Abstract: A license managing device sets a security area for storing a license file, maintains the security area as an encoded file in an inactive state of the security area by encoding the security area, maintains the security area as a directory in an active state of the security area by decoding the security area, and encodes a license file by using a file encoding key according to the user's request and stores the same in a security area in an active state of the security area.

Abstract: A content protection apparatus using a white-box encryption table includes: a random number generation unit for generating a random number; a white-box encryption table for encrypting the random number and user information provided from a user to generate an encrypted output value; and an operation unit for performing an operation between the encrypted output value and data inputted from an outside to encrypt or decrypt the data.

Abstract: Disclosed is an authentication method using barcodes. the authentication method includes: converting into a first barcode and outputting, by a first user device, authentication related information provided from a service providing server; receiving, by a second user device, the first barcode; generating, by the second user device, signature information or authentication information on the authentication related information by using a signature key or a certificate; and providing, by the second user device, the signature information or the authentication information to the service providing server.

Abstract: A data encoding apparatus for verifying data integrity by using a white box cipher includes: an encoding unit for encoding content by using a white box cipher table; and an arithmetic logic unit for performing an arithmetic logic operation on the white box cipher table and content information to output an encoded white box cipher table. The arithmetic logic operation is an exclusive OR operation. The content information is license information of the content or hash value of the license information of the content.

Abstract: A system for tracking an illegal distributor and preventing an illegal content distribution includes: a forensic mark generator for receiving content and a content identification code from a content providing apparatus to generate a forensic mark; a forensic mark database for storing the generated forensic mark; a forensic mark insertion unit for inserting the forensic mark into the content; and a content database for storing the content into which the forensic mark has been inserted. The system further includes a content transmitter for transmitting the content into which the forensic mark has been inserted to the content utilization apparatus.

Abstract: Disclosed herein is a method of verifying key validity and a server for performing the method. The method is configured such that a service provision server verifies key validity in an anonymous service for providing local linkability. The service provision server receives a revocation list. A local revocation list is generated using the received revocation list and a secret key. A virtual index of a service user required to verify key validity is calculated. Whether a key of the service user is valid is verified, based on whether the virtual index is included in the local revocation list.

Abstract: The present invention relates to a content protection apparatus and method using binding of additional information to an encryption key. The content protection apparatus includes an encryption unit for creating an encryption key required to encrypt data requested by a user terminal and then generating encrypted data in which the data is encrypted. An additional information management unit manages additional information including authority information about the encrypted data. A White-Box Cryptography (WBC) processing unit generates a WBC table required to bind the encryption key corresponding to the encrypted data to the additional information. A bound data generation unit generates bound data in which the encrypted key is bound to the additional information, using a cipher included in the WBC table.

Abstract: A group signature system includes: a key issuer server for generating a first parameter of a group public key, generating a corresponding master issuing key, and issuing a signature key to a user when a user device joins; an opener server for generating a second parameter of the group public key, and a corresponding master opening key and master linking key; and a linker server for checking whether two valid signatures have been linked by using the master linking key when the two signatures corresponding to a group public key are given. The group signature system further includes: a signature verifying unit for confirming a validity of the given signatures and a signer information confirming unit for confirming a validity of singer confirming information generated by the opener server.

Abstract: There is provided an anonymous service method of providing local linkability. The anonymous service method providing local linkability according to exemplary embodiments of the invention, an anonymous authentication operation based on a short group signature is performed, for which the concept of a local linkability is introduced to secure linkability within the same service domain. Namely, in the interior of a service provider, a virtual index having a fixed value is calculated for each service user, and in this case, although a plurality of service providers collude with each other, they cannot calculate a virtual index having the same value, whereby the linkability can be secured within the same service domain but not within the interiors of different service domains.

Abstract: Provided is a digital rights management system, in which a process of combining digital content created by the original author with first metadata indicated with rights information of the original author and a process of combining revised digital content with second metadata indicated with rights information of a secondary author, are respectively and separately performed at the server and terminal sides. Thus, the digital rights management system can reduce the load generated at the server side compared to a system in which the server side performs both of the above processes.

Abstract: A license managing device sets a security area for storing a license file, maintains the security area as an encoded file in an inactive state of the security area by encoding the security area, maintains the security area as a directory in an active state of the security area by decoding the security area, and encodes a license file by using a file encoding key according to the user's request and stores the same in a security area in an active state of the security area.

Abstract: Conditionally traceable anonymous service system is provided. The system respectively separates subject conforming real name, subject conforming anonymity, subject requesting verification for an anonymity certification means, so that privacy of a user is hardly violated, the present invention can acquire real name information for the user only when a trace for a user is surely requested.

Abstract: An intrusion detection system and method of a wireless network providing wireless communication to one or more wireless terminal, and an intrusion detection sensor capable of detecting attacks against wireless network are provided. The intrusion detection system of a wireless network includes: an access point providing wireless communication to a wireless terminal; and an intrusion detection sensor examining packets transmitted and received between the access point and a wireless terminal according to a predetermined detection rule. The access point transmits confirmation information on whether or not an event packet, including critical information on whether or not a wireless line connection between the access point and the wireless terminal is established, is transmitted, to the intrusion detection sensor, and the intrusion detection sensor examines an event packet by using the confirmation information.

Abstract: A method of setting a communication environment between a mobile terminal and a smart card using a layered architecture of a protocol stack is disclosed. The mobile terminal and the smart card are provided with a plurality of applications and a plurality of applications, respectively, and also provided with a transmission layer for receiving and transferring the data and an application layer for processing the data. The answer-to-reset signal which is a response of the smart card comprises an information on the communication environment supported by the smart card, as well as an information contained in the typical answer-to-reset. Therefore, in case of setting the communication environment between the smart card and the mobile terminal, the communication environment very suitable for the relevant application can be dynamically established, so that a stable communication channel can be promptly provided to a user of the mobile terminal employing the smart card.