KR101502962B1 - Black-box device for management of computers and method thereof - Google Patents
Black-box device for management of computers and method thereof Download PDFInfo
- Publication number
- KR101502962B1 KR101502962B1 KR20140161721A KR20140161721A KR101502962B1 KR 101502962 B1 KR101502962 B1 KR 101502962B1 KR 20140161721 A KR20140161721 A KR 20140161721A KR 20140161721 A KR20140161721 A KR 20140161721A KR 101502962 B1 KR101502962 B1 KR 101502962B1
- Authority
- KR
- South Korea
- Prior art keywords
- computer
- information
- data
- management
- black box
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
Abstract
A black box apparatus and method for computer management are disclosed. According to an aspect of the present invention, there is provided a black box device for managing a computer, the black box device comprising: a communication unit for collecting leakage information on data flowing out from one or more managed computers connected to an internal network through an external network; A storage unit for storing the outflow information; And a control unit for analyzing the leakage information to calculate a risk, acquiring additional information from the computer to be managed according to the risk, and storing the acquired information in the storage unit.
Description
The present invention relates to computer management, and more particularly, to a black box device and method for computer management.
In recent years, due to the development of Internet technology and computing devices, various contents can be used at any time where communication is possible, and users are feeling convenience. In addition, computing devices are used not only for the Internet or games, but also for business use by most companies.
In recent years, there has been a problem of not only malicious codes that prevent some of the software or hardware of these computing devices from functioning properly, but also malicious codes that leak important internal data to the outside. As a result, not only leakage of personal information but also security-important files are leaked to the outside, thereby increasing the damage.
In case of malicious code that leaks data to the outside, the process is driven by itself regardless of the user's command, and the internal data is leaked to a specific destination. As a result, not only personal information but also business-critical data can be leaked out, resulting in a security dangerous situation.
In addition to the leakage of such malicious code, a malicious user often leaks data directly through a communication network. Compared to malicious code, this can be a more security risk. In particular, in the case of a corporate computer, data may be leaked by other employees or outside guests while the actual user is away, and this leakage can be quite malicious and may result in a loss of security to the company do.
SUMMARY OF THE INVENTION Accordingly, the present invention has been made keeping in mind the above problems occurring in the prior art, and an object of the present invention is to provide a black box apparatus and method for managing a computer to track an outflow destination or an outflower even if data is leaked to the outside.
The present invention also provides a black box device and method for enabling further detailed computer management by additionally confirming and processing whether or not a computer user currently exists.
Other objects of the present invention will become more apparent through the following preferred embodiments.
According to an aspect of the present invention, there is provided a black box apparatus for managing a computer, the black box apparatus comprising: a communication unit for collecting leakage information on data flowing out from one or more managed computers connected to an internal network through an external network; A storage unit for storing the outflow information; And a control unit for analyzing the leakage information to calculate a risk, acquiring additional information to the management computer according to the risk, and storing the acquired information in the storage unit.
Here, the additional information may include at least one of image information captured by the managed computer and information of a processor attempting data leakage.
The risk may be calculated using at least one of a source, an outflow data, and a user existence of the computer to be managed.
The control unit may further include a beacon unit for transmitting a specific signal, wherein the control unit confirms whether or not a computer user exists as to whether or not the user terminal corresponding to the management target computer previously received the specific signal, The above risk can be calculated.
According to another aspect of the present invention, there is provided a computer management method performed in a black box device, comprising: collecting leakage information on data flowing out from a computer to be managed through a communication network; Analyzing the outflow information to calculate a risk; And acquiring and storing additional information in the management subject computer when the risk level is equal to or greater than a predetermined value, and a recording medium on which a program for executing the method is recorded.
Transmitting a specific signal periodically including unique identification information to a local area communication; And checking whether there is a computer user as to whether or not the user terminal corresponding to the management target computer has received the specific signal in advance, and calculate the risk level to correspond to the confirmed result.
The method may further include transmitting a deletion or treatment command to the processor that has attempted to leak the data to the management target computer when it is determined that the computer user does not exist and the leaked data is determined to be important data .
In addition, the additional information may include at least one of image information captured by the managed computer and information of a processor attempting data leakage.
According to the present invention, when data is leaked to the outside, an outflow history or an outflower can be tracked by storing an outflow history or additional information.
In addition, according to the present invention, it is further possible to check whether a user of the computer to be managed is present at a location where the computer is located, and to process the computer in detail, thereby enabling more detailed computer management.
1 is a block diagram schematically illustrating a black box system for computer management according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a computer management process performed in a black box device according to an embodiment of the present invention; FIG.
3 is a block diagram showing a configuration of a black box device according to an embodiment of the present invention;
FIG. 4 is a block diagram illustrating a black box system for computer management according to another embodiment of the present invention; FIG.
FIG. 5 is a flowchart illustrating a risk calculating process using a beacon signal performed in a black box device according to an embodiment of the present invention. FIG.
While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail. It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like reference numerals refer to the like elements throughout the specification and claims. The description will be omitted.
1 is a block diagram schematically illustrating a black box system for computer management according to an exemplary embodiment of the present invention.
Referring to FIG. 1, the overall system according to the present embodiment includes management computers 10-1, 10-2, ..., 10-n And a
The
The managed
Hereinafter, a management method for the
2 is a flowchart illustrating a computer management process performed in the
Referring to FIG. 2, the
In addition, the
The black box can always acquire and store additional information, but according to one example, whether or not to acquire additional information may be determined depending on the risk of data leakage. The risk may vary depending on the type of data that is leaked, the amount of data, the source, the leaker, and the time when the leak was attempted. For example, if a high-volume document file is leaked to a competitor, the risk may be high.
As described above, the
If the risk is less than a predetermined value, the
Hereinafter, the configuration of the
3 is a block diagram showing the configuration of a
Referring to FIG. 3, the
The
The
The
According to the present embodiment, the
The
A detailed description thereof will be made with reference to FIG.
FIG. 4 is a block diagram of a black box system for computer management according to another embodiment of the present invention. FIG. 5 is a block diagram illustrating a black box system according to an exemplary embodiment of the present invention. And Fig.
Referring to Fig. 4, the overall system according to the present embodiment further includes a
The
The
The reason for this is that the user of the
In other words, the
The
5, the
The
Although it is not shown in the drawing, the
According to the present embodiment, the presence or absence of a user of the
The computer management method using the black box device according to the present invention can be implemented as a computer-readable code on a computer-readable recording medium. The computer-readable recording medium includes all kinds of recording media storing data that can be decoded by a computer system. For example, it may be a ROM (Read Only Memory), a RAM (Random Access Memory), a magnetic tape, a magnetic disk, a flash memory, an optical data storage device, or the like. In addition, the computer-readable recording medium may be distributed and executed in a computer system connected to a computer network, and may be stored and executed as a code readable in a distributed manner.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the invention as defined in the appended claims. It will be understood that various modifications and changes may be made.
10-1, 10-2, ..., 10-n:
30: Black box device
50: User terminal
70: management device
Claims (9)
Collecting leakage information on data flowing out from a management object computer through a communication network;
Analyzing the outflow information to calculate a risk;
Acquiring and storing additional information in the management target computer when the risk level is greater than a predetermined value;
Transmitting a specific signal periodically including the unique identification information to the near-field communication;
Confirming whether or not a computer user exists as to whether the user terminal corresponding to the management target computer previously received the specific signal; And
And sending a delete or repair command to the processor attempting to leak the data to the managed computer when the computer user is determined not to exist and the leaked data is determined to be critical data.
