectively first and second data links (20, 22) according to the gateway internal protocol,
wherein said first protocol adapter (10), second protocol adapter (12) and security module (14) are physically segregated from each other and wherein said security module comprises a set of functional blocs (9, 24, 26) configured to authorise secure bidirectional flow of gateway data along two different and separate first and second unidirectional paths (19, 21) between the first protocol adapter (10) and the second protocol adapter (12). |
