-
公开(公告)号:KR1020100062789A
公开(公告)日:2010-06-10
申请号:KR1020090021065
申请日:2009-03-12
Applicant: 한국전자통신연구원
IPC: H04N21/25
CPC classification number: H04N21/47205 , H04N21/42684 , H04N21/433 , H04N21/437 , H04N21/4532 , H04N21/458 , H04N21/4627
Abstract: PURPOSE: A contents management method in the bidirectional digital broadcasting system is provided, which stores the broadcasting contents of the IPTV safely, registers the broadcasting contents in server, and provides the reading service of the broadcasting contents to other users, therefore, the contents management method activates the contents service usage of the IP network like the IPTV service. CONSTITUTION: A client terminal 1 transmits the require-message for the individual safety information request through the IP net to the contents managing server(S200). The contents managing server analyzes the require-message(S202). If the client of the client terminal 1 is a proper client, and then the contents managing server transmits the individual security information to the client terminal 1(S204,S206), the client terminal 1 stores the individual security information(S208).
Abstract translation: 目的:提供双向数字广播系统中的内容管理方法,其安全地存储IPTV的广播内容,将广播内容登记在服务器中,并向其他用户提供广播内容的读取服务,因此内容管理 方法激活IP网络的内容服务使用,如IPTV服务。 构成:客户终端1通过IP网络向内容管理服务器发送用于各个安全信息请求的请求消息(S200)。 内容管理服务器分析需求消息(S202)。 如果客户终端1的客户端是正确的客户端,然后内容管理服务器将个人安全信息发送给客户终端1(S204,S206),则客户终端1存储个人安全信息(S208)。
-
公开(公告)号:KR1020100054697A
公开(公告)日:2010-05-25
申请号:KR1020090024143
申请日:2009-03-20
Applicant: 한국전자통신연구원
CPC classification number: H04L9/0618
Abstract: PURPOSE: An encrypting method and a decrypting method of data are provided to keep transmission bandwidth of video stream without padding by applying length of data same with length of the video stream to the system in which needs quick encoding. CONSTITUTION: Initial value for encryption and encryption key is instituted(S201). A plain text partitions code calculation size to a plurality of blocks(S202). It is allocated in the plaintext block in which the block number variable partitions. Block number variable is allocated on the separated plain text. The plain text block is successively selected based on the block number variable(S203). The block number variable of the selected plaintext block is checked(S204). If plain text block is a first plaintext block, initial value and encryption key are input on a encryption device(S205). A calculation result of exclusive logical sum is inputted to the encryption device(S208). An encrypted text block is obtained the same size of the final plain text block(S209).
Abstract translation: 目的:提供数据的加密方法和解密方法,通过将与视频流长度相同的数据长度应用于需要快速编码的系统,以保持视频流的传输带宽,无需填充。 构成:建立加密和加密密钥的初始值(S201)。 明文将码计算大小分割成多个块(S202)。 它在明文块中分配,其中块号变量分区。 块号变量在分离的纯文本上分配。 基于块号变量连续选择明文块(S203)。 检查所选明文块的块号变量(S204)。 如果明文块是第一明文块,则在加密装置上输入初始值和加密密钥(S205)。 排除逻辑和的计算结果被输入到加密装置(S208)。 获得与最终纯文本块相同大小的加密文本块(S209)。
-
公开(公告)号:KR100936937B1
公开(公告)日:2010-01-14
申请号:KR1020070133673
申请日:2007-12-18
Applicant: 한국전자통신연구원
CPC classification number: G06F21/6227 , G06F17/30533
Abstract: 본 발명은 데이터베이스(database)의 테이블의 컬럼(column)을 구성하는 숫자 데이터에 대하여, 버킷(bucket) ID 변환을 이용하여 안전하게 암호화하여 저장하고 효율적으로 검색함을 목적으로 한다. 본 발명에서 제안하는 기술은 데이터베이스에 숫자 데이터를 암호화(Encryption)하고 복호화(Decryption)함에 있어서, 안전성을 최대화하여 저장하고 성능저하를 최소화하여 검색할 수 있는 방법에 관한 것이다.
전처리, 암호화, 복호화, 후처리-
公开(公告)号:KR100935372B1
公开(公告)日:2010-01-06
申请号:KR1020070133515
申请日:2007-12-18
Applicant: 한국전자통신연구원
Abstract: 본 발명은 라인달 알고리즘을 이용한 암호화 및 복호화 기술에 관한 것으로, 라인달 암호화 및 복호화를 수행하기 위해 입력된 비트를 1바이트씩 시프트로우 및 역시프트 로우 변환을 통하여 출력하는 시프트/역시프트 로우 모듈과, 시프트/역시프트 로우 모듈로부터 입력된 1바이트에 대한 암호화를 위해 하나의 S-box를 이용하여 바이트 치환 변환을 수행하는 바이트 치환 모듈과, 시프트/역시프트 로우 모듈로부터 입력된 1바이트에 대한 복호화를 위해 하나의 역 S-box를 이용하여 역바이트 치환 변환을 수행하는 역바이트 치환 모듈과, 바이트/역바이트 치환된 값을 입력받아 바이트 단위로 왼쪽 원순환 하면서 믹스/역믹스 칼럼 변환을 수행하여 1바이트 출력을 발생하는 믹스/역믹스 칼럼 변환 모듈과, 믹스/역믹스 칼럼 변환 모듈로부터 초기 입력 비트 값을 모두 수신한 경우, 시프트/역시프트 로우 모듈에 초기 입력 비트 값을 재입력하고, 기설정된 횟수로 초기 입력 비트 값의 입출력을 수행하는 입출력 레지스터와, 기설정된 횟수의 입출력을 하나의 라운드로 설정하여 기설정된 횟수만큼의 라운드를 수행하고, 하나의 라운트 키를 1바이트 단위로 나누어 출력하는 라운드 키 생성기를 포함하는 것을 특징으로 한다.
라인달(Rijndael) 알고리즘. 암호화, 복호화, 라운드 키 생성기-
公开(公告)号:KR100875931B1
公开(公告)日:2008-12-26
申请号:KR1020070052931
申请日:2007-05-30
Applicant: 한국전자통신연구원
IPC: H04L12/22 , H04L12/781 , H04L12/56 , H04L29/06
Abstract: A unified security apparatus for supporting IP packets and a method thereof are provided to enable permission/filtering to be applied to an IPv4 packet and an IPv6 packet by physically using a single chipset when a dual stack scheme and a permission/filtering rule are applied. A unified security apparatus for supporting IP packets includes a packet classifier(210), a key generator(220), a lookup engine(230), and an intrusion response unit(240). The packet classifier classifies an IPv4 packet and an IPv6 packet based on version information in header information of an input IP packet. The key generator generates header information corresponding to the IPv4 packet or the IPv6 packet classified by the packet classifier and generates a discrimination key corresponding to the IPv4 packet or the IPv6 packet based on the generated header information. The lookup engine includes two banks(231,232). Different bits are assigned to the two banks. An IPv4 security policy and an IPv6 security policy are recorded in the lookup engine. In this way, both an IPv4 packet and an IPv6 packet can be searched in the current embodiment by physically using a single lookup engine. The intrusion response unit includes a packet filtering unit(241) and a bandwidth controller(242). The packet filtering unit decides a lookup key, which is a key value corresponding to the security policy established in the first bank or the second bank, and if the lookup key matches the discrimination key generated according to the IPv4 packet or the IPv6 packet by the key generator, the packet filtering unit discards or transmits the packet according to the security policy. The bandwidth controller decides a lookup key, which is a key value corresponding to the security policy established in the first bank or the second bank, and if the lookup key matches the discrimination key, the bandwidth controller controls a bandwidth according to the security policy.
