公开(公告)号：US20100138929A1

公开(公告)日：2010-06-03

申请号：US12622222

申请日：2009-11-19

Applicant: Seung Wan HAN ,  Sok Joon LEE ,  Yun Kyung LEE ,  Sin Hyo KIM ,  Jeong Nyeo KIM

Inventor： Seung Wan HAN ,  Sok Joon LEE ,  Yun Kyung LEE ,  Sin Hyo KIM ,  Jeong Nyeo KIM

IPC: G06F21/00

CPC classification number: H04L63/0407

Abstract: Conditionally traceable anonymous service system is provided. The system respectively separates subject conforming real name, subject conforming anonymity, subject requesting verification for an anonymity certification means, so that privacy of a user is hardly violated, the present invention can acquire real name information for the user only when a trace for a user is surely requested.

Abstract translation: 提供有条件的可追溯匿名服务系统。 该系统分别分离主体一致的实名，主体符合匿名性，主体请求验证匿名认证手段，使得用户的隐私几乎不被侵犯，本发明可以仅在用户的跟踪时才获取用户的真实姓名信息 肯定要求

公开(公告)号：US08645690B2

公开(公告)日：2014-02-04

申请号：US13327099

申请日：2011-12-15

Applicant: Sok-Joon Lee ,  Jung-Yeon Hwang ,  Gun-Tae Bae ,  Byung-Ho Chung ,  Sin-Hyo Kim ,  Hye-Ran Mun ,  Sang-Woo Lee ,  Yun-Kyung Lee ,  Hyun-Sook Cho

Inventor： Sok-Joon Lee ,  Jung-Yeon Hwang ,  Gun-Tae Bae ,  Byung-Ho Chung ,  Sin-Hyo Kim ,  Hye-Ran Mun ,  Sang-Woo Lee ,  Yun-Kyung Lee ,  Hyun-Sook Cho

IPC: H04L9/00

CPC classification number: H04L9/321 ,  H04L9/0891 ,  H04L9/3255 ,  H04L2209/42

Abstract: Disclosed herein is a method of verifying key validity and a server for performing the method. The method is configured such that a service provision server verifies key validity in an anonymous service for providing local linkability. The service provision server receives a revocation list. A local revocation list is generated using the received revocation list and a secret key. A virtual index of a service user required to verify key validity is calculated. Whether a key of the service user is valid is verified, based on whether the virtual index is included in the local revocation list.

Abstract translation: 本文公开了一种验证密钥有效性的方法和用于执行该方法的服务器。 该方法被配置为使得服务提供服务器验证匿名服务中的密钥有效性以提供本地可链接性。 服务提供服务器接收撤销列表。 使用接收到的撤销列表和密钥生成本地撤销列表。 计算验证密钥有效性所需的服务用户的虚拟索引。 基于虚拟索引是否包括在本地撤销列表中，验证服务用户的密钥是否有效。

公开(公告)号：US08499158B2

公开(公告)日：2013-07-30

申请号：US12971103

申请日：2010-12-17

Applicant: Sok Joon Lee ,  Jung Yeon Hwang ,  Yun Kyung Lee ,  Sin Hyo Kim ,  Sang Woo Lee ,  Hye Ran Moon ,  Young Ho Kim ,  Byung Ho Chung ,  Hyun Sook Cho

Inventor： Sok Joon Lee ,  Jung Yeon Hwang ,  Yun Kyung Lee ,  Sin Hyo Kim ,  Sang Woo Lee ,  Hye Ran Moon ,  Young Ho Kim ,  Byung Ho Chung ,  Hyun Sook Cho

IPC: H04L9/32

CPC classification number: H04L9/3073 ,  H04L9/3255 ,  H04L2209/42

Abstract: There is provided an anonymous service method of providing local linkability. The anonymous service method providing local linkability according to exemplary embodiments of the invention, an anonymous authentication operation based on a short group signature is performed, for which the concept of a local linkability is introduced to secure linkability within the same service domain. Namely, in the interior of a service provider, a virtual index having a fixed value is calculated for each service user, and in this case, although a plurality of service providers collude with each other, they cannot calculate a virtual index having the same value, whereby the linkability can be secured within the same service domain but not within the interiors of different service domains.

Abstract translation: 提供了提供本地可链接性的匿名服务方法。 执行根据本发明的示例性实施例的本地可链接性的匿名服务方法，执行基于短组签名的匿名认证操作，为此引入本地可链接性的概念以确保相同服务域内的可链接性。 也就是说，在服务提供者的内部，为每个服务用户计算具有固定值的虚拟索引，在这种情况下，尽管多个服务提供者彼此串通，但是它们不能计算具有相同值的虚拟索引 从而可以在相同的服务领域内确保可链接性，但不能在不同的服务领域的内部。

公开(公告)号：US20120159166A1

公开(公告)日：2012-06-21

申请号：US13327099

申请日：2011-12-15

Applicant: Sok-Joon LEE ,  Jung-Yeon Hwang ,  Gun-Tae Bae ,  Byung-Ho Chung ,  Sin-Hyo Kim ,  Hye-Ran Mun ,  Sang-Woo Lee ,  Yun-Kyung Lee ,  Hyun-Sook Cho

Inventor： Sok-Joon LEE ,  Jung-Yeon Hwang ,  Gun-Tae Bae ,  Byung-Ho Chung ,  Sin-Hyo Kim ,  Hye-Ran Mun ,  Sang-Woo Lee ,  Yun-Kyung Lee ,  Hyun-Sook Cho

IPC: H04L9/32

CPC classification number: H04L9/321 ,  H04L9/0891 ,  H04L9/3255 ,  H04L2209/42

Abstract: Disclosed herein is a method of verifying key validity and a server for performing the method. The method is configured such that a service provision server verifies key validity in an anonymous service for providing local linkability. The service provision server receives a revocation list. A local revocation list is generated using the received revocation list and a secret key. A virtual index of a service user required to verify key validity is calculated. Whether a key of the service user is valid is verified, based on whether the virtual index is included in the local revocation list.

Abstract translation: 本文公开了一种验证密钥有效性的方法和用于执行该方法的服务器。 该方法被配置为使得服务提供服务器验证匿名服务中的密钥有效性以提供本地可链接性。 服务提供服务器接收撤销列表。 使用接收到的撤销列表和密钥生成本地撤销列表。 计算验证密钥有效性所需的服务用户的虚拟索引。 基于虚拟索引是否包括在本地撤销列表中，验证服务用户的密钥是否有效。

公开(公告)号：US20100146603A1

公开(公告)日：2010-06-10

申请号：US12465999

申请日：2009-05-14

Applicant: Yun Kyung LEE ,  Seung Wan HAN ,  Sok Joon LEE ,  Byung Ho CHUNG ,  Jeong Nyeo KIM

Inventor： Yun Kyung LEE ,  Seung Wan HAN ,  Sok Joon LEE ,  Byung Ho CHUNG ,  Jeong Nyeo KIM

IPC: H04L9/32

CPC classification number: H04L63/0407 ,  H04L63/0823

Abstract: An anonymous authentication-based private information management (PIM) system and method are provided. The PIM method includes receiving an anonymous certificate not including user information from an anonymous certification authority; generating an anonymous document including the anonymous certificate and some of the user information; and providing the anonymous document to a web service provider so as to be authenticated and thus provided with a web service by the web service provider. Thus, only a minimum of user information may be provided to the web service provider. In addition, it is possible to strengthen a user's right to self-determination and control over the exposure and use of his or her personal information by allowing a user to manage his or her own personal information or entrusting the PIM server to manage user information. Moreover, it is possible to protect the privacy of a user by preventing the exposure of user information.

Abstract translation: 提供了基于匿名认证的私人信息管理（PIM）系统和方法。 PIM方法包括从匿名认证机构接收不包括用户信息的匿名证书; 生成包括匿名证书和一些用户信息的匿名文档; 以及将该匿名文件提供给web服务提供商，以便被认证，从而由web服务提供商提供Web服务。 因此，可以仅向Web服务提供商提供最少的用户信息。 另外，通过允许用户管理自己的个人信息或委托PIM服务器来管理用户信息，可以加强用户的自我决定权和对自己的个人信息的使用和使用的控制权。 此外，可以通过防止用户信息的暴露来保护用户的隐私。

公开(公告)号：US20100122080A1

公开(公告)日：2010-05-13

申请号：US12614961

申请日：2009-11-09

Applicant: Sok Joon LEE ,  Seung Wan HAN ,  Yun Kyung LEE ,  Byung Ho CHUNG ,  Jeong Nyeo KIM

Inventor： Sok Joon LEE ,  Seung Wan HAN ,  Yun Kyung LEE ,  Byung Ho CHUNG ,  Jeong Nyeo KIM

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  H04L9/3255 ,  H04L9/3263 ,  H04L63/0407 ,  H04L2209/42 ,  H04L2209/56

Abstract: The present invention can't independently know real name information of a user unless a server of an authority treating real name certificate and a server of an authority treating pseudonym certificate collaborate mutually, so that privacy of a user isn't infringed. The present invention can acquire real name information of a user with collaboration of real name certification sever and pseudonym certification sever only if you need real name information for a user.

Abstract translation: 本发明不能独立地知道用户的真实姓名信息，除非处理真实姓名证书的授权机构的服务器和处理假名证书的授权机构的服务器相互协作，使得用户的隐私不被侵害。 本发明只有在需要用户的真实姓名信息的情况下才能获得真实姓名认证服务器和假名认证服务器协作的用户的真实姓名信息。

公开(公告)号：US07640585B2

公开(公告)日：2009-12-29

申请号：US11289224

申请日：2005-11-29

Applicant: Sok Joon Lee ,  Kyung Hee Oh ,  Sin Hyo Kim ,  Young Hwan Ham ,  Byung Ho Chung ,  Kyo Il Chung

Inventor： Sok Joon Lee ,  Kyung Hee Oh ,  Sin Hyo Kim ,  Young Hwan Ham ,  Byung Ho Chung ,  Kyo Il Chung

IPC: G06F11/00

CPC classification number: H04L63/1416 ,  H04L63/164 ,  H04L63/166 ,  H04W12/12

Abstract: An intrusion detection system and method of a wireless network providing wireless communication to one or more wireless terminal, and an intrusion detection sensor capable of detecting attacks against wireless network are provided. The intrusion detection system of a wireless network includes: an access point providing wireless communication to a wireless terminal; and an intrusion detection sensor examining packets transmitted and received between the access point and a wireless terminal according to a predetermined detection rule. The access point transmits confirmation information on whether or not an event packet, including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, is transmitted, to the intrusion detection sensor, and the intrusion detection sensor examines an event packet by using the confirmation information. According to the system and method, a variety of attacks occurring on a wireless network can be effectively detected and systematically controlled.

Abstract translation: 提供了向一个或多个无线终端提供无线通信的无线网络的入侵检测系统和方法，以及能够检测针对无线网络的攻击的入侵检测传感器。 无线网络的入侵检测系统包括：向无线终端提供无线通信的接入点; 以及入侵检测传感器，根据预定检测规则检查在所述接入点与无线终端之间发送和接收的分组。 接入点发送关于是否建立了关于接入点和无线终端之间的无线线路连接是否建立的关键信息的事件分组的确认信息，被发送到入侵检测传感器，并且入侵检测传感器 使用确认信息检查事件数据包。 根据系统和方法，可以有效地检测和系统地控制无线网络上发生的各种攻击。

公开(公告)号：US07533257B2

公开(公告)日：2009-05-12

申请号：US10927407

申请日：2004-08-24

Applicant: Sok Joon Lee ,  Byung Ho Chung ,  Kyo Il Chung

Inventor： Sok Joon Lee ,  Byung Ho Chung ,  Kyo Il Chung

IPC: H04L9/00 ,  H04L9/32 ,  G06F7/04 ,  G06F7/58 ,  G06F17/30 ,  G06K9/00 ,  G06K19/00 ,  H04K1/00 ,  G06F7/00

CPC classification number: H04L63/162 ,  G06Q20/0855 ,  G06Q20/3821 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/1483 ,  Y10S707/99933 ,  Y10S707/99939

Abstract: A server certificate verification method in a terminal during. Extensible Authentication Protocol authentication for Internet access is provided, the method including (a) receiving a server certificate from a wireless LAN authentication server, and transmitting a server certificate verification request message of the server certificate to a wireless LAN authentication server via a wireless LAN access server; (b) transmitting by the wireless LAN authentication server an On-line Certificate Status Protocol request message to an On-line Certificate Status Protocol server to verify the server certificate; (c) receiving a result of the server certificate verification performed by the OCSP server using an Extensible Authentication Protocol packet from the wireless LAN authentication server; and (d) determining whether the result of the server certificate verification is valid.

