| CPC H04L 45/7453 (2013.01) [H04L 69/08 (2013.01)] | 10 Claims |
|
1. A method for performing cross-domain communication between at least a first domain and a second domain comprising:
receiving a data packet from the first domain, wherein the data packet comprises an Ethernet header, an IP header, a UDP/TCP header, and an application payload;
deconstructing the data packet into subcomponents, wherein deconstructing the data packet into the subcomponents comprises deconstructing the data packet into a first subcomponent, a second subcomponent, a third subcomponent, and a fourth subcomponent, wherein the first subcomponent, the second subcomponent, the third subcomponent, and the fourth subcomponent correspond to the Ethernet header, the IP header, the UDP/TCP header, and the application payload, respectively;
applying a corresponding one of subcomponent-specific guard rules to each of the subcomponents;
determining if each of the subcomponents has been approved by an application of the corresponding one of the subcomponent-specific guard rules;
upon a determination that each of the subcomponents has been approved, merging the subcomponents into an approved data packet;
transmitting the approved data packet to the second domain;
generating a hash for each of the subcomponents of the data packet;
storing, in an approved hash database, the hash for each of the subcomponents;
deconstructing a subsequent data packet into subsequent subcomponents;
generating a subsequent hash for each of the subsequent subcomponents;
comparing the subsequent hash for each of the subsequent subcomponents to stored hashes in the approved hash database; and
upon identifying the subsequent hash for each of the subsequent subcomponents in the approved hash database, merging the subsequent subcomponents of the subsequent data packet to form a subsequent approved data packet without applying the corresponding one of the subcomponent-specific guard rules to each of the subsequent subcomponents.
|