Abstract: A transmission method of a domain gateway over a vehicle network based on automotive Ethernet includes receiving, by a domain gateway of a first domain, transmission data on a CAN packet basis from a transmitting-side ECU; transmitting, by the domain gateway of the first domain, the transmission on an Ethernet packet basis to a domain gateway of a second domain; and transmitting, by the domain gateway of the second domain, the transmission data on a CAN packet basis to a receiving-side ECU. The CAN packet includes a CAN ID field, and the CAN ID field includes a CAN message section and an authentication section.

Abstract: Disclosed herein is an apparatus for supporting authentication between devices, which includes a certificate information storage unit for storing certificate data of a first terminal for managing a certificate; a communication unit for receiving a request for a certificate of the first terminal, which uses a signature value and certificate-related information corresponding to the first terminal, from a second terminal and returning information corresponding to a valid certificate of the first terminal to the second terminal in order to enable the second terminal to authenticate the first terminal; and a certificate verification unit for verifying whether a certificate of the first terminal is valid.

Abstract: An apparatus and method for managing meter data. The apparatus for managing meter data includes a metering unit for acquiring meter data from a target device based on time information; a communication unit for receiving a message including the time information from a server device and transmitting the meter data to the server device; and a security unit for creating a private key using the time information and encrypting the meter data using the private key.

Abstract: Disclosed herein is an apparatus for providing firmware update, which includes a state information analysis unit for analyzing device state information received from a firmware update target device and thereby acquiring information about a version of existing firmware and information about a storage unit of the firmware update target device; an image creation unit for creating a delta image in units of pages based on a flash memory page size included in the information about the storage unit and on a difference between the existing firmware and new firmware; an update information creation unit for creating update information in which an update method is specified; and a communication unit for transmitting the update information and the delta image to the firmware update target device in order to update the existing firmware of the firmware update target device based on the update method.

Abstract: Disclosed herein is an apparatus for supporting authentication between devices, which includes a certificate information storage unit for storing certificate data of a first terminal for managing a certificate; a communication unit for receiving a request for a certificate of the first terminal, which uses a signature value and certificate-related information corresponding to the first terminal, from a second terminal and returning information corresponding to a valid certificate of the first terminal to the second terminal in order to enable the second terminal to authenticate the first terminal; and a certificate verification unit for verifying whether a certificate of the first terminal is valid.

Abstract: Provided is a method of updating an integrity check value (ICV) stored in a hardware security module (HSM). The method includes storing user authentication information of the terminal transferred from the terminal to preregister a user of the terminal, transferring an authentication information request message, requesting the user authentication information, to the terminal in response to an update request message which is transferred from the terminal and includes an update value of the ICV, comparing the user authentication information transferred from the terminal with the stored user authentication information to perform an authentication operation on the user of the terminal according to the authentication information request message; and when the user of the terminal is successfully authenticated, updating the stored ICV by using the update value.

Abstract: The present invention relates to an apparatus and a method for transferring a data signal between a smartcard interface and an interface of a processor within an embedded system. According to an exemplary embodiment of the present invention, an interface conversion device communicating between a processor and a smartcard IC chip includes: an input/output signal conversion logic configured to transfer a signal between a first interface of the processor and a second interface of the smartcard IC chip; a clock generator configured to generate a clock signal driving the smartcard IC chip depending on a first control signal received from the processor and provide the generated clock signal to the smartcard IC chip; and a reset controller configured to generate a reset signal depending on a second control signal received from the processor and provide the generated reset signal to the smartcard IC chip.

Abstract: An apparatus for providing near field communication (NFC) for a mobile device, includes a USB (universal serial bus) signal processing unit configured to convert a signal of the mobile device, which is received through a USB interface into a value to be processed in a central processing unit, and convert a value received from the central processing unit into a signal to be transmitted to the USB interface. Further, the apparatus includes an analog signal processing unit configured to convert an analog signal received from an outside device into a digital signal, and convert a digital signal of the central processing unit into an analog signal to transmit the converted analog signal to the antenna.

Abstract: Provided is a method of updating an integrity check value (ICV) stored in a hardware security module (HSM). The method includes storing user authentication information of the terminal transferred from the terminal to preregister a user of the terminal, transferring an authentication information request message, requesting the user authentication information, to the terminal in response to an update request message which is transferred from the terminal and includes an update value of the ICV, comparing the user authentication information transferred from the terminal with the stored user authentication information to perform an authentication operation on the user of the terminal according to the authentication information request message; and when the user of the terminal is successfully authenticated, updating the stored ICV by using the update value.

Abstract: A mobile computing system for providing a high-security execution environment is provided. The mobile computing system separates execution environments in the same mobile device on the basis of virtualization technology and manages user-specific execution environments using the same hardware security module, thereby facilitating protection of personal privacy.

Abstract: Disclosed herein are a universal subscriber identification module card and a communication method using the same. The universal subscriber identification module card includes a Universal Subscriber Identification Module (USIM) chip, a pad, and a security chip. The USIM chip performs the user authentication of a mobile terminal. The pad electrically connects the USIM chip to the mobile terminal when the USIM chip is inserted into the mobile terminal. The security chip performs a security function for the mobile terminal independently of the USIM chip and shares the two power terminals of the pad with the USIM chip.

Abstract: The present invention relates to an apparatus and a method for transferring a data signal between a smartcard interface and an interface of a processor within an embedded system. According to an exemplary embodiment of the present invention, an interface conversion device communicating between a processor and a smartcard IC chip includes: an input/output signal conversion logic configured to transfer a signal between a first interface of the processor and a second interface of the smartcard IC chip; a clock generator configured to generate a clock signal driving the smartcard IC chip depending on a first control signal received from the processor and provide the generated clock signal to the smartcard IC chip; and a reset controller configured to generate a reset signal depending on a second control signal received from the processor and provide the generated reset signal to the smartcard IC chip.

Abstract: There are provided a method and apparatus for detecting and handling a malicious act that performs billing and takes a financial gain using a short message service (SMS) in real time. The apparatus includes an SMS collecting module configured to collect an SMS message sent from or received in a smartphone; an SMS parsing module configured to parse the collected SMS message; an SMS examining module configured to examine at least one field of the parsed SMS message and determine whether the SMS message is a malicious act-related message based on an access control list (ACL) and an SMS signature DB; and an installing app examining module configured to examine SMS message sending permission of an app to be installed in the smartphone and a priority of an SMS receiver process included in the app and determine whether the app has a possibility of being malware.

Abstract: A method for sharing and updating a key using a watermark is disclosed. The method includes receiving an image to be encoded from an image input device encoding the image, and inserting a master key value as a watermark into the encoded image, for use as an input of a key derivation function.

Abstract: A mobile computing system for providing a high-security execution environment is provided. The mobile computing system separates execution environments in the same mobile device on the basis of virtualization technology and manages user-specific execution environments using the same hardware security module, thereby facilitating protection of personal privacy.

Abstract: Disclosed herein are a universal subscriber identification module card and a communication method using the same. The universal subscriber identification module card includes a Universal Subscriber Identification Module (USIM) chip, a pad, and a security chip. The USIM chip performs the user authentication of a mobile terminal. The pad electrically connects the USIM chip to the mobile terminal when the USIM chip is inserted into the mobile terminal. The security chip performs a security function for the mobile terminal independently of the USIM chip and shares the two power terminals of the pad with the USIM chip.

Abstract: An apparatus for providing security functions in a computing system includes: at least one normal service domain executing service; a secure service domain performing integrity verification on a service execution environment of at least one normal service domain, and performing the security service function for the service in accordance with the result of the integrity verification; and a virtual machine monitor separating service execution environments of at least one normal service domain and the secure service domain, respectively, based on the same hardware device. According to the present invention, it is possible to enhance the security for execution environments of the computing system and the data stored in the system, by allowing the corresponding services, which need security service functions in the normal service domain, to be executed necessarily only when integrity verification of the execution environment succeeds by linking the secure service domain.

Abstract: An apparatus for providing a secure environment of software execution in a terminal device includes a normal service domain and a secure service domain into which a domain of the software is divided based on virtualization. The normal service domain executes a normal service on elements of the software, and the secure service domain executes a security service on elements of the software in response to a request for a security service of the software elements from the normal service domain.

Abstract: A security management server includes an input unit for receiving image data from at least one network camera; a control unit for assigning an access authority level to each image data received via the input unit; and a storage unit for storing therein the image data along with the access authority levels assigned by the control unit. When receiving a request for a specific image data among the image data stored in the storage unit from a user having a user access authority level, the control unit compares the user access authority level and the access authority level assigned to the specific image data, and based on comparison result thereof, selectively provides the specific image data to the user.

Abstract: A wireless communication medium includes an antenna, an analog signal processor, a digital signal processor, and a central processing unit & logic module. The antenna transmits and receives a signal to and from an external apparatus. The analog signal processor converts an analog signal to a digital signal, and converts a digital signal to an analog signal. The digital signal processor demodulates the digital signal, detects the start and end of data, and generates a first control signal for determining whether data is transmitted to the external apparatus and a second control signal for perceiving the end of data, blocking the reception of data, modulating data, and determining whether modulated data is transmitted to the external apparatus. The central processing unit & logic module processes data received from and transmitted to the external apparatus. Accordingly, an efficiency of processing a RF signal can be improved.