![Page 1: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/1.jpg)
1
스마트가전 해킹사례 및 보안성평가∙인증 방안
김 승 주
정보보증연구실
정보보호학부∙정보보호대학원
고려대학교
![Page 2: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/2.jpg)
2
![Page 3: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/3.jpg)
3
Smart-CE Hacking
IT Security Evaluation
Security Evaluation @ USA
Security Evaluation @ Korea
Smart-CE Security Evaluation
Contents
![Page 4: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/4.jpg)
4
Smart-CE Hacking
![Page 5: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/5.jpg)
5
Traditional Consumer Environment
![Page 6: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/6.jpg)
6
Modern Consumer Environment
![Page 7: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/7.jpg)
7
Security?
(2004)
![Page 8: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/8.jpg)
8
Smart Phone Hacking
![Page 9: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/9.jpg)
9
Smart Car Hacking
![Page 10: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/10.jpg)
10
Smart TV Hacking (1/6)
![Page 11: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/11.jpg)
11
Smart TV Hacking (2/6)
Seungjin (beist) Lee @ CanSecWest 2013
![Page 12: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/12.jpg)
12
Smart TV Hacking (3/6)
Hijack Highway Sign!
Hackers send fake message through Emergency Alert System (Feb. 2013)
![Page 13: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/13.jpg)
13
Smart TV Hacking (4/6)
Hijack TV Program?
![Page 14: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/14.jpg)
14
Phishing !
Pharming !
Vishing = Telephone + Phishing !
Smishing = SMS + Phishing !
Tvishing = TV + Phishing ?
Smart TV Hacking (5/6)
![Page 15: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/15.jpg)
15
Smart TV Hacking (6/6)
![Page 16: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/16.jpg)
16
Robot Vacuum Cleaner Hacking (1/3)
![Page 17: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/17.jpg)
17
Robot Vacuum Cleaner Hacking (2/3)
![Page 18: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/18.jpg)
18
Robot Vacuum Cleaner Hacking (3/3)
![Page 19: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/19.jpg)
19
Smart Air Conditioner Hacking (1/2)
![Page 20: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/20.jpg)
20
Smart Air Conditioner Hacking (2/2)
![Page 21: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/21.jpg)
21
IT Security Evaluation
![Page 22: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/22.jpg)
“A few lines of code can wreak more havoc than a bomb.”
- Tom Ridge
(Former) Secretary of the U.S. Department of Homeland Security
22
Coding Errors that Affect Security
![Page 23: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/23.jpg)
23
A process for evaluating and certifying that the security functions of IT product(H/W, F/W, S/W) are implemented effectively and correctly.
For this, checking if a developer (1) follows the software engineering process, and (2) makes a product secure against all known vulnerabilities.
IT Security Evaluation?
![Page 24: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/24.jpg)
24
Gain assurance from knowledge of developers process
ISO 9000
SEI(Software Engineering Institute)'s Capability Maturity Model(CMM)
System Security Engineering Capability Maturity Model (SSE-CMM) http://www.sse-cmm.org
[Note] Certifying Process
![Page 25: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/25.jpg)
25
Security Evaluation @ USA
![Page 26: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/26.jpg)
26
Security Evaluation @ USA
Crypto algorithms implemented in security products
“Algorithm”
H/W Security, EMI/EMC, etc.
Various security functions of IT security product
“Product”
Identification & Authentication function, etc.
“Module”
“System” Limitations of CC (1) : Integration issues of component TOEs may not be adequately evaluated and should be evaluated by another means.
“Environment” Limitations of CC (2) : The evaluation takes place in a laboratory, not the operational environment.
CAVP
Cryptographic Algorithm Validation Program
CMVP(FIPS140-2)
ISO/IEC 19790
Cryptographic Module Validation Program
NIAP(CC)
ISO/IEC 15408
National Information Assurance Program
DITSCAP
DoD IT Security Certification and Accreditation Program
NIST C&A
Certification and Accreditation
![Page 27: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/27.jpg)
27
Early 1980s : Government, military drove early evaluation processes
Their desire to use commercial products led to businesses developing methodologies for evaluating security, trustworthiness of systems
Methodologies provide combination of
Functional requirements
Assurance requirements
Levels of trust
Brief History (1/3)
![Page 28: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/28.jpg)
28
1985: DOD 5200.28STD (Orange Book, or TCSEC): standard reference for computer security for DoD Developed by National Computer Security Center, US
Dept. of Defense
Specifies evaluation classes (C1, C2, B1, B2, B3, A1)
Specifies functionality and assurance requirements for each class
Heavily influenced by Bell-LaPadula model and reference monitor concept
Emphasizes confidentiality Integrity addressed by *-property
Brief History (2/3)
![Page 29: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/29.jpg)
29
Mid 80s - Mid 90s: The Red Book (Trusted Network Interpretation (TNI) of
the Orange Book)
Series that expanded on Orange Book in specific areas was called “Rainbow Series”
FIPS-140 for commercial/civilian government cryptographic modules (DES, AES)
Canada, UK, European Community develop standards similar to and beyond the Orange Book
Mid 90s onward: Common Criteria
Brief History (3/3)
![Page 30: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/30.jpg)
30
CC Evaluation (1/2)
PP
ST
TOE (+ 평가제출물)
ST 평가
TOE 평가
Sufficiency
Correctness
RFP
Proposal
Product (+ 관련 문서)
제안서 심사
검 수
Traceability
![Page 31: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/31.jpg)
31
EAL 4+의 경우, EAL 4까지는 인정되나, 추가된 패밀리에 대해서는 타국가에서 인정되지 않을 수 있음(이는 각 국가별 정책에 따라 다를 수 있음)
CC Evaluation (2/2)
![Page 32: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/32.jpg)
32
Security Evaluation @ Korea
![Page 33: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/33.jpg)
33
정보보호시스템 조달체계 (1/2)
![Page 34: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/34.jpg)
34
정보보호시스템 조달체계 (2/2)
![Page 35: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/35.jpg)
35
암호모듈검증제도 (1/2)
기타 보안기능
CC
암호기능
KCMVP
![Page 36: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/36.jpg)
36
암호모듈검증제도 (2/2)
기타 보안기능
암호기능
CC KCMVP
![Page 37: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/37.jpg)
37
국가용암호제품지정제도 (1/3)
암호기능
기타 보안기능
KCMVP CC
![Page 38: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/38.jpg)
38
국가용암호제품지정제도 (2/3)
암호기능
기타 보안기능
KCMVP CC 국가용암호제품지정제도
![Page 39: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/39.jpg)
39
국가용암호제품지정제도 (3/3)
국가용 암호제품 지정제도 대상제품군은 암호가 주 기능인 ‘암호기반 제품’이며 상세 제품군은 다음과 같음.
![Page 40: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/40.jpg)
40
국제용 인증서 국내용 인증서
국제용 CC v.s. 국내용 CC (1/2)
![Page 41: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/41.jpg)
41
∗ CCRA 수준의 제품 평가
∗ 국제용 평가 인증서는 CCRA 회원국들 간에 상호 인정됨
국제용 평가인증제도
∗ 평가보증등급에서 요구하는 평가항목 중 보안기능과 취약성시험을 제외한
일부 항목을 표본추출하여 평가
∗ 국내용 평가 인증서는 국내에서만 인정됨
국내용 평가인증제도
※ 국제용, 국내용 인증서 모두 국내에서는 동일한 효력을 가짐
국제용 CC v.s. 국내용 CC (2/2)
![Page 42: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/42.jpg)
42
Smart-CE Security Evaluation
![Page 43: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/43.jpg)
43
NSTISSP #11 Guidance IA & IA-Enabled Products
NSA Involvement in Product Evaluation
NSA Evaluated Product List
NIAP - Certified CCTL Evaluations
FIPS evaluated under CMVP
(FIPS 140-1 or 140-2)
Validated Product List http://csrc.nist.gov/cryptval
Type 1 Crypto for Classified
Lev
el 1
L
evel
2
Lev
el 3
L
evel
4
EAL
Basic
robustness
products
Medium
robustness
products
High
robustness
products
4
7
6
5
3
2
1
0
4+
CMVP Labs • Atlan • Cygnacom (CEAL) • CoACT • EWA • Domus • InfoGard
NIAP Labs • Booz Allen
Hamilton • Cable & Wireless • CoACT • Criterian
Levels Of Robustness
Crypto Modules and Algorithms
• CSC • Cygnacom • InfoGard • SAIC
IT Products and PP
CC’s Target
![Page 44: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/44.jpg)
44
CC’s Time and Expense
![Page 45: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/45.jpg)
45
![Page 46: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/46.jpg)
46
![Page 47: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/47.jpg)
47
TTA Certified 시험인증
TTA Certified
TTA, ITU, IEEE 등에서 제정한
공인된 시험인증 표준에 적합함을 인증
• 시험인증 대상
• 시험인증 절차
분야 대상 시험인증 기준
네트워크분야 DSRC 장비 TTAS.KO-06.0025, TTAS.KO-06.0052, TTAS.KO-06.0053
인터넷전화 서비스 인터넷전화 업무처리지침(2004.10)
디지털방송분야
데이터방송 수신기 TTAS.OT-07.0001, (A/101) ACAP-J profile
지상파 DMB 수신기 TCB-0007/R02: 2009, TCB-0011/R01:2009, TCB-0010/R01:2009
케이블방송 수신기 디지털유선방송 송수신 정합표준
이동통신분야 휴대폰충전기 TTAS.KO-06.0029, TTAS.KO-06.0030/R1
자급단말기 TCM-6001/R00 : 2012
소프트웨어분야 주민등록증 단말기 행정안전부 고시 제2009-60, '09.10.8
STEP 1 STEP 2 STEP 3 STEP 4 STEP 5 STEP 6
신청 및 상담 계약 시험 성적서 발행 인증심의 인증서 발행
![Page 48: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/48.jpg)
48
TTA Verified 시험인증
• 시험인증 대상
• 시험인증 절차
분야 대상 시험인증 기준
네트워크분야
IPv6 IPv6 표준적합성 및 상호운용성 인증기준(TCN-0024/R00) 등 관련 표준
MMoIP(VoIP) 행정기관 인터넷전화 보안규격 V3.0 등 관련 표준
홈네트워크 홈네트워크 인증기준(TTA-V-N-05-006-CC11) 등 관련 표준
디지털방송분야
케이블방송 수신기 : 셋톱박스/DTV
디지털유선방송송수신정합표준(TTAS.KO-07.0020/R4)
지상파방송 수신기 : 자막 방송 기능 내장 셋톱박스/DTV
지상파 디지털TV 자막방송표준(TTAS.KO-07.0050)
광송수신기 광송수신기 시험절차(TTAS.OT-03.0018~0021)
MPEG Player 일반용 MPEG-2 인코더 인증기준(TCB-0034/R01:2011) 등 관련 표준
TTA Verified TTA가 자체적으로 정한 시험인증기준에 적합함을 인증
STEP 1 STEP 2 STEP 3 STEP 4 STEP 5 STEP 6
신청 및 상담 계약 시험 성적서 발행 인증심의 인증서 발행
![Page 49: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/49.jpg)
49
스마트 가전 보안성 시험인증(안)
TESTING &
CERTIFICATION
자체 보안성 시험인증기준을 마련하여 , 스마트 가전(Smart TV, Smart Phone, SetTop Box 등)에 대한 보안성 시험인증 서비스 제공
보안기준 규격마련
Smart Device의 안정성과 신뢰성을 확보하기 위한 보안 기준 및 규격 개발
시험방안 마련
Smart Device의 보안 기준 및 규격에 대한 적합성 시험 기준 및 방법론 개발
시험인증 수행
Smart Device 보안성 시험인증 서비스 제공
추진 방향
OR
![Page 50: 스마트가전 해킹사례 및 보안성평가 인증 방안myucc.cafe24.com/pdf/세션3/(2)_스마트가전 해킹... · 2013-04-15 · • Cygnacom (CEAL) • CoACT • EWA •](https://reader033.vdocuments.net/reader033/viewer/2022042000/5e6d18503add8159175ada01/html5/thumbnails/50.jpg)
50
Prof. Seungjoo Kim
E-Mail : [email protected]
Homepage(Lab) : http://www.kimlab.net
Homepage(Personal) : http://www.skim.name
Facebook : www.fb.com/skim71
Twitter : @skim71
스마트가전 해킹사례 및 보안성평가∙인증 방안