公开(公告)号：KR1020020054115A

公开(公告)日：2002-07-06

申请号：KR1020000082811

申请日：2000-12-27

Applicant: 한국전자통신연구원

Inventor： 김상춘 ,  이종태 ,  현정식 ,  손승원

IPC: G06F17/00

Abstract: PURPOSE: An internet host system security evaluation method and system is provided to identify a protocol from packet data generated for offering a function of a packet security at an internet host system, to collect the packet data, and to extract risk elements from the packet data. CONSTITUTION: The system comprises a system configuration block, a database control block, and a rule interpreter block. The system configuration block performs a user authentication by a manager having a management right, and registers data on an agent performed at a remote host and data on a module performed by an evaluation rule. The database control block generates a table on the data transmitted by the agent, adds data, defines an assessment evaluation rule at rule data, modifies the assessment evaluation rule or erases the evaluation rule from the rule data. The rule interpreter block reads the evaluation rule, defined at the database management block, from the rule data, analyzes instructions according to an execution procedure, and executes the evaluation rule. The system includes a GUI(Graphic User Interface) diagram and a socket handler. The GUI diagram enables a manager to set overall elements needed for an assessment via a JAVA interface. The socket handler enables the agent and the execution module to transmit data over a network.

Abstract translation: 目的：提供一种互联网主机系统安全评估方法和系统，用于从因特网主机系统提供分组安全功能而生成的分组数据中识别协议，收集分组数据，并从分组数据中提取风险元素 。 构成：系统包括系统配置块，数据库控制块和规则解释器块。 系统配置块由具有管理权限的管理员进行用户认证，并且在远程主机上执行的代理登记数据以及由评估规则执行的模块上的数据。 数据库控制块生成由代理发送的数据的表，添加数据，在规则数据中定义评估评估规则，修改评估评估规则或从规则数据中删除评估规则。 规则解释器块从规则数据读取在数据库管理块定义的评估规则，根据执行过程分析指令，并执行评估规则。 该系统包括GUI（图形用户界面）图和套接字处理程序。 GUI图表使经理能够通过JAVA界面设置评估所需的整体元素。 套接字处理器使代理和执行模块能够通过网络传输数据。

公开(公告)号：KR100404321B1

公开(公告)日：2003-11-01

申请号：KR1020000082811

申请日：2000-12-27

Applicant: 한국전자통신연구원

Inventor： 김상춘 ,  이종태 ,  현정식 ,  손승원

IPC: G06F17/00

Abstract: PURPOSE: An internet host system security evaluation method and system is provided to identify a protocol from packet data generated for offering a function of a packet security at an internet host system, to collect the packet data, and to extract risk elements from the packet data. CONSTITUTION: The system comprises a system configuration block, a database control block, and a rule interpreter block. The system configuration block performs a user authentication by a manager having a management right, and registers data on an agent performed at a remote host and data on a module performed by an evaluation rule. The database control block generates a table on the data transmitted by the agent, adds data, defines an assessment evaluation rule at rule data, modifies the assessment evaluation rule or erases the evaluation rule from the rule data. The rule interpreter block reads the evaluation rule, defined at the database management block, from the rule data, analyzes instructions according to an execution procedure, and executes the evaluation rule. The system includes a GUI(Graphic User Interface) diagram and a socket handler. The GUI diagram enables a manager to set overall elements needed for an assessment via a JAVA interface. The socket handler enables the agent and the execution module to transmit data over a network.

Abstract translation: 目的：提供了一种互联网主机系统安全性评估方法和系统，用于从在互联网主机系统中提供分组安全功能而生成的分组数据中识别协议，收集分组数据并从分组数据中提取风险元素 。 构成：系统包括系统配置块，数据库控制块和规则解释器块。 系统配置块通过具有管理权限的管理者执行用户认证，并且将由远程主机执行的代理上的数据以及由评估规则执行的模块上的数据登记。 数据库控制块生成关于由代理发送的数据的表格，添加数据，在规则数据处定义评估评估规则，修改评估评估规则或从规则数据擦除评估规则。 规则解释器块从规则数据读取在数据库管理块处定义的评估规则，根据执行过程分析指令并执行评估规则。 该系统包括一个GUI（图形用户界面）图和一个套接字处理程序。 GUI图使经理能够通过JAVA界面设置评估所需的全部元素。 套接字处理程序使代理程序和执行模块能够通过网络传输数据。