Abstract translation: 提供了一种用于支持IP分组的统一安全装置及其方法,以在应用双栈方案和许可/过滤规则时,通过物理上使用单个芯片组来允许对IPv4分组和IPv6分组应用允许/过滤。 用于支持IP分组的统一安全装置包括分组分类器(210),密钥生成器(220),查找引擎(230)和入侵响应单元(240)。 分组分类器基于输入IP分组的头部信息中的版本信息对IPv4分组和IPv6分组进行分类。 密钥生成器生成对应于由分组分类器分类的IPv4分组或IPv6分组的报头信息,并基于生成的报头信息生成与IPv4分组或IPv6分组对应的鉴别密钥。 查找引擎包括两个银行(231,232)。 不同的位分配给两个银行。 在查找引擎中记录IPv4安全策略和IPv6安全策略。 这样,在当前实施例中可以通过物理上使用单个查找引擎来搜索IPv4分组和IPv6分组。 入侵响应单元包括分组过滤单元(241)和带宽控制器(242)。 分组过滤单元决定作为与在第一组或第二组中建立的安全策略对应的密钥值的查找密钥,并且如果查找密钥与根据IPv4分组或IPv6分组所生成的鉴别密钥匹配 密钥生成器,分组过滤单元根据安全策略丢弃或发送分组。 带宽控制器决定查找关键字,该查找关键字是与在第一库或第二库中建立的安全策略对应的关键值,并且如果查找关键字与鉴别关键字匹配,则带宽控制器根据安全策略控制带宽。
-
Patent Agency Ranking
公开(公告)号:KR1020080029687A
公开(公告)日:2008-04-03
申请号:KR1020060096590
申请日:2006-09-29
Applicant: 한국전자통신연구원
CPC classification number: G06F21/602 , G06F21/72 , G06F21/85 , H04L9/08
Abstract: An encryption apparatus of high capacity and speed utilizing a memory unit having an encryption function, and an implementation method thereof are provided to prevent a bottleneck state of a bus by performing the encryption within the memory unit directly. A general memory(110) stores data required to be encrypted according to a requirement of a user application program. An encryption processing memory(120) is inserted into a slot having the same I/O standards to the general memory, performs encryption operations and encryption key control operations independently by an embedded encryption function unit(125) by copying the data as general speed between memory units, and copies the data into the general memory. The encryption function unit is realized in the encryption processing memory unit as a separated chip, and performs encryption operations for the data based on an encryption key assigned according to the encryption key management policy.
Abstract translation: 提供了利用具有加密功能的存储单元的高容量和高速度的加密装置及其实现方法,以通过直接在存储器单元内执行加密来防止总线的瓶颈状态。 通用存储器(110)根据用户应用程序的要求存储要加密的数据。 将加密处理存储器(120)插入到具有相同I / O标准的插槽中,作为一般存储器,通过嵌入式加密功能单元(125)独立地执行加密操作和加密密钥控制操作, 存储单元,并将数据复制到通用存储器中。 加密功能单元作为分离的芯片在加密处理存储器单元中实现,并且基于根据加密密钥管理策略分配的加密密钥对数据执行加密操作。
-
公开(公告)号:KR1020080029602A
公开(公告)日:2008-04-03
申请号:KR1020060096436
申请日:2006-09-29
Applicant: 한국전자통신연구원
CPC classification number: G06F21/602 , G06F17/271 , G06F17/2735
Abstract: A method and an apparatus for preventing confidential documents from leaking are provided to make it possible to construct a selective monitoring system which allows a user to check content of data, and to perform a monitoring or a real time intercepting for unregistered confidential documents which were not monitored in the conventional. An apparatus for preventing confidential documents from leaking comprises a document collector(115), a controller(113), a monitoring & intercepting unit(112), a storage unit(114) and an input/output unit(I/O)(111). The document collector collects documents from all the supporting monitoring ends. The controller learns knowledge on confidential documents for recognizing whether a document is confidential with respect to all the collected documents, and determines whether the document is confidential on the basis of a secret detection algorithm in accordance with the learned knowledge on the confidential documents. The monitoring & intercepting unit monitors whether documents leak at all the monitoring ends and intercepts the confidential documents determined by the controller. The storage unit stores information on a model generated according as the knowledge on the collected secret documents is learned. The input/output unit transmits and receives all kinds of information related to the prevention of reveal of confidential documents.
