WO2016148471A1 - Dispositif serveur de modules de sécurité dynamique et son procédé de fonctionnement - Google Patents

Dispositif serveur de modules de sécurité dynamique et son procédé de fonctionnement Download PDF

Info

Publication number
WO2016148471A1
WO2016148471A1 PCT/KR2016/002535 KR2016002535W WO2016148471A1 WO 2016148471 A1 WO2016148471 A1 WO 2016148471A1 KR 2016002535 W KR2016002535 W KR 2016002535W WO 2016148471 A1 WO2016148471 A1 WO 2016148471A1
Authority
WO
WIPO (PCT)
Prior art keywords
security
client
user terminal
dynamic
security module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2016/002535
Other languages
English (en)
Korean (ko)
Inventor
하영빈
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Everspin Corp
Original Assignee
Everspin Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Everspin Corp filed Critical Everspin Corp
Priority to JP2017567030A priority Critical patent/JP6663937B2/ja
Priority to EP16765227.0A priority patent/EP3270317B1/fr
Priority to CN201680015640.7A priority patent/CN107408179B/zh
Priority claimed from KR1020160030568A external-priority patent/KR101799366B1/ko
Publication of WO2016148471A1 publication Critical patent/WO2016148471A1/fr
Priority to US15/701,726 priority patent/US10867048B2/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow

Definitions

  • the present invention relates to a dynamic security module server apparatus and a method of driving the same, and more particularly, a part of or all of codes for performing security management are transmitted to a security client of a user terminal.
  • the security module for various application programs of the terminal is changed from time to time, so that hacking of the application programs becomes difficult, and the dynamic security module server apparatus and its driving which can significantly improve the security of the user terminal. It is about a method.
  • An object of the present invention is derived to solve the problems of the prior art as described above, by transmitting a dynamic security module to the security client of the user terminal, part or all of the code for performing security management having a certain valid time, the user terminal Dynamic security module server device and its driving method which can improve the security of the user terminal significantly by making it difficult to hack the application programs by changing the security module for various applications of the application from time to time It is about.
  • the dynamic security module server apparatus is a dynamic security module server apparatus which transmits a dynamic security module to a user terminal and receives a security management event from the user terminal. And a communication unit for transmitting and receiving and a processor for controlling the communication unit, wherein the processor generates a secure session with the security client of the user terminal, and transmits the dynamic security module to the security client of the user terminal, wherein the secure session
  • the generated security client of the user terminal is configured to have some or all of the code for performing the security management to have a valid time.
  • the processor may further include receiving a security management result from the dynamic security module transmitted to the security client, checking the received security management result, and transmitting a security management confirmation result value to the dynamic security module of the security client. Can be.
  • the processor may further include transmitting a stop command to stop the application program of the user terminal when the security problem occurs in the user terminal to the dynamic security module of the security client.
  • the processor may generate and store a session ID as a secure session identifier, and transmit the session ID to the secure client so that the secure client stores the session ID to generate the secure session.
  • the secure session may be generated with the secure client of the user terminal where the authentication is completed.
  • the validity time may be a validity time such that some or all of the code is deleted or not used when the validity time elapses.
  • the processor may further include storing a parameter for each dynamic security module sent to the secure client while the secure session is maintained.
  • the processor may further include verifying whether the details transmitted from the security client are the same as the configuration of the parameter of the dynamic security module.
  • the dynamic security module server apparatus may further include a dynamic security module to be transmitted to the security client of the user terminal, a session ID as a security session identifier, and storage for storing parameters for the dynamic security module.
  • the processor may further include transmitting a verification token for verifying that the dynamic security module has operated normally to the application program management server of the user terminal.
  • the present invention also provides a method of driving a dynamic security module server apparatus for transmitting a dynamic security module to a user terminal and receiving a security management event from the user terminal, in order to achieve the above object, a security session with a security client of the user terminal. Generating and transmitting the dynamic security module to the security client of the user terminal so that a part or all of the code for performing the security management in the security client of the user terminal in which the security session is generated have a valid time; It provides a method of driving a dynamic security module server device comprising a.
  • the driving method may further include receiving a security management result from the dynamic security module transmitted to the security client, checking the received security management result, and transmitting a security management confirmation result value to the dynamic security module of the security client. It may include.
  • the driving method may further include transmitting a stop command for stopping the application program of the user terminal to the dynamic security module of the security client when a security problem occurs in the user terminal.
  • the driving method may generate and store a session ID as a secure session identifier, and transmit the session ID to the secure client so that the secure client stores the session ID to generate the secure session.
  • the driving method may further include storing a parameter for each of the dynamic security modules transmitted to the security client while the security session is maintained.
  • the present invention also provides a computer-readable recording medium having recorded thereon a program for executing the method of driving the dynamic security module server apparatus.
  • the dynamic security module server apparatus and a driving method thereof according to the present invention transmit a dynamic security module having a certain validity of a part or all of codes for performing security management to a security client of a user terminal, and various application programs of the user terminal.
  • a dynamic security module having a certain validity of a part or all of codes for performing security management to a security client of a user terminal, and various application programs of the user terminal.
  • FIG. 1 is a schematic diagram showing a schematic configuration of a dynamic security module server apparatus according to an embodiment of the present invention.
  • FIG. 2 is a schematic diagram showing a state in which the dynamic security module is stored in the dynamic security module server apparatus according to an exemplary embodiment of the present invention.
  • FIG. 3 is a schematic diagram showing an example of generating a session ID and a dynamic security module parameter in the dynamic security module server apparatus according to an embodiment of the present invention.
  • FIG. 4 is a block diagram showing a method of driving the dynamic security module server apparatus according to the first embodiment of the present invention.
  • FIG. 5 is a block diagram illustrating a method of driving a dynamic security module server apparatus according to a second embodiment of the present invention.
  • FIG. 6 is a block diagram illustrating a method of driving a dynamic security module server apparatus according to a third embodiment of the present invention.
