公开(公告)号：US08438402B2

公开(公告)日：2013-05-07

申请号：US12919313

申请日：2009-03-19

申请人： Hideki Matsushima ,  Natsume Matsuzaki ,  Kaoru Yokota ,  Tomoyuki Haga

发明人： Hideki Matsushima ,  Natsume Matsuzaki ,  Kaoru Yokota ,  Tomoyuki Haga

IPC分类号： G06F21/24

CPC分类号： G06F21/6209 ,  G06F21/554 ,  G06F21/556 ,  G06F2221/2105 ,  G06F2221/2151 ,  H04L63/12 ,  H04L63/123 ,  H04L63/1416 ,  H04L63/1441 ,  H04L2463/101

摘要： An electronic terminal performs early detection of unauthorized analysis thereon and prevents unauthorized acquisition and falsification of confidential information that is not to be released to a third party. The electronic terminal stores confidential information that is protected by consecutive application of a plurality of protection measures for defense against an attack from a third party. The electronic terminal monitors for attacks to the protection measures from an external source, and upon detecting an attack on one protection measure, updates a protection state of the confidential information to a new protection state in which either a new protection measure has been added to a protection path from the one attacked protection means to the confidential information, or the one protection measure on the path has been updated to a higher defense level.

摘要翻译： 电子终端能够对其进行未经授权的分析的早期检测，防止未被发布给第三方的机密信息的未经授权的获取和伪造。 电子终端存储通过连续应用多个保护措施来保护以防止来自第三方的攻击的机密信息。 电子终端监视来自外部源的对保护措施的攻击，并且在检测到对一个保护措施的攻击时，将机密信息的保护状态更新为新的保护状态，其中新的保护措施已被添加到 从一个受到攻击的保护手段到保密信息的保护路径，或者路径上的一个保护措施已经更新到更高的防御级别。

公开(公告)号：US20130103355A1

公开(公告)日：2013-04-25

申请号：US13639585

申请日：2012-03-21

申请人： Yuji Unagami ,  Natsume Matsuzaki ,  Motoji Ohmori ,  Hideki Matsushima ,  Yuichi Futa ,  Tomoyuki Haga

发明人： Yuji Unagami ,  Natsume Matsuzaki ,  Motoji Ohmori ,  Hideki Matsushima ,  Yuichi Futa ,  Tomoyuki Haga

IPC分类号： G01D9/00

CPC分类号： G01D9/005 ,  B60L3/12 ,  B60L11/1838 ,  B60L11/1846 ,  B60L11/1861 ,  B60L2240/622 ,  B60L2240/70 ,  B60L2240/80 ,  H01M10/42 ,  H02J7/0021 ,  Y02T10/7005 ,  Y02T10/7044 ,  Y02T10/705 ,  Y02T10/7055 ,  Y02T10/7072 ,  Y02T10/7291 ,  Y02T90/121 ,  Y02T90/128 ,  Y02T90/14 ,  Y02T90/16 ,  Y02T90/162 ,  Y02T90/163 ,  Y02T90/169 ,  Y04S30/14

摘要： A battery history information management device for managing history information of a secondary battery includes: a connection determination unit which determines whether a charge/discharge device connected to the secondary battery is (i) a first charge/discharge device connected via a communication network to a server which manages the history information or (ii) a second charge/discharge device not connected to the server; a battery history recording unit which records, when it is determined that the charge/discharge device is the second charge/discharge device, charge/discharge history for second charge/discharge device into battery history data; and a history upload control unit which transmits, when it is determined that the charge/discharge device is the first charge/discharge device, the battery history data to the server via the first charge/discharge device.

摘要翻译： 用于管理二次电池的历史信息的电池历史信息管理装置包括：连接确定单元，确定连接到二次电池的充电/放电装置是否是（i）经由通信网络连接到第二充电/放电装置的第一充电/放电装置， 管理历史信息的服务器或（ii）未连接到服务器的第二充电/放电装置; 电池历史记录单元，当确定充电/放电装置是第二充电/放电装置时，将第二充电/放电装置的充电/放电历史记录为电池历史数据; 以及历史上传控制单元，当确定所述充电/放电装置是所述第一充电/放电装置时，经由所述第一充电/放电装置向所述服务器发送所述电池历史数据。

公开(公告)号：US08219827B2

公开(公告)日：2012-07-10

申请号：US12484537

申请日：2009-06-15

申请人： Kenneth Alexander Nicolson ,  Hideki Matsushima ,  Hisashi Takayama ,  Takayuki Ito ,  Tomoyuki Haga ,  Manabu Maeda

发明人： Kenneth Alexander Nicolson ,  Hideki Matsushima ,  Hisashi Takayama ,  Takayuki Ito ,  Tomoyuki Haga ,  Manabu Maeda

IPC分类号： H04L29/06

CPC分类号： G06F21/57 ,  H04L9/3268 ,  H04L2209/80

摘要： A method manages optional trusted components that are active within a device, such that the device itself controls the availability of trusted components. The device includes: a storing unit storing a plurality of pieces of software and a plurality of certificates; a receiving unit receiving the certificates; and a selecting unit selecting one of the certificates. The device further includes an executing unit verifying an enabled one of the plurality of pieces of software using the selected and updated one of the certificates.

