-
公开(公告)号:KR100918844B1
公开(公告)日:2009-09-28
申请号:KR1020070099831
申请日:2007-10-04
Applicant: 한국전자통신연구원
CPC classification number: G06F21/577
Abstract: 본 발명은 보안 프로파일을 이용한 복합 단말의 보안 장치 및 그 방법에 관한 것으로, 단말 사용자의 보안 지식 수준에 따라 수동 모드 또는 자동 모드로 단말의 보안 프로파일을 설정하고 단말이 처한 환경 요소가 변화하거나 사용자의 보안 수준 변경 요청이 있는 경우, 동적 또는 정적으로 보안 프로파일을 재구성함으로써, 보안 상황이 위급한 경우에 빠른 대처가 가능뿐 아니라 보안 지식이 낮고 단말의 기능에 대한 이해도가 낮은 사용자도 쉽게 보안 기능을 설정할 수 있는 이점을 가진다.
-
公开(公告)号:KR1020090068535A
公开(公告)日:2009-06-29
申请号:KR1020070136201
申请日:2007-12-24
Applicant: 한국전자통신연구원
IPC: H04B1/40
CPC classification number: H04W12/12 , G06F21/554 , H04K3/82 , H04W88/02
Abstract: A device and a method for detecting the sensitive information of a portable terminal are provided to detect and block the leakage of sensitive information, which is stored in a portable terminal, to the outside completely. A portable terminal(10) comprises a data storage unit(11), a sensitive information management unit(12), a sensitive information detecting and blocking unit(13), a portable storage medium interface(14) and a network interface(15). The data storage unit stores user data including basic data and sensitive information(11), and the sensitive information management unit(12) manages the detection and blocking for the leakage of the sensitive information to the outside. The sensitive information detecting and blocking unit detects and blocks the leakage of the sensitive information to the outside by being installed the portable storage medium interface and the network interface.
Abstract translation: 提供了一种用于检测便携式终端的敏感信息的装置和方法,以便将存储在便携式终端中的敏感信息的泄漏完全检测并阻止。 便携式终端(10)包括数据存储单元(11),敏感信息管理单元(12),敏感信息检测和阻断单元(13),便携式存储介质接口(14)和网络接口(15) 。 数据存储单元存储包括基本数据和敏感信息(11)的用户数据,敏感信息管理单元(12)管理敏感信息泄漏到外部的检测和阻塞。 敏感信息检测和阻断单元通过安装便携式存储介质接口和网络接口来检测和阻止敏感信息泄漏到外部。
-
公开(公告)号:KR1020090061915A
公开(公告)日:2009-06-17
申请号:KR1020070128924
申请日:2007-12-12
Applicant: 한국전자통신연구원
CPC classification number: H04L63/068 , H04L9/3228 , H04L63/0838
Abstract: A communications system and a method thereof for providing the enciphered communications of the light weight are provided to simplify a key generation management part by using an OTP generating unit. An OTP generator(120) produces OTP(One Time Password). A first encryption communication module(110) transmits user information and OTP value to a service server. The first encryption communications module transmits the OTP value and user information of the OTP generator for the user authentication to a service server. The first enciphered communications module performs the enciphered communications with the service server through data which are encrypted by using the OTP value. A first timer measures the use time of the session opened for the enciphered communication.
Abstract translation: 提供用于提供轻量化的加密通信的通信系统及其方法,以通过使用OTP生成单元来简化密钥生成管理部分。 OTP生成器(120)产生OTP(一次性密码)。 第一加密通信模块(110)向服务服务器发送用户信息和OTP值。 第一加密通信模块将用于用户认证的OTP生成器的OTP值和用户信息发送到服务服务器。 第一个加密通信模块通过使用OTP值加密的数据来执行与服务服务器的加密通信。 第一计时器测量为加密通信打开的会话的使用时间。
-
公开(公告)号:KR1020090045992A
公开(公告)日:2009-05-11
申请号:KR1020070111879
申请日:2007-11-05
Applicant: 한국전자통신연구원
CPC classification number: H04L63/0227 , G06F21/6263 , G06F2221/2101 , H04L63/10 , H04L63/1466
Abstract: 개인 휴대 단말기에서 접근 상황분석을 통한 중요정보 외부유출 차단 시스템 및 방법이 개시되어 있다. 중요정보 외부유출 차단 시스템은 개인정보 유출방지 정책 정보를 입력받아 복수의 개인 정보 유출 방지 규칙들로 분해하여 각 모듈로 전송하는 개인 정보 관리기; 규칙 1에 해당하는 패킷을 감지하면, 접근 상황정보분석을 통해 상황 정보를 전송하는 상황 분석기; 상황 정보를 수신받아, 패킷 분석을 통해 외부로 전송되는 패킷을 감시하여, 규칙 2에 해당하는 패킷을 감지하면, 필터링 정보를 전송하는 패킷 분석기; 및 필터링 정보를 수신받아 규칙3에 해당하는 패킷에 대한 통과/차단을 결정하는 개인 정보 유출 방지기를 포함한다. 따라서, 단말기는 개인 정보 유출 방지 규칙들에 따라 접근 상황정보분석 및 패킷 분석 기능을 통해 파일과 프로세스의 중요정보의 외부유출을 차단할 수 있다.
