专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

KR101401004B1 스니핑 유닛을 포함하는 보안 장치 및 그것의 동작 방법 有权
标题翻译：包括SN ING。。。。。。。。。。。。。。。。。。。。。
公开(公告)号：KR101401004B1
公开(公告)日：2014-05-29
申请号：KR1020130000902
申请日：2013-01-04
申请人： 주식회사 시큐아이
发明人： 임진우 , 서정호
IPC分类号： H04L12/24 , H04L29/06
CPC分类号： H04L61/3025 , H04L43/10
摘要： The present invention relates to a security device and an operating method thereof. The operating method of the security device according to the embodiment of the present invention comprises the steps of: detecting a DNS response packet; acquiring a punicode corresponding to an internationalized domain name from the DNS response packet; transmitting a get request to a server corresponding to the punicode and receiving a redirect message; and determining whether an English domain name targeted to be managed is identical to an English domain name included in the redirect message and storing the punicode in relation to the English domain name targeted to be managed.
摘要翻译：本发明涉及安全装置及其操作方法。根据本发明的实施例的安全装置的操作方法包括以下步骤：检测DNS响应分组; 从DNS响应包获取对应于国际化域名的小密码; 向对应于该密码的服务器发送获取请求并接收重定向消息; 并且确定目标被管理的英文域名是否与重定向消息中包括的英文域名相同，并且存储与被管理的英文域名有关的密码。

42. 发明公开

KR1020140064410A 보안 장치 및 그것의 동작 방법 有权
标题翻译：安全系统及其操作方法
公开(公告)号：KR1020140064410A
公开(公告)日：2014-05-28
申请号：KR1020120131716
申请日：2012-11-20
申请人： 주식회사 시큐아이
发明人： 임진우
IPC分类号： H04L12/22 , H04L29/06
CPC分类号： H04L63/0236 , H04L61/3025 , H04L63/1408
摘要： The present invention relates to a network and, more particularly, to a security system and an operating method thereof. The operating method of the security system according to an embodiment of the present invention comprises the steps of monitoring a packet communicated between a plurality of host computers and the internet network; extracting an IP address corresponding to a domain name when the packet is determined as a DNS response packet; and updating time information of a management IP address, which is identical to the extracted IP address, among the management IP addresses. And, the present invention invalidates the management IP address, having time information not updated until a set time has passed, among the management IP addresses.
摘要翻译：本发明涉及网络，更具体地，涉及一种安全系统及其操作方法。根据本发明实施例的安全系统的操作方法包括以下步骤：监视在多个主机与互联网之间传送的分组; 当分组被确定为DNS响应分组时，提取与域名相对应的IP地址; 并且在管理IP地址中更新与所提取的IP地址相同的管理IP地址的时间信息。并且，本发明使管理IP地址中的管理IP地址无效，直到经过设定时间为止，没有更新时间信息。

43. 发明公开

KR1020140046628A 프록시 장치를 제어하는 방법 및 프록시 장치 有权
标题翻译：用于控制代理设备的方法及其代理设备
公开(公告)号：KR1020140046628A
公开(公告)日：2014-04-21
申请号：KR1020120111765
申请日：2012-10-09
申请人： 주식회사 시큐아이
发明人： 문종욱 , 김정열
IPC分类号： G06F9/46
摘要： The present invention relates to a proxy device for a multiprocessor system and a method thereof. The present invention sets up different port numbers by multiprocessor, separates multiple threads forming the multiprocessor into a first area and a second area, changes information of a packet based on processor information in which a packet is input and already generated entry information when the packet is input through a device connected to the proxy device, and processes the packet by allocating the packet to one processor of the multiprocessors according to the changed packet information. Therefore, the lock competition between the multiprocessors can be reduced, and efficiency can be increased.
摘要翻译：本发明涉及一种用于多处理器系统的代理装置及其方法。本发明通过多处理器设置不同的端口号，将形成多处理器的多个线程分离成第一区域和第二区域，基于分组被输入的处理器信息改变分组的信息，并且当分组是通过连接到代理设备的设备输入，并且根据改变的分组信息将分组分配给多处理器的一个处理器来处理分组。因此，可以降低多处理器之间的锁定竞争，并且可以提高效率。

