-
公开(公告)号:KR100439174B1
公开(公告)日:2004-07-05
申请号:KR1020010081570
申请日:2001-12-20
Applicant: 한국전자통신연구원
IPC: H04L12/22
Abstract: PURPOSE: A method for delivering a policy of a Ladon-SGS(Security Gateway System) and managing a database for alarms is provided to reflect countermeasures on the database for alarms according to types of generated terrors, and to update the countermeasures in a cache interworking with an analyzer of the Ladon-SGS, thereby rapidly processing a monitoring system as well as being applied to detecting or breaking polices. CONSTITUTION: A policy and system manager of an optional Ladon-SGS receives packet data from a Ladon-CPCS through a network(301), to discriminate the packet data with reference to breaking information(302). If the packet data are included in the breaking information, the policy and system manager provides the packet data to a breaker through a message queue(303), and the breaker breaks the packet data(304). If the packet data are not included in the breaking information, the policy and system manager abbreviates the packet data to an event and provides the event to an analyzer through the message queue(305). The analyzer stores the event in a cache(306), and analyzes the event by using an analysis function according to types(307). The analyzer reads a pattern class to check whether a 'start' state exists(308). If so, the analyzer inserts the pattern class in a stack class(309), and if not, the analyzer decides whether a state is a 'final' state(310). If so, the analyzer copes with an invasion according to a defined invasion pattern(311), and if not, the analyzer checks whether a certain time stamp passes(312). If so, the analyzer deletes the pattern class(313), and if not, the analyzer checks whether all patterns included in a corresponding thread are inspected(314). If so, the step 307 is returned, and if not, the step 308 is returned.
Abstract translation: 目的:提供一种传递Ladon-SGS(安全网关系统)策略并管理警报数据库的方法,以根据所产生的恐怖类型反映警报数据库的对策,并更新缓存交互工作中的对策 通过Ladon-SGS分析仪,从而快速处理监测系统,并将其应用于检测或破坏政策。 构成:可选Ladon-SGS的策略和系统管理器通过网络(301)从Ladon-CPCS接收分组数据,以参考分解信息(302)来区分分组数据。 如果分组数据被包括在中断信息中,则策略和系统管理器通过消息队列将分组数据提供给断路器(303),并且断路器中断分组数据(304)。 如果分组数据未包括在中断信息中,则策略和系统管理器将分组数据缩写为事件,并通过消息队列将该事件提供给分析器(305)。 分析器将事件存储在缓存(306)中,并且通过使用根据类型的分析函数来分析事件(307)。 分析器读取模式类以检查是否存在“开始”状态(308)。 如果是,则分析器将模式类插入到堆栈类(309)中,否则,分析器判定状态是否是“最终”状态(310)。 如果是这样,则分析仪根据定义的入侵模式(311)应对入侵,如果不是,则分析仪检查是否通过了某个时间戳(312)。 如果是,则分析器删除模式类(313),如果不是,则分析器检查是否检查了包括在相应线程中的所有模式(314)。 如果是,则返回步骤307,否则返回步骤308。
-
公开(公告)号:KR1020040055895A
公开(公告)日:2004-06-30
申请号:KR1020020082342
申请日:2002-12-23
Applicant: 한국전자통신연구원
IPC: G06F15/00
Abstract: PURPOSE: A device and a method for discriminated a security service on a wide range network are provided to detect a large-scale attack through the network and confront the attack depending on a security level by discriminating/setting a security path to a security service request as classifying a security service into each security level and assigning the security level to respective devices. CONSTITUTION: A network security service framework comprises a security policy server(1) and a security policy executing system(2) performing a network security service on the wide range network(10). A security policy transferring/managing communication protocol stack(20) transmits the security policy information between the security policy server and the security policy executing system. A security management domain has a discriminated security requirement and confronting function.
