-
1.发明授权公开(公告)号:US08769312B2
公开(公告)日:2014-07-01
申请号:US13513664
申请日:2011-10-19
申请人: Yuji Unagami , Yuichi Futa , Natsume Matsuzaki , Hiroki Shizuya , Eisuke Koizumi , Shingo Hasegawa
发明人: Yuji Unagami , Yuichi Futa , Natsume Matsuzaki , Hiroki Shizuya , Eisuke Koizumi , Shingo Hasegawa
CPC分类号: G06F21/55 , G06F21/51 , G06F21/554 , G06F21/575 , H04L9/085 , H04L9/3236 , H04L9/3247
摘要: Tampering monitoring system can detect whether protection control module is tampered with even if some of detection modules are tampered with. Tampering monitoring system includes protection control module detection modules, and management device. Protection control module includes: generation unit generating d pieces of distribution data from computer program, n and d being positive integers, d smaller than n; selection unit selecting d detection modules; and distribution unit distributing d pieces of distribution data to d detection modules. Each detection module judges whether received piece of distribution data is authentic to detect whether protection control module is tampered with, and transmits judgment result indicating whether protection control module is tampered with. Management device receives judgment results from d detection modules and manages protection control module with regard to tampering by using received judgment results.
摘要翻译: 篡改监控系统可以检测保护控制模块是否被篡改,即使某些检测模块被篡改。 篡改监控系统包括保护控制模块检测模块和管理设备。 保护控制模块包括:生成单元,从计算机程序生成d个分布数据,n和d为正整数,d小于n; 选择单元选择d个检测模块; 分配单元将d个分发数据分配给d个检测模块。 每个检测模块判断接收的分发数据是否可信,以检测保护控制模块是否被篡改,并发送指示保护控制模块是否被篡改的判断结果。 管理设备从d检测模块接收判断结果,并通过使用收到的判断结果管理篡改的保护控制模块。
-
2.发明授权公开(公告)号:US08707430B2
公开(公告)日:2014-04-22
申请号:US13089433
申请日:2011-04-19
申请人: Yuji Unagami , Yuichi Futa , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa
发明人: Yuji Unagami , Yuichi Futa , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa
CPC分类号: G06F11/3048 , G06F11/3065 , G06F21/12 , G06F21/552 , G06F21/6281 , G06F2221/2103 , G06F2221/2143
摘要: An information security apparatus includes a plurality of monitoring modules that monitor for tampering. A management apparatus includes a reception unit that receives a plurality of monitoring results each generated by a source monitoring module monitoring a target monitoring module; a detection unit that detects an abnormality by referring to fewer than all of the received monitoring results; and an identification unit that identifies, when an abnormality is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from the target of monitoring to the source of monitoring, starting from the monitoring module that generates the monitoring result related to the abnormality.
摘要翻译: 信息安全装置包括监视篡改的多个监视模块。 管理装置包括:接收单元,其接收由监视目标监视模块的源监视模块生成的多个监视结果; 检测单元,通过参照少于全部所接收到的监视结果来检测异常; 以及识别单元,其在检测到异常时识别从(i)产生与异常相关的监视结果的监视模块中被篡改的监视模块,以及(ii)由所述异常检测到的一个或多个监视模块, 从产生与异常相关的监测结果的监控模块开始,通过连续监控模块从监控目标追溯到监控源。
-
3.发明申请ILLEGAL MODULE IDENTIFYING DEVICE, INFORMATION PROCESSING DEVICE, ILLEGAL MODULE IDENTIFYING METHOD, ILLEGAL MODULE IDENTIFYING PROGRAM, INTEGRATED CIRCUIT, ILLEGAL MODULE DISABLING SYSTEM, AND ILLEGAL MODULE DISABLING METHOD 有权非法模块识别设备,信息处理设备,非法模块识别方法,非法模块识别程序,集成电路,非法模块禁用系统和非法模块禁用方法公开(公告)号:US20110271344A1
公开(公告)日:2011-11-03
申请号:US13143594
申请日:2010-02-15
申请人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Makoto Carlos Miyauchi
发明人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Makoto Carlos Miyauchi
IPC分类号: G06F21/00
CPC分类号: G06F21/554
摘要: A malicious-module identification device (200a) identifies and deactivates a malicious module operating in an information processing device (100a) connected thereto via a network. The malicious-module identification device is provided with a reception unit (2310) for receiving results of tampering detection from a plurality of modules for detecting tampering, a determination unit (210a) for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection, and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs, and a deactivation unit (2320) for outputting an instruction to deactivate the module identified as the malicious module.
