公开(公告)号：US11418534B2

公开(公告)日：2022-08-16

申请号：US16971331

申请日：2019-02-22

Applicant: HITACHI, LTD.

Inventor： Akihiro Sugimoto ,  Yoshiaki Isobe

IPC: H04L9/40 ,  G06N7/00

Abstract: A threat analysis system includes a storage unit that stores first information in which a device configuring a threat analysis target system and a vulnerability included in the device are associated with each other, and second information in which the device and a threat from a viewpoint of a business operator assumed in the threat analysis target system are associated with each other; a threat analysis processing unit that associates the vulnerability included in the device and a threat in the threat analysis target system with each other on a basis of the first information and the second information stored in the storage unit; and a threat-analysis result output unit that outputs a relationship between the vulnerability and the threat associated by the threat analysis processing unit.

公开(公告)号：US20140298034A1

公开(公告)日：2014-10-02

申请号：US14351673

申请日：2012-10-02

Applicant: Hitachi, Ltd.

Inventor： Natsuki Watanabe ,  Yoko Hashimoto ,  Kosuke Anzai ,  Kunihiko Miyazaki ,  Naoki Hayashi ,  Yoshiaki Isobe ,  Tomohisa Kumagai ,  Daisuke Miyamoto

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  H04L9/3236 ,  H04L2209/38

Abstract: A data authenticity assurance method carried out by a management computer including: a first step of receiving the first data piece from the computer; a second step of selecting a plurality of second data pieces at predetermined intervals in chronological order from among the plurality of second data pieces held in the data holding part; a third step of performing an arithmetic operation for each of the hash values of the selected plurality of second data pieces; a fourth step of generating signature target data by combining the first data piece received from the computer with the hash values of the selected plurality of second data pieces; and a fifth step of generating a second data piece by assigning the digital signature to the signature target data by using the preset key, and holding the generated second data piece in chronological order sequentially in the data holding part.

Abstract translation: 一种由管理计算机执行的数据真实性保证方法，包括：从计算机接收第一数据片的第一步骤; 从保存在数据保持部的多个第二数据中按时间顺序从预定间隔选择多个第二数据的第二步骤; 对所选择的多个第二数据段的每个哈希值执行算术运算的第三步骤; 第四步骤，通过将从计算机接收的第一数据片段与所选择的多个第二数据片段的散列值相组合来产生签名目标数据; 以及第五步骤，通过使用所述预设密钥将所述数字签名分配给所述签名目标数据来生成第二数据块，并且在所述数据保持部分中按顺序依次保存所生成的第二数据。

公开(公告)号：US09479330B2

公开(公告)日：2016-10-25

申请号：US14304255

申请日：2014-06-13

Applicant: Hitachi, Ltd.

Inventor： Kosuke Anzai ,  Hisayoshi Sato ,  Yoshiaki Isobe ,  Suguru Iwasaki

IPC: H04L9/08

CPC classification number: H04L9/0822 ,  H04L9/0861

Abstract: With a portal server, a request for information from a terminal of a second user that is an agent for a first user is received, and an encrypted data directed to a terminal of the first user, stored in an encrypted-data memory unit, is re-encrypted using a re-encryption key for the second user, stored in a first encryption-key memory unit, and is transmitted to the terminal of the second user, with the terminal of the second user, the re-encrypted data received is decrypted using an encryption key for the second user, stored in a second encryption-key memory unit, and time keys specified by the terminal of the first user, related to a time-period during which browsing of the information is permitted.

Abstract translation: 使用门户服务器，接收来自作为第一用户的代理的第二用户的终端的信息请求，并且存储在加密数据存储单元中的指向第一用户的终端的加密数据是 使用第二用户的重新加密密钥重新加密，存储在第一加密密钥存储单元中，并且被发送到第二用户的终端，第二用户的终端，接收到的重新加密的数据是 存储在第二加密密钥存储单元中的用于第二用户的加密密钥以及由第一用户的终端指定的时间密钥进行解密，与允许浏览信息的时间段相关。

公开(公告)号：US09419804B2

公开(公告)日：2016-08-16

申请号：US14351673

申请日：2012-10-02

Applicant: Hitachi, Ltd.

Inventor： Natsuki Watanabe ,  Yoko Hashimoto ,  Kosuke Anzai ,  Kunihiko Miyazaki ,  Naoki Hayashi ,  Yoshiaki Isobe ,  Tomohisa Kumagai ,  Daisuke Miyamoto

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L9/3247 ,  H04L9/3236 ,  H04L2209/38

Abstract: A data authenticity assurance method carried out by a management computer including: a first step of receiving the first data piece from the computer; a second step of selecting a plurality of second data pieces at predetermined intervals in chronological order from among the plurality of second data pieces held in the data holding part; a third step of performing an arithmetic operation for each of the hash values of the selected plurality of second data pieces; a fourth step of generating signature target data by combining the first data piece received from the computer with the hash values of the selected plurality of second data pieces; and a fifth step of generating a second data piece by assigning the digital signature to the signature target data by using the preset key, and holding the generated second data piece in chronological order sequentially in the data holding part.

Abstract translation: 一种由管理计算机执行的数据真实性保证方法，包括：从计算机接收第一数据片的第一步骤; 从保存在数据保持部的多个第二数据中按时间顺序从预定间隔选择多个第二数据的第二步骤; 对所选择的多个第二数据段的每个哈希值执行算术运算的第三步骤; 第四步骤，通过将从计算机接收的第一数据片段与所选择的多个第二数据片段的散列值相组合来产生签名目标数据; 以及第五步骤，通过使用所述预设密钥将所述数字签名分配给所述签名目标数据来生成第二数据块，并且在所述数据保持部分中按顺序依次保存所生成的第二数据。

公开(公告)号：US11899799B2

公开(公告)日：2024-02-13

申请号：US17029840

申请日：2020-09-23

Applicant: Hitachi, Ltd.

Inventor： Jens Doenhoff ,  Nodoka Mimura ,  Yoshiaki Isobe

IPC: G06F21/57 ,  G06F8/65

CPC classification number: G06F21/577 ,  G06F8/65 ,  G06F21/572 ,  G06F2221/033

Abstract: A system performs an application update process based on security management information that is information including meta information for each of a plurality of security services. The application update process is a process for adding one or more security services including a security service that reduces the security risk of an application having a plurality of distributed microservices having a graph structure relationship to the application.

公开(公告)号：US20150082040A1

公开(公告)日：2015-03-19

申请号：US14304255

申请日：2014-06-13

Applicant: Hitachi, Ltd.

Inventor： KOSUKE ANZAI ,  Hisayoshi Sato ,  Yoshiaki Isobe ,  Suguru Iwasaki

IPC: H04L9/08

CPC classification number: H04L9/0822 ,  H04L9/0861

Abstract: With a portal server, a request for information from a terminal of a second user that is an agent for a first user is received, and an encrypted data directed to a terminal of the first user, stored in an encrypted-data memory unit, is re-encrypted using a re-encryption key for the second user, stored in a first encryption-key memory unit, arid is transmitted to the terminal of the second user, with the terminal of the second user, the re-encrypted data received is decrypted using an encryption key for the second user, stored in a second encryption-key memory unit, and time keys specified by the terminal of the first user, related to a time-period during which browsing of the information is permitted.

Abstract translation: 使用门户服务器，接收来自作为第一用户的代理的第二用户的终端的信息请求，并且存储在加密数据存储单元中的指向第一用户的终端的加密数据是 使用存储在第一加密密钥存储单元中的第二用户的重新加密密钥重新加密，并且通过第二用户的终端，接收的重新加密数据被发送到第二用户的终端 存储在第二加密密钥存储单元中的用于第二用户的加密密钥以及由第一用户的终端指定的时间密钥进行解密，与允许浏览信息的时间段相关。