Abstract:
The control circuit for requesting the use of the system bus from an external bus arbitrator with controlling the cache memory using a copy back mode according to the processor operation comprises a cache change data generator (13) for generating control signals according to the contents of a cache tag memory and a cache state memory to change the state of the cache state memory, a processor interface unit (11) for receiving the control signal from the generator (13) to halt or retry a CPU, a cache memory change signal generator (14) for transmitting a write signal to the cache state memory and cache tag memory, and a system bus request unit (12), thereby synchronizing the signals of the control circuits with the main clock to minimize the skew generation at the output stage.
Abstract:
본 발명의 휴대용 컴퓨팅 단말의 시스템 자원 보안 장치는, 시스템 자원에 대한 프로세스의 접근을 감지하는 자원접근 감시부; 시스템 자원에 대한 보호정책을 저장하고 있는 자원보호정책 데이터베이스; 자원보호 정책 데이터 베이스로부터 시스템 자원을 보호하기 위해 필요한 보호정책을 검색하는 자원보호정책 검색부; 시스템자원을 보호하기 위한 보안 기능을 저장하고 있는 보안기능 데이터베이스; 자원보호정책 검색부에 의해 검색된 보호정책에 포함된 보안기능을 보안기능 데이터베이스로부터 읽어들여 보호정책에 포함된 보안기능을 실행하는 자원보안 실행부; 및 자원보호정책 데이터베이스와 보안기능 데이터베이스를 관리하는 보안관리부를 구비한다. 휴대용 컴퓨터, 시스템, 프로세서, 보안, 접근
Abstract:
PURPOSE: A method for tracking attack sources and attack distribution places and a system thereof are provided to manage a path and configuration for an attack scenario by tracking an abnormal file uploader in real-time. CONSTITUTION: An agent(500) receives an information confirmation message of an abnormal file corresponding to the information transmission of an abnormal file(S117). The agent selects a place corresponding to the information of the abnormal file as an attack distribution place(S119). The agent transmits an abnormal file uploader information request message. The agent receives the abnormal file uploader information corresponding to the request message(S121). When the received abnormal file uploader information corresponds to the stored uploader information, the agent sets an attack source using the abnormal file uploader information(S123). [Reference numerals] (100) Attack computer; (200) User computer; (300) Network security server; (400) Site file management server; (500) Agent; (S101) Upload an abnormal file; (S103) Analyze action and extract uploader information; (S105) Transmit the uploader information; (S107) Store the uploader information; (S109) Download abnormal file; (S111) Store downloaded user information with the uploader information; (S113) Transmit attack information when detecting cyber attack; (S115) Transmit transmission network address; (S117) Transmit confirmation message of the transmission network address; (S119) Define an attack distribution place; (S121) Receive the uploader information; (S123) Define an attack source
Abstract:
본 발명은 사용자 단말기의 보안 관리 시스템 및 방법에 관한 것으로서, 사용자 단말기의 컨텍스트(context) 정보에 기초하여 외부의 보안 관리 서버를 통해 사용자 단말기의 보안 정책을 생성하고, 이때 생성된 보안 정책 정보를 제공받아 사용자 단말기의 내부 보안 정책을 설정하도록 한다. 본 발명에 따르면, 다양한 인터페이스를 통해 사용자 단말기 특히 복합 단말기의 보안 정책을 설정함에 따라 사용자 단말기의 한계성을 극복할 수 있으며, 또한 체계적이고 보완된 보안 서비스를 제공하는 것이 가능한 이점이 있다. 사용자 단말기, 보안 정책, 보안 관리 서버, 에이전트 단말
Abstract:
PURPOSE: A security service reconfiguration method for a mobile communication terminal and a device thereof are provided to offer convenience to a user without the degradation of a security level. CONSTITUTION: A communication environment information collecting unit(10) collects communication environment information for identifying the communication environment which a mobile communication terminal locates. A security state evaluating unit(20) evaluates a security state about the communication environment which the mobile communications terminal locates on the basis of the communication environment information collected in the communication environment information collecting unit. A security service reconfiguration unit(30) reconfigures a security service which is offered to the mobile communication terminal on the basis of the evaluation of the security state about the communication environment of the security state evaluating unit.
Abstract:
PURPOSE: A portable terminal and an external Interface control method for improving the security of the portable terminal are provided to interrupt external Interface which it does not use acts with the external aggression. CONSTITUTION: If a system call requesting the opening of an external Interface is received, an external interface control module(20) confirms the opening or closing about the requested external Interface from the external Interface policy. A device driver(10) blocks the requested external Interface according to a control command of the external Interface control module. According to the external Interface control module is each user process, external Interface policies are established.
Abstract:
A system for preventing private information from leaking out through access context analysis in a personal mobile terminal includes a private information manager that receives a private information leakage prevention policy, divides the policy into a plurality of private information leakage prevention rules, and transmits the plurality of rules to individual modules, respectively; a context analyzer that performs access context information analysis to obtain context information, when detecting a packet corresponding to a first rule, and transmits the context information; a packet analyzer that receives the context information, monitors packets transmitted to the outside through packet analysis, and transmits filtering information when detecting a packet corresponding to a second rule; and a private information leakage preventing unit that receives the filtering information and determines whether to allow or drop a packet corresponding to a third rule.
Abstract:
본 발명은, 인터넷 프로토콜 버전 4/인터넷프로토콜 버전 6 혼합망에서의 침입탐지규칙 통합 관리를 위한 것으로서, IPv4/IPv6 침입탐지시스템과 독립적으로 칩입탐지규칙 통합 관리 장치를 구현하며, 상기 칩입탐지규칙 통합 관리 장치에서 외부로부터 수신된 침입탐지규칙에 포함된 인터넷 프로토콜 버전 4 주소 및 인터넷 프로토콜 버전 6 주소 간의 연관성을 분석하고, 분석된 결과를 이용하여 상기 수신된 침입탐지규칙을 자동 변환한 후 상기 변환된 침입탐지규칙을 해당 데이터베이스에 저장하고, 상기 변환된 침입탐지규칙 및 연관성 정보를 해당 침입탐지시스템으로 전달함으로써, 효과적으로 침입탐지규칙을 통합 관리할 수 있다. IPv4/IPv6 혼합망, 침입탐지시스템(IDS), 침입탐지규칙, 연관성 분석, 자동 변환.
Abstract:
A method and an apparatus useful for preventing sensitive information from flowing out to the outside in a personal computer are provided to supply user's convenience by enabling a user to edit a protection information file through a general information file. An apparatus for preventing the external leakage of protection information includes a user interface unit(10), at least one external communication connection unit(30) and a protection information leakage preventing unit(20). According to a user authentication mode through a user interface unit, the user of the protection leakage preventing unit is allowed. When the user interface unit senses at least one kind of protection information from the used and stored information, the protection leakage preventing unit blocks the access to the connection unit of at least one external communication unit.