WO2014058130A1 - 네트워크 드라이브 접근 제어 방법 및 네트워크 드라이브 시스템 - Google Patents
네트워크 드라이브 접근 제어 방법 및 네트워크 드라이브 시스템 Download PDFInfo
- Publication number
- WO2014058130A1 WO2014058130A1 PCT/KR2013/005856 KR2013005856W WO2014058130A1 WO 2014058130 A1 WO2014058130 A1 WO 2014058130A1 KR 2013005856 W KR2013005856 W KR 2013005856W WO 2014058130 A1 WO2014058130 A1 WO 2014058130A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- communication device
- network drive
- security
- access
- data
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/021—Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/023—Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2111—Location-sensitive, e.g. geographical location, GPS
Definitions
- the present invention relates to a network drive access control method, and more particularly, to a method and a network drive system for controlling access to a network drive based on location information of a plurality of communication devices.
- a network drive recognizes a hard disk of another computer or server connected to a local area network (LAN), the Internet, etc. as a drive connected to its own computer. In the past, a network drive is recognized through an internal network. A technology for providing a network drive service is disclosed.
- the network drive service is a service capable of freely uploading or downloading a file using a virtual storage (ie, an internet network drive) whenever and wherever network communication is possible.
- the network drive service has further evolved, and a service for synchronizing data of a local computer with data of a network drive has been released.
- Korean Patent Publication No. 10-2012-0073799 discloses a data storage and service providing apparatus based on cloud storage.
- the network drive service is generally neglected because the user's use method is greatly inconvenient compared to the local drive, so users are ignored. That is, the conventional network drive service permits free access to folders and files stored in the user's network drive once the user authentication is successful. Accordingly, when another person takes over an account of a specific user, there is a problem that the data stored in the network drive of the specific user can be easily obtained from the outside.
- the present invention has been proposed to solve such a conventional problem, and an object thereof is to provide a network drive access control method and a network drive system with improved security without compromising convenience in use.
- a network drive system for controlling access of a network drive based on location information of a communication device, the storage unit for storing a network drive for storing security data and general data ; A receiving unit for requesting access of a network drive from a first communication device; A positioning unit to determine whether a distance between the first communication device and the second communication device designated as the access control device of the network drive is equal to or less than a threshold distance; And applying a policy for allowing access of the first communication device to general data stored in the network drive or blocking access of the first communication device to the network drive according to the determination result of the location checking unit.
- the network drive system receives the security release list from the second communication device, releases security data recorded in the security release list among security data stored in the network drive, and releases the security release.
- the apparatus may further include a security release unit allowing access of the first communication device to security data.
- the security release unit checks the list of security data stored in the network drive and transmits the checked security data list to the second communication device, and records the security data selected by the second communication device in the security data list
- the security release list may be received from the second communication device.
- the network drive system further includes an authentication unit for receiving a security release password from the second communication device and authenticating whether the security release password is correct.
- the security release unit releases security of the secure data when the authentication is successful.
- the network drive system may further include a data providing unit configured to display one or more of the general data stored in the network drive and the secured security data in a search window of the first communication device.
- the location setting unit when the location setting unit applies a policy for allowing the first communication device to access the general data stored in the network drive, the location setting unit determines the positions of the first communication device and the second communication device. Continuously monitoring, and if the distance between the first communication device and the second communication device exceeds the threshold as a result of the monitoring, the policy setting unit blocks the access of the first communication device to the network drive. Apply.
- a method for controlling access of a network drive based on location information of a communication device comprising: receiving a request for access of a network drive from a first communication device; ; Checking, by the network drive system, whether a distance between a location of the first communication device and a second communication device designated as an access control device of the network drive is equal to or less than a threshold distance; And allowing, by the network drive system, access of the first communication device to general data stored in the user's network drive when the location of the first communication device and the second communication device is less than or equal to the threshold distance.
- the method of controlling access of said network drive comprises: receiving, by said network drive system, a security release list from said second communication device; Unlocking, by the network drive system, security data recorded in the security release list among security data stored in the network drive; And allowing, by the network drive system, access of the first communication device to the unsecured data.
- the present invention has the advantage of improving the security of the data stored in the network drive and protect the privacy of the user by selectively allowing access to the network drive, based on the location information of the plurality of communication devices.
- the second communication device controls whether or not access to the security data stored in the network drive, by allowing the first communication device to selectively access the security data under the control of the second communication device, the valuable data of the user (I.e., secure data) has the advantage of further strengthening the security.
- the present invention determines that the user has left the working first communication device and blocks the network drive access from the first communication device. By doing so, there is an advantage of preventing another person from taking over the user's data and taking over the user's data.
- the present invention stores the data encrypted by using the encryption key stored in the second communication device in the network drive, and decrypts the data downloaded from the network drive through the decryption key stored in the second communication device, It further improves the security of the data itself.
- FIG. 1 is a diagram illustrating a network configuration to which a network drive system according to an embodiment of the present invention is applied.
- FIG. 2 is a diagram illustrating a configuration of a network drive system according to an embodiment of the present invention.
- FIG. 3 is a flowchart illustrating a method of allowing access to a network drive on a limited basis based on location information of a communication device in a network drive system according to an embodiment of the present invention.
- FIG. 4 is a flowchart illustrating a method of displaying unsecured data in a network drive system to a communication device according to an embodiment of the present invention.
- FIG. 5 is a flowchart illustrating a method of changing a security policy as a distance between communication devices exceeds a threshold distance in a network drive system according to an embodiment of the present invention.
- FIG. 6 is a flowchart illustrating a method of processing a download file or an upload file in a communication device according to an embodiment of the present invention.
- FIG. 1 is a diagram illustrating a network configuration to which a network drive system according to an embodiment of the present invention is applied.
- the network drive system 200 communicates with a plurality of communication devices 110 and 120 through a network 300.
- the network 300 includes a mobile communication network, a wired Internet network, a short-range wireless communication network, and the like, and thus detailed description thereof will be omitted.
- reference numeral 110 in FIG. 1 denotes a first communication device 110 and reference numeral 120 in FIG. 1 refers to a second communication device 120.
