KR20160075158A - The Device Access Control System and Process of the System for Internet of Things Security - Google Patents

Abstract

The present invention relates to a device access control system for security of an Internet of Things terminal and a method for operating the same, which perform security processing on a security state, very vulnerable in terms of security because things constituting the Internet of Things (IoT) connect to the Internet and communicate, in a hardware-oriented manner so that security can be maintained by temporarily stopping a function of an accessing thing when an unauthorized thing performs access or by forming a state in which a corresponding address is hidden. The device access control system for security of an IoT terminal comprises: one or more operation terminals which include one or more sensor devices, check whether connected accessing terminals have been authenticated and check access levels of the accessing terminals, designate logical access addresses and physical connection addresses adapted to access the sensor devices, and when an accessing terminal is determined to be a terminal intended for hacking, initialize the sensor devices, record a unique ID of the terminal intended for hacking in an exclusion record, and designate an access level of the terminal intended for hacking to a default level; a machine-to-machine network which is connected to the operation terminals, sets up wired or wireless communication paths including the Internet, and provides the communication paths; one or more accessing terminals which are connected to the operation terminals via the machine-to-machine network, are connected to sensor devices allowed to be accessed based on authenticated levels, and detect and receive information detected by the connected sensor devices; and a management terminal which is connected to the machine-to-machine network, assigns and sets information about whether the accessing terminals have been authenticated and the access levels based on which the accessing terminals are allowed to access the operation terminals, performs control so that information about whether the accessing terminals have been authenticated and the access levels are stored in assigned regions of the operation terminals, and performs monitoring.

Description

Technical Field [0001] The present invention relates to a device access control system and a method for operating the same,

More particularly, the present invention relates to a device access control system for security of Internet terminals of objects, and more particularly, to a device access control system for security of Internet access of objects (Internet of Things) It is a hardware-centric method of securing the vulnerable state so that when an unauthorized object is accessed, the function of the accessing object is temporarily suspended or the address is not visible. And a method of operating the device access control system.

2. Description of the Related Art [0002] Mobile communication technology for wirelessly communicating with a desired party anywhere and anytime as it moves by the development of production technology and software technology has been rapidly developed and developed, and a computer (PC) A smart phone capable of operating communication and computing in one device is being used.

The mobile communication system can connect to the Internet (network) to transmit / receive data signals, and the smart phone has the term 'mobile computing' because the smart phone can perform computational processing while moving with the addition of a computer function. As it is able to connect to the Internet while moving by using a smart phone, it has developed to be able to perform a large amount of information search, shopping and electronic payment processing.

Since the wired communication network performs communication between both the (both sides) terminals of the calling side and the receiving side connected by the wired communication path, the wired communication network can be hacked only when it is directly connected There is a limit.

Since the wireless communication network communicates between the two terminals located within the reach of the wireless signal and the spatial range of the wireless signal arrives is relatively unlimited, anyone can access the wireless communication path and hack within the reach of the wireless signal It is known that security is weak.

Meanwhile, a terminal or a device connected to the Internet is composed of a computer (PC) or a dedicated data terminal. However, in recent years, the terminal has a sensor function capable of measuring, detecting and analyzing itself, (IoT) is also called as a thing.

Each object (thing, device, terminal) constituting the Internet (IoT) can be provided with an intelligent service for judging by itself and performing necessary processing (action).

That is, the Internet (IoT) includes an intelligent terminal equipped with an internet, a wireless communication network, a wired communication network and a sensor function, and a corresponding operation program, and is composed of a person, a person, a terminal, , Interaction, and information sharing.

This Internet of things can be an infrastructure to support the business cost reduction of corporations and green IT for green growth. As the IoT era expands, communication between objects (objects) and objects is expected to be diversified. (Terminal) must be able to connect to one or more of a number of sensor devices that support the object (terminal) or object.

In the following description, a thing, a device, and a terminal have the same meaning, and they are selected in accordance with the context.

Therefore, each object should be able to search other terminal or device, and it should be able to easily obtain information such as authentication and access IP (address) to access the terminal, device or object searched.

According to such a need, there has been proposed a method of authenticating an object for the Internet and an authentication method for the Internet using a conventional technology for securely interworking between various devices via IoT communication, as disclosed in Korean Patent Application No. 10-2012-0112071 Device and authentication device therefor ".

