We are installing home banking systems where the Internet Server
is separated from the bank's computer center by air. Data is moved
periodically back and forth using low tech but dependable floppy
disks that carry only encrypted data (the principle of red/black
separation is implemented by loading only encrypted data on the
server). This "air-wall" is an effective way to stop hackers from
penetrating the bank's computer center using its Internet
services. This works quite well with services such as users'
credit-card queries.
Now, we have a potential client insisting on on-line transaction
capability. One possible solution is to connect the Internet
server with a PC on the bank's private network using a serial
cable. We would write our own transmission protocol. The PC
working on the bank's network would run a memory resident program
that services the serial port and will discard any blocks that do
not decrypt properly or have an invalid structure (only blocks
that decrypt into the correct data structure would be processed at
all). Here is the question: Is this as good as thin air? Can you
see any way a hacker could use such a connection to penetrate the
bank's network?
Dianelos Georgoudis
email: [EMAIL PROTECTED]
http://www.tecapro.com