- first communication device 110 and the second communication device 120 are owned by the same user.
- the first communication device 110 is connected to the network drive system 200 via the network 300 to receive a network drive service.
- the first communication device 110 is selectively allowed to access the user network drive according to the distance from the second communication device 120.
- the first communication device 110 may periodically transmit its location information to the network drive system 200. That is, the first communication device 110 acquires GPS coordinates by using a self-mounted GPS (Gobal Positioning System) receiver, and uses the network drive system (LG) as the location information using the GPS coordinates or administrative address information corresponding to the GPS coordinates. 200 may be periodically transmitted.
- GPS Gobal Positioning System
- the first communication device 110 may identify identification information of a nearby small wireless base station (for example, an access point) accessible through the short range communication module.
- the identification information of the small wireless base station can be periodically transmitted to the network drive system 200 as location information.
- the first communication device 110 receives an encryption key from the second communication device 120, encrypts a file to be uploaded based on the encryption key, and then uploads it to the network drive system 200.
- the first communication device 110 receives a decryption key from the second communication device 120 and decrypts the file received from the network drive system 200 through the decryption key.
- the first communication device 110 is described as a desktop computer.
- the first communication device 110 may be a network drive system (eg, a tablet computer, a notebook computer, a mobile communication terminal, etc.) via a network 300.
- Any communication device capable of connecting to 200 can be adopted without limitation.
- the second communication device 120 performs a function of controlling access of security data set in the network drive.
- the second communication device 120 may access the first communication device for security data (ie, a security file / security folder) stored in the network drive.
- security data ie, a security file / security folder
- a function of selectively allowing access of 110 is performed.
- the second communication device 120 may periodically measure its location information and report it to the network drive system 200.
- the second communication device 120 may store an encryption key and a decryption key, and provide one or more of an encryption key and a decryption key to the first communication device 110.
- the second communication device 120 is a tablet computer, a notebook computer, a mobile communication terminal, or the like, and is preferably a smartphone.
- the network drive system 200 is a system that provides a network drive service to the communication devices 110 and 120.
- the network drive service may also be referred to as a web hard service or a cloud service.
- the network drive system 200 stores user-specific network drives classified according to user accounts (ie, IDs) and user data stored in the network drives.
- the network drive system 200 stores the user data into security data and general data, and stores the encrypted data based on each user's encryption key.
- the security data refers to a file / folder set to security according to a user's setting
- the general data refers to a general file / folder for which security is not set.
- the second communication device 120 controls the access of the location and the security data of the first communication device 110.
- a threshold distance eg, 50 m. If the distance between the first communication device 110 and the second communication device 120 is less than or equal to the threshold distance, the network drive system 200 applies a restricted access policy and general data stored in the network drive according to the policy (ie, General file and general folder) are transmitted to the first communication device 110 to allow access to the general data.
- the network drive system 200 selects the security data to be released from the second communication device 120, the network drive system 200 displays the selected security data on the screen of the first communication device 110, thereby displaying the selected security data. Allows access to the first communication device 110 for access.
- the network drive system 200 applies an access blocking policy and a network drive dedicated to the user according to this policy. Blocking access of the first communication device 110 to the.
- FIG. 2 is a diagram illustrating a configuration of a network drive system according to an embodiment of the present invention.
- the network drive system 200 includes a transceiver 210, a storage 220, a location determiner 230, an authenticator 240, and a policy setting.
- the unit 250 includes a data provider 260 and a security release unit 270.
- the transceiver 210 performs a function of communicating with the communication devices 110 and 120 via the network 300.
- the transceiver 210 periodically receives location information from the communication devices 110 and 120, and also receives a network drive access request message from the first communication device 110.
- the transceiver 210 receives the security release list from the second communication device 120.
- the storage unit 220 is a storage means such as a database, and stores network drives classified by user IDs and user data (ie, files / folders) stored and encrypted in each network drive.
- the user data is set to any one of security data and general data. That is, the user data is set as security data or general data according to the user's setting.
- the storage unit 220 stores the login authentication information and the security release password in which the ID and password are recorded for each user.
- the storage unit 220 stores location information of the communication devices 110 and 120 and stores identification information of the communication device 120 for controlling access to security data for each user account.
- the identification information of the second communication device 120 is stored in the storage unit 220 as communication device identification information for controlling access to the security data.
- an IP address, a MAC address, a phone number, and the like of the communication device may be recorded in the storage unit 220.
- the location checker 230 checks the positions of the first communication device 110 and the second communication device 120, respectively, and between the first communication device 110 and the second communication device 120 based on the checked positions. The function determines whether the distance exceeds the threshold distance. In addition, the positioning unit 230 transmits the determined result to the policy setting unit 250. In addition, when the first communication device 110 approaches the network drive, the location checker 230 continuously monitors the positions of the first communication device 110 and the second communication device 120 to control the first communication device 110. It is continuously checked whether the distance between the first communication device 110 and the second communication device 120 is within a critical distance.
- the authentication unit 240 performs login authentication of the user and performs security release authentication of the user. Specifically, when the authentication unit 240 receives the network drive access request message from the first communication device 110 through the transceiver 210, the storage unit 220 determines whether the ID and password included in the message are correct. Authenticate based on your login credentials. In addition, when the authentication unit 240 receives the security release password from the second communication device 120, the authentication unit 240 authenticates whether the security release password is stored in the storage unit 220 as the security release password of the user.
- the policy setting unit 250 performs a function of establishing a security policy based on the login authentication result authenticated by the authenticator 240 and the result determined by the location checker 230. That is, if the authentication setting unit 250 succeeds in the login authentication of the first communication device 110 in the authentication unit 240 and the determination result received from the location checking unit 230 is less than or equal to the threshold distance, the user's network Apply the drive security policy as a restricted access policy. In addition, the policy setting unit 250 succeeds in the login authentication of the first communication device 110, and when the determination result received from the positioning unit 230 exceeds the threshold distance, the policy setting unit 250 of the user network security policy Apply as an access blocking policy.
- the data provider 260 selectively allows a user to access a network drive according to the policy applied by the policy setting unit 250.