44. 发明公开

KR1020140044992A 부하분산 장치 및 방법 有权
标题翻译：用于平衡负载的装置和方法
公开(公告)号：KR1020140044992A
公开(公告)日：2014-04-16
申请号：KR1020120107257
申请日：2012-09-26
申请人： 주식회사 시큐아이
发明人： 원규연 , 김종덕
IPC分类号： H04L12/24 , H04L12/26 , H04L12/70
CPC分类号： H04L47/125 , H04L61/103
摘要： An apparatus and a method for balancing a load are disclosed according to an embodiment of the present invention. The apparatus comprises: a media access control (MAC) address database including information on a MAC address thereof and MAC addresses of different apparatuses forming a highly available system therewith; a network interface for receiving an address resolution protocol (ARP) request packet; and a load balancing controller for selecting the MAC address to respond to the ARP request packet referring to the MAC address database if the network interface receives the ARP request packet, wherein the network interface transmits an ARP response packet including the MAC address selected by the load balancing controller in response to the received ARP request packet and at least one among the different apparatuses may share the same virtual IP as the apparatus. According to an embodiment of the present invention, a load balancing function may be provided without constructing an additional apparatus with a load balancing function by using a plurality of security apparatuses which share a virtual IP address within a highly available system. [Reference numerals] (210) MAC address database; (220) Network interface; (230) Load balancing controller
摘要翻译：根据本发明的实施例公开了一种用于平衡负载的装置和方法。该装置包括：媒体接入控制（MAC）地址数据库，其包括关于其MAC地址的信息和与其形成高度可用系统的不同设备的MAC地址; 用于接收地址解析协议（ARP）请求分组的网络接口; 以及负载平衡控制器，用于如果网络接口接收到ARP请求分组，则选择MAC地址来响应ARP请求分组参考MAC地址数据库，其中网络接口发送包括由负载选择的MAC地址的ARP响应分组平衡控制器响应于所接收的ARP请求分组，并且不同设备中的至少一个可以与设备共享相同的虚拟IP。根据本发明的实施例，可以通过使用在高可用性系统内共享虚拟IP地址的多个安全装置来构建负载平衡功能，而不构成具有负载平衡功能的附加装置。（附图标记）（210）MAC地址数据库; （220）网络接口; （230）负载平衡控制器

45. 发明公开

KR1020140044987A 보안 시스템 및 그것의 동작 방법 有权
标题翻译：安全系统及其操作方法
公开(公告)号：KR1020140044987A
公开(公告)日：2014-04-16
申请号：KR1020120106380
申请日：2012-09-25
申请人： 주식회사 시큐아이
发明人： 임진우
IPC分类号： H04L12/22 , H04L12/70
CPC分类号： H04L63/1441 , H04L61/1511 , H04L63/0236 , H04L69/22
摘要： The present invention relates to a network and, more specifically, to a security system and an operating method thereof. The operating method of the security system according to an embodiment of the present invention comprises the steps of: determining whether each of the packets communicated between a plurality of host computers and the internet is a domain name server (DNS) response packet transmitted from a DNS through the internet; extracting an IP address corresponding to a domain name from the DNS response packet and updating the extracted IP address in an IP address table; and blocking or permitting packets based on the IP address table. [Reference numerals] (111) Security unit; (112) Spinning unit; (120) Internet; (130) DNS server; (141) First server computer; (142) Second server computer; (14n) n^th server computer; (PC1) First host computer; (PC2) Second host computer; (PCk) k^th host computer
摘要翻译：本发明涉及网络，更具体地，涉及一种安全系统及其操作方法。根据本发明的实施例的安全系统的操作方法包括以下步骤：确定在多个主机与互联网之间传送的每个分组是否是从DNS发送的域名服务器（DNS）响应分组通过互联网; 从DNS响应包中提取与域名对应的IP地址，并更新IP地址表中提取的IP地址; 并根据IP地址表阻塞或允许数据包。（附图标记）（111）安全单元; （112）纺纱机; （120）互联网; （130）DNS服务器; （141）第一台服务器电脑; （142）第二台服务器电脑; （14n）服务器计算机; （PC1）第一台主机; （PC2）第二台主机; （PCk）k ^主机

