Charon

The Pluggable Filtering Framework for the Fox-IT DataDiode

Bachelor thesis (2012)

Authors

M. Amesz

E. Biemans

J. Ruoff

J. Van den Oever

Contributors

Z. Erkin (mentor)

Department

Computer Science () (TU Delft)

To reference this document use:

http://resolver.tudelft.nl/uuid:61fb78ea-dc3f-4e4c-ac72-ecf803961dec

More Info

expand_more

Published Date

27-08-2012

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Computer Science

Abstract

Confidentiality This report contains detailed information about the design and implementation of Charon. The DataDiode, and by extension Charon, is used in many high security environments. They handle highly confidential data, and are used by clients ranging from major companies to governmental organizations. Because of this, the details about Charon disclosed in this report can not be made publicly available online. A physical copy of the full version of the report is kept by the Computer Science Bachelor Project Coordinator of the TU Delft. To access the full report, please contact the current coordinator. The Dutch IT security company Fox-IT created the DataDiode, a product that connects two networks with different security levels providing a one-way data path. A new appliance of the DataDiode is currently under development. As part of our BSc project, we were given de assignment to develop Charon, a pluggable filtering framework for the new DataDiode appliance. This thesis describes the complete process of the project and elaborates the choices we have made. In the introduction we explain what a Computer Science Bsc project is at Delft University of Technology and describe Fox-IT and the DataDiode. After this we give a detailed description of the assignment, define the requirements, explain the design methodology and why we consider Charon to be a suitable name for the project. In the next chapter we elaborate on the design choices we have made and illustrate these choices with UML-diagrams. The chapter that follows is about the implementation of the system; we describe the libraries, tools and system components. After this chapter we evaluate the implementation by comparing the implemented functionality with the requirements. We also explain in which way we tested our system to make sure it runs according to the specifications, about the Fox-IT challenge and the code evaluation. We reflect the process in the succeeding chapter where we compare the initial planning with the actual execution, and explain the collaboration between the group members. In the last chapter, we conclude the thesis and list several recommendations for Fox-IT. The appendices that are attached to this thesis contain a complete class diagram, several documents that are created during the orientation phase and a user manual.

Files

Charon_report.pdf

(pdf | 0.425 Mb)