- the data providing unit 260 checks the user-only network drive in the storage unit 220 based on the login ID of the first communication device 110.
- the network of the first communication device 110 may be transmitted to the first communication device 110 by transmitting a general data list in which information of a plurality of unsecured general data (ie, general files / general folders) is recorded on the network drive. Display in the drive search window allows limited access to the network drive.
- the data providing unit 260 may record the name, size, modified date, etc. of each file or folder in the general data list as general data information.
- the data providing unit 260 does not provide any data stored in the network drive to the first communication device, but provides first communication to a user-specific network drive. Block access to device 110.
- the data providing unit 260 allows the first communication device 110 to access one or more security data among the plurality of security data according to the instruction of the security release unit 270.
- the data providing unit 260 may transmit the information (that is, size, modified date, name, etc.) of the secure data (that is, secure file / secure folder) that has been instructed to release the security from the security release unit 270. And transmits the information of the security data to the network drive search window of the first communication device 110.
- the data provider 260 transmits the download request data to the first communication device 110 and stores the data uploaded from the first communication device 110 in a network drive of the storage unit 220.
- the security release unit 270 performs a function of selectively allowing access of the communication device to the security data. Specifically, when the security release unit 270 receives a security release request message from the first communication device 110 accessing the network drive, the security data list (ie, a security file list and a security folder) set in a network drive dedicated to the user. List). In addition, the security release unit 270 transmits the secured data list to the second communication device 120 that controls the access of the security data. In addition, when the security release unit 270 receives the security release list from the second communication device 120, the security release unit 270 releases security of data (ie, file / folder) corresponding to the security release list, and releases the security. Instructing the data providing unit 260 to allow the first communication device 110 to access the data.
- the security data list ie, a security file list and a security folder
- FIG. 3 is a flowchart illustrating a method of allowing access to a network drive on a limited basis based on location information of a communication device in a network drive system according to an embodiment of the present invention.
- the transceiver 210 of the network drive system 200 periodically receives location information from the second communication device 120, and the location checker 230 is the second communication device 120.
- the location checking unit 230 stores the location information of the second communication device 120 stored in the storage unit 220. By updating the received location information, the latest information on the location information of the second communication device 120 is maintained.
- the transceiver 210 of the network drive system 200 receives a network drive access request message including a login ID and a password of the user from the first communication device 110 (S303).
- the network drive access request message may include location information of the first communication device 110.
- the authentication unit 240 of the network drive system 200 authenticates whether the login ID and password included in the network drive access request message are correct based on the login authentication information of the storage unit 220, and if authentication fails.
- the login failure message is transmitted to the first communication device 110 by using the transceiver 210.
- the location check unit 230 requests the location confirmation.
- the location checker 230 identifies that the communication device for controlling the access of the security data stored in the network drive dedicated to the user is the second communication device 120 based on the login account of the first communication device 110. (S305). That is, the location checking unit 230 confirms that the communication device identification information registered as the access control device corresponding to the login ID is the identification information of the second communication device 120.
- the location confirming unit 230 confirms the location information of the second communication device 120 in the storage unit 220 and confirms the location information of the first communication device 110.
- the location checking unit 230 may check the location information of the first communication device 110 stored in advance in the storage unit 220.
- the location checker 230 may provide the location information of the first communication device 110 based on the location information included in the network drive access request message. You can check.
- the positioning unit 230 compares the identified position of the first communication device 110 and the position of the second communication device 120 to calculate the distance between the two communication devices (S307), the first communication device It is determined whether the distance between the 110 and the second communication device 120 exceeds a threshold distance (for example, 50 meters) (S309).
- a threshold distance for example, 50 meters
- the location checking unit 230 may calculate the distance between the two devices by analyzing the GPS coordinates.
- the location checking unit 230 externally locates the location information mapped with the identification information of the small wireless base station.
- the distance between the two devices may be calculated by checking the location information mapping table stored in the server or the server itself.
- the positioning unit 230 is the identification information of the small wireless base station, the location information of the first communication device 110 and the second communication device 120, the identification information of the small wireless base station recorded in the two location information is the same In this case, it may be determined that the distance between the devices 110 and 120 is equal to or less than a critical distance.
- the positioning unit 230 transmits the determination result to the policy setting unit 250. Then, if the received determination result exceeds the threshold distance, the policy setting unit 250 applies a security policy of a user-only network drive as an access blocking policy. In addition, the data provider 260 transmits a message indicating that access to the network drive is blocked by the transceiver 210 to the first communication device 110, and the first communication device for the network drive dedicated to the user. Blocking the access (110) (S311).
- the policy setting unit 250 applies the security policy of the user-only network drive as a limited access policy, the first communication device 110 ) Provides general data to the data provider 260. Then, the data provider 260 accesses a network drive dedicated to the user based on the login ID of the first communication device 110 and checks a plurality of general data not set as security in the network drive (S313). ).
- the data provider 260 sends the first communication device 110 a general data list in which information (eg, size, name, modified date, etc.) of each general data (ie, general file / general folder) is listed.
- information eg, size, name, modified date, etc.
- the information on the file / folder set as the general data is displayed on the network drive search window of the first communication device 110.
- the user of the first communication device 110 may access a file or folder set as general data and modify or download the general file or general folder.
- the second communication device 120 communicates with the first communication device 110, after acquiring the location of the first communication device 110 and confirming its own location information, the first communication device 110 It may be determined whether the distance between itself and the threshold exceeds a critical distance, and transmit the determination result to the network drive system 200.
- the second communication device 120 may predetermine the location information of the first communication device 110 mapped with the identification information of the first communication device 110.
- the identification information is received from the first communication device 110, the location information mapped with the identification information is checked in the data being stored.
- the second communication device 120 checks its own location information using a GPS receiver or the like, compares its own location information with the location of the first communication device 110, and checks its own location information with the first communication device 110. It may be determined whether the distance with the excess exceeds the threshold distance.
- the second communication device 120 receives the location information of the first communication device 110 measured by the first communication device 110, and the location information of the first communication device 110 and its own location information. The comparison may determine whether the distance between the first communication device 110 and itself exceeds the threshold distance.
- the positioning unit 230 of the network drive system 200 receives the position determination result from the second communication device 120 through the transceiver 210, and based on the determination result, the first communication device 110. ) And whether the distance between the second communication device 120 and the second communication device 120 exceeds the threshold distance.
- the network drive system may selectively allow access of the first communication device 110 to security data under the control of the second communication device 120.
- FIG. 4 is a flowchart illustrating a method of displaying unsecured data in a network drive system to a communication device according to an embodiment of the present invention.
- the first communication device 110 displaying general data on a network drive search window receives a security data display menu from a user (S401). That is, the user of the first communication device 110 clicks the security data display menu of the network drive service menu to check the security file and the security folder that are not displayed in the network drive search window.
- the first communication device 110 transmits a security release request message to the network drive system 200, and the transceiver 210 of the network drive system 200 receives the security release request message (S403).
- the security release unit 270 checks the network drive dedicated to the user in the storage unit 220 based on the user ID logged in by the first communication device 110, and lists the data set as security on the network drive. (That is, the security file list and the security folder list) are checked (S405).
- the security releasing unit 270 identifies that the communication device for controlling access to the security data stored in the network drive is the second communication device 120 based on the login account of the first communication device 110 (S407). . Next, the security release unit 270 transmits a security release request message including the secured data list to the identified second communication device 120 using the transceiver 210 (S409).
- the second communication device 120 outputs a list of security data included in the security release request message to the screen, and receives one or more security data (ie, a security file or a security folder) listed in the security data list, This creates a security release list that records one or more selected security data.
- the second communication device 120 transmits a security release message including the generated security release list to the network drive system 200.
- the transceiver 210 of the network drive system 200 receives the security release message, and the security release unit 270 instructs the authentication unit 240 to authenticate the second communication device 120.
- the authentication unit 240 transmits a message for requesting the security release password to the second communication device 120 by using the transceiver 210 (S413).
- the second communication device 120 receives a password for releasing security data from the user, and transmits the security release password to the network drive system 200 (S415).
- the authentication unit 240 of the network drive system 200 receives the security release password from the second communication device 120 through the transceiver 210, the password of the user stored in the storage unit 220 By checking whether the password matches the release password, the second communication device 120 authenticates whether the communication device has the right security release right (S417).
- the authentication unit 240 transmits a message indicating that the security release is impossible to the first communication device 110, if the security release authentication of the second communication device 120 fails, while the authentication unit 240 ) Instructs release of security data to the security release unit 270 when the security release authentication succeeds.
- the security release unit 270 checks the security release list included in the security release message received in step S411, and secures one or more security data (ie, security file / security folder) corresponding to this security release list.
- the data providing unit 260 instructs the first communication device 110 to access the security data.
- the data providing unit 260 checks the information on the security data belonging to the security release list in the user-only network drive stored in the storage unit 220, and thus the secure data information (ie name, size, correction) By transmitting the date, etc.) to the first communication device 110, the access of the security data is allowed (S421). Then, the first communication device 110 outputs the security data information (security file / security folder information) to the network drive search window (S423). Accordingly, a user of the first communication device 110 may access a file / folder that is released through the second communication device 120 to modify, delete or download the corresponding file or folder.
- the security release unit 270 may securely set the data released in step S419 again.
- the network drive system 200 may release security on one or more security data according to a request of the second communication device 120. . That is, when the network drive system 200 directly receives the security release for the one or more security data from the second communication device 120, the network drive system 200 instructs the authentication unit 240 to authenticate the second communication device 120 and authenticates the authentication. When the unit 240 succeeds in authenticating the second communication device 120, the security is released for the one or more security data (ie, security file / security folder) requested for security release, and the first security data is secured.
- the data provider 260 instructs the communication apparatus 110 to permit access.
- FIG. 5 is a flowchart illustrating a method of changing a security policy as a distance between communication devices exceeds a threshold distance in a network drive system according to an embodiment of the present invention.
- the location checking unit 230 periodically from the second communication device 120.
- the location of the second communication device 120 is continuously monitored based on the received location information (S501).
- the location checker 230 periodically receives location information from the first communication device 110 to determine the location of the first communication device 110. Location information can also be monitored.
- the positioning unit 230 determines whether the distance between the first communication device 110 and the second communication device 120 is continuously below the threshold distance, based on the monitored position information (S503), If it is less than the threshold distance, the process proceeds to step S501 again.
- the location checker 230 sends the user exit signal to the policy setting unit 250. Notify.
- the policy setting unit 250 determines that the second communication device 120 has moved away from the location where the first communication device 110 is located, and switches the policy from the currently limited access policy to the access blocking policy. (S505). That is, when the policy setting unit 250 receives the user exit signal from the location checking unit 230, the policy setting unit 250 determines that the user has temporarily moved from the location of the first communication device 110 that is in operation to another place, and performs a security policy. Switch from restricted access policy to blocked access policy.
- the data provider 260 recognizes that the access blocking policy has been set in the policy setting unit 250, and blocks access to the network drive from the first communication device 110 according to the policy, and further, the first communication.
- the device 110 transmits a message indicating that access to the network drive is blocked (S507).
- the data providing unit 260 includes a data non-display command in the message to remove information of all data displayed in the network drive search window of the first communication device 110 (S509).
- the location checking unit 230 of the network drive system 200 may set a user entry signal as a policy setting unit. Pass back to 250. Then, the policy setting unit 250 switches from the access blocking policy to the restricted access policy, and the data providing unit 260 accesses the first communication device 110 to general data among data included in the user-only network drive. Allow.
- the second communication device 120 continuously measures the distance between itself and the first communication device 110 so that when the distance with the first communication device 110 exceeds the threshold distance, the threshold is exceeded.
- the over distance signal may be transmitted to the network drive system 200.
- the second communication device 120 continuously monitors its position with the first communication device 110 and the first communication device 110. It continuously checks whether the distance with itself exceeds the threshold distance, and if the threshold distance is exceeded, the network drive system 200 transmits a signal exceeding the threshold distance. Then, as the position determiner 230 of the network drive system 200 receives the signal exceeding the threshold distance through the transceiver 210, the distance between the first communication device 110 and the second communication device 120 is increased.
- the user leaving signal is notified to the policy setting unit 250. Then, the policy setting unit 250 switches the policy from the restricted access policy to the access blocking policy, and the data provider 260 recognizes that the access blocking policy is set in the policy setting unit 250 and according to the first policy according to the policy. Blocks network drive access at communication device 110.
- FIG. 6 is a flowchart illustrating a method of processing a download file or an upload file in a communication device according to an embodiment of the present invention.
- the first communication device 110 when the first communication device 110 receives a download input signal for one or more files displayed in the network drive search window, the first communication device 110 requests the network drive system 200 to download the selected one or more files. (S601).
- the data providing unit 260 of the network drive system 200 extracts one or more files requested from the first communication device 110 from the network drive of the storage unit 220, and transmits and receives these files.
- the first communication apparatus 110 transmits the data to the first communication device 110.
- the first communication device 110 requests a decryption key from the second communication device 120 designated as the network drive access control device, and the second communication device 120 stores the decryption key stored in the second communication device 120. (S605, S607). Subsequently, the first communication device 110 decrypts the file downloaded from the network drive system 200 using the received decryption key (S609).
- the first communication device 110 may receive a file to be uploaded to the network driver from the user (S611). Then, the first communication device 110 requests the encryption key from the second communication device 120 (S613). Next, the second communication device 120 transmits an encryption key that is being stored to the first communication device 110 (S615).
- the first communication device 110 encrypts the file to be uploaded using the received encryption key (S617), and transmits the encrypted file to the network drive system 200 (S619).
- the data providing unit 260 of the network drive system 200 stores the encrypted file received from the first communication device 110 in the user's network drive (S621).
- the network drive system 200 selectively permits access to the network drive based on the location information of the plurality of communication devices 110 and 120, thereby securing the security of data stored in the network drive. Improve your privacy and protect your privacy.
- the second communication device 120 controls whether access to the security data stored in the network drive, and the first communication device 110 is selective to the security data under the control of the second communication device 120. By further increasing the security of your valuable data (ie secure data).
- the network drive system 200 may operate the first communication device 110 in operation. Blocking access to the network drive in the first communication device 110 by determining that it has left the place of the user, thereby preventing others from taking over the user's data through the first communication device 110 through the absence of the user. do.
- the present invention stores the data encrypted by the first communication device 110 using the encryption key stored in the second communication device 120 in the network drive, and also stores the data downloaded from the network drive in the second communication device ( By decrypting through the decryption key stored in 120), even if someone takes a file on the network drive, the contents of the file cannot be decrypted, thereby enhancing the security of the user data.
- the method of the present invention as described above may be implemented as a program and stored in a recording medium (CD-ROM, RAM, ROM, floppy disk, hard disk, magneto-optical disk, etc.) in a computer-readable form. Since this process can be easily implemented by those skilled in the art will not be described in more detail.
- a recording medium CD-ROM, RAM, ROM, floppy disk, hard disk, magneto-optical disk, etc.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Information Transfer Between Computers (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
Abstract
Description
Claims (13)
- 통신 장치의 위치정보를 기반으로 네트워크 드라이브의 접근을 제어하는 네트워크 드라이브 시스템으로서,보안 데이터 및 일반 데이터를 보관하는 네트워크 드라이브를 저장하는 저장부;제1통신 장치로부터 네트워크 드라이브의 접근을 요청받는 수신부;상기 제1통신 장치와 상기 네트워크 드라이브의 접근 제어 장치로 지정된 제2통신 장치 간의 거리가 임계거리 이하인지 여부를 확인하는 위치 확인부; 및상기 위치 확인부의 확인 결과에 따라, 상기 네트워크 드라이브에 보관된 일반 데이터에 대한 상기 제1통신 장치의 접근을 허용하는 정책을 적용하거나 상기 네트워크 드라이브에 대한 상기 제1통신 장치의 접근을 차단하는 정책을 적용하는 정책 설정부;를 포함하는 네트워크 드라이브 시스템.
- 제 1 항에 있어서,상기 제2통신 장치로부터 보안 해제 목록을 수신하여, 상기 네트워크 드라이브에 보관된 보안 데이터 중에서 상기 보안 해제 목록에 기록된 보안 데이터의 보안을 해제하고, 상기 보안 해제된 보안 데이터에 대한 상기 제1통신 장치의 접근을 허용하는 보안 해제부;를 더 포함하는 것을 특징으로 하는 네트워크 드라이브 시스템.
- 제 2 항에 있어서,상기 보안 해제부는,상기 네트워크 드라이브에 보관된 보안 데이터의 목록을 확인하여 이 확인한 보안 데이터 목록을 상기 제2통신 장치로 전송하고, 상기 보안 데이터 목록에서 상기 제2통신 장치가 선택한 보안 데이터를 기록하는 상기 보안 해제 목록을 상기 제2통신 장치로부터 수신하는 것을 특징으로 하는 네트워크 드라이브 시스템.
- 제 2 항에 있어서,상기 제2통신 장치로부터 보안해제 암호를 수신하고, 이 보안해제 암호가 정확한지 여부를 인증하는 인증부;를 더 포함하고,상기 보안 해제부는, 상기 인증에 성공한 경우에 보안 데이터의 보안을 해제하는 것을 특징으로 하는 네트워크 드라이브 시스템.
- 제 2 항에 있어서,상기 네트워크 드라이브에 보관된 일반 데이터, 상기 보안 해제된 보안 데이터 중 하나 이상을 상기 제1통신 장치의 탐색창에 디스플레이하는 데이터 제공부;를 더 포함하는 것을 특징으로 하는 네트워크 드라이브 시스템.
- 제 1 항에 있어서,상기 위치 확인부는, 상기 정책 설정부에서 상기 네트워크 드라이브에 보관된 일반 데이터에 대한 상기 제1통신 장치의 접근을 허용하는 정책을 적용하면, 상기 제1통신 장치와 상기 제2통신 장치의 위치를 계속적으로 모니터링하고,상기 정책 설정부는, 상기 모니터링 결과 상기 제1통신 장치와 상기 제2통신 장치 간의 거리가 상기 임계거리를 초과하면, 상기 네트워크 드라이브에 대한 상기 제1통신 장치의 접근을 차단하는 정책을 적용하는 것을 특징으로 하는 네트워크 드라이브 시스템.
