WO2017155280A3 - Security system for sdn/nfv-based ip call service and method for operating security system - Google Patents

Security system for sdn/nfv-based ip call service and method for operating security system Download PDF

Info

Publication number
WO2017155280A3
WO2017155280A3 PCT/KR2017/002448 KR2017002448W WO2017155280A3 WO 2017155280 A3 WO2017155280 A3 WO 2017155280A3 KR 2017002448 W KR2017002448 W KR 2017002448W WO 2017155280 A3 WO2017155280 A3 WO 2017155280A3
Authority
WO
WIPO (PCT)
Prior art keywords
security
voip
service
sdn
security system
Prior art date
Application number
PCT/KR2017/002448
Other languages
French (fr)
Korean (ko)
Other versions
WO2017155280A2 (en
Inventor
안태진
이세희
김우태
Original Assignee
주식회사 케이티
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 케이티 filed Critical 주식회사 케이티
Publication of WO2017155280A2 publication Critical patent/WO2017155280A2/en
Publication of WO2017155280A3 publication Critical patent/WO2017155280A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/54Organization of routing tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

Disclosed are a security system and a security processing method for detecting whether an IP-based call service (VoIP or VoLTE) in an SDN and NFV environment is illegally used and blocking such an illegal use. A security system for an SDN-based centralized VoIP service comprises: a security service manager for setting and managing a security service policy necessary for using a VoIP security service; a VoIP security controller for generating the security service policy received through the security service manager, as a predetermined information model and delivering the generated information model to a VoIP security function; and at least one VoIP security function for providing the VoIP security service, on the basis of the information model received from the VoIP security controller. Therefore, it is possible to provide centralized and flexible services because the security service is provided by dynamically building the information model in a software-based SDN/NFV environment, without using an existing hardware-based security equipment.
PCT/KR2017/002448 2016-03-08 2017-03-07 Security system for sdn/nfv-based ip call service and method for operating security system WO2017155280A2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR20160027900 2016-03-08
KR10-2016-0027900 2016-03-08
KR20160081195 2016-06-28
KR10-2016-0081195 2016-06-28

Publications (2)

Publication Number Publication Date
WO2017155280A2 WO2017155280A2 (en) 2017-09-14
WO2017155280A3 true WO2017155280A3 (en) 2018-09-07

Family

ID=59789580

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2017/002448 WO2017155280A2 (en) 2016-03-08 2017-03-07 Security system for sdn/nfv-based ip call service and method for operating security system

Country Status (2)

Country Link
KR (1) KR102299225B1 (en)
WO (1) WO2017155280A2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112839007B (en) * 2019-11-22 2022-11-01 深圳布洛城科技有限公司 Network attack defense method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080240128A1 (en) * 2007-03-30 2008-10-02 Elrod Craig T VoIP Security
KR100862050B1 (en) * 2007-11-23 2008-10-09 한국정보보호진흥원 Secure voip communication method and user agent using the same
KR20110000770A (en) * 2009-06-29 2011-01-06 삼성전자주식회사 Method and apparatus for controlling voice over internet protocol spam in home media gateway system
WO2015041706A1 (en) * 2013-09-23 2015-03-26 Mcafee, Inc. Providing a fast path between two entities
WO2015177405A1 (en) * 2014-05-22 2015-11-26 Coriant Oy A network element and a controller for managing the network element

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101535502B1 (en) * 2014-04-22 2015-07-09 한국인터넷진흥원 System and method for controlling virtual network including security function
KR101466895B1 (en) * 2014-08-12 2014-12-10 주식회사 크레블 Method of detecting voip fraud, apparatus performing the same and storage media storing the same

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080240128A1 (en) * 2007-03-30 2008-10-02 Elrod Craig T VoIP Security
KR100862050B1 (en) * 2007-11-23 2008-10-09 한국정보보호진흥원 Secure voip communication method and user agent using the same
KR20110000770A (en) * 2009-06-29 2011-01-06 삼성전자주식회사 Method and apparatus for controlling voice over internet protocol spam in home media gateway system
WO2015041706A1 (en) * 2013-09-23 2015-03-26 Mcafee, Inc. Providing a fast path between two entities
WO2015177405A1 (en) * 2014-05-22 2015-11-26 Coriant Oy A network element and a controller for managing the network element

Also Published As

Publication number Publication date
KR102299225B1 (en) 2021-09-07
WO2017155280A2 (en) 2017-09-14
KR20170104947A (en) 2017-09-18

Similar Documents

Publication Publication Date Title
MX2017004292A (en) Systems and methods for protecting network devices.
AU2017229342A8 (en) Intelligent safety monitoring and analytics system for personal protective equipment
MX2017000430A (en) Networked access control system.
WO2015073422A3 (en) System and method for updating an encryption key across a network
GB201015283D0 (en) Data security in a cloud computing environment
SG10201808530XA (en) Security in intersystem mobility
WO2016049636A3 (en) Remote server encrypted data provisioning system and methods
GB2525719A8 (en) Method and system for providing a vulnerability management and verification service
MX2018009569A (en) Protecting network devices by a firewall.
WO2009154945A3 (en) Distributed security provisioning
WO2006074294A3 (en) Methods and apparatus providing security to computer systems and networks
EP3743842A4 (en) System and method for detecting computer network intrusions
BRPI0517261A (en) system and method for providing a multicredential authentication protocol
MX2019008888A (en) Wireless communications.
SG11201805866UA (en) Permission management and resource control method and apparatus
BR112016018783A8 (en) method, apparatus, device and intercom system
PH12019502747A1 (en) Data scheduling method and related device
WO2017208079A3 (en) Method and system for improving network security
EP3777006A4 (en) Methods and devices for cryptographic key management based on blockchain system
WO2016144258A3 (en) Methods and systems for facilitating secured access to storage devices
EP4246892A3 (en) Method and system for controlling the exchange of privacy-sensitive information
MY184710A (en) System and method for information security threat disruption via a border gateway
MX2017001731A (en) Managing private and public service set utilization.
MX2021005027A (en) Client device authentication to a secure network.
MY195382A (en) Authentication for Next Generation Systems

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17763541

Country of ref document: EP

Kind code of ref document: A2

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 12/04/2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17763541

Country of ref document: EP

Kind code of ref document: A2