WO2016190663A1 - Procédé de gestion de sécurité et dispositif de gestion de sécurité dans un système de réseau domestique - Google Patents

Procédé de gestion de sécurité et dispositif de gestion de sécurité dans un système de réseau domestique Download PDF

Info

Publication number
WO2016190663A1
WO2016190663A1 PCT/KR2016/005538 KR2016005538W WO2016190663A1 WO 2016190663 A1 WO2016190663 A1 WO 2016190663A1 KR 2016005538 W KR2016005538 W KR 2016005538W WO 2016190663 A1 WO2016190663 A1 WO 2016190663A1
Authority
WO
WIPO (PCT)
Prior art keywords
monitoring
unit
security management
equipment
security
Prior art date
Application number
PCT/KR2016/005538
Other languages
English (en)
Korean (ko)
Inventor
한태수
김주생
유휘재
Original Assignee
주식회사 안랩
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 안랩 filed Critical 주식회사 안랩
Publication of WO2016190663A1 publication Critical patent/WO2016190663A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks

Definitions

  • the present invention relates to a security management apparatus and a security management method in a home network system, and more particularly, to an apparatus and method for monitoring security of a plurality of devices and managing security for monitoring equipment connected to a common server unit.
  • a home network refers to a system for controlling home appliances such as TVs, refrigerators, and air conditioners and home appliances such as door locks, lights, gas, and fires through a network.
  • This home network is applied to a common residential (residential) space such as an apartment or an officetel or an intelligent building system (IBS).
  • IBS intelligent building system
  • home network system 40 refers to a system that connects at least one generation 50 to a network.
  • the monitoring device 52 is installed in each generation 50, which monitors a plurality of devices such as home appliances or home appliances, although not shown in FIG.
  • the monitoring equipment 52 is connected to the communication object of the outside 10 via the network 20 through the common server unit 30.
  • the plurality of monitoring equipment 52 is connected to each other by an internal network.
  • Such monitoring equipment 52 may be, for example, a wallpad.
  • the home network system 40 shown in FIG. 1 may have security problems for the following reasons.
  • the public server unit 30 is a kind of server
  • an attack on the server itself from the outside 10 can be blocked by a security technology such as a firewall, but such a security technology is hacked by the monitoring device 52 itself. This is because it is not possible to block.
  • a security technology such as a firewall
  • Photographing means, voice input means such as a microphone or lighting may be arbitrarily manipulated.
  • the hacked monitoring equipment 52 may be exploited for DDos attacks.
  • an attack on the monitoring device 52 due to malicious behavior may occur in an internal network between the plurality of monitoring devices 52.
  • An object of the present invention is to provide an apparatus and method for providing and managing security for monitoring equipment for monitoring a plurality of devices in a home network system.
  • a security management device for monitoring equipment that monitors a plurality of devices and is connected to a common server unit may include a connection unit electrically connected to the monitoring device and a monitoring unit for monitoring a task in the monitoring device. And a controller configured to allow or block the task based on a result of the monitoring by the monitoring unit.
  • the security management device may be implemented to be included in the monitoring equipment or may be separately implemented outside the monitoring equipment.
  • a first device which is at least one of the plurality of devices, is connected to the monitoring device through a gateway unit, and the monitoring unit is a list of the first device or a list of second devices connected to the monitoring device without passing through the gateway unit. It may include a device list monitoring unit for monitoring.
  • the monitoring unit may include an initialization process monitoring unit for monitoring an initialization process that enables communication between the monitoring equipment and the gateway unit.
  • the monitoring unit may include a file monitoring unit for monitoring a file included in the monitoring device, a process monitoring unit for monitoring a process in the monitoring device, a connection to the network of the monitoring device, or data for transmitting and receiving data to and from the network.
  • the network monitoring unit a memory access monitoring unit for monitoring the access to the memory included in the monitoring equipment and a device communication monitoring unit for monitoring the communication between the monitoring equipment and the device.
  • the monitoring unit may monitor the task based on a preset whitelist or blacklist.
  • the monitoring unit may monitor the task through interworking with the public server unit.
  • the monitoring unit may monitor whether the response from the device to the monitoring device is a response when there is no request by the monitoring device.
  • the monitoring unit may monitor whether the request received by the monitoring device is a request from an unauthorized third party device.
  • the controller may allow or block the file, the process, the connection to the network or the data transmitted or received from the network, the access to the memory, or the communication between the monitoring device and the device based on the monitored result. have.
  • a security management method using a security management apparatus for monitoring equipment connected to a common server unit and monitoring a plurality of devices may include: electrically connecting to the monitoring equipment, and performing a task at the monitoring equipment.
