-
公开(公告)号:US20200233980A1
公开(公告)日:2020-07-23
申请号:US16742037
申请日:2020-01-14
Inventor: Sang-Jae LEE , You-Sung KANG , Keon-Woo KIM , Byoung-Koo KIM , Ik-Kyun KIM , Ju-Han KIM , Tae-Sung KIM , Mi-Kyung OH , Seung-Yong YOON , Seung-Kwang LEE , Yong-Sung JEON , Doo-Ho CHOI
Abstract: A secret information generation apparatus and a method for operating the secret information generation apparatus. The secret information generation apparatus includes a resistor-capacitor circuit, and a microcontroller unit including a first pin connected to an input terminal of the resistor-capacitor circuit and a second pin connected to an output terminal of the resistor-capacitor circuit, wherein the microcontroller unit is configured to transmit a digital value corresponding to a challenge to the resistor-capacitor circuit through the first pin, receive an output value of the resistor-capacitor circuit corresponding to the digital value through the second pin, convert the received value into a digital value using an analog-to-digital converter, extract one or more valid bits from the converted digital value, and then generate a response.
-
公开(公告)号:US20240236646A1
公开(公告)日:2024-07-11
申请号:US18521955
申请日:2023-11-28
Inventor: Bo-Heung CHUNG , You-Sung KANG , Keon-Woo KIM , Byoung-Koo KIM , Tae-Sung KIM , Seung-Yong YOON
Abstract: Disclosed herein is a method for managing an embedded Subscriber Identity Module (eSIM) profile. The method may include installing a common profile in multiple devices to perform provisioning, selecting a representative device from among the multiple devices, establishing a communication channel in the representative device, receiving, by the representative device, profile information for the multiple devices from a server, and transferring, by the representative device, the profile information to the respective devices.
-
3.发明申请APPARATUS FOR PREVENTING ILLEGAL ACCESS OF INDUSTRIAL CONTROL SYSTEM AND METHOD THEREOF 审中-公开防止工业控制系统非法访问的装置及其方法公开(公告)号:US20140380458A1
公开(公告)日:2014-12-25
申请号:US14245310
申请日:2014-04-04
Inventor: Byoung-Koo KIM , Dong-Ho KANG , Seon-Gyoung SOHN , Young-Jun HEO , Jung-Chan NA
IPC: H04L29/06
CPC classification number: H04L63/0227 , H04L67/12
Abstract: Disclosed is an apparatus for preventing illegal access of industrial control system and a method thereof in accordance with the present invention. The apparatus for preventing illegal access of industrial control system includes: a first interface communicating a packet by interoperating with a management network group that requests a control command; a second interface communicating a packet by interoperating with a control network group that receives a control command from the management network group and processes it; and a control device, which, when a packet flows therein from the management network group or the control network group, checks whether or not at least one filter rule is set and controls the packet flow between the management network group and the control network group using the filter where the rule is set.
Abstract translation: 公开了一种用于防止工业控制系统的非法访问的装置及其根据本发明的方法。 用于防止工业控制系统的非法访问的装置包括:通过与请求控制命令的管理网络组互操作来传送分组的第一接口; 第二接口,通过与从所述管理网络组接收控制命令的控制网络组进行交互操作来传送分组,并对其进行处理; 以及控制装置,当分组在管理网络组或控制网络组中流动时,检查是否设置了至少一个过滤规则,并且使用以下来控制管理网络组和控制网络组之间的分组流 设置规则的过滤器。
-
4.发明申请公开(公告)号:US20210036873A1
公开(公告)日:2021-02-04
申请号:US16855754
申请日:2020-04-22
Inventor: Byoung-Koo KIM , Seung-Yong YOON , You-Sung KANG , Doo-Ho CHOI , Ik-Kyun KIM , Tae-Sung KIM , Mi-Kyung OH , Sang-Jae LEE
Abstract: Disclosed herein are an apparatus and method for authenticating an IoT device. The method, performed by the IoT device authentication apparatus, includes transmitting, by the IoT device authentication apparatus, a random number to the IoT device and encrypting, by the IoT device authentication apparatus, the random number using a previously registered first white-box cryptography value through a white-box cryptography method; generating, by the IoT device, a first device response value from a previously registered first device challenge value using a Physical Unclonable Function (PUF) and encrypting, by the IoT device, the random number, received from the IoT device authentication apparatus, using the first device response value; and performing, by the IoT device authentication apparatus, authentication of the IoT device by checking whether the random number encrypted using the white-box cryptography method matches the random number encrypted using the PUF, which is received from the IoT device.
-
公开(公告)号:US20160094517A1
公开(公告)日:2016-03-31
申请号:US14797562
申请日:2015-07-13
Inventor: Dong-Ho KANG , Byoung-Koo KIM , Jung-Chan NA , Hyun-Sook CHO
IPC: H04L29/06
CPC classification number: H04L63/0236 , H04L63/105 , H04L63/1425
Abstract: An apparatus and method for blocking abnormal communication are disclosed herein. The apparatus for blocking abnormal communication includes a packet collection unit, a packet analysis unit, and an access control unit. The packet collection unit collects a packet via a network device. The packet analysis unit generates a system rule, a communication flow rule, and a packet characteristic rule based on the packet from the packet collection unit. The access control unit determines whether to block the packet by determining whether the packet from the packet collection unit satisfies the system rule, the communication flow rule and the packet characteristic rule.
