-
公开(公告)号:KR101425275B1
公开(公告)日:2014-08-13
申请号:KR1020120110606
申请日:2012-10-05
Applicant: 숭실대학교산학협력단
Abstract: 무선 액세스 포인트와 통신을 수행하는 단말장치 및 이의 통신 제어 방법이 개시된다. 개시된 단말장치는 MAC 주소 인증방식을 이용하여 인증을 수행하는 무선 액세스 포인트(AP)와 통신을 수행하는 통신부; 상기 통신부의 MAC 주소와는 다른 임의의 MAC 주소를 생성하는 MAC 주소 생성부; 및 상기 통신부 및 상기 MAC 주소 생성부의 동작을 제어하는 제어부를 포함하되, 상기 무선 AP로부터 전송된 신호가 상기 통신부를 통해 최초로 수신된 경우, 상기 제어부는 상기 MAC 주소 생성부가 상기 임의의 MAC 주소를 생성하도록 제어하고, 상기 통신부가 상기 임의의 MAC 주소를 상기 무선 AP로 전송하도록 제어한다.
-
公开(公告)号:KR1020140076125A
公开(公告)日:2014-06-20
申请号:KR1020120144303
申请日:2012-12-12
Applicant: 숭실대학교산학협력단
CPC classification number: H04L9/32 , H04L9/0861 , H04L63/166
Abstract: Disclosed is an apparatus for authenticating secure sockets layer/transport layer security (SSL/TLS). A private key generator generates a plurality of private keys associated with each other using SSL/TLS private keys to separately store the private keys in a first cloud and a second cloud. A protocol unit receives an SSL/TLS generation request message from a web browser to start an SSL/TLS handshake protocol. A private key operating unit enables the first cloud to transmit a private key operation request message to the second cloud, and the second cloud receives the private key operation request message to transmit a private key operation result message to the first cloud. An SSL/TLS channel forming unit shares a private key with the web browser based on the private key operation result message received by the first cloud to form an SSL/TLS channel. The present invention may stably protect the private key from malicious access of a public cloud in a cloud environment and form a stable SSL/TLS channel to stably protect a web user and a web server.
Abstract translation: 公开了一种用于认证安全套接层/传输层安全性(SSL / TLS)的装置。 私钥生成器使用SSL / TLS专用密钥生成彼此相关联的多个私钥,以将私钥分别存储在第一云和第二云中。 协议单元从Web浏览器接收SSL / TLS生成请求消息以启动SSL / TLS握手协议。 私钥操作单元使得第一云能够向第二云发送私钥操作请求消息,并且第二云接收私钥操作请求消息以将私钥操作结果消息发送到第一云。 SSL / TLS通道形成单元基于由第一云接收到的私钥操作结果消息与web浏览器共享私钥以形成SSL / TLS信道。 本发明可以稳定地保护私钥免受云环境中的公共云的恶意访问,并形成稳定的SSL / TLS信道,以稳定地保护web用户和web服务器。
-
公开(公告)号:KR1020140044528A
公开(公告)日:2014-04-15
申请号:KR1020120110606
申请日:2012-10-05
Applicant: 숭실대학교산학협력단
Abstract: A terminal device communicating with a wireless access point and a method for controlling the same are disclosed. The terminal device comprises a communication unit which communicates with a wireless access point (AP) performing authentication by using MAC address-based authentication; an MAC address generation unit which generates a random MAC address different from the MAC address of the communication unit; and a control unit which controls operations of the communication unit and the MAC address generation unit, wherein, if a signal transmitted from the wireless AP is received via the communication unit for the first time, the control unit controls the MAC address generation unit to generate the random MAC address and the communication unit to transmit the random MAC address to the wireless AP. [Reference numerals] (AA) Start; (BB) End; (S310) Receive a signal transmitted from a wireless AP for the first time; (S320) Generate a random MAC address; (S330) Transmit the random MAC address to the wireless AP; (S340) The received signal includes an authentication request message or the webpage blocked through a network is a webpage for authentication?; (S350) Transmit an original MAC address to the wireless AP; (S360) Communicate with the wireless AP using the original MAC address; (S370) Block communications with the wireless AP
Abstract translation: 公开了一种与无线接入点通信的终端设备及其控制方法。 所述终端装置包括:通过使用基于MAC地址的认证与进行认证的无线接入点(AP)通信的通信单元; MAC地址生成单元,生成与通信单元的MAC地址不同的随机MAC地址; 以及控制单元,其控制通信单元和MAC地址生成单元的操作,其中,如果经由所述通信单元首次接收到从所述无线AP发送的信号,则所述控制单元控制所述MAC地址生成单元生成 随机MAC地址和通信单元向无线AP发送随机MAC地址。 (附图标记)(AA)开始; (BB)结束; (S310)首次接收从无线AP发送的信号; (S320)生成随机MAC地址; (S330)将随机MAC地址发送到无线AP; (S340)接收到的信号包括认证请求消息,或通过网络阻塞的网页是用于认证的网页; (S350)将原始MAC地址发送到无线AP; (S360)使用原始MAC地址与无线AP进行通信; (S370)阻止与无线AP的通信
-
公开(公告)号:KR1020130057271A
公开(公告)日:2013-05-31
申请号:KR1020110123101
申请日:2011-11-23
Applicant: 에스케이텔레콤 주식회사 , 숭실대학교산학협력단
Abstract: PURPOSE: A wireless network access control method and a device thereof are provided to selectively connect users to a network by authenticating the users again. CONSTITUTION: A policy setting unit(220) confirms the number of specific terminal devices which are connected in a current state according to a confirmation result. The policy setting unit sets an access selection policy based on the number of the confirmed specific terminal devices. An access control unit(230) releases the connection for the terminal devices. The access control unit identifies whether the terminal device is the determined specific terminal device. The access control unit allows the identified terminal device to access a network according to the access selection policy set based on the identification result. [Reference numerals] (210) State determination unit; (220) Policy setting unit; (230) Access control unit
Abstract translation: 目的:提供无线网络接入控制方法及其设备,以便通过再次认证用户来选择性地将用户连接到网络。 构成:策略设定部(220)根据确认结果确认在当前状态下连接的特定终端装置的数量。 策略设置单元基于所确认的特定终端设备的数量来设置访问选择策略。 访问控制单元(230)释放用于终端设备的连接。 访问控制单元识别终端设备是否是确定的特定终端设备。 访问控制单元允许所识别的终端设备根据基于识别结果设置的访问选择策略来访问网络。 (附图标记)(210)状态确定单元; (220)策略设定单位; (230)门禁控制单元
-
公开(公告)号:KR1020130049974A
公开(公告)日:2013-05-15
申请号:KR1020110115066
申请日:2011-11-07
Applicant: 숭실대학교산학협력단
Abstract: PURPOSE: A group key management device, a method, and a program recording medium thereof are provided to effectively handle breakaway members by including a random number distribution technology in a ubiquitous state based on community. CONSTITUTION: A transmission unit(330) transmits a first group key to a first user. The transmission unit transmits a first random number value to an existing user except for the first user in order to generate the first group key by combining the existing group keys. The transmission unit transmits a second random number value to the other user except for a second user in order to generate a second group key by combining the existing group keys. [Reference numerals] (310) Joining and breakaway management unit; (320) Group key generation unit; (330) Transmission unit
Abstract translation: 目的:提供组密钥管理装置,方法和程序记录介质,以便通过在随机数分配技术基于社区的普遍存在的状态下包括随机数分布技术来有效地处理分组成员。 构成:发送单元(330)向第一用户发送第一组密钥。 发送单元向除了第一用户之外的现有用户发送第一随机数值,以便通过组合现有组密钥来生成第一组密钥。 发送单元向除第二用户之外的其他用户发送第二随机数值,以便通过组合现有组密钥来生成第二组密钥。 (附图标记)(310)连接和分离管理单元; (320)组密钥生成单元; (330)传输单元
-
Patent Agency Ranking
公开(公告)号:KR1020120050369A
公开(公告)日:2012-05-18
申请号:KR1020110008801
申请日:2011-01-28
Applicant: 숭실대학교산학협력단 , (주) 엠엠씨 테크놀로지
CPC classification number: H04L9/3242 , H04L9/0861 , H04L9/14 , H04L2209/601 , H04W12/06
Abstract: PURPOSE: A method for transmitting and receiving contents is provided to supply an IPTV(Internet Protocol Television) service in a safe method by reducing communication overheads caused by applying a security system based on an existing CAS(Conditional Access System) in a mobile IPTV environment. CONSTITUTION: A security system for a mobile terminal comprises a mobile terminal(110), a set top box(120), a content server(130), and an authentication server(140). The mobile terminal performs network access authentication for the authentication server in an initial stage. The mobile terminal registers an ID(Identification Number) and a profile of the mobile terminal in the set top box. The mobile terminal receives an IPTV(Internet Protocol Television) service from the content server. The mobile terminal comprises a Smart phone, a tablet PC, and a PDA(Personal Digital Assistants), etc. The mobile terminal performs network access authentication through EAP(Extensible Authentication Protocol)-AKA(Authentication and Key Agreement).
Abstract translation: 目的:提供一种发送和接收内容的方法,通过减少在移动IPTV环境中应用基于现有CAS(条件接入系统)的安全系统引起的通信开销,以安全的方式提供IPTV(因特网协议电视)业务 。 构成:用于移动终端的安全系统包括移动终端(110),机顶盒(120),内容服务器(130)和认证服务器(140)。 移动终端在初始阶段对认证服务器执行网络接入认证。 移动终端在机顶盒中注册ID(识别号码)和移动终端的简档。 移动终端从内容服务器接收IPTV(因特网协议电视)服务。 移动终端包括智能电话,平板电脑和PDA(个人数字助理)等。移动终端通过EAP(可扩展认证协议)-AKA(认证和密钥协商)执行网络接入认证。
-
公开(公告)号:KR1020120050368A
公开(公告)日:2012-05-18
申请号:KR1020110008797
申请日:2011-01-28
Applicant: 숭실대학교산학협력단 , (주) 엠엠씨 테크놀로지
CPC classification number: H04L9/32 , H04L9/0861 , H04L9/14 , H04L2209/601 , H04W12/06
Abstract: PURPOSE: A method of generating a usable id in a security system is provided to supply an IPTV(Internet Protocol Television) service in anytime a user wants in a safe method by using a mobile terminal in a mobile IPTV service environment. CONSTITUTION: A security system for a mobile terminal comprises a mobile terminal(110), a set top box(120), a content server(130), and an authentication server(140). The mobile terminal performs network access authentication for the authentication server in an initial stage. The mobile terminal receives an IPTV(Internet Protocol Television) service from the content server by registering an ID(Identification Number) and a profile of the mobile terminal in the set top box. The mobile terminal performs network access authentication through EAP(Extensible Authentication Protocol)-AKA (Authentication and Key Agreement).
Abstract translation: 目的:提供一种在安全系统中生成可用id的方法,用于通过在移动IPTV服务环境中使用移动终端以安全方式在用户期望的任何时间提供IPTV(因特网协议电视)服务。 构成:用于移动终端的安全系统包括移动终端(110),机顶盒(120),内容服务器(130)和认证服务器(140)。 移动终端在初始阶段对认证服务器执行网络接入认证。 移动终端通过在机顶盒中注册ID(识别号码)和移动终端的简档来从内容服务器接收IPTV(因特网协议电视)服务。 移动终端通过EAP(可扩展认证协议)-AKA(认证和密钥协商)执行网络接入认证。
-
公开(公告)号:KR101131929B1
公开(公告)日:2012-04-03
申请号:KR1020100043514
申请日:2010-05-10
Applicant: 숭실대학교산학협력단
Abstract: PURPOSE: Public key based authentication apparatus and method are provided to improve the safety with respect to man-in-the-middle attach by authenticating public values which are used in a password algorithm. CONSTITUTION: An authentication value generating part(110) calculates an initial hash key and the first initial result value of a hash function. The authentication value generating part calculates a first authentication value based on the first initial result value. A transmission parameter calculating part(120) generates a first hash public value and a hash function input message. The transmission parameter calculating part calculates a first collision value. A communicating part(130) the first hash public value, the first collision value, first current time information, the first authentication value, and a first public key to a second communication node. A receiving parameter calculation part(140) calculates the hash function result value of the second communication node. A security key generating part(150) generates a security key for transmitting and receiving data with respect to the second communication node.
-
公开(公告)号:KR101035488B1
公开(公告)日:2011-05-20
申请号:KR1020090094296
申请日:2009-10-05
Applicant: 숭실대학교산학협력단
CPC classification number: G07C5/0866 , G07C5/008
Abstract: 본 발명은 자동차 블랙박스 영상물 수집 방법에 관한 것으로, 사건사고와 관련된 영상물을 중앙 서버에서 요청할 경우, 각 개인 차량 블랙박스에 저장된 영상물들 중에서 사건사고와 관련 있는 영상물 일부만을 선택해서 중앙서버에 제공하는 자동차 블랙박스 영상물 수집 방법에 관한 것이다. 중앙서버에서 시간과 GPS 위치 정보에 대한 사건사고 리스트를 알려주면, 각 차량은 과거 전송한 사건사고 리스트를 선별 후 전송된 기록이 없는 사건사고 리스트에 대해서 블랙박스 영상물을 검색하여, 상기 사건사고 리스트에 해당되는 영상물이 존재할 경우 운전자의 동의를 얻은 다음 중앙서버로 전송하게 된다. 따라서, 본 발명은 운전자가 사건사고 현장을 지나갈때의 영상물만을 제공함으로써, 운전자의 프라이버시 침해 소지를 최소화하며, 유무선통신망을 통한 데이터 전송량을 최소화할 수 있어 현실적으로 적용이 가능하고, 특정 지역의 도로 상태 및 주변 상황 정보를 파악하는데 활용할 수 있는 효과가 있다.
자동차, 블랙박스, 중앙서버, 사건사고 리스트, 영상물-
公开(公告)号:KR1020110044664A
公开(公告)日:2011-04-29
申请号:KR1020090101462
申请日:2009-10-23
Applicant: 숭실대학교산학협력단
CPC classification number: H04L63/0884 , H04L9/085 , H04L9/3013 , H04L9/302 , H04L9/3249 , H04L63/18 , H04W12/06
Abstract: PURPOSE: A pre-authentication method for media independent handover is provided to reduce message overhead due to addition of a message. CONSTITUTION: An MIHIS(Media Independent Handover Information Server)(203) successfully performs an initial authentication process. The MIHIS is used as a proxy signature generating device which generates a signature instead of an authentication server(101). A signature right is entrusted by a safe security channel between the authentication server and the MIHIS. The information of a candidate target network is requested to the MIHIS by a MIH GET Information Sig Request message. The MIHIS generates candidate target network information and a proxy signature. The MIHIS transfers the candidate target network information and the proxy signature using an MIH_GET_Information_Sig Response message.
Abstract translation: 目的:提供用于媒体独立切换的预认证方法,以减少由于添加消息而导致的消息开销。 规定:MIHIS(媒体独立切换信息服务器)(203)成功执行初始认证过程。 MIHIS被用作生成签名而不是认证服务器(101)的代理签名生成装置。 签名权由认证服务器和MIHIS之间的安全安全通道委托。 通过MIH GET信息请求消息向MIHIS请求候选目标网络的信息。 MIHIS生成候选目标网络信息和代理签名。 MIHIS使用MIH_GET_Information_Sig响应消息传送候选目标网络信息和代理签名。
-
-
-
-
-
-
-
-
-
Search Results
105
records
(took 0.029 seconds)