摘要翻译： 方法管理在设备内活动的可选可信组件，使得设备本身控制受信任组件的可用性。 该装置包括：存储单元，存储多个软件和多个证书; 接收单元接收证书; 以及选择单元，选择证书之一。 所述设备还包括执行单元，其使用所选择和更新的所述证书来验证所述多个软件中的启用的一个软件。

公开(公告)号：US20120117566A1

公开(公告)日：2012-05-10

申请号：US13382327

申请日：2011-04-19

申请人： Manabu Maeda ,  Hideki Matsushima ,  Tomoyuki Haga ,  Kenneth Alexander Nicolson

发明人： Manabu Maeda ,  Hideki Matsushima ,  Tomoyuki Haga ,  Kenneth Alexander Nicolson

IPC分类号： G06F9/455

CPC分类号： G06F21/53 ,  G06F9/45533 ,  G06F21/556

摘要： Provided is an information processing device which is capable of preventing data leakage caused by a malicious application or malicious device driver and of allowing cooperation among virtual machines. The information processing device (110) includes: an external connection unit (1309) which connects to an external device; and a communication control unit which obtains data from a first virtual machine (1002), transmits the data to a second virtual machine (1003), and transmits, to the external connection unit, transmission completion information indicating that the data is already transmitted to the second virtual machine, wherein the external connection unit (i) determines, based on the transmission completion information, whether or not a virtual machine is the second virtual machine to which the data is already transmitted, when the external connection unit receives, from the virtual machine, a request for a connection to the external device, and (ii) permit a connection between the virtual machine and the external device, when the external connection unit determines that the virtual machine is not the second virtual machine to which the data is already transmitted.

摘要翻译： 提供一种信息处理装置，其能够防止恶意应用或恶意设备驱动器引起的数据泄漏并允许虚拟机之间的协作。 信息处理设备（110）包括：外部连接单元（1309），其连接到外部设备; 以及通信控制单元，其从第一虚拟机（1002）获取数据，将数据发送到第二虚拟机（1003），并向外部连接单元发送指示已经发送了数据的传输完成信息 第二虚拟机，其中，所述外部连接单元（i）基于所述传输完成信息确定所述虚拟机是否是已经发送了所述数据的所述第二虚拟机，所述外部连接单元从所述虚拟机 机器，连接到外部设备的请求，以及（ii）当所述外部连接单元确定所述虚拟机不是所述数据已经到达的所述第二虚拟机时，允许所述虚拟机与所述外部设备之间的连接 传输。

公开(公告)号：US08127168B2

公开(公告)日：2012-02-28

申请号：US12377320

申请日：2008-06-04

申请人： Manabu Maeda ,  Tomoyuki Haga ,  Takayuki Ito ,  Hideki Matsushima ,  Yuichi Futa

发明人： Manabu Maeda ,  Tomoyuki Haga ,  Takayuki Ito ,  Hideki Matsushima ,  Yuichi Futa

IPC分类号： G06F1/00

CPC分类号： G06F1/3203 ,  G06F9/45558 ,  G06F9/4856 ,  G06F9/4893 ,  G06F21/57 ,  Y02D10/24 ,  Y02D10/32

摘要： A data processing device including an inter-VM notification management unit 1242, a resuming judgment unit 1244 and a scheduled interruption time acquisition unit 1245, such that, when it is necessary to notify a virtual machine in a power-saving state, the resuming judgment unit 1244 judges whether to cause the virtual machine to return from the power saving state, based on a time until an interruption acquired by the scheduled interruption time acquisition unit 1245. This structure prevents unnecessary transitions between states, and realizes the power saving for the apparatus.

摘要翻译： 一种包括VM间通知管理单元1242，恢复判断单元1244和调度中断时间获取单元1245的数据处理设备，使得当需要在省电状态下通知虚拟机时，恢复判断 单元1244基于直到由调度中断时间获取单元1245获取的中断的时间来判断是否使虚拟机从省电状态返回。这种结构防止了状态之间的不必要的转换，并且实现了设备的功率节省 。

公开(公告)号：US20110066838A1

公开(公告)日：2011-03-17

申请号：US12991516

申请日：2009-05-25

申请人： Hisashi Takayama ,  Hideki Matsushima ,  Takayuki Ito ,  Tomoyuki Haga ,  Kenneth Alexander Nicolson ,  Manabu Maeda

发明人： Hisashi Takayama ,  Hideki Matsushima ,  Takayuki Ito ,  Tomoyuki Haga ,  Kenneth Alexander Nicolson ,  Manabu Maeda

IPC分类号： G06F9/24

CPC分类号： H04L9/3263 ,  G06F21/575 ,  H04L9/3236 ,  H04L2209/80

摘要： The present invention provides an information processing apparatus that is capable of continuously performing secure boot between module groups in the case where software of a terminal device consists of module groups provided by a plurality of providers, while keeping independence between the providers. The information processing apparatus is provided with a linkage certificate that contains a first configuration comparison value 503, which indicates a cumulative hash value of the first module group to be started up by secure boot, and a module measurement value 505, which indicates a hash value of the first module of the second module group to be started up by secure boot. After the secure boot of the first module group, it is verified that the first module group has been started up by comparison with the first configuration comparison value 503. Then, the second module group is started up by secure boot by starting up the first module of the second module group whose completeness has been verified by comparison with the module measurement value 505. When a module of the first module group is updated, the linkage certificate update unit 135 updates the linkage certificate.

摘要翻译： 本发明提供一种信息处理装置，其能够在终端装置的软件由多个提供者提供的模块组成的情况下连续地执行模块组之间的安全引导，同时保持提供者之间的独立性。 该信息处理装置设置有连接证书，该连接证书包含表示通过安全引导启动的第一模块组的累积哈希值的第一配置比较值503以及指示散列值的模块测量值505 通过安全启动来启动第二个模块组的第一个模块。 在第一模块组的安全引导之后，通过与第一配置比较值503进行比较来验证第一模块组已经被启动。然后，通过启动第一模块来启动第二模块组， 通过与模块测量值505进行比较来验证其完整性的第二模块组。当第一模块组的模块被更新时，连接证书更新单元135更新连接证书。

公开(公告)号：US20100185845A1

公开(公告)日：2010-07-22

申请号：US12676960

申请日：2008-09-30

申请人： Hisashi Takayama ,  Hideki Matsushima ,  Takayuki Ito ,  Tomoyuki Haga ,  Kenneth Alexander Nicolson

发明人： Hisashi Takayama ,  Hideki Matsushima ,  Takayuki Ito ,  Tomoyuki Haga ,  Kenneth Alexander Nicolson

IPC分类号： G06F21/22 ,  G06F9/445

CPC分类号： G06F21/575

摘要： A terminal that performs secure boot processing when booting, thereby booting reliably even if, during updating of a software module, the power is cut off or the update is otherwise interrupted. The terminal comprises a CPU, a software module storage unit, a certificate storage unit, an updating unit for updating the software module and certificate, a security device provided with a configuration information storage unit for storing the configuration information of the software module, an alternate configuration information storage unit for storing the configuration information of a software module in the configuration before the update, and a boot control unit for verifying and executing the software module by using the certificate. The terminal verifies the certificate of the software module by comparing the configuration information stored by the configuration information storage unit with the configuration information stored by the alternate configuration information storage unit.

摘要翻译： 在启动时执行安全引导处理的终端，即使在更新软件模块期间断电或更新被中断的情况下也可以可靠地引导。 终端包括CPU，软件模块存储单元，证书存储单元，用于更新软件模块和证书的更新单元，设置有用于存储软件模块的配置信息的配置信息存储单元的安全设备， 配置信息存储单元，用于存储在更新之前的配置中的软件模块的配置信息;以及引导控制单元，用于通过使用证书来验证和执行软件模块。 终端通过将由配置信息存储单元存储的配置信息与备用配置信息存储单元存储的配置信息进行比较来验证软件模块的证书。

公开(公告)号：US20090204806A1

公开(公告)日：2009-08-13

申请号：US12306816

申请日：2007-07-02

申请人： Kouichi Kanemura ,  Yoshikatsu Ito ,  Tomoyuki Haga ,  Hideki Matsushima ,  Takayuki Ito

发明人： Kouichi Kanemura ,  Yoshikatsu Ito ,  Tomoyuki Haga ,  Hideki Matsushima ,  Takayuki Ito

IPC分类号： G06F21/22 ,  G06F11/00

CPC分类号： G06F21/10 ,  G06F21/445 ,  G06F21/51 ,  G06F21/57 ,  G06F21/575 ,  G06F2221/2129 ,  H04L9/0822 ,  H04L9/0866 ,  H04L9/3234

摘要： An authentication system that can show having an authentic computer program, can certify the authenticity of itself, and can verify the certification. The authentication system is composed of a terminal (requesting device) and a card (verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. With this structure, the terminal is forced to update the program when it attempts to use the secret information.

摘要翻译： 可以显示具有真实的计算机程序的认证系统可以证明其本身的真实性，并且可以验证认证。 认证系统由终端（请求装置）和卡（验证装置）组成。 该卡存储终端使用的秘密信息和终端的更新程序。 该卡使用从终端获得的信息来验证终端的真实性。 当该终端判断该终端是可信的时，该卡将该秘密信息输出到该终端。 当判断终端不可信时，卡会输出更新程序。 利用这种结构，终端在尝试使用秘密信息时被强制更新程序。

公开(公告)号：US20140250183A1

公开(公告)日：2014-09-04

申请号：US14113258

申请日：2012-12-26

申请人： Yuji Unagami ,  Tomoyuki Haga ,  Natsume Matsuzaki

发明人： Yuji Unagami ,  Tomoyuki Haga ,  Natsume Matsuzaki

IPC分类号： H04L29/08 ,  H04L12/28

CPC分类号： H04L67/10 ,  G06Q10/06 ,  G06Q50/06 ,  H04L12/2807 ,  H04L12/2809 ,  H04L12/281 ,  H04L12/283 ,  H04M3/5166

摘要： A management apparatus which collects, from a home appliance, home appliance information which is information related to the home appliance and provides a user with to-be-provided information which is information obtained from the collected home appliance information, includes: a managing unit which manages the home appliance information; and a home appliance information holding unit which holds, in association with each other, (i) the home appliance information and (ii) share information which is for sharing the home appliance information and is associated with the user. The managing unit refers to data held by the home appliance information holding unit when a request for to-be-provided information is issued by the user, obtains the home appliance information held in association with share information identical to the share information associated with the user, and provides the user with to-be-provided information obtained from the obtained information.

摘要翻译： 从家用电器收集作为与家用电器相关的信息并向用户提供作为从所收集的家电信息获得的信息的待提供信息的家用电器信息的管理装置包括：管理单元， 管理家电信息; 以及家用电器信息保持单元，其彼此相关地保持（i）家用电器信息和（ii）共享用于家用电器信息并与用户相关联的信息。 管理单元是指当用户发出要提供的信息的请求时由家用电器信息保持单元保存的数据，获取与与用户相关联的共享信息相同的共享信息相关联地保存的家电信息 并向用户提供从获得的信息获得的待提供信息。

公开(公告)号：US20050256796A1

公开(公告)日：2005-11-17

申请号：US10523194

申请日：2003-11-06

申请人： Tomoyuki Haga ,  Ryuichi Okamoto ,  Mitsuhiro Inoue

发明人： Tomoyuki Haga ,  Ryuichi Okamoto ,  Mitsuhiro Inoue

IPC分类号： G06Q30/00 ,  H04L12/18 ,  H04L29/06 ,  H04L29/08 ,  G06F17/00 ,  G06F3/00 ,  G06F9/00 ,  G06F17/60

CPC分类号： H04L12/1809 ,  G06Q30/08 ,  G06Q50/16 ,  H04L29/06 ,  H04L67/20 ,  H04L67/303 ,  H04L67/306 ,  H04L69/329

摘要： The present invention provides a mutual rating system in which objects, such as users, content, and terminal devices, on the network can be rated and ratings for the objects can be checked without using a server. In the rating system, objects (users, content, terminal devices, etc.) associated with a network (3) are rated. The mutual rating system is connected to the network (3), and includes: a plurality of third party terminals (1(#3)) having stored therein rating information related to objects previously rated by the user; and content demanding terminal devices (1(#1)) for collecting rating information related to desired objects from all online rating information stoning terminal devices. Each content demanding terminal device (I(# I )) analyzes rating information collected from the third party terminal devices (1(#3)) to obtain a rating for a desired object.

摘要翻译： 本发明提供一种相互评价系统，其中可以在不使用服务器的情况下检查网络上的诸如用户，内容和终端设备之类的对象可以被评估并且可以对对象进行评级。 在评级系统中，对与网络（3）相关联的对象（用户，内容，终端设备等）进行评级。 相互评价系统连接到网络（3），并且包括：多个第三方终端（1（＃3）），其中存储与用户先前评价的对象相关的评价信息; （1（＃1）），用于从所有在线评分信息扔入终端装置收集与期望对象相关的评级信息。 每个要求要求的终端装置（I（＃I））分析从第三方终端装置（1（＃3））收集的评级信息，以获得期望对象的评级。