-
公开(公告)号:US11991150B2
公开(公告)日:2024-05-21
申请号:US17467793
申请日:2021-09-07
发明人: Gak-Soo Lim , Sung-Jin Kim , Jung-Hwan Kang , Seung-Hun Han , Byung-Joon Kim
IPC分类号: H04L9/40
CPC分类号: H04L63/0272 , H04L63/20 , H04L63/0428
摘要: Disclosed herein are an apparatus and method for providing a remote work environment. The apparatus includes one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program performs Virtual Private Network (VPN) authentication in response to a request for remote access to a work network from a user terminal, performs user authentication in order to connect the user terminal that succeeds in VPN authentication to the work network, decrypts the encrypted user data area of the user terminal that is connected to the work network, and provides the remote work environment to the user terminal based on the user data area through the work network.
-
公开(公告)号:US11204776B2
公开(公告)日:2021-12-21
申请号:US15069094
申请日:2016-03-14
发明人: Sung-Jin Kim , Woomin Hwang , Byung-Joon Kim , Chul-Woo Lee , Hyoung-Chun Kim
IPC分类号: G06F16/11 , G06F16/188 , G06F16/23 , G06F9/455 , G06F9/4401
摘要: Disclosed herein are an apparatus and method for booting a virtual machine. The apparatus for booting a virtual machine includes: an access unit for accessing a virtual disk, corresponding to a virtual machine that exists in a virtualization area, using a trap generated by a trap generation unit, and for controlling the input and output of data stored in the virtual disk; an extraction unit for extracting data used for booting from the virtual disk; and a verification unit for extracting a trusted boot image from image storage and verifying the integrity of the data used for booting based on a result of comparing the trusted boot image with the data used for booting.
-
公开(公告)号:US11159577B2
公开(公告)日:2021-10-26
申请号:US16555026
申请日:2019-08-29
发明人: Hyunyi Yi , Sung-Jin Kim , Chulwoo Lee , Woomin Hwang , Byungjoon Kim
IPC分类号: H04L29/06
摘要: A method for interworking of a security tool and a cloud platform includes checking whether there is a record of confirming or applying security related to a target identifier when a cloud platform client calls a platform interface module, determining whether to interwork with the security tool when the record of confirming or applying security related to the target identifier is not present, requesting a resource required for running the security tool to the cloud platform when the security tool is invoked, and obtaining the resource from the cloud platform and storing the same.
-
公开(公告)号:US10965679B2
公开(公告)日:2021-03-30
申请号:US15938003
申请日:2018-03-28
发明人: Woomin Hwang , Hyunyi Yi , Sung-Jin Kim , Seong-Joong Kim , Chulwoo Lee , Byung-Joon Kim , Hyoung-Chun Kim
IPC分类号: H04L29/06 , G06F9/455 , G06F16/13 , G06F16/172 , G06F16/182 , G06F16/17
摘要: An apparatus for monitoring file access in a virtual machine in a cloud-computing system based on a virtualized environment includes a hypervisor for implementing at least one virtual machine and managing the virtual machine by monitoring a task in which a the virtual machine accesses a file loaded from storage to memory, the storage storing data including environment information of the virtual machine.
-
公开(公告)号:US10534653B2
公开(公告)日:2020-01-14
申请号:US15810790
申请日:2017-11-13
发明人: Woomin Hwang , Sung-Jin Kim , Byung-Joon Kim , Hyunyi Yi , Chulwoo Lee , Hyoung-Chun Kim
摘要: A hypervisor-based virtual machine isolation apparatus and method. The hypervisor-based virtual machine isolation method performed by the hypervisor-based virtual machine isolation apparatus includes when a hypervisor starts to run virtual machines, allocating one or more colors to each of the virtual machines, allocating a page frame corresponding to the allocated colors to the corresponding virtual machine, allocating an accessible core depending on the colors of the virtual machine, and performing isolation between virtual machines corresponding to an identical color by changing a temporal/spatial scheduling order between the virtual machines corresponding to the identical color.