- 통신 장치의 위치정보를 기반으로 네트워크 드라이브의 접근을 제어하는 방법으로서,네트워크 드라이브 시스템이, 제1통신 장치로부터 네트워크 드라이브의 접근을 요청받는 단계;상기 네트워크 드라이브 시스템이, 상기 제1통신 장치의 위치와 상기 네트워크 드라이브의 접근 제어 장치로 지정된 제2통신 장치 간의 거리가 임계거리 이하인지 여부를 확인하는 단계; 및상기 네트워크 드라이브 시스템이, 상기 확인 결과 상기 제1통신 장치와 상기 제2통신 장치의 위치가 상기 임계거리 이하이면 사용자의 네트워크 드라이브에서 저장된 일반 데이터에 대한 상기 제1통신 장치의 접근을 허용하는 단계;를 포함하는 네트워크 드라이브 접근 제어 방법.
- 제 7 항에 있어서,상기 허용하는 단계 이후에,상기 네트워크 드라이브 시스템이, 상기 제2통신 장치로부터 보안 해제 목록을 수신하는 단계;상기 네트워크 드라이브 시스템이, 상기 네트워크 드라이브에 저장된 보안 데이터 중에서 상기 보안 해제 목록에 기록된 보안 데이터의 보안을 해제하는 단계; 및상기 네트워크 드라이브 시스템이, 상기 보안 해제된 데이터에 대한 상기 제1통신 장치의 접근을 허용하는 단계;를 더 포함하는 것을 특징으로 하는 네트워크 드라이브 접근 제어 방법.
- 제 8 항에 있어서,상기 보안 해제 목록을 수신하는 단계는,상기 네트워크 드라이브에 저장된 보안 데이터의 목록을 확인하여 이 확인한 보안 데이터 목록을 상기 제2통신 장치로 전송하고, 상기 보안 데이터 목록에서 상기 제2통신 장치가 선택한 보안 데이터를 기록하는 상기 보안 해제 목록을 상기 제2통신 장치로부터 수신하는 것을 특징으로 하는 네트워크 드라이브 접근 제어 방법.
- 제 8 항에 있어서,상기 보안을 해제하는 단계는,상기 제2통신 장치로부터 보안해제 암호를 수신하고, 이 보안해제 암호가 정확한지 여부를 인증하여 인증에 성공한 경우에 보안 데이터의 보안을 해제하는 것을 특징으로 하는 네트워크 드라이브 접근 제어 방법.
- 제 7 항에 있어서,상기 네트워크 드라이브 시스템이, 상기 제1통신 장치와 상기 제2통신 장치 간의 거리가 상기 임계거리를 초과하면, 상기 네트워크 드라이브에 대한 상기 제1통신 장치의 접근을 차단하는 단계;를 더 포함하는 것을 특징으로 하는 네트워크 드라이브 접근 제어 방법.
- 제 7 항에 있어서,상기 허용하는 단계 이후에,상기 제1통신 장치가, 상기 제2통신 장치로부터 암호키를 수신하여 상기 암호키를 이용하여 데이터를 암호화하고 상기 암호화한 데이터를 상기 네트워크 드라이브로 업로드하는 단계;를 더 포함하는 것을 특징으로 하는 네트워크 드라이브 접근 제어 방법.
- 제 7 항에 있어서,상기 허용하는 단계 이후에,상기 제1통신 장치가, 상기 제2통신 장치로부터 복호키를 수신하고, 상기 네트워크 드라이브에 보관된 데이터를 다운로드하여 상기 다운로드한 데이터를 상기 복호키를 이용하여 복호화하는 것을 특징으로 하는 네트워크 드라이브 접근 제어 방법.
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2015536668A JP6125022B2 (ja) | 2012-10-12 | 2013-07-02 | ネットワークドライブのアクセス制御方法及びネットワークドライブシステム |
EP13845737.9A EP2908260B1 (en) | 2012-10-12 | 2013-07-02 | Method of controlling access to network drive, and network drive system |
US14/435,152 US9723004B2 (en) | 2012-10-12 | 2013-07-02 | Method of controlling access to network drive, and network drive system |
CN201380065414.6A CN104919467B (zh) | 2012-10-12 | 2013-07-02 | 控制对网络驱动器的访问的方法和网络驱动器系统 |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR20120113843 | 2012-10-12 | ||
KR10-2012-0113843 | 2012-10-12 | ||
KR10-2013-0075624 | 2013-06-28 | ||
KR1020130075624A KR20140047513A (ko) | 2012-10-12 | 2013-06-28 | 네트워크 드라이브 접근 제어 방법 및 네트워크 드라이브 시스템 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014058130A1 true WO2014058130A1 (ko) | 2014-04-17 |
Family
ID=50654075
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2013/005856 WO2014058130A1 (ko) | 2012-10-12 | 2013-07-02 | 네트워크 드라이브 접근 제어 방법 및 네트워크 드라이브 시스템 |
Country Status (6)
Country | Link |
---|---|
US (1) | US9723004B2 (ko) |
EP (1) | EP2908260B1 (ko) |
JP (1) | JP6125022B2 (ko) |
KR (2) | KR20140047513A (ko) |
CN (1) | CN104919467B (ko) |
WO (1) | WO2014058130A1 (ko) |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9697378B2 (en) * | 2013-12-13 | 2017-07-04 | International Business Machines Corporation | Network encrypted data object stored on an encrypted file system |
US10015173B1 (en) * | 2015-03-10 | 2018-07-03 | Symantec Corporation | Systems and methods for location-aware access to cloud data stores |
JP2016170702A (ja) * | 2015-03-13 | 2016-09-23 | キヤノン株式会社 | 情報処理装置、情報処理装置の制御方法及びプログラム |
US10417393B2 (en) | 2015-11-04 | 2019-09-17 | Screening Room Media, Inc. | Detecting digital content misuse based on digital content usage clusters |
US9590958B1 (en) * | 2016-04-14 | 2017-03-07 | Wickr Inc. | Secure file transfer |
US20170331690A1 (en) | 2016-05-12 | 2017-11-16 | Iboss, Inc. | Applying network policies to devices based on their current access network |
US11032320B1 (en) * | 2016-09-19 | 2021-06-08 | Jpmorgan Chase Bank, N.A. | Systems and methods for dynamic application level encryption |
US10452819B2 (en) | 2017-03-20 | 2019-10-22 | Screening Room Media, Inc. | Digital credential system |