Wherein the additional information includes at least one of image information obtained by capturing a screen of the management target computer and processor information of attempting data leakage.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20140161721A KR101502962B1 (en) | 2014-11-19 | 2014-11-19 | Black-box device for management of computers and method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20140161721A KR101502962B1 (en) | 2014-11-19 | 2014-11-19 | Black-box device for management of computers and method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
KR101502962B1 true KR101502962B1 (en) | 2015-03-16 |
Family
ID=53027686
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR20140161721A KR101502962B1 (en) | 2014-11-19 | 2014-11-19 | Black-box device for management of computers and method thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101502962B1 (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20060104270A (en) * | 2005-03-30 | 2006-10-09 | (주)펄스미디어 | File security system for tracing history of file draining out |
KR20090090678A (en) * | 2008-02-21 | 2009-08-26 | 김종근 | Monitoring and recorder system for history of using computer based on screen captures |
KR20120053879A (en) * | 2010-11-18 | 2012-05-29 | 주식회사 디지털벤투스 | Computer lock terminal module, computer lock module and computer lock method using the same |
KR20120076661A (en) * | 2010-12-09 | 2012-07-09 | 한국전자통신연구원 | Information property management apparatus, server, agent and method thereof |
-
2014
- 2014-11-19 KR KR20140161721A patent/KR101502962B1/en active IP Right Grant
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20060104270A (en) * | 2005-03-30 | 2006-10-09 | (주)펄스미디어 | File security system for tracing history of file draining out |
KR20090090678A (en) * | 2008-02-21 | 2009-08-26 | 김종근 | Monitoring and recorder system for history of using computer based on screen captures |
KR20120053879A (en) * | 2010-11-18 | 2012-05-29 | 주식회사 디지털벤투스 | Computer lock terminal module, computer lock module and computer lock method using the same |
KR20120076661A (en) * | 2010-12-09 | 2012-07-09 | 한국전자통신연구원 | Information property management apparatus, server, agent and method thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
RU2622876C2 (en) | Method, device and electronic device for connection control | |
CN107622203B (en) | Sensitive information protection method and device, storage medium and electronic equipment | |
KR102072095B1 (en) | Identity authentication methods, devices, and systems | |
CN110363020B (en) | Screen capturing monitoring method, device, computer equipment and storage medium | |
CN104966053A (en) | Face recognition method and recognition system | |
CN103514397A (en) | Server, terminal and authority management and permission method | |
CN105590047A (en) | Face identification based login system and login method | |
CN105100108A (en) | Login authentication method, device and system based on face identification | |
KR101908944B1 (en) | Apparatus and method for analyzing malware in data analysis system | |
KR101812667B1 (en) | Method and apparatus for backing up data, electronic device, program and recording medium | |
KR101779696B1 (en) | Method and apparatus for detecting voice phishing | |
KR101264102B1 (en) | The smart phone comprising anti-virus ability and anti-virus method thereof | |
KR20130088942A (en) | Smart-phone control system and control method based on the location information | |
KR102071530B1 (en) | Apparatas and method for proposing a response manual of occurring denial in an electronic device | |
US20160110531A1 (en) | Information processing apparatus, terminal apparatus and information processing method | |
KR101115250B1 (en) | Apparatus and method for checking safety of qr code | |
CN104426836A (en) | Invasion detection method and device | |
KR101467228B1 (en) | Method for preventing outflow file and device thereof | |
US20140351933A1 (en) | System and method for inspecting harmful information of mobile device | |
KR101448085B1 (en) | SE Applet Management Method According to Application Uninstalling, Mobile Device and Service Management Server using the same | |
KR101754014B1 (en) | Information Leakage Prevention Apparatus Based Face Recognition And Method of Threof | |
KR101502962B1 (en) | Black-box device for management of computers and method thereof | |
US10242191B2 (en) | Dynamically-loaded code analysis device, dynamically-loaded code analysis method, and dynamically-loaded code analysis program | |
US10331937B2 (en) | Method and system for context-driven fingerprint scanning to track unauthorized usage of mobile devices | |
CN108229180B (en) | Screenshot data processing method and device and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |