Abstract: A method and an apparatus for device security verification utilizing a virtual trusted computing base are provided. The validity of a key for decryption is verified by a secure memory loader running on a processor of a device after booting of the device which is a computing device, and if the key is valid, encrypted firmware stored in a memory of the device is decrypted using the key to verify the confidentiality of the firmware. Then, the security memory loader verifies the authentication and integrity of the firmware by comparing a signature value generated for the decrypted firmware with an existing signature value.

Abstract: Disclosed herein are an apparatus and method for detecting a malicious device based on swarm intelligence. The method includes detecting a malicious device by causing at least one exploration ant to access a device swarm along movement routes in which pheromone trail values are taken into consideration, wherein the exploration ant is generated in response to a detection request received from a security management server, when the at least one exploration ant detects a suspicious device that is suspected to be a malicious device, causing the exploration ant to return along the movement routes in reverse order, and returning pheromone trail values generated by devices on the return movement routes to a malicious device detection apparatus, and identifying whether the suspicious device is the malicious device by calculating an optimal solution based on a local information set generated by aggregating the pheromone trail values returned for movement routes.

Abstract: Disclosed herein are a fixed-location Internet-of-Things (IoT) device for protecting secure storage access information and a method for protecting secure storage access information of the fixed-location IoT device.

Abstract: A system for performing an integrity verification based on a distributed delegator and verifying an integrity of a plurality of individual devices based on a network includes: a first individual device which is an integrity verification target of the plurality of individual devices; a second individual device configured to vicariously verify the verification target device of the plurality of individual devices; and a remote device management server configured to select the second individual device of the plurality of individual devices as a verification delegator, and to receive a result of integrity verification of the first individual device by the second individual device.

Abstract: A method and an apparatus for device security verification utilizing a virtual trusted computing base are provided. The validity of a key for decryption is verified by a secure memory loader running on a processor of a device after booting of the device which is a computing device, and if the key is valid, encrypted firmware stored in a memory of the device is decrypted using the key to verify the confidentiality of the firmware. Then, the security memory loader verifies the authentication and integrity of the firmware by comparing a signature value generated for the decrypted firmware with an existing signature value.

Abstract: An apparatus and method for storing device data in an IoT environment. An apparatus for providing a data storage function includes an authentication unit for performing device authentication with a data storage-requesting device and performing data storage authentication with the data storage-requesting device, a data storage unit for storing encryption key basis information, used to generate an encryption key for data encryption, and encrypted data, a request message processing unit for processing a processing request message for the encrypted data received from the data storage-requesting device using the data storage unit, and a communication unit for receiving the processing request message from the data storage-requesting device and transmitting results of processing to the data storage-requesting device.

Abstract: Disclosed herein are an apparatus and method for detecting a malicious device based on swarm intelligence. The method includes detecting a malicious device by causing at least one exploration ant to access a device swarm along movement routes in which pheromone trail values are taken into consideration, wherein the exploration ant is generated in response to a detection request received from a security management server, when the at least one exploration ant detects a suspicious device that is suspected to be a malicious device, causing the exploration ant to return along the movement routes in reverse order, and returning pheromone trail values generated by devices on the return movement routes to a malicious device detection apparatus, and identifying whether the suspicious device is the malicious device by calculating an optimal solution based on a local information set generated by aggregating the pheromone trail values returned for movement routes.

Abstract: Disclosed herein are a fixed-location Internet-of-Things (IoT) device for protecting secure storage access information and a method for protecting secure storage access information of the fixed-location IoT device.

Abstract: Provided are a mobile terminal for providing a one-time password (OTP) and an operation method thereof. The mobile terminal includes a first one-time password (OTP) generating module configured to provide identification information regarding each of a plurality of pieces of OTP data to a user, and output an OTP provided according to any one identification information selected by the user, and a second OTP generating module based on mobile trusted module (MTM) configured to transfer the identification information regarding each of the plurality of pieces of OTP data to the first OTP generating module according to a corresponding request from the first OTP generating module, generate an OTP by using OTP data corresponding to the selected identification information, and transfer the generated OTP to the first OTP generating module.

Abstract: Disclosed herein are a device and method for updating firmware and a firmware update system. The device for updating firmware include an update manager for receiving delta information about the latest version of firmware from an update server by checking information about a version of firmware installed in a terminal device and for updating the firmware installed in the terminal device using the delta information, and a bootloader for restoring the updated firmware using previously stored backup information when the updated firmware is not normally launched or when an error occurs during the update of the firmware.

Abstract: A system for performing an integrity verification based on a distributed delegator and verifying an integrity of a plurality of individual devices based on a network includes: a first individual device which is an integrity verification target of the plurality of individual devices; a second individual device configured to vicariously verify the verification target device of the plurality of individual devices; and a remote device management server configured to select the second individual device of the plurality of individual devices as a verification delegator, and to receive a result of integrity verification of the first individual device by the second individual device.

Abstract: The present invention relates to an apparatus and a method for transferring a data signal between a smartcard interface and an interface of a processor within an embedded system. According to an exemplary embodiment of the present invention, an interface conversion device communicating between a processor and a smartcard IC chip includes: an input/output signal conversion logic configured to transfer a signal between a first interface of the processor and a second interface of the smartcard IC chip; a clock generator configured to generate a clock signal driving the smartcard IC chip depending on a first control signal received from the processor and provide the generated clock signal to the smartcard IC chip; and a reset controller configured to generate a reset signal depending on a second control signal received from the processor and provide the generated reset signal to the smartcard IC chip.

Abstract: Disclosed herein is an electronic device including a message creation unit for creating an authentication message that includes hardware information and security level information for mutual authentication with an additional electronic device; a communication unit for sending the authentication message to the additional electronic device and receiving an authentication message of the additional electronic device from the additional electronic device; an authentication algorithm selection unit for selecting an authentication algorithm for mutual authentication with the additional electronic device based on hardware information and security level information of the additional electronic device, which are included in the authentication message of the additional electronic device; and an authentication processing unit for performing a mutual authentication process using the selected authentication algorithm.

Abstract: Provided are a mobile terminal for providing a one-time password (OTP) and an operation method thereof. The mobile terminal includes a first one-time password (OTP) generating module configured to provide identification information regarding each of a plurality of pieces of OTP data to a user, and output an OTP provided according to any one identification information selected by the user, and a second OTP generating module based on mobile trusted module (MTM) configured to transfer the identification information regarding each of the plurality of pieces of OTP data to the first OTP generating module according to a corresponding request from the first OTP generating module, generate an OTP by using OTP data corresponding to the selected identification information, and transfer the generated OTP to the first OTP generating module.

Abstract: A mobile computing system for providing a high-security execution environment is provided. The mobile computing system separates execution environments in the same mobile device on the basis of virtualization technology and manages user-specific execution environments using the same hardware security module, thereby facilitating protection of personal privacy.

Abstract: Disclosed herein are a universal subscriber identification module card and a communication method using the same. The universal subscriber identification module card includes a Universal Subscriber Identification Module (USIM) chip, a pad, and a security chip. The USIM chip performs the user authentication of a mobile terminal. The pad electrically connects the USIM chip to the mobile terminal when the USIM chip is inserted into the mobile terminal. The security chip performs a security function for the mobile terminal independently of the USIM chip and shares the two power terminals of the pad with the USIM chip.

Abstract: The present invention relates to an apparatus and a method for transferring a data signal between a smartcard interface and an interface of a processor within an embedded system. According to an exemplary embodiment of the present invention, an interface conversion device communicating between a processor and a smartcard IC chip includes: an input/output signal conversion logic configured to transfer a signal between a first interface of the processor and a second interface of the smartcard IC chip; a clock generator configured to generate a clock signal driving the smartcard IC chip depending on a first control signal received from the processor and provide the generated clock signal to the smartcard IC chip; and a reset controller configured to generate a reset signal depending on a second control signal received from the processor and provide the generated reset signal to the smartcard IC chip.

Abstract: There are provided a method and apparatus for detecting and handling a malicious act that performs billing and takes a financial gain using a short message service (SMS) in real time. The apparatus includes an SMS collecting module configured to collect an SMS message sent from or received in a smartphone; an SMS parsing module configured to parse the collected SMS message; an SMS examining module configured to examine at least one field of the parsed SMS message and determine whether the SMS message is a malicious act-related message based on an access control list (ACL) and an SMS signature DB; and an installing app examining module configured to examine SMS message sending permission of an app to be installed in the smartphone and a priority of an SMS receiver process included in the app and determine whether the app has a possibility of being malware.

Abstract: A surveillance video transmission apparatus, includes a video input unit configured to collect physical videos and make the collected physical videos informative; a video analysis unit configured to analyze content of the collected video by recognizing the collected video and detecting an event; and an encryption selection unit configured to select one of a non-encryption mode, a regions-of-interest encryption mode and a full video encryption mode based on the analysis result of the collected video. Further, the surveillance video transmission apparatus includes a video process unit configured to perform one of a non-encryption, a regions-of-interest encryption and a full video encryption and encoding on the collected video according to the selected encryption mode; and a video transmission unit configured to transmit the encoded video and encryption-related information to a surveillance video receiving apparatus.

Abstract: A method for sharing and updating a key using a watermark is disclosed. The method includes receiving an image to be encoded from an image input device encoding the image, and inserting a master key value as a watermark into the encoded image, for use as an input of a key derivation function.