KR20160125222A - System and method for network partition computer security using mobile device - Google Patents
System and method for network partition computer security using mobile device Download PDFInfo
- Publication number
- KR20160125222A KR20160125222A KR1020150056124A KR20150056124A KR20160125222A KR 20160125222 A KR20160125222 A KR 20160125222A KR 1020150056124 A KR1020150056124 A KR 1020150056124A KR 20150056124 A KR20150056124 A KR 20150056124A KR 20160125222 A KR20160125222 A KR 20160125222A
- Authority
- KR
- South Korea
- Prior art keywords
- computer
- portable device
- security
- input
- module
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
- G06F1/26—Power supply means, e.g. regulation thereof
- G06F1/32—Means for saving power
- G06F1/3203—Power management, i.e. event-based initiation of a power-saving mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
Abstract
Description
Embodiments of the present invention relate to a computer security system and method that can enhance the security of a networked computer using a portable device.
Recently, due to the frequent occurrence of internal document leakage through the Internet and cyber terrorism, the security consciousness of computers has been increasing, and thus a network separation computer has attracted attention.
A network separation computer is generally composed of two computers (a computer capable of connecting only to an internal network and a computer capable of connecting only to an external network such as the Internet), and each computer is physically separated. However, the network separation computer can prevent the security threat from the external network from affecting the internal network, but prevents the third party from accessing the internal network using the network separation computer while the user of the network separation computer is idle Is difficult. In order to prevent a third party from unauthorized use of the network separation computer, a password may be set to the network separation computer so that the network separation computer can be used only when the password is input. However, There is still a security problem because third parties can use the computer if it can be inferred. As a method for solving such a problem, Korean Patent Laid-Open Publication No. 10-2014-0137552 (published on Dec. 3, 2014) entitled " Security function providing method, terminal and recording medium " And a security process corresponding thereto is performed.
However, there is still a security problem with this security feature as the third party can unlock the password at once if the password has already been exposed to a third party. Accordingly, there is a need for a method that can more effectively secure the security of the network disconnection computer.
Disclosure of Invention Technical Problem [8] The present invention provides a system and an apparatus capable of effectively enhancing the security of a network disconnection computer even when a user is left unattended.
Another object of the present invention is to provide a method for effectively enhancing the security of a network disconnection computer even when a user is left unattended.
According to an aspect of the present invention, a computer security system includes an authentication module that is provided in a portable device including a communication module for short-range wireless communication and authenticates a user, a communication module that transmits and receives a short- And a control module for detecting the presence of the portable device based on the signal and controlling the operation of the input / output device connected to the computer in association with the authentication module when the portable device is authenticated, the security device comprising: And may be included in the device included in the input / output device or connected to the computer.
According to one aspect, the short-range wireless signal may include a Bluetooth signal including a code for paring between the portable device and the security device, a wireless fidelity (WiFi) signal, a Near Field Communication (NFC) , And an RFID (Radio Frequency Identification) signal.
According to another aspect, the code may include an ID of the user or a telephone number of the portable device.
According to another aspect of the present invention, the control module controls power to be supplied to the input / output device when the control module is interlocked with the portable device, and when the disconnection state with the portable device is maintained for a predetermined time or longer, .
According to another aspect, the interface may include at least one of a USB (Universal Serial Bus) interface, a PCM (Pulse Code Modulation) interface, a serial interface, and a LAN (Local Area Network) interface.
According to another aspect, the computer may include a first computer connected to the internal network, a second computer connected to the external network, and an interface module shared by the first computer and the second computer.
According to another aspect of the present invention, a computer security method for a computer security system includes a step of authenticating a user by an authentication module included in a portable device including a communication module for short-range wireless communication, Transmitting or receiving a short distance wireless signal to or from a security device included in the device connected to the computer, detecting the presence of the portable device based on the short distance wireless signal, and when the portable device is authenticated And the security device may control the operation of the input / output device or the device connected to the computer in cooperation with the portable device.
The security of the network separation computer can be enhanced since the network separation computer can be used only when the portable device exists within a predetermined transaction from the network separation computer.
Since the input / output device connected to the network separation computer operates only when the portable device exists within a predetermined transaction from the network separation computer, the energy consumed by the input / output device can be reduced.
1 is a block diagram illustrating a computer security system in accordance with an embodiment of the present invention.
2 is a block diagram illustrating a security system for a computer according to another embodiment of the present invention.
3 is a block diagram illustrating a security device in accordance with an embodiment of the present invention.