  • the monitoring may include allowing or blocking the task based on the monitoring result.
  • the first device which is at least one of the plurality of devices, is connected to the monitoring device through a gateway unit, and the monitoring may include a second device connected to the monitoring device without a list of the first device or the gateway unit. You can monitor the list.
  • the monitoring may monitor an initialization process that enables communication between the monitoring equipment and the gateway unit.
  • the monitoring may include a file included in the monitoring device, a process in the monitoring device, a connection to the network of the monitoring device, or data transmitted to and received from the network, access to a memory included in the monitoring device, or the The communication between the monitoring equipment and the device can be monitored.
  • the monitoring may include monitoring the task based on a preset whitelist or blacklist.
  • the monitoring may monitor the task through interworking with the public server unit.
  • the monitoring may monitor whether the response from the device to the monitoring device is a response when there is no request by the monitoring device.
  • the monitoring may monitor whether the request received by the monitoring device is a request from an unauthorized third party device.
  • the step of allowing or blocking based on the monitoring result, the file, the process, access to the network or data transmitted and received with the network, access to the memory included in the monitoring equipment or the monitoring equipment and It may allow or block communication between the devices.
  • a computer readable recording medium having recorded thereon a program including instructions for performing each step according to the security management method may be included.
  • only the authorized user or processor may access the monitoring device included in the home network system and the device connected to the monitoring device, and may block the creation or execution of malicious file itself. It can monitor the communication related to the monitoring equipment, and can block the taking or tampering with the unique information stored in the monitoring equipment. Accordingly, it is possible to prevent privacy invasion from the outside through such monitoring equipment, and also to prevent the leakage of various information stored in the monitoring equipment (internal information or personal information of the company).
  • FIG. 1 is a diagram illustrating a home network system to which a security management apparatus according to an embodiment of the present invention is applied.
  • FIGS. 2A and 2B are diagrams exemplarily illustrating a configuration of a security management apparatus according to an embodiment of the present invention.
  • 3A to 3C are diagrams exemplarily illustrating a connection between a monitoring device and a plurality of devices.
  • FIGS. 4A and 4B are diagrams exemplarily illustrating a configuration in which a security management apparatus according to an embodiment of the present invention is connected to monitoring equipment.
  • 5A to 5C are conceptual views illustrating a security management apparatus managing security for communication between a monitoring device and a device according to an embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a security management method according to an embodiment of the present invention.
  • FIGS. 3A to 3C are diagrams exemplarily illustrating a connection between monitoring equipment and a plurality of devices.
  • 4A and 4B are diagrams exemplarily illustrating a configuration in which a security management apparatus according to an embodiment of the present invention is connected to monitoring equipment.
  • the security management apparatus 100 may include a connection unit 110 electrically connected to monitoring equipment, a monitoring unit 120 monitoring a task in the monitoring equipment, and a monitoring unit.
  • the controller 130 may allow or block the task based on the result of monitoring, except that the configuration illustrated in FIG. 2A is exemplary and does not include or mention at least one or more of these components. It may further include a component.
  • the security management apparatus 100 and components included therein to be described below include an electronic device including a memory for storing a processor and instructions executed by the processor, by a hybrid implementation of at least some software and hardware. It may be implemented on a programmable machine that is selectively activated or reconfigured by a device or computer program.
  • the security management apparatus 100 will be described on the premise that it is applied to each monitoring device 52 installed in each generation 50 of the home network system 40 shown in FIG. 1. Accordingly, hereinafter, the first embodiment will be described in more detail with reference to FIG. 1, but the present specification refers to a 'home' network system including at least one 'generation', but the spirit of the present invention is simply 'home' or 'generation'. It is not limited to being applied to. That is, according to an embodiment of the present invention, the security management device 100 may be applied to a common residential (resident) space, for example, officetel, office or IBS.
  • a common residential (resident) space for example, officetel, office or IBS.
  • the common server unit 30 is a device that manages the monitoring equipment 52 installed in each household 50.
  • the common server unit 30 may be a desktop or a server, and may be externally connected through the network 20. 10) can be connected.
  • the common server unit 30 may be connected to the monitoring equipment 52 installed in each generation 50 included in the home network system 40. At this time, in the connection between the monitoring equipment 52 and the common server unit 30, the monitoring equipment 52 is directly connected to the common server unit 30 as shown in FIG. 1 or otherwise shown in FIG. Although not yet, it may be connected to the public server unit 30 through a separate connection configuration (for example, a gateway).
  • a separate connection configuration for example, a gateway
  • Monitoring equipment 52 installed in each household 50 is connected to a number of devices, although not shown in FIG. 1.
  • the plurality of devices may include various electronic products or electronic devices such as, for example, door locks, lighting or gas, TV, refrigerators, air conditioners, photographing means such as cameras, and voice input means such as microphones.
  • the electronic device may support IP-based communication or other wired / wireless-based communication.
  • a connection method between the plurality of devices and the monitoring device will be described with reference to FIGS. 3A to 3C.
  • the first device 53 of the plurality of devices may be connected to the monitoring device 52 through the gateway unit 70, and the second device 55 of the plurality of devices may be the gateway unit 70. It may be directly connected to the monitoring equipment 52 without going through.
  • the gateway unit 70 may monitor a plurality of devices such as RS-232, RS-485, RF, TCP / IP, Bluetooth, NFC, etc. regardless of a communication method supported by a plurality of devices. ), But the configuration and function of such a gateway unit 70 is already known, so a detailed description thereof will be omitted.
  • the 'devices 53 and 55' refers to either the first device 53 or the second device 55.
  • the gateway unit 70 may be implemented to be included in the monitoring device 52, or alternatively, the gateway unit 70 may be separately implemented outside the monitoring device 52 as shown in FIG. 3B.
  • the gateway unit 70 may be implemented separately at the same time outside the monitoring equipment 52 (gateway # 2 (71) Of course.
  • connection unit 110 electrically connects the security management apparatus 100 and the monitoring equipment 52.
  • the security management apparatus 100 may monitor and control the monitoring equipment 52 through the connection unit 110.
  • the security management apparatus 100 may be included in the monitoring equipment 52 to be electrically connected to the monitoring equipment through the connection unit 110.
  • the connection unit 110 may be connected to a part in which the monitoring device 52 controls files or processes, communication or memory therein, or a part in which the monitoring device 52 communicates with the outside. That is, the security management apparatus 100 is connected to the file 110 in the monitoring equipment 52, the process in the monitoring equipment 52, the monitoring equipment 52 and the external (for example, a common server unit or device) through the connection 110 Information regarding communication with or access to a memory included in the monitoring device 52 may be received.
  • the security management apparatus 100 may not be included in the monitoring equipment 52 but may be separately implemented externally.
  • the connection unit 110 is electrically connected between the monitoring device 52 and the security management device 100 implemented separately outside the monitoring device 52, for example, the connection unit 110 is the monitoring device 52 It may be connected to a part for controlling a file, a process, a communication, or a memory therein, or a part for monitoring device 52 to communicate with the outside.
  • the security management apparatus 100 is implemented outside the monitoring equipment 52 differently from FIG. 2A, the security management apparatus 100 is different from those of FIG. The same can be monitored.
  • the monitoring unit 120 may monitor a task in the monitoring device 52. Specifically, when the security management apparatus 100 is connected to the monitoring equipment 52 through the connection unit 110, the monitoring unit 120 receives the information on the task from the monitoring equipment 52, and then to the task It can be monitored whether the information is included in a preset whitelist or blacklist.
  • the whitelist includes a list of tasks that are allowed to run
  • the blacklist includes a list of tasks that are not allowed to run.
  • the task refers to a task performed by the monitoring equipment 52.
  • the monitoring equipment 52 For example, working with system hardening, working with code signing solutions, authenticating users or devices accessing monitoring equipment 52 based on certificates, encrypting data on communications, Work related to applying a one-time password to access to monitoring equipment 52, work on security control services, work on data leakage prevention, work on application protection technologies, work on ensuring service continuity, This may include, but is not limited to, operations related to data recovery in case of emergency or monitoring of abnormal use of the device.
  • the system hardening work includes resources (such as apps, software) that can be installed on the monitoring device 52 and files, directories, and registries accessible to the monitoring device 52.
  • resources such as apps, software
  • the system hardening work includes resources (such as apps, software) that can be installed on the monitoring device 52 and files, directories, and registries accessible to the monitoring device 52.
  • After defining in advance eg, based on a whitelist or a blacklist), it may refer to monitoring the installation or execution of an app or access to resources that are not predefined.