摘要翻译: 恶意模块识别装置(200a)通过网络识别和去激活与其连接的信息处理装置(100a)中工作的恶意模块。 恶意模块识别装置设置有用于从多个用于检测篡改的模块接收篡改检测结果的接收单元(2310),用于假定多个模块中的模块是正常模块的确定单元(210a) 基于所述假设,确定在接收到的篡改检测结果中是否发生矛盾,以及在确定发生矛盾时将被认为是正常模块的模块识别为恶意模块;以及用于输出的停用单元(2320) 禁用标识为恶意模块的模块的指令。
-
4.发明授权公开(公告)号:US08930660B2
公开(公告)日:2015-01-06
申请号:US12526668
申请日:2008-01-31
申请人: Manabu Maeda , Masao Nonaka , Yuichi Futa , Kaoru Yokota , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Masaki Yoshida
发明人: Manabu Maeda , Masao Nonaka , Yuichi Futa , Kaoru Yokota , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Masaki Yoshida
CPC分类号: H04L63/0823 , H04L9/085 , H04L9/0891
摘要: A distributing device for generating private information correctly even if shared information is destroyed or tampered with. A shared information distributing device for use in a system for managing private information by a secret sharing method, including: segmenting unit that segments private information into a first through an nth pieces of shared information; first distribution unit that distributes the n pieces of shared information to n holding devices on a one-to-one basis; and second distribution unit that distributes the n pieces of shared information to the n holding devices so that each holding device holds an ith piece of shared information distributed by the first distribution unit, as well as a pieces of shared information being different from the ith piece of shared information in ordinal position among n pieces of shared information, “i” being an integer in a range from 1 to n.
-
5.发明授权公开(公告)号:US08800038B2
公开(公告)日:2014-08-05
申请号:US13375912
申请日:2011-04-15
申请人: Yuichi Futa , Yuji Unagami , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa
发明人: Yuichi Futa , Yuji Unagami , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa
CPC分类号: G06F21/55 , G06F21/57 , G06F2221/2123 , G06F2221/2143
摘要: Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.
摘要翻译: 提供了可以识别在多个监视模块中被篡改的监视模块的篡改监视系统。 一种管理装置,具备获取单元,其获取未被篡改的新的监视模块;生成单元,其通过修改获取的监视模块来生成诱饵监视模块;发送单元,将所述诱饵监视模块发送到所述信息 安全装置,使信息安全装置安装诱饵监视模块,在安装了诱饵监视模块之后从信息安全装置接收监视其他监视模块的监视模块生成的监视结果的接收部,以及 确定单元,其通过参考所接收的监视结果来识别监视模块,其将所述诱饵监视模块确定为有效并且将所识别的监视模块确定为无效。
-
6.发明授权公开(公告)号:US08726374B2
公开(公告)日:2014-05-13
申请号:US13133029
申请日:2010-02-15
申请人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Makoto Carlos Miyauchi
发明人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Makoto Carlos Miyauchi
IPC分类号: H04N21/442 , H04N1/00 , G06F21/55 , H04L27/00
CPC分类号: H04N21/44236 , G06F21/55 , H04L2027/0034 , H04N1/0088
摘要: A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.
摘要翻译: 管理设备通过参考从信息安全设备接收到的监视结果来检测是否存在尚未被篡改的任何正常监视模块,并且当检测到存在时选择监视模块中的一个并假定所选监控模块已被篡改 与。 然后,监视装置依次从所选择的监视模块开始,参考监视结果,对所选择的监视模块以外的监控模块应用程序,该过程是假设任何监视模块确定监视模块被假定为被篡改 与正常也被篡改。 作为该过程的结果,当假定所有监视模块被篡改时,管理装置将所选择的监视模块确定为未被篡改的正常监视模块。
-
7.发明授权Illegal module identifying device, information processing device, illegal module identifying method, illegal module identifying program, integrated circuit, illegal module disabling system, and illegal module disabling method 有权非法模块识别装置,信息处理装置,非法模块识别方法,非法模块识别程序,集成电路,非法模块禁用系统和非法模块禁用方法公开(公告)号:US08544093B2
公开(公告)日:2013-09-24
申请号:US13143594
申请日:2010-02-15
申请人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Makoto Carlos Miyauchi
发明人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Makoto Carlos Miyauchi
IPC分类号: H04L29/06
CPC分类号: G06F21/554
摘要: A malicious-module identification device identifies and deactivates a malicious module operating in an information processing device connected thereto via a network. The malicious-module identification device is provided with a reception unit for receiving results of tampering detection from a plurality of modules for detecting tampering, and a determination unit for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs. A deactivation unit outputs an instruction to deactivate the module identified as the malicious module.