4 is a flowchart illustrating a computer security method according to an embodiment of the present invention.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art can easily carry out the present invention. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.
Throughout the specification, when an element is referred to as "comprising ", it means that it can include other elements as well, without excluding other elements unless specifically stated otherwise. In addition, the term "module" or the like in the description means a unit for processing at least one function or operation, and may be implemented by hardware, software, or a combination of hardware and software.
1 is a block diagram illustrating a computer security system in accordance with an embodiment of the present invention.
1, a computer security system may include a
The
The interface module 111 provides a connection between the plurality of
The input /
The
The
The Bluetooth module may transmit and receive a Bluetooth signal including a code for pairing between the
The
For example, when the
For example, the
Referring to Table 1, the
The
The communication module 141 performs short-range wireless communication with the
The authentication module 142 is used to authenticate whether the user of the
If the user authentication is successful by the authentication module 142, the communication module 141 may transmit the short-range wireless signal including the predetermined code (or password) to the
2 is a block diagram illustrating a security system for a computer according to another embodiment of the present invention.
2, the security system for a computer includes a
The detailed configuration of the
The
In this case, the
3 is a block diagram illustrating a security device in accordance with an embodiment of the present invention. Hereinafter, the security device according to the present invention will be described in more detail with reference to FIG.
3, the
The communication module 310 can transmit and receive short-range wireless signals to and from the portable device through short-range wireless communication. For example, the communication module 310 may include at least one of a Bluetooth module, a WiFi module, an NFC module, and an RFID module.
In the
The interface module 330 provides an interface for connection with an input / output device and / or a KVMA device. For example, the interface module 330 may include a USB interface, a PCM interface, a serial interface, a LAN interface, and the like, and may be connected to the input / output device and / or the KVMA device through the interface. However, when the security device 330 is embedded or mounted in the input / output device and / or the KVMA device, the security device 330 may not include the interface module 330.
The battery 340 provides power for operation of the
4 is a flowchart illustrating a computer security method according to an embodiment of the present invention. Hereinafter, a method for performing computer security by the computer security system according to the present invention will be described with reference to FIG.
An authentication module included in a portable device including a communication module for short-range wireless communication authenticates a user who intends to use the network separation computer (S410). For example, the authentication module authenticates whether the user has a right to use the network disassembly computer by using a wireless communication function provided in the portable device, or performs a user authentication based on a password for a preset personal authentication . When the user authentication is successful, the authentication module can transmit / receive a short-range wireless signal to / from a security device included in (or connected to) the input / output device and / or the KVMA device of the network separation computer using the communication module provided in the portable device S420). The communication module may include, for example, a Bluetooth module, a WiFi module, an NFC module, and an RFID module.
For example, the authentication module can send and receive a Bluetooth signal including a code for pairing between the portable device and the security device through the Bluetooth module. Here, the code may include a user ID, an ID of the portable device, and a phone number of the portable device. In addition, the authentication module can send and receive a signal including a predetermined password through a WiFi module, an NFC module, and / or an RFID module.
The security device can detect the presence of the portable device based on the local wireless signal transmitted from the portable device (S430). The security device can control the operation of the input / output device in cooperation with the portable device when authentication of the portable device is successful based on a code (or a password) included in the short range wireless signal.
For example, if the security device determines that the portable device exists in the vicinity of the security device as a short-range wireless signal from the portable device associated with the security device is detected, operation of the input / output device and / or KVMA device is enabled (S440). However, it is possible to control the operation of the input / output device and / or the KVMA device to be in a disabled state when the short-range wireless signal is not received from the portable device for a predetermined time or longer, (S450). To this end, for example, when the security device is interlocked with the portable device, the power is controlled to be supplied to the input / output device, and the power supplied to the input / output device can be controlled to be cut off when the disconnection state with the portable device is maintained for a predetermined time.
The foregoing description is merely illustrative of the technical idea of the present invention, and various changes and modifications may be made by those skilled in the art without departing from the essential characteristics of the present invention. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.
110: Network disconnection computer
120: input / output device
130: Security device
140: Portable device
Claims (10)
An authentication module provided in a portable device including a communication module for short-range wireless communication to authenticate a user; And
A communication module for transmitting / receiving a short distance wireless signal to / from the portable device; a control unit for controlling the operation of the input / output device connected to the computer in cooperation with the authentication module when the presence of the portable device is detected based on the short- A security device including a control module
Lt; / RTI >
The security device comprises:
Wherein the computer security system is included in the device included in the input / output device or connected to the computer.
