-
Patent Agency Ranking
公开(公告)号:KR1020120068611A
公开(公告)日:2012-06-27
申请号:KR1020100130305
申请日:2010-12-17
Applicant: 한국전자통신연구원
IPC: G08B23/00
CPC classification number: G06Q10/06 , G06F21/554 , G06F2221/2111
Abstract: PURPOSE: An apparatus and a method for security situation awareness and situation information generation based on spatial linkage are provided to enable accurate and quick generation recognition of security situations through mapping of security events in the real space and analysis of spatial correlation. CONSTITUTION: A security event storage stores security events generated from a plurality of security devices according to identification information and location or object information in the real space. A security event collecting unit(210) collects related security events by mapping the identification information to the location or object information in the real space. A security situation recognition unit(220) recognizes the type and danger degree of a security situation according to the related security events and security situation standards. A situation information generating unit(230) generates security situation information by analyzing the correlation between the related security situation event according to the security situation type and the detected security event.
Abstract translation: 目的:提供一种基于空间联动的安全状况意识和情境信息生成的设备和方法,通过映射实际空间中的安全事件和空间相关性分析,实现对安全状况的准确快速生成识别。 构成:安全事件存储根据识别信息和真实空间中的位置或对象信息存储从多个安全装置产生的安全事件。 安全事件收集单元(210)通过将识别信息映射到实际空间中的位置或对象信息来收集相关的安全事件。 安全情况识别单元(220)根据相关的安全事件和安全状况标准,识别安全情况的类型和危险程度。 情境信息生成部(230)通过根据安全情况类型和检测到的安全事件分析相关安全情况事件之间的相关性来生成安全情况信息。
-
公开(公告)号:KR101928525B1
公开(公告)日:2018-12-13
申请号:KR1020120062222
申请日:2012-06-11
Applicant: 한국전자통신연구원
Inventor: 조현구
Abstract: 본 발명은 보안 침해 대응 프로세스 기반의 물리/IT 보안장비 제어 장치 및 방법에 관한 것으로서, 통합보안시스템에 의해 탐지된 보안 침해 정보에 따라 대응 정책을 결정하고, 수행할 프로세스 수행 정보를 생성하는 대응 프로세스 관리부와, 상기 대응 프로세스 관리부에 의해 생성된 상기 프로세스 수행 정보를 통해 프로세스를 수행하며, 상기 대응 정책에 연동이 요구되는 물리 보안장비 및 IT 보안장비를 제어하기 위한 일원화된 명령(Unified Command)을 생성하는 대응 프로세스 처리부와, 상기 대응 정책에 연동이 요구되는 상기 보안장비를 검색하고, 검색된 보안장비의 제어에 필요한 파라미터를 계산하기 위해 해당 보안장비와 침해 발생 위치와의 공간 위상관계를 기반으로 공간 연산을 수행하여 상기 대응 프로세스 처리부에게 제공하는 공간연 산 처리부와, 상기 물리 보안장비 및 상기 IT 보안장비의 다중 연결과 제어 명령을 해당 보안장비에게 전달하는 제어 프록시에이전트 기반의 장비 제어부와, 상기 보안 침해 정보와 상기 대응 정책 및 상기 프로세스의 스크립트를 저장하는 데이터베이스부를 포함하며, 융합 보안공간의 침해 사고에 대한 물리/IT 보안 영역에 대한 종합적 대응이 가능하고, 발생 가능한 다양한 보안 침해 유형과 보안 장비 추가 및 변경 등에 대한 확장성과 유연성 있는 구조를 제공하는 이점이 있다.
-
公开(公告)号:KR1020130115580A
公开(公告)日:2013-10-22
申请号:KR1020120037989
申请日:2012-04-12
Applicant: 한국전자통신연구원
Inventor: 조현구
IPC: G08B13/196 , G06F21/00
Abstract: PURPOSE: A space based security device and a method thereof are provided to improve the accuracy and speed of a security system by enabling a user to operate the security device on the basis of the movement path of a security intruder and a location where security breach is generated. CONSTITUTION: A space based security device (150) includes a corresponding device request processing unit (152), a phase relationship computing unit (154), a spatial query processing unit (156), and a coverage object managing unit (158). The corresponding device request processing unit receives a request for information about a security device, corresponding to a location where security breach is generated, from an external security breach handling unit. The phase relationship computing unit configures phase relationship between the security device and the location where the security breach is generated, and computes a path and a corresponding location on the basis of the phase relationship. The phase relationship computing unit determines a corresponding security device for handling the security breach. The spatial query processing unit receives a request for coverage information about the corresponding security device from the phase relationship computing unit, and provides the coverage information about the corresponding security device. The coverage object managing unit generates coverage information about a security device which exists in a security area. [Reference numerals] (100) Security invasion response device; (152) Corresponding device request processing unit; (154) Phase relationship computing unit; (156) Spatial query processing unit; (158) Coverage object managing unit; (162) Security device coverage DB