  • the work on the code signing solution may refer to the operation to ensure that the application distributed by the hacker or the like is not executed by allowing the code signing to be executed normally only for the application that has been code signing. This could mean signing code to the entire executable file based on the certificate.
  • authenticating a user or device based on a certificate may refer to allowing access only to a user or device that has a certificate installed.
  • a certificate of a device for low power short-range communication a cable of US Cablelab It may include an international standard interface certificate of a modem, a European protocol certificate of DOCSIS, or a broadcast type certificate in which a security module is separated.
  • the operation of data encryption in communication refers to data encryption through SSL certificates. For example, if a tampered site does not have a normal SSL certificate, access to these sites is blocked, and data leakage is prevented for normal sites. May include preventing
  • the work on the security control service may refer to monitoring the malicious code for the endpoint at the gateway level by utilizing the function of monitoring the URL / IPS / FILE.
  • data leakage prevention refers to detecting, blocking, and reporting data containing confidential information or personal information from externally transmitted data, for example, from a device supporting IoT (Internet of Things) function. You can prevent the leakage of confidential or personal information.
  • IoT Internet of Things
  • the work on application protection technology refers to blocking external leakage of such data by applying encryption to data stored in the monitoring device 52 and separating secret data, for example, data separation and theft management. , Encryption and authentication.
  • the monitoring unit 120 may monitor the file monitoring unit 121, the process monitoring unit 122, the network monitoring unit 123, the memory access monitoring unit 124, and the initialization process as illustrated in FIG. 2B.
  • the unit 125 or the device communication monitoring unit 127 may be included, and various monitoring described below may be performed using this configuration.
  • the monitoring unit 120 may not include at least one or more of the above-described components, or may further include other components not shown here.
  • the file monitoring unit 122 monitors a file in the monitoring equipment 52.
  • the file monitoring unit 122 may monitor the creation, copying, deleting, moving, accessing, reading, writing, changing or executing a file name based on a whitelist or a blacklist.
  • the file to be monitored may include an executable file, a configuration file, an important data file, a registry file, or a system file. More specifically, a file storing a call content between generations using the monitoring device 52, a member of a household, or a vehicle may be accessed. Or a file that stores personal information such as visitor information, but is not limited thereto.
  • the process monitoring unit 122 monitors the process at the monitoring equipment 52.
  • the process monitoring unit 122 may monitor an intrusion or execution of a process to neutralize the operation of the security management apparatus 100 based on a white list or a black list.
  • the network monitoring unit 123 monitors a connection to the network of the monitoring device 52 or data transmitted / received through the network based on a white list or a black list, and the network to be monitored is, for example, a public server unit ( Network connection to the external network 30, other network connection to the external network 10, packets, data and commands transmitted and received through the network.
  • a public server unit Network connection to the external network 30, other network connection to the external network 10, packets, data and commands transmitted and received through the network.
  • the memory access monitoring unit 125 monitors the access to the memory included in the monitoring device 52, and the memory included in the monitoring device 52 from the outside (such a memory may include, for example, intergenerational call content and vehicle access information. Can store whitelisted or blacklisted processes or users who have access to personal information, visitor information, etc.).
  • the initialization process monitoring unit 126 may monitor the initialization process of the monitoring device 52 and the gateway unit 70. That is, the initialization process monitoring unit 126 may monitor various initialization processes for setting communication between the monitoring equipment 52 and the gateway unit 70, and this initialization process may be performed by, for example, the gateway unit 70. It may include the process of delivering the IP of the monitoring equipment (52).
  • the device list monitoring unit 127 may monitor a list of a plurality of devices (53, 55) connected to the monitoring equipment (52). In more detail, the device list monitoring unit 127 may monitor the change or change of the device list, and may also monitor the connection of unauthorized devices not included in the device list to the monitoring device 52. Can be. In addition, the device list monitoring unit 126 may monitor a device list transmission process between the gateway unit 70 and the monitoring device 52. In the process of transmitting the device list, the monitoring device 52 receives information about the device (for example, the first device) connected to the gateway unit 70 from the gateway unit 70 to inquire and control the corresponding device. Refers to a process that can be performed.
  • the device communication monitoring unit 127 may monitor communication between the monitoring device 52 and the plurality of devices 53 and 55. For example, abnormal access from the outside to a photographing means such as a camera connected to or built into the monitoring equipment 52 or a voice input / output means such as a microphone can be monitored.
  • a photographing means such as a camera connected to or built into the monitoring equipment 52
  • a voice input / output means such as a microphone
  • the device communication monitoring unit 127 may monitor the communication (for example, control commands or events, hereinafter referred to as device-related communication) transmitted to or from the devices 53 and 55.
  • a communication method between the monitoring device 52 and the devices 53 and 55 is a half-duplex and polling method, which will be described with reference to FIGS. 5A to 5C.
  • the master In the half-duplex and polling communication method, the master must make a request so that the slave can perform the response. The master's request is sent to all slaves, and the response of one slave is sent to the other slave and the master.
  • FIG. 5A is a diagram conceptually illustrating a case in which a communication method between the monitoring device 52 and the plurality of devices 53 and 55 is a half-duplex method in a home network system.
  • the monitoring equipment 52 is a master requesting communication 60 and the devices 53, 55 are slaves responding 61 to the request 60. (slave). That is, in the half-duplex and polling home network system, the plurality of devices 53 and 55 may respond to the request 61 only when the request 60 of the monitoring device 52 is received.
  • the devices 53 and 55 which are slaves, may perform a response, and the request of the monitoring device 52 may include all devices 53 and 55.
  • the response of one of the devices 53 and 55 is transmitted to the other device and the monitoring equipment 52.
  • FIG. 5B illustrates a case in which there is a response 61 from the devices 53 and 55 even when there is no request 60 of the monitoring equipment 52 in the home network system.
  • the device communication monitoring unit 127 may analyze this situation when there is a response 61 from the devices 53 and 55 even though there is no request from the monitoring equipment 52.
  • Such a situation may be, for example, a case in which the devices 53 and 55 are infected with a malicious code, and thus transmit a response 61 by themselves even without a request of the monitoring device 52.
  • the third device 56 other than 52 transmits a request 62 for attacking the devices 53 and 55 to the devices 53 and 55, and the devices 53 and 55 respond. Can be.
  • the third device 56 when the third device 56, not the devices 53 and 55, transmits a request 62 for attacking the devices 53 and 55 to the devices 53 and 55, the request 62. May be transmitted to the monitoring equipment 52 serving as the master.
  • the device communication monitoring unit 127 may analyze the request 62.
  • the monitoring unit 120 may monitor the monitoring equipment 52 through interworking with the common server unit 30.
  • the common server unit 30 may perform monitoring on behalf of the monitoring unit 120.
  • the monitoring result of the monitoring unit 120 may be delivered to the common server unit 30, the public server unit 30 may analyze the monitoring result and then transfer it to the monitoring unit 120 again.
  • the analysis result received from the monitoring unit 120 from the common server 30 may be used to determine whether to allow or block a task.
  • control unit 130 analyzes the monitoring result of the monitoring unit 120.
  • control unit 130 may allow or block the execution of the task based on the analysis result. Or you can use blacklists.
  • the controller 130 may block (lock down) the installation or execution of an undefined app or access to resources in a task related to system hardening, and code signing in a task related to a code signing solution. It is possible to block (lock down) the execution of a non-certified application and to block access only to users or devices that do not have a certificate in authenticating users or devices based on certificates. In addition, it is possible to block access to a site that has been tampered with in a communication data encryption operation, and to prevent data leakage of a normal site.
  • the controller 130 may block abnormal access to, for example, a recording means such as a camera connected to or embedded in the monitoring device 52 or a voice input / output means such as a microphone, or may include intergenerational call contents stored in a memory or a file. The leakage of personal information and internal company information can be blocked.
  • controller 130 may block the corresponding communication when data is modulated or taken over during the initialization process or when a list of devices connected to the monitoring device 52 is tampered with or taken over during the device list transmission process.
  • the controller 130 may respond to the response (61) even if the device (53, 55) does not have a request (60) from the monitoring device 52, or the third device 56 is connected to the device (53, 55) If a request 62 for attack is passed, this response 61 or request 62 can be blocked.
  • the storage unit may store the monitoring result of the monitoring unit 120.
  • Such storage may be in the form of a memory for storing data.
  • the alarm unit may transmit a task history allowed or blocked by the controller 130 to a user or an administrator.
  • the alarm unit installs or executes a blocked app or accesses a resource, blocks the execution of an application without code signing, accesses to a tampered site, intrudes, executes, or monitors a process that attempts to neutralize the operation itself.
