公开(公告)号：KR1020130039885A

公开(公告)日：2013-04-23

申请号：KR1020110104528

申请日：2011-10-13

Applicant: 한국전자통신연구원 ,  서울여자대학교 산학협력단

Inventor： 이병걸 ,  박춘식 ,  문성태 ,  이철원

IPC: G06F21/00

Abstract: PURPOSE: A method for determining the priority of security requirements is provided to improve reliability of the determined priority by obtaining quantitative information of security requirements from qualitative information about security requirements for determining the priority between the security requirements. CONSTITUTION: Core elements corresponding to a set of security requirements are extracted by using comparative relation information about the security requirements(S110). A BPA(Basic Probability Assignment) function value about the core elements is extracted by using a matrix of the core elements(S120). A reliability value of the security requirements is calculated by using the BPA function value of the core elements(S130). Priority between the security requirements is determined according to the reliability value of the security requirements(S140). The comparative relation information includes a result generated by comparing sizes of reliability values of partial security requirements of the security requirements. [Reference numerals] (AA) Start; (BB) End; (S100) Extracting security requirements; (S110) Extracting core elements; (S120) Extracting BPA function values; (S130) Calculating reliability values; (S140) Determining the priority;

Abstract translation: 目的：提供一种确定安全要求优先级的方法，通过从确定安全要求之间的优先级的安全性要求的定性信息中获取安全性要求的定量信息来提高确定的优先级的可靠性。 构成：通过使用有关安全要求的比较关系信息来提取与一组安全要求相对应的核心要素（S110）。 通过使用核心元素的矩阵来提取关于核心元素的BPA（基本概率分配）功能值（S120）。 通过使用核心要素的BPA函数值来计算安全性要求的可靠性值（S130）。 安全要求之间的优先级根据安全要求的可靠性值确定（S140）。 比较关系信息包括通过比较安全要求的部分安全要求的可靠性值的大小而产生的结果。 （附图标记）（AA）开始; （BB）结束; （S100）提取安全要求; （S110）提取核心元素; （S120）提取BPA功能值; （S130）计算可靠性值; （S140）确定优先级;

公开(公告)号：KR100862617B1

公开(公告)日：2008-10-09

申请号：KR1020070062323

申请日：2007-06-25

Applicant: 한국전자통신연구원

Inventor： 김강산 ,  김형천 ,  홍순좌 ,  박응기 ,  박춘식

IPC: G06F15/00 ,  G06F21/00

Abstract: 본 발명은 PC 보안 점검 시스템 및 방법에 관한 것으로서, 컴퓨터 해킹, 바이러스, 웜 그리고 트로이 목마 등으로부터 개인 컴퓨터를 보호하기 위해 자동으로 보안 점검을 하고 취약한 부분을 사용자에게 알리거나 치료하기 위한 것이다. 본 발명은 컴퓨터에 대해 전문적인 지식이 없는 사용자도 쉽게 조치를 취할 수 있도록 모든 보안 점검 항목에 대해 자동으로 점검하고 치료하며, 취약한 부분과 치료 결과를 사용자에게 쉽게 설명함으로써, 사이버공격으로 인한 피해를 방지할 수 있는 최신의 PC 상태를 유지할 수 있는 효과를 제공하며 중요 시스템 및 서비스에 대한 사이버위협 피해를 최소화할 수 있다.
사이버위협, 웜, 바이러스, 해킹, 보안, 정책, 점검, PC, 컴퓨터

公开(公告)号：KR1020060028261A

公开(公告)日：2006-03-29

申请号：KR1020040077352

申请日：2004-09-24

Applicant: 한국전자통신연구원

Inventor： 서정택 ,  최대식 ,  윤주범 ,  박응기 ,  박춘식

IPC: G06F15/00

Abstract: 본 발명은 패치 자동 관리 및 분배 시스템과 이를 이용한 패치 분배 방법에 관한 것으로, 클라이언트 에이전트가 패치 서버에 접속하여 자신의 시스템에 맞는 스캔 리스트를 받아서 설치해야 할 패치 파일의 존재여부를 확인한 후, 그 결과에 따라서 패치 설치 작업을 수행하는 패치 분배 서비스를 제공한다. 이를 통해서 네트워크에 설치된 모든 시스템들에 대한 안전한 패치 자동 분배 및 관리가 가능함으로써 각각의 클라이언트 시스템의 보안성을 향상시키며 궁극적으로는 전체 네트워크의 안정성을 확보할 수 있다.
패치, 패치서버, 패치서버 매니저, 패치 클라이언트 에이전트, 패치 클라이언트 매니저, 패치DB, 패치 저장소

