KR20170003080A - Security device and network security management server for establishing security channel in network, and system and method of establishing security channel in network - Google Patents
Security device and network security management server for establishing security channel in network, and system and method of establishing security channel in network Download PDFInfo
- Publication number
- KR20170003080A KR20170003080A KR1020150093281A KR20150093281A KR20170003080A KR 20170003080 A KR20170003080 A KR 20170003080A KR 1020150093281 A KR1020150093281 A KR 1020150093281A KR 20150093281 A KR20150093281 A KR 20150093281A KR 20170003080 A KR20170003080 A KR 20170003080A
- Authority
- KR
- South Korea
- Prior art keywords
- security
- secure channel
- server
- network
- terminal
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to a security device for forming a network security channel, a network security management server, and a system and method for forming a network security channel using the network security management server, The present invention provides a network security management server that manages a device and a security device and provides a security channel between a server or a terminal located in a security zone and provides an encryption key for forming the secure channel, This paper presents a system and method for forming a network security channel using a server.
Description
The present invention relates to a security device for forming a network security channel, a network security management server, and a system and method for forming a network security channel using the network security management server, and more particularly, A security management server establishes a security group composed of a plurality of servers or terminals included in a security section on a network to form a secure channel for encrypting data transmitted through the security device between servers or terminals included in the security group It is about the plan.
The development of ICT technology has contributed to improving the efficiency of business enterprises. For example, employees can communicate simultaneously via e-mail or instant messaging over an internal network, and by sharing business data files, paper documents are replaced with electronic documents, speeding up business processes and reducing business costs.
Furthermore, since a virtual private network (VPN) is provided as a corporate communication service that can greatly reduce a circuit cost by using a public network such as an Internet network as a private network, it is possible to connect a plurality of enterprise points located in a remote location or in other countries FIG. 1 shows a network configuration using a virtual private network.
The server or
Securing the network in such a business environment is a very important issue, and as the dependency on ICT technology continues to increase, there is a growing need to protect digital assets in these networks.
In the case of the virtual private network of FIG. 1, although the security is enhanced by transmitting encrypted data through tunneling through the
Therefore, there is an urgent need for a plan to strengthen the security of the internal network of the network.
SUMMARY OF THE INVENTION It is an object of the present invention to provide a security method for protecting digital assets in a network in a business environment using ICT technology.
In particular, we propose a solution to prevent the leakage of corporate data by solving the problem that malicious hacker can easily cause destruction or misdirection of corporate data when intruding into company's internal network.
According to an aspect of the present invention, there is provided a security device for establishing a network security channel, the security device comprising: a server or a terminal directly connected to a server or a terminal included in a security group set by a network security management server, Receiving a cryptographic key generated by the network security management server to form a secure channel with the other server or the other terminal included in the security group, encrypting data of the server or the terminal with the cryptographic key, And forming a secure channel for encrypted data transmission with the other terminal.
Preferably, the security device comprises: a physical network interface for connecting a server or a terminal on a network; A virtual interface generating unit for generating a virtual interface for forming a secure channel with the other security apparatus connected to the other server or the other terminal included in the security group; And an encryption module that receives the encryption key corresponding to the secure channel from the network security management server and encrypts or decrypts data transmitted or received through the virtual interface.
More preferably, the physical network interface includes at least one terminal port to which a server or a terminal is connected; A network port to which a network is connected, and the virtual interface may connect one or more servers or terminals connected to the physical network interface to an end of a secure channel.
Furthermore, the virtual interface generation unit may form a plurality of security channel terminals by generating individual virtual interfaces for each of a plurality of servers or terminals connected to the physical network interface.
Alternatively, the virtual interface generation unit may form one virtual channel end by creating one virtual interface corresponding to a plurality of servers or terminals connected to the physical network interface.
In addition, the network security management server for forming a network security channel according to the present invention may select a plurality of servers or terminals included in a security interval on a network to set a security group, A secure key for transmitting encrypted data between the server or the terminal by providing a cryptographic key corresponding to the secure channel to a server included in the security group or a security device directly connected to the terminal, .
Preferably, the network security management server includes: a security group management unit for selecting a plurality of servers or terminals included in a security interval on a network to set a security group; Establishing a secure channel between a server or a terminal included in the security group and providing a cryptographic key corresponding to the secure channel to a security device installed at the end of the secure channel to form a secure channel for data transmission between the server and the terminal A security device manager; And an encryption key management unit for generating and managing an encryption key corresponding to the secure channel.
Further, the security group management unit registers identification information of a server or a terminal included in the security group, and the security management unit authenticates a server or a terminal to be connected to the secure channel based on the identification information of the server or the terminal, The server or the security device connected to the terminal.
Preferably, the security device management unit establishes a security policy for a secure channel, provides the security policy to the security device to form a secure channel according to the security policy, and transmits status information from the security device forming the secure channel And can monitor the secure channel by receiving it.
Further, the security group management unit sets a plurality of security groups corresponding to a plurality of security intervals on the network, and the security apparatus management unit can set one or more security channels for each security group.
The network security system according to the present invention may include a plurality of the security devices, and may include the network security management server.
According to another aspect of the present invention, there is provided a method for forming a network security channel, the method comprising: setting a security group by selecting a plurality of servers or terminals included in a security zone on a network; Setting a security channel between the network security management server and a server or a terminal included in the security group; And a cryptographic key providing step of providing a cryptographic key corresponding to the secure channel to a security device installed at the end of the secure channel and connecting the server or the terminal to the network, And a secure channel for transmitting data encrypted with the encryption key is formed between a security device installed at the end and a security device installed at the other end of the secure channel.
The secure channel setting step may include: receiving a secure channel request information from the server or the terminal through the security device; An authentication step of checking whether the security group is included in the security group based on the channel request information and authenticating the security group; A secure channel setting step of establishing a secure channel between the security device connected to the server or the terminal and the other security device connected to the other server or the other terminal based on the secure channel request information; And an encryption key generation step of generating an encryption key corresponding to the secure channel.
More preferably, the secure channel setting step may include setting a security channel between a security device connected to the server or the terminal and the other security device connected to the other server or the other terminal by combining a plurality of servers or terminals included in the security group A channel setting step; An encryption key generation step of generating an encryption key corresponding to the secure channel; A secure channel request receiving step of receiving secure channel request information from the server or the terminal through the security device; And an authentication step of checking whether the security group is included in the security group based on the channel request information, authenticating the security channel, and confirming the corresponding security channel.
In addition, the security group setting step receives and registers the identification information of the server or the terminal from the security device connected to the server or the terminal included in the security group, and the authentication step registers, A server or a terminal requesting authentication can be identified and authenticated.
The security channel setting step sets a security policy for the secure channel, and the cryptographic key providing step may include a step of providing information on the other server or the other terminal forming the end of the secure channel, Security policy can be provided.
The secure channel monitoring step may further include receiving status information from the security device forming the end of the secure channel, and monitoring the secure channel based on the status information.
According to another aspect of the present invention, there is provided a method for forming a network secure channel, the method comprising: requesting a secure channel to a network security management server by a security device connecting a server or a terminal to a network; A virtual interface generation step in which the security device receives a cryptographic key from the network security management server and generates a virtual interface forming an end of a secure channel; And a security channel forming step of forming a secure channel with the other security device forming the other end of the secure channel by the security device.
Preferably, the security channel request step includes a step of requesting a security channel to be established between one or more servers or terminals connected to a physical network interface, Request information to the network security management server.
Further, the secure channel request step may generate a plurality of security channel request information corresponding to a plurality of servers or terminals connected to the physical network interface, and the virtual interface generating step may generate a plurality of security channel request information And generates a plurality of virtual interfaces forming a plurality of secure channel ends corresponding to the plurality of servers or terminals, respectively.
The secure channel request step generates one piece of security channel request information corresponding to a plurality of servers or terminals connected to the physical network interface, And one virtual interface forming one secure channel end corresponding to the plurality of servers or the entire terminals can be created.
In the virtual interface generation step, the security policy for the secure channel is provided from the network security management server, and a virtual interface may be created according to the security policy.
Preferably, the physical network interface of the security device receives data transmitted from the server or the terminal. Transmitting data received through the physical network interface to a virtual interface generated in the security device, encrypting the encrypted data with the encryption key through the encryption module of the security device, and transmitting the encrypted data to the physical network interface; And transmitting the encrypted data to the secure channel by the physical network interface.
More preferably, the physical network interface of the security device receives encrypted data transmitted over the secure channel; Transmitting encrypted data received through the physical network interface to a virtual interface generated in the security device, decrypting the decrypted data with the encryption key through the encryption module of the security device, and transmitting the decrypted data to the physical network interface; And transmitting the decrypted data to the server or the terminal by the physical network interface.
According to the present invention, a security channel can be selectively formed if necessary through a security device and a network security management server to prevent malicious third parties from accessing data transmitted through an internal network, thereby preventing data leakage do.
Furthermore, a security device for forming a secure channel can be installed in a modular or external form that can be installed in a server or a terminal, thereby facilitating disconnection or replacement of a server or a terminal requiring formation of a secure channel.
It is possible to form a separate security channel for each of a plurality of servers or terminals by a single security device or to form a single common security channel for a plurality of servers or terminals as needed, It is possible to facilitate expansion or change.
1 illustrates a network configuration using a virtual private network,
2 is a schematic block diagram of an embodiment of a network security system for forming a network security channel by applying a security device and a network security management server according to the present invention,
FIG. 3 shows a schematic configuration diagram of an embodiment in which the present invention is applied to a virtual private network,
4 is a block diagram of an embodiment of a network security management server for forming a secure channel according to the present invention,
FIG. 5 shows a block diagram of an embodiment of a security device for forming a secure channel according to the present invention,
6 shows an embodiment in which a plurality of servers or terminals are connected to a security device according to the present invention,
FIG. 7 illustrates an embodiment of forming a secure channel by applying the security device and the network security management server according to the present invention,
Figure 8 shows a schematic flow diagram of an embodiment of a method for forming a network secure channel according to the present invention,
9 is a flowchart illustrating a method for establishing a secure channel and providing a cryptographic key in the network secure channel forming method according to the present invention,
10 is a flowchart illustrating a method for establishing a secure channel and providing a cryptographic key in the network secure channel forming method according to the present invention,
11 is a flowchart illustrating a method of forming a secure channel by connecting a plurality of servers to a security device in a network security channel forming method according to the present invention,
FIG. 12 illustrates an embodiment of a method for replacing a server connected to a security device in a network security channel forming method according to the present invention.
BRIEF DESCRIPTION OF THE DRAWINGS The above and other objects, features and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings.
First, the terminology used in the present application is used only to describe a specific embodiment, and is not intended to limit the present invention, and the singular expressions may include plural expressions unless the context clearly indicates otherwise. Also, in this application, the terms "comprise", "having", and the like are intended to specify that there are stated features, integers, steps, operations, elements, parts or combinations thereof, But do not preclude the presence or addition of features, numbers, steps, operations, components, parts, or combinations thereof.
In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.
The present invention relates to a security device that is directly connected to a server or a terminal to form a secure channel between a server and a terminal and a secure key between a server or a terminal located in a security section while managing the security device, The present invention also provides a system and method for forming a network security channel using the security device and the network security management server.
FIG. 2 is a schematic block diagram of an embodiment of a network security system for forming a network security channel by applying a security device and a network security management server according to the present invention.
In the present invention, the security device may be implemented as a module that is detachably installed inside a server or a terminal, or may be implemented as an external device installed outside a server or a terminal. FIG. 2 (a) FIG. 2B illustrates an embodiment of a network security system in a case where a security device is implemented externally according to an embodiment of the present invention. Respectively.
The network security system according to the present invention includes a plurality of
In the present invention, the
The
The
The network
2, the network
At this time, data transmission / reception is performed between the
Furthermore, the network security system according to the present invention can be applied to a virtual private network. In this regard, FIG. 3 shows a schematic configuration diagram of an embodiment in which the present invention is applied to a virtual private network.
In the case of applying to the virtual private network, the basic configuration is similar to the embodiment of FIG. 2 described above. On the
If the
When a secure channel is required between the
That is, by forming a secure channel directly connected between the
Hereinafter, the network security management server and the security device according to the present invention will be described in further detail.
4 is a block diagram of an embodiment of a network security management server for forming a secure channel according to the present invention.
The network
Referring to each configuration of the network
Also, the security
The security
In particular, the security
Also, the security
In addition, the secure
The security
The encryption
FIG. 5 shows a block diagram of an embodiment of a security device for forming a secure channel according to the present invention.
The
The
For example, when the
The virtual
Here, the virtual
For example, when a plurality of servers or terminals are connected to the
Further, even when a plurality of servers or terminals are connected to the
6, in the
In FIG. 6B, although two
In this way, a plurality of servers or terminals can be connected to the
5, the
To this end, the virtual interface forming the end of the secure channel is transmitted from the other server or the other terminal to the secure channel, and all the encrypted data received through the
In addition, the virtual interface receives all data to be transmitted from the server or the terminal to the other server or the other terminal through the secure channel from the
In the present invention, the security device as described above may be connected to a server or a terminal, or a plurality of security devices may be installed on a network by connecting a plurality of servers or terminals, Channel can be formed and managed by managing the entire network security system. An example of forming a secure channel by applying the security device and the network security management server according to the present invention shown in FIG. .
The network
Each of the
The
The
7, the network
In addition, the present invention proposes a method for forming a network security channel by applying the network security system. The method for forming a network security channel according to the present invention includes: And a process of forming a network security channel on the side of the device.
First, a schematic process of forming a network security channel in the aspect of a network security management server comprises: a security group setting step of setting a security group by selecting a plurality of servers or terminals included in a security section on a network; Setting a security channel between the network security management server and a server or a terminal included in the security group; And a cryptographic key providing step in which the network security management server is installed at the end of the secure channel and provides a cryptographic key corresponding to the secure channel to a security device connecting the server or the terminal to the network, A secure channel for transmitting data encrypted with the encryption key may be formed between a security device installed at one end of the secure channel and a security device installed at the other end of the secure channel.
Next, a schematic process of forming a network secure channel in the aspect of a security device includes a secure channel request step in which a security device connecting a server or a terminal to a network requests a secure channel to the network security management server; A virtual interface generation step in which the security device receives a cryptographic key from the network security management server and generates a virtual interface forming an end of a secure channel; And a secure channel forming step of forming a secure channel with the other security device forming the other end of the secure channel.
Hereinafter, a method for forming a network security channel according to the present invention will be described with reference to embodiments of a process of integrating aspects of a network security management server and a security device.
FIG. 8 shows a schematic flow diagram of an embodiment of a method for forming a network secure channel according to the present invention.
When the
Similarly, when the
The network
The network
When the secure channel is set and a corresponding encryption key is provided from the network
When a secure channel is formed between the
9 and 10, a process of setting a secure channel and providing a cryptographic key in the network secure channel forming method according to the present invention will be described in further detail with reference to FIGS. 9 and 10. FIG. 8, the process of establishing a secure channel (S200) to the process of forming a secure channel (S350) may be the same as the embodiment of FIG.
In the first embodiment of FIG. 9, the network
In response to the secure channel request from the
Then, the security apparatuses A 100a and
When a virtual interface is generated in each of the security apparatuses A 100a and
In the second embodiment of FIG. 10, the network
In accordance with the secure channel request (S270) from the security device A (100a), the server A connected to the security device A (100a) is confirmed or if necessary, the security device A (100a) (S300a), and the security device B (S300b), which is the other party, also detects the security channel between the server A and the counterpart server B, And provides an encryption key (S300b). At this time, the network
The process of creating a virtual interface (S310a, S310b) and forming a secure channel (S350) is the same as that of the first embodiment shown in FIG. 9 described above, so a description thereof will be omitted.
In addition, in the present invention, a plurality of servers or terminals are connected to one security device to form a secure channel end for each of a plurality of servers or terminals in one security device. In this regard, A method of forming a channel, a plurality of servers are connected to a security device to form a secure channel.
11A shows a case where a
11B shows a case where a secure channel is formed for each of the
When the
In addition, the network
11C shows a case where one security channel for the
When the
As described above, according to the present invention, a single secure device can form a separate secure channel for each of a plurality of servers or terminals, or a single common secure channel can be formed for a plurality of servers or terminals, if necessary.
In the present invention, the security device is directly connected to the server or the terminal in a modular or external form, so that it is possible to simply disconnect the server or the terminal through the physical network interface of the security device, In this regard, FIG. 12 illustrates an embodiment of a method for replacing a server connected to a security device in a network security channel forming method according to the present invention.
12, when the
When the
Then, when a
As described above, in the present invention, connection or disconnection of a server or a terminal is easily performed in a security device, so that a server or a terminal located in a security zone can be easily replaced or changed.
The foregoing description is merely illustrative of the technical idea of the present invention, and various changes and modifications may be made by those skilled in the art without departing from the essential characteristics of the present invention. Therefore, the embodiments of the present invention are not intended to limit the scope of the present invention but to limit the scope of the present invention. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents thereof should be construed as being included in the scope of the present invention.
10a, 10b, 10c, 10d, 10e, 10f: server,
31: Secure channel,
33, 35: general channel,
100, 100a, 100b, 100c: security device,
110, 110a, 110b: physical network interface,
130: virtual interface generation unit,
150, 150a, 150b: an encryption module,
200: network security management server,
210: security group management unit,
230: security device manager,
250: Cryptographic key management section.
