摘要:
Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.
摘要:
A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.
摘要:
A malicious-module identification device identifies and deactivates a malicious module operating in an information processing device connected thereto via a network. The malicious-module identification device is provided with a reception unit for receiving results of tampering detection from a plurality of modules for detecting tampering, and a determination unit for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs. A deactivation unit outputs an instruction to deactivate the module identified as the malicious module.
摘要:
An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.
摘要:
A content playback device of the present invention includes a playback unit 200 operable to play back a content; a normal storage unit 250 that is not tamper-resistant; a secure storage unit 350 that is tamper-resistant; a first control sub-unit 230 that writes playback records indicating elapsed playback time of the content into the normal storage unit one by one at regular time intervals; and a second control sub-unit 330 that (i) writes monitoring records with respect to the playback records into the secure storage unit 350 one by one at irregular time intervals and (ii) determines that the playback records stored in the normal storage unit 250 have not been tampered with if a prescribed relation is satisfied between a specific time point obtained according to a latest one of the monitoring records and one of the playback records corresponding to the specific time point.
摘要:
A data storage apparatus is provided that realizes a measure against deterioration of a flash memory in which integrity check data is stored. A content playback apparatus (1000) uses a hash value of playback history information as integrity check data (confirmation data) for confirming whether the playback history information has been falsified. A first address calculation unit (1004) and a second address calculation unit (1006) determine a read-in address and a storage destination address for the integrity check data, with use of the hash value. Accordingly, the storage destination addresses can be diffused, thus enabling preventing deterioration of the flash memory.
摘要:
The present invention aims to perform tamper detection on a protection control module without having detection modules come to know the key data and functions thereof. The detection modules of the present invention perform tamper detection by verifying whether or not the correspondence between the input and output data of the application decryption process performed by the protection control module is correct. Furthermore, the present invention offers improved security against leaks of the application output data by the detection modules by having a plurality of detection modules verify different data blocks.
摘要:
In a server, an echo-request transmitting unit transmits echo-request data to a target device, and an echo-reply receiving unit receives echo-reply data from the target device. A time measuring unit measures, as the target time, the time required between transmission of the echo-request data and reception of the echo-reply data, and compares the target time with the reference time. In this way, the server judges whether the target device connected to its network belongs to a predetermined group.
摘要:
A measurement device includes: a first measurement unit (101) measuring first biological data at least k times (k≧2) to obtain any k first measurement values; a distributed-signature generation unit (104) executing signature operations for the k first measurement values using any various k distributed-signature keys, respectively, to generate k distributed signatures, where the k distributed-signature keys can reconstruct a signature generation key only when all of them are available; a signature synthesis unit (106) synthesizing the k distributed signatures together to reconstruct a signature; and a steady state verification unit (107) verifying, using a signature verification key corresponding to the signature generation key, whether or not the signature reconstructed by the signature synthesis unit is correct, where the correctness of the signature means that the k first measurement values are same values.
摘要:
To aim to provide an information security device capable of reducing a period necessary for performing a power operation used for secret communication or authentication. The information security device performs secret communication or authentication by calculating an exponentiation X̂d based on target data X and a secret value d using the window method. In the process of calculating the exponentiation X̂d, immediately after square of a random value R acquired for multiplication is repeatedly performed a predetermined number of times, for example 256 times, a result of square of the random value R is cancelled using a cancellation value S (=R̂(−2̂256)). This makes it unnecessary to perform cancellation processing that has been conventionally performed.