Apparatus and method of protecting user's privacy information and intellectual property against denial of information attack

US 20070136139A1
Filed: 12/05/2006
Published: 06/14/2007
Est. Priority Date: 12/08/2005
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus for protecting a user'"'"'s privacy information and intellectual property, the apparatus comprising:

an inbound processing unit determining whether inbound contents are harmful traffic using black lists and blocking the inbound contents based on the determination result;

an identity and access management (IAM)/network access control (NAC) solution unit detecting and blocking internal, abnormal user activity and/or a malicious attack, which targets privacy information and intellectual property, using user access control and device access control; and

an outbound processing unit preventing the leakage of the privacy information and intellectual property through outbound contents using white lists.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided are an apparatus and method of protecting a user'"'"'s privacy information and corporate intellectual property against a denial-of-information (DoI) attack, and more particularly, a privacy & intellectual property protection framework (PIPPF) and a network-based privacy & intellectual property protection system (NPIPPS). The PIPPF includes the NPIPPS and an integrated identity access and management (IAM)/network access control (NAC) solution. The NPIPPS monitors inbound and outbound contents at the network level and prevents the leakage of important information. In addition, the integrated IAM/NAC solution prevents abnormal user activity within a network and unauthorized use of information.

Citations

8 Claims

1. An apparatus for protecting a user'"'"'s privacy information and intellectual property, the apparatus comprising:
- an inbound processing unit determining whether inbound contents are harmful traffic using black lists and blocking the inbound contents based on the determination result;
  
  an identity and access management (IAM)/network access control (NAC) solution unit detecting and blocking internal, abnormal user activity and/or a malicious attack, which targets privacy information and intellectual property, using user access control and device access control; and
  
  an outbound processing unit preventing the leakage of the privacy information and intellectual property through outbound contents using white lists.
- View Dependent Claims (2, 3, 4)
- - 2. The apparatus of claim 1, wherein the inbound processing unit combines a determination result of a rule-based attack, which can be detected based on a rule database (DB), with a determination result of an activity-based attack, which can be detected based on whether a traffic activity pattern is abnormal, determines whether an attack has been launched based on the combined determination results, and passes, controls or blocks the attack.
  - 3. The apparatus of claim 1, wherein the IAM/NAC solution unit blocks illegal access or the malicious attack by allowing authorized users to have access to authorized devices based on user ID information of each user and device ID information of each device.
  - 4. The apparatus of claim 1, wherein the outbound processing unit prevents the leakage of the privacy information and intellectual property by comparing a log of the outbound contents with the white lists.

5. A method of protecting a user'"'"'s privacy information and intellectual property, the method comprising:
- determining whether inbound contents are harmful traffic using black lists and blocking the inbound contents based on the determination result;
  
  detecting and blocking internal, abnormal user activity of a user and/or a malicious attack, which targets privacy information and intellectual property, through user access control and device access control using an IAM/NAC solution; and
  
  preventing the leakage of the privacy information and intellectual property through outbound contents using white lists.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5, wherein the determining of whether the inbound contents are harmful traffic and blocking the inbound contents based on the determination result comprises:
    - detecting a rule-based attack based on a rule DB and/or an activity-based attack based on whether a traffic activity pattern is abnormal;
      
      determining whether an attack has been launched based on the result of combining the rule-based and activity-based attacks; and
      
      updating the rule DB based on the determination result and passing, controlling or blocking the traffic according to an administration policy.
  - 7. The method of claim 5, wherein the detecting and blocking of the internal, abnormal user activity and/or the malicious attack comprises blocking illegal access or the malicious attack by allowing users to have access to authorized devices based on user ID information of each user and device ID information of each device.
  - 8. The method of claim 5, wherein the preventing of the leakage of the privacy information and intellectual property comprises:
    - comparing a log of the outbound contents with the white lists and determining whether the privacy information and intellectual property have been illegally leaked; and
      
      passing, controlling or blocking illegally leaked privacy information and intellectual property according to the administration policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
Seo, Dong, Jang, Jong, Choi, Byeong, Kim, Kook, Ryu, Jong

Application Number

US11/634,446
Publication Number

US 20070136139A1
Time in Patent Office

Days
Field of Search
US Class Current

705/18
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/101   Access control lists [ACL]

H04L 63/1408   by monitoring network traff...

Apparatus and method of protecting user's privacy information and intellectual property against denial of information attack

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method of protecting user's privacy information and intellectual property against denial of information attack

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links