The short-
(Bluetooth) signal, a WiFi signal, an NFC (Near Field Communication) signal, and an RFID (Radio Frequency Identification) signal including a code for paring between the portable device and the security device The computer security system comprising:
The code includes:
(ID) of the user or a telephone number of the portable device.
The control module includes:
Wherein the controller controls the power to be supplied to the input / output device when the portable device is interlocked with the portable device, and controls the power supplied to the input / output device to be cut off when the disconnected state with the portable device is maintained for a predetermined time or longer. .
The interface comprises:
Wherein the computer system comprises at least one of a USB (Universal Serial Bus) interface, a PCM (Pulse Code Modulation) interface, a serial interface, and a LAN (Local Area Network) interface.
The computer,
A first computer connected to the internal network, a second computer connected to the external network, and an interface module shared by the first computer and the second computer.
Authenticating a user by an authentication module included in a portable device including a communication module for short-range wireless communication;
Transmitting and receiving a short-range wireless signal to / from a security device included in an input / output device connected to the computer or connected to the computer;
The security device detecting the presence of the portable device based on the short range wireless signal; And
When the portable device is authenticated, the security device controls operation of the input / output device or a device connected to the computer in association with the portable device
Gt;
The short-
(Bluetooth) signal, a WiFi signal, an NFC (Near Field Communication) signal, and an RFID (Radio Frequency Identification) signal including a code for paring between the portable device and the security device The method comprising the steps of:
The code includes:
(ID) of the user or a telephone number of the portable device.
Wherein the controlling comprises:
Controlling the power to be supplied to the input / output device when the portable device is interlocked with the portable device, and controlling the power supplied to the input / output device to be cut off when the disconnection state with the portable device is maintained for a predetermined time or more .
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150056124A KR101729693B1 (en) | 2015-04-21 | 2015-04-21 | System and method for network partition computer security using mobile device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150056124A KR101729693B1 (en) | 2015-04-21 | 2015-04-21 | System and method for network partition computer security using mobile device |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20160125222A true KR20160125222A (en) | 2016-10-31 |
KR101729693B1 KR101729693B1 (en) | 2017-04-25 |
Family
ID=57445902
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150056124A KR101729693B1 (en) | 2015-04-21 | 2015-04-21 | System and method for network partition computer security using mobile device |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101729693B1 (en) |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101459059B1 (en) | 2014-07-07 | 2014-11-12 | 쉐도우시스템즈(주) | Physical network switching apparatus for dual monitor |
-
2015
- 2015-04-21 KR KR1020150056124A patent/KR101729693B1/en active IP Right Grant
Also Published As
Publication number | Publication date |
---|---|
KR101729693B1 (en) | 2017-04-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8467770B1 (en) | System for securing a mobile terminal | |
US9654981B2 (en) | Data integrity for proximity-based communication | |
US9615257B2 (en) | Data integrity for proximity-based communication | |
US10028079B2 (en) | Enhanced security for near field communication enabled bluetooth devices | |
EP3238467B1 (en) | Controlling a modality of a dockee in a wireless docking system | |
US9326114B2 (en) | Transferring a voice call | |
US20230411994A1 (en) | Contraband detection through smart power components | |
US20140189801A1 (en) | Method and System for Providing Limited Usage of an Electronic Device | |
KR101729692B1 (en) | System and method for computer security and energy saving using mobile device | |
US20150050882A1 (en) | User equipment, communication method, program, and communication system | |
EP3610665A1 (en) | Techniques for repairing an inoperable auxiliary device using another device | |
KR101729693B1 (en) | System and method for network partition computer security using mobile device | |
JP2015162235A (en) | authentication system | |
US20220188443A1 (en) | A computing device, method and system for controlling the accessibility of data | |
US20150303734A1 (en) | Induction Charger | |
JP2021161724A (en) | Communication system and communication method | |
JP2008118419A (en) | Repeater, radio communication terminal, communication system, and communication method and program | |
JP2005159690A (en) | Radio communication apparatus and authentication method | |
US20210185742A1 (en) | Machine for processing foods and packaging products | |
JP2006080674A (en) | Radio data communication device, radio data communication method, and radio data communication system | |
EP3291117B1 (en) | Method and device having secure removable modules | |
US20240056306A1 (en) | Intelligent arrangement of unlock notifications | |
CN101888634A (en) | Wireless communication system | |
EP4315883A1 (en) | Extending a hearing device with a user interface device to enable authentication | |
KR20160030424A (en) | Security blocking setup method and mobile apparatus using the method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |