Patents by Inventor Jae Hoon Nah
Jae Hoon Nah has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230334479Abstract: Disclosed herein are a certificate verification method and apparatus using a Non-Fungible Token (NFT). The certificate verification method includes receiving a user Identification(ID) and a certificate image, extracting Optical Character Reader (OCR) data from the certificate image, generating metadata based on the OCR data, and verifying a certificate by comparing content of a token registered in a blockchain based on the user ID with the generated metadata.Type: ApplicationFiled: January 19, 2023Publication date: October 19, 2023Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventor: Jae-Hoon NAH
-
Patent number: 10200155Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.Type: GrantFiled: July 3, 2017Date of Patent: February 5, 2019Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Byoung-Koo Kim, Seon-Gyoung Sohn, Boo-Sun Jeon, Young-Jun Heo, Dong-Ho Kang, Jung-Chan Na, Byeong-Cheol Choi, Jae-Hoon Nah, Seoung-Hyeon Lee
-
Publication number: 20180109356Abstract: Disclosed herein are a one-way data transmission apparatus, a one-way data reception apparatus, and a one-way data transmission/reception method using the apparatuses. The one-way data transmission/reception method uses a one-way data transmission apparatus and a one-way data reception apparatus, and includes receiving data from a high-security zone through a one-way path, generating tag information of the data, sending a message in which the tag information is added to the data to the one-way data reception apparatus, receiving the message from the one-way data transmission apparatus, checking the tag information of the message, and transmitting the data to a low-security zone.Type: ApplicationFiled: July 3, 2017Publication date: April 19, 2018Inventors: Byoung-Koo KIM, Seon-Gyoung SOHN, Boo-Sun JEON, Young-Jun HEO, Dong-Ho KANG, Jung-Chan NA, Byeong-Cheol CHOI, Jae-Hoon NAH, Seoung-Hyeon LEE
-
Publication number: 20160234199Abstract: Disclosed herein are a method and apparatus for providing authentication based on aggregated attributes in federated identity management. A federated identity system includes a user terminal, a server of a service provider, a first identity provision server, and a second identity provision server. The first identity provision server and the second identity provision server respectively provide attributes of a user's identity. The user terminal determines whether providing service to the user terminal is permissible, using the aggregated attributes. When it is determined that provision of the service is permissible, the user terminal acquires the service from the server of the service provider.Type: ApplicationFiled: February 5, 2016Publication date: August 11, 2016Inventors: Jae-Hoon NAH, Sang-Woo LEE
-
Publication number: 20150295918Abstract: Disclosed is a user authenticating method in a web mash-up circumstance, including: requesting, by a mash-up server, updating an access authority token for accessing a data server to an authentication server; requesting, by the authentication server, a user authentication to the mash-up server; and issuing, by the authentication server, the updated access authority token to the mash-up server based on a response result to the user authentication request.Type: ApplicationFiled: March 24, 2015Publication date: October 15, 2015Inventors: Jae Hoon NAH, Sang Woo LEE, Jung Chan NA
-
Patent number: 8769280Abstract: An authentication apparatus for a non-real-time IPTV system decrypts a first encrypted value included in a contents request message received from a device using a preset session key, and then verifies the validity of the contents request message. If the verification results of the contents request message are valid, the authentication apparatus encrypts a variation between timestamps of the authentication apparatus and the device using the session key, and then generates a second encrypted value. After verification information by which the device is capable of verifying the authentication apparatus has been generated using the second encrypted value, the authentication apparatus sends verification information, together with contents corresponding to the contents request message, to the device.Type: GrantFiled: June 28, 2011Date of Patent: July 1, 2014Assignee: Electronics and Telecommunications Research InstituteInventors: Dae-Hee Seo, Hyeok-Chan Kwon, Seung-Min Lee, Yong-Hyuk Moon, Jae-Hoon Nah, Taek-Yong Nam, Dong-Il Seo
-
Patent number: 8724805Abstract: A security label generation apparatus for scalable content distribution, includes a scalable content transmitter for receiving service level requirements of a user and network bandwidth information over a network and generating security labels and encrypted scalable units. Further, the security label generation apparatus includes a scalable content receiver for receiving the encrypted scalable units and the security labels from the scalable content transmitter and for decrypting, decoding, playing, modifying, storing or redistributing the encrypted scalable units based on the security labels. Furthermore, the security label generation apparatus includes scalable content storage for searching for scalable content and metadata corresponding to a request of the scalable content transmitter.Type: GrantFiled: December 19, 2011Date of Patent: May 13, 2014Assignee: Electronics and Telecommunications Research InstituteInventors: Yong-Hyuk Moon, Dong il Seo, Jae Hoon Nah, Hyeokchan Kwon, Seungmin Lee, Taek Yong Nam, Dae-Hee Seo
-
Publication number: 20140115661Abstract: The present invention relates to an information protection technology for management of a web mashup content authority. An exemplary embodiment of the present invention provides a user authentication method for using a web multi content, which includes: confirming whether to include authority information of a user for at least one content to request a domain which supplies the content to verify an authority of the user; performing authentication for the user who wants to use the content; verifying whether a request of the user to use the content is within an authenticated authority; and decoding the content to be supplied. According to the present invention, in a web service environment where only one protocol is used by the same origin policy, access control for data convergence is provided. In a web convergence service environment, a modification or plagiarism of a content (data or code) is prevented in advance.Type: ApplicationFiled: September 16, 2013Publication date: April 24, 2014Applicant: Electronics and Telecommunications Research InstituteInventor: Jae Hoon NAH
-
Patent number: 8543804Abstract: An adaptive security policy based scalable video service apparatus includes a video streaming server, an adaptive security policy server and a terminal. The video streaming server receives a service demand via a network and generates an encrypted streaming data. The adaptive security policy server analyzes a media structure and the service demand, by using a service profile received from the video streaming server, so as to generate a security policy description. The terminal generates and transmits the service demand to the video streaming server or the adaptive security server, obtains the encrypted streaming data from the video streaming server and decrypts the encrypted streaming data for playback, storing and retransmission.Type: GrantFiled: May 6, 2010Date of Patent: September 24, 2013Assignee: Electronics and Telecommunications Research InstituteInventors: Yong Hyuk Moon, Hyeok Chan Kwon, Seungmin Lee, Jae Hoon Nah, Taek Yong Nam, Dong Il Seo
-
Publication number: 20120163594Abstract: A security label generation apparatus for scalable content distribution, includes a scalable content transmitter for receiving service level requirements of a user and network bandwidth information over a network and generating security labels and encrypted scalable units. Further, the security label generation apparatus includes a scalable content receiver for receiving the encrypted scalable units and the security labels from the scalable content transmitter and for decrypting, decoding, playing, modifying, storing or redistributing the encrypted scalable units based on the security labels. Furthermore, the security label generation apparatus includes scalable content storage for searching for scalable content and metadata corresponding to a request of the scalable content transmitter.Type: ApplicationFiled: December 19, 2011Publication date: June 28, 2012Applicant: Electronics and Telecommunications Research InstituteInventors: Yong-Hyuk MOON, Dong il SEO, Jae Hoon NAH, Hyeokchan KWON, Seungmin LEE, Taek Yong NAM, Dae-Hee SEO
-
Publication number: 20120163595Abstract: An encryption method for providing layered access control for scalable media includes encrypting the scalable media using different encryption keys for respective layers of the scalable media to create a protected content; providing the protected content to a first user terminal; selectively inserting part or all of the encryption keys into a key area of a right object based on the grade of the first user terminal to generate a first right object; and providing the first right object to the first user terminal.Type: ApplicationFiled: December 19, 2011Publication date: June 28, 2012Applicant: Electronics and Telecommunications Research InstituteInventors: Hyeok Chan KWON, Taek Yong NAM, Seungmin LEE, Dae-Hee SEO, Yong Hyuk MOON, Jae Hoon NAH, Dong il SEO