KR102064942B1 (ko) * | 2017-07-12 | 2020-01-13 | 엔에이치엔 주식회사 | 디바이스를 무선으로 연결하는 방법 및 시스템 |
GB2565862B (en) * | 2017-08-18 | 2020-10-28 | Jazz Networks Ltd | Functional location determination |
CN112100681A (zh) * | 2020-11-18 | 2020-12-18 | 北京联想协同科技有限公司 | 一种数据访问方法、装置及存储介质 |
KR20220160841A (ko) | 2021-05-28 | 2022-12-06 | 삼성에스디에스 주식회사 | 파일 관리 방법 및 장치 |
US20220398302A1 (en) * | 2021-06-10 | 2022-12-15 | Trivver, Inc. | Secure wearable lens apparatus |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060117010A1 (en) * | 2004-11-29 | 2006-06-01 | Nokia Corporation | Access rights |
KR20100072018A (ko) * | 2007-09-11 | 2010-06-29 | 제너럴 인스트루먼트 코포레이션 | 보호 디지털 자료로의 보안 액세스를 위한 방법, 시스템 및 장치 |
US20110271114A1 (en) * | 2006-10-19 | 2011-11-03 | Mark Wayne Baysinger | System and method for authenticating remote server access |
WO2012042509A1 (en) * | 2010-10-01 | 2012-04-05 | Peter Chacko | A distributed virtual storage cloud architecture and a method thereof |
WO2012047273A1 (en) * | 2010-09-28 | 2012-04-12 | Headwater Partners I Llc | Service design center for device assisted services |
KR20120073799A (ko) | 2010-12-27 | 2012-07-05 | 에스케이 텔레콤주식회사 | 클라우드 스토리지 기반의 데이터 동기화 및 서비스 제공 장치와 방법 |
US20120221639A1 (en) * | 2011-03-23 | 2012-08-30 | Color Labs, Inc. | Storage and distribution of content for a user device group |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003108519A (ja) * | 2001-09-27 | 2003-04-11 | Hitachi Ltd | ファイル転送システム及びプログラム |
JP2004112571A (ja) * | 2002-09-20 | 2004-04-08 | Toshiba Tec Corp | 移動通信装置、暗号システム、移動通信方法、および暗号方法 |
KR20050015612A (ko) | 2003-08-07 | 2005-02-21 | 고대식 | 동적 ip를 위한 개인용 웹하드 시스템 및 서비스 |
WO2005088932A1 (en) * | 2004-02-13 | 2005-09-22 | Nokia Corporation | Accessing protected data on network storage from multiple devices |
KR100596135B1 (ko) | 2004-02-24 | 2006-07-03 | 소프트캠프(주) | 가상 디스크를 이용한 응용 프로그램 별 접근통제시스템과 그 통제방법 |
JP4691892B2 (ja) * | 2004-03-22 | 2011-06-01 | 富士ゼロックス株式会社 | 情報処理装置、ファイル管理方法及びプログラム |
JP4561704B2 (ja) * | 2005-08-09 | 2010-10-13 | ソニー株式会社 | 無線通信システム、端末およびその状態報知方法ならびにプログラム |
US20070185980A1 (en) | 2006-02-03 | 2007-08-09 | International Business Machines Corporation | Environmentally aware computing devices with automatic policy adjustment features |
US8145532B2 (en) * | 2006-06-27 | 2012-03-27 | Microsoft Corporation | Connecting devices to a media sharing service |
KR100740682B1 (ko) | 2006-11-30 | 2007-07-19 | (주)필라넷 | 로컬 피씨로의 데이터 저장을 방지하는 보안파일서버시스템및 그 방법과 그 방법에 대한 컴퓨터 프로그램을 저장한기록매체 |
JP2008242644A (ja) * | 2007-03-26 | 2008-10-09 | Hitachi Software Eng Co Ltd | 位置情報によるユーザ認証システム |
JP4962237B2 (ja) * | 2007-09-19 | 2012-06-27 | 富士通株式会社 | 携帯装置の位置に関する情報とファイル用暗号鍵とを管理するためのプログラムおよび方法 |
KR100940192B1 (ko) | 2007-11-21 | 2010-02-10 | 주식회사 하우서버트랜드 | 스토리지 통합 관리시스템 및 방법 |
US20100010998A1 (en) * | 2008-07-09 | 2010-01-14 | The Go Daddy Group, Inc. | Document storage access on a time-based approval basis |
JP2010267198A (ja) * | 2009-05-18 | 2010-11-25 | Nec Corp | 認証装置、方法、及び、プログラム |
US8693988B2 (en) * | 2009-06-16 | 2014-04-08 | International Business Machines Corporation | System, method, and apparatus for proximity-based authentication for managing personal data |
US8312157B2 (en) * | 2009-07-16 | 2012-11-13 | Palo Alto Research Center Incorporated | Implicit authentication |
KR101248803B1 (ko) | 2009-07-17 | 2013-03-29 | 한국전자통신연구원 | 접근허용영역에 기반한 정보 유출 제어장치 및 그 방법 |
JP2011027917A (ja) * | 2009-07-23 | 2011-02-10 | Lemuria Holdings Ltd | デジタル貸金庫システム及びサーバ |
CN102096678A (zh) * | 2009-12-09 | 2011-06-15 | 中国工商银行股份有限公司 | 一种搭建大容量网络文件系统存储器的方法 |
GB2490310A (en) * | 2011-04-18 | 2012-10-31 | Nearfield Comm Ltd | Method and system for controlling access to a service. |
-
2013
- 2013-06-28 KR KR1020130075624A patent/KR20140047513A/ko active Application Filing