摘要翻译: 恶意模块识别装置识别并去激活在经由网络与其连接的信息处理装置中工作的恶意模块。 恶意模块识别装置设置有用于从多个用于检测篡改的模块接收篡改检测结果的接收单元,以及用于假定多个模块中的模块是正常模块的确定单元,基于 假设在接收到的篡改检测结果中是否发生矛盾,并且在确定发生矛盾时,将假定为正常模块的模块识别为恶意模块。 停用单元输出禁用标识为恶意模块的模块的指令。
-
8.发明授权Software update system, management apparatus, recording medium, and integrated circuit 有权软件更新系统,管理装置,记录介质和集成电路公开(公告)号:US08516574B2
公开(公告)日:2013-08-20
申请号:US12624739
申请日:2009-11-24
申请人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa
发明人: Yuji Unagami , Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Masao Nonaka , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa
CPC分类号: G06F21/57
摘要: An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.
摘要翻译: 更新服务器从设备获取与保护控制模块和包括在安装模块组中的每个更新模块的篡改相关的验证结果。 更新服务器根据获取的验证结果确定设备的处理过程。 具体而言,如果判断出保护控制模块和每个更新模块是不正确的,则更新服务器将优先于非真实安装的撤销,向设备发送执行不正当保护控制模块的更新的指令 模块。
-
9.发明申请INFORMATION PROCESSING DEVICE, MANAGEMENT DEVICE, ILLEGAL MODULE DETECTION SYSTEM, ILLEGAL MODULE DETECTION METHOD, RECORDING MEDIUM ON WHICH ILLEGAL MODULE DETECTION PROGRAM IS RECORDED, MANAGEMENT METHOD, RECORDING MEDIUM AND INTEGRATED CIRCUIT ON WHICH MANAGEMENT METHOD IS RECORDED 有权信息处理设备,管理设备,非法模块检测系统,非法模块检测方法,记录非法模块检测程序的记录介质,记录管理方法的管理方法,记录介质和集成电路公开(公告)号:US20110246783A1
公开(公告)日:2011-10-06
申请号:US13127806
申请日:2010-09-16
申请人: Yuji Unagami , Yuichi Futa , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Junya Iwazaki
发明人: Yuji Unagami , Yuichi Futa , Natsume Matsuzaki , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Junya Iwazaki
IPC分类号: G06F11/30
CPC分类号: H04L63/1416 , G06F11/16 , G06F21/121 , G06F21/44 , G06F21/556 , G06F2221/2103 , G06F2221/2107 , G06F2221/2129 , H04L9/085 , H04L9/0891 , H04L9/3234 , H04L9/3242 , H04L9/3263 , H04L9/3273 , H04L63/126
摘要: The present invention aims to perform tamper detection on a protection control module without having detection modules come to know the key data and functions thereof. The detection modules of the present invention perform tamper detection by verifying whether or not the correspondence between the input and output data of the application decryption process performed by the protection control module is correct. Furthermore, the present invention offers improved security against leaks of the application output data by the detection modules by having a plurality of detection modules verify different data blocks.
摘要翻译: 本发明的目的是在保护控制模块上进行篡改检测,而不需要检测模块来了解其关键数据和功能。 本发明的检测模块通过验证由保护控制模块执行的应用解密处理的输入和输出数据之间的对应是否正确来执行篡改检测。 此外,本发明通过具有多个检测模块来验证不同的数据块,提供了通过检测模块来提高针对应用输出数据泄漏的安全性。
-
10.发明授权Software updating apparatus, software updating system, invalidation method, and invalidation program 有权软件更新装置,软件更新系统,无效方法和无效程序公开(公告)号:US08600896B2
公开(公告)日:2013-12-03
申请号:US12601368
申请日:2008-11-06
申请人: Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Kaoru Yokota , Masao Nonaka , Yuji Unagami , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Marika Minagawa
发明人: Manabu Maeda , Yuichi Futa , Natsume Matsuzaki , Kaoru Yokota , Masao Nonaka , Yuji Unagami , Hiroki Shizuya , Masao Sakai , Shuji Isobe , Eisuke Koizumi , Shingo Hasegawa , Marika Minagawa
IPC分类号: G06F21/00
CPC分类号: G06F21/57 , G06F8/65 , G06F21/562
摘要: To aim provide a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server (200), a replacement protection control module (121) to be used for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.
摘要翻译: 为了提供包括由多个安装模块组成的安装模块组(130)的软件更新装置。 每个更新模块具有从外部服务器(200)接收用于更新保护控制模块(120)的替换保护控制模块(121)的功能,所述保护控制模块具有验证预定应用是否已被 篡改。 每个安装模块同时运行由至少另一个同步运行的安装模块进行验证,以确定安装模块是否具有执行恶意操作的可能性。 如果任何安装模块被验证为具有执行恶意操作的可能性,则被验证为不具有可能性的另一个安装模块撤销已验证为具有可能性的任何安装模块。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.03 秒)