Abstract translation: 终端中的服务器证书验证方法。 提供了用于因特网接入的可扩展认证协议认证，该方法包括：（a）从无线LAN认证服务器接收服务器证书，并通过无线LAN接入向服务器认证服务器发送服务器证书的服务器证书验证请求消息 服务器; （b）由无线LAN验证服务器向在线证书状态协议服务器发送在线证书状态协议请求消息以验证服务器证书; （c）使用来自无线LAN认证服务器的可扩展认证协议分组接收由OCSP服务器执行的服务器证书验证的结果; 和（d）确定服务器证书验证的结果是否有效。

公开(公告)号：US20110154045A1

公开(公告)日：2011-06-23

申请号：US12971103

申请日：2010-12-17

Applicant: Sok Joon Lee ,  Jung Yeon Hwang ,  Yun Kyung Lee ,  Sin Hyo Kim ,  Sang Woo Lee ,  Hye Ran Moon ,  Young Ho Kim ,  Byung Ho Chung ,  Hyun Sook Cho

Inventor： Sok Joon Lee ,  Jung Yeon Hwang ,  Yun Kyung Lee ,  Sin Hyo Kim ,  Sang Woo Lee ,  Hye Ran Moon ,  Young Ho Kim ,  Byung Ho Chung ,  Hyun Sook Cho

IPC: H04L9/32

CPC classification number: H04L9/3073 ,  H04L9/3255 ,  H04L2209/42

Abstract: There is provided an anonymous service method of providing local linkability. The anonymous service method providing local linkability according to exemplary embodiments of the invention, an anonymous authentication operation based on a short group signature is performed, for which the concept of a local linkability is introduced to secure linkability within the same service domain. Namely, in the interior of a service provider, a virtual index having a fixed value is calculated for each service user, and in this case, although a plurality of service providers collude with each other, they cannot calculate a virtual index having the same value, whereby the linkability can be secured within the same service domain but not within the interiors of different service domains.

Abstract translation: 提供了提供本地可链接性的匿名服务方法。 执行根据本发明的示例性实施例的本地可链接性的匿名服务方法，执行基于短组签名的匿名认证操作，为此引入本地可链接性的概念以确保相同服务域内的可链接性。 也就是说，在服务提供者的内部，为每个服务用户计算具有固定值的虚拟索引，在这种情况下，尽管多个服务提供者彼此串通，但是它们不能计算具有相同值的虚拟索引 从而可以在相同的服务领域内确保可链接性，但不能在不同的服务领域的内部。

公开(公告)号：US08571210B2

公开(公告)日：2013-10-29

申请号：US13241124

申请日：2011-09-22

Applicant: Sin-Hyo Kim ,  Yun-Kyung Lee ,  Byung-Ho Chung ,  Hye-Ran Mun ,  Sang-Woo Lee ,  Sok-Joon Lee ,  Jung-Yeon Hwang ,  Gun-Tae Bae ,  Hyun-Sook Cho

Inventor： Sin-Hyo Kim ,  Yun-Kyung Lee ,  Byung-Ho Chung ,  Hye-Ran Mun ,  Sang-Woo Lee ,  Sok-Joon Lee ,  Jung-Yeon Hwang ,  Gun-Tae Bae ,  Hyun-Sook Cho

IPC: H04L9/00

CPC classification number: H04L9/08 ,  G06F21/10 ,  G06F2221/0755 ,  H04L2209/16 ,  H04L2209/603

Abstract: The present invention relates to a content protection apparatus and method using binding of additional information to an encryption key. The content protection apparatus includes an encryption unit for creating an encryption key required to encrypt data requested by a user terminal and then generating encrypted data in which the data is encrypted. An additional information management unit manages additional information including authority information about the encrypted data. A White-Box Cryptography (WBC) processing unit generates a WBC table required to bind the encryption key corresponding to the encrypted data to the additional information. A bound data generation unit generates bound data in which the encrypted key is bound to the additional information, using a cipher included in the WBC table.

Abstract translation: 本发明涉及使用附加信息与加密密钥的绑定的内容保护装置和方法。 内容保护装置包括：加密单元，用于创建加密由用户终端请求的数据所需的加密密钥，然后生成加密数据的加密数据。 附加信息管理单元管理包括关于加密数据的权限信息的附加信息。 白盒加密（WBC）处理单元生成将加密数据对应的加密密钥与附加信息绑定所需的WBC表。 绑定数据生成单元使用包含在WBC表中的密码来生成加密密钥与附加信息绑定的绑定数据。