Patent application number | Description | Published |
20120124661 | METHOD FOR DETECTING A WEB APPLICATION ATTACK - A method of detecting a web application attack is provided. The method includes the steps of when packets forming HTTP traffic are received, a web application firewall recombining the HTTP traffic, analyzing the recombined HTTP traffic and determining whether or not the recombined HTTP traffic includes the attack-relevant content, if the recombined HTTP traffic does not include the attack-relevant content, sending the recombined HTTP traffic to a web server or a user server and normally processing the recombined HTTP traffic, and if the recombined HTTP traffic includes the attack-relevant content, detecting the recombined HTTP traffic as an attack and reprocessing the same. | 05-17-2012 |
20120324215 | DATA SECURITY METHOD AND APPARATUS USING A CHARACTERISTIC PRESERVING ENCRYPTION - Provided is a data security method and apparatus using a characteristic preserving encryption. The data security apparatus includes an interface communicating with a user terminal or a database server, an input unit receiving information, an output unit outputting information, an encryption unit encrypting data in the data security method, a storage unit storing information, and a control unit controlling functions of the interface, the input unit, the output unit, the encryption unit or the storing unit. | 12-20-2012 |
20130117244 | DATA SECURITY METHOD USING DATABASE ENGINE - Disclosed is a data security method in a database engine. A data security engine unit is provided in the database engine so that the data security engine unit performs a data security function while automatically converting queries, which were stored in data storage engine unit without having been encoded and which were used to perform input or inquiry on the source data, to queries to be used to perform input or inquiry on encoded data. A data management engine unit performs operations associated with the input or inquiry with respect to the source data. A data storage engine unit stores encoded data which is encoded from the source data by the data security engine unit. | 05-09-2013 |
20150106282 | DEVICE FOR DETERMINING COUNTERFEIT AND METHOD THEREOF - There are provided a device for determining a counterfeit and a method thereof. The device for determining a counterfeit includes a certification information receiving unit configured to receive certification identification information including at least one piece of certification chip identification information, product identification information, and certification verification information of a verification target product and state information of a device for performing genuine product certification from the device for performing genuine product certification, and a counterfeit determining unit configured to determine a counterfeit based on the received certification identification information or the state information of the device for performing genuine product certification. Therefore, genuine product certification of the verification target product is verified. As a result, it is possible to effectively protect intellectual property rights of producers and easily and accurately determine a counterfeit. | 04-16-2015 |
20150106283 | APPARATUS AND METHOD FOR PROVIDING GENUINE CERTIFICATION SERVICE - Provided are an apparatus and method for providing a genuine certification service. The apparatus includes a certification information issuing unit configured to issue genuine certification information including at least one piece of certification chip identification (ID) information, product ID information, certification secret information, and certification verification information to a verification target product in response to an issuance request by a terminal operated by a producer of the verification target product, and a genuine certification executing unit configured to verify validity of the genuine certification information issued to the verification target product and execute genuine certification for the verification target product using the genuine certification information of which the validity is verified in response to a certification request by the terminal operated by the producer of the verification target product. Intellectual property rights of producers may be efficiently protected and a reliable genuine certification service may be provided to consumers. | 04-16-2015 |
20150106933 | DEVICE FOR DETECTING CYBER ATTACK BASED ON EVENT ANALYSIS AND METHOD THEREOF - There are provided a device for detecting a cyber attack and a method thereof. The device for detecting a cyber attack includes an event receiving unit configured to receive an event generated in at least one user terminal according to a behavior of a user who accesses a web server and uses web services provided from a web page, a model generating unit configured to generate an event model by extracting an event pattern corresponding to a behavior of the user based on the received event, and an attack detecting unit configured to detect whether access of the web server by a specific user terminal is an attack by comparing the event model with an event received from the specific user terminal. Therefore, various forms of cyber attacks are rapidly and accurately detected, and it is possible to provide a security service having high availability and reliability. | 04-16-2015 |
20150180862 | METHOD OF GENERATING ONE-TIME PASSWORD AND APPARATUS FOR PERFORMING THE SAME - Disclosed is a technology related to a method of generating an OTP and an apparatus for performing the same. The method includes receiving user secret information that is input according to execution of a process of providing an OTP; authenticating the user secret information by generating a response value based on the received user secret information and a challenge value received from a user verification apparatus, and transmitting the response value to the user verification apparatus; and generating an OTP using at least one of the user secret information, the challenge value and the response value as the user secret information is authenticated, thereby effectively dealing with loss or appropriation of a user terminal and also improving the security of an OTP. | 06-25-2015 |
20150326388 | GENERATION AND VERIFICATION OF ALTERNATE DATA HAVING SPECIFIC FORMAT - The method for encoding a character string by a data processing device disclosed in the present specification comprises the steps of: acquiring input data; performing a one-way function to generate ciphertext based on the input data; and converting the ciphertext to output data. In the conversion step, the output characters constituting the output data are selected from the group of input characters constituting the input data, and the length of the output data becomes a specific length. | 11-12-2015 |