- 2013-07-02 WO PCT/KR2013/005856 patent/WO2014058130A1/ko active Application Filing
- 2013-07-02 JP JP2015536668A patent/JP6125022B2/ja active Active
- 2013-07-02 US US14/435,152 patent/US9723004B2/en active Active
- 2013-07-02 CN CN201380065414.6A patent/CN104919467B/zh active Active
- 2013-07-02 EP EP13845737.9A patent/EP2908260B1/en active Active
-
2015
- 2015-03-30 KR KR1020150043907A patent/KR101960965B1/ko active IP Right Grant
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060117010A1 (en) * | 2004-11-29 | 2006-06-01 | Nokia Corporation | Access rights |
US20110271114A1 (en) * | 2006-10-19 | 2011-11-03 | Mark Wayne Baysinger | System and method for authenticating remote server access |
KR20100072018A (ko) * | 2007-09-11 | 2010-06-29 | 제너럴 인스트루먼트 코포레이션 | 보호 디지털 자료로의 보안 액세스를 위한 방법, 시스템 및 장치 |
WO2012047273A1 (en) * | 2010-09-28 | 2012-04-12 | Headwater Partners I Llc | Service design center for device assisted services |
WO2012042509A1 (en) * | 2010-10-01 | 2012-04-05 | Peter Chacko | A distributed virtual storage cloud architecture and a method thereof |
KR20120073799A (ko) | 2010-12-27 | 2012-07-05 | 에스케이 텔레콤주식회사 | 클라우드 스토리지 기반의 데이터 동기화 및 서비스 제공 장치와 방법 |
US20120221639A1 (en) * | 2011-03-23 | 2012-08-30 | Color Labs, Inc. | Storage and distribution of content for a user device group |
Non-Patent Citations (1)
Title |
---|
See also references of EP2908260A4 |
Also Published As
Publication number | Publication date |
---|---|
EP2908260A1 (en) | 2015-08-19 |
US9723004B2 (en) | 2017-08-01 |
JP2015537291A (ja) | 2015-12-24 |
KR20140047513A (ko) | 2014-04-22 |
KR101960965B1 (ko) | 2019-03-21 |
KR20150040835A (ko) | 2015-04-15 |
CN104919467A (zh) | 2015-09-16 |
CN104919467B (zh) | 2017-09-29 |
JP6125022B2 (ja) | 2017-05-10 |
EP2908260B1 (en) | 2019-11-27 |
EP2908260A4 (en) | 2016-06-01 |
US20150341359A1 (en) | 2015-11-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2014058130A1 (ko) | 네트워크 드라이브 접근 제어 방법 및 네트워크 드라이브 시스템 | |
WO2017111383A1 (ko) | 생체 정보 기반 인증 장치, 이와 연동하는 제어 서버, 그리고 이들의 생체 정보 기반 로그인 방법 | |
WO2019035700A1 (en) | METHOD AND APPARATUS FOR BOARDING IN AN IOT NETWORK | |
WO2013183814A1 (ko) | 개선된 보안 기능 기반의 클라우드 서비스 시스템 및 이를 지원하는 방법 | |
WO2014185594A1 (ko) | Vdi 환경에서의 싱글 사인온 시스템 및 방법 | |
WO2016129929A1 (ko) | 온라인 웹사이트의 회원 로그인을 위한 보안인증 시스템 및 그 방법 | |
WO2013012120A1 (ko) | 생체이미지 정보를 포함하는 일회용 비밀번호를 이용한 인증방법 및 장치 | |
KR20090065097A (ko) | 유비쿼터스 서비스 인증 게이트웨이 장치 및 그 방법 | |
WO2014104539A1 (ko) | 패스코드 관리 방법 및 장치 | |
WO2012099330A2 (ko) | Cpns 환경에서 사용자 인증을 위한 인증키 발급 시스템 및 방법 | |
WO2018169150A1 (ko) | 잠금화면 기반의 사용자 인증 시스템 및 방법 | |
WO2016064041A1 (ko) | 해쉬값을 이용하여 응용 프로그램의 위변조 여부를 탐지하는 사용자 단말기 및 그것을 이용한 위변조 탐지 방법 | |
WO2021040283A1 (ko) | 무선 ap 접속 정보에 기초하여 근태 관리를 수행할 수 있는 근태 관리 시스템 서버 및 그 동작 방법 | |
WO2015069028A1 (ko) | 이동통신단말기를 이용한 다채널 인증과 금융 이체 방법 및 시스템 | |
WO2018186543A1 (ko) | 장치 인증키를 이용한 데이터 암호화 방법 및 시스템 | |
WO2015178597A1 (ko) | Puf를 이용한 비밀키 업데이트 시스템 및 방법 | |
WO2021020918A1 (ko) | 논리적 내부 네트워크를 제공하는 방법, 이를 구현하는 모바일 단말 및 어플리케이션 | |
WO2016064040A1 (ko) | 서명정보를 이용하여 응용 프로그램의 위변조 여부를 탐지하는 사용자 단말기 및 그것을 이용한 위변조 탐지 방법 | |
JP6905950B2 (ja) | 端末装置、自動車、自動車の遠隔操作端末の認証方法及びコンピュータプログラム | |
KR101442489B1 (ko) | 보안키를 이용한 스마트기기의 보안파일 접근 제어 장치 및 방법 | |
CN106878989B (zh) | 一种接入控制方法及装置 | |
WO2020197283A1 (ko) | 전자 디바이스를 인증하기 위한 방법 및 그에 따른 장치 | |
JP5141096B2 (ja) | 取得したネットワークの接続情報を利用したファイルの自動暗号化装置、その方法及びそのプログラム | |
JP2009223389A (ja) | 接続制御装置、接続制御方法及び接続制御プログラム | |
WO2021118005A1 (ko) | 사용자 단말 및 사용자 계정을 관리하기 위한 계정 관리 서버의 제어 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13845737 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2015536668 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2013845737 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14435152 Country of ref document: US |