FIG. 1 is a functional block diagram of a device access control system for securing a destination Internet terminal according to an embodiment of the prior art. FIG. 2 is a block diagram illustrating an authentication device detail function FIG.

Hereinafter, a conventional device access control system for object Internet terminal security will be described with reference to the accompanying drawings. The device access control system includes a device group 110, a new device 112, and an authentication device 120.

The device group 110 is configured to transmit sensed information to an external device or remotely control the operation of the device by an authorized user and to intelligently communicate with other devices. The device group 110 includes a computer (PC), a smart phone, an intelligent home appliance .

The authentication apparatus 120 includes a device registration unit 210, a device information change unit 220, a device connection determination unit 230, and a device authentication unit 240.

The authentication device 120 stores and registers registration information for any one of the device groups 110 by the device registration unit 210. When the updated information of the device is input, Lt; / RTI >

The device connection determination unit 230 determines whether to connect to a device included in the device group 110 when the new device 112 requests connection to the device group 110, When the one of the devices included in the new device 112 requests the contact with the new device 112.

That is, when the new device 112 is in contact with any one of the devices included in the device group 110, it is possible to contact all the devices. On the other hand, if the new device 112 can not contact any of the devices, .

However, the prior art has a problem in that when it is allowed to contact any one of a plurality of devices, it can contact all other multiple devices, so that the contact (connection) to a specific device that needs to restrict the contact can not be blocked.

In addition, the prior art has a problem in that connection to an unauthorized terminal is attempted by connection attempt or hacking, or connection with a device to be protected can not be blocked.

In particular, there is a problem that a device can not be defended against hacking such as DDos.

Therefore, there is a need to develop a technique for blocking contact with a device (terminal) from an unauthorized contact, hacking or the like, which needs to be restricted.

Korean Patent Application No. 10-2012-0112071 (Oct. 9, 2012) "Authentication method for objects Internet and device and authentication device therefor"

In order to solve the problems and necessities of the related art as described above, according to the present invention, when an unauthorized object is accessed (hacked) on each object constituting the object Internet, the function of the object to be accessed The present invention provides a device access control system for securing a stuff Internet terminal and a method of operating the same.

Meanwhile, the present invention classifies the access right of an object to be accessed when the hacking object repeatedly attempts to access (hack) the address of a hacking object that unreasonably approaches the object of the Internet, The present invention aims to provide a device access control system and an operating method thereof for securing an object Internet terminal which is capable of naturally disabling repetitive hacking such as a DDoS.

According to another aspect of the present invention, there is provided a device access control system for securing an Internet terminal, including at least one sensor device, And if the access terminal determines that the access terminal is hacked, it initializes the sensor device, records the unique ID of the access terminal in the non-recording unit, and designates the access level of the access terminal as the default level A plurality of operation terminals; An object communication network which is connected to the operation terminal and establishes and provides a communication path of wired and wireless including the Internet; One or more access terminals connected to the operation terminal through the object communication network, connected to a sensor device permitted to access according to an authenticated level, detecting and transmitting information detected by the connected sensor device; And a management terminal for accessing the object communication network and allocating and setting an authentication level and an access level for allowing the access terminal to access the operation terminal and for controlling and monitoring the access terminal in an allocated area of the operation terminal; May be included.

Wherein the operation terminal is connected to the object communication network and transmits and receives an information signal according to the control signal; And controls the transmission and reception of information signals. If it is determined that the access terminal tries to access a sensor device that is not allowed to access, the sensor device is initialized and the access level of the access terminal is set to a default level An object control unit for controlling and monitoring the entire operation by outputting a corresponding control signal to each function unit provided in the operation terminal; An authentication level extracting unit for extracting information on whether the access permission is authorized by the management terminal and information on an access level set by analyzing the ID signal and the access request signal received from the access terminal according to the control signal of the object control unit; A setting level recording unit for storing a connection list of a sensor device designated to be allowed to access by the access level set in the access terminal as input from the management terminal by the corresponding control signal of the object control unit; And an ID of the access terminal whose access to the sensor device is blocked by the control signal of the object control unit and ID information of the access terminal determined to be hacked, to the default level together with the history information and the time information, An extracorporeal object recording unit for storing the object; . ≪ / RTI >