-
公开(公告)号:US10121004B2
公开(公告)日:2018-11-06
申请号:US15274126
申请日:2016-09-23
发明人: Sung-Jin Kim , Woomin Hwang , ByungJoon Kim , ChulWoo Lee , HyoungChun Kim
摘要: An apparatus and method for monitoring a virtual machine based on a hypervisor. The method for monitoring a virtual machine based on a hypervisor includes monitoring an attempt to access an executable file located in a virtual machine, when the attempt to access the executable file is detected, extracting a system call transfer factor, input through a task that attempted to make access, acquiring, based on the system call transfer factor, an execution path corresponding to the executable file and a reference path corresponding to a reference file that is executed together with the executable file, and checking based on the execution path and the reference path whether any of the executable file and the reference file is malicious, and collecting a file in which malicious code is present when the malicious code is present in any of the executable file and the reference file.
-
公开(公告)号:US09674143B2
公开(公告)日:2017-06-06
申请号:US14474242
申请日:2014-09-01
发明人: ChulWoo Lee , ByungJoon Kim , Sung-Jin Kim , HyoungChun Kim
CPC分类号: H04L63/0218 , H04L12/22 , H04L41/046 , H04L63/20
摘要: The security control apparatus includes a network control unit for receiving a security protocol-based packet that includes a protocol control header and data and that is transmitted between a cloud-based virtual desktop interaction remote agent unit and a virtual machine of a cloud-based virtual desktop interaction device, and blocking network traffic between cloud-based virtual desktop interaction remote agent unit and the virtual machine, depending on received results of checking. A policy checking unit checks whether information extracted from the security protocol-based packet is compliant with control policies, and transmits results of checking to the network control unit. If the information is not compliant with the control policies, a security solution interaction unit transmits the extracted information to an external security solution, and transmits results of checking by a corresponding security solution to the network control unit.
-
8.发明授权公开(公告)号:US10802863B2
公开(公告)日:2020-10-13
申请号:US15975932
申请日:2018-05-10
发明人: Hyunyi Yi , Sung-Jin Kim , Woomin Hwang , Seong-Joong Kim , Chulwoo Lee , Byung-Joon Kim , Hyoung-Chun Kim
摘要: An apparatus and method for storing an audit trail in response to execution of a virtual-machine process. The method for storing an audit trail, performed by the apparatus for storing an audit trail in response to execution of a virtual-machine process, includes detecting execution of a process inside a virtual machine, determining whether the executed process is a monitoring target process and determining a type of the process, activating one or more monitoring events for monitoring at least one of an upload, a download and a drop by the process based on a result of the determination, and storing information about occurrence of the activated monitoring event as an audit trail.
-
公开(公告)号:US10318275B2
公开(公告)日:2019-06-11
申请号:US15656206
申请日:2017-07-21
发明人: Sung-Jin Kim , Woomin Hwang , Byung-Joon Kim , Hyun-Yi Yi , Chul-Woo Lee , Hyoung-Chun Kim
IPC分类号: G06F8/65 , G06F9/455 , G06F9/4401
摘要: A software update apparatus and method in a virtualized environment. The software update method performed by a software update apparatus in a virtualized environment includes monitoring an operation that is invoked when software is updated in a guest operating system area, creating a software profile by analyzing results of the monitoring, mounting a virtual disk image for a target virtual machine in a target directory in a virtual machine monitor area, and incorporating update information of at least one of a file and a registry that are specified in the software profile into the target directory in which the virtual disk image is mounted.
-
公开(公告)号:US10263992B2
公开(公告)日:2019-04-16
申请号:US15213556
申请日:2016-07-19
发明人: Taeho Nam , Seung-hun Han , Jung-hwan Kang , Wook Shin , HyoungChun Kim , ByungJoon Kim , Sung-Jin Kim
IPC分类号: H04L29/06 , G06F16/9535 , G06F21/55
摘要: A method for providing a browser using browser processes separated based on access privileges and an apparatus using the method. The method includes acquiring a first address corresponding to a first webpage; acquiring a first set of terminal access privileges based on the first address from a privilege control list and executing a first browser process corresponding to the first set of terminal access privileges; determining whether to allow rendering by comparing the first set of terminal access privileges with a second set of terminal access privileges corresponding to a second webpage when the first browser process attempts to render the second webpage; and if the rendering is not allowed, blocking the first browser process from rendering and rendering the second webpage by executing a second browser process corresponding to the second set of terminal access privileges.
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.022 秒)
