| 摘要 |
A computer system for securely controlling an insecure computer is provided. The system comprises an insecure computer (100), a secure computer (200) and a unidirectional dataflow enforcer (400). The insecure computer comprises a dedicated video output with a hardware interface, and is configured to transmit, by the video output, a screen image of its operating system interface to a secure computer over a first connection and to receive instructions for controlling the insecure computer over a second connection. The secure computer is configured to receive the video output of the insecure computer over the first connection and to transmit instructions for controlling the insecure computer over the second connection. The unidirectional dataflow enforcer is configured to enforce unidirectional dataflow between the secure computer and the insecure computer, such that dataflow from the secure computer to the insecure computer over the second connection is allowed, but dataflow from the insecure computer to the secure computer over the second connection is prevented. A corresponding method is also provided. |
