-
公开(公告)号:US10523446B2
公开(公告)日:2019-12-31
申请号:US14934261
申请日:2015-11-06
Inventor: Ayaka Ichijo , Manabu Maeda , Yuji Unagami
Abstract: Upon receiving a new CRL, a device with a large storage capacity in an authentication system detects another device connected to a controller to which this device is connecting, and determines whether or not to transmit the new CRL depending on the magnitude of the storage capacity of the device that has been detected.
-
公开(公告)号:US10440021B2
公开(公告)日:2019-10-08
申请号:US15358283
申请日:2016-11-22
Inventor: Yuji Unagami , Manabu Maeda , Tomoki Takazoe , Yoichi Masuda , Hideki Matsushima
Abstract: A first controller generates a first group key, executes first mutual authentication with devices within a group, and shares a first group key with devices that have succeeded in authentication. At least one controller within the group decides a coordinator that manages a group key used in common in the group, from controllers including a second controller newly joined in the group. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator. The coordinator performs encrypted communication within the group using the first group key. The coordinator generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executes third mutual authentication with the devices and controllers within the group, and updates the group key of the devices and controllers that have succeeded in authentication to the second group key.
-
公开(公告)号:US10116454B2
公开(公告)日:2018-10-30
申请号:US14930034
申请日:2015-11-02
Inventor: Tomoyuki Haga , Motoji Ohmori , Natsume Matsuzaki , Hideki Matsushima , Yuji Unagami , Manabu Maeda , Yoshihiro Ujiie
Abstract: In an authentication method according to the present disclosure, (1) a device transmits device history information with a CRL added thereto (hereinafter, device history information with added CRL) to a controller, (2) the controller transmits the device history information with added CRL to a server, and (3) if the version of the CRL included in the device history information with added CRL is older than the version of the CRL stored on the server, the server judges that the controller is unauthorized.
-
公开(公告)号:US09729332B2
公开(公告)日:2017-08-08
申请号:US14726633
申请日:2015-06-01
Inventor: Yuji Unagami , Motoji Ohmori , Natsume Matsuzaki , Hideki Matsushima , Tomoyuki Haga , Manabu Maeda , Yoshihiro Ujiie
CPC classification number: H04L9/3268 , G06F21/33 , G06F21/44 , H04L63/0823
Abstract: An authentication system according to the present disclosure includes a first controller connected to a first server via a first network, a second controller connected to a second server via a second network, and a device. The device compares a next issue date described in a first certificate revocation list acquired from the first controller and an issue date described in a second certificate revocation list acquired from the second controller thereby determining whether the first controller is invalid or not.
-
公开(公告)号:US09699185B2
公开(公告)日:2017-07-04
申请号:US14604964
申请日:2015-01-26
Inventor: Ayaka Ichijo , Motoji Ohmori , Manabu Maeda , Yuji Unagami
CPC classification number: H04L63/0876 , G06F21/30 , G06F21/44 , H04W12/06
Abstract: A server holds correspondence information in which a device identifier of a device for which an authentication process is successful and area network information concerning an area network including a controller are associated with each other. In the case where the authentication process is successful, the device holds area network information concerning an area network including a controller for which authentication is successful. In response to a connection request from a new device, the server checks whether an identifier of the new device is registered in the correspondence information. If the identifier is registered, the server determines whether the area network information associated with the identifier matches the area network information held by the new device. If the pieces of information do not match, the server detects the new device as an unauthorized device.
-
Patent Agency Ranking
公开(公告)号:US10135794B2
公开(公告)日:2018-11-20
申请号:US14923889
申请日:2015-10-27
Inventor: Yuji Unagami , Manabu Maeda , Hideki Matsushima
Abstract: When a device is connected to a home gateway, if a common connection method is selected, a not-high-security connection method is inevitably selected even for a connection of a high-capability device. In a cryptographic communication system according to the present disclosure, it is possible to select a high-security connection method taking into account a processing capability of the device. Furthermore, the connection method is allowed to be updated and thus when the security level of the connection method hitherto selected is imperiled, the connection method may be updated so as to maintain a high security level.
-
公开(公告)号:US10013576B2
公开(公告)日:2018-07-03
申请号:US14946531
申请日:2015-11-19
Inventor: Manabu Maeda , Yuji Unagami
IPC: G06F21/62
CPC classification number: G06F21/6254
Abstract: A history information anonymization method is provided that includes associating each of a plurality of pieces of history information collected from a plurality of TVs in a current cycle with a temporary ID associated with a TV at a collection destination. The method also includes getting together a plurality of IDs into a plurality of groups such that for the IDs in each group, contents of history information associated in the current cycle and in a past cycle are identical. The method further includes judging whether each of the plurality of groups satisfies anonymity, and changing only some of the plurality of temporary IDs associated with the plurality of TVs, when it is judged that any of the plurality of groups does not satisfy anonymity.
-
公开(公告)号:US10992667B2
公开(公告)日:2021-04-27
申请号:US16552445
申请日:2019-08-27
Inventor: Yuji Unagami , Manabu Maeda , Tomoki Takazoe , Yoichi Masuda , Hideki Matsushima
Abstract: A first controller generates a first group key, executes first mutual authentication with devices within a group, and shares the first group key with the devices that have succeeded in first mutual authentication. When a second controller joins the group, the first controller decides a coordinator that manages a group key used in common in the group. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator when the second mutual authentication is successful. The coordinator performs encrypted communication within the group using the first group key, generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executes third mutual authentication with the devices and a third controller, and updates the first group key of the devices and the third controller that have succeeded in the third authentication.
-
公开(公告)号:US10951400B2
公开(公告)日:2021-03-16
申请号:US16511293
申请日:2019-07-15
Inventor: Yuji Unagami , Manabu Maeda , Hideki Matsushima , Tomoki Takazoe , Yoichi Masuda
Abstract: An authentication method for a group of devices connected to a network includes selecting the first controller as a coordinator, the coordinator being configured to manage a group key to be used in common in the group. The method includes generating the group key, and performing first mutual authentication and second mutual authentication. The method also includes sharing the group key with each device for which the first mutual authentication has been successful, and sharing the group key with each second controller for which the second mutual authentication has been successful. The method further includes encrypting transmission data by using the group key to generate encrypted data, generating, authentication data by using the group key, and simultaneously broadcasting a message to each device for which the first mutual authentication has been successful and each second controller for which the second mutual authentication has been successful.
-
公开(公告)号:US10713106B2
公开(公告)日:2020-07-14
申请号:US15770182
申请日:2016-12-09
Inventor: Masato Tanabe , Jun Anzai , Manabu Maeda , Yoshihiro Ujiie , Takeshi Kishikawa
Abstract: A communication unit receives a message in a network. A first anomaly detector detects an anomalous message by detecting values of a plurality of monitoring items from the message received by the communication unit and determining whether each of the detected values of the plurality of monitoring items is inside a corresponding first reference range and a corresponding second reference range. The second reference range is narrower than the first reference range. The first anomaly detector detects the message as the anomalous message, when any of the detected values is outside the first reference range, and detects the message as the anomalous message, when any of the detected values is inside the first reference range and is outside the second reference range and when a predetermined rule is satisfied.
-
-
-
-
-
-
-
-
-
Search Results
14
records
(took 0.018 seconds)
