-
1.发明授权보안 도메인 환경에서의 암/복호화 프로그램 및 대칭키의 안전 배포 방법 및 이를 위한 데이터 분할 및 주입 장치 有权用于安全分配编码/解码程序和对称密钥的方法以及用于分区和注入安全域环境中的安全分发的设备
公开(公告)号:KR101252549B1
公开(公告)日:2013-04-08
申请号:KR1020080116301
申请日:2008-11-21
Applicant: 한국전자통신연구원
CPC classification number: H04L9/085
Abstract: 본 발명은 보안 도메인 환경에서 암/복호화 프로그램 및 대칭키를 안전하게 배포하기 위한 방법 및 장치에 관한 것이다. 본 발명에 따른 암/복호화 프로그램 및 대칭키 배포 방법은, 최상위 보안 도메인에서 1개 이상의 하위 보안 도메인에 배포할 암/복호화 프로그램 및 대칭키를 선택하는 단계; 상기 선택된 암/복호화 프로그램 및 대칭키를 상기 하위 보안 도메인의 개수만큼 분할하는 단계; 및 상기 분할된 암/복호화 프로그램 및 대칭키를 상기 하위 보안 도메인에 배포하는 단계를 포함한다.
보안 도메인, 암/복호화 프로그램, 대칭키-
公开(公告)号:KR101215326B1
公开(公告)日:2012-12-26
申请号:KR1020110034360
申请日:2011-04-13
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1458 , H04L63/1425
Abstract: 본발명은모바일단말에서의분산서비스공격을방어하기위한장치및 방법을제공한다. 모바일단말에서의분산서비스공격방어장치는모바일단말의현재모드에따라모바일단말로부터외부로전달되는모든네트워크데이터를모니터링하는모니터링부및 모니터링을수행한모니터링결과에따라네트워크데이터를외부로전달할지의여부를사용자에게질의하는전송여부질의부를포함한다.
-
-
公开(公告)号:KR100930962B1
公开(公告)日:2009-12-10
申请号:KR1020070066157
申请日:2007-07-02
Applicant: 한국전자통신연구원
Abstract: A device and a method for testing security of RPC(Remote Procedure Call)-based software in a remote place are provided to perform a remote security test for the RPC-based software efficiently, and standardize and automatically process a series of procedures causing exceptional errors in target software. A testing target selecting module(110) determines a target service/function. An RPC interface module(120) interfaces communication with the selected service/function. A function calling/analyzing module(130) subdivides entire packet by filtering/dividing the received service/function into a part calling a service function and a network communication part setting connection needed for calling the function, and analyzing procedure/setting of a protocol set and individual protocols needed for setting the connection with a server. A communication protocol implementing module(140) modularizes and implements a network communication protocol part for transferring an RPC function call. A security testing module(150) tests security of parameter transferred when the function is called. A result analyzing module(160) analyzes a security test result by testing the security of the RPC-based software of a remote computer and collecting the packets. A testing module(170) transfers massages to a service providing function as many as possible to check over whether a service for specific input is stably operated.
Abstract translation: 提供了一种用于在远程地点测试RPC(远程过程调用)的软件安全性的设备和方法,以有效地对基于RPC的软件执行远程安全测试,并标准化和自动处理一系列引起异常错误的过程 在目标软件中。 测试目标选择模块(110)确定目标服务/功能。 RPC接口模块(120)与选择的服务/功能进行通信。 功能调用/分析模块(130)通过将所接收的服务/功能过滤/划分成调用服务功能的部分和调用功能所需的网络通信部分设置连接来分割整个分组,并且分析协议集的过程/设置 以及设置与服务器的连接所需的单个协议。 通信协议实现模块(140)模块化并实现用于传送RPC功能调用的网络通信协议部分。 安全测试模块(150)测试调用函数时传输的参数的安全性。 结果分析模块(160)通过测试远程计算机的基于RPC的软件的安全性并收集分组来分析安全测试结果。 测试模块(170)尽可能多地将按摩传递给服务提供功能,以检查针对特定输入的服务是否稳定地操作。
-
Patent Agency Ranking
公开(公告)号:KR1020120116730A
公开(公告)日:2012-10-23
申请号:KR1020110034360
申请日:2011-04-13
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1458 , H04L63/1425
Abstract: PURPOSE: An apparatus and method for defending a distribution service attack in a mobile terminal are provided to defend a distribution service attack by monitoring network data transmitted from the outside to a mobile terminal. CONSTITUTION: A monitoring unit(130) monitors all network data transmitted from the outside to a mobile terminal according to the current mode of the mobile terminal. A transmission state query unit(140) queries whether network data is transmitted to the outside according to a monitoring result to a user. The monitoring unit selects a first monitoring mode or a second monitoring mode. The monitoring unit monitors the network data. [Reference numerals] (110) Mode sensing unit; (120) Critical file management unit; (130) Monitoring unit; (140) Transmission state query unit
Abstract translation: 目的:提供一种用于保护移动终端中的分发服务攻击的装置和方法,用于通过监视从外部向移动终端发送的网络数据来保护分发服务攻击。 构成:根据移动终端的当前模式,监视单元(130)监视从外部向移动终端发送的所有网络数据。 传输状态查询单元(140)根据对用户的监视结果来查询网络数据是否被发送到外部。 监视单元选择第一监视模式或第二监视模式。 监控单元监控网络数据。 (附图标记)(110)模式感测单元; (120)关键文件管理单元; (130)监控单元; (140)传输状态查询单元
-
公开(公告)号:KR1020080047248A
公开(公告)日:2008-05-28
申请号:KR1020070066157
申请日:2007-07-02
Applicant: 한국전자통신연구원
Abstract: A device and a method for testing security of RPC(Remote Procedure Call)-based software in a remote place are provided to perform a remote security test for the RPC-based software efficiently, and standardize and automatically process a series of procedures causing exceptional errors in target software. A testing target selecting module(110) determines a target service/function. An RPC interface module(120) interfaces communication with the selected service/function. A function calling/analyzing module(130) subdivides entire packet by filtering/dividing the received service/function into a part calling a service function and a network communication part setting connection needed for calling the function, and analyzing procedure/setting of a protocol set and individual protocols needed for setting the connection with a server. A communication protocol implementing module(140) modularizes and implements a network communication protocol part for transferring an RPC function call. A security testing module(150) tests security of parameter transferred when the function is called. A result analyzing module(160) analyzes a security test result by testing the security of the RPC-based software of a remote computer and collecting the packets. A testing module(170) transfers massages to a service providing function as many as possible to check over whether a service for specific input is stably operated.
Abstract translation: 提供了一种用于测试远程RPC(远程过程调用)软件的安全性的设备和方法,用于对基于RPC的软件进行有效的远程安全测试,并标准化并自动处理一系列导致异常错误的过程 在目标软件中。 测试目标选择模块(110)确定目标服务/功能。 RPC接口模块(120)与所选择的服务/功能接口通信。 功能调用/分析模块(130)通过将接收到的服务/功能过滤/分割成调用服务功能的部分和调用功能所需的网络通信部分设置连接来分解整个分组,并且分析协议集的过程/设置 以及设置与服务器的连接所需的各种协议。 通信协议实现模块(140)模块化并实现用于传送RPC功能调用的网络通信协议部分。 当调用函数时,安全测试模块(150)测试传输的参数的安全性。 结果分析模块(160)通过测试远程计算机的基于RPC的软件的安全性并收集数据包来分析安全测试结果。 测试模块(170)将按摩量尽可能多地传送到服务提供功能,以检查特定输入的服务是否稳定地运行。
-
7.发明公开보안 도메인 환경에서의 암/복호화 프로그램 및 대칭키의 안전 배포 방법 및 이를 위한 데이터 분할 및 주입 장치 有权用于分发编码/解码程序的方法和对称密钥以及用于在安全域名环境中进行安全分发和注销的方法
公开(公告)号:KR1020100057314A
公开(公告)日:2010-05-31
申请号:KR1020080116301
申请日:2008-11-21
Applicant: 한국전자통신연구원
CPC classification number: H04L9/085
Abstract: PURPOSE: A method for distributing encoding/decoding programs and a symmetric key and devices for partitioning and injecting data for the same in a security domain environment are provided to improve the safety of the distribution method by dividing the encoding/decoding programs and the symmetric key in a top level security domain and subsequently distributing the divided encoding/decoding programs and symmetric key to a lower level domain. CONSTITUTION: A data base(310) stores encoding/decoding programs and a symmetric key. A data base administrator(320) performs a communication with the data base in order to store or access the encoding/decoding programs and the key. A program selection module(330) selects the encoding/decoding programs from the data base through a user interface. A key selection module(340) selects the key from the data base through the user interface. A division module(350) divides the selected encoding/decoding programs and key into the number of lower level security domains.
Abstract translation: 目的:提供一种用于分发编码/解码程序和对称密钥的方法和用于在安全域环境中对其分配和注入数据的设备,以通过划分编码/解码程序和对称密钥来提高分发方法的安全性 在顶级安全域中,随后将分割的编码/解码程序和对称密钥分发到较低级别的域。 构成:数据库(310)存储编码/解码程序和对称密钥。 数据库管理员(320)执行与数据库的通信,以便存储或访问编码/解码程序和密钥。 程序选择模块(330)通过用户界面从数据库中选择编码/解码程序。 密钥选择模块(340)通过用户界面从数据库中选择密钥。 分割模块(350)将所选择的编码/解码程序和密钥划分为较低级别的安全域数。
-
公开(公告)号:KR100879123B1
公开(公告)日:2009-01-19
申请号:KR1020070038384
申请日:2007-04-19
Applicant: 한국전자통신연구원
CPC classification number: G06F9/547
Abstract: 본 발명은 DCE(Distributed Computing Environment) RPC(Remote Procedure Call) 객체의 퍼징 시스템 및 방법에 관한 것으로서, 파일 매니저(File Manager)에서 DCE RPC 퍼징 및 통신시 필수적으로 요구되는 UUID(Universal Unique IDentifier), 인터페이스 버전(version), Op number를 idl 파일을 참조하여 획득하고, 획득한 정보들을 통신 메커니즘을 구성하는 패킷 크리에이터(Packet Creator)에서 사용하고 DCE RPC 접근 메커니즘을 완성하며, 이후 난수를 처리하는 랜덤 데이터 제너레이터(Random Data Generator)의 난수를 주입하고 패킷 인젝터(Packet Injector)에 구성된 데이터를 인자로 하여 함수를 호출하여 퍼징을 수행함으로써, 기존의 DCE RPC 객체 퍼징 시 전문가의 개입이 필요한 부분을 자동화하여 퍼징 시간 및 비용을 감소할 수 있다.
DCE(Distributed Computing Environment), RPC(Remote Procedure Call), 퍼징(fuzzing)-
公开(公告)号:KR1020080094230A
公开(公告)日:2008-10-23
申请号:KR1020070038384
申请日:2007-04-19
Applicant: 한국전자통신연구원
CPC classification number: G06F9/547
Abstract: A DCE RPC(Distributed Computing Environment Remote Procedure Call) object fuzzing system and method are provided to analyze an idl file to acquire necessary information in a DCE RPC object fuzzing operation and construct an RPC based access mechanism by using the information to reduce the cost and time required for system fuzzing. A DCE RPC object fuzzing system includes a file manager, a random data generator, an RPC packet creator, and a packet injector. The file manager parses and analyzes a file having information including an idl file and a named pipe file with respect to an object of fuzzing to acquire necessary information. The random data generator generates a random number by using a system clock signal as a factor. The RPC packet creator constructs a protocol used for RPC communication for each function and creates an RPC packet for RPC communication. The packet injector injects the necessary information and the random number into the generated RPC packet and transmits the RPC packet to the object of fuzzing.
Abstract translation: 提供DCE RPC(分布式计算环境远程过程调用)对象模糊系统和方法来分析idl文件以获取DCE RPC对象模糊操作中的必要信息,并通过使用该信息来降低成本并构建基于RPC的访问机制, 系统模糊所需的时间。 DCE RPC对象模糊系统包括文件管理器,随机数据生成器,RPC分组创建器和分组注入器。 文件管理器解析和分析具有关于模糊对象的idl文件和命名管道文件的信息的文件以获取必要的信息。 随机数据生成器通过使用系统时钟信号作为因子生成随机数。 RPC数据包创建者构建用于每个功能的RPC通信的协议,并为RPC通信创建一个RPC数据包。 分组注入器将必要的信息和随机数注入到生成的RPC分组中,并将RPC分组发送到模糊对象。
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.019 seconds)
