公开(公告)号：US20250063048A1

公开(公告)日：2025-02-20

申请号：US18723978

申请日：2022-01-26

Applicant: NEC Corporation

Inventor： Shohei MITANI ,  Hirofumi Ueda

IPC: H04L9/40

Abstract: An information processing apparatus according to an example embodiment of the present disclosure includes at least one memory configured to store instructions; and at least one processor configured to execute the instructions to: acquire a data set in which a plurality of combinations of a pattern of a plurality of elements indicating an access attribute and an access control action associated with the pattern of the elements are defined and request a user to input an action associated with a pattern of an element not covered by the data set in a case in which the data set does not cover an action associated with one or more assumed patterns of an element.

公开(公告)号：US20240403070A1

公开(公告)日：2024-12-05

申请号：US18699920

申请日：2021-11-11

Applicant: NEC CORPORATION

Inventor： Io FURUYAMA ,  Kazuaki Nakajima ,  Hirofumi Ueda

IPC: G06F9/445

Abstract: One purpose of the present disclosure is to provide a management device and the like capable of ascertaining a location where an anomaly can occur in a system. A management device according to an aspect of the present disclosure comprises: a storage unit that stores configuration information which corresponds to each constituent element of a system and which indicates a configuration of each constituent element; a first identification unit that identifies configuration information of a first constituent element in which an anomaly has occurred; and a second identification unit that, from the stored configuration information, identifies a second constituent element which corresponds to configuration information including common information between the first constituent element and the configuration information.

公开(公告)号：US12061730B2

公开(公告)日：2024-08-13

申请号：US17430069

申请日：2019-02-14

Applicant: NEC Corporation

Inventor： Taniya Singh ,  Masafumi Watanabe ,  Hirofumi Ueda

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/57 ,  G06F21/73

CPC classification number: G06F21/73 ,  G06F21/554 ,  G06F21/577 ,  G06F2221/034

Abstract: The present disclosure provides a security assessment apparatus, a method, and a program capable of making an assessment of a security risk simply and appropriately. The security assessment apparatus according to the present disclosure is a security assessment apparatus of a facility to be controlled using a controller, including: an identification unit (15) configured to identify a compromised component which puts the facility into an unsafe situation based on data regarding a plurality of components provided in the facility and control program code of the controller, thereby generating a list of the compromised component; and a compromised behavior generating unit (16) configured to generate a compromised behavior of a selected component selected from the list of the compromised component.

公开(公告)号：US10310931B2

公开(公告)日：2019-06-04

申请号：US15318799

申请日：2015-06-11

Applicant: NEC Corporation

Inventor： Hirofumi Ueda ,  Shunichi Kinoshita ,  Norio Yamagaki ,  Kazumine Ogura ,  Norihito Fujita

IPC: G06F11/00 ,  G06F11/07 ,  H04L29/06 ,  H04W24/06 ,  H04W24/08 ,  H04L1/00 ,  H04L1/18 ,  H04W24/04

Abstract: Provided are a communications state determination device, etc., capable of improving the accuracy of network state specification. This communications state estimation device comprises: a setting means that, in accordance with given communications parameters, applies the communications parameters to a communications device that determines the occurrence of communications errors in communications with a communications destination device; a detection means that sends communications instructions to the communications device that performs communications, in accordance with received communications instructions, and detects the occurrence of communications errors that have been determined in the communications that are in accordance with the instructions; and an estimation means that estimates whether or not the communications device can perform the communications, on the basis of the communications parameters and the existence or otherwise of communications errors.

公开(公告)号：US20150257142A1

公开(公告)日：2015-09-10

申请号：US14434029

申请日：2013-06-13

Applicant: NEC CORPORATION

Inventor： Hirofumi Ueda ,  Norihito Fujita

IPC: H04W72/04 ,  H04W48/10 ,  H04W76/02

CPC classification number: H04W72/0406 ,  H04W40/24 ,  H04W48/10 ,  H04W76/15 ,  H04W84/18

Abstract: Upon sensing an update of any routing information entry held in a routing information storage unit (A104), an information exchange coordination unit (A105) references a node information storage unit (A102), and if a node information entry corresponding to the updated routing information entry does not exist, acquires the corresponding node information entry from another communication terminal (A1b). Alternatively, upon sensing an update of any node information entry held in the node information storage unit (A102), the information exchange coordination unit (A105) references the routing information storage unit (A104), and if a routing information entry corresponding to the updated node information entry does not exist, acquires the corresponding routing information entry from another communication terminal (A1b). This provides a communication terminal for acquiring both the node information entry and the routing information entry relating to a specific communication terminal substantially at the same time.

Abstract translation: 一旦检测到路由信息存储单元（A104）中保存的任何路由信息条目的更新，信息交换协调单元（A105）参考节点信息存储单元（A102），并且如果与更新的路由信息​​相对应的节点信息条目 条目不存在，从另一通信终端（A1b）获取对应的节点信息条目。 或者，信息交换协调单元（A105）在检测到保存在节点信息存储单元（A102）中的任何节点信息条目的更新时，参照路由信息存储单元（A104），如果与更新的路由信息 节点信息条目不存在，从另一通信终端（A1b）获取相应的路由信息​​条目。 这提供了一种通信终端，用于基本上同时获取与特定通信终端相关的节点信息条目和路由信息条目。

公开(公告)号：US20240403159A1

公开(公告)日：2024-12-05

申请号：US18699951

申请日：2021-11-11

Applicant: NEC Corporation

Inventor： Io FURUYAMA ,  Kazuaki Nakajima ,  Hirofumi Ueda

IPC: G06F11/07 ,  G06F11/30

Abstract: A monitoring apparatus according to an embodiment of the present disclosure is provided with: a storage unit that stores configuration information corresponding to each of a plurality of devices included in a system; a first identification unit that identifies configuration information corresponding to a first device among the plurality of devices for which an agent for collecting information has not been set; a second identification unit that identifies a second device, which is a device among the plurality of devices that corresponds to configuration information similar to the configuration information corresponding to the first device and for which the agent has been set; and an association unit that associates operational information of the second device, which includes information collected by the agent, with the first device.

公开(公告)号：US20240045949A1

公开(公告)日：2024-02-08

申请号：US18266754

申请日：2020-12-23

Applicant: NEC Corporation

Inventor： Koki Tomita ,  Norio Yamagaki ,  Hirofumi Ueda

IPC: G06F21/55 ,  G06F21/57

CPC classification number: G06F21/552 ,  G06F21/577

Abstract: In order to reduce processing load when analyzing a security risk, an information collection control apparatus includes: a history information collecting unit configured to perform collection processing for collecting history information related to an operation history of a program operating with a terminal; and a transmission control unit configured to control a timing for transmitting the history information to a server.

公开(公告)号：US20230379351A1

公开(公告)日：2023-11-23

申请号：US18030907

申请日：2020-10-22

Applicant: NEC Corporation

Inventor： Ryo MIZUSHIMA ,  Hirofumi Ueda ,  Tomohiko Yagyu

IPC: H04L9/40

CPC classification number: H04L63/1433 ,  H04L63/145 ,  H04L2463/146

Abstract: Generation of an attack scenario to be used for risk analysis of a system to be analyzed is enabled without depending on the technique and the knowledge of a person who creates it. An analysis result acquisition means acquires a risk analysis result of a first risk analysis performed on a system to be analyzed. A condition acquisition means acquires conditions for an attack scenario to be used for a second risk analysis on the basis of an attack scenario table and the risk analysis result. An attack scenario generation means generates an attack scenario to be used for the second risk analysis on the basis of the conditions for the attack scenario acquired by the condition acquisition means.

公开(公告)号：US20230017839A1

公开(公告)日：2023-01-19

申请号：US17785492

申请日：2019-12-25

Applicant: NEC Corporation

Inventor： Ryo Mizushima ,  Hirofumi Ueda ,  Tomohiko Yagyu

IPC: G06F21/57 ,  G06F21/55

Abstract: A risk analysis result display apparatus, a risk analysis result display method, and a computer readable medium capable of enabling a user to recognize changes in risk in a system are provided. A risk analysis result (13) is a risk analysis result obtained by assessing a risk to a system to be analyzed in a first assessment period. A risk analysis result (14) is a risk analysis result obtained by assessing the risk to the system to be analyzed in a second assessment period different from the first assessment period. Comparison means (11) compares the risk analysis result (13) with the risk analysis result (14), and extracts a difference between the risk analysis result (13) and the risk analysis result (14). Output means (12) displays the difference extracted by the comparison means (11) for a user.

公开(公告)号：US09451529B2

公开(公告)日：2016-09-20

申请号：US14358663

申请日：2012-10-18

Applicant: NEC Corporation

Inventor： Hirofumi Ueda ,  Norihito Fujita

IPC: H04W40/24 ,  H04L12/751 ,  H04L12/715 ,  H04W84/18

CPC classification number: H04W40/246 ,  H04L45/02 ,  H04L45/04 ,  H04W84/18

Abstract: Upon receiving a routing control message from another communication terminal (B1), a communication terminal (A1) uses a MANET routing control unit (A133) to update and manage route information when a routing domain described in the routing control message matches the routing domain of the communication terminal (A1) itself. When the communication terminal itself does not belong to the routing domain, the communication terminal uses a DTN routing control unit (A132) to update and manage route information to another routing domain, and uses a route information advertisement unit (A134) to advertise the route information to another routing domain and the routing domain to which the communication terminal (A1) itself belongs, for another communication terminal (B1).

Abstract translation: 当从另一通信终端（B1）接收到路由控制消息时，通信终端（A1）使用MANET路由控制单元（A133）来更新和管理路由信息，当路由控制消息中描述的路由域与 通信终端（A1）本身。 当通信终端本身不属于路由域时，通信终端使用DTN路由控制单元（A132）来更新和管理到另一路由域的路由信息​​，并且使用路由信息通告单元（A134）来通告路由 另一个通信终端（B1）的另一个路由域和通信终端（A1）本身所属的路由域的信息。