Abstract translation: 目的:提供一种用于区分广泛网络上的安全服务的设备和方法,以通过网络检测大规模攻击,并通过将安全路径识别/设置为安全服务请求来根据安全级别对抗攻击 将安全服务分类到每个安全级别,并将安全级别分配给各个设备。 构成:网络安全服务框架包括在宽范围网络(10)上执行网络安全服务的安全策略服务器(1)和安全策略执行系统(2)。 传送/管理通信协议栈(20)的安全策略在安全策略服务器和安全策略执行系统之间传输安全策略信息。 安全管理域具有歧视的安全要求和对抗功能。
-
公开(公告)号:KR1020040055515A
公开(公告)日:2004-06-26
申请号:KR1020020082209
申请日:2002-12-21
Applicant: 한국전자통신연구원
IPC: H04L12/28
CPC classification number: H04L12/5601 , H04L49/15 , H04L2012/5665 , H04Q11/0478
Abstract: PURPOSE: A network 2 layer interworking apparatus for metro Ethernet service by using ATM network and a method therefor are provided to effectively convert a metro Ethernet service to an ATM network transfer traffic form and effectively transfer time-restricted data such as voice information. CONSTITUTION: An Ethernet connector(202) interworks with a basic MAC chip. An ATM connector(206) performs a basic ATM protocol and SAR(Segmentation And Reassemble) function, and transfers an IP packet in an AAL5 form. An Ethernet proxy agent(203) processes an ARP protocol and manages an ARP table. An ATM proxy agent(205) performs an inverse ATMARP processing function A mapping bridge(204) performs a transfer service with respect to IP packets when connection information is available for service by each proxy agent(203,205).
Abstract translation: 目的:提供一种通过ATM网络进行城域以太网业务的网络2层互通设备及其方法,有效地将城域以太网业务转换为ATM网络传输业务形式,有效传输语音信息等时间限制的数据。 构成:以太网连接器(202)与基本MAC芯片交互。 ATM连接器(206)执行基本ATM协议和SAR(分段和重组)功能,并以AAL5形式传送IP包。 以太网代理(203)处理ARP协议并管理ARP表。 ATM代理(205)执行逆ATMARP处理功能。当连接信息可由每个代理(203,205)服务时,映射网桥(204)相对于IP包执行传送服务。
-
公开(公告)号:KR1020040038034A
公开(公告)日:2004-05-08
申请号:KR1020020066900
申请日:2002-10-31
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/1408
Abstract: PURPOSE: An alert transmission device for an intrusion detection and response function and a method therefor are provided to transmit an alert for coping with an intrusion by using a COPS(Common Open Policy Service)-IDR(Intrusion Detection and Response) and a new COPR-IDR protocol object, thereby simplifying a system structure and easily managing IDRSs(Intrusion Detection and Response Systems) by a CPS(Central Policy Server). CONSTITUTION: A CPS(100) comprises as follows. A policy management tool(110) generates security policy information, and stores the security policy information. A COPS-IDR server(130) supplies the security policy information to an IDRS(200), and supplies an alert transmission message including an alert message of the IDRS(200) to an upper module. A message parsing and interpretation module(140) stores the alert transmission message in an alert DB(160), or supplies the alert transmission message to an alert viewer(150). The IDRS(200) comprises as follows. A COPS-IDR client(210) receives the security policy information, configures the alert transmission message, and supplies the alert transmission message to the CPS(100). An intrusion detection module(250) performs an intrusion detection function, and generates a raw alert transmission message to supply the message. An intrusion response module(230) responses to an intrusion when the raw alert transmission message is transmitted. A message generation module(270) supplies the alert transmission message to the COPS-IDR client(210).