The operation terminal confirms the access level of the access terminal connected by the corresponding control signal of the object control unit and retrieves the access list of the sensor device allowing the access level to access from the setting level register, A logical address setting unit for specifying a logical address that can be connected to the sensor device to which connection is permitted; A physical address for inputting a logical address from the logical address setting unit according to a corresponding control signal of the object control unit and setting a physical address corresponding to the logical address and physically connected to the sensor device to operate in an active state in which a signal can be transmitted, Setting section; And a sensor module for outputting information detected by a sensor device physically connected to the physical address, the sensor module including at least one sensor device set to be in an active state or an inactive state according to a corresponding control signal of the object control unit. . ≪ / RTI >

According to another aspect of the present invention, there is provided a method of operating a device access control system for securing an Internet terminal, including an operating terminal, an object communication network, an access terminal, and a management terminal, A method of operating a system, the method comprising: extracting ID information of the access terminal and authenticated access level information from the access terminal if the access terminal determines that the access terminal is connected; step; If the access terminal determines that the access level is recorded in the access list by the operation terminal, designates a logical address to which the access level is connectable with the sensor device that is allowed to access and sets the logical address to the corresponding state; A third step of checking whether the logical address is designated and set to a corresponding state by the operation terminal, and if the logical address is set, setting a physical address corresponding to the logical address to an active state enabling signal transmission; A fourth step of allowing the access terminal to access a sensor device that is allowed to access by the operation terminal to allow retrieval of the detected information; And a fifth step of checking whether the access terminal is in a hacking state in which the access terminal tries to access a sensor device to which access is not permitted, and proceeding to the end if it is determined that the access terminal is not in a hacking state. . ≪ / RTI >

If it is determined that the access level is not recorded in the connection list in the second step, setting a default level when the access level is recorded in the extracorporeal recording unit in comparison with the extracorporeal recording unit and feeding back to the second step; And a seventh step of recording the ID information of the access terminal, the history information and the time information of the access terminal in the external recording medium, and feeding back to the sixth step, if it is determined that the external information is not recorded in the external recording medium in step 6; As shown in FIG.

If the access terminal is determined to be in a hacking state by the operation terminal in the fifth step, the sensor module unit is initialized to be inactivated for a unit time, and the seventh step is performed; As shown in FIG.

According to the present invention having the above-described configuration, when another unauthorized object is accessed (hacked) to each object constituting the object Internet, the function of the hacked object is temporarily stopped or initialized for a predetermined period of time, There is an advantage in that security can be maintained at the center.

In addition, according to the present invention having the above-described structure, the address of an object to be accessed can be seen by classifying the access right of an object that is attempting to unauthorizedly access (hack) It is advantageous to invalidate the repetitive hacking such as the DODOS.

FIG. 1 is a block diagram of a device access control system for securing an object Internet terminal according to an embodiment of the prior art.
FIG. 2 is a detailed functional configuration diagram of an authentication device for securing an object Internet terminal according to an embodiment of the prior art.
3 is a functional block diagram illustrating a device access control system for object Internet terminal security according to an embodiment of the present invention.
4 is a detailed functional configuration diagram illustrating an operating terminal according to an embodiment of the present invention,
FIG. 5 is a flowchart illustrating a method of operating a device access control system for securing a destination Internet terminal according to an embodiment of the present invention.
FIG. 6 is a functional block diagram illustrating the main components of the Internet of Things for the purpose of illustrating an embodiment of the present invention.
FIG. 7 is an explanatory diagram of an embodiment of the present invention,
8 is a functional block diagram for explaining a state in which each sensor device provided in a vehicle uses a can communication method and a can communication method according to an embodiment of the present invention,
Fig. 9 is a functional block diagram for explaining a state in which the present invention is also used in a vehicle using a CAN communication method and an Ethernet communication method,
10 is a functional block diagram for explaining a concept of a control method of a memory by an MMU according to an embodiment of the present invention.
And
11 is a detailed functional block diagram of an MPU for protecting a memory according to an embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The present invention is capable of various modifications and various embodiments, and specific embodiments are illustrated in the drawings and will be described in detail in the detailed description. It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the accompanying drawings.

In the description of the present invention, access, connection, contact, and connection means a state in which an information signal can be transmitted and received. It is selectively used in accordance with the context, and a state in which an unauthorized access is attempted is expressed as a state of hacking do.

