公开(公告)号：KR100772523B1

公开(公告)日：2007-11-01

申请号：KR20060072649

申请日：2006-08-01

Applicant: KOREA ELECTRONICS TELECOMM

Inventor： LIM JAE DEOK ,  KIM YOUNG HO ,  RYU SEUNG HO ,  CHUNG BO HEUNG ,  KIM KI YOUNG

IPC: H04L12/22 ,  G06F15/16 ,  H04L12/28

CPC classification number: H04L63/1416 ,  H04L63/0263 ,  H04L69/16 ,  H04L69/161

Abstract: An apparatus and a method for detecting an intrusion using a pattern are provided to increase a processing speed by considerably reducing an overload caused as whether a packet is harmful is inspected by every rule whenever a packet is inputted. A rule generating unit(103) classifies intrusion detection rules into rules having a contents inspection part and rules not having the contents inspection part, assigns an index to respective rules, and outputs the same to a device that performs matching, and at the same time, stores them. An extracting unit(101) extracts a payload and an address of a packet, and outputs the same to the device. An inspecting unit(105) inspects a corresponding rule based on the index. The rule generating unit patternizes an IP address part with respect to the rules without the contents inspection part, among the intrusion detection rules.

Abstract translation: 提供一种用于使用模式检测入侵的装置和方法，用于通过显着减少由于每当输入分组时由每个规则检查分组是否有害而引起的过载而增加处理速度。 规则生成单元（103）将入侵检测规则分类为具有内容检查部分和不具有内容检查部分的规则的规则，向相应的规则分配索引，并将其输出到执行匹配的设备，并且同时 ，存储他们。 提取单元（101）提取分组的有效载荷和地址，并将其输出到设备。 检查单元（105）根据索引检查相应的规则。 在入侵检测规则中，规则生成单元相对于没有内容检查部分的规则对IP地址部分进行模式化。

公开(公告)号：KR20120065783A

公开(公告)日：2012-06-21

申请号：KR20100127081

申请日：2010-12-13

Applicant: KOREA ELECTRONICS TELECOMM

Inventor： CHUNG BO HEUNG ,  KIM JEONG NYEO

IPC: G06F21/30

CPC classification number: G06F21/604 ,  G06F15/16 ,  G06F21/30 ,  H04L9/32

Abstract: PURPOSE: A role based access control apparatus and method is provided to accurately sense the access to important information by security middleware level. CONSTITUTION: A role based access control apparatus and method comprises: a role manager(300) setting a node treating information request of a plurality of nodes to pub, setting bides requesting the information to sub, and providing role information to the nodes requesting the information in case of transmitting data to the nodes requesting the information; a role monitor unit(310) managing information about roles assigned to the plurality of nodes.

Abstract translation: 目的：提供一种基于角色的访问控制设备和方法，以便通过安全中间件级别来准确地检测对重要信息的访问。 构成：基于角色的访问控制装置和方法，包括：角色管理器（300），将节点处理多个节点的信息请求设置为pub，将请求所述信息的副本设置为sub，并向请求信息的节点提供角色信息 在向要求信息的节点发送数据的情况下; 管理关于分配给所述多个节点的角色的信息的角色监视单元（310）。