Abstract translation: 确认使用相同和补丁自动管理和分布式系统涉及补丁分发方法的补片的存在的本发明之后，将要安装的客户端代理接收扫描列表自己的系统连接到补丁服务器，并且作为结果 以及根据本发明的用于执行补丁安装操作的补丁分发服务。 通过这种方式，可以安全地分发和管理网络中安装的所有系统的补丁程序，从而提高每个客户端系统的安全性并最终确保整个网络的稳定性。

公开(公告)号：KR1020030056568A

公开(公告)日：2003-07-04

申请号：KR1020010086830

申请日：2001-12-28

Applicant: 한국전자통신연구원

Inventor： 강철오 ,  최대식 ,  한광택 ,  정주영 ,  고재영 ,  우종우 ,  황선태 ,  최진우 ,  박춘식

IPC: H04L9/32

CPC classification number: H04L63/0869

Abstract: PURPOSE: An authentication method for protecting an agent and a message is provided, which defends the attack from a malicious agent and message level, and assures authentication at an initial access trial process. CONSTITUTION: According to the authentication method, a transmitter agent(1) request authentication to a facilitator(2) in order to transfer a message to an unknown agent. The facilitator performs mutual authentication with the transmitter agent and then exchanges a session key. The facilitator finds an agent coinciding with its object and performs mutual authentication, and then exchanges the session key. And the transmitter agent constitutes an independent security channel with a receiver agent(3) selected using the session key.

Abstract translation: 目的：提供一种用于保护代理和消息的认证方法，从而防止恶意代理和消息级别的攻击，并在初始访问试用过程中确保认证。 构成：根据认证方法，发送方代理（1）向促进者（2）请求认证，以便将消息传递给未知代理。 协调者与发射机代理执行相互认证，然后交换会话密钥。 协调人找到与其对象一致的代理，并进行相互认证，然后交换会话密钥。 并且发射机代理构成具有使用会话密钥选择的接收方代理（3）的独立安全信道。

公开(公告)号：KR100372590B1

公开(公告)日：2003-02-15

申请号：KR1020010028599

申请日：2001-05-24

Applicant: 한국전자통신연구원

Inventor： 윤재우 ,  이승형 ,  최인수 ,  한광택 ,  박춘식

IPC: H04L12/28

Abstract: PURPOSE: A method of assigning a link capacity in a VPN(Virtual Private Network) is provided to request reassignment from a manager by a VPN subscriber when transmissions are congested or transmissions are reduced in a VPN, in order to dynamically control a capacity of a virtual link, thereby obtaining economical benefits. CONSTITUTION: A VPN manager is assigned with an initial link capacity(CI) from a basic communication network manager while setting up a virtual link(S1). The VPN manager operates a self-subscribed VPN with the initial link capacity(CI)(S2). If a request of changing a capacity of the virtual link is generated owing to increased or reduced transmissions, the VPN manager compares a demanded link capacity(SI) with the initial link capacity(CI)(S3). If the demanded link capacity(SI) is smaller than the initial link capacity(CI), the VPN manager requests the demanded link capacity(SI)(S4), and is assigned with the first changing link capacity(RI1) having the same size as the demanded link capacity(SI)(S5).

Abstract translation: 目的：提供一种在VPN（虚拟专用网络）中分配链路容量的方法，以便在VPN中传输拥塞或传输减少时请求由VPN用户从管理器重新分配，以便动态地控制 虚拟链接，从而获得经济效益。 构成：在建立虚拟链路（S1）时，VPN管理器被分配来自基本通信网络管理器的初始链路容量（CI）。 VPN管理器使用初始链路容量（CI）（S2）操作自签署的VPN。 如果由于传输增加或减少而产生改变虚拟链路的容量的请求，则VPN管理器将请求的链路容量（SI）与初始链路容量（CI）进行比较（S3）。 如果所需链路容量（SI）小于初始链路容量（CI），则VPN管理器请求所需链路容量（SI）（S4），并且分配具有相同大小的第一变化链路容量（RI1） 作为要求的链路容量（SI）（S5）。

公开(公告)号：KR100324207B1

公开(公告)日：2002-02-16

申请号：KR1019990062465

申请日：1999-12-27

Applicant: 한국전자통신연구원

Inventor： 정창훈 ,  김춘수 ,  박춘식 ,  류대현

IPC: H04M1/253

Abstract: 본발명은음성압축기능과사용자인터페이스기능을갖는디지털휴대전화기를유선통신망에적용하기위한것으로서, 프레임처리기능과공중망접속기능을갖는정합장치와, 이정합장치를이용한공중망전화통신방법에관한것이다. 이러한정합장치는, 정합모듈과, 상기디지털휴대전화기에장착된접속포트를포함하며, 상기정합모듈은, 상기디지털휴대전화기의접속포트와접속되어압축된음원부호가입력되는정합모듈의접속포트와, 상기압축된음원부호를프레임처리하는프레임처리부, 상기프레임처리된음성데이터를변조하는변복조부, 및상기변조된음성신호를상기공중전화망으로전송하는회선정합부를포함한다. 또한이러한정합장치를이용한공중망전화통신방법은, 발신측디지털휴대전화기가압축된음원부호를발생하는제 1 단계와, 상기발신측디지털휴대전화기에접속된정합모듈이상기압축된음원부호를입력받아프레임처리하고변조하여상기공중전화망을통해착신측으로전송하는제 2 단계, 착신측정합모듈이상기발신측정합모듈로부터전송된음성데이터를복조하고프레임복원하는제 3 단계, 및상기착신측정합모듈과접속된디지털휴대전화기가상기복원된음성데이터를음성신호로복원하여송출하는제 4 단계를포함한다.

公开(公告)号：KR1020010058249A

公开(公告)日：2001-07-05

申请号：KR1019990062465

申请日：1999-12-27

Applicant: 한국전자통신연구원

Inventor： 정창훈 ,  김춘수 ,  박춘식 ,  류대현

IPC: H04M1/253

Abstract: PURPOSE: An interface unit between a digital cellular phone and a public network, and a public-network telecommunication method using the unit, are provided to prevent a wire tap on a public telephone network, by using the interface unit in which a data frame processing function and a public-network connection function are included. CONSTITUTION: A Vocoder(202) codes the voice inputted via a microphone in order to generate compressed sound sources. The compressed sound sources are transmitted and received via an RF(Radio Frequency) modem(201). The interface unit includes a digital cellular phone connection port(204), a frame process part(206), a control processor(205), a modem chip-set(207) and a line interface part(208). A sound code is inputted via the cellular phone connection port(204) when a safe wired communication mode is selected. The sound code is processed by the frame process part(206) under the control of the control processor(205), and then is inputted into the modem chip-set(207). The modem chip-set(207) modulates an input signal, and then transmits it to a PSTN network(209) via the line interface part(208).

Abstract translation: 目的：提供数字蜂窝电话和公共网络之间的接口单元以及使用该单元的公共网络电信方法，以通过使用其中数据帧处理的接口单元来防止公共电话网络上的有线窃听 功能和公共网络连接功能。 构成：声码器（202）对通过麦克风输入的声音进行编码，以产生压缩声源。 压缩声源通过RF（射频）调制解调器（201）发送和接收。 接口单元包括数字蜂窝电话连接端口（204），帧处理部分（206），控制处理器（205），调制解调器芯片组（207​​）和线路接口部分（208）。 当选择安全有线通信模式时，通过蜂窝电话连接端口（204）输入声码。 在控制处理器（205）的控制下，由帧处理部（206）处理声音码，然后输入到调制解调器芯片组（207​​）。 调制解调器芯片组（207​​）调制输入信号，然后经由线路接口部分（208）将其发送到PSTN网络（209）。

公开(公告)号：KR1020010046704A

公开(公告)日：2001-06-15

申请号：KR1019990050583

申请日：1999-11-15

Applicant: 한국전자통신연구원

Inventor： 천정희 ,  박춘식 ,  강주성 ,  고기형 ,  한재우 ,  이상진

IPC: H04L9/00

CPC classification number: H04L9/30

Abstract: PURPOSE: A system for encoding/decoding by using braid operation and a method for generating a key therefor are provided to supply the writing means, by which the program for materializing methods for generating the key can be read in the computer. CONSTITUTION: In the system for encoding/decoding by using braid operation and the method for generating the key therefor, two stages are included. In the stage of 31, initialization is carried out. The option braid (a) of 2n braids is calculated in a decoding system and the braid (b), the right n braids of which are braided, is calculated. In the stage of 32, a key is generated and bab-1 is calculated by using the option braid (a) and the braid (b) in the decoding system and (b) becomes a secret key and (a) and bab-1 become a public key.