Abstract translation: 目的:提供一种用于入侵检测和响应功能的警报传输设备及其方法,用于通过使用COPS(公共开放策略服务)-IDR(入侵检测和响应)和新的COPR传输用于应对入侵的警报 -IDR协议对象,从而简化了系统结构,并通过CPS(中央策略服务器)轻松管理IDRS(入侵检测和响应系统)。 规定:CPS(100)包括如下。 策略管理工具(110)生成安全策略信息,并存储安全策略信息。 COPS-IDR服务器(130)将安全策略信息提供给IDRS(200),并将包括IDRS(200)的警报消息的警报传输消息提供给上层模块。 消息解析和解释模块(140)将警报传输消息存储在警报DB(160)中,或者将警报传输消息提供给警报查看器(150)。 IDRS(200)包括如下。 COPS-IDR客户端(210)接收安全策略信息,配置警报传输消息,并向CPS(100)提供警报传输消息。 入侵检测模块(250)执行入侵检测功能,并生成原始警报传输消息以提供消息。 当发送原始警报传输消息时,入侵响应模块(230)响应入侵。 消息生成模块(270)向COPS-IDR客户端(210)提供警报传输消息。
-
公开(公告)号:KR1020030021339A
公开(公告)日:2003-03-15
申请号:KR1020010054399
申请日:2001-09-05
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/20 , H04L63/1408
Abstract: PURPOSE: A security gateway device for a policy-based network security control and an operating method therefor are provided to dynamically meet a cyber terror by updating a correspondence policy according to a terror type in a policy cache when the cyber terror is generated and applying the updated policy to a newly generated cyber terror. CONSTITUTION: A CPA(Cyber Patrol Agent)(201) receives a cyber terror detection signal, and transmits the received cyber terror detection signal to a CPCS(Cyber Patrol Control System)(300). A policy receiving unit(202) receives a policy corresponding to the cyber terror detection signal from the CPCS(300). A security policy engine(203) receives the policies from the policy receiving unit(202), and outputs a dynamic security policy among the policies. A QoS(Quality of Service) policy executing engine(206) receives the policies from the policy receiving unit(202), and outputs a dynamic QoS policy among the policies. A security policy cache(204) receives the dynamic security policy from the security policy engine(203), and stores the received dynamic security policy according to the type of a cyber terror by a schema unit. A policy cache(205) receives the dynamic security policy of the schema unit from the security policy cache(204), receives the dynamic QoS policy from the QoS policy executing engine(206), updates policy information, and outputs updated policy information to the policy receiving unit(202) for dynamically corresponding to the cyber terror.
Abstract translation: 目的:提供一种用于基于策略的网络安全控制及其操作方法的安全网关设备,用于通过在生成网络恐怖时根据策略缓存中的恐怖类型更新通信策略来动态地满足网络恐怖,并应用 最新政策对新生成的网络恐怖。 规定:注册会计师(网络巡更代理)(201)收到网络恐怖检测信号,并将接收到的网络恐怖检测信号发送到CPCS(网络巡逻控制系统)(300)。 策略接收单元(202)从CPCS(300)接收与网络恐怖检测信号相对应的策略。 安全策略引擎(203)从策略接收单元(202)接收策略,并在策略中输出动态安全策略。 QoS(QoS)策略执行引擎(206)从策略接收单元(202)接收策略,并在策略中输出动态QoS策略。 安全策略缓存(204)从安全策略引擎(203)接收动态安全策略,并根据模式单元的网络恐怖类型存储接收的动态安全策略。 策略缓存(205)从安全策略缓存(204)接收到模式单元的动态安全策略,从QoS策略执行引擎(206)接收动态QoS策略,更新策略信息,并将更新后的策略信息输出到 策略接收单元(202),用于动态地对应于网络恐怖。
-
Patent Agency Ranking
公开(公告)号:KR1020010016663A
公开(公告)日:2001-03-05
申请号:KR1019990031673
申请日:1999-08-02
Applicant: 한국전자통신연구원
Inventor: 장종수
IPC: H04L12/28
CPC classification number: H04L12/4608 , H04L12/66 , H04L69/16
Abstract: PURPOSE: A connective inter-working module between internet and an ATM network and a method for controlling thereof are provided to offer the configuration and service method of a connective inter-working module related to the inter-working of a service transfer and control protocol configured in a service inter-working gateway existing in the boundary between internet and an ATM network. CONSTITUTION: A connective inter-working module of an inter-working gateway is configured of a real-time session control module(201), a real-time stream transfer module(202), an inter-working agent(203), an ATM session processing module(204) and an ATM stream transfer module(205). The real-time session control module(201) controls session to provide a real-time stream in an IP domain. The real-time stream transfer module(202) carries out real-time stream transfer. The inter-working agent(203) interlocks a service protocol of an IP domain and a service protocol of an ATM domain each other. The ATM session processing module(204) is in charge of session in an ATM domain. The ATM stream transfer module(205) carries out stream transfer.
