公开(公告)号：US08544093B2

公开(公告)日：2013-09-24

申请号：US13143594

申请日：2010-02-15

申请人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Makoto Carlos Miyauchi

发明人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Makoto Carlos Miyauchi

IPC分类号： H04L29/06

CPC分类号： G06F21/554

摘要： A malicious-module identification device identifies and deactivates a malicious module operating in an information processing device connected thereto via a network. The malicious-module identification device is provided with a reception unit for receiving results of tampering detection from a plurality of modules for detecting tampering, and a determination unit for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs. A deactivation unit outputs an instruction to deactivate the module identified as the malicious module.

摘要翻译： 恶意模块识别装置识别并去激活在经由网络与其连接的信息处理装置中工作的恶意模块。 恶意模块识别装置设置有用于从多个用于检测篡改的模块接收篡改检测结果的接收单元，以及用于假定多个模块中的模块是正常模块的确定单元，基于 假设在接收到的篡改检测结果中是否发生矛盾，并且在确定发生矛盾时，将假定为正常模块的模块识别为恶意模块。 停用单元输出禁用标识为恶意模块的模块的指令。

公开(公告)号：US08516574B2

公开(公告)日：2013-08-20

申请号：US12624739

申请日：2009-11-24

申请人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa

发明人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa

IPC分类号： G06F17/30 ,  G06F11/00

CPC分类号： G06F21/57

摘要： An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.

摘要翻译： 更新服务器从设备获取与保护控制模块和包括在安装模块组中的每个更新模块的篡改相关的验证结果。 更新服务器根据获取的验证结果确定设备的处理过程。 具体而言，如果判断出保护控制模块和每个更新模块是不正确的，则更新服务器将优先于非真实安装的撤销，向设备发送执行不正当保护控制模块的更新的指令 模块。

公开(公告)号：US20100031065A1

公开(公告)日：2010-02-04

申请号：US12443736

申请日：2007-11-02

申请人： Yuichi Futa ,  Kaoru Yokota ,  Masao Nonaka ,  Manabu Maeda ,  Natsume Matsuzaki

发明人： Yuichi Futa ,  Kaoru Yokota ,  Masao Nonaka ,  Manabu Maeda ,  Natsume Matsuzaki

IPC分类号： G06F12/14 ,  G06F11/07

CPC分类号： H04L9/3242 ,  H03K3/0315 ,  H04L9/0866

摘要： Provided is an information security apparatus (1100) that has enhanced stability and confidentiality of a hash key. The information security apparatus (1100) includes an information generating PUF unit (1104) that has tamper resistance set, using physical characteristics, so as to output a preset hash key, a partial error-correction information storage unit (1107) that stores partial error-correction information, an error correcting PUF unit (1106) that has tamper-resistance set, using physical characteristics, so as to output error-correcting PUF information, an error-correction information generating unit (1108) that generates error-correction information using partial correction information and the error-correcting PUF information, and an error correcting unit (1105) that corrects an error for the hash key outputted from the information generating PUF unit (1104) and outputs an error-corrected hash key.

摘要翻译： 提供了具有增强的散列密钥的稳定性和机密性的信息安全装置（1100）。 信息安全装置（1100）包括使用物理特性设置了防篡改设置的信息生成PUF单元（1104），以便输出预设的散列密钥，存储部分错误的部分纠错信息存储单元（1107） 校正信息，使用物理特性设置了防篡改设置的纠错PUF单元（1106），以便输出纠错PUF信息;纠错信息生成单元（1108），其使用 部分校正信息和错误校正PUF信息，以及纠错单元（1105），其纠正从信息生成PUF单元（1104）输出的散列密钥的错误，并输出纠错散列密钥。

公开(公告)号：US08600896B2

公开(公告)日：2013-12-03

申请号：US12601368

申请日：2008-11-06

申请人： Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Kaoru Yokota ,  Masao Nonaka ,  Yuji Unagami ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Marika Minagawa

发明人： Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Kaoru Yokota ,  Masao Nonaka ,  Yuji Unagami ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Marika Minagawa

IPC分类号： G06F21/00

CPC分类号： G06F21/57 ,  G06F8/65 ,  G06F21/562

摘要： To aim provide a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server (200), a replacement protection control module (121) to be used for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.

摘要翻译： 为了提供包括由多个安装模块组成的安装模块组（130）的软件更新装置。 每个更新模块具有从外部服务器（200）接收用于更新保护控制模块（120）的替换保护控制模块（121）的功能，所述保护控制模块具有验证预定应用是否已被 篡改。 每个安装模块同时运行由至少另一个同步运行的安装模块进行验证，以确定安装模块是否具有执行恶意操作的可能性。 如果任何安装模块被验证为具有执行恶意操作的可能性，则被验证为不具有可能性的另一个安装模块撤销已验证为具有可能性的任何安装模块。

公开(公告)号：US20110239297A1

公开(公告)日：2011-09-29

申请号：US13133029

申请日：2010-02-15

申请人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Makoto Carlos Miyauchi

发明人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Makoto Carlos Miyauchi

IPC分类号： G06F21/00

CPC分类号： H04N21/44236 ,  G06F21/55 ,  H04L2027/0034 ,  H04N1/0088

摘要： A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.