-
Publication number: 20120159532Abstract: A content sharing method performed in a content redistribution device based on a non-realtime IPTV service includes transmitting a secret key in password information of a user of the content redistribution device to an IPTV service server and storing a public key corresponding to the secret key; and transmitting an event message for content request to the IPTV service server to request a non-realtime IPTV service. Further, the content sharing method includes receiving contents requested in the event message for content requesting from the IPTV service server; and decoding the received contents and encrypting the decoded contents using the public key. Furthermore, the content sharing method includes transmitting the contents encrypted using the public key to content recipient devices; and generating an event message for content sharing using the public key to transmit the generated event message to the content recipient devices.Type: ApplicationFiled: June 23, 2011Publication date: June 21, 2012Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Dae-Hee SEO, Hyeok Chan KWON, Seungmin LEE, Yong Hyuk MOON, Jae Hoon NAH, Taek Yong NAM, Dong Il SEO
-
Publication number: 20120159161Abstract: An authentication apparatus for a non-real-time IPTV system decrypts a first encrypted value included in a contents request message received from a device using a preset session key, and then verifies the validity of the contents request message. If the verification results of the contents request message are valid, the authentication apparatus encrypts a variation between timestamps of the authentication apparatus and the device using the session key, and then generates a second encrypted value. After verification information by which the device is capable of verifying the authentication apparatus has been generated using the second encrypted value, the authentication apparatus sends verification information, together with contents corresponding to the contents request message, to the device.Type: ApplicationFiled: June 28, 2011Publication date: June 21, 2012Applicant: Electronics and Telecommunications Research InstituteInventors: Dae-Hee SEO, Hyeok-Chan KWON, Seung-Min LEE, Yong-Hyuk MOON, Jae-Hoon NAH, Taek-Yong NAM, Dong-Il SEO
-
Publication number: 20110145560Abstract: An adaptive security policy based scalable video service apparatus includes a video streaming server, an adaptive security policy server and a terminal. The video streaming server receives a service demand via a network and generates an encrypted streaming data. The adaptive security policy server analyzes a media structure and the service demand, by using a service profile received from the video streaming server, so as to generate a security policy description. The terminal generates and transmits the service demand to the video streaming server or the adaptive security server, obtains the encrypted streaming data from the video streaming server and decrypts the encrypted streaming data for playback, storing and retransmission.Type: ApplicationFiled: May 6, 2010Publication date: June 16, 2011Applicant: Electronics and Telecommunications Research InstituteInventors: Yong Hyuk MOON, Hyeok Chan KWON, Seungmin LEE, Jae Hoon NAH, Taek Yong NAM, Dong Il SEO
-
Patent number: 7840811Abstract: Provided is a network system using diameter authentication, authorization and accounting (AAA) infrastructure to support the bootstrapping of a Mobile Internet Protocol version 6 (IPv6) mobile node. The network system includes a mobile node equipped with Mobile IPv6, an attendant which is accessed by the mobile node when the mobile node moves toward a new network, an AAA local server which supports AAA processes for the mobile node in a local network, an AAA home server which supports AAA processes for the mobile node in a home network, and supports initial settings during the bootstrapping of the mobile node, and a home agent which handles binding update (BU) and binding acknowledgement (BA) regarding the mobile node. The AAA home server can configure initial settings for the mobile node that is authenticated by the AAA local server so that the mobile node can be effectively bootstrapped.Type: GrantFiled: December 7, 2006Date of Patent: November 23, 2010Assignee: Electronics and Telecommunications Research InstituteInventors: Jae Hoon Nah, Hyeok Chan Kwon, Jong Soo Jang
-
Publication number: 20100135488Abstract: An SVC encryption apparatus includes: an encoding/encryption unit for performing SVC (Scalable Video Coding) encoding on input data contents and carrying out encryption for data in accordance with a first encryption condition to generate a corresponding SVC bitstream; and a NAL (Network Adaptation Layer) data analysis unit for analyzing NAL data of the generated SVC bitstream to find out NAL data satisfying a second encryption condition. Further, the SVC encryption apparatus includes a conditional NAL data encryption unit for encrypting the extracted NAL data in accordance with the second encryption condition; and a bitstream transmitting unit for transmitting the SVC bitstream with encrypted NAL data.Type: ApplicationFiled: June 23, 2009Publication date: June 3, 2010Applicant: Electronics and Telecommunications Research InstituteInventors: Seungmin LEE, Yong Hyuk MOON, Ja-Beom GU, Hyeok Chan KWON, Yong-Sung JEON, Taek Yong NAM, Jae Hoon NAH
-
Patent number: 7649897Abstract: There are provided an apparatus and method for transmitting data in a network system using network address translation. The method for transmitting data includes the steps of receiving a global network address corresponding to a local network address from a router using network address translation; encoding data using the global network address; and transmitting the encoded data to an external host on the global network via the router. Since the network address to be translated through the network address translation can be anticipated and substituted in real time during the transmission of the data, a variety of security services can be provided without significant modifications to the existing system, and accordingly, it is anticipated that the Internet protocol version 6 can be increasingly used.Type: GrantFiled: December 31, 2002Date of Patent: January 19, 2010Assignee: Electronics and Telecommunications Research InstituteInventors: Geon-woo Kim, Jae-hoon Nah, Sung-won Sohn
-
Patent number: 7535872Abstract: A network apparatus and packet routing method for ubiquitous computing are provided. In the network apparatus, a movement detection unit detects movement from a first network to a second network, and a movement address setting unit generates care-of-address (CoA) information corresponding to prefix information of the second network. A movement registration unit registers a movement address by transmitting a binding update message containing the generated CoA and home address (HoA) mapping information, to a home agent. A resource setting unit registers information on current terminal apparatuses among network terminal apparatuses on the second network. A packet distribution unit distributes the received packet to a current terminal apparatus corresponding to the application characteristic of the packet received from the home agent based on the information on the current terminal apparatuses.Type: GrantFiled: August 19, 2004Date of Patent: May 19, 2009Assignee: Electronics and Telecommunications Research InstituteInventors: Jung Hoon Jee, Jae Hoon Nah, Taek Yong Nam, Sung Won Sohn
-
Publication number: 20080137663Abstract: An identifier verification method for determining whether an identifier of a second peer node is reliable, at first peer node, in a distributed peer to peer network without a server, the network having a plurality of peer nodes connected to an Internet, the identifier verification method including: obtaining the identifier of the second peer node; requesting identifier verification for checking whether the identifier of the second peer node is forged, by using a cryptographic method via a third peer node randomly selected, when receiving a request for the identifier verification from a user; and verifying reliability of the identifier of the second peer node depending on a result of the identifier verification request.Type: ApplicationFiled: August 25, 2007Publication date: June 12, 2008Applicant: Electronics and Telecommunications Research InstituteInventors: Ja Beom Gu, Jae Hoon Nah, Hyeok Chan Kwon, Jong Soo Jang
-
Publication number: 20070177550Abstract: Provided are a method for providing virtual private network (VPN) services to a mobile node (MN) in an IPv6 network and a gateway using the same. The method includes: performing IKE (Internet key exchange) negotiation with an MN (mobile node) which has performed handover, acquiring SA (security association) and then authenticating a terminal of the MN; receiving a BU (binding update) message from the MN and verifying the BU message, storing new position information of the MN, transmitting a BA (binding acknowledgement) message and performing mobility processing; if the mobility processing is completed, performing IPsec processing on packets which the MN transmits to a CN (correspondent node), and transmitting the packets; and re-configuring and transmitting packets so that packets which the CN transmits to a home address of the MN can be transmitted to a CoA (Care-of-Address) of the MN.Type: ApplicationFiled: December 6, 2006Publication date: August 2, 2007Inventors: Hyeok Chan Kwon, Jae Hoon Nah, Jong Soo Jang