-
公开(公告)号:KR1020120053451A
公开(公告)日:2012-05-25
申请号:KR1020110030754
申请日:2011-04-04
Applicant: 한국전자통신연구원
Abstract: PURPOSE: A privacy masking device for vehicles and a method of protecting the privacy using the same are provided to protect a privacy of passengers through detecting an area to be masked using characteristics of inside the vehicles. CONSTITUTION: A privacy masking device for vehicles comprises a formation module of a masking area(10), a masking run-time module(20), a key management module(30), and an exterior interface(40). The formation module of a masking area sets the area to be masked in a video of inside the vehicles. The masking run-time module makes a masking video with masking the area to be masked by a key generated. The key management module manages a making key for masking the area in the video. The exterior interface connects an exterior storage medium, a hardware device and the privacy masking device.
Abstract translation: 目的:提供一种用于车辆的隐私遮蔽装置和使用其的隐私保护方法,以通过使用车辆内部的特征来检测要被遮蔽的区域来保护乘客的隐私。 构成:用于车辆的隐私掩蔽装置包括掩蔽区域(10)的形成模块,掩蔽运行时模块(20),密钥管理模块(30)和外部接口(40)。 掩蔽区域的形成模块将要掩蔽的区域设置在车辆内部的视频中。 屏蔽运行时模块制作一个屏蔽视频,屏蔽要产生的键屏蔽的区域。 密钥管理模块管理用于屏蔽视频中的区域的制作密钥。 外部接口连接外部存储介质,硬件设备和隐私遮蔽设备。
-
公开(公告)号:KR1020120052637A
公开(公告)日:2012-05-24
申请号:KR1020100113891
申请日:2010-11-16
Applicant: 한국전자통신연구원
IPC: G08B13/194 , G06T7/20 , G08B25/08 , G08B25/10
CPC classification number: H04N7/18 , G06K9/00295 , G06K9/00771
Abstract: PURPOSE: An object tracking apparatus of an image recording apparatus, a method thereof, and a security management system using the same are provided to transmit information with respect to an object to a security management server, thereby tracking the object on a real time basis by communicating with cameras. CONSTITUTION: An image recognition module(200) collects image information within an FOV(Field Of View) region on a real time basis. An object which causes an accident is extracted after detecting the accident through the collected image information. The image recognition module detects the extracted object deviating from the FOV region. An object tracking module(210) extracts properties of the object from the extracted object in order to create meta data. The meta data is stored in a database(220). The object tracking module supplies the meta data stored in the database according to a detection result of the image recognition module.
Abstract translation: 目的:提供一种图像记录装置的对象跟踪装置,其方法和使用其的安全管理系统,以将关于对象的信息发送到安全管理服务器,从而基于实时跟踪对象 与相机通讯。 构成:图像识别模块(200)实时地在FOV(视野)区域内收集图像信息。 在通过收集的图像信息检测到事故之后,提取导致事故的物体。 图像识别模块检测提取的物体偏离FOV区域。 对象跟踪模块(210)从提取的对象中提取对象的属性以便创建元数据。 元数据存储在数据库(220)中。 对象跟踪模块根据图像识别模块的检测结果提供存储在数据库中的元数据。
-
公开(公告)号:KR1020100043561A
公开(公告)日:2010-04-29
申请号:KR1020080102647
申请日:2008-10-20
Applicant: 한국전자통신연구원
CPC classification number: G06F21/6218
Abstract: PURPOSE: An apparatus and a method for security management of an information terminal are provided to protect an information terminal from a security threat situation automatically even through a static security policy is not considered. CONSTITUTION: A security manager(10) sets up a security policy for each domain based on domain classification information. When a user process accesses another domain after approaching one domain, an access controller(20) controls the access to another domain by confirming the access allowance to the user process for another domain according to the security policy. A hooking unit(40) hooks a system call command requesting the access to the domain and transfers the command to the access control unit.
Abstract translation: 目的:提供一种用于信息终端安全管理的装置和方法,即使不考虑静态安全策略,也能自动保护信息终端免受安全威胁的影响。 构成:安全管理员(10)根据域分类信息为每个域设置安全策略。 当用户进程在接近一个域之后访问另一个域时,根据安全策略,访问控制器(20)通过确认另一个域的用户进程的访问限制来控制对另一个域的访问。 挂钩单元(40)钩住请求访问域的系统调用命令,并将该命令传送到访问控制单元。
-
公开(公告)号:KR1020100026200A
公开(公告)日:2010-03-10
申请号:KR1020080085110
申请日:2008-08-29
Applicant: 한국전자통신연구원
CPC classification number: G06F21/85 , G06F21/606
Abstract: PURPOSE: An apparatus for managing information security of a wireless terminal and a method thereof are provided to prevent important information stored in the wireless terminal from being leaked to an external USB terminal. CONSTITUTION: A signature information DB(330) stores a critical information signature about the of a wireless terminal(100) and an external device(200). A security management unit(320) analyzes a traffic which is transmitted and received between the wireless terminal and the external device in real time. A USB(Universal Serial Bus) interface(310) transmits and receives a signal with the wireless terminal / external device using USB communications protocol.
Abstract translation: 目的:提供一种用于管理无线终端的信息安全的装置及其方法,以防止存储在无线终端中的重要信息泄漏到外部USB终端。 构成:签名信息DB(330)存储关于无线终端(100)和外部设备(200)的关键信息签名。 安全管理单元(320)实时分析在无线终端与外部设备之间发送和接收的业务。 USB(通用串行总线)接口(310)使用USB通信协议与无线终端/外部设备发送和接收信号。
-
公开(公告)号:KR1020080051960A
公开(公告)日:2008-06-11
申请号:KR1020060123844
申请日:2006-12-07
Applicant: 한국전자통신연구원
IPC: H04L29/10
CPC classification number: H04L69/321 , H04Q11/0067
Abstract: A gigabit Ethernet line interface apparatus is provided to form many physical link ports through connecting with a network processor in a gigabit Ethernet linecard having a physical link interface and a system interface. A gigabit Ethernet line interface apparatus includes at least two physical link ports(112,116) selectively transmitting after converting inputted at least one gigabit Ethernet optical signal data to an electric signal. The physical link ports outputs after converting inputted at least one electric signal data to a gigabit Ethernet optical signal. At least two system interfaces is connected to a gigabit network processor card with a plurality connection interface to selectively output the electric signal data inputted through the physical link port to the gigabit network processor card. The system interfaces outputs data inputted from the gigabit network processor card through the connection interfaces to the physical link port. A mode setting unit(130) sets a communication channel ratio between the physical link port and the gigabit network processor card.
Abstract translation: 提供千兆以太网线路接口装置,通过与具有物理链路接口和系统接口的千兆以太网线卡中的网络处理器连接来形成许多物理链路端口。 吉比特以太网线路接口装置包括至少两个物理链路端口(112,116),其在将至少一个千兆以太网光信号数据输入到电信号之后有选择地发送。 在将至少一个电信号数据输入到千兆以太网光信号之后,物理链路端口输出。 至少两个系统接口连接到具有多个连接接口的千兆网络处理器卡,以选择性地将通过物理链路端口输入的电信号数据输出到千兆网络处理器卡。 系统接口通过连接接口将从吉比特网络处理器卡输入的数据输出到物理链路端口。 模式设置单元(130)设置物理链路端口和千兆位网络处理器卡之间的通信信道比。
-
Patent Agency Ranking
公开(公告)号:KR100617316B1
公开(公告)日:2006-08-30
申请号:KR1020040095910
申请日:2004-11-22
Applicant: 한국전자통신연구원
Abstract: 본 발명은 IXDP2400에서의 IPSec 엔진 구현 방법에 관한 것으로, IXDP2400에서의 IPSec 엔진 구현 장치에 있어서, 전송받은 패킷 정보를 이용하여 패킷의 IP 헤더의 목적지 주소가 자신인 인바운드 패킷과 자신이 아닌 아웃바운드 패킷으로 분류하고, 상기 인바운드 패킷과 아웃바운드 패킷에 대한 IPSec 처리가 필요한지 여부를 판단하며, 상기 인바운드 패킷과 아웃바운드 패킷 중에서 IPSec 처리가 수행된 패킷과 상기 아웃바운드 패킷중에서 IPSec 처리가 필요하지 않은 패킷에 대한 패킷 포워딩을 수행하는 라우터 마이크로블록; 상기 라우터 마이크로블록에서 인바운드 패킷이고 IPSec 처리가 필요하다고 판단되는 경우에 상기 라우터 마이크로블록으로부터 패킷 정보를 전송받아 전송받은 패킷에 IPSec 처리를 수행하여 상기 라우터 마이크로블록으로 다시 전송하는 인바운드 IPSec 처리 마이크로블록; 및 상기 라우터 마이크로블록에서 아웃바운드 패킷이고 IPSec 처리가 필요하다고 판단되는 경우에 상기 라우터 마이크로블록으로부터 패킷 정보를 전송받아 전송받은 패킷에 IPSec 처리를 수행하여 상기 라우터 마이크로블록으로 다시 전송하는 아웃바운드 IPSec 처리 마이크로블록;으로 구성된다. 따라서, IPSec 처리가 필요한 패킷과 필요 없는 패킷을 따로 분리하여 처리함으로써 IPSec 처리가 필요하지 않은 일반 패킷의 처리 속도에는 거의 영향을 주지 않고 IPSec 엔진을 구현할 수 있다.
-
公开(公告)号:KR100449488B1
公开(公告)日:2004-09-22
申请号:KR1020020028077
申请日:2002-05-21
Applicant: 한국전자통신연구원
IPC: H04L12/733
CPC classification number: H04L45/566 , H04L45/02 , H04L45/32
Abstract: A network using an open shortest path first (OSPF) protocol includes a routing table for transferring an active packet; and a plurality of active nodes. The plurality of active nodes generates an opaque link state advertisement (LSA) having active network topology information and floods the generated opaque LSA to nodes through the OSPF domain. The active nodes also receives an opaque LSA transferred from the nodes and, then, updates the routing table for transferring the active packet based on the received opaque LSA.
Abstract translation: 使用开放最短路径优先(OSPF)协议的网络包括用于传送活动分组的路由表; 和多个活动节点。 多个活动节点生成具有活动网络拓扑信息的不透明链路状态通告(LSA),并且通过OSPF域将生成的不透明LSA洪泛到节点。 主动节点还接收从节点传送的不透明LSA,然后基于接收到的不透明LSA更新用于传送活动分组的路由表。
-
公开(公告)号:KR100439185B1
公开(公告)日:2004-07-05
申请号:KR1020010086925
申请日:2001-12-28
Applicant: 한국전자통신연구원
IPC: H04L12/851
Abstract: PURPOSE: A mixed active network model and a packet processing method in an active network model are provided to classify packets into an 'Aflow' packet, a 'non-Aflow' packet, and a 'sigAflow' packet according to the continuity of a packet delivery cycle, so as to actively load resources necessary for performing active packets on an active node. CONSTITUTION: If an optional packet is received to a packet classifier(S200), the packet classifier decides whether a protocol field of a header of the packet is set as active(S202). If not, the packet classifier regards the received packet as a general IP(Internet Protocol) packet(S204), and if set as active, the packet classifier regards the received packet as an active packet(S206). The active packet is provided to a flow classifier(S208). The flow classifier decides whether the packet matches with a demux key field(S210). If so, the flow classifier classifies the packet as an 'Aflow' packet(S212). If the packet does not match with the demux key field, a performance environment block detects a type field of the active packet header(S214). If a detected type value is '0'(S216), the performance environment block classifies the packet as a 'sigAflow' packet(S218). And if the detected type value is '2'(S220), the performance environment block classifies the packet as a 'non-Aflow' packet(S222).
Abstract translation: 目的:提供主动网络模型中的混合主动网络模型和分组处理方法,以根据分组的连续性将分组分类为'Aflow'分组,'非Aflow'分组和'sigAflow'分组 交付周期,从而主动加载在主动节点上执行活动分组所需的资源。 构成:如果可选分组被接收到分组分类器(S200),则分组分类器判定分组的标题的协议字段是否被设置为有效(S202)。 如果不是,则分组分类器将接收到的分组视为普通IP(互联网协议)分组(S204),并且如果设置为激活,则分组分类器将接收到的分组视为活动分组(S206)。 活动分组被提供给流分类器(S208)。 流分类器决定分组是否与解复用密钥字段匹配(S210)。 如果是,则流分类器将分组分类为“Aflow”分组(S212)。 如果分组与解复用密钥字段不匹配,则性能环境块检测活动分组报头的类型字段(S214)。 如果检测到的类型值是'0'(S216),则性能环境块将该分组分类为'sigAflow'分组(S218)。 如果检测到的类型值是'2'(S220),则性能环境块将该分组分类为“非Aflow”分组(S222)。
-
公开(公告)号:KR100422802B1
公开(公告)日:2004-03-12
申请号:KR1020010054398
申请日:2001-09-05
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/0236 , H04L63/1416
Abstract: Disclosed are a system and method of sharing intrusion detection information detected at different networks and tracking the intrusion, to thereby defense against the intrusion on a network to which an intruder belongs, and a computer-readable medium storing a program for implementing the above method therein. The system detects an intrusion through the analysis of an input packet, adds information associated with the intrusion into the packet, creates an active packet and transmits the active packet to an address of an intruder, which transmitted the packet. Thereafter, the system tracks the intrusion, for all routes through which the intruder passed based on the active packet, and filters the packet associated with the intruder for the isolation thereof.
Abstract translation: 本发明公开了一种系统和方法,用于共享在不同网络处检测到的入侵检测信息并跟踪入侵,从而防止侵入入侵者所属的网络,以及存储用于实现上述方法的程序的计算机可读介质 。 系统通过分析输入数据包检测入侵,将与入侵相关的信息添加到数据包中,创建活动数据包并将活动数据包发送到发送数据包的入侵者的地址。 此后,系统基于活动分组来追踪入侵者通过的所有路由的入侵,并且过滤与入侵者相关联的分组以用于其隔离。
-
公开(公告)号:KR1020030021338A
公开(公告)日:2003-03-15
申请号:KR1020010054398
申请日:2001-09-05
Applicant: 한국전자통신연구원
IPC: H04L12/22
CPC classification number: H04L63/0236 , H04L63/1416
Abstract: PURPOSE: A security system corresponding to intrusion between networks and a method therefor are provided to share intrusion detection information between inter-different networks, track the intrusion, and perform a correspondence in a network in which an intruder belongs. CONSTITUTION: An IDS(Intrusion Detection System)(102) analyzes a packet, detects intrusion, generates an active packet to which information associated with the intrusion is attached, and transmits the generated active packet to a sender address of an intruder packet. A local network border router(103) is composed as active nodes on a local network(104) of an object attacker and an intruder for tracking the intrusion through the active packet from the IDS(102), filtering a packet associated with the intruder, and isolating the intruder.
Abstract translation: 目的:提供对应于网络入侵的安全系统及其方法,以在不同网络之间共享入侵检测信息,跟踪入侵,并在入侵者所属的网络中执行对应。 构成:IDS(入侵检测系统)(102)分析数据包,检测入侵,生成与入侵相关的信息附加到的活动分组,并将生成的活动分组发送到入侵者分组的发送方地址。 本地网络边界路由器(103)由对象攻击者的本地网络(104)和入侵者组成,用于跟踪来自IDS(102)的活动分组的入侵,过滤与入侵者相关联的分组, 并隔离入侵者。
-
-
-
-
-
-
-
-
-
Search Results
60
records
(took 0.029 seconds)
