-
公开(公告)号:KR1020140070195A
公开(公告)日:2014-06-10
申请号:KR1020120138398
申请日:2012-11-30
Applicant: 한국전자통신연구원
Abstract: Disclosed are a method for provisioning a profile to an embedded universal integrated circuit card (UICC) using the capability information of the reliable embedded UICC and a mobile communication terminal therefor. The disclosed method comprises the steps of: allowing an embedded UICC mounted in a mobile terminal to transmit its own capability information to a registration management device; allowing the embedded UICC to form a security channel with the registration management device and perform authentication, according to a response message from the registration management device; allowing the embedded UICC to agree on an encryption key and an MAC key for profile provisioning with the registration management device, based on the capability information, after the step of performing authentication; allowing the embedded UICC to receive a profile and a MAC value, which are encrypted based on the agreed encryption key and MAC key, from the registration management device; and allowing the embedded UICC to verify the MAC value, based on the agreed encryption key and MAC key, decode the encrypted profile, and install the decoded profile therein.
Abstract translation: 公开了使用可靠嵌入式UICC的能力信息和用于其的移动通信终端来向嵌入式通用集成电路卡(UICC)提供简档的方法。 所公开的方法包括以下步骤:允许安装在移动终端中的嵌入式UICC将其自己的能力信息发送到注册管理设备; 允许嵌入式UICC与注册管理设备形成安全通道,并根据来自注册管理设备的响应消息进行认证; 允许嵌入式UICC在进行认证的步骤之后,基于能力信息,与注册管理设备一致地加密密钥和用于配置文件配置的MAC密钥; 允许嵌入式UICC从登记管理装置接收基于约定的加密密钥和MAC密钥加密的简档和MAC值; 并且允许嵌入式UICC基于约定的加密密钥和MAC密钥来验证MAC值,解码加密的简档,并在其中安装解码的简档。
-
公开(公告)号:KR1020040002103A
公开(公告)日:2004-01-07
申请号:KR1020020037468
申请日:2002-06-29
Applicant: 한국전자통신연구원
IPC: G06F15/00
Abstract: PURPOSE: A system and a method for detecting intrusion using a hybrid neural network are provided to detect the intrusion including an unknown intrusion pattern and to process the intrusion in real-time. CONSTITUTION: A packet collector(110) collects a packet existed on the network. A packet preprocessor(120) patterns the collected packet through a preprocessing process in order to use the packet collected through the packet collector as an input value of the neural network. An intrusion detection pattern learning part(210) learns the patterned packet by receiving the patterned packet from the packet preprocessor and using the clustering neuron network, and clusters the intrusion detection pattern by using a data distribution and a frequency. An intrusion detection judging part(220) receives a clustering result value and the connection level information of the patterned packet, learns the intrusion detection judgment through the result value and the connection level information by using the learning neuron network, and detects the intrusion.
Abstract translation: 目的:提供一种使用混合神经网络检测入侵的系统和方法,用于检测包括未知入侵模式的入侵,并实时处理入侵。 构成:数据包收集器(110)收集网络上存在的数据包。 分组预处理器(120)通过预处理过程对收集的分组进行模式化,以便将通过分组收集器收集的分组用作神经网络的输入值。 入侵检测模式学习部分(210)通过从分组预处理器接收图案化分组并使用聚类神经元网络来学习图案化分组,并且通过使用数据分布和频率来聚类入侵检测模式。 入侵检测判断部分(220)接收聚类结果值和图案化分组的连接级信息,通过使用学习神经元网络通过结果值和连接级别信息学习入侵检测判断,并检测入侵。
-
-
公开(公告)号:KR101593161B1
公开(公告)日:2016-02-15
申请号:KR1020140133388
申请日:2014-10-02
Applicant: 한국전자통신연구원
IPC: G06F12/06
CPC classification number: G06F12/023 , G06F2212/1044
Abstract: 웨어러블 PC와같이메모리자원제약이심한실시간시스템에서제한된메모리자원을예측가능한크기의메모리관리리스트를통해관리하고실시간으로메모리를할당및 해제할수 있는메모리관리장치및 방법을제시한다. 제시된장치는전체메모리블록이다수의메모리블록으로나뉘어지고각 메모리블록이할당되었는지의여부를나타내는메모리관리리스트를생성하는메모리관리리스트생성부, 메모리할당요청을근거로메모리관리리스트에서할당요구량에상응하는메모리영역을할당하는메모리할당부, 및메모리해제요청을근거로메모리관리리스트에서해제하고자하는메모리영역에대응하는메모리영역을해제하는메모리해제부를포함한다.
Abstract translation: 提供了一种用于管理存储器的装置和方法,该存储器可以通过使用具有可预测大小的存储器管理列表来管理具有严重的存储器资源限制的实时系统中的有限存储器资源,例如可佩戴PC,并且分配 并实时释放内存。 所公开的装置包括:存储器管理列表生成单元,用于将整个存储块划分成多个存储块,并且生成表示每个存储块是否被分配的存储器管理列表; 存储器分配单元,用于基于存储器分配请求,将与分配请求量相对应的存储区域分配到所述存储器管理列表中; 以及存储器释放单元,用于基于存储器释放请求释放与要释放的存储器区域相对应的存储区域。
-
Patent Agency Ranking
公开(公告)号:KR101460297B1
公开(公告)日:2014-11-13
申请号:KR1020130040088
申请日:2013-04-11
Applicant: 한국전자통신연구원
CPC classification number: G06F21/602 , G06F21/6218 , G06F21/80
Abstract: 자료 유출 방지를 위한 이동 저장매체 제어 장치 및 방법이 개시된다. 본 발명에 따른 자료 유출 방지를 위한 이동 저장매체 제어 장치는, 연결된 저장매체가 이동 저장매체인지 판단하는 저장매체 확인부; 상기 저장매체가 상기 이동 저장매체인 경우, 상기 저장매체에 대한 계층적 구조의 계층 저장매체 정책을 획득하는 저장매체 정책 획득부; 및 획득된 상기 계층 저장매체 정책을 이용하여 저장매체 연결 상태 및 저장매체 사용 상태를 변경하여 상기 저장매체를 제어하는 저장매체 제어부를 포함한다.
-
公开(公告)号:KR101448060B1
公开(公告)日:2014-10-15
申请号:KR1020120138418
申请日:2012-11-30
Applicant: 한국전자통신연구원
CPC classification number: G06F9/45533 , G06F9/45558 , G06F2009/45587 , H04L9/0897 , H04L9/3234 , H04L2209/127 , H04L2209/805
Abstract: 가상 머신을 이용한 암호화 장치 및 방법이 개시된다. 본 발명에 따른 가상 머신을 이용한 암호화 장치는, 보조 매체로부터 암호화용 데이터를 획득하고, 응용프로그램의 암호화 요청에 따라 상기 암호화용 데이터를 이용하여 상기 응용프로그램의 보호 대상 데이터를 암호화하여 제공하는 하이퍼바이저부; 및 상기 응용프로그램 및 상기 하이퍼바이저부 간 가상화 인터페이스를 제공하는 하이퍼콜부를 포함한다.
-
公开(公告)号:KR1020140070204A
公开(公告)日:2014-06-10
申请号:KR1020120138418
申请日:2012-11-30
Applicant: 한국전자통신연구원
CPC classification number: G06F9/45533 , G06F9/45558 , G06F2009/45587 , H04L9/0897 , H04L9/3234 , H04L2209/127 , H04L2209/805
Abstract: Disclosed are an encryption apparatus in a virtual environment using an auxiliary medium and a method thereof. The encryption apparatus in the virtual environment using the auxiliary medium according to the present invention includes: a hypervisor unit which obtains encryption data from the auxiliary medium, encrypts the protection target data of an application program by using the encryption data according to the encryption request of the application program, and supplies the encrypted data; and a hyper call unit which supplies a virtualization interface between the application program and the hypervisor unit.