摘要翻译： 管理设备通过参考从信息安全设备接收到的监视结果来检测是否存在尚未被篡改的任何正常监视模块，并且当检测到存在时选择监视模块中的一个并假定所选监控模块已被篡改 与。 然后，监视装置依次从所选择的监视模块开始，参考监视结果，对所选择的监视模块以外的监控模块应用程序，该过程是假设任何监视模块确定监视模块被假定为被篡改 与正常也被篡改。 作为该过程的结果，当假定所有监视模块被篡改时，管理装置将所选择的监视模块确定为未被篡改的正常监视模块。

公开(公告)号：US20100180343A1

公开(公告)日：2010-07-15

申请号：US12601894

申请日：2008-11-06

申请人： Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Kaoru Yokota ,  Masao Nonaka ,  Yuji Unagami ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Marika Minagawa

发明人： Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Kaoru Yokota ,  Masao Nonaka ,  Yuji Unagami ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Marika Minagawa

IPC分类号： G06F21/22 ,  G06F11/00 ,  G06F9/445

CPC分类号： G06F21/57 ,  G06F21/51

摘要： To aim provide a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server (200), a replacement protection control module (121) to be used for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations.

摘要翻译： 为了提供包括由多个安装模块组成的安装模块组（130）的软件更新装置。 每个更新模块具有从外部服务器（200）接收用于更新保护控制模块（120）的替换保护控制模块（121）的功能，所述保护控制模块具有验证预定应用是否已被 篡改。 每个安装模块同时运行由至少另一个同步运行的安装模块进行验证，以确定安装模块是否具有执行恶意操作的可能性。

公开(公告)号：US08510608B2

公开(公告)日：2013-08-13

申请号：US12443736

申请日：2007-11-02

申请人： Yuichi Futa ,  Kaoru Yokota ,  Masao Nonaka ,  Manabu Maeda ,  Natsume Matsuzaki

发明人： Yuichi Futa ,  Kaoru Yokota ,  Masao Nonaka ,  Manabu Maeda ,  Natsume Matsuzaki

IPC分类号： G06F11/08 ,  G06F11/16

CPC分类号： H04L9/3242 ,  H03K3/0315 ,  H04L9/0866

摘要： Provided is an information security apparatus that has enhanced stability and confidentiality of a hash key. The information security apparatus includes an information generating PUF unit that has tamper resistance set, using physical characteristics, so as to output a preset hash key, a partial error-correction information storage unit that stores partial error-correction information, an error correcting PUF unit that has tamper-resistance set, using physical characteristics, so as to output error-correcting PUF information, an error-correction information generating unit that generates error-correction information using partial correction information and the error-correcting PUF information, and an error correcting unit that corrects an error for the hash key outputted from the information generating PUF unit and outputs an error-corrected hash key.

摘要翻译： 提供了一种具有增强的散列密钥的稳定性和机密性的信息安全装置。 信息安全装置包括使用物理特性设置了防篡改设置的信息生成PUF单元，以输出预设的散列密钥，存储部分纠错信息的部分纠错信息存储单元，纠错PUF单元 具有使用物理特性的防篡改集，以输出纠错PUF信息;纠错信息生成单元，其使用部分校正信息和纠错PUF信息生成错误校正信息，以及错误校正 用于校正从信息生成PUF单元输出的散列密钥的错误的单元，并输出纠错散列密钥。

公开(公告)号：US08347091B2

公开(公告)日：2013-01-01

申请号：US12438901

申请日：2007-11-02

申请人： Masao Nonaka ,  Natsume Matsuzaki ,  Yoshikatsu Ito ,  Kaoru Yokota ,  Yuichi Futa ,  Manabu Maeda

发明人： Masao Nonaka ,  Natsume Matsuzaki ,  Yoshikatsu Ito ,  Kaoru Yokota ,  Yuichi Futa ,  Manabu Maeda

IPC分类号： G06F21/00

CPC分类号： G06F21/31 ,  H04L9/3278

摘要： An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit (102) previously stores characteristic information indicating an input and output characteristic involving an environment change of an authentic authenticatee apparatus entitled to be authentic, an authenticating information transmitting unit (107) which transmits authenticating information to a portable medium (2), a response information receiving unit (108) which receives response information outputted from the portable medium (2) in response to an input of the authenticating information, an environment selecting unit (105) which identifies an environment of the portable medium (2), and a response information confirming unit (109) which determines whether or not the authenticating information and the response information satisfy the input and output characteristic indicated in the characteristic information stored in the authenticating information holding unit (102), and judges that the portable medium (2) is authentic in the case where the input and output characteristic is satisfied, the authenticating information and the response information being in the environment identified by said environment identifying unit.