  • Abnormal access to a recording means such as a camera connected to or embedded in the equipment 52 or a voice input / output means such as a microphone, or an attempt to leak an intergenerational call or personal (or corporate) information stored in a memory or a file; It can be delivered as a notification message to the administrator, but this is only an example, and the notification message may be SMS, MMS, LMS, applications of the smartphone and various other forms.
  • the alarm unit may respond to a response 61 even when the device 53 or 55 does not have a request 60 from the monitoring device 52 or the third device 56 may attack the device 53 or 55.
  • the details can be informed to the user or administrator.
  • the security management device may allow only authorized users or processors to access the monitoring devices included in the home network system and the devices connected to the monitoring devices, and may block the creation or execution of malicious files themselves.
  • it can monitor the communication related to the monitoring equipment, and can block the taking or tampering with the unique information stored in the monitoring equipment. Accordingly, it is possible to prevent privacy invasion from the outside through such monitoring equipment, and also to prevent the leakage of various information stored in the monitoring equipment (internal information or personal information of the company).
  • FIG. 6 is a flowchart illustrating a security management method according to an embodiment of the present invention.
  • the step of electrically connecting with the monitoring device (S100), the step of monitoring a task in the monitoring device (S200), and the result of the monitoring Allowing or blocking the task on the basis of the step (S300) may be included, but the spirit of the present invention is not limited to that shown in FIG.
  • the step S100 of being electrically connected is performed by, for example, the connection unit 110 of the security management apparatus 100, through which the security management apparatus 100 may be connected to the monitoring equipment 52.
  • the connection unit 110 is connected to the monitoring equipment 52.
  • the security management device 100 may be electrically connected as described above.
  • Monitoring step (S200) is performed by the monitoring unit 120 of the security management device 100, for example, through the file or process, network access or memory access, initialization process in the monitoring equipment 52 through this Alternatively, the device list transmission process and communication between the monitoring device 52 and the device may be monitored, as described above.
  • the allowing or blocking step S300 may block or allow the task based on the whitelist or the blacklist based on the monitoring result in the monitoring step S200. For example, working on system hardening or working on code signing solutions, creating, copying, deleting, moving, accessing, reading, writing, renaming or executing files, invading or executing processes, etc. As described above, it may allow or block based on a list or a blacklist.
  • only authorized users or processors may access the monitoring devices included in the home network system and the devices connected to the monitoring devices, and may block the creation or execution of malicious files themselves, It can monitor the related communication and block the taking or tampering with the unique information stored in the monitoring equipment. Accordingly, it is possible to prevent privacy invasion from the outside through such monitoring equipment, and also to prevent the leakage of various information stored in the monitoring equipment (internal information or personal information of the company).
  • Combinations of each block of the block diagrams and respective steps of the flowcharts attached to the present invention may be performed by computer program instructions.
  • These computer program instructions may be mounted on a processor of a general purpose computer, special purpose computer, or other programmable data processing equipment such that instructions executed through the processor of the computer or other programmable data processing equipment may not be included in each block or flowchart of the block diagram. It will create means for performing the functions described in each step.
  • These computer program instructions may also be stored in a computer usable or computer readable memory, recording medium that can be directed to a computer or other programmable data processing equipment to implement functionality in a particular manner, and thus the computer usable or computer.
  • Instructions stored in the readable memory may also produce an article of manufacture containing instruction means for performing the functions described in each block of the block diagram or in each step of the flowchart.
  • Computer program instructions may also be mounted on a computer or other programmable data processing equipment, such that a series of operating steps may be performed on the computer or other programmable data processing equipment to create a computer-implemented process to create a computer or other programmable data.
  • Instructions that perform processing equipment may also provide steps for performing the functions described in each block of the block diagram and in each step of the flowchart.
  • each block or step may represent a portion of a module, segment or code that includes one or more executable instructions for executing a specified logical function (s).
  • a specified logical function s.
  • the functions noted in the blocks or steps may occur out of order.
  • the two blocks or steps shown in succession may in fact be executed substantially concurrently or the blocks or steps may sometimes be performed in the reverse order, depending on the functionality involved.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Environmental & Geological Engineering (AREA)
  • Alarm Systems (AREA)

Abstract

La présente invention concerne un dispositif de gestion de sécurité pour un équipement de surveillance qui est connecté à une pluralité de dispositifs pour surveiller la pluralité de dispositifs, le dispositif de gestion de sécurité comprenant : une unité de connexion connectée à l'équipement de surveillance ; une unité de surveillance pour, lorsqu'elle est connectée à l'équipement de surveillance par l'intermédiaire de l'unité de connexion, surveiller une tâche qui est exécutée dans l'équipement de surveillance ; et une unité de commande destinée à permettre ou à bloquer l'exécution de la tâche dans l'équipement de surveillance sur la base du résultat de la surveillance de la tâche par l'unité de surveillance.
PCT/KR2016/005538 2015-05-26 2016-05-25 Procédé de gestion de sécurité et dispositif de gestion de sécurité dans un système de réseau domestique WO2016190663A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020150073023A KR101772144B1 (ko) 2015-05-26 2015-05-26 홈 네트워크 시스템에서의 보안 관리 장치 및 보안 관리 방법
KR10-2015-0073023 2015-05-26

Publications (1)

Publication Number Publication Date
WO2016190663A1 true WO2016190663A1 (fr) 2016-12-01

Family

ID=57394114

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2016/005538 WO2016190663A1 (fr) 2015-05-26 2016-05-25 Procédé de gestion de sécurité et dispositif de gestion de sécurité dans un système de réseau domestique

Country Status (2)

Country Link
KR (1) KR101772144B1 (fr)
WO (1) WO2016190663A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110535767A (zh) * 2019-09-03 2019-12-03 北京百佑科技有限公司 智能门锁、智能网关以及云端的通信方法以及系统

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102368224B1 (ko) 2017-06-16 2022-02-28 한화테크윈 주식회사 영상처리장치, 인증장치 및 영상처리장치의 사용자 인증 방법
KR102005318B1 (ko) * 2018-02-22 2019-07-30 피타입 주식회사 해킹을 방지하기 위한 홈 네트워크를 제공하는 방법 및 장치
KR102307837B1 (ko) * 2021-02-25 2021-10-05 주식회사 맥데이타 다세대 홈 네트워크 데이터의 중앙 집중형 수집 및 저장 방법 및 시스템
KR20240060128A (ko) 2022-10-28 2024-05-08 주식회사 맥시오 홈 네트워크의 통신보안성을 강화하는 장치

