PROXY-BASED SECURITY SYSTEM FOR GUARANTEEING AVAILABILITY

摘要

The present invention relates to a proxy-based security system for guaranteeing availability. The proxy-based security system according to the present invention comprises: a reception queue unit which receives, from the computer of a user, a data packet containing information designed to be transmitted to a database management system server serving as a final destination, and transmits the received data packet to a transmission control unit and a proxy ACL unit; said proxy ACL unit, which receives the data packet from the reception queue unit, sets the database management system server as a destination address of the data packet, and transmits the data packet to a transmission queue unit; said transmission control unit which determines, using a prestored security system policy program, whether or not to transmit the data packet transmitted from the reception queue unit, generates command data having a transmission permission signal or a transmission cutoff signal, and transmits the command data to the transmission queue unit; and said transmission queue unit which receives the data packet from the proxy ACL unit, receives the command data from the transmission control unit, transmits, if the command data has a transmission permission signal, the data packet received from the proxy ACL unit to the database management system server, changes, if the command data has a transmission cutoff signal, an information data portion, excluding a header portion of the data packet transmitted from the proxy ACL unit, to a cutoff message data portion, and transmits the data packet to the database management system server, and further transmits, if no command data is transmitted from the transmission control unit for a set period of time from the point in time when the reception queue unit receives the data packet, said data packet received from the proxy ACL unit to the database management system server. According to the above-described present invention, both the connected session and a new session may not be affected by failures occurring in the transmission control unit, thus guaranteeing the availability of the security system.