摘要:
A malicious-module identification device identifies and deactivates a malicious module operating in an information processing device connected thereto via a network. The malicious-module identification device is provided with a reception unit for receiving results of tampering detection from a plurality of modules for detecting tampering, and a determination unit for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs. A deactivation unit outputs an instruction to deactivate the module identified as the malicious module.
摘要:
An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.
摘要:
Provided is an information security apparatus (1100) that has enhanced stability and confidentiality of a hash key. The information security apparatus (1100) includes an information generating PUF unit (1104) that has tamper resistance set, using physical characteristics, so as to output a preset hash key, a partial error-correction information storage unit (1107) that stores partial error-correction information, an error correcting PUF unit (1106) that has tamper-resistance set, using physical characteristics, so as to output error-correcting PUF information, an error-correction information generating unit (1108) that generates error-correction information using partial correction information and the error-correcting PUF information, and an error correcting unit (1105) that corrects an error for the hash key outputted from the information generating PUF unit (1104) and outputs an error-corrected hash key.
摘要:
To aim provide a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server (200), a replacement protection control module (121) to be used for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.
摘要:
A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.
摘要:
To aim provide a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server (200), a replacement protection control module (121) to be used for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations.
摘要:
Provided is an information security apparatus that has enhanced stability and confidentiality of a hash key. The information security apparatus includes an information generating PUF unit that has tamper resistance set, using physical characteristics, so as to output a preset hash key, a partial error-correction information storage unit that stores partial error-correction information, an error correcting PUF unit that has tamper-resistance set, using physical characteristics, so as to output error-correcting PUF information, an error-correction information generating unit that generates error-correction information using partial correction information and the error-correcting PUF information, and an error correcting unit that corrects an error for the hash key outputted from the information generating PUF unit and outputs an error-corrected hash key.
摘要:
An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit (102) previously stores characteristic information indicating an input and output characteristic involving an environment change of an authentic authenticatee apparatus entitled to be authentic, an authenticating information transmitting unit (107) which transmits authenticating information to a portable medium (2), a response information receiving unit (108) which receives response information outputted from the portable medium (2) in response to an input of the authenticating information, an environment selecting unit (105) which identifies an environment of the portable medium (2), and a response information confirming unit (109) which determines whether or not the authenticating information and the response information satisfy the input and output characteristic indicated in the characteristic information stored in the authenticating information holding unit (102), and judges that the portable medium (2) is authentic in the case where the input and output characteristic is satisfied, the authenticating information and the response information being in the environment identified by said environment identifying unit.
摘要:
A malicious-module identification device (200a) identifies and deactivates a malicious module operating in an information processing device (100a) connected thereto via a network. The malicious-module identification device is provided with a reception unit (2310) for receiving results of tampering detection from a plurality of modules for detecting tampering, a determination unit (210a) for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection, and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs, and a deactivation unit (2320) for outputting an instruction to deactivate the module identified as the malicious module.
摘要:
An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit (102) previously stores characteristic information indicating an input and output characteristic involving an environment change of an authentic authenticatee apparatus entitled to be authentic, an authenticating information transmitting unit (107) which transmits authenticating information to a portable medium (2), a response information receiving unit (108) which receives response information outputted from the portable medium (2) in response to an input of the authenticating information, an environment selecting unit (105) which identifies an environment of the portable medium (2), and a response information confirming unit (109) which determines whether or not the authenticating information and the response information satisfy the input and output characteristic indicated in the characteristic information stored in the authenticating information holding unit (102), and judges that the portable medium (2) is authentic in the case where the input and output characteristic is satisfied, the authenticating information and the response information being in the environment identified by said environment identifying unit.