在不同安全等级的网络中, 由于缺乏标准的气象信息传输机制, 数据难以有效安全交互. 结合多样的业务应用需求, 基于“2+1”模型结构, 设计了物理隔离网络间的气象业务数据流可信交互框架体系, 部署在气象内网和其他网络的DMZ区, 跨区域实现数据安全传输和共享. 文中首先介绍了可信交互的体系架构, 然后结合具体气象业务需求开展了应用研究, 最后进行了系统功能、性能和安全测试, 并对可信交互架构的传输瓶颈和带宽利用率进行了分析. 该研究对应用可信交互架构提高异构网络间数据流的传输效率具有指导意义.
Effective and safe data interaction across networks of different security levels is difficult due to the lack of a standard meteorological information transmission mechanism. Considering the diverse service application requirements, this study draws on the “2+1” model structure to design the architecture of the trusted interaction of meteorological service data streams across physically isolated networks. This architecture is then deployed in the demilitarized zones (DMZ) of the meteorological intranet and other networks to achieve safe data transmission and sharing across regions. After the trusted interaction architecture is outlined, application research is conducted according to specific meteorological service requirements. Finally, system function, performance, and security tests are carried out, and the transmission bottleneck and bandwidth utilization of the trusted interaction architecture are analyzed. This research can guide the practice of applying a trusted interaction architecture to improve the transmission efficiency of data streams across heterogeneous networks.