Abstract translation: 目的：提供一种通过使用编织操作进行编码/解码的系统及其产生方法，以提供写入装置，通过该写入装置可以在计算机中读取用于产生密钥的实现方法的程序。 构成：在通过编织操作进行编码/解码的系统及其产生密钥的方法中，包括两个阶段。 在31的阶段，进行初始化。 在编码系统中计算2n编织物的编织物（a），并计算其编织的右n编织物的编织物（b）。 在32的阶段，生成一个密钥，并且通过使用解码系统中的选项编织物（a）和编织物（b）计算出bab-1，（b）成为秘密密钥，（a）和bab-1 成为公钥。

公开(公告)号：KR1020000033345A

公开(公告)日：2000-06-15

申请号：KR1019980050185

申请日：1998-11-23

Applicant: 한국전자통신연구원

Inventor： 박춘식

IPC: H04L9/28

CPC classification number: H04L9/3257

Abstract: PURPOSE: A blind signature method of an electronic commerce system or the electronic election system using euclidean algorithm without the necessity of random number generator is provided. CONSTITUTION: A user who wants to receive a signature generates a, b, X and Y using euclidean algorithm other than a message to be signed(S501). A hiding information C is calculated by using the signer's public key and the a, b generated at the step S501(S502). The hiding information C is transmitted to the signer(S503). The signer generates a signature sentence S' using his secret key(S504). The signer transmits the signature sentence S' to the user(S505). The user calculates a final blind signature S by means of the signature sentence S' transmitted from the signer and the secret information X, Y generated by him(S506).

Abstract translation: 目的：提供电子商务系统的盲签名方法或使用欧几里德算法而不需要随机数发生器的电子选举系统。 构成：要接收签名的用户使用除要签名的消息之外的欧几里得算法生成a，b，X和Y（S501）。 通过使用签名者的公钥和在步骤S501生成的a，b来计算隐藏信息C（S502）。 隐藏信息C被发送到签名者（S503）。 签名者使用其秘密密钥生成签名语句S'（S504）。 签名者将签名语句S'发送给用户（S505）。 用户通过从签名者发送的签名语句S'和由他生成的秘密信息X，Y来计算最终的盲签名S（S506）。

公开(公告)号：KR1020000013586A

公开(公告)日：2000-03-06

申请号：KR1019980032531

申请日：1998-08-11

Applicant: 한국전자통신연구원

Inventor： 박춘식 ,  박광호 ,  김용대 ,  김대호

IPC: H04L9/30

Abstract: PURPOSE: A method for commonly using a secret key in group wear system and electrical signature method using the same are provided to be able to secure a security function in a group wear system in which plan, signature and cooperation document and so on are electrically performed. CONSTITUTION: The method for commonly using a secret key in group wear system includes three steps. A first step is to transmit it to a server a message which a key encoded as a client encodes an input key using a recognition information of the client and a text using the input key and a head information except the encoded text and key are combined. A second step is that the encoded key in a message received from the client is demodulated by the server and the demodulated key is encoded using the recognition information of the server to store the message the server. A third step is transmit it to other client a message which a key encoded as the server encodes a key using a recognition information of the other client and a head information except the encoded text and key are combined.

Abstract translation: 目的：提供一种在组穿戴系统中通常使用秘密密钥的方法和使用其的电子签名方法，以能够确保电工执行计划，签名和协作文档等的组织系统中的安全功能 。 构成：在组磨系统中常用密钥的方法包括三个步骤。 第一步是将服务器将使用客户机的识别信息编码的密钥和使用输入密钥的文本以及除编码的文本和密钥之外的头信息进行组合的消息编码为客户端的消息。 第二步是从客户端接收到的消息中的编码密钥由服务器进行解调，解调密钥使用服务器的识别信息进行编码，以便将消息存储在服务器中。 第三步骤将其编码为服务器的密钥使用另一客户机的识别信息编码的密钥和除编码文本和密钥之外的头信息组合在一起的消息。