-
公开(公告)号:KR1019920010967B1
公开(公告)日:1992-12-26
申请号:KR1019900021847
申请日:1990-12-26
Applicant: 한국전자통신연구원
IPC: G06F12/08
Abstract: The control circuit for requesting the use of the system bus from an external bus arbitrator with controlling the cache memory using a copy back mode according to the processor operation comprises a cache change data generator (13) for generating control signals according to the contents of a cache tag memory and a cache state memory to change the state of the cache state memory, a processor interface unit (11) for receiving the control signal from the generator (13) to halt or retry a CPU, a cache memory change signal generator (14) for transmitting a write signal to the cache state memory and cache tag memory, and a system bus request unit (12), thereby synchronizing the signals of the control circuits with the main clock to minimize the skew generation at the output stage.
Abstract translation: 根据处理器操作,通过使用复制模式控制高速缓冲存储器的外部总线仲裁器请求使用系统总线的控制电路包括:高速缓存改变数据生成器(13),用于根据处理器操作的内容生成控制信号 高速缓存标签存储器和高速缓存状态存储器以改变高速缓存状态存储器的状态;处理器接口单元(11),用于从发生器(13)接收控制信号以停止或重试CPU;高速缓存存储器改变信号发生器( 14),用于将写入信号发送到高速缓存状态存储器和高速缓存标签存储器,以及系统总线请求单元(12),从而使控制电路的信号与主时钟同步,以使输出级的偏斜产生最小化。
-
公开(公告)号:KR101418272B1
公开(公告)日:2014-07-10
申请号:KR1020090117903
申请日:2009-12-01
Applicant: 한국전자통신연구원
Abstract: 본 발명의 휴대용 컴퓨팅 단말의 시스템 자원 보안 장치는, 시스템 자원에 대한 프로세스의 접근을 감지하는 자원접근 감시부; 시스템 자원에 대한 보호정책을 저장하고 있는 자원보호정책 데이터베이스; 자원보호 정책 데이터 베이스로부터 시스템 자원을 보호하기 위해 필요한 보호정책을 검색하는 자원보호정책 검색부; 시스템자원을 보호하기 위한 보안 기능을 저장하고 있는 보안기능 데이터베이스; 자원보호정책 검색부에 의해 검색된 보호정책에 포함된 보안기능을 보안기능 데이터베이스로부터 읽어들여 보호정책에 포함된 보안기능을 실행하는 자원보안 실행부; 및 자원보호정책 데이터베이스와 보안기능 데이터베이스를 관리하는 보안관리부를 구비한다.
휴대용 컴퓨터, 시스템, 프로세서, 보안, 접근-
公开(公告)号:KR1020130049336A
公开(公告)日:2013-05-14
申请号:KR1020110114286
申请日:2011-11-04
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1491
Abstract: PURPOSE: A method for tracking attack sources and attack distribution places and a system thereof are provided to manage a path and configuration for an attack scenario by tracking an abnormal file uploader in real-time. CONSTITUTION: An agent(500) receives an information confirmation message of an abnormal file corresponding to the information transmission of an abnormal file(S117). The agent selects a place corresponding to the information of the abnormal file as an attack distribution place(S119). The agent transmits an abnormal file uploader information request message. The agent receives the abnormal file uploader information corresponding to the request message(S121). When the received abnormal file uploader information corresponds to the stored uploader information, the agent sets an attack source using the abnormal file uploader information(S123). [Reference numerals] (100) Attack computer; (200) User computer; (300) Network security server; (400) Site file management server; (500) Agent; (S101) Upload an abnormal file; (S103) Analyze action and extract uploader information; (S105) Transmit the uploader information; (S107) Store the uploader information; (S109) Download abnormal file; (S111) Store downloaded user information with the uploader information; (S113) Transmit attack information when detecting cyber attack; (S115) Transmit transmission network address; (S117) Transmit confirmation message of the transmission network address; (S119) Define an attack distribution place; (S121) Receive the uploader information; (S123) Define an attack source
Abstract translation: 目的:提供跟踪攻击源和攻击分发场所的方法及其系统,以便通过实时跟踪异常文件上传器来管理攻击场景的路径和配置。 构成:代理(500)接收与异常文件的信息发送对应的异常文件的信息确认消息(S117)。 代理选择与异常文件的信息相对应的地点作为攻击分发地点(S119)。 代理发送异常文件上传器信息请求消息。 代理接收与请求消息对应的异常文件上传器信息(S121)。 当接收到的异常文件上传器信息对应于存储的上传者信息时,代理使用异常文件上传器信息设置攻击源(S123)。 (附图标记)(100)攻击计算机; (200)用户电脑; (300)网络安全服务器; (400)站点文件管理服务器; (500)代理; (S101)上传异常文件; (S103)分析操作并提取上传者信息; (S105)发送上传者信息; (S107)存储上传者信息; (S109)下载异常文件; (S111)使用上传者信息存储下载的用户信息; (S113)检测网络攻击时发送攻击信息; (S115)发送传输网络地址; (S117)传输网络地址的发送确认消息; (S119)定义攻击分配地点; (S121)接收上传者信息; (S123)定义攻击源
-
公开(公告)号:KR101073427B1
公开(公告)日:2011-10-17
申请号:KR1020080119702
申请日:2008-11-28
Applicant: 한국전자통신연구원
Abstract: 본발명은이종망을통한서비스공격을차단하는이동단말에관한것이다. 보다상세하게는, 프로세스가무선이더넷접속장치의드라이버를오픈하였는지여부에대한상태정보를기록하는상태정보저장부; 및상태정보에따라프로세스가이동통신모뎀의드라이버를오픈하는것을차단하거나허용하는상태감시부를구비하는이동단말에관한것이다. 본발명에의하면, 이종망간을통한서비스공격에의해사용자의통신비용이과다하게부과되는것을방지할수가있다.
-
公开(公告)号:KR101018435B1
公开(公告)日:2011-02-28
申请号:KR1020080079787
申请日:2008-08-14
Applicant: 한국전자통신연구원
CPC classification number: G06F21/50 , G06F21/305 , H04L63/102
Abstract: 본 발명은 사용자 단말기의 보안 관리 시스템 및 방법에 관한 것으로서, 사용자 단말기의 컨텍스트(context) 정보에 기초하여 외부의 보안 관리 서버를 통해 사용자 단말기의 보안 정책을 생성하고, 이때 생성된 보안 정책 정보를 제공받아 사용자 단말기의 내부 보안 정책을 설정하도록 한다. 본 발명에 따르면, 다양한 인터페이스를 통해 사용자 단말기 특히 복합 단말기의 보안 정책을 설정함에 따라 사용자 단말기의 한계성을 극복할 수 있으며, 또한 체계적이고 보완된 보안 서비스를 제공하는 것이 가능한 이점이 있다.
사용자 단말기, 보안 정책, 보안 관리 서버, 에이전트 단말-
Patent Agency Ranking
公开(公告)号:KR1020100072991A
公开(公告)日:2010-07-01
申请号:KR1020080131564
申请日:2008-12-22
Applicant: 한국전자통신연구원
Abstract: PURPOSE: A security service reconfiguration method for a mobile communication terminal and a device thereof are provided to offer convenience to a user without the degradation of a security level. CONSTITUTION: A communication environment information collecting unit(10) collects communication environment information for identifying the communication environment which a mobile communication terminal locates. A security state evaluating unit(20) evaluates a security state about the communication environment which the mobile communications terminal locates on the basis of the communication environment information collected in the communication environment information collecting unit. A security service reconfiguration unit(30) reconfigures a security service which is offered to the mobile communication terminal on the basis of the evaluation of the security state about the communication environment of the security state evaluating unit.
Abstract translation: 目的:提供用于移动通信终端及其设备的安全服务重新配置方法,以便在不降低安全级别的情况下向用户提供便利。 构成:通信环境信息收集单元(10)收集用于识别移动通信终端所位于的通信环境的通信环境信息。 安全状态评估单元(20)根据在通信环境信息收集单元中收集的通信环境信息来评价移动通信终端所位于的通信环境的安全状态。 安全服务重新配置单元基于对安全状态评估单元的通信环境的安全状态的评估,重新配置提供给移动通信终端的安全服务。
-
公开(公告)号:KR1020100016773A
公开(公告)日:2010-02-16
申请号:KR1020080076390
申请日:2008-08-05
Applicant: 한국전자통신연구원
IPC: H04B1/40
CPC classification number: G06F21/54
Abstract: PURPOSE: A portable terminal and an external Interface control method for improving the security of the portable terminal are provided to interrupt external Interface which it does not use acts with the external aggression. CONSTITUTION: If a system call requesting the opening of an external Interface is received, an external interface control module(20) confirms the opening or closing about the requested external Interface from the external Interface policy. A device driver(10) blocks the requested external Interface according to a control command of the external Interface control module. According to the external Interface control module is each user process, external Interface policies are established.
Abstract translation: 目的:提供便携式终端和外部接口控制方法,用于提高便携式终端的安全性,以中断外部接口,它不使用外部攻击行为。 规定:如果接收到要求打开外部接口的系统呼叫,则外部接口控制模块(20)从外部接口策略确认所请求的外部接口的打开或关闭。 设备驱动器(10)根据外部接口控制模块的控制命令阻止所请求的外部接口。 根据外部接口控制模块是每个用户进程,外部接口策略都建立起来。
-
公开(公告)号:KR100929916B1
公开(公告)日:2009-12-04
申请号:KR1020070111879
申请日:2007-11-05
Applicant: 한국전자통신연구원
CPC classification number: H04L63/0227 , G06F21/6263 , G06F2221/2101 , H04L63/10 , H04L63/1466
Abstract: A system for preventing private information from leaking out through access context analysis in a personal mobile terminal includes a private information manager that receives a private information leakage prevention policy, divides the policy into a plurality of private information leakage prevention rules, and transmits the plurality of rules to individual modules, respectively; a context analyzer that performs access context information analysis to obtain context information, when detecting a packet corresponding to a first rule, and transmits the context information; a packet analyzer that receives the context information, monitors packets transmitted to the outside through packet analysis, and transmits filtering information when detecting a packet corresponding to a second rule; and a private information leakage preventing unit that receives the filtering information and determines whether to allow or drop a packet corresponding to a third rule.
Abstract translation: 一种防止个人信息通过个人移动终端中的访问上下文分析泄漏的系统,包括:私人信息管理器,其接收私人信息泄露防止策略,将该策略划分为多个私人信息泄漏防止规则,并将该多个 规则分别发给各个模块; 上下文分析器,当检测到与第一规则对应的分组时,执行接入上下文信息分析以获得上下文信息,并发送所述上下文信息; 分组分析器,其接收所述上下文信息,监视通过分组分析向外部发送的分组,并且当检测到对应于第二规则的分组时发送过滤信息; 以及私人信息泄漏防止单元,其接收过滤信息并确定是允许还是丢弃对应于第三规则的分组。
-
公开(公告)号:KR100912541B1
公开(公告)日:2009-08-18
申请号:KR1020070029347
申请日:2007-03-26
Applicant: 한국전자통신연구원
Abstract: 본 발명은, 인터넷 프로토콜 버전 4/인터넷프로토콜 버전 6 혼합망에서의 침입탐지규칙 통합 관리를 위한 것으로서, IPv4/IPv6 침입탐지시스템과 독립적으로 칩입탐지규칙 통합 관리 장치를 구현하며, 상기 칩입탐지규칙 통합 관리 장치에서 외부로부터 수신된 침입탐지규칙에 포함된 인터넷 프로토콜 버전 4 주소 및 인터넷 프로토콜 버전 6 주소 간의 연관성을 분석하고, 분석된 결과를 이용하여 상기 수신된 침입탐지규칙을 자동 변환한 후 상기 변환된 침입탐지규칙을 해당 데이터베이스에 저장하고, 상기 변환된 침입탐지규칙 및 연관성 정보를 해당 침입탐지시스템으로 전달함으로써, 효과적으로 침입탐지규칙을 통합 관리할 수 있다.
IPv4/IPv6 혼합망, 침입탐지시스템(IDS), 침입탐지규칙, 연관성 분석, 자동 변환.-
公开(公告)号:KR1020090065876A
公开(公告)日:2009-06-23
申请号:KR1020070133405
申请日:2007-12-18
Applicant: 한국전자통신연구원
IPC: G06F21/00
CPC classification number: G06F21/604 , G06F21/72 , G06F21/85 , G06F2221/2141
Abstract: A method and an apparatus useful for preventing sensitive information from flowing out to the outside in a personal computer are provided to supply user's convenience by enabling a user to edit a protection information file through a general information file. An apparatus for preventing the external leakage of protection information includes a user interface unit(10), at least one external communication connection unit(30) and a protection information leakage preventing unit(20). According to a user authentication mode through a user interface unit, the user of the protection leakage preventing unit is allowed. When the user interface unit senses at least one kind of protection information from the used and stored information, the protection leakage preventing unit blocks the access to the connection unit of at least one external communication unit.
Abstract translation: 提供了一种用于防止敏感信息流出到个人计算机外部的方法和装置,以通过使用户能够通过一般信息文件来编辑保护信息文件来提供用户的便利。 一种用于防止外部泄漏保护信息的装置包括用户接口单元(10),至少一个外部通信连接单元(30)和保护信息泄漏防止单元(20)。 根据通过用户接口单元的用户认证模式,允许防护泄漏防止单元的用户。 当用户接口单元从所使用和存储的信息中感测至少一种保护信息时,防护泄漏防止单元阻止对至少一个外部通信单元的连接单元的访问。
-
-
-
-
-
-
-
-
-
Search Results
160
records
(took 0.023 seconds)
