Abstract:
PURPOSE: A method of back-tracking an attacker by using log information of edge routers on the Internet is provided to record log information on all packets accessing to inside from edge routers of each network, thereby back-tracking the packets regardless of a changed IP address of the attacker. CONSTITUTION: When an attacker attacks an invasion host, an internal invasion detecting system senses the invasion(201). The system informs a managing server of an internal network of the invasion(202). The managing server inquires of all edge routers of the network to analyze an invasion-detected log corresponding to a trace of the attacker' packet(203), and decides whether the invasion trace is searched through an internal edge router(204). If so, the managing server requests a managing server of other network corresponding to the invasion trace to log-analyze self edge routers(205). If the invasion trace is not searched, the managing server decides that a hacker exists in the internal network(208).
Abstract:
PURPOSE: A method of back-tracking an attacker through session information management applied with code mobility is provided to track a hacker's connection when a direct invasion attack on a host is detected, thereby identifying the host where a hacker substantially exists. CONSTITUTION: A security managing system decides whether an invasion detecting system senses an invasion on a host(510). If so, the system generates a back-tracking sensor(520). The system moves the back-tracking sensor to the invasion-targeted host(530). The back-tracking sensor inquires of a monitoring sensor about previous path information of an attacker(540). The back-tracking sensor receives the previous path information, and decides whether a host exists in a self domain and other domain(550). If so, the system requests a managing server of the other domain to authenticate the back-tracking sensor(560). The back-tracking sensor moves to other host of the other domain(570). The back-tracking sensor inquires of a monitoring sensor mounted on the other host about the next host path, and performs the step '550'(580). If the next host exists in the same domain, the back-tracking sensor informs a security managing server of the host(590).
Abstract:
PURPOSE: A smart contents generating method, a smart contents executing method, and n-screen service method of smart contents have a contents service provider or a contents provider put a contents copyright protection code in protected contents and distribute it, and have a user terminal provide N-screen service through a smart code executor device without an extra DRM agent. CONSTITUTION: A smart content generator (400) converts DRM (Digital Rights Management) agent code to fit a standard of smart contents (410), and generates a smart code (413). User terminals (620,630) play the smart contents through a smart code executor (500). The smart contents include contents protected with a digital copyright management technology (412), metadata including information necessary to user the contents (411), and position information for downloading the smart code for protecting the contents' copyright or the smart code. [Reference numerals] (400) Smart content generator; (410) Smart contents; (411) Meta data; (412) Protected contents; (413) Smart code; (500) Smart contents executor device; (510) Smart contents executor device; (520) Smart agent; (610) Service provider; (620) User terminal #1; (621) Contents player; (630) User terminal #2; (640) User terminal #3; (650) Smart code executor; (660) License server
Abstract:
본 발명은 스케일러블 미디어의 암호화 영역을 선택할 수 있는 스케일러블 미디어 암호화 시스템 및 방법을 제공한다. 본 발명의 스케일러블 미디어 암호화 시스템은 원 영상에서 샘플 영상을 추출하는 추출부; 추출부에서 받은 샘플 영상을 스케일러블 비디오 코딩(scalable video coding; SVC)하는 인코더; 추출부에서 받은 샘플 영상을 SVC 인코딩 및 암호화하는 제1 암호화 인코더; 인코더에서 받은 SVC 영상과 제1 암호화 인코더에서 받은 암호 영상에 대한 PSNR(pick signal-to-noise ratio)를 측정하는 측정부; 및 제1 암호화 인코더로 보안 프로파일을 전달하고 측정부에서 PSNR 결과값을 받는 암호영역 추출관리부를 포함한다. 여기서, 암호영역 추출관리부는 PSNR 결과값이 보안 프로파일에 따른 PSNR 설정값에 근접할 때까지 인코더, 제1 암호화 인코더, 및 측정부의 일련의 동작을 반복 제어하고, PSNR 결과값이 PSNR 설정값에 근접할 때 원 영상에 대하여 결정된 암호 영역 정보를 출력한다. SVC(scalable video coding), 암호화, 암호 영역, 자동, 설정, PSNR(peak signal-to-noise ratio), 암호영역추출
Abstract:
PURPOSE: An encoding/decoding method for supplying hierarchy access control of scalable medium is provided to support OSMU(One Source Multi Use) of DRM(Digital Right Management) by performing hierarchy access control. CONSTITUTION: Protected content is generated by encoding an image of scalable medium to a respectively different key by layer. The protected content is supplied to a first user terminal. An RO1 inserts a part of an encoded key set in a key area of an RO(Right Object). The RO1 is offered to the first user terminal. An RO2 is generated by inserting the encoded key set of the protected content in the key area of the RO.