상황분석, 동적패킷분석, 개인정보유출방지, 접근제어, 네트워크 보안-
公开(公告)号:KR100850362B1
公开(公告)日:2008-08-04
申请号:KR1020070036083
申请日:2007-04-12
Applicant: 한국전자통신연구원
Abstract: A security enhancing method for a personal portable embedded terminal and a system therefor are provided to permit network access for an authenticated personal portable embedded terminal only, and to enable the permitted terminal to connect a network through security gateways which check security of the terminal, thereby maximizing the security enhancement of the terminal and the network. Plural security gateways(300) check integrity of packets transceived to terminals(100) through packet transceiving paths of the terminals connected to a network, and check/cure security of the terminals. A terminal authentication system(400) generates authentication codes for authenticating network connection of the previously registered terminals, and searches optimal security gateways when network connection is requested through the authentication codes by the terminals, then allocates the searched gateways to the terminals.
Abstract translation: 提供一种用于个人便携式嵌入式终端及其系统的安全增强方法,以仅允许经认证的个人便携式嵌入式终端的网络访问,并允许允许的终端通过检查终端的安全性的安全网关连接网络,由此 最大限度地提高终端和网络的安全性。 多个安全网关(300)通过连接到网络的终端的分组收发路径检查收发到终端(100)的分组的完整性,并检查/治愈终端的安全性。 终端认证系统(400)生成用于认证先前注册的终端的网络连接的认证码,并且当通过终端通过认证码请求网络连接时,搜索最佳安全网关,然后将搜索到的网关分配给终端。
-
Patent Agency Ranking
公开(公告)号:KR100785804B1
公开(公告)日:2007-12-13
申请号:KR1020060108362
申请日:2006-11-03
Applicant: 한국전자통신연구원
Abstract: 본 발명에 의한 라우터 하드웨어 플랫폼에서의 침입차단 정책 적용 장치 및 그 방법은 적어도 하나 이상의 침입차단 정책을 관련 정보와 함께 저장하는 정책데이터베이스; 상기 정책데이터베이스에 침입차단 정책을 추가하거나 삭제하는 정책서버; 상기 관련 정보를 참조하여 우선순위에 따라 침입 차단 정책을 적용할 것을 결정하는 시간제어부; 및 상기 시간제어부의 결정에 의한 침입 차단 정책을 라우터하드웨어 플랫폼이 처리하는 데이터에 적용하여 침입을 차단하는 침입차단부;를 포함하는 것을 특징으로 하며, 하드웨어 플랫폼은 네트워크 프로세서가 장착되어 있으며, 정책을 우선순위에 따라 적용하여 네트워크 프로세서내의 마이크로 엔진에서 별도로 우선순서 처리를 할 필요가 없고, 우선순위의 순서에 따라 시간 정보를 메모리 리스트에 저장해 두어 정책을 적용할 시간을 검사하기 위해 데이터베이스의 많은 데이터를 검색하지 않고, 메모리 리스트의 요약 정보만을 검색하여 빠른 우선순위 처리와 정책 적용이 가능하다.
침입차단, 정책 적용-
公开(公告)号:KR100785790B1
公开(公告)日:2007-12-13
申请号:KR1020060081840
申请日:2006-08-28
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1416 , H04L61/2592
Abstract: An intrusion detection supporting device for tunneled packets under IPv4(Internet Protocol version 4)/IPv6 mixed environment and a method therefor are provided to perform intrusion detection for tunneled packets under tunneling environment to an IPv4 network from an IPv6 network and IPv6 tunneling in the IPv4 network, thus intrusion detection for the tunneled packets is available. A decider(110) decides whether received packets are tunneled. If so, a packet converter(120) converts the packets into packet types before being tunneled, and outputs the converted packets to an intrusion detection system, depending on in which part of IPv4 and IPv6 networks the converted packets are included. An alarm collector(140) collects intrusion alarms for the converted packets. A packet manager(130) generates alarm/correspondent information of the received packets based on the intrusion alarms and conversion information on the received packets.
Abstract translation: 提供IPv4(Internet Protocol Version 4)/ IPv6混合环境下的隧道包入侵检测支持设备及其方法,以便在隧道环境下对IPv6网络中的IPv4网络和IPv4中的IPv6隧道进行入侵检测 网络,因此隧道报文的入侵检测可用。 决定器(110)决定接收的分组是否被隧道传送。 如果是这样,则分组转换器(120)在被隧道化之前将分组转换成分组类型,并且根据IPv4和IPv6网络中包含转换的分组的哪一部分将转换的分组输出到入侵检测系统。 报警收集器(140)收集转换的数据包的入侵报警。 分组管理器(130)基于接收到的分组的入侵报警和转换信息,生成接收到的分组的报警/通信信息。
-
公开(公告)号:KR100759819B1
公开(公告)日:2007-09-18
申请号:KR1020060047542
申请日:2006-05-26
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1416 , H04L61/6059 , H04L69/22
Abstract: An apparatus and a method for inspecting the extension header of an IPv6(Internet Protocol version6) packet are provided to enable a user to perform inspection for a packet as the user wants by enabling rule technique for inspecting the extension header of the IPv6 packet and apply the rule technique to invasion detection, invasion interception, and a fire wall. An apparatus for inspecting the extension header of an IPv6(Internet Protocol version6) packet(110) comprises the followings: a rule representing unit(10) which represents an inspection rule including at least one inspection condition for the extension header; and an inspection unit(12) which inspects the extension header of the IPv6(Internet Protocol version6) packet according to the inspection rule. The inspection rule is represented by a tag including an extension header type identifier, a comparing item identifier of the extension header, and a comparing expression for inspecting the comparing item.
