公开(公告)号：US20140245448A1

公开(公告)日：2014-08-28

申请号：US13973194

申请日：2013-08-22

Applicant: Electronics and Telecommunications Research Institute

Inventor： Jong Sik MOON ,  Seung Wan HAN ,  Hyun Sook CHO

IPC: G06F21/57

CPC classification number: G06F21/57

Abstract: An apparatus for analyzing a permission of an application for a mobile device, the apparatus comprising: an executable file acquisition unit; a file extraction module; and an execution permission analyzing module configured to detect a security risk which can be caused by the permission on the basis of the permission described in the extracted file, wherein the information related to the permission of the application comprises: information on permission that is declared in the application, permission that the application uses and a function that uses the permission of the application.

Abstract translation: 一种用于分析移动设备的应用的许可的装置，所述装置包括：可执行文件获取单元; 文件提取模块; 以及执行许可分析模块，被配置为基于所提取的文件中描述的许可来检测可能由许可引起的安全风险，其中与应用的许可有关的信息包括： 应用程序，应用程序使用的权限以及使用应用程序许可的功能。

公开(公告)号：US20130218891A1

公开(公告)日：2013-08-22

申请号：US13766743

申请日：2013-02-13

Applicant: Electronics and Telecommunications Research Institute

Inventor： Jae Deok LIM ,  Byeong Cheol CHOI ,  Seung Wan HAN

IPC: G06F17/30

CPC classification number: G06F16/20 ,  G06F21/6218 ,  G06F2221/2143 ,  G06F2221/2149 ,  H04L63/0245 ,  H04L63/1425

Abstract: The present invention provides a method of remotely controlling harmful contents including: storing connection information of a managed-terminal and connection information of a managing-terminal in a database unit by using an administrative server, by transmitting the connection information to the administrative server by using the managed-terminal; analyzing, by the managed-terminal, contents stored in the managed-terminal and creating an analysis result on the contents; requesting, by the managed-terminal, the connection information of the managing-terminal to the administrative server; transmitting, by the managed-terminal, the analysis result on the contents to the managing-terminal by using the connection information of the managing-terminal transmitted from the managing server; and processing, by the managed-terminal, the contents in accordance with a processing request for the contents transmitted from the managing-terminal.

Abstract translation: 本发明提供了一种远程控制有害内容的方法，包括：通过使用管理服务器，将管理终端的连接信息和管理终端的连接信息存储在数据库单元中，通过使用向管理服务器发送连接信息 管理终端; 由被管理终端分析存储在被管理终端中的内容，并对内容创建分析结果; 由管理终端向管理服务器请求管理终端的连接信息; 由管理终端通过使用从管理服务器发送的管理终端的连接信息将内容的分析结果发送到管理终端; 以及由管理终端根据对从管理终端发送的内容的处理请求处理内容。

公开(公告)号：US20140150096A1

公开(公告)日：2014-05-29

申请号：US13775585

申请日：2013-02-25

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Jong Sik MOON ,  Seung Wan HAN ,  Hyun Sook CHO

IPC: G06F21/64

CPC classification number: G06F21/645 ,  G06F21/51

Abstract: An apparatus for assuring integrity of a mobile application or application software (app) includes a developer registration management unit configured to authenticate a mobile app developer based on an authentication means in response to a subscription and registration request of the mobile app developer, and an integrity verification unit configured to verify whether the mobile app has the integrity by unpackaging the mobile app uploaded to an app store server in a packaged state and determine whether to write a code signature of the app store server to the mobile app based on an integrity verification result. Thus, a secure mobile ecosystem can be constructed.

Abstract translation: 用于确保移动应用程序或应用软件（应用程序）的完整性的装置包括：开发者登记管理单元，被配置为响应于移动应用开发者的订阅和注册请求，基于认证装置来认证移动应用开发者;以及完整性 验证单元，其被配置为通过在打包状态下解包上载到应用商店服务器的移动应用来验证移动应用是否具有完整性，并且基于完整性验证结果来确定是否向移动应用写入应用商店服务器的代码签名 。 因此，可以构建安全的移动生态系统。