Claims (24)
Receiving a cryptographic key generated by the network security management server to form a secure channel with the other server or the other terminal included in the security group, encrypting data of the server or the terminal with the cryptographic key, And forming a secure channel for encrypted data transmission with the other terminal.
The security device comprises:
A physical network interface for connecting a server or terminal on a network;
A virtual interface generating unit for generating a virtual interface for forming a secure channel with the other security apparatus connected to the other server or the other terminal included in the security group; And
And a cryptographic module for receiving a cryptographic key corresponding to the secure channel from the network security management server and encrypting or decrypting data transmitted or received through the virtual interface. .
The physical network interface comprises:
One or more terminal ports to which a server or terminal is connected; A network port to which the network is connected,
The virtual interface includes:
Wherein one or more servers or terminals connected to the physical network interface are connected to the end of the secure channel.
Wherein the virtual interface generation unit comprises:
Wherein a plurality of security channel terminals are formed by creating individual virtual interfaces for each of a plurality of servers or terminals connected to the physical network interface.
Wherein the virtual interface generation unit comprises:
Wherein one end of a secure channel is formed by creating one virtual interface corresponding to a plurality of servers or terminals connected to the physical network interface.
And forming a secure channel through which encrypted data is transmitted between the server or the terminal by providing a cryptographic key corresponding to the secure channel to a server included in the security group or a security device directly connected to the terminal, Network security management server to do.
Wherein the network security management server comprises:
A security group manager configured to select a plurality of servers or terminals included in a security section on a network to set a security group;
Establishing a secure channel between a server or a terminal included in the security group and providing a cryptographic key corresponding to the secure channel to a security device installed at the end of the secure channel to form a secure channel for data transmission between the server and the terminal A security device manager; And
And an encryption key management unit for generating and managing an encryption key corresponding to the secure channel.
The security group management unit,
Registering identification information of a server or a terminal included in the security group,
The security device management unit,
A server or a terminal to be connected to the secure channel based on the identification information of the server or the terminal and provides the encryption key to the security server connected to the authenticated server or the terminal.
The security device management unit,
Establishing a security policy for the secure channel, providing the security policy to the security device to form a secure channel according to the security policy, and monitoring the secure channel by receiving the status information from the security device forming the secure channel A network security management server for forming a network security channel characterized by:
The security group management unit,
A plurality of security groups are set corresponding to a plurality of security intervals on the network,
The security device management unit,
And establishes one or more security channels for each security group.
11. A network security system comprising a network security management server according to any one of claims 6 to 10.
Setting a security channel between the network security management server and a server or a terminal included in the security group; And
And providing a cryptographic key corresponding to the secure channel to a security device installed at the end of the secure channel and connecting the server or the terminal to the network,
Wherein a secure channel for transmitting data encrypted with the encryption key is formed between a security device installed at one end of the secure channel and a security device installed at the other end of the secure channel.
The secure channel setting step may include:
A secure channel request receiving step of receiving secure channel request information from the server or the terminal through the security device;
An authentication step of checking whether the security group is included in the security group based on the channel request information and authenticating the security group;
A secure channel setting step of establishing a secure channel between the security device connected to the server or the terminal and the other security device connected to the other server or the other terminal based on the secure channel request information; And
And generating an encryption key corresponding to the secure channel.
The secure channel setting step may include:
A security channel setting step of establishing a security channel between a security device connected to the server or the terminal and the other security device connected to the other server or the other terminal by combining a plurality of servers or terminals included in the security group;
An encryption key generation step of generating an encryption key corresponding to the secure channel;
A secure channel request receiving step of receiving secure channel request information from the server or the terminal through the security device; And
And confirming whether the security channel is included in the security group based on the channel request information, and authenticating the corresponding security channel.
The security group setting step includes:
Receiving identification information of the server or the terminal from a security device connected to the server or the terminal included in the security group,
Wherein the authentication step comprises:
And a server or a terminal requesting a secure channel is identified and authenticated based on the registered identification information.
The secure channel setting step may include:
Setting a security policy for the secure channel,
The encryption key providing step may include:
Wherein the information about the other server or the other terminal forming the end of the secure channel or the other security apparatus connected thereto is provided with the security policy.
Further comprising a secure channel monitoring step of receiving status information from the security device forming the end of the secure channel and monitoring the secure channel based on the status information.
A virtual interface generation step in which the security device receives a cryptographic key from the network security management server and generates a virtual interface forming an end of a secure channel; And
And forming a secure channel with the other security device forming the other end of the secure channel by the security device.
The secure channel requesting step includes:
The security device identifies a server or a terminal that is required to form a secure channel among one or more servers or terminals connected to a physical network interface and generates secure channel request information including identification information of the server or the terminal, To the network.
The secure channel requesting step includes:
Generates a plurality of security channel request information corresponding to a plurality of servers or terminals connected to the physical network interface,
Wherein the virtual interface generation step comprises:
A plurality of cryptographic keys corresponding to each of a plurality of secure channel request information and a plurality of virtual interfaces forming a plurality of secure channel ends corresponding to the plurality of servers or terminals, / RTI >
The secure channel requesting step includes:
Generates one security channel request information corresponding to a plurality of servers or terminals connected to the physical network interface,
Wherein the virtual interface generation step comprises:
And generates one virtual interface for providing one cryptographic key corresponding to the one secure channel request information and forming one secure channel end corresponding to the plurality of servers or the entire terminals. / RTI >
Wherein the virtual interface generation step comprises:
Receiving a security policy for the secure channel from the network security management server, and creating a virtual interface according to the security policy.
Receiving data transmitted from the server or the terminal by a physical network interface of the security device;
Transmitting data received through the physical network interface to a virtual interface generated in the security device, encrypting the encrypted data with the encryption key through the encryption module of the security device, and transmitting the encrypted data to the physical network interface; And
Wherein the physical network interface transmits data encrypted with the secure channel.
Receiving encrypted data transmitted over the secure channel by a physical network interface of the secure device;
Transmitting encrypted data received through the physical network interface to a virtual interface generated in the security device, decrypting the decrypted data with the encryption key through the encryption module of the security device, and transmitting the decrypted data to the physical network interface; And
Wherein the physical network interface transmits the decrypted data to the server or the terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150093281A KR20170003080A (en) | 2015-06-30 | 2015-06-30 | Security device and network security management server for establishing security channel in network, and system and method of establishing security channel in network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150093281A KR20170003080A (en) | 2015-06-30 | 2015-06-30 | Security device and network security management server for establishing security channel in network, and system and method of establishing security channel in network |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20170003080A true KR20170003080A (en) | 2017-01-09 |
Family
ID=57810987
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150093281A KR20170003080A (en) | 2015-06-30 | 2015-06-30 | Security device and network security management server for establishing security channel in network, and system and method of establishing security channel in network |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20170003080A (en) |
-
2015
- 2015-06-30 KR KR1020150093281A patent/KR20170003080A/en active Search and Examination
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102970299B (en) | File safe protection system and method thereof | |
US8059818B2 (en) | Accessing protected data on network storage from multiple devices | |
EP1394982B1 (en) | Methods and apparatus for secure data communication links | |
US8761401B2 (en) | System and method for secure key distribution to manufactured products | |
US9705854B2 (en) | Cryptography and key management device and architecture | |
CN113691560B (en) | Data transmission method, method for controlling data use, and cryptographic device | |
US20130332724A1 (en) | User-Space Enabled Virtual Private Network | |
US20170201382A1 (en) | Secure Endpoint Devices | |
CN102006276B (en) | Licensing and certificate distribution via secondary or divided signaling communication pathway | |
US20170279807A1 (en) | Safe method to share data and control the access to these in the cloud | |
CN109891423B (en) | Data encryption control using multiple control mechanisms | |
US11799844B2 (en) | Secure communication network | |
CN105027493A (en) | Secure mobile app connection bus | |
JP2023514736A (en) | Method and system for secure communication | |
US9015825B2 (en) | Method and device for network communication management | |
US20070179907A1 (en) | Security bootstrapping for distributed architecture devices | |
CN105763318A (en) | Pre-shared key obtaining method, pre-shared key distribution method and pre-shared key distribution device | |
JP2007318806A (en) | Method for securing data traffic in mobile network environment | |
CN100499453C (en) | Method of the authentication at client end | |
CN104735020A (en) | Method, device and system for acquiring sensitive data | |
US9774630B1 (en) | Administration of multiple network system with a single trust module | |
CN105099849A (en) | Method and equipment for establishing IPsec tunnel | |
KR20170003080A (en) | Security device and network security management server for establishing security channel in network, and system and method of establishing security channel in network | |
US11968302B1 (en) | Method and system for pre-shared key (PSK) based secure communications with domain name system (DNS) authenticator | |
CN115835194B (en) | NB-IOT terminal safety access system and access method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AMND | Amendment | ||
E601 | Decision to refuse application | ||
AMND | Amendment |