Abstract: Disclosed is a multiple column keyword pattern matching apparatus configured to match multiple column keyword patterns including a plurality rows and a plurality of columns with respect to a given text. The apparatus includes a multiple keyword matching portion configured to search for keywords included in the multiple column keyword pattern while scanning the given text and generate a keyword matching result including text position information in the given text of a found keyword as a keyword matching result corresponding to the found keyword, a matching result window updating portion configured to add the generated keyword matching result to a matching result window defined with a certain range, and a matching state table updating portion configured to update a matching state table which maintains matching numbers of keyword matching results included in the matching result window.

Abstract: Disclosed herein is a method of controlling access to a business cloud service. The method includes transmitting, as a service server receives a bushiness cloud service access request from a terminal of a service user, a single sign on (SSO) authentication request for integrated authentication of access of the service user to at least one business cloud service to an authentication server, requesting, as the authentication server receives the SSO authentication request, the terminal for authentication information of the service user and generating an authentication response by comparing the authentication information received from the terminal with prestored authentication information, and determining, by a reverse proxy server, a denial or permission of the access of the service user to the business cloud service by comparing context information extracted from the SSO authentication request and the authentication response with a preset policy.

Abstract: A method of detecting a change in a signature of Internet application traffic of an Internet application traffic protocol generated between a server and a client in a test automation system includes the steps of executing a test script to operate an application of the client, receiving an actual analysis result of analyzing the signature of the Internet application traffic generated according to the operation of the application from a protocol analysis device, comparing the actual analysis result with a predictive analysis result, and detecting whether there is a change in the signature from a comparison result of comparing the actual analysis result with the predictive analysis result.

Abstract: Provided are a network-based high performance SAP monitoring system and method, including a hardware engine selecting packets to be updated from input packets by performing session-based filtering and pattern matching on the input packets, identifying to which application protocol belongs among dynamic information and action gateway (DIAG) protocol, remote function call (RFC) protocol, and hypertext transfer protocol (HTTP) protocol, and adding identification information of the identified application protocol to the packet to be uploaded and a software engine including a DIAG processor processing the DIAG protocol, RFC processor processing the RFC protocol, and HTTP processor processing the HTTP protocol, when receiving the packet added with the identification information from the hardware engine, referring SAP application protocol identification information, extracting data transmitted and received between servers of an SAP client and one of the DIAG processor, RFC processor, and HTTP processor, thereby sort

Abstract: Provided is a cloud data discovery method which includes storing cloud application program interface (API) authentication information for each cloud service and accessing user data stored in a corresponding cloud service using the stored cloud API authentication information and checking the user data according to a preset data loss prevention (DLP) policy.

Abstract: A method of detecting a change in a signature of Internet application traffic of an Internet application traffic protocol generated between a server and a client in a test automation system includes the steps of executing a test script to operate an application of the client, receiving an actual analysis result of analyzing the signature of the Internet application traffic generated according to the operation of the application from a protocol analysis device, comparing the actual analysis result with a predictive analysis result, and detecting whether there is a change in the signature from a comparison result of comparing the actual analysis result with the predictive analysis result.

Abstract: Provided are a network-based high performance SAP monitoring system and method, including a hardware engine selecting packets to be updated from input packets by performing session-based filtering and pattern matching on the input packets, identifying to which application protocol belongs among dynamic information and action gateway (DIAG) protocol, remote function call (RFC) protocol, and hypertext transfer protocol (HTTP) protocol, and adding identification information of the identified application protocol to the packet to be uploaded and a software engine including a DIAG processor processing the DIAG protocol, RFC processor processing the RFC protocol, and HTTP processor processing the HTTP protocol, when receiving the packet added with the identification information from the hardware engine, referring SAP application protocol identification information, extracting data transmitted and received between servers of an SAP client and one of the DIAG processor, RFC processor, and HTTP processor, thereby sort

Abstract: Provided are an information protection apparatus and system. The information protection apparatus based on Windows, Unix, or Linux includes a first check unit, a second check unit, and a security measure unit. The first check unit checks whether there is a file including monitoring information among a plurality of check target files in a local storage area, according to a predetermined check policy. The second check unit checks whether there is a file including the monitoring information among the check target files in a sharing storage area of a file system that is shared in a network drive type in an NFS scheme. The security measure unit performs a security measure conforming to a predetermined security policy for the file including the monitoring information.

Abstract: Provided are an apparatus and method for monitoring web application telecommunication data by user.

Abstract: Provided are a traffic analysis apparatus and method. The traffic analysis apparatus includes an analysis unit and a policy application unit. The analysis unit determines whether a network packet between at least one client and a server is a packet of a pre-registered SAP session, and, when the network packet is not the packet of the pre-registered SAP session, the analysis unit determines whether the network packet is a packet of a new SAP session. The policy application unit determines whether the network packet includes predetermined monitoring information when the network packet is the packet of the pre-registered SAP session or new SAP session and, when the network packet includes the monitoring information, the policy application unit performs a response action conforming to a predetermined security policy.

Abstract: Disclosed are a system and a method for printed matter security. A method for printed matter security according to an exemplary embodiment of the present invention includes: receiving policy information, information of a monitoring application program, and pattern information of personal information from a security server; inserting a printing interruption module in the monitoring application program when the monitoring application program corresponding to the information of the application program is executed; storing a content of a printing request by interrupting the printing request of the monitoring application program by the printing interruption module; verifying whether the personal information is included in the content of the printing request, using the pattern information; and performing an information protection function corresponding to the policy information when the personal information is included in the content of the printing request.

Abstract: Provided are a traffic analysis apparatus and method. The traffic analysis apparatus includes an analysis unit and a policy application unit. The analysis unit determines whether a network packet between at least one client and a server is a packet of a pre-registered SAP session, and, when the network packet is not the packet of the pre-registered SAP session, the analysis unit determines whether the network packet is a packet of a new SAP session. The policy application unit determines whether the network packet includes predetermined monitoring information when the network packet is the packet of the pre-registered SAP session or new SAP session and, when the network packet includes the monitoring information, the policy application unit performs a response action conforming to a predetermined security policy.

Abstract: Provided are an information protection apparatus and system. The information protection apparatus based on Windows, Unix, or Linux includes a first check unit, a second check unit, and a security measure unit. The first check unit checks whether there is a file including monitoring information among a plurality of check target files in a local storage area, according to a predetermined check policy. The second check unit checks whether there is a file including the monitoring information among the check target files in a sharing storage area of a file system that is shared in a network drive type in an NFS scheme. The security measure unit performs a security measure conforming to a predetermined security policy for the file including the monitoring information.

Abstract: Disclosed are a mobile DLP system and method. The mobile DLP system includes a general storage that allows an access in a normal mode and a security mode, an encrypted virtual storage that disallows an access in the normal mode and allows an access in the security mode, a management program that designates the general storage as a write/read area in the normal mode and designates the general storage and the virtual storage as the write/read area in the security mode, a fuse that intercepts a file input/output of an application program including the management program to again set a file input/output path as the virtual storage according to a command of the management program in the security mode, and a VFS engine that performs a bridge function between the application program of an application layer and the fuse of a kernel layer.

Abstract: Provided is a network-based data loss prevention (DLP) system. The network-based DLP system includes a FPGA engine including a pattern matcher and a MCP engine including a session list filter. The a pattern matcher hash-processes a payload of an input packet in units of a certain size, compares a pre-stored pattern and the hash-processed packet, checks a matching rule ID and an upload channel ID corresponding to the pre-stored pattern when there is a match therebetween, adds tagging information to a header of the input packet, and outputs the packet. The session list filter receives the packet with the tagging information added thereto, and performs pre-registered processing on the pre-registered session, or passes the received packet. The processor uploads, forwards, or drops the received packet in correspondence with the matching rule ID.

Abstract: Provided are an apparatus and method for monitoring web application telecommunication data by user.

Abstract: Disclosed are a system and a method for printed matter security. A method for printed matter security according to an exemplary embodiment of the present invention includes: receiving policy information, information of a monitoring application program, and pattern information of personal information from a security server; inserting a printing interruption module in the monitoring application program when the monitoring application program corresponding to the information of the application program is executed; storing a content of a printing request by interrupting the printing request of the monitoring application program by the printing interruption module; verifying whether the personal information is included in the content of the printing request, using the pattern information; and performing an information protection function corresponding to the policy information when the personal information is included in the content of the printing request.