  • the dynamic security module server apparatus is a dynamic security module server apparatus which transmits a dynamic security module to a user terminal and receives a security management event from the user terminal. And a communication unit for transmitting and receiving and a processor for controlling the communication unit, wherein the processor generates a secure session with the security client of the user terminal, and transmits the dynamic security module to the security client of the user terminal, wherein the secure session
  • the generated security client of the user terminal is configured to have some or all of the code for performing the security management to have a valid time.
  • the processor may further include receiving a security management result from the dynamic security module transmitted to the security client, checking the received security management result, and transmitting a security management confirmation result value to the dynamic security module of the security client. Can be.
  • the processor may further include transmitting a stop command to stop the application program of the user terminal when the security problem occurs in the user terminal to the dynamic security module of the security client.
  • the processor may generate and store a session ID as a secure session identifier, and transmit the session ID to the secure client so that the secure client stores the session ID to generate the secure session.
  • the secure session may be generated with the secure client of the user terminal where the authentication is completed.
  • the validity time may be a validity time such that some or all of the code is deleted or not used when the validity time elapses.
  • the processor may further include storing a parameter for each dynamic security module sent to the secure client while the secure session is maintained.
  • the processor may further include verifying whether the details transmitted from the security client are the same as the configuration of the parameter of the dynamic security module.
  • the dynamic security module server apparatus may further include a dynamic security module to be transmitted to the security client of the user terminal, a session ID as a security session identifier, and storage for storing parameters for the dynamic security module.
  • the processor may further include transmitting a verification token for verifying that the dynamic security module has operated normally to the application program management server of the user terminal.
  • the present invention also provides a method of driving a dynamic security module server apparatus for transmitting a dynamic security module to a user terminal and receiving a security management event from the user terminal, in order to achieve the above object, a security session with a security client of the user terminal. Generating and transmitting the dynamic security module to the security client of the user terminal so that a part or all of the code for performing the security management in the security client of the user terminal in which the security session is generated have a valid time; It provides a method of driving a dynamic security module server device comprising a.
  • the driving method may further include receiving a security management result from the dynamic security module transmitted to the security client, checking the received security management result, and transmitting a security management confirmation result value to the dynamic security module of the security client. It may include.
  • the driving method may further include transmitting a stop command for stopping the application program of the user terminal to the dynamic security module of the security client when a security problem occurs in the user terminal.
  • the driving method may generate and store a session ID as a secure session identifier, and transmit the session ID to the secure client so that the secure client stores the session ID to generate the secure session.
  • the driving method may further include storing a parameter for each of the dynamic security modules transmitted to the security client while the security session is maintained.
  • the present invention also provides a computer-readable recording medium having recorded thereon a program for executing the method of driving the dynamic security module server apparatus.
  • Figure 1 is a schematic diagram showing a schematic configuration of a dynamic security module server apparatus according to an embodiment of the present invention
  • Figure 2 stores a dynamic security module in the dynamic security module server apparatus according to an embodiment of the present invention
  • 3 is a schematic diagram showing a session ID and a dynamic security module parameter generation example in a dynamic security module server apparatus according to an embodiment of the present invention.
  • the dynamic security module server device 110 transmits the dynamic security module 118 to the user terminal 150, the dynamic security module for receiving a security management event from the user terminal 150
  • a server apparatus comprising: a communication unit (112) for transmitting and receiving the security management event and a processor (114) for controlling the communication unit (112), the processor (114) of the user terminal (150) Create a secure session with the security client 152, and transmits the dynamic security module 118 to the security client 152 of the user terminal 150, the security of the user terminal 150, the security session is generated In the client 152, some or all of the code for performing the security management may be configured to have a valid time.
  • the dynamic security module server apparatus 110 a part or all of the code for which the processor 114 performs security management in the security client 152 of the user terminal 150 has a certain valid time.
  • the modules 118 may be stored or generated every time of transmission, so as to drive the user terminal 150, or to drive an application program including the security client 152 in the user terminal 150, or the user terminal 150.
  • the security client 152 of the user terminal 150 in various cases, such as at the user's request or at every predetermined period set by the dynamic security module server apparatus 110, or at every predetermined period set by the user terminal 150.
  • a secure session with the dynamic security module 118 is transmitted to the security client 152 of the user terminal 150, whereby the dynamic security module 118 is frequently updated. So to has a feature that can help prevent security problems for an application installed on the user terminal due to such security module hacking or computer virus infection effectively.
  • the dynamic security module 118 does not repeatedly transmit the same type of dynamic security module to the security client 152.
  • a variable specifying a function name of a code for performing security management and an algorithm to be executed Different code structures or algorithms by differently configuring one or more mutable parts selected from a group consisting of a protocol field, a variable specifying a protocol sequence, a variable specifying a compilation level, and a variable specifying an execution code obfuscation method.
  • At least two or more dynamic security modules may be stored in the processor 114, and different dynamic security modules 118 may be selected and transmitted each time they are transmitted to the security client 152.
  • the effective time of some or all of the code for performing security management of the dynamic security module 118 is, for example, 1 hour, 3 hours, 6 hours, 9 hours, 12 hours, 24 hours, 48 hours and 72 hours.
  • the function of some or all of the code of the dynamic security module 118 may be stopped. Therefore, upon expiration of the valid time of the dynamic security module 118, the security client 152 stops using the dynamic security module 118, and from the dynamic security module server device 110 a new dynamic security module
  • the security management is the dynamic security module 118 to detect the presence of the element that can be a threat to hacking for the application including the security client 152, the terminal of the application is installed It consists of O / S forgery, app forgery, rooting, debugger, root process execution history, malicious application installation, malicious application execution history, malicious port, session forgery, input forgery and computer virus Detecting an element that may be a hacking threat, transmitting information about the element that may be a hacking threat to the dynamic security module server device 110, treating a virus for the application program, and Sending stop orders for applications to prevent hacking threats and virus infections
  • the dynamic security module 118 stops the function of the dynamic security module 118 itself due to the expiration of the valid time of the dynamic security module 118 or a problem such as a hacking by a hacker or a virus infection.
  • the concept includes overall management performed for the security of the user terminal 150.
  • the security management event received from the user terminal 150 is, for example, the details for determining the parameters for the dynamic security module 118 transmitted from the security client 152, the dynamic security module 118 It may be a variety of events such as a state (state) of the state running, security management result information indicating that there was a hacking threat, and the virus treatment history for the application program mounted on the user terminal 150.
  • the user terminal 150 may be, for example, a variety of terminal devices that require security, such as a smartphone, a tablet PC, a desktop computer, a notebook computer.
  • the processor 114 may generate a control signal to control the server apparatus 110 including the communication unit 112 and the storage 113.
  • the communication unit 112 may communicate with an external device using various protocols to transmit and receive data, and may connect to an external network by wire or wirelessly to transmit and receive digital data such as content and applications.
  • the storage 113 is a device that can store a variety of digital data, including audio, photos, videos, applications, etc., various digital data, such as flash memory, random access memory (RAM), solid state drive (SSD) Represents storage space.
  • the storage 113 may temporarily store data received from an external device through the communication unit 112.
  • the processor 114 receives a security management result from the dynamic security module 118 transmitted to the security client 152, checks the received security management result, and transmits a security management confirmation result value to the security client 152.
  • the method may further include transmitting to the dynamic security module 118.
  • the security management result is the details of the security management actually performed by the dynamic security module 118 in the security client 152, and performs detailed security management functions included in the dynamic security module 118.
  • Result value part of security management event. For example, as a result of detection of the presence of an element that may be the hacking threat, as a result of detection of an element that may be the hacking threat, as a result of virus treatment for the application and the removal of an element that may be a hacking threat It may be such a history.
  • the security management check result value is determined by the dynamic security module server device 110 receives the security management results, the security problem of the user terminal 150 analyzed based on the security management results.
  • the result is. That is, as a result of determining whether there is an element that may be a current hacking threat in the user terminal 150, as a result of determining whether an application mounted on the user terminal 150 has been hacked, and the application is a virus or This may be the result of a determination as to whether the malware is infected.
  • the security management result is received as the security management from the dynamic security module 118 transmitted to the security client 152, the security management result is checked, and the user terminal 150 has a security problem. If it does not occur, the method may further include transmitting a security diagnosis check result indicating that a security problem has not occurred to the dynamic security module 118 of the security client 152.
  • a security management result is received as the security management from the dynamic security module 118 transmitted to the security client 152, and the received security management result is confirmed, a security problem occurs in the user terminal 150.
  • the method may further include transmitting a security management check result indicating that a security problem has occurred to the dynamic security module 118 of the security client 152.
  • the dynamic security module server apparatus 110 receives the security management result from the dynamic security module 118 transmitted to the security client 152 of the user terminal 150 and confirms it, and confirms the security management. By transmitting the value back to the dynamic security module 118, the dynamic security module 118 can quickly and effectively cope with a security problem of the user terminal 150.
  • the processor 114 receives a security management result as the security management from the dynamic security module 118 transmitted to the security client 152, checks the received security management result, and the user terminal. If a security problem occurs, a stop command for stopping an application program of the user terminal 150 is transmitted to the dynamic security module 118 of the security client 152, and a secure session with the security client 152. By further including destroying, the hacker can fundamentally prevent a problem of hacking the dynamic security module 118 and generating a security problem for various application programs of the user terminal 150.
  • the processor 114 generates and stores a session ID 116 as a secure session identifier, and transmits the session ID 116 to the secure client 152 so that the secure client 152 transmits the session ID ( By storing 116, a secure session can be created.
  • the method for generating a secure session using the session ID generates a plurality of secure sessions and frequently updates the secure session, thereby providing reliability and convenience of security management for the user terminal 150 by the dynamic security module 118. There is an advantage to improve.
  • the secure session may be generated with the secure client 152 of the user terminal in which the authentication is completed. That is, the creation of the secure session further increases the authentication process for the secure client 152 of the user terminal 150 for transmitting the dynamic security module 118 to further improve the security of the user terminal. Can be done.
  • the authentication of the security client 152 of the user terminal 150 for example, the application is an application program including the security client 152 is completed at the same time the application is installed on the user terminal 150, Or after the application is installed in the user terminal 150, the authentication is completed when initially running, or when the login (login) and logout (logout) for the application is completed, or the application is the After being installed in the user terminal 150, authentication may be completed by a user's request through the application.
  • the validity time may be a validity time such that some or all of the code is deleted or not used when the validity time elapses. That is, the dynamic security module 118 having a valid time part or all of the code for performing security management in the security client 152 of the user terminal 150 deletes part or all of the code when the valid time elapses. Or, the use of the dynamic security module itself may be stopped so as not to perform security management.
  • the security client 152 updates some or all of the code constituting the dynamic security module 118, thereby hacking the dynamic security module 118. It can fundamentally block the occurrence of security problems caused by virus infections.
  • processor 114 may further include storing a parameter for each dynamic security module 118 transmitted to the secure client 152 while the secure session is maintained.
  • the parameter for the dynamic security module 118 is transmitted to the security client 152, a function name of a code for performing security management of the dynamic security module performing security management, a variable specifying a algorithm to be executed, and a protocol field. , Specific information about the protocol sequence, variables specifying the compilation level, variables specifying the execution code obfuscation method, etc., which are frequently updated to distinguish dynamic security modules with different configurations.
  • the information is determined by the dynamic security module server device 110 and is information at the time of execution of a code for performing security management of the dynamic security module 118.
  • the processor 114 receives the details of the dynamic security module 118 transmitted to the security client 152, and verifies whether the configuration of the parameters of the stored dynamic security module 118 is the same. It may further include. The verification of the change of the parameters of the dynamic security module is not the same, for example, when the parameters of the dynamic security modules in which each parameter is sequentially transmitted as ABCD are compared with the details transmitted from the security client 152. If it is confirmed that the change has been made differently, it can be inferred that a hacking attempt by a hacker has occurred, and an action can be taken.
  • the security client 152 of the dynamic security module server apparatus 110 and the user terminal 150 when the security client 152 of the dynamic security module server apparatus 110 and the user terminal 150 generates 11836381 as a session ID to generate a security session, the security client 152.
  • the details of the dynamic security module 118 transmitted from the parameters are A, B, and C, and the states of this state are 1 and 2, and 72365784 is generated as a session ID to create a secure session.
  • the details of the dynamic security module 118 transmitted from the security client 152 is C, B, A, and verify that the state (state) is 0, 3, as a session ID
  • the details of the dynamic security module 118 transmitted from the security client 152 are parameters B, A, and C, and the state at this time is 3, 2 can be verified.
  • these parameters and state details may be a security management event received from the user terminal 150.
  • the security management stores the protocol field and protocol sequence of each dynamic security module 118 transmitted to the security client 152, and the protocol field of the dynamic security module 118 in the security client 152 and The protocol sequence may be received by comparing the stored protocol field and protocol sequence with the received protocol field and protocol sequence.
  • the security management receives and analyzes the protocol fields and protocol sequences of the dynamic security modules 118 transmitted to the security client 152, so that, for example, at least one error occurs in the protocol progression, the hacker It can be inferred that there have been hacking attempts. Therefore, based on the analysis of the protocol field and protocol sequence of the dynamic security module 118, it is possible to predict a hacking risk or a possibility of a security problem, and to prevent a security problem from occurring.
  • the protocol field includes, for example, the security client 152 as a protocol for performing various items of security management performed by the dynamic security module 118 in the security client 152.
  • Communication protocol that transmits the result of determining whether there is an element that can be a hacking threat to the application, communication that transmits the self-remediation history for file virus, boot & file virus, etc. for the application. It may be a protocol.
  • the protocol sequence refers to an execution order for various items including security management performed by the dynamic security module 118 in the security client 152.
  • a terminal in which the application program is installed is performed.
  • O / S forgery, app forgery, rooting, debugger, root process execution history, harmful application installation, malicious application execution history, harmful port, session forgery, input forgery and computer virus In the detection of an element that may be a hacking threat, it may be an order of detecting the respective elements.
  • the dynamic security module server device 110 stores a dynamic security module 118 to be transmitted to the security client 152 of the user terminal 150, a session ID 116 as a security session identifier, and a parameter for the dynamic security module.
  • the storage 113 may be further included.
  • the dynamic security module server device 110 stores the dynamic security module 118 and the session ID 116 in the storage 113, thereby smoothing the dynamic security module 118 and the session ID 116. It can be transmitted to the secure client 152 reliably. In addition, by storing the parameters for the dynamic security module transmitted to the security client 152 in the storage 113, verification of the sameness as the received details of the dynamic security module 118 transmitted to the security client 152. Can be performed more stably.
  • the processor 114 may further include transmitting a verification token for verifying that the dynamic security module 118 operates normally to the application program management server of the user terminal 150.
  • the processor 114 checks the security management result received from the dynamic security module 118, and if a security problem does not occur in the user terminal 150, the security management check result value is the security
  • the security management verification result is transmitted to the dynamic security module 118 by including a verification token that proves that the client 152 has not been bypassed, and the dynamic security module 118 sends the security client 152.
  • the verification token is transmitted to an operation server (not shown) of an application program, and the operation server transmits the verification token back to the dynamic security module server apparatus 110 processor 114 so that the verification token is valid. Can be further performed to verify
  • the dynamic security module server device 110 adds a verification token for the security management check result value together with the security management check result value and transmits the verification token to the dynamic security module 118, and the dynamic security module 118.
  • the reliability of the security management check result value can be further improved by verifying whether the data is valid without being tampered with.
  • the dynamic security module server device 110 and the operation server of the application program may be configured by merging into a single server according to the system design of the dynamic security module server device, and are separately arranged in separate locations. It can also be configured and operated with dedicated servers.
  • FIG. 4 is a block diagram illustrating a method of driving the dynamic security module server apparatus according to the first embodiment of the present invention
  • FIG. 5 is a method of driving the dynamic security module server apparatus according to the second embodiment of the present invention
  • 6 is a block diagram showing a method of driving a dynamic security module server apparatus according to a third embodiment of the present invention.
  • a method of driving a dynamic security module server apparatus transmits the dynamic security module to a user terminal and drives the dynamic security module server apparatus to receive a security management event from the user terminal.
  • a step (S210) of creating a security session with the security client of the user terminal, and the dynamic security module a part or all of the code for performing the security management in the security client of the user terminal in which the security session was created
  • the transmission is performed to the security client of the user terminal to have a valid time.
  • a step (S251) of transmitting a security management confirmation result indicating that a security problem has occurred is performed to the dynamic security module of the security client.
  • a step (S252) of transmitting a stop command to stop the application program of the user terminal to the dynamic security module of the security client may be further performed.
  • a method of driving the dynamic security module server apparatus of the present invention is a method of driving the dynamic security module server apparatus for transmitting the dynamic security module to a user terminal and receiving a security management event from the user terminal.
  • Generating a secure session with the security client of the terminal (S310), the dynamic security module so that some or all of the code for performing the security management in the security client of the user terminal in which the security session was created to have a valid time Transmitting to the secure client of the user terminal (S320), setting a valid time for the secure session, and transmitting the valid time information to the dynamic security module of the secure client in which the secure session is generated (S330);
  • At the end of the secure session by the end of the valid time of the secure session Or it may be dynamic perform a disposal instruction to the security module to the dynamic security module or step (S340) of transmitting to the secure client.
  • the valid time for the security session is set to the time interval selected from the group consisting of 1 hour, 3 hours, 6 hours, 9 hours, 12 hours, 24 hours, 48 hours and 72 hours, for example, the dynamic security. Can be sent to the module.
  • a driving method of a dynamic security module server apparatus is a driving method of a dynamic security module server apparatus for transmitting the dynamic security module to a user terminal and receiving a security management event from the user terminal.
  • Generating a secure session with the security client of the (S410) the dynamic security module so that some or all of the code for performing the security management in the security client of the user terminal in which the security session was created to have a valid time
  • step S420 the transmission to the security client of the user terminal is performed.
  • step S450 the process is transmitted to the dynamic security module of the security client.
  • a step (S451) of transmitting a security management check result indicating that a security problem has occurred is performed to the dynamic security module of the security client.
  • a step (S452) of transmitting a stop command for stopping the application program of the user terminal to the dynamic security module of the security client may be further performed.
  • the method for driving the dynamic security module server apparatus may be implemented in the form of program instructions that can be executed by various computer means and recorded in a computer readable medium.
  • the computer readable medium may include program instructions, data files, data structures, etc. alone or in combination.
  • Program instructions recorded on the media may be those specially designed and constructed for the purposes of the present invention, or they may be of the kind well-known and available to those having skill in the computer software arts.
  • the present invention provides a dynamic security module server device for transmitting a dynamic security module to a user terminal and receiving a security management event from the user terminal, the communication unit for transmitting and receiving the security management event through a network and a processor for controlling the communication unit.
  • the processor may include: generating a secure session with the secure client of the user terminal, and transmitting the dynamic security module to the secure client of the user terminal, wherein the secure session is generated by the secure client of the user terminal.
  • the present invention relates to a dynamic security module server apparatus in which part or all of codes for performing management have a valid time.
  • the present invention by transmitting a dynamic security module having some or all of the code for performing security management to a certain valid time to the security client of the user terminal, so that the security module for various application programs of the user terminal is changed at any time.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)

Abstract

La présente invention concerne un dispositif serveur de modules de sécurité dynamique et un procédé de fonctionnement de celui-ci. Le dispositif de l'invention transmet et reçoit un événement de gestion de sécurité à partir d'un terminal utilisateur et transmet un module de sécurité dynamique à un client de sécurité du terminal utilisateur, l'invention étant caractérisée en ce qu'une partie ou la totalité d'un code qui effectue la gestion de sécurité dans le client de sécurité du terminal utilisateur, dans lequel une session de sécurité a été générée, est autorisée à avoir une durée réelle.
PCT/KR2016/002535 2015-03-13 2016-03-14 Dispositif serveur de modules de sécurité dynamique et son procédé de fonctionnement Ceased WO2016148471A1 (fr)

Priority Applications (4)

Application Number Priority Date Filing Date Title
JP2017567030A JP6663937B2 (ja) 2015-03-13 2016-03-14 動的なセキュリティーモジュールサーバー装置及びその駆動方法
EP16765227.0A EP3270317B1 (fr) 2015-03-13 2016-03-14 Dispositif serveur de modules de sécurité dynamique et son procédé de fonctionnement
CN201680015640.7A CN107408179B (zh) 2015-03-13 2016-03-14 动态安全模块服务器装置及其驱动方法
US15/701,726 US10867048B2 (en) 2015-03-13 2017-09-12 Dynamic security module server device and method of operating same

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR20150035177 2015-03-13
KR10-2015-0035177 2015-03-13
KR1020160030568A KR101799366B1 (ko) 2015-03-13 2016-03-14 다이나믹 보안모듈 서버장치 및 그 구동방법
KR10-2016-0030568 2016-03-14

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/701,726 Continuation US10867048B2 (en) 2015-03-13 2017-09-12 Dynamic security module server device and method of operating same

Publications (1)

Publication Number Publication Date
WO2016148471A1 true WO2016148471A1 (fr) 2016-09-22

Family

ID=56919237

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2016/002535 Ceased WO2016148471A1 (fr) 2015-03-13 2016-03-14 Dispositif serveur de modules de sécurité dynamique et son procédé de fonctionnement

Country Status (1)

Country Link
WO (1) WO2016148471A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030003593A (ko) * 2001-07-03 2003-01-10 (주) 해커스랩 제한조건 동안 특정 보안정책을 적용할 수 있는 네트워크보안장치 및 네트워크 보안방법
KR20130134946A (ko) * 2012-05-31 2013-12-10 주식회사 엘지씨엔에스 모바일 보안 관리 방법 및 그를 위한 모바일 보안 관리 시스템
KR20140023098A (ko) * 2012-08-17 2014-02-26 에스케이플래닛 주식회사 결제 서비스를 위한 보안응용모듈 관리 시스템 및 방법
KR20140071744A (ko) * 2012-12-04 2014-06-12 한국전자통신연구원 스마트 통신단말을 위한 보안정책 협상 기반의 차등화된 보안제어 방법
KR20140127987A (ko) * 2013-04-26 2014-11-05 에스케이플래닛 주식회사 공용 단말 장치 보안을 위한 시스템 및 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20030003593A (ko) * 2001-07-03 2003-01-10 (주) 해커스랩 제한조건 동안 특정 보안정책을 적용할 수 있는 네트워크보안장치 및 네트워크 보안방법
KR20130134946A (ko) * 2012-05-31 2013-12-10 주식회사 엘지씨엔에스 모바일 보안 관리 방법 및 그를 위한 모바일 보안 관리 시스템
KR20140023098A (ko) * 2012-08-17 2014-02-26 에스케이플래닛 주식회사 결제 서비스를 위한 보안응용모듈 관리 시스템 및 방법
KR20140071744A (ko) * 2012-12-04 2014-06-12 한국전자통신연구원 스마트 통신단말을 위한 보안정책 협상 기반의 차등화된 보안제어 방법
KR20140127987A (ko) * 2013-04-26 2014-11-05 에스케이플래닛 주식회사 공용 단말 장치 보안을 위한 시스템 및 방법

Similar Documents

Publication Publication Date Title
US12284177B2 (en) Event-triggered reauthentication of at-risk and compromised systems and accounts
CN105409164B (zh) 通过使用硬件资源来检测网络业务中的矛盾的根套件检测
US10334083B2 (en) Systems and methods for malicious code detection
KR102368170B1 (ko) 멀웨어의 자동화된 런타임 검출
KR101799366B1 (ko) 다이나믹 보안모듈 서버장치 및 그 구동방법
WO2018182126A1 (fr) Système et procédé permettant d'authentifier un logiciel sécurisé
CN111628964B (zh) 网络攻击溯源方法及装置
US9245118B2 (en) Methods for identifying key logging activities with a portable device and devices thereof
US10339307B2 (en) Intrusion detection system in a device comprising a first operating system and a second operating system
TWI711939B (zh) 用於惡意程式碼檢測之系統及方法
WO2015099287A1 (fr) Procédé pour authentifier un utilisateur par utilisation d'un mot de passe à usage unique, et dispositif correspondant
WO2016148471A1 (fr) Dispositif serveur de modules de sécurité dynamique et son procédé de fonctionnement
JP5814138B2 (ja) セキュリティ設定システム、セキュリティ設定方法およびプログラム
WO2018088680A1 (fr) Système de sécurité et procédé de traitement de demande d'accès à un site bloqué
WO2016148472A1 (fr) Dispositif de terminal à module de sécurité dynamique et procédé pour son exploitation
WO2015178002A1 (fr) Dispositif de traitement d'informations, système de traitement d'informations et procédé d'analyse d'historique de communications
JP6010672B2 (ja) セキュリティ設定システム、セキュリティ設定方法およびプログラム
US12619729B2 (en) System and method for decontaminating and certifying external storage devices
US20240256669A1 (en) System and method for decontaminating and certifying external storage devices
WO2016148473A1 (fr) Procédé et appareil de génération d'un module de sécurité dynamique
CN117614695A (zh) Cc防护方法及装置
WO2020013354A1 (fr) Procédé de fonctionnement de pare-feu embarqué
WO2015125984A1 (fr) Dispositif de gestion d'accès, procédé de gestion d'accès et système de gestion d'accès
HK1244367A1 (en) Systems and methods for malicious code detection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16765227

Country of ref document: EP

Kind code of ref document: A1

REEP Request for entry into the european phase

Ref document number: 2016765227

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2017567030

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE