Ron Mraz

President Owl Computing Technologies, Inc

The need to move data securely from one domain to another, while protecting the security levels of both environments, is central to the operation of sharing information between government entities. Whether distributing information from centralized, highly secure IT centers or bringing in information from unsecured sources, IT managers require absolute assurance that the cross boarder communication path is free from security compromise. A formal means to provide information sharing while protecting your domain is through the creation of a one-way information transfer or "data diode".

This talk first describes the need and usefulness of a true physical one-way, data diode information transfer for security. Unfortunately, most data diode implementations are unreliable, low bandwidth mechanisms that require specialized protection of their security functionality. We show how these limitations can be overcome with the use of solid engineering design methods. This includes the use of link level protocols designed to transfer information reliably in simplex or asynchronous operation. The talk goes on to explain how hardware can complement operating system drivers and application proxy software to create a reliable, scalable, physical one-way “protocol break” between standard IP communication networks.