摘要 |
A device driver (104) is used to provide a fail-safe interface between a plurality of client applications and a cryptographic card. Device driver (104) ensures separation between red data, black data, and command data. Device driver (104) uses objects and object handles to control data flow. Device driver (104) uses several simplex channels to control data flow. Each channel is managed separately using its own object, and each channel has unique access protection through the object handles. Within device driver (104), the simplex channel interfaces are kept separate and functional separation of the data and command memory is maintained to provide fail-safe data isolation. |