Abstract translation: 提供了一种防止机密文件泄露的方法和装置,以便构建一种选择性监视系统,该系统允许用户检查数据内容,并对未注册的机密文档执行监视或实时拦截 在常规监控。 防止机密文件泄露的装置包括文件收集器(115),控制器(113),监视和拦截单元(112),存储单元(114)和输入/输出单元(I / O) )。 文档收集器从所有支持的监控端收集文档。 控制人掌握关于机密文件的知识,以识别文件对所有收集到的文件是否保密,并根据机密文件的知识知识,根据秘密检测算法确定文档是否是机密的。 监控单位监控所有监控端的文件是否泄漏,截取控制器确定的机密文件。 存储单元存储关于根据收集的秘密文档的知识生成的模型的信息。 输入/输出单元发送和接收与防止机密文档的揭露有关的各种信息。
-
公开(公告)号:KR100819049B1
公开(公告)日:2008-04-02
申请号:KR1020060123413
申请日:2006-12-06
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1416 , H04L43/045
Abstract: An apparatus for analyzing and coping with an intrusion situation and a method for expressing attack detection alarms as an N-dimensional correlation graph are provided to enable a manager to intuitively recognize and cope with an intrusion situation by expressing an attack situation, its stages, and correlated attacks as a two or three-dimensional graph. An apparatus for analyzing and coping with an intrusion situation comprises the first analysis part(107) and the second analysis part(109). The first analysis part collects attack detection alarms from network alarm devices, classifies them, and expresses results as a three-dimensional graph. The second analysis part receives the results, executes vector conversion to project the three-dimensional graph onto a two-dimensional graph, and analyzes the correlations of attacks. The first analysis part comprises an attack detection alarm collection part, a classification part, and an N-dimensional express analysis part. The attack detection alarm collection part collects attack detection alarms. The classification part classifies the collected attack detection alarms according to attack stages and attack situations. The N-dimensional express analysis part outputs each classified attack stage as a three-dimensional graph.
Abstract translation: 提供一种用于分析和应对入侵情况的装置以及用于将攻击检测报警表示为N维关联图的方法,以使管理者能够直观地识别和处理入侵情况,通过表达攻击情况,其阶段和 相关攻击为二维或三维图。 用于分析和处理入侵情况的装置包括第一分析部分(107)和第二分析部分(109)。 第一个分析部分从网络报警装置收集攻击检测报警,对其进行分类,并将结果表示为三维图。 第二分析部分接收结果,执行向量转换,将三维图投影到二维图上,并分析攻击的相关性。 第一分析部分包括攻击检测报警收集部分,分类部分和N维表达分析部分。 攻击检测报警采集部分收集攻击检测报警。 分类部分根据攻击阶段和攻击情况对收集的攻击检测报警进行分类。 N维表达分析部分将每个分类的攻击阶段输出为三维图。
-
59.发明授权
公开(公告)号:KR100813035B1
公开(公告)日:2008-03-14
申请号:KR1020060099877
申请日:2006-10-13
Applicant: 한국전자통신연구원
IPC: G01N33/48
Abstract: A sensor node, an apparatus and a method for an early warning red tide are provided to make a rapid and accurate alarm by detecting the movement of the red time in real time and obtain information such as seawater temperature and salinity in real time when the red tide generates, thereby reducing damage caused by diffusion of the early red tide and finding out an accurate cause of the red tide. A sensor node of a sensor network for an early warning red tide comprises: a red tide detecting sensor(210) which detects generation of the red tide by collecting toxicity information when the red tide is generated; a sensor for base materials(220) which collects causes of the red tide generation such as seawater temperature and salinity and expected materials; and a red tide determining and controlling portion(230) which receives the red tide generation signal and collected information and materials from the red tide detecting sensor and the sensor for base materials to determine the existence of the red tide and send the determining result and the received information through a node communication portion(240). An apparatus for an early warning red tide comprises: a sensor network for an early warning red tide having a plurality of the sensor nodes; and a control station(300) which determines whether a red tide alarming is required by receiving the information collected by the sensor nodes, manages the sensor nodes and requires additional information to the sensor nodes. A method for early warning of red tide comprises the steps of: (a) detecting in real time red tide and base materials using the red tide detecting sensor and the base material sensor of each of the sensor nodes; (b) transmitting the information of the red tide detecting sensor to the red tide determining and controlling portion; (c) determining the existence of the red tide using the information of the red tide detecting sensor and base material sensor, and other sensor nodes information obtained by using the sensor communication receiving information; (d) delivering the red tide information to other sensor nodes and delivering the information of the red tide detecting sensor and the base material detecting sensor to the control station; and (e) making a red tide alarm using the information of the sensor nodes delivered to the control station and manages the sensor network by central control to obtain further information from the control station.