Abstract:
본 발명은 데이터에 이용되는 단위 문자별로 치역 구간을 갖도록 [n, m] 도메인 구간을 구간 분할 방식으로 분할하는 매핑 함수를 이용하여 데이터를 암호화하고 검색 방법으로서, 이를 위하여 입력 데이터에 대한 암호화 값을 도메인 구간 내의 값을 이용하여 생성한 후 생성된 암호화 값과 입력 데이터의 문자 길이를 데이터베이스에 저장하고, 검색어가 입력됨에 따라 도메인 구간에서 검색어의 첫 번째 단위 문자에 대응되는 치역 구간을 검색한후 검색된 치역 구간을 단위 문자별로 구간을 갖도록 구간 분할 방식으로 분할한 후 검색어의 다음 문자에 대한 치역 구간을 검색된 치역 구간에서 검색하는 방식으로 검색어의 최종 문자에 대한 치역 구간을 검색하며, 데이터베이스에 저장된 암호화 값들 중 검색된 검색어의 최종 문자에 대한 치역 구간에 대응되는 값을 검색한다. 이와 같이, 본 발명은 데이터베이스 시스템에 적용되어 고객 정보를 데이터베이스에 저장하고 검색할 때, 저장된 데이터에 대한 안전성은 물론, 데이터 검색 (일치검색, 범위검색, COUNT 등) 시에도 효율적으로 검색결과를 제공할 수 있는 효과가 있다. 암호화, 일치 검색, 버킷, 변환
Abstract:
PURPOSE: A scalable media encryption system and method are provided to automatically select an encryption area according to a PSNR set value. CONSTITUTION: A sample image extractor(102) extracts a sample image from an original image. An SVC(Scalable Video Coding) encoder(104) performs the SVC of the sample image. A first SVC encryption encoder(105) encodes the SVC encryption of the sample image. A PSNR(Pick Signal-to-Noise Ratio) measuring unit(108) measures the PSNR of the SVC image and the encrypted image. An encrypted area extracting/managing unit(110) transfers a security profile to the first SVC encryption encoder.
Abstract:
PURPOSE: A method for converting or inversely converting characters by encoding/compressing functions is provided to make the order of encoded results the same as the order of sentences by using indexing algorithm. CONSTITUTION: The section of a specific real number length is divided into a plurality of sections. The slope per a section corresponding to the ratio of a reference value to the length of each section is calculated. The slope per a section is multiplied by a value belonging to each section. The multiplied result is divided by a specific real number to calculate a quotient. A character is allocated according to the slope and the quotient. The character is compressed and encoded in data. The data is received. A slope per a section of the data is multiplied by the data. The multiplied result is divided by a specific real number base to calculate a quotient. The quotient is converted into a character corresponding to the slope and the quotient.
Abstract:
A database processing method through partial order conservation inside a bucket for safely encrypting numerical data is provided to supply a search result in database search about the stored data. A relative value of a plaintext is calculated in a bucket in which the plaintext is allocated(S204). The random number is generated in bucket by generating a first primary key value(S206). The second key value defining the function which the bucket range is used for input is generated(S208). The transformed relative value is stored according to the first primary key value and the second key value the relative value is converted so that the relative value of the plaintext partly maintain the order(S216).