46. 发明公开

KR1020140040300A 패킷 처리 시스템 및 패킷 처리 방법 有权
标题翻译：用于处理分组的系统和方法
公开(公告)号：KR1020140040300A
公开(公告)日：2014-04-03
申请号：KR1020120105595
申请日：2012-09-24
申请人： 주식회사 시큐아이
发明人： 문종욱 , 이현준
IPC分类号： H04L12/26 , H04L12/22
CPC分类号： H04L63/30 , H04L63/20
摘要： A packet processing system and a packet processing method are disclosed. The system comprises: a network interface card for receiving at least one packet from an external network and transmitting the received packet to a host; and the host for checking the packet received from the network interface card according to a security policy and transmitting the checking result to the network interface card. The network interface card may process the packet by transmitting the packet to an internal network or blocking the packet according the checking result received from the host. In other words, the present invention transmits or blocks the packet according to a series of bit flag type checking results indicating the transmission or the blocking of the at least one packet which the network interface card has received from the host, thereby may minimize a resource of a central processing unit in the host caused by functions of checking and blocking the packet, and furthermore may enhance the overall resource efficiency of the packet processing system. [Reference numerals] (310) External interface; (320) Packet processing queue; (330) Inspection result queue; (410) Packet inspection queue; (420) Inspection part
摘要翻译：公开了一种分组处理系统和分组处理方法。该系统包括：网络接口卡，用于从外部网络接收至少一个分组，并将接收到的分组发送到主机; 以及主机，用于根据安全策略检查从网络接口卡接收的分组，并将检查结果发送到网络接口卡。网络接口卡可以通过将数据包发送到内部网络或者根据从主机接收的检查结果来阻止数据包来处理数据包。换句话说，本发明根据指示网络接口卡已经从主机接收的至少一个分组的传输或阻塞的一系列比特标记类型检查结果发送或阻止分组，从而可以最小化资源由分组检查和阻塞功能引起的主机中央处理单元，并且还可以提高分组处理系统的整体资源效率。（附图标记）（310）外部接口; （320）分组处理队列; （330）检查结果队列; （410）分组检查队列; （420）检验部

47. 发明公开

KR1020140030662A 고가용성 시스템에서 소프트웨어 업데이트를 수행하기 위한 방법 및 장치 有权
标题翻译：在高可用性系统中执行软件升级的方法和设备
公开(公告)号：KR1020140030662A
公开(公告)日：2014-03-12
申请号：KR1020120097111
申请日：2012-09-03
申请人： 주식회사 시큐아이
发明人： 송민수
IPC分类号： G06F15/16 , G06F13/14 , G06F9/06
摘要： A method and apparatus for performing software upgrade in a high availability system are disclosed. The method comprises the steps of: receiving, by a first device, software update data; determining, by the first device, whether a service status of each of the first device and a second device is service enable or service disable; if the service status of each of the first and second devices is the service enable, transmitting, by the first device, the software update data to the second device to request software update of the second device; performing, by the second device, the software update in response to the software update request of the first device; determining, by the first device, whether the software update of the second device is completed or not; and if the software update of the second device is completed, performing the software update by the first device. By updating software of devices in a high availability system in accordance with the present invention, the disconnection of services by software update may be minimized, and a software version mismatch between devices may be solved to provide a continuous and stable high availability system. [Reference numerals] (210) Receive software update data; (220) Determine a service status; (230) Request software update; (240) Allow a second device to update software; (250) Determine whether the software is completely updated; (260) Allow a first device to update software; (AA) Start; (BB) End
摘要翻译：公开了一种用于在高可用性系统中执行软件升级的方法和装置。该方法包括以下步骤：由第一设备接收软件更新数据; 由所述第一设备确定所述第一设备和第二设备中的每一个的服务状态是否为服务启用或服务禁用; 如果第一和第二设备中的每一个的服务状态是服务启用，则由第一设备将软件更新数据发送到第二设备以请求第二设备的软件更新; 响应于第一设备的软件更新请求，由第二设备执行软件更新; 由所述第一设备确定所述第二设备的软件更新是否完成; 并且如果第二设备的软件更新完成，则由第一设备执行软件更新。通过根据本发明更新高可用性系统中的设备的软件，可以最小化通过软件更新的服务断开，并且可以解决设备之间的软件版本不匹配以提供连续且稳定的高可用性系统。（附图标记）（210）接收软件更新数据; （220）确定服务状态; （230）请求软件更新; （240）允许第二个设备更新软件; （250）确定软件是否完全更新; （260）允许第一个设备更新软件; （AA）开始; （BB）结束