Abstract translation: 目的:提供一种基于空间的安全设备及其方法,以通过使用户能够基于安全入侵者的移动路径和安全漏洞的位置来操作安全设备来提高安全系统的准确性和速度 产生。 构成:基于空间的安全装置(150)包括相应的设备请求处理单元(152),相位关系计算单元(154),空间查询处理单元(156)和覆盖对象管理单元(158)。 相应的设备请求处理单元从外部安全漏洞处理单元接收关于安全设备的信息的请求,对应于产生安全漏洞的位置。 相位关系计算单元配置安全设备与产生安全漏洞的位置之间的相位关系,并且基于相位关系计算路径和对应的位置。 相位关系计算单元确定用于处理安全漏洞的对应的安全装置。 空间查询处理单元从相位关系计算单元接收关于对应的安全设备的覆盖信息的请求,并且提供关于相应的安全设备的覆盖信息。 覆盖对象管理单元生成关于安全区域中存在的安全设备的覆盖信息。 (附图标记)(100)安全入侵响应装置; (152)对应设备请求处理单元; (154)相位关系计算单元; (156)空间查询处理单元; (158)覆盖对象管理单元; (162)安全设备覆盖数据库
-
公开(公告)号:KR1020130138542A
公开(公告)日:2013-12-19
申请号:KR1020120062222
申请日:2012-06-11
Applicant: 한국전자통신연구원
Inventor: 조현구
Abstract: The present invention relates to an apparatus and a method for controlling a physical/IT security equipment based on a security incident response process comprising: a response process management part for determining a response policy according to information on the security incident detected by an integrated security system and generating information on processes to be performed; a response process processing part for performing the processes generated by the response process management part and generating unified commands for controlling the physical security equipment and the IT security equipment required to be linked with the response policy; a space calculation processing part for searching for the security equipment required to be linked with the response policy, performing the space calculation based on a space phase relation between a corresponding security equipment and a position of the security incident in order to calculate parameters necessary for controlling the searched security equipment; a control proxy agent based equipment controller for performing multiple connections between the physical security equipment and the IT security equipment and transmitting the control commands to a corresponding security equipment; and a database for storing the information on the security incident, the response policy and the scripts of the process. The present invention can take a unified measure with respect to a physical/IT security area against the incident at a converged security space and provide an extendable and flexible structure with respect to various possible security incident types and an addition to or a change of the security equipment. [Reference numerals] (10) Security incident analysis/detection unit;(110) Response process management part;(120) Response process processing part;(130) Space calculation processing part;(140) Equipment controller;(151) Security incident detection information DB;(152) Security equipment DB;(154) Response policy DB;(155) Process script repository;(160) GUI part;(20) Commercial security equipment (physical/IT}
Abstract translation: 本发明涉及一种基于安全事件响应过程来控制物理/ IT安全设备的装置和方法,包括:响应过程管理部分,用于根据关于由综合安全系统检测到的安全事件的信息来确定响应策略 并且生成关于要执行的处理的信息; 响应过程处理部分,用于执行由响应过程管理部分生成的处理,并产生用于控制物理安全设备和需要与响应策略相关联的IT安全设备的统一命令; 空间计算处理部分,用于搜索需要与响应策略相关联的安全设备,基于相应的安全设备与安全事件的位置之间的空间相位关系执行空间计算,以便计算控制所需的参数 检索的安全设备; 基于控制代理的设备控制器,用于在物理安全设备和IT安全设备之间执行多个连接,并将控制命令发送到相应的安全设备; 以及用于存储关于安全事件,响应策略和过程的脚本的信息的数据库。 本发明可以相对于在融合安全空间处的事件对物理/ IT安全区域采取统一措施,并且针对各种可能的安全事件类型提供可扩展和灵活的结构,以及安全性的附加或改变 设备。 (10)安全事件分析检测部;(110)响应处理管理部;(120)响应处理部;(130)空间计算处理部;(140)设备控制器;(151)安全事件检测 信息DB;(152)安全设备DB;(154)响应策略DB;(155)流程脚本库;(160)GUI部分;(20)商业安全设备(物理/ IT)
-
公开(公告)号:KR1020120119422A
公开(公告)日:2012-10-31
申请号:KR1020110037329
申请日:2011-04-21
Applicant: 한국전자통신연구원
CPC classification number: G06F21/316 , G06F21/552
Abstract: PURPOSE: An apparatus and a method for supplying a user profile based on security service are provided to generate a user profile which shows a behavior pattern of a user and to recognize a behavior of the user threatening the security. CONSTITUTION: An event collector(110) collects event data and user data generated from an IT(Information Technology) device and a logical/physical security device. A profile generator(140) generates user profile information by using the user data and the event data. A user analyzer(150) analyzes the event data and calculates the security threat of the user. [Reference numerals] (110) Event collection unit; (120) Device management unit; (130) Position mapping unit; (140) Profile generating unit; (150) User analysis unit
Abstract translation: 目的:提供一种用于提供基于安全服务的用户简档的装置和方法,以生成显示用户的行为模式并识别威胁安全性的用户的行为的用户简档。 构成:事件收集器(110)收集从IT(信息技术)设备和逻辑/物理安全设备生成的事件数据和用户数据。 简档生成器(140)通过使用用户数据和事件数据生成用户简档信息。 用户分析器(150)分析事件数据并计算用户的安全威胁。 (附图标记)(110)事件收集单元; (120)设备管理单元; (130)位置映射单元; (140)轮廓生成单元; (150)用户分析单元
-
-
-
-
Search Results
5
records
(took 0.018 seconds)