FIG. 3 is a functional block diagram illustrating a device access control system for securing a destination Internet terminal according to an embodiment of the present invention. FIG. 4 is a block diagram illustrating a detailed function configuration .

The device access control system 1000 for securing the object Internet terminal includes an operation terminal 1100, an access terminal 1200, an object communication network 1300, and a management terminal 1400. [ .

The operating terminal 1100 may include one or more sensor devices and each sensor device may measure temperature, humidity, current, speed, position coordinate, distance, And a module unit configuration including any one or more of a wide variety of sensor devices such as a state detection, a switch for ON / OFF control, a brightness measurement, a voltage level measurement, a current level measurement, a channel detection and the like.

Each sensor device may include an intelligent sensor device that can operate and transmit or receive a measured or detected data signal to a designated counterpart.

Also, the operating terminal 1100 may be a single sensor device.

The operating terminal 1100 may include one or more terminals and may have a similar configuration to the access terminal 1200 and the management terminal 1400. Therefore, the access terminal 1200 and the management terminal 1400 may be one or more than one.

The operation terminal 1100 includes an object communication unit 1110, an object control unit 1120, an authentication level extracting unit 1130, a setting level recording unit 1140, an external recording unit 1150, a logical address setting unit 1160, A setting unit 1170, and a sensor module unit 1180.

The object communication unit 1110 is connected to the object communication network 1300 and transmits and receives an information signal composed of data according to a corresponding control signal of the object control unit 1120. [

W-CDMA, TRS, WiFi, ZigBee, Bluetooth, and the like may be connected to the object communication unit 1110 and the object communication network 1300 through any one or more of wired communication and wireless communication methods. FM, SSB, optical communication, and the like.

The object control unit 1120 connects to the object communication unit 1110 and controls transmission and reception of information signals. If it is determined that the access terminal 1200 tries to connect or hack to a sensor device to which access is not permitted, Initialization is set so that it is inactivated for a unit time.

The object control unit 1120 sets the access level of the access terminal 1200 that attempts to hack to a default level and records the control level to each functional unit provided in the operation terminal 1100, do.

The default level is that there is no access privilege at all and the sensor device has no address (add.) For the connection, or when the address to connect to is not visible or the address to connect is specified, It is described as being not connected or assigned.

The authentication level extractor 1130 analyzes the identification (ID) signal and the access request signal received from the access terminal 1200 according to the corresponding control signal of the object controller 1120, And the value information of the set access level.

The set level register 1140 is connected to the access terminal 1200 via the connection of the sensor device designated by the control terminal of the object control unit 1120, Store the list in the allocated area. That is, the access list of the sensor devices which are allowed to access for each access level is recorded and stored.

According to an embodiment, the access level can be divided into four levels. The first level is an administrator level that allows access to or access to all the sensor devices with the highest authority level, The second level is a root level that can be connected to a limited range of sensor devices at a high level in the following order and the third level is a user who can connect to any one or more sensor devices specified as the lowest level, Level and the fourth level is a default level that blocks access to the sensor device at the level specified by the guest or hacking.

It should be appreciated that the access level may be increased or decreased as needed, and the setting level recording unit 1140 records and stores the access list of the first level, the second level, and the third level according to an embodiment, Level connection list may be recorded and stored in the external recording unit 1150 and the fourth-level connection list may be stored in the setting level recording unit 1140 if necessary.

The external recording medium 1150 stores the ID information of the access terminal 1200 which is disconnected from the sensor device by the control signal of the object control unit 1120 and the ID of the access terminal 1200 determined to be hacked (ID) information is set to the default level together with the history information and the time information, and is stored in the allocated area. The history information includes the time, location, number and method of hacking attempt, and the time information includes time information of the attempted hacking. Other information may be added or excluded from the history information and time information as needed.

The logical address setting unit 1160 analyzes the ID and access request signal of the access terminal 1200 connected by the corresponding control signal of the object control unit 1120 and analyzes the self-stored management information, The access point 1140 searches the access list of the sensor device that permits the access level to access and allocates and designates a logical address that can be connected to the sensor device that is allowed to access according to the access list.

When the access terminal 1200 connected in the logical address setting unit 1160 determines that the terminal is not a terminal authenticated as a connection or has been hacked in the past, a logical address corresponding to a fourth level is allocated.

The physical address setting unit 1170 inputs a logical address from the logical address setting unit 1160 according to a corresponding control signal of the object control unit 1120 and outputs a physical address corresponding to the logical address and physically connected to the sensor device, To operate in an active state in which signal transmission is possible.

That is, when the access terminal 1200 includes a step of searching for a connection list of the setting level recording unit 1140, the access terminal 1200 needs to be assigned a logical address for accessing and connecting to the sensor device, This is an advantage of security processing.

The sensor module unit 1180 includes one or more sensor devices set and distinguished in an active state or a non-active state according to a corresponding control signal of the object control unit 1120, And outputs information detected (measured) by the connected sensor device.

The sensor module unit 1180 may be composed of one sensor device, and may be composed of a plurality of sensor devices such as two or three or more sensor devices if necessary.

Therefore, it can be described that the sensor module unit 1180 is set to the activated or deactivated state to set the sensor devices 1181 and 1182 in the activated or deactivated state.

That is, when the sensor module unit 1180 includes a plurality of sensor devices such as the first sensor device 1181, the second sensor device 1182, and the like, each sensor device is selectively controlled to be in an activated or deactivated state .

It is relatively preferable to select any one of the values in the range of 1 second to 6 seconds and to select the value of 3 seconds as the unit time set in the non-active state.

That is, when the sensor module unit or the sensor device is confirmed to be attempted to connect from an access terminal not granted (granted) according to an exemplary embodiment for a predetermined unit time, the sensor module unit or the sensor device may be set to an inactive state for 3 seconds to be initialized.

That is, if the access terminal is inactivated and deactivated for 3 seconds, the hacking attempt of the access terminal is stopped for 3 seconds, and after 3 seconds, the entire process must be repeated again, thereby making it possible to disable the hacking attempts such as DDos and the like.

If the inactivation unit time is set to 2 seconds or less, the hacking attempt may be repeated rapidly, so that the load of the entire system may increase and the operation may become unstable. If the time is set to 4 seconds or more, This may not be economical.

The access terminal 1200 includes a smart phone, a personal computer (PC), and a dedicated data terminal in a similar configuration to the operation terminal 1100.

The object communication network 1300 includes a wireless communication network and a wired communication network. The wireless communication network includes all wireless communication methods known as CDMA, W-CDMA, TRS, WiFi, ZigBee, Bluetooth, FM, SSB, optical communication, Any one or more than one or two or more of them can be constituted.

Currently, the Internet is known to use about 2 billion people, and IBM expects the future of the Internet (IoT) by estimating that about 20 billion devices will be connected to the Internet by 2020 .

FIG. 6 is a functional block diagram for explaining major components of the Internet of things to illustrate an embodiment of the present invention.

6, the Internet (IoT) consists of four components. The components are four things: Internet hardware, Internet software for objects, wireless communication network, and service.

The Internet has been under the name of USN (Ubiquitous Sensor Network) since the beginning of 2000, and it has been researched and developed by IoT Hardware, IoT Software, Wireless Communication, , But it is not defined as a clear standard since the viewpoints of developers, providers, and users are different from each other.

The object Internet hardware includes a control unit (CPU), a memory, a sensor device, and the like. The Internet software includes firmware, software and the like. The wireless communication includes CDMA, W-CDMA, Wi-Fi, Bluetooth, NFC ), ZigBee, and the like, and the service analyzes the data (information) secured from the object Internet to provide a customized service to the user.

Although the Internet of things has been used only for the sensing of information (data), recently combined with other technologies, the field of application has widened by combining with smart device technology in particular.

Examples of such Internet applications include healthcare, home services, smart cities, smart cars, and the like.

The healthcare application field of the Internet is relatively active research and development, and sensor devices that utilize wireless communication networks such as Zigbee, WiFi, Bluetooth, and NFC have been researched and developed .

The home service application field of the Internet can be checked and controlled from the outside by using a smart phone as well as lighting, gas, boiler, washing machine, air conditioner and crime prevention inside the house and buildings.

The application of Smart City in the Internet of things improves the quality of citizen's life by speedily, fairly and accurately handling civil affairs such as improving the safety of citizens, shortening the response time to emergencies, speeding up traffic control, etc. Rio de Janeiro City of Brazil is one of the official smart cities.

The smart car application field of the Internet is to allow communication between the sensor device and the sensor device, and the smart car is also called a connected car.