Abstract translation: 提供了一种用于预警红潮的传感器节点,装置和方法,通过实时检测红色时间的移动实时快速准确地报警,实时获取海水温度和盐度等信息。 潮汐产生,从而减少早期红潮扩散造成的损害,并找出红潮的准确原因。 一种用于预警红潮的传感器网络的传感器节点包括:红潮检测传感器(210),其在产生红潮时通过收集毒性信息来检测红潮的产生; 用于收集红潮产生原因的基础材料(220)的传感器,例如海水温度和盐度以及预期的材料; 以及红潮判定和控制部分(230),其接收来自红潮检测传感器和基础传感器的红潮生成信号和收集的信息和材料,以确定红潮的存在并发送确定结果和 通过节点通信部分(240)接收信息。 一种用于早期预警红潮的装置包括:用于具有多个传感器节点的早期预警红潮的传感器网络; 以及控制站(300),其通过接收由所述传感器节点收集的信息来确定是否需要红潮报警,管理所述传感器节点并且需要附加信息给所述传感器节点。 红潮预警方法包括以下步骤:(a)使用红潮检测传感器和每个传感器节点的基材传感器实时检测红潮和基材; (b)将红潮检测传感器的信息传送到红潮判定和控制部分; (c)使用红潮检测传感器和基材传感器的信息以及通过使用传感器通信接收信息获得的其他传感器节点信息来确定红潮的存在; (d)将红潮信息传递给其他传感器节点,并将红潮检测传感器和基材检测传感器的信息传送到控制站; 和(e)使用传送到控制站的传感器节点的信息进行红潮报警,并通过中央控制来管理传感器网络,以从控制站获取进一步的信息。
-
公开(公告)号:KR100744544B1
公开(公告)日:2007-08-01
申请号:KR1020050120994
申请日:2005-12-09
Applicant: 한국전자통신연구원
CPC classification number: H04N7/163 , H04N21/25875 , H04N21/4415 , H04N21/4532 , H04N21/84
Abstract: 본 발명은 모바일 RFID 환경에서의 성인 인증 시스템 및 그 방법에 관한 것으로, 보다 상세하게는 개인정보보호 기능이 강화된 성인 인증 시스템 및 그 방법에 관한 것이다.
본 명세서에서 개시하는 모바일 RFID 환경에서의 성인 인증 시스템은 RFID 태그, 사용자 단말, 성인 인증 요청 처리기, 그리고 CP(Contents Provider)로 구성되며, 성인 컨텐츠의 RFID 태그에 기록된 성인인증 등급 정보를 독출하는 등급 정보 독출부; 상기 독출된 등급 정보의 최종 등급을 결정하는 성인인증 등급 결정부; 및 상기 결정된 최종 등급과 상기 단말 사용자의 연령을 근거로 상기 최종 등급에 해당하는 성인 컨텐츠를 상기 단말의 사용자에게 제공해도 되는지의 여부를 판단하는 서비스 등급 인증 유효성 검사부를 포함하여 본 발명의 기술적 사상을 구체화하고 본 발명의 목적 및 기술적 과제를 달성한다.
-
-
-
-
-
-
-
-
-
Search Results
135
records
(took 0.024 seconds)
