摘要 |
<p>Even if an unauthorized communication data enters a gateway from one of two networks, it can be inhibited from entering the other network. An insecure network gateway (11) and a secure network gateway (12) are implemented as virtual calculators constructed on the physical hardware of real calculators and are connected to an insecure network (1), which uses a standard protocol having an opened specification, and a secure network (2) by standard protocol communication parts (20,25), respectively. Nonstandard protocol communication parts (22,23) of sub-gateways (11,12) use a nonstandard protocol, the specification of which is not opened, to perform data transmissions/receptions therebetween. Data transmissions/receptions between the nonstandard and standard sides are performed only in an application layer. Protocol converting parts (21,24) refer to relay permission setting tables (30,31) to perform protocol conversions only when a communication data relay is permitted.</p> |