Abstract translation: 目的:提供互联网和ATM网络之间的连接互通模块及其控制方法,以提供与配置的业务传输和控制协议的互通相关的连接互通模块的配置和服务方法 在互联网和ATM网络之间的边界中存在的服务互通网关中。 构成:互连网关的连接互通模块由实时会话控制模块(201),实时流传输模块(202),互联代理(203),ATM 会话处理模块(204)和ATM流传输模块(205)。 实时会话控制模块(201)控制会话以在IP域中提供实时流。 实时流传输模块(202)执行实时流传输。 互联代理(203)将IP域的服务协议和ATM域的服务协议相互联锁。 ATM会话处理模块(204)负责ATM域中的会话。 ATM流传输模块(205)进行流传输。
-
公开(公告)号:KR1019980051295A
公开(公告)日:1998-09-15
申请号:KR1019960070171
申请日:1996-12-23
Applicant: 한국전자통신연구원
IPC: H04L12/16
Abstract: 본 발명은 ATM 기술을 채용한 B-ISDN을 기반으로 하는 초고속 정보 통신망에 관한 것으로, 다양한 종류의 서비스 단말과 서버 및 통신망이 연결된 이종 통신망환경에서 서비스 이용자가 단말의 종류 및 처리 능력, 서버의 종류의 제공할 서비스 내용의 형식에 무관하게 초고속 정보 통신망을 통하여 서비스의 종류와 단말의 능력 및 위치에 무관하게 초고속 정보 통신 서비스를 제공받을 수 있도록 하는 서비스 연동 브로커 장치 및 그 연동 방법이 제시된다.
-
-
公开(公告)号:KR1019970011840B1
公开(公告)日:1997-07-16
申请号:KR1019940013546
申请日:1994-06-15
IPC: H04L12/54
Abstract: A distributed access network system in order to store effetely the distributed service subscriber in the B-ISDN. The said system consists of a collection/division multiplex means where collects the several subscriber input traffic and routing the traffic to the appropriate destination; and an access control node where manages collectively the ring c interconnect the distributed collection multiplex means with the ring type and manages centrally manages connect with the single switching means.
Abstract translation: 一种分布式接入网络系统,用于在B-ISDN中有效地存储分布式业务用户。 所述系统由收集/分割多路复用装置组成,其收集多个用户输入业务并将业务路由到适当的目的地; 以及访问控制节点,其共同管理环c将分布式集合多路复用装置与环型互连,并且管理集中管理与单个交换装置的连接。
-
公开(公告)号:KR1019960027601A
公开(公告)日:1996-07-22
申请号:KR1019940033166
申请日:1994-12-07
Abstract: 본 발명은 광 절체 장치에 관한 것으로, 특히 선행노드에서 입력되는 데이타의 광 파워를 N대 M으로 분배하는 선행노드 입력 신호광 분배수단(10), 현재 노드/단말에서 입력되는 데이타의 광파워를 90대 10으로 분배하는 현재노드 입력신호 광 분배수단(20), 상기 현재노드 입력신호 광 분배수단(20)으로부터 출력되는 10%의 분배 광 신호를 감지하여 광 스위치 제어신호를 출력하는 노드 장애 감시 및 절체 제어수단(30), 상기 노드 장애 감시 및 절체 제어수단(30)으로부터 출력되는 제어 신호에 따라 상기 선행노드 입력 신호 광 분배수단(10)으로부터 출력되는 N%의 분배 광 신호를 단속하는 선행노드광 신호 단속수단(40), 상기 노드 장애 감시 및 절체 제어수단(30)으로부터 출력되는 제어 신호에 따라 상기 현재노드 입력신호 광 분배수단(20)으로부터 출력되는 90 %의 분배 광 신호를 단속하는 현재노드 광신호 단속수단(50)으로부터 출력되는 광신호를 결합하는 광신호 결합수단(60)을 구비하여 루프드 버스(looped-bus) 형태의 망에서 중간 노드의 장애시에도 망내의 다른 노드에 영향을 미치지 않고 서비스의 제공이 가능하다.
-
-
-
-
-
-
-
-
-
Search Results
334
records
(took 0.023 seconds)