Abstract translation: 公开了使用辅助介质的虚拟环境中的加密装置及其方法。 根据本发明的使用辅助介质的虚拟环境中的加密装置包括:管理程序单元,其从辅助介质获取加密数据,根据加密请求使用加密数据对应用程序的保护目标数据进行加密 应用程序,并提供加密数据; 以及提供应用程序和管理程序单元之间的虚拟化接口的超级呼叫单元。
-
公开(公告)号:KR100459767B1
公开(公告)日:2004-12-03
申请号:KR1020020037468
申请日:2002-06-29
Applicant: 한국전자통신연구원
IPC: G06F15/00
Abstract: PURPOSE: A system and a method for detecting intrusion using a hybrid neural network are provided to detect the intrusion including an unknown intrusion pattern and to process the intrusion in real-time. CONSTITUTION: A packet collector(110) collects a packet existed on the network. A packet preprocessor(120) patterns the collected packet through a preprocessing process in order to use the packet collected through the packet collector as an input value of the neural network. An intrusion detection pattern learning part(210) learns the patterned packet by receiving the patterned packet from the packet preprocessor and using the clustering neuron network, and clusters the intrusion detection pattern by using a data distribution and a frequency. An intrusion detection judging part(220) receives a clustering result value and the connection level information of the patterned packet, learns the intrusion detection judgment through the result value and the connection level information by using the learning neuron network, and detects the intrusion.
Abstract translation: 目的:提供一种使用混合神经网络检测入侵的系统和方法,以检测包括未知入侵模式的入侵并实时处理入侵。 构成:分组收集器(110)收集网络上存在的分组。 分组预处理器(120)通过预处理过程对收集的分组进行分组,以便将通过分组收集器收集的分组用作神经网络的输入值。 入侵检测模式学习部分(210)通过从分组预处理器接收图案化分组并使用聚类神经元网络来学习图案化分组,并且通过使用数据分布和频率来聚类入侵检测图案。 入侵检测判断部分(220)接收聚类结果值和图案化分组的连接级别信息,通过使用学习神经元网络的结果值和连接级别信息来学习入侵检测判断,并检测入侵。
-
公开(公告)号:KR1020030069241A
公开(公告)日:2003-08-27
申请号:KR1020020008663
申请日:2002-02-19
Applicant: 한국전자통신연구원
IPC: G06F15/00
Abstract: PURPOSE: A device and method for chasing the root of an invader is provided to execute a reverse chase of the root of an invader sequentially without changing components of a network through all networks including the Internet. CONSTITUTION: A detection module(7) detects an invasion and analyzes an invasion-detected system. A reverse chase agent(2) obtains an IP address of a previous system based on traces created in the system caused by an invasion. A server(4) receives an IP address of the system analyzed from the detection module(7) and the reverse chase agent(2), and monitors/manages a chase state of the reverse chase agent(2). An agent installation module(5) installs the reverse chase agent(2) in the system of the IP address being supplied from the server(4). An analysis module(3) communicates the reverse chase agent(2) with the server(4) safely and analyzes the system based on the obtained IP address. A data managing module(6) stores a series of chase and analysis processes being supplied from the server(4) and supplies data necessary for a searching process to the server(4).
Abstract translation: 目的:提供用于追逐入侵者根的设备和方法,以顺序地执行侵入者的根的反向追逐,而不需要通过包括因特网在内的所有网络改变网络的组件。 构成:检测模块(7)检测入侵并分析入侵检测系统。 反向追踪代理(2)基于由入侵引起的在系统中创建的跟踪获得先前系统的IP地址。 服务器(4)从检测模块(7)和反向追踪代理(2)接收分析的系统的IP地址,并监视/管理反向追踪代理(2)的追逐状态。 代理安装模块(5)将逆向追踪代理(2)安装在从服务器(4)提供的IP地址的系统中。 分析模块(3)安全地将反向追踪代理(2)与服务器(4)进行通信,并根据获得的IP地址对系统进行分析。 数据管理模块(6)存储从服务器(4)提供的一系列追逐和分析过程,并向服务器(4)提供搜索过程所需的数据。
-
-
-
-
-
-
-
-
Search Results
19
records
(took 0.022 seconds)
