摘要:
A management device 200d comprises: a key share generation unit 251d generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and an output unit 252d outputting each of the key shares to a different one of a plurality of detection modules. The detection modules acquire and store therein the key shares. The protection control module 120d comprises: an acquisition unit 381d acquiring the key shares from the detection modules; a reconstruction unit 382d reconstructing the decryption key by composing the key shares; a decryption unit 383d decrypting the encrypted application program with use of the decryption key; and a deletion unit 384d deleting the decryption key, after the decryption by the decryption unit is completed.
摘要:
Provided is a content management device for protecting a content of a provider. A content management device 800 deletes one or more contents shared with and held by a user of another device. The content management device 800 comprises: a sharing unit 801 configured to distribute the contents to the user and thereby share the contents with the user; and a switching unit 802 configured to switch a method of the deletion to another method according to a time elapsed from the distribution.
摘要:
A content reproduction system includes an information processing terminal and a secure device. The information processing terminal receives a copyright protection application program from an application distribution server. The copyright protection application program includes a first program having a first execution format executable in the information processing terminal and a second program having a second execution format different from the first execution format and executable in the secure device. The second program is encrypted with a program key held in the secure device. By extracting and executing the first program, the information processing terminal extracts the second program and transmits the second program to the secure device. The secure device receives the second program from the information processing terminal, decrypts the second program using a program key stored in a key storing unit, and executes the second program.
摘要:
A distributing device for generating private information correctly even if shared information is destroyed or tampered with. A shared information distributing device for use in a system for managing private information by a secret sharing method, including: segmenting unit that segments private information into a first through an nth pieces of shared information; first distribution unit that distributes the n pieces of shared information to n holding devices on a one-to-one basis; and second distribution unit that distributes the n pieces of shared information to the n holding devices so that each holding device holds an ith piece of shared information distributed by the first distribution unit, as well as a pieces of shared information being different from the ith piece of shared information in ordinal position among n pieces of shared information, “i” being an integer in a range from 1 to n.
摘要:
Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.
摘要:
A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.
摘要:
A malicious-module identification device identifies and deactivates a malicious module operating in an information processing device connected thereto via a network. The malicious-module identification device is provided with a reception unit for receiving results of tampering detection from a plurality of modules for detecting tampering, and a determination unit for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs. A deactivation unit outputs an instruction to deactivate the module identified as the malicious module.
摘要:
An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.
摘要:
A content reproduction system includes an information processing terminal and a secure device. The information processing terminal receives a copyright protection application program from an application distribution server. The copyright protection application program includes a first program having a first execution format executable in the information processing terminal and a second program having a second execution format different from the first execution format and executable in the secure device. The second program is encrypted with a program key held in the secure device. By extracting and executing the first program, the information processing terminal extracts the second program and transmits the second program to the secure device. The secure device receives the second program from the information processing terminal, decrypts the second program using a program key stored in a key storing unit, and executes the second program.
摘要:
The present invention provides an apparatus for securely acquiring a circuit configuration information set corresponding to a new cryptosystem without increasing the number of reconfigurable circuits. A content playback apparatus includes an FPGA that is reconfigurable. The content playback apparatus stores a decryption circuit program that shows the structure of a decryption circuit that executes decryption in accordance with a prescribed cryptosystem. The FPGA is reconfigured in accordance with the program to configure the decryption circuit. The playback apparatus acquires, from outside, an encrypted file that has been generated by encrypting a file including a decryption circuit program corresponding to the new cryptosystem in accordance with the prescribed cryptosystem, and decrypts the encrypted file by the decryption circuit.