48. 外观设计

KR3007332080000S 有权
公开(公告)号：KR3007332080000S
公开(公告)日：2014-03-11
申请号：KR3020130053826
申请日：2013-10-25
申请人： 주식회사 시큐아이
设计人： 김정현

49. 发明授权

KR101342977B1 고가용성 시스템에서 세션을 동기화하기 위한 방법 및 장치 有权
标题翻译：在高可用性系统中同步会话的方法和设备
公开(公告)号：KR101342977B1
公开(公告)日：2013-12-19
申请号：KR1020120100820
申请日：2012-09-12
申请人： 주식회사 시큐아이
发明人： 김종덕
IPC分类号： H04L7/02
CPC分类号： H04L67/142 , H04L47/323
摘要： A method for synchronizing a session in a high availability system is disclosed according to an embodiment of the present invention. The method comprises a step of receiving data packets; a step of determining the formation of a session related to the data packets; a step of identifying the type of the data packet when the session related to the data packet is not formed based on the determination result; a step of queuing the data packet during the predetermined time when the data packet is identified as a TCP SYN/ACK packet; a step of determining the formation of the session related to the data packet again when the predetermined time passes; a step of updating session information related to the session based on the data packet when the session related to the data packet is formed based on the determination result; a step of synchronizing the session by transmitting the updated session information to other apparatus comprising the high availability system. The present invention confirms the state of session non-synchronization when the response packet of the TCP SYN packet is arrived, guarantees the session synchronization, and minimizes the occurrence of unnecessary response delay by generating response delay for the session in which the non-synchronization is generated and by delaying the process of the TCP SYN/ACK packet. [Reference numerals] (310) Packet reception;(320,370) Session formation?;(330) Packet identification?;(340) Session allowance?;(350) Session generation and synchronization;(360) Packet queing;(380) Session update;(390) Packet transmission;(AA) Wash first curved tempered glass;(BB,FF,GG) YES;(CC,DD,EE) NO;(HH) End
摘要翻译：根据本发明的实施例公开了一种用于在高可用性系统中同步会话的方法。该方法包括接收数据包的步骤; 确定与所述数据分组相关联的会话的形成的步骤; 基于确定结果，当没有形成与数据分组相关的会话时识别数据分组的类型的步骤; 在数据分组被识别为TCP SYN / ACK分组的预定时间期间排队数据分组的步骤; 当预定时间过去时，再次确定与数据分组相关的会话的形成的步骤; 基于所述确定结果，当与所述数据分组相关的会话形成时，基于所述数据分组来更新与所述会话相关的会话信息的步骤; 通过将更新的会话信息发送到包括高可用性系统的其他设备来同步会话的步骤。当TCP SYN分组的响应分组到达时，本发明确认了会话不同步的状态，保证了会话同步，并且通过生成不同步的会话的响应延迟来最小化不必要的响应延迟的发生并通过延迟TCP SYN / ACK包的处理。（310）分组接收;（320,370）会话形成α;（330）分组标识α;（340）会话容限α;（350）会话生成和同步;（360）分组排队;（380）会话更新（390）分组传输;（AA）洗涤第一弯曲钢化玻璃;（BB，FF，GG）是;（CC，DD，EE）NO;（HH）结束

50. 发明授权

KR101328627B1 패킷 처리 장치 및 그것의 패킷 처리 방법 有权
标题翻译：分组处理器和分组处理方法
公开(公告)号：KR101328627B1
公开(公告)日：2013-11-14
申请号：KR1020120008273
申请日：2012-01-27
申请人： 주식회사 시큐아이
发明人： 이재원
IPC分类号： H04L12/70 , H04L9/00
摘要： 본 발명은 패킷 전송망을 통해 데이터 패킷을 전송하는 패킷 처리 장치 및 그것의 패킷 처리 방법에 관한 것이다. 본 발명의 실시 예에 따른 패킷 처리 방법은 외부로부터 데이터 패킷들을 수신하는 단계를 포함한다. 이때 데이터 패킷들 각각의 헤더는 대응하는 데이터 패킷의 세션(session) 정보에 기반하여 생성된 해쉬 값을 포함한다. 해쉬 값에 따라 데이터 패킷들을 복수의 큐잉 블록들 중 어느 하나에 할당하는 단계, 그리고 프로세싱 유닛들에서, 대응하는 큐잉 블록들에 할당된 데이터 패킷들을 처리하는 단계를 더 포함한다.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式