摘要翻译： 使非法用户难以伪装并提高安全性的认证装置包括：认证信息保存单元（102）预先存储指示涉及有权认证的真实认证设备的环境变化的输入和输出特性的特征信息， 响应信息接收单元，响应于所述认证信息的输入，接收从所述便携式介质输出的响应信息;响应信息接收单元，用于向所述便携式介质发送认证信息;响应信息接收单元， 识别便携式介质（2）的环境的环境选择单元（105）以及响应信息确认单元（109），其确定认证信息和响应信息是否满足特征信息中指示的输入和输出特性 储存在澳大利亚 在所述输入输出特性满足的情况下判定所述便携式介质（2）是可信的，所述认证信息保持单元（102），所述认证信息和所述响应信息在由所述环境识别单元识别的环境中。

公开(公告)号：US20110271344A1

公开(公告)日：2011-11-03

申请号：US13143594

申请日：2010-02-15

申请人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Makoto Carlos Miyauchi

发明人： Yuji Unagami ,  Manabu Maeda ,  Yuichi Futa ,  Natsume Matsuzaki ,  Masao Nonaka ,  Hiroki Shizuya ,  Masao Sakai ,  Shuji Isobe ,  Eisuke Koizumi ,  Shingo Hasegawa ,  Makoto Carlos Miyauchi

IPC分类号： G06F21/00

CPC分类号： G06F21/554

摘要： A malicious-module identification device (200a) identifies and deactivates a malicious module operating in an information processing device (100a) connected thereto via a network. The malicious-module identification device is provided with a reception unit (2310) for receiving results of tampering detection from a plurality of modules for detecting tampering, a determination unit (210a) for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection, and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs, and a deactivation unit (2320) for outputting an instruction to deactivate the module identified as the malicious module.

摘要翻译： 恶意模块识别装置（200a）通过网络识别和去激活与其连接的信息处理装置（100a）中工作的恶意模块。 恶意模块识别装置设置有用于从多个用于检测篡改的模块接收篡改检测结果的接收单元（2310），用于假定多个模块中的模块是正常模块的确定单元（210a） 基于所述假设，确定在接收到的篡改检测结果中是否发生矛盾，以及在确定发生矛盾时将被认为是正常模块的模块识别为恶意模块;以及用于输出的停用单元（2320） 禁用标识为恶意模块的模块的指令。

公开(公告)号：US20090271860A1

公开(公告)日：2009-10-29

申请号：US12438901

申请日：2007-11-02

申请人： Masao Nonaka ,  Natsume Matsuzaki ,  Yoshikatsu Ito ,  Kaoru Yokota ,  Yuichi Futa ,  Manabu Maeda

发明人： Masao Nonaka ,  Natsume Matsuzaki ,  Yoshikatsu Ito ,  Kaoru Yokota ,  Yuichi Futa ,  Manabu Maeda

IPC分类号： H04L9/32

CPC分类号： G06F21/31 ,  H04L9/3278

摘要： An authenticator apparatus which makes it difficult for an unauthorized user to masquerade and enhances safety includes an authenticating information holding unit (102) previously stores characteristic information indicating an input and output characteristic involving an environment change of an authentic authenticatee apparatus entitled to be authentic, an authenticating information transmitting unit (107) which transmits authenticating information to a portable medium (2), a response information receiving unit (108) which receives response information outputted from the portable medium (2) in response to an input of the authenticating information, an environment selecting unit (105) which identifies an environment of the portable medium (2), and a response information confirming unit (109) which determines whether or not the authenticating information and the response information satisfy the input and output characteristic indicated in the characteristic information stored in the authenticating information holding unit (102), and judges that the portable medium (2) is authentic in the case where the input and output characteristic is satisfied, the authenticating information and the response information being in the environment identified by said environment identifying unit.

摘要翻译： 使非法用户难以伪装并提高安全性的认证装置包括：认证信息保存单元（102）预先存储指示涉及有权认证的真实认证设备的环境变化的输入和输出特性的特征信息， 响应信息接收单元，响应于所述认证信息的输入，接收从所述便携式介质输出的响应信息;响应信息接收单元，用于向所述便携式介质发送认证信息;响应信息接收单元， 识别便携式介质（2）的环境的环境选择单元（105）以及响应信息确认单元（109），其确定认证信息和响应信息是否满足特征信息中指示的输入和输出特性 储存在澳大利亚 在所述输入输出特性满足的情况下判定所述便携式介质（2）是可信的，所述认证信息保持单元（102），所述认证信息和所述响应信息在由所述环境识别单元识别的环境中。