Abstract translation: 本文公开了一种用于阻止异常通信的装置和方法。 用于阻止异常通信的装置包括分组收集单元,分组分析单元和访问控制单元。 分组收集单元经由网络设备收集分组。 分组分析单元基于来自分组收集单元的分组生成系统规则,通信流规则和分组特征规则。 访问控制单元通过确定来自分组收集单元的分组是否满足系统规则,通信流规则和分组特征规则来确定是否阻止分组。
-
Patent Agency Ranking
公开(公告)号:US20140298399A1
公开(公告)日:2014-10-02
申请号:US13927794
申请日:2013-06-26
Inventor: Youngjun HEO , Seon-Gyoung SOHN , Dong Ho KANG , Byoung-Koo KIM , Jung-Chan NA , Ik Kyun KIM
IPC: H04L29/06
CPC classification number: H04L63/1416
Abstract: An apparatus for detecting an abnormality sign in a control system, the control system comprising control equipments, network equipments, security equipments or server equipments, the apparatus includes an information collection module configured to collect system information, network information, security event information or transaction information in interworking with a control equipments, network equipments, security equipments or server equipments. The apparatus includes storage module that stores the information collected by the information collection module. The apparatus includes an abnormality detection module configured to analyze a correlation between the collected information and a prescribed security policy to detect whether there is an abnormality sign in the control system.
Abstract translation: 一种用于检测控制系统中的异常信号的装置,所述控制系统包括控制设备,网络设备,安全设备或服务器设备,所述设备包括:信息收集模块,用于收集系统信息,网络信息,安全事件信息或交易信息 与控制设备,网络设备,安全设备或服务器设备相互配合。 该装置包括存储由信息收集模块收集的信息的存储模块。 该装置包括:异常检测模块,被配置为分析所收集的信息与规定的安全策略之间的相关性,以检测控制系统中是否存在异常信号。
-
公开(公告)号:US20210392004A1
公开(公告)日:2021-12-16
申请号:US17208212
申请日:2021-03-22
Inventor: Byoung-Koo KIM , Seung-Yong YOON , You-Sung KANG , Doo-Ho CHOI , Ik-Kyun KIM , Tae-Sung KIM , Mi-Kyung OH , Sang-Jae LEE
Abstract: Disclosed herein are an apparatus and method for device authentication. The method for device authentication based on a certificate using a PUF, performed by an apparatus for device authentication based on a certificate using a PUF, includes acquiring previously stored first Challenge-Response-Pair (CRP) information corresponding to identification information received from a device that requests authentication and generating a certificate including a public key generated using the first CRP information; transmitting a message in which the certificate encrypted using the first response value of the first CRP information as a server secret key and the first challenge value of the first CRP information are included to the device; and authenticating the device by verifying an encrypted signature message received from the device through a secure channel.
-
公开(公告)号:US20210058249A1
公开(公告)日:2021-02-25
申请号:US16940146
申请日:2020-07-27
Inventor: Yong-Sung JEON , You-Sung KANG , Byoung-Koo KIM , Sang-Jae LEE , Seung-Kwang LEE , Doo-Ho CHOI
Abstract: Disclosed herein are a hardware security module, a device having the hardware security module, and a method for operating the device. The method for verifying integrity of executable code in a device includes dividing, by a Micro-Control Unit (MCU), executable code into multiple blocks, generating, by the MCU, hash values corresponding to the blocks resulting from the division, storing, by a Hardware Security Module (HSM), the generated hash values, calculating, by the MCU, at least one hash value, among hash values of the multiple blocks when the executable code boots, and comparing, by the HSM, the calculated hash value with a hash value corresponding to the calculated hash value, among the hash values stored in the HSM.
-
公开(公告)号:US20180109356A1
公开(公告)日:2018-04-19
申请号:US15641141
申请日:2017-07-03
Inventor: Byoung-Koo KIM , Seon-Gyoung SOHN , Boo-Sun JEON , Young-Jun HEO , Dong-Ho KANG , Jung-Chan NA , Byeong-Cheol CHOI , Jae-Hoon NAH , Seoung-Hyeon LEE
CPC classification number: H04L1/0075 , G05B19/00 , H04L1/0041 , H04L1/0045 , H04L41/0806 , H04L41/0866 , H04L43/0835 , H04L63/0209 , H04L63/0281
Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.
-
10.发明申请PACKET MONITORING DEVICE AND PACKET MONITORING METHOD FOR COMMUNICATION PACKET 审中-公开分组监控设备和通信分组的分组监控方法公开(公告)号:US20160277547A1
公开(公告)日:2016-09-22
申请号:US15069831
申请日:2016-03-14
Inventor: Byoung-Koo KIM , Dong Ho KANG , Jung-Chan NA , Seon-Gyoung SOHN , Youngjun HEO
IPC: H04L29/06
CPC classification number: H04L43/18 , H04L43/028 , H04L63/1425
Abstract: Provided is a packet monitoring method for a communication packet transmitted and received between a server and a control device including receiving the communication packet transmitted and received between the server and the control device; determining whether the received communication packet is abnormal, based on a history table including control information on communication packets received before the received communication packet and control information on the received communication packet; and performing a security operation according to results of the determination.
Abstract translation: 提供了一种用于在服务器和控制设备之间发送和接收的通信分组的分组监视方法,包括:接收在服务器和控制设备之间发送和接收的通信分组; 基于包括在接收到的通信分组之前接收的通信分组的控制信息的历史表和关于所接收的通信分组的控制信息,确定接收到的通信分组是否异常; 以及根据确定的结果执行安全操作。
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.018 seconds)
