公开(公告)号：US20200184079A1

公开(公告)日：2020-06-11

申请号：US16635439

申请日：2017-07-31

Applicant: NEC Corporation

Inventor： Yusuke MORITA ,  Takayuki SASAKI

IPC: G06F21/57 ,  G06F21/53 ,  G06F21/12 ,  G06F21/64 ,  G06F9/445

Abstract: A program verification system of the invention includes program verification means 51 for verifying whether a verification target program input as a program operating in a secure environment does not include a program execution function which is a function of executing a new program in the same environment by a command in the corresponding program and/or whether the verification target program or a protection mechanism of the secure environment as an operation source of the verification target program includes an external input attack defense function which is a function of defending against an attack caused by an external data input during execution of the program; and signature means 52 for giving a signature to the program based on a result of the verification by the program verification means 51.

公开(公告)号：US20220188420A1

公开(公告)日：2022-06-16

申请号：US17436736

申请日：2019-03-18

Applicant: NEC Corporation

Inventor： Toshiki KOBAYASHI ,  Takayuki SASAKI ,  Yusuke MORITA

IPC: G06F21/57 ,  G06F8/70

Abstract: According to an example embodiment, a firmware rewriting apparatus includes: call position specifying means for specifying, among instructions described in a program of firmware stored in a memory, the instructions for changing a control flow; free area specifying means for specifying a free area in a storage area of the memory in which the program is not stored; and program rewriting means for rewriting the instruction specified by the call position specifying means into a call instruction of a frequency adjustment code and writing the frequency adjustment code for calling an inspection code at a frequency corresponding to a frequency of calling the frequency adjustment code and the inspection code for performing a security check of the program in response to a call from the frequency adjustment code into the free area specified by the free area specifying means.

公开(公告)号：US20220261476A1

公开(公告)日：2022-08-18

申请号：US17626975

申请日：2019-07-22

Applicant: NEC Corporation

Inventor： Yusuke MORITA ,  Takayuki SASAKI ,  Toshiki KOBAYASHI

IPC: G06F21/53

Abstract: A security management device (20) has a processing unit (21) operating in a normal environment (10A) and a processing unit (22) operating in a secure environment (10B). The processing unit (21) acquires information about an “inspection target”. The “inspection target” is a target of an inspection about normality, and programs executed in an execution environment included in the normal environment (10A) (an OS (operating system) and the like) are included. After the inspection about the normality of the inspection target based on the information about the inspection target acquired by the processing unit (21) is performed, the processing unit (22) inspects normality of the processing unit (21).