利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

58 条记录 (耗时 0.021 秒)

    Message security processing system and method for web services
    2.
    发明授权
    Message security processing system and method for web services 有权
    消息安全处理系统和Web服务的方法

    公开(公告)号:US08051283B2

    公开(公告)日:2011-11-01

    申请号:US10937040

    申请日:2004-09-08

    申请人: Jae Seung Lee Ki Young Moon Jung Chan Na Sung Won Sohn Chee Hang Park

    发明人: Jae Seung Lee Ki Young Moon Jung Chan Na Sung Won Sohn Chee Hang Park

    IPC分类号: H04L29/06 H04L9/32

    CPC分类号: H04L63/0428 H04L63/126 H04L67/02

    摘要: A message security processing system and method for Web services are provided. In the message security processing system in which messages are exchanged between a client and a server with a SOAP-RPC format, each of the client and the server includes: a security interface allowing information related to digital signature, encryption, and timestamp insertion to be set in a security context object for an application program to meet security requirements of the client or the server; a security handler receiving the security context object from the security interface, and performing security processing of a request message by calling security objects stored in a request queue of the security context object one by one in order or performing security processing of a response message by calling security objects stored in a response queue of the security context object one by one in order; and an XML security unit supporting an XML security functions by called by the security handler.

    摘要翻译: 提供了一种用于Web服务的消息安全处理系统和方法。 在客户机与具有SOAP-RPC格式的服务器之间交换消息的消息安全处理系统中,客户端和服务器中的每一个包括:允许与数字签名,加密和时间戳插入有关的信息的安全接口, 设置在应用程序的安全上下文对象中以满足客户端或服务器的安全要求; 从所述安全接口接收所述安全上下文对象的安全处理器,以及通过依次调用存储在所述安全上下文对象的请求队列中的安全对象来顺序地执行请求消息的安全处理,或执行响应消息的安全处理,通过调用 存储在安全上下文对象的响应队列中的安全对象依次排列; 以及通过安全处理程序调用支持XML安全功能的XML安全单元。

    APPARATUS AND METHOD FOR DISPLAYING STATE OF NETWORK
    3.
    发明申请
    APPARATUS AND METHOD FOR DISPLAYING STATE OF NETWORK 审中-公开
    用于显示网络状态的装置和方法

    公开(公告)号:US20100150008A1

    公开(公告)日:2010-06-17

    申请号:US12530193

    申请日:2008-03-07

    申请人: Seon Gyoung Sohn Chi Yoon Jeong Beom Hwan Chang Soo Hyung Lee Hyo Chan Bang Geon Lyang Kim Hyun Joo Kim Won Joo Park Jong Ho Ryu Jong Hyun Kim Jung Chan Na Jong Soo Jang Sung Won Sohn

    发明人: Seon Gyoung Sohn Chi Yoon Jeong Beom Hwan Chang Soo Hyung Lee Hyo Chan Bang Geon Lyang Kim Hyun Joo Kim Won Joo Park Jong Ho Ryu Jong Hyun Kim Jung Chan Na Jong Soo Jang Sung Won Sohn

    IPC分类号: H04L12/26

    CPC分类号: H04L41/22 H04L43/045 H04L63/1408

    摘要: There are provided a network state display apparatus and method capable of easily determining a present network security state in real time by analyzing an abnormality and harmful traffic deteriorating performance of a network in software by using a result of combining essential characteristics of traffic, a distinct dispersion, and an entropy and displaying the network state to be intuitionally recognized, the method including selecting and combining three of a source address, a source port, a destination address, and a destination port of collected traffic and calculating a distinct dispersion and an entropy of a residual one therefrom; displaying the calculated distinct dispersion and entropy on a security radar where the distinct dispersion and the entropy are assigned to an angle and a radius; determining whether a network state is abnormal, based on a result displayed on the security radar; and detecting reporting detailed information on abnormal traffic causing the abnormal network state.

    摘要翻译: 提供了一种网络状态显示装置和方法,其能够通过使用组合业务的基本特征的结果分析软件中的网络的异常和有害的业务恶化的性能来实时地容易地确定当前的网络安全状态,不同的分散 以及熵并显示要直观识别的网络状态,所述方法包括选择和组合收集的业务的源地址,源端口,目的地地址和目的地端口中的三个,并计算不同的色散和熵 剩余的一个; 在安全雷达上显示计算出的不同色散和熵,其中明确的色散和熵分配给角度和半径; 基于安全雷达上显示的结果,确定网络状态是否异常; 检测异常网络状态异常报告的详细信息。

    Method for dynamically changing intrusion detection rule in kernel level intrusion detection system
    4.
    发明授权
    Method for dynamically changing intrusion detection rule in kernel level intrusion detection system 失效
    在内核级入侵检测系统中动态更改入侵检测规则的方法

    公开(公告)号:US07664950B2

    公开(公告)日:2010-02-16

    申请号:US10748406

    申请日:2003-12-29

    申请人: Bo-Heung Chung Seungho Ryu Jeong-Nyeo Kim Sung-Won Sohn Chee-Hang Park

    发明人: Bo-Heung Chung Seungho Ryu Jeong-Nyeo Kim Sung-Won Sohn Chee-Hang Park

    IPC分类号: H04L29/06

    CPC分类号: H04L63/0263 G06F21/55 H04L63/1416 H04L63/1441

    摘要: A method for dynamically changing an intrusion detection rule in a kernel level intrusion detection system is disclosed. The method includes the steps of: a) generating a replica of the intrusion detection rule in a kernel area; b) changing the replica of the intrusion detection rule according to a request of changing the intrusion detection rule from the kernel area; and c) changing a currently applied intrusion detection rule by exchanging a value of a pointer representing the intrusion detection rule with a value of a pointer representing the changed replica of the intrusion detection rule.

    摘要翻译: 公开了一种在内核级入侵检测系统中动态地改变入侵检测规则的方法。 该方法包括以下步骤:a)在内核区域中生成入侵检测规则的副本; b)根据从内核区域更改入侵检测规则的请求,更改入侵检测规则的副本; 以及c)通过用代表入侵检测规则的改变的副本的指针的值交换表示入侵检测规则的指针的值来改变当前应用的入侵检测规则。

    Authentication, authorization and accounting (diameter) protocol-based accounting method using batch processing
    5.
    发明授权
    Authentication, authorization and accounting (diameter) protocol-based accounting method using batch processing 有权
    基于协议的认证,授权和计费(直径)计费方法采用批量处理

    公开(公告)号:US07530095B2

    公开(公告)日:2009-05-05

    申请号:US10704047

    申请日:2003-11-06

    申请人: Byung Gil Lee Mal Hee Kim Hyun Gon Kim Sung Won Sohn

    发明人: Byung Gil Lee Mal Hee Kim Hyun Gon Kim Sung Won Sohn

    IPC分类号: G06F19/00

    CPC分类号: H04L63/08 G06Q40/12 H04L63/0892 H04W4/24 H04W8/20 H04W12/06 H04W80/00

    摘要: The AAA client generates accounting data, transmits an accounting data transmission request message to the AAA server, and then receives a response message to the accounting data transmission request message from the AAA server. If receiving a transmission failure response message for the accounting data from the AAA server, the AAA client stores accounting data generated after receiving the transmission failure response message, and if an amount of the stored accounting data is increased to a certain limit, the AAA client sets an identifier for a batch accounting application in the accounting data and transmits an accounting data transmission request message, including stored batch accounting data and the session information, to the AAA server. The AAA server confirms the identifier and the transmission request message and searches the accounting record for session information mapped to the session information included in the ACR message.

    摘要翻译: AAA客户端生成会计数据,向AAA服务器发送计费数据发送请求消息,然后从AAA服务器接收到计费数据发送请求消息的响应消息。 如果从AAA服务器接收到计费数据的传输失败响应消息,则AAA客户端存储接收到传输失败响应消息后生成的计费数据,如果存储的计费数据量增加到一定限度,则AAA客户端 在会计数据中设置批量计费应用的标识符,并向AAA服务器发送包括存储的批量计费数据和会话信息的计费数据传输请求消息。 AAA服务器确认标识符和发送请求消息,并对映射到ACR消息中包含的会话信息的会话信息进行查询。

    APPARATUS AND METHOD OF DETECTING NETWORK ATTACK SITUATION
    6.
    发明申请
    APPARATUS AND METHOD OF DETECTING NETWORK ATTACK SITUATION 审中-公开
    检测网络攻击状况的装置和方法

    公开(公告)号:US20090094699A1

    公开(公告)日:2009-04-09

    申请号:US12275906

    申请日:2008-11-21

    申请人: Jin Oh KIM Seon Gyoung Sohn Hyochan Bang Soo Hyung Lee Dongyoung Kim Beom Hwan Chang Geon Lyang Kim Hyun Joo Kim Jung Chan Na Jong Soo Jang Sung Won Sohn

    发明人: Jin Oh KIM Seon Gyoung Sohn Hyochan Bang Soo Hyung Lee Dongyoung Kim Beom Hwan Chang Geon Lyang Kim Hyun Joo Kim Jung Chan Na Jong Soo Jang Sung Won Sohn

    IPC分类号: G06F15/18 G08B23/00

    CPC分类号: H04L63/1416 G06F21/552 G06F21/85 H04L63/1441

    摘要: Provided is an apparatus for detecting a network attack situation. The apparatus includes an alarm receiver receiving a plurality of alarms raised in a network to which the alarm receiver is connected, converting the alarms into predetermined alarm data, and outputting the alarm data; an alarm processor analyzing an attack situation in the network based on attributes of the alarm data and a number of times that the alarm data is generated; a memory storing basic data needed to analyze the state of the network and providing the basic data to the alarm processor; and an interface transmitting the result of the analysis by the alarm processor to an external device, receiving a predetermined critical value from the external device, which is a basis for determining the occurrence of the attack situation, and outputting the critical value to the alarm processor such that the alarm processor can store the critical value in the memory. Equal numbers of hash engines and detection engines for processing the alarms in the network to the number of data groups classified as network attack situations are formed in a line. Therefore, a network attack situation can be detected in real time based on a great number of alarms indicating intrusion detection.

    摘要翻译: 提供了一种用于检测网络攻击情况的装置。 该装置包括接收在连接有报警接收器的网络中升起的多个报警的报警接收机,将报警转换成预定报警数据,并输出报警数据; 报警处理器根据报警数据的属性和产生报警数据的次数分析网络中的攻击情况; 存储器,用于存储分析网络状态并将基本数据提供给报警处理器所需的基本数据; 以及将所述报警处理器的分析结果发送到外部设备的接口,从外部设备接收预定的临界值,所述临时值是用于确定所述攻击情况的发生的基础,并且将所述临界值输出到所述报警处理器 使得报警处理器可以将临界值存储在存储器中。 在网络中形成等同数量的散列引擎和检测引擎,用于将网络中的警报处理为分类为网络攻击情况的数据组的数量。 因此,可以基于大量表示入侵检测的告警来实时检测网络攻击情况。

    Apparatus and method for performing header lookup based on sequential lookup
    7.
    发明授权
    Apparatus and method for performing header lookup based on sequential lookup 有权
    基于顺序查找执行标题查找的装置和方法

    公开(公告)号:US07433357B2

    公开(公告)日:2008-10-07

    申请号:US10993606

    申请日:2004-11-19

    申请人: Jintae Oh Seung Won Shin Ki Young Kim Jong Soo Jang Sung Won Sohn

    发明人: Jintae Oh Seung Won Shin Ki Young Kim Jong Soo Jang Sung Won Sohn

    IPC分类号: H04L12/50

    CPC分类号: H04L45/00 H04L45/54 H04L45/62

    摘要: An apparatus and method for performing packet header lookup based on sequential lookup is provided. A header analyzer separates a header from a packet received via a network and outputs a lookup sequence. A unit lookup unit looks up matching the header combination rules with each field to be analyzed and input from the header analyzer based on the lookup sequence input from the header analyzer and outputs a match signal and a match address. A rule combination memory stores identification information for the header combination rules. A sequence combination memory stores lookup sequence information and sequence combination information. A rule combination unit generates match results based on the match signal input from the unit lookup unit and data read from the rule combination memory and the sequence combination memory.

    摘要翻译: 提供了一种用于基于顺序查找来执行分组报头查找的装置和方法。 报头分析器将报头与经由网络接收的分组分离,并输出查找序列。 单元查找单元根据从标题分析器输入的查找序列查找与标题组合规则与要分析的每个字段和从标题分析器输入的匹配,并输出匹配信号和匹配地址。 规则组合存储器存储标题组合规则的标识信息。 序列组合存储器存储查找序列信息和序列组合信息。 规则组合单元基于从单元查找单元输入的匹配信号和从规则组合存储器和序列组合存储器读取的数据产生匹配结果。

    Method and apparatus for managing online and offline documents with RFID technology
    8.
    发明授权
    Method and apparatus for managing online and offline documents with RFID technology 有权
    使用RFID技术管理在线和离线文档的方法和设备

    公开(公告)号:US07327259B2

    公开(公告)日:2008-02-05

    申请号:US11091366

    申请日:2005-03-29

    申请人: Ju Han Kim Joo Young Lee Ki Young Moon Jong Soo Jang Sung Won Sohn

    发明人: Ju Han Kim Joo Young Lee Ki Young Moon Jong Soo Jang Sung Won Sohn

    IPC分类号: G08B13/14

    CPC分类号: H04N1/2179 G06F17/30011 G06F21/608 G06Q10/10 H04N1/00209 H04N1/00342 H04N1/00854 H04N1/2187 H04N1/2191 H04N2201/0082 H04N2201/3269

    摘要: Provided are a method and an apparatus for managing online and offline documents using RFID technology. The method includes: pre-registering online and offline documents using radio frequency identification tag information stored in at least one of the online and offline documents to be output; determining whether the pre-registered online and offline documents are authorized to be output; and if it is determined that the pre-registered online and offline documents are authorized to be output, generating documents of the online and offline documents to be output and storing new radio frequency identification tag information in radio frequency identification tags attached to the documents to be output.

    摘要翻译: 提供了一种使用RFID技术管理在线和离线文档的方法和装置。 该方法包括:使用存储在要输出的在线和离线文档中的至少一个的射频识别标签信息预先注册在线和离线文档; 确定预注册的在线和离线文档是否被授权输出; 并且如果确定预先注册的在线和离线文档被授权输出,则生成要输出的在线和离线文档的文档,并将附加到文档的射频识别标签中的新的射频识别标签信息存储为 输出。

    Network correction security system and method
    9.
    发明申请
    Network correction security system and method 有权
    网络校正安全系统及方法

    公开(公告)号:US20050081046A1

    公开(公告)日:2005-04-14

    申请号:US10882749

    申请日:2004-06-30

    申请人: Seung-Min Lee Taek-Yong Nam Sung-Won Sohn Chee-Hang Park

    发明人: Seung-Min Lee Taek-Yong Nam Sung-Won Sohn Chee-Hang Park

    IPC分类号: H04L12/22 G02F1/00 H04L29/06

    CPC分类号: H04L63/1458

    摘要: A network correction security system. The network correction security system connected between a network node and a security-related external system, detects attacks on the network node, corrects weak parts of the performance of the network node, collects information for improving the security performance of the network node from a security-related external system, analyzes the information, monitors principal resources of the network node to detect a fault, and removes the fault according to a measure corresponding to a grade of the fault. The network correction security system carries out a recovery process when the fault has not been corrected, and recovers the functions of the network node according to a recovery mechanism when the fault has not been removed after the recovery process.

    摘要翻译: 网络校正安全系统。 连接在网络节点和安全相关的外部系统之间的网络校正安全系统,检测对网络节点的攻击,纠正网络节点性能的弱点,从安全性中收集提高网络节点安全性能的信息 相关的外部系统,分析信息,监控网络节点的主要资源以检测故障,并根据与故障等级对应的措施消除故障。 网络校正安全系统在故障未得到纠正的情况下执行恢复过程,并且在恢复过程中还没有删除故障时,根据恢复机制恢复网络节点的功能。