Abstract translation: 提供了一种用于检查IPv6(因特网协议版本6)分组的扩展报头的装置和方法,以使用户能够通过启用规则技术来检查IPv6分组的扩展报头并应用 入侵检测,入侵拦截和防火墙的规则技术。 一种用于检查IPv6(因特网协议版本6)分组(110)的扩展报头的装置包括以下:表示单元(10)的规则,其表示检查规则,其包括用于扩展报头的至少一个检查条件; 以及根据检查规则检查IPv6(因特网协议版本6)分组的扩展报头的检查单元(12)。 检查规则由包括扩展头类型标识符,扩展头的比较项标识符和用于检查比较项的比较表达式的标签表示。
-
公开(公告)号:KR1020070060869A
公开(公告)日:2007-06-13
申请号:KR1020050121004
申请日:2005-12-09
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1425 , H04L43/16 , H04L63/0227
Abstract: A method and an apparatus for detecting an abnormal packet are provided to minimize damage of a network caused by a buffer overflow attack by quickly detecting a worm in a wide area network. A session management unit(120) determines whether a packet is the first packet after a session is established between a transmission server and a reception server. In case the packet is the first packet, an abnormal packet detecting unit(130) detects whether the packet satisfies a security policy. When the packet is determined not to satisfy the security policy, a notifying unit(160) notifies that the packet is an abnormal packet.
Abstract translation: 提供了用于检测异常分组的方法和装置,以通过快速检测广域网中的蠕虫来最小化由缓冲器溢出攻击引起的网络损坏。 会话管理单元(120)在传输服务器和接收服务器之间建立会话之后确定分组是否是第一分组。 在分组是第一分组的情况下,异常分组检测单元(130)检测分组是否满足安全策略。 当分组被确定为不满足安全策略时,通知单元(160)通知该分组是异常分组。
-
公开(公告)号:KR1020070024957A
公开(公告)日:2007-03-08
申请号:KR1020050080628
申请日:2005-08-31
Applicant: 한국전자통신연구원
Abstract: An apparatus and a method for intercepting packets are provided to carry out packet processing, such as packet interception, under an IPv6 network environment just as a network manager intended, even though the address of a node within an internal network, a state of the node or an address prefix is changed. An apparatus for intercepting packets comprises a network address management part(210), a host address management part(220), a receiving part(230), an updating part(240), and a packet processing part(250). The network address management part(210) intercepts and manages the packets supplied to an internal network from an external network. The host address management part(220) intercepts or manages packets in transmitting packets to a host from an external network. The receiving part(230), in case a network address is changed into the IP address of a host in an internal network or a network prefix is changed, receives an IP address change notification or a network prefix change notification. The updating part(240) updates the network address management part(210) and the host address management part(220) when the receiving part(230) receives the IP address change notification or the network prefix change notification. In transmitting packets to an internal network from an external network, the packet processing part(250) intercepts packets if the validity of the network prefix expired. However, in case the network prefix is valid, the packet processing part(250) transmits packets on the basis of the updated network address management part(210).
Abstract translation: 提供一种用于截取分组的装置和方法,用于在IPv6网络环境下像网络管理者一样进行分组处理,例如分组拦截,即使内部网络中的节点的地址,节点的状态 或更改地址前缀。 拦截分组的装置包括网络地址管理部分(210),主机地址管理部分(220),接收部分(230),更新部分(240)和分组处理部分(250)。 网络地址管理部分(210)拦截并管理从外部网络提供给内部网络的分组。 主机地址管理部分(220)拦截或管理从外部网络向主机发送分组的分组。 在网络地址改变为内部网络中的主机的IP地址或网络前缀的情况下,接收部分(230)被改变,接收IP地址改变通知或网络前缀改变通知。 当接收部分(230)接收到IP地址改变通知或网络前缀改变通知时,更新部分(240)更新网络地址管理部分(210)和主机地址管理部分(220)。 在从外部网络向内部网络发送分组时,如果网络前缀的有效性已过期,则分组处理部分(250)拦截分组。 然而,在网络前缀有效的情况下,分组处理部(250)基于更新后的网络地址管理部(210)发送分组。
-
-
-
-
-
-
-
-
-
Search Results
160
records
(took 0.03 seconds)
