公开(公告)号：KR1020090040794A

公开(公告)日：2009-04-27

申请号：KR1020070106307

申请日：2007-10-22

Applicant: 성균관대학교산학협력단

Inventor： 엄영익 ,  고광선 ,  장현수 ,  조현진 ,  정용우 ,  최현우 ,  경계현 ,  최정환 ,  조진 ,  김태형 ,  김연우

IPC: H04L12/28

Abstract: A method and a system for constructing a ring topology according to mobile agents are provided to construct a ring topology through a correspondent ring channel by generating a ring channel corresponding to a mobile agent. A registration request signal including group information is received from a new mobile agent(310), and a new ring channel which is mapped by corresponding to the new mobile agent is generated according to the registration request signal(315). It is judged whether or not a mobile agent including the group information exists in pre-registered mobile agents(320). If so, the new ring channel which is established by corresponding to the pre-registered mobile agents is connected according to a predetermined setup method(325).

Abstract translation: 提供了一种根据移动代理构建环形拓扑的方法和系统，通过生成与移动代理相对应的环形信道，通过通信环路构建环形拓扑。 从新的移动代理（310）接收包括组信息的注册请求信号，根据注册请求信号生成与新的移动代理对应的新的环形信道（315）。 在预先注册的移动代理（320）中判断是否存在包括组信息的移动代理。 如果是，则根据预先注册的移动代理建立的新的环通道根据预定的设置方法连接（325）。

公开(公告)号：KR1020090000265A

公开(公告)日：2009-01-07

申请号：KR1020070013973

申请日：2007-02-09

Applicant: 성균관대학교산학협력단

Inventor： 엄영익 ,  최현우 ,  장현수 ,  고광선 ,  김구수 ,  조현진 ,  정용우 ,  경계현

IPC: H04L9/30 ,  H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3273 ,  H04L9/0643 ,  H04L9/0825 ,  H04L9/0866 ,  H04L9/0869 ,  H04L9/14 ,  H04L9/3247 ,  H04L9/3263

Abstract: A security system for P3P is provided to transmit and receive data according to P3P policy by transmitting encoded personal information, interactive authentication between users, and a function of non-repudiation about reception. A security system for P3P, whose security problem between a server and a user is solved, comprises an application server(20) providing a service through network to an authenticated client, a client(10) taking advantage of a service by providing user privacy information to an authenticated application server and the authentication server(30) issuing a certificate to the application server or the client by using public key infrastructure. The application server or the client converts a message into hash-value by using a one-way hash function.

Abstract translation: 提供了一种用于P3P的安全系统，用于通过发送编码的个人信息，用户之间的交互式认证以及关于接收的不可否认性的功能，根据P3P策略来发送和接收数据。 解决了服务器和用户之间的安全问题的P3P安全系统，包括通过网络将服务提供给认证客户端的应用服务器（20），通过提供用户隐私信息利用服务的客户端（10） 通过使用公共密钥基础设施向认证应用服务器和认证服务器（30）向应用服务器或客户端发布证书。 应用服务器或客户端通过使用单向散列函数将消息转换为散列值。

公开(公告)号：KR1020080073556A

公开(公告)日：2008-08-11

申请号：KR1020070012294

申请日：2007-02-06

Applicant: 성균관대학교산학협력단

Inventor： 엄영익 ,  김구수 ,  조현진 ,  고광선 ,  장현수 ,  임원택 ,  정용우 ,  최현우 ,  경계현

IPC: H04L9/32

CPC classification number: H04L63/08 ,  H04L63/0435 ,  H04L63/0442

Abstract: A domain-based mobile agent authentication system a method thereof are provided to perform the authentication of a moving agent rapidly even in various environments including a ubiquitous computing environment. A domain-based mobile agent authentication system includes a moving agent(10), an agent platform(20), and a domain managing server(30). The moving agent produces or consumes information as moving between hosts of a network. The agent platform performs generation and or authentication of the moving agent and supports to realize functions of the moving agent. The domain managing server manages the moving agent or the agent platform through the domain to which the same security policy is applied. The agent platform performs the symmetric key authentication when other moving agents move from other agent platforms in the same domain.

Abstract translation: 提供了一种基于域的移动代理认证系统，其方法即使在包括普遍存在的计算环境的各种环境中也能够快速地执行移动代理的认证。 基于域的移动代理认证系统包括移动代理（10），代理平台（20）和域管理服务器（30）。 移动代理产生或消耗信息作为在网络的主机之间移动。 代理平台执行移动代理的生成和/或认证，并支持移动代理的功能。 域管理服务器通过应用相同安全策略的域来管理移动代理或代理平台。 当其他移动代理从同一域中的其他代理平台移动时，代理平台执行对称密钥认证。

公开(公告)号：KR1020090028310A

公开(公告)日：2009-03-18

申请号：KR1020070093807

申请日：2007-09-14

Applicant: 성균관대학교산학협력단

Inventor： 엄영익 ,  고광선 ,  장현수 ,  조현진 ,  정용우 ,  최현우 ,  경계현 ,  최정환 ,  조진 ,  김태형 ,  김연우

IPC: H04W12/06 ,  H04L9/32

CPC classification number: H04L63/164

Abstract: A cooperation method between SEND protocol and IPSec protocol in IPv6 environment, and a system thereof are provided to perform an IPSec(Internet Protocol Security) communication with low cost by sharing authentication information between a SEND(Secure Neighbor Discovery) and the IPSec in a mobile environment. An authentication cache(360) temporarily stores authentication information of a host. A SEND block(330) performs a user authentication about an opposite host, and transmits an IP address of the opposite host to an authentication cache management module(342). The authentication cache management module stores a corresponding IP address to the authentication cache in receiving the IP address of the host, and confirms an authentication of the corresponding IP address according to an authentication test request from an IPSec block(320). The IPSec block transmits an authentication test request message including an IP address of a host to be authenticated to the authentication cache management module, and determines a user authentication about a corresponding host according to an authentication test result received from the authentication cache management module.

Abstract translation: 提供IPv6环境中的SEND协议和IPSec协议之间的协作方法及其系统，以通过在SEND（安全邻居发现）和IPSec之间共享认证信息来实现低成本的IPSec（因特网协议安全）通信 环境。 认证高速缓存（360）临时存储主机的认证信息。 SEND块（330）对相对主机执行用户认证，并将相对主机的IP地址发送到认证高速缓存管理模块（342）。 认证缓存管理模块在接收到主机的IP地址时，将相应的IP地址存储在认证高速缓存中，并且根据来自IPSec块的认证测试请求确认对应的IP地址的认证（320）。 IPSec块将认证测试请求消息发送到认证高速缓存管理模块，并根据从认证高速缓存管理模块接收到的认证测试结果，确定对相应主机的用户认证。