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080113791A (ko) * 2007-06-26 2008-12-31 주식회사 케이티 홈 네트워크의 보안관리 시스템 및 그 방법
KR20090090641A (ko) * 2008-02-21 2009-08-26 주식회사 조은시큐리티 능동형 보안 감사 시스템
KR20110087594A (ko) * 2010-01-26 2011-08-03 삼성전자주식회사 네트워크로의 불법 접근 방지 방법 및 장치
KR20120097599A (ko) * 2011-02-25 2012-09-05 삼성전자주식회사 네트워크 시스템 및 그 제어방법
US20140201836A1 (en) * 2012-08-23 2014-07-17 David B. Amsler Automated Internet Threat Detection and Mitigation System and Associated Methods

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080032788A (ko) 2006-10-11 2008-04-16 이승훈 보안 기능을 구비한 홈네트워크 시스템

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080113791A (ko) * 2007-06-26 2008-12-31 주식회사 케이티 홈 네트워크의 보안관리 시스템 및 그 방법
KR20090090641A (ko) * 2008-02-21 2009-08-26 주식회사 조은시큐리티 능동형 보안 감사 시스템
KR20110087594A (ko) * 2010-01-26 2011-08-03 삼성전자주식회사 네트워크로의 불법 접근 방지 방법 및 장치
KR20120097599A (ko) * 2011-02-25 2012-09-05 삼성전자주식회사 네트워크 시스템 및 그 제어방법
US20140201836A1 (en) * 2012-08-23 2014-07-17 David B. Amsler Automated Internet Threat Detection and Mitigation System and Associated Methods

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110535767A (zh) * 2019-09-03 2019-12-03 北京百佑科技有限公司 智能门锁、智能网关以及云端的通信方法以及系统

Also Published As

Publication number Publication date
KR20160138761A (ko) 2016-12-06
KR101772144B1 (ko) 2017-09-12

Similar Documents

Publication Publication Date Title
WO2021036265A1 (fr) Procédé et dispositif de gestion de fusion en nuage périphérique
WO2016190663A1 (fr) Procédé de gestion de sécurité et dispositif de gestion de sécurité dans un système de réseau domestique
Rondon et al. Survey on enterprise Internet-of-Things systems (E-IoT): A security perspective
Jose et al. Smart Home Automation Security: A Literature Review: A Literature Review
Campbell et al. Towards security and privacy for pervasive computing
US20090044270A1 (en) Network element and an infrastructure for a network risk management system
Trimananda et al. Vigilia: Securing smart home edge computing
KR101143847B1 (ko) 네트워크 보안장치 및 그 방법
US20070294416A1 (en) Method, apparatus, and computer program product for enhancing computer network security
US11197160B2 (en) System and method for rogue access point detection
WO2014081468A1 (fr) Système et procédé de détection, d'alerte et de blocage des fuites de données, des interceptions et des logiciels espions
JP2016537894A (ja) 局所/ホームネットワークのためのセキュリティゲートウェイ
KR102178305B1 (ko) IoT 네트워크 접근을 제어하는 보안 시스템
WO2021112494A1 (fr) Système et procédé de détection et de réponse de type gestion basée sur des points d'extrémité
WO2019084340A1 (fr) Système et procédé pour fournir un vlan sécurisé dans un réseau sans fil
JP4636345B2 (ja) セキュリティポリシー制御システム、セキュリティポリシー制御方法、及びプログラム
WO2016200232A1 (fr) Système et procédé destinés à un serveur à distance en cas de défaillance d'un serveur de rétablissement
KR101881061B1 (ko) 모드 변경이 가능한 양방향 통신 장치 및 방법
WO2020189871A1 (fr) Appareil de commande d'accès à internet d'un dispositif ido et procédé associé
WO2021107493A1 (fr) Système de surveillance d'image ayant une capacité de configuration d'environnement d'utilisation de caméra à sécurité renforcée
KR102110383B1 (ko) 블록체인 기반의 모바일 보안 시스템
Wall et al. Software-defined security architecture for smart buildings using the building information model
Wells Better Practices for IoT Smart Home Security
Sassani et al. AgentPi: An IoT Enabled Motion CCTV Surveillance System
JP3893055B2 (ja) ネットワークのセキュリティシステム及びそのセキュリティ方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16800302

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16800302

Country of ref document: EP

Kind code of ref document: A1