Smart car applications are currently being actively researched and are expected to become popular in most automobiles from around 2020.

FIG. 7 is an explanatory diagram of a sensor device configuration state used in a smart car application field for explaining the present invention as an embodiment.

7, a sensor device installed in a vehicle includes a vehicle position sensor, a radar sensor, a waterproof windshield, a steering angle sensor, a fire detection sensor, a vehicle speed sensor, an acceleration sensor, There are an interval sensor, a front obstacle sensor, a lateral obstacle sensor, a rear obstacle sensor, a headlight artificial intelligence sensor, an automatic steering sensor, an operation state sensor, a tire air pressure sensor and an inside door lock sensor. Must be interconnected and communicated. On the other hand, vehicle sensor devices will be developed more and will be installed or equipped in vehicles.

The application of smart cars in the internet of the Internet includes networking, SoC, and embedded technology. Can (CAN) communication method is mainly used in the vehicle, and various communication methods such as LIN (Local Interconnect Network) and FlwxRay are used .

CAN (Controller Area Network) communication method was first developed in 1985 by Bosch for vehicle network.

In the initial vehicle, the number of electronic devices provided was not so large, so that a point-to-point wiring scheme was used for wiring between the electronic device and the electronic device. As a result, In order to solve some of these problems, CAN communication technology was developed. In 1993, ISO developed the international standard (ISO 11898 In 1994, several high-level protocols were standardized.

CAN communication technology is the most common application of in-vehicle electronic networking. It was originally developed for use in automobiles, but it is also applied to aerospace applications such as railway applications and aircraft, as well as status sensors, navigation and cockpit research PCs. Is gradually getting larger.

8 is a functional block diagram for explaining a state in which each sensor device provided in a vehicle uses a can communication method and a can communication method according to an embodiment of the present invention.

8, the sensor devices provided in the vehicle should be controlled and monitored for normal operation and transmit and receive corresponding information, if necessary.

Therefore, a state in which the CAN communication method is not used is shown in (a) in which the sensor devices are connected to each other and concentratedly connected to the control unit, so that the number of wires is large and complicated.

On the other hand, the state in which each sensor device is connected using the CAN communication system is shown in (b).

As the proportion of the sensor devices in the vehicle increases, it is called as smart car, and can communication method of smart car becomes very important.

However, due to various communication methods such as CAN, LIN, and FlwxRay in the network communication method of the vehicle, heterogeneity of the vehicle network system has occurred, and the cost, complexity, inefficiency of network communication, etc. (Ethernet) has attracted attention as a next-generation vehicle network alternative that solves some of these problems.

The CAN communication method has a relatively strong characteristic of noise, but has a disadvantage over the Ethernet communication method at the data transmission speed.

Ethernet (Ethernet) communication method is similar to CAN communication method, it can reduce the weight of wiring or communication cable inside the vehicle, which contributes to the weight reduction of the overall vehicle weight, the communication speed is high, and the network connection is easy .

In general, the car can network system applied to automobiles has a maximum transmission rate of 24.5 Mb / sec. However, current Ethernet technology is expected to be able to transmit data at 100 Mb / s and to be further improved.

By attaching an Intelligent Antenna Module to the vehicle's Ethernet network, various electronic devices can be connected to the infotainment system of the vehicle without a separate connection device.

For example, the music stored in the smart phone can be reproduced in the car audio, and the car management information can be directly transmitted to the smartphone without connecting the portable terminal to the vehicle using the wiring (cable). In addition, it is possible to increase the availability of the remote lock and control device, and in particular, it is possible to construct an energy efficiency management system when applied to an electric vehicle.

Therefore, a technology that combines a CAN communication method and an Ethernet communication method in a car network of a smart car is being developed.

Fig. 9 is a functional block diagram for explaining a state in which the present invention is used according to an embodiment, and both a CAN communication system and an Ethernet communication system are commonly used in a vehicle.

9, a sensor device, which is installed in a vehicle and can be relatively low in data transmission speed without being greatly affected by noise, is connected by a can communication method, and is connected to a sensor The device is connected by Ethernet communication method.

On the other hand, since the smart car is a mobile device, a wireless communication method should be used in order to connect to and communicate with various sensor devices provided in a smart car, and a wireless communication method is generally relatively vulnerable to security.

That is, there is a problem that unintended information such as a smart car according to an example can be leaked or modulated by hacking on the object Internet.

In order to compensate for this problem, it is possible to use the encryption technology using the software and the protocol of the specific algorithm, but it requires more advanced technology because it can be attacked by the hackers and released from security.

Technology that combines software and hardware with improved security has been reported, but it is relatively expensive and complicated in configuration.

In general, the hardware of the Internet (IoT) consists of an 8-bit microcontroller unit (MCU) whose performance is lower than that of a maker ARM company, and the speed of development of encryption technologies and protocol security algorithms It is getting faster.

On the other hand, since 8-bit MCUs are limited in function, there is a possibility of overload of software, and it is difficult to find a new software solution (solution).

The present invention improves the security based on the hardware configuration, so that it can safely cope with intrusion of a hacker and has an advantage in terms of price and function by using the MPU (Memory Protection Unit) of the model name Cortex-M4.

The hardware security algorithm proposed in the present invention uses a trust zone, a memory management unit (MMU), and a memory protection unit (MPU).

The Trust Zone method is divided into security world and normal world. Important application technology and information are operated in the security world, and software is designed as a hardware designed to operate in the normal world. .

The Trust Zone method is a relatively safe method because it builds a reliable platform using minimum hardware configuration and software configuration, and provides security mode, non-security board and interface for connection.

10 is a functional block diagram for explaining a concept of a control method of a memory by the MMU according to an embodiment of the present invention.

Referring to FIG. 10, a control unit (CPU) accesses and controls a memory, and in order to protect information stored in a memory (Main Memory) from external unauthorized access or hacking by the MMU, It uses the address (Virtual Address) technology to protect the information stored in the memory.

On the other hand, the MMU protects the memory by controlling the input / output of the stored information by accessing a specific area of the memory by the memory address translation function.

11 is a detailed functional block diagram of an MPU for protecting a memory according to an embodiment of the present invention.

11, the memory protection unit (MPU) is a 32-bit MCU (Micro Controller Unit) of ARM Corporation, the model name is Cortex-M3, the memory protection unit is compatible with the model name M4, (Register), ALU (Arithmetic Logic Unit), CU (Control Unit) and BUS.

The characteristics of the MPU are: Harvard structure, Thumb-2 (Merged 16 / 32bit), 3-stge + Pipe line, Interrupts latency: 12 Cycles, Inter-Interrupts latency: 6 Cycles, Sleep mode: 8Region MPU, Thread Mode and Handler Mode.

FIG. 5 is a flowchart illustrating a method of operating a device access control system for securing a destination Internet terminal according to an embodiment of the present invention. Referring to FIG.

Hereinafter, a method of operating a device access control system for securing a destination Internet terminal includes an operating terminal, an object communication network, an access terminal, and a management terminal, and includes a device access control system In the operation method, if it is determined by the operation terminal that the access terminal is connected, ID information of the access terminal and the authorized access level information are extracted and the access level is checked against the access list (S100 to S120).

If it is determined that the access level is recorded in the access list, the operation terminal sets a corresponding logical address to the corresponding state (S130 to S140).

If the logical address is set, the operating terminal sets the physical address corresponding to the logical address to the activated state in which signal transmission is possible (S150 to S160).

Also, the operating terminal accesses the sensor device to which the access terminal is allowed to access and allows the retrieval of the detected information (S170).

The operation terminal confirms whether the access terminal is in a hacking state in which it tries to access a sensor device that is not allowed to access, and if it is determined that the access terminal is not in the hacking state, the operation terminal proceeds to termination (S180).

If it is determined that the access level is not recorded in the connection list, the operation terminal sets a default level in the case of being recorded in the external recording medium in comparison with the external recording medium, and then returns to the second step S140 (S130, S190, S200) .

If it is determined that the operation terminal is not recorded in the external recording medium, the ID information of the access terminal, history information and time information of the access terminal are recorded and stored in the external recording medium (S210).

If it is determined that the access terminal is in the hacking state (S180), the sensor module unit is initialized to remain inactive for a unit time (S220), and then proceeds to the seventh step (S210).

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art.

1000: Device Access Control System for Internet Terminal Security
1100: Operation terminal 1110:
1120: object control unit 1130: authentication level extracting unit
1140: setting level recording section 1150:
1160: Logical address setting unit 1170: Physical address setting unit
1180: Sensor module part 1200: Access terminal
1300: object communication network 1400: management terminal

Claims (6)

If the access terminal is determined to be hacked, it is determined whether the access terminal is authenticated and the access level. If the access terminal determines that the access terminal is hacked, One or more operation terminals for initializing and recording a unique ID of an access terminal in an external recording unit and designating an access level of the access terminal as a default level;
An object communication network which is connected to the operation terminal and establishes and provides a communication path of wired and wireless including the Internet;
One or more access terminals connected to the operation terminal through the object communication network, connected to a sensor device permitted to access according to an authenticated level, detecting and transmitting information detected by the connected sensor device; And
A management terminal for accessing the object communication network and for controlling and monitoring an authentication state and an access level for allowing the access terminal to access the operation terminal and storing the access state in an allocated area of the operation terminal; A device access control system for Internet terminal security.
The method according to claim 1,
The operating terminal
An object communication unit connected to the object communication network and transmitting and receiving an information signal according to a corresponding control signal;
And controls the transmission and reception of information signals. If it is determined that the access terminal tries to access a sensor device that is not allowed to access, the sensor device is initialized and the access level of the access terminal is set to a default level An object control unit for controlling and monitoring the entire operation by outputting a corresponding control signal to each function unit provided in the operation terminal;
An authentication level extracting unit for extracting information on whether the access permission is authorized by the management terminal and information on an access level set by analyzing the ID signal and the access request signal received from the access terminal according to the control signal of the object control unit;
A setting level recording unit for storing a connection list of a sensor device designated to be allowed to access by the access level set in the access terminal as input from the management terminal by the corresponding control signal of the object control unit; And
The ID of the access terminal whose access to the sensor device is blocked by the control signal of the object control unit and the ID information of the access terminal determined to be hacked are set to the default level together with the history information and the time information, An extracorporeal object recording unit for storing the object; And a device access control system for securing the object Internet terminal.
3. The method of claim 2,
The operating terminal
The access level of the access terminal connected by the corresponding control signal of the object control unit is checked and a connection list of the sensor device allowing the access level to access from the setting level register is retrieved, A logical address setting unit for specifying a logical address that can be connected to the sensor device;
A physical address for inputting a logical address from the logical address setting unit according to a corresponding control signal of the object control unit and setting a physical address corresponding to the logical address and physically connected to the sensor device to operate in an active state in which a signal can be transmitted, Setting section; And
A sensor module unit having one or more sensor devices set to be in an active state or an inactive state according to a corresponding control signal of the object control unit and outputting information detected by a sensor device physically connected to the physical address; And a device access control system for securing the object Internet terminal.
A method for operating a device access control system for securing an object Internet terminal, the method comprising the steps of:
A first step of extracting ID information and authenticated access level information of the access terminal and verifying whether the access level is recorded in the access list if the access terminal determines that the access terminal is connected;
If the access terminal determines that the access level is recorded in the access list by the operation terminal, designates a logical address to which the access level is connectable with the sensor device that is allowed to access and sets the logical address to the corresponding state;
A third step of checking whether the logical address is designated and set to a corresponding state by the operation terminal, and if the logical address is set, setting a physical address corresponding to the logical address to an active state enabling signal transmission;
A fourth step of allowing the access terminal to access a sensor device that is allowed to access by the operation terminal to allow retrieval of the detected information; And
Checking whether the access terminal is in a hacking state in which the access terminal tries to access a sensor device that is not allowed to access, and proceeding to the end if it is determined that the access terminal is not in the hacking state; Wherein the device access control system comprises a plurality of devices connected to the Internet.
5. The method of claim 4,
If it is determined that the access level is not recorded in the connection list in the second step, setting a default level when the access level is recorded in the extracorporeal recording unit in comparison with the extracorporeal recording unit and feeding back to the second step; And
A seventh step of recording the ID information of the access terminal, the history information and the time information of the access terminal in the external recording medium, and feeding back to the sixth step, if it is determined that the external information is not recorded in the external recording medium; The method of claim 1, further comprising the steps of:
6. The method of claim 5,
If the access terminal is determined to be in a hacking state by the operation terminal in the fifth step, the sensor module unit is initialized to be inactivated for a unit time, and the seventh step is performed; The method of claim 1, further comprising the steps of:

Images