Directory of Researchers
| SHIRAISHI Yoshiaki |  |
| Graduate School of Engineering / Department of Electrical and Electronic Engineering | |
| Associate Professor | |
| Other Natural Science Field |
Researcher Profile and Settings
Affiliation
<Faculty / Graduate School / Others>
Graduate School of Engineering / Department of Electrical and Electronic Engineering<Related Faculty / Graduate School / Others>
Faculty of Engineering / Department of Electrical and Electronic Engineering, Center for Mathematical and Data Sciences
Teaching
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, First Year Seminar
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Design of Electric Systems and Equipments A
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Electrical and Electronics Engineering Laboratory Ⅳ
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Graduate Research
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Research Works
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Information Theory
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Research Works
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Introductory Seminar of Electrical and Electronics Engineering
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Creative Seminar
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Design of Electric Systems and Equipments B
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Computer Programming Practice IA
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Introduction to Research in Electrical and Electronic Engineering
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Computer Programming Practice I
- Faculty of Engineering / Department of Electrical and Electronic Engineering, 2022, Computer Programming Practice IB
- Graduate School of Engineering / Department of Electrical and Electronic Engineering, 2022, Master's Thesis
- Graduate School of Engineering / Department of Electrical and Electronic Engineering, 2022, Independent study
- Graduate School of Engineering / Department of Electrical and Electronic Engineering, 2022, Advanced Course on Communication Systems
- Graduate School of Engineering / Department of Electrical and Electronic Engineering, 2022, Advanced Science and Technology A
- Graduate School of Engineering / Department of Electrical and Electronic Engineering, 2022, Knowledge Assisted Coding
- Faculty of Engineering, 2022, Advanced Liberal Arts Seminar in Faculty of Engineering (Current Research Topics of Electrical and Electronic Engineering)
- Faculty of Engineering, 2022, Advanced Liberal Arts Seminar in Faculty of Engineering (Current Research Topics of Electrical and Electronic Engineering)
- Faculty of Engineering, 2022, Advanced Liberal Arts Seminar in Faculty of Engineering (Electrical and Electronic Engineering)
Research Activities
Research Interests
- usable security
- machine learning applications
- information security
- information and communication system security
- authentication / authorization
- blockchain applications
- privacy enhancement technology
- Cyper Threat Intelligence
- cyber attack analysis
- cybersecurity
- cryptography
- computer networks
- computer security
- network security
Research Areas
- Informatics / Information security
- Manufacturing technology (mechanical, electrical/electronic, chemical engineering) / Communication and network engineering
- Informatics / Information networks
- Informatics / Computer systems
- Informatics / Information theory
Committee Memberships
- May 2021 - Mar. 2022, 情報処理学会コンピュータセキュリティシンポジウム(CSS2021)実行委員会, 2020委員
- Jan. 2021 - Jan. 2022, Organizing Committee of Symposium on Cryptography and Information Security (SCIS), Publicity co-chairs
- Oct. 2019 - Mar. 2021, 情報処理学会コンピュータセキュリティシンポジウム2020(CSS2020)実行委員会, 副実行委員長
- Dec. 2018 - Aug. 2019, AsiaJCIS2019実行委員会, 実行委員長
- Jun. 2017 - May 2019, 電子情報通信学会 情報通信システムセキュリティ研究専門委員会, 専門委員長
- Jun. 2015 - May 2017, 電子情報通信学会 情報通信システムセキュリティ研究専門委員会, 副専門委員長
- Jun. 2015 - May 2017, 電子情報通信学会関西支部, 庶務幹事
- Jun. 2013 - May 2015, 電子情報通信学会 情報通信システムセキュリティ研究専門委員会, 幹事
- Jun. 2011 - May 2013, 電子情報通信学会 情報通信システムセキュリティ研究専門委員会, 幹事補佐
- 2010, 情報処理学会, コンピュータセキュリティシンポジウム2010(CSS2010)実行委員, 情報処理学会
- 2010, 電子情報通信学会, ライフログ処理技術とその活用システム特集号(和文論文誌D)編集委員会 編集幹事, 電子情報通信学会
- 2007 - 2009, 電子情報通信学会, 情報セキュリティ研究専門委員会 幹事, 電子情報通信学会
- 2009, 電子情報通信学会, 2010年暗号と情報セキュリティシンポジウム(SCIS2010)実行委員, 電子情報通信学会
- 2009, 電子情報通信学会, ライフインテリジェンスとオフィス情報システム研究専門委員会 専門委員, 電子情報通信学会
- 2009, 電子情報通信学会, 和文論文誌D編集委員会 編集委員, 電子情報通信学会
- 2006 - 2007, 電子情報通信学会, 情報セキュリティ研究専門委員会 幹事補佐, 電子情報通信学会
Awards
Jan. 2022 暗号と情報セキュリティシンポジウムSCISイノベーション論文賞
Sep. 2021 情報処理学会マルチメディア、分散、協調とモバイル(DICOMO2021)シンポジウム優秀論文賞
Mar. 2021 電子情報通信学会, 教育功労賞
Oct. 2020 情報処理学会コンピュータセキュリティシンポジウム, 最優秀デモンストレーション賞
May 2017 電子情報通信学会情報セキュリティ研究専門委員会, 活動貢献感謝状
May 2017 電子情報通信学会関西支部, 活動功労賞
Jan. 2015 情報処理学会高度交通システム研究会優秀論文賞
“Reading Out Scheme for Digitally Signed Random Network Coded Communication on VANET”, 2014-ITS-56(6), pp.1-7, March, 2014.Japan society
Aug. 2013 情報処理学会マルチメディア、分散、協調とモバイル(DICOMO2013)シンポジウム優秀論文賞
前方秘匿性を満たす属性失効機能付き属性ベース暗号Japan society
2008 情報処理学会マルチメディア,分散,協調とモバイル(DICOMO2008)シンポジウム優秀論文賞
2007 情報処理学会マルチメディア,分散,協調とモバイル(DICOMO2007)シンポジウム優秀論文賞
2006 電子情報通信学会2005年暗号と情報セキュリティシンポジウム(SCIS2005)論文賞
2003 電子情報通信学会暗号と情報セキュリティシンポジウム(SCIS)20周年記念賞
2002 電子情報通信学会オフィスシステム研究賞
Published Papers
- Springer Nature Switzerland, 04 Feb. 2023, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 290 - 308, English
[Refereed]
International conference proceedings
- Elsevier BV, Jan. 2023, Blockchain: Research and Applications, 100126 - 100126, English
[Refereed]
Scientific journal
- Corresponding, Dec. 2022, 情報処理学会論文誌, 63 (12), 1770 - 1775, Japanese
[Refereed]
Scientific journal
Abstract Security information such as threat information and vulnerability information are utilized to analyze cyberattacks. If specific keywords such as the name of malware related to the event to be analyzed are known in advance, it is possible to obtain information using typical search engines. However, when a security operator cannot recall appropriate keywords related to the event to be analyzed, or when a commonly recognized identifier does not exist, a general search engine cannot be expected to produce useful results. In this paper, we propose a method using topic models and outlier detection to generate multi-labels for search, with the goal of constructing a search engine that can present relevant security information even in such situations. In addition, this paper discusses the application of the proposed method to 2386 security reports issued from 2017 to 2019 to demonstrate that the labeling can be focused on specific topics.
Corresponding, Springer Science and Business Media LLC, Dec. 2022, Annals of Telecommunications, 77 (11-12), 777 - 788, English[Refereed]
Scientific journal
- IEEE, Nov. 2022, 2022 Tenth International Symposium on Computing and Networking (CANDAR), English
[Refereed]
International conference proceedings
- Corresponding, Oct. 2022, 電子情報通信学会論文誌 D, J105-D (10), 603 - 613, Japanese
[Refereed]
Scientific journal
- IEEE, 12 Sep. 2022, 2022 IEEE 33rd Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), English
[Refereed]
International conference proceedings
- Jun. 2022, Sensors, 22 (12), English
[Refereed]
Scientific journal
- May 2022, Sensors, 22 (9), 3586 - 3586, English
[Refereed]
Scientific journal
- Last, Jan. 2022, 電子情報通信学会論文誌D, J.105-D (1), 106 - 109, JapaneseLog Storage System Using Blockchain
[Refereed]
Scientific journal
- Jan. 2022, Future Internet, 14 (1), EnglishThree Layered Architecture for Driver Behavior Analysis and Personalized Assistance with Alert Message Dissemination in 5G Envisioned Fog-IoCV
[Refereed]
Scientific journal
- Dec. 2021, The 20th IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology, 136 - 145, EnglishFake News Detection via Biased User Profiles in Social Networking Sites
[Refereed]
International conference proceedings
- Corresponding, Dec. 2021, 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C), 1126 - 1134, EnglishSystemization of Vulnerability Information by Ontology for Impact Analysis
[Refereed]
International conference proceedings
- Corresponding, Dec. 2021, 情報処理学会論文誌, 62 (12), 2024 - 2028Automated Software Vulnerability Assessment Based on Vulnerability Descriptions Using Topic Specificity of Words
[Refereed]
Scientific journal
- Oct. 2021, 2021 International Conference on Information and Communication Technology Convergence (ICTC), 545 - 550, EnglishSimplifying Dynamic Public Key Certificate Graph for Certification Path Building in Distributed Public Key Infrastructure
[Refereed]
International conference proceedings
- Corresponding, Institute of Electronics, Information and Communications Engineers (IEICE), 01 May 2021, IEICE Transactions on Information and Systems, E104.D (5), 556 - 561, English
[Refereed]
Scientific journal
- IEEE, Mar. 2021, 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events, 376 - 379, English
[Refereed]
International conference proceedings
- Last, Mar. 2021, 情報処理学会第83回全国大会, 3, 469 - 470, JapaneseRelated Paper Search by Pretrained Language Model -Paper Navigation System for Computer Security Symposium-
Research society
- Last, Mar. 2021, 情報処理学会第83回全国大会, 3, 467 - 468, JapaneseService Container Enabling Authentication and Authorization to Websites
Research society
- Last, Mar. 2021, 情報処理学会第83回全国大会, 3, 401 - 402, JapaneseAn Application of Secret Search using Homomorphic Encryption to Log analysis
Research society
- Last, Mar. 2021, 電子情報通信学会総合大会, 57, JapaneseA Whitelist Composition Method for Detecting Tampering of Programs Running on IoT Devices
Research society
- 21 Jan. 2021, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム), 120 (324), 81 - 86, JapaneseTwo-Layered QR Codes and Their Principles
Symposium
- Last, 21 Jan. 2021, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム), 120 (no.324), 75 - 80, JapaneseWindows APIコールログからのマルウェアの動作再現 ~ 主要なWin32 APIへの対応と動作再現後の状態復元の検討 ~
Symposium
- Jan. 2021, 暗号と情報セキュリティシンポジウム予稿集, (2E4-1), 1 - 8, JapaneseDevelopment of Hologram QR Codes – Two-Layered QR Codes and Their Principles –
Symposium
- Corresponding, Jan. 2021, 暗号と情報セキュリティシンポジウム予稿集, (2C3-3), 1 - 8, JapaneseMulti-Labeling by Topic Models for Security Information Retrieval
Symposium
- Information Processing Society of Japan, Dec. 2020, Journal of Information Processing, 28 (0), 1025 - 1029, English
[Refereed]
Scientific journal
- Dec. 2020, 情報処理学会論文誌, 61 (12), 1802 - 1813, JapaneseSoK: Ontology Utilization in Security Field towards Data-driven Society
[Refereed]
Scientific journal
- Last, IEEE, 20 Oct. 2020, 2020 International Symposium on Networks, Computers and Communications (ISNCC), English
[Refereed]
International conference proceedings
- 19 Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 17 - 20, EnglishMalicious Domain Detection Based on Decision Tree
Symposium
- Last, Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 1110 - 1117, JapaneseA Secure Computation Protocol of Inner Product Using HQC Cryptosystem (II)
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 926 - 931, JapaneseA Countermeasure against Ransomware and Their Implementation
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 906 - 911, JapaneseA Discovery of a Method for Attacking against Bluetooth Low Energy and its Prevention
Symposium
- Corresponding, Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 847 - 852, JapaneseApplying Outlier Detection to Improving Modeling Accuracy of Topic Models for Multi-Labeling Security Reports
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 840 - 846, JapanesePartition-Then-Overlap Method for Labeling Cyber Threat Intelligence Reports by Topic Model
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 826 - 831, EnglishEffective DoS Attacks against Wireless LAN Devices and Countermeasures
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 820 - 825, JapaneseEvaluation of Kr00k in the Real Environment and Its Improvements
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 815 - 819, JapaneseA Survey on Wireless Secure-Transmission Techniques
Symposium
- Last, Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 661 - 664, JapaneseIoT Honeypot Using Raspberry Pi
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 653 - 660, JapanesePredicting Malware Outbreak Using Large-Scale Time-Series Data
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 416 - 421, JapaneseRAMBleed Attack against OpenSSL
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 410 - 415, JapaneseEffective RAMBleed Attack on DRAM
Symposium
- Last, Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 389 - 395, JapaneseTransparent Provable Data Possession Scheme Based on Discrete Logarithm Problem for Cloud Storage
Symposium
- Corresponding, Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 137 - 144, JapaneseUser-Managed Access-Based Cross Domain Authorization Framework with Hyperledger Fabric
Symposium
- Oct. 2020, コンピュータセキュリティシンポジウム2020論文集, 109 - 114, JapaneseDefinition of Event Dependent Model and Implementation of Damage Prediction System of Unlawful Access Using It
Symposium
- Last, 04 Sep. 2020, 電子情報通信学会技術研究報告(情報理論), 120 (157), 31 - 36, JapaneseHQC暗号を応用した秘匿内積計算プロトコル
Symposium
- Institute of Electrical and Electronics Engineers (IEEE), Aug. 2020, IEEE Access, 8, 144458 - 144467
[Refereed]
Scientific journal
- Institute of Electrical and Electronics Engineers (IEEE), Jul. 2020, IEEE Access, 8, 135742 - 135757
[Refereed]
Scientific journal
- Institute of Electrical and Electronics Engineers (IEEE), Jul. 2020, IEEE Access, 8, 135138 - 135151
[Refereed]
Scientific journal
- Dec. 2019, IEEE Trans. on Signal Processing, 68, 300 - 313, English
[Refereed]
Scientific journal
- Oct. 2019, コンピュータセキュリティシンポジウム2019 論文集, Japanese分散型認証基盤に向けたスマートコントラクトを用いた相互認証方式の提案
Symposium
Data is accumulated daily in a society where the Internet has infiltrated. In order to further develop the industry, it is effective to establish a framework that can share and use data resources widely. If the IoT devices and various services trade data without human intervention, they will be able to provide new services that enrich our lives. If an authentication and authorization system that can openly confirm the data owners and give authority to them is constructed, various services, not limited to a single service, can authenticate and authorize the devices, and the data sharing will be promoted. In this paper, we propose a system that uses blockchain as a database for storing credentials and authority information and allows users and services to perform authentication and authorization based on that information.
09 Sep. 2019, 2019 14th Asia Joint Conference on Information Security (AsiaJCIS), 111 - 118, English[Refereed]
International conference proceedings
- Information Disclosing Mechanisms Using a Feature of the Healthcare PKI for Collaboration of Home Medical Care and Nursing
With the transition of a place of medical care and nursing from hospitals to homes, ICT systems are spreading to share information efficiency among multidisciplinary team. Since the ICT systems contain sensitive information of patients such as the medical condition, the database is desired to be encrypted. On the other hand, due to the nature of home medical care and nursing, ICT systems should have a flexible disclosing mechanisms such that the specific members can access the information normally although any qualified person can do in an emergency. In this paper, we propose two kinds of methods as controllable disclosing encryption mechanisms. One is the method with RSA encryption, the other is one with CP-ABE (Ciphertext-Policy Attribute-Based Encryption). To authenticate workers themselves and their accredited qualifications, we rely the HPKI (Healthcare PKI). An experimental result shows that the RSA based method can encrypt and decrypt the information faster than CP-ABE based one can do. We also mention that the CP-ABE based method can process the information permissively within a general ICT system.
15 Jun. 2019, 情報処理学会論文誌, 60 (6), 1228 - 1237, Japanese[Refereed]
Scientific journal
- Mar. 2019, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-79, 95 - 100, Japanese組織に対する脅威レポートのオントロジーを用いた生成
Symposium
- Mar. 2019, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-81, 105 - 110, Japanese出力クラスを明示的に誘導可能な敵対的生成モデルを利用した脅威情報分析手法の検討
Symposium
- Mar. 2019, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-86, 161 - 166, Japanese自己主権型身分証明のためのブロックチェーンを用いた擬似ランダム関数に基づく認証方式
Symposium
- Mar. 2019, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-78, 89 - 94, Japanese脅威情報のモデル化のためのセキュリティレポートからのイベント情報の抽出
Symposium
- Mar. 2019, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-87, 167 - 172, Japaneseブロックチェーンを用いた認証・認可システムとデータ流通プラットフォームの一実現法 ~ IoTデバイス向けWebベースクラウドストレージ ~
Symposium
- Mar. 2019, 情報処理学会第81回全国大会, 4ZA-02, JapaneseWindows APIコールのログからのマルウェアの動作再現の検討
Symposium
- Mar. 2019, 情報処理学会第81回全国大会, 6ZA-05, JapaneseTPMのAIK証明書と関連付く公開鍵証明書の発行について
Symposium
- Mar. 2019, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-80, 101 - 104, JapaneseEncoder-Decoderモデルを用いたセキュリティレポートに出現する用語の説明文の生成
Symposium
- Corresponding, 2019, IEICE Trans. Inf. Syst., 102-D (9), 1679 - 1682
[Refereed]
Scientific journal
- 2019, JIP, 27, 802 - 809
[Refereed]
Scientific journal
- 2019, IEICE Transactions, 102-D (9), 1676 - 1678Authentication Scheme Using Pre-Registered Information on Blockchain.
[Refereed]
Scientific journal
- 2019, Proc. of 11th International Conference on Computational Intelligence and Communication Networks, EnglishEstimating and Forwarding Unreceived Symbols for Random Network Coded Communication
[Refereed]
International conference proceedings
- 電子情報通信学会, Jan. 2019, 暗号と情報セキュリティシンポジウム, 3B2-6, Japanese高密度パリティ検査行列を用いた2元シンドローム復号問題に基づく認証方式について(II)
Symposium
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-58, 31 - 36, Japanese話題誘導するトピックモデルを用いたセキュリティレポートからの攻撃傾向の把握
Symposium
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-67, 79 - 84, Japanese匿名性を考慮したTPMを用いるSSLクライアント認証
Symposium
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-62, 49 - 54, Japanese高密度パリティ検査行列を用いた2元シンドローム復号問題に基づく認証方式について
Symposium
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-64, 61 - 66, Japanese機械学習による脆弱性記述に基づく深刻度推定
Symposium
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-65, 67 - 72, Japanese監査者に提出する証拠を選択可能としたクラウドストレージのデータ所有証明
Symposium
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-61, 45 - 48, Japaneseブロックチェーンに格納した認証情報を用いる認証方式
Symposium
- The Institute of Electronics, Information and Communication Engineers, Nov. 2018, IEICE Trans. on Information and Systems, Vol.E101-D (No.11), 2688 - 2697, English
[Refereed]
Scientific journal
- Nov. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-60, 39 - 44, JapaneseOpenIDで認証情報を発行するブロックチェーンを用いた認証・認可システム
Symposium
- Corresponding, The Institute of Electronics, Information and Communication Engineers, Nov. 2018, IEICE Trans. on Information and Systems, Vol.E101-D (No.11), 2658 - 2664, English
[Refereed]
Scientific journal
- 情報処理学会, Oct. 2018, コンピュータセキュリティシンポジウム, 2C3-5, Japanese話題誘導するトピックモデルを用いたセキュリティレポート分類
Symposium
- 情報処理学会, Oct. 2018, コンピュータセキュリティシンポジウム, 3B3-1, Japaneseブロックチェーンを用いた認証・認可システムの設計と実装
Symposium
- Oct. 2018, 電子情報通信学会論文誌(D), Vol.J101-D (No.10), 1427 - 1437, Japaneseスレットインテリジェンスのためのダイアモンドモデルに基づく脅威情報分析システム
[Refereed]
Scientific journal
- Sep. 2018, 情報科学技術フォーラム, L-015, Japaneseモデル化した攻撃活動のグラフ表現による分析の検討
Symposium
- Sep. 2018, 情報処理学会論文誌, 59 (9), 1624 - 1638, Japaneseマルチ環境解析とJavaScript解析を組み合せた悪性Webサイトのクローキング分析手法
[Refereed]
Scientific journal
- Jul. 2018, IEICE Technical Report (Information and Communication System Security), ICSS2018-42, 305 - 310, JapaneseA Machine Learning-based Approach for Classifying Applications from Encrypted Traffic
Symposium
- Jun. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2018-8, 47 - 54, Japaneseブロックチェーンを用いた認証システムの検討
Symposium
- 電子情報通信学会, 07 Mar. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), 117 (481), 145 - 150, JapaneseStructured Threat Information eXpressionで記述された情報のモデル化
Symposium
- 電子情報通信学会, 07 Mar. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), 117 (481), 151 - 156, JapaneseLDAを用いたセキュリティレポートのマルチラベル分類
Symposium
- 在宅医療介護連携システムにおける緊急時を考慮したHPKI 認証に基づく個人情報の開示先制御
在宅医療介護における医療介護従事者間の情報共有にICT を活用する際,患者の機微な個人情報は暗号化された上で保管されることが望ましい.また,医療分野においては緊急時に適切かつ円滑に患者情報を開示許可する必要がある.これには国家資格所持の真正性が保証される保健医療福祉分野の公開鍵基盤(HPKI)が有用である.そこで,本研究では緊急時を考慮した暗号化された個人情報のHPKI 認証に基づく開示先制御方式を提案する.RSA 暗号を利用する方式と,秘密鍵管理コストの削減を図った暗号文ポリシー属性ベース暗号(CP-ABE)を利用する方式を提案する.この2 方式における暗号化,及び,復号化処理時間を測定し,共にRSA 方式が短いことと,CP-ABE 方式においても実用可能な処理時間が示唆されることを確認した.
Mar. 2018, 情報処理学会第80回全国大会, 2018 (7X-02), 553 - 554, JapaneseSymposium
- Mar. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2017-64, 79 - 84, Japaneseマルチホップ無線ネットワーク上での分散秘密の配付について
Symposium
- Mar. 2018, 情報処理学会第80回全国大会, (6W-01), 527 - 528, JapaneseWindows APIコールログからのマルウェアの動作再現について
Symposium
- Mar. 2018, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2017-85, 215 - 220, JapaneseLDPC 符号を用いたリング署名方式について
Symposium
- Dec. 2017, 情報処理学会研究報告(コンピュータセキュリティ), Vol.2017-CSEC-79 (No.3), 8 pages, JapaneseHPKI認証の特長を考慮した在宅医療介護システムにおける患者情報の開示先制御
Symposium
- Dec. 2017, 情報処理学会論文誌, Vol.58 (No.12), 1843 - 1855, JapaneseAndroidアプリケーションのライブラリからみた脆弱性分析
[Refereed]
Scientific journal
- 電子情報通信学会, 20 Nov. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), 117 (316), 23 - 27, JapaneseSignature Scheme Based on the Syndrome Decoding Problem Using LDPC Codes
Symposium
- Nov. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2017-50, 71 - 76, Japaneseダイアモンドモデルに基づく脅威情報分析のためのインタフェースについて
Symposium
- Nov. 2017, 電気関係学会関西連合大会, (G10-10), 299 - 300, Japaneseグループ暗号通信のためのマルチホップ無線ネットワーク上での分散秘密の配布
Symposium
- Nov. 2017, 電気関係学会関西連合大会, (G11-16), 332 - 333, JapaneseWindows APIのログからのマルウェアの疑似復元の検討
Symposium
- Nov. 2017, 電気関係学会関西連合大会, (G10-2), 284 - 285, JapaneseNamed Data Networking 上の Raptor 符号化によるコンテンツ配信の評価環境
Symposium
- Oct. 2017, コンピュータセキュリティシンポジウム, Japanese無線物理層セキュリティを用いたIoTネットワークの検討
Symposium
In the case of drive-by download attacks, most malicious web sites identify the software environment of the clients and change their behavior. Then we cannot always obtain sufficient information appropriate to the client organization by automatic dynamic analysis in open services. It is required to prepare for expected incidents caused by re-accessing same malicious web sites from the other client in the organization. To authors' knowledge, there is no study of utilizing analysis results of malicious web sites for digital forensic on the incident and hedging the risk of expected incident in the organization. In this paper, we propose a system for evaluating the impact of accessing malicious web sites by using the results of multi-environment analysis. Furthermore, we report the results of evaluating malicious web sites by the multi-environment analysis system, and show how to utilize analysis results for forensic analysis and risk hedge based on actual cases of analyzing malicious web sites.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Oct. 2017, IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, E100D (10), 2449 - 2457, English[Refereed]
Scientific journal
- 情報処理学会, Oct. 2017, コンピュータセキュリティシンポジウム, (1E4-3), 264 - 271, JapaneseLDPC 符号を用いたゼロ知識証明型認証方式について(II)
Symposium
- 情報処理学会, Oct. 2017, コンピュータセキュリティシンポジウム, (3D2-4), 1151 - 1155, JapaneseExploit Kit で構築された悪性 Web サイトの URL に関する考察
Symposium
The application of Intelligent Transport Systems (ITS) transmits data with road-to-vehicle communication (RVC) and inter-vehicle communication (IVC). Digital signature is essential to provide security for RVC and IVC. The public key certificate is used to verify that a public key belongs to an individual prover such as user or terminal. A certificate revocation list (CRL) is used for verifying validity of the public key certificate. A certificate authority (CA) publishes a CRL and distributes it to vehicles. CRL distribution traffic disturbs ITS application traffic because of sharing wireless channel between them. To distribute it on low bit rate will help to ease the disturbance. Although multiplex transmitting is effective in reliable communication, a duplication of received packets is waste of bandwidth as a consequence. This paper proposes a CRL distribution scheme based on random network coding which can reduce duplicate packets. The simulation results show that the number of duplicate packets of the proposed scheme is less than that of a simple error correction (EC)-based scheme and the proposed one can distribute CRL to more vehicles than EC-based ones.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Oct. 2017, IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, E100D (10), 2440 - 2448, English[Refereed]
Scientific journal
Internet of Things (IoT) has been widely applied in various fields. IoT data can also be put to cloud, but there are still concerns regarding security and privacy. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is attracted attention in cloud storage as a suitable encryption scheme for confidential data share and transmission. In CP-ABE, the secret key of a user is associated with a set of attributes; when attributes satisfy the access structure, the ciphertext is able to be decrypted. It is necessary that multiple authorities issue and manage secret keys independently. Authorities that generate the secret key can be regarded as managing the attributes of a user in CP-ABE. CP-ABE schemes that have multiple authorities have been proposed. The other hand, it should consider that a user's operation at the terminals is not necessary when a user drop an attribute and key is updated and the design of the communication system is a simple. In this paper, we propose CP-ABE scheme that have multiple key authorities and can revoke attribute immediately with no updating user's secret key for attribute revocation. In addition, the length of ciphertext is fixed. The proposed scheme is IND-CPA secure in DBDH assumption under the standard model. We compare the proposed scheme and the other CP-ABE schemes and show that the proposed scheme is more suitable for cloud storage.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Oct. 2017, IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, E100D (10), 2420 - 2431, English[Refereed]
Scientific journal
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on cloud storage systems. In ABE, to revoke users' attributes, it is necessary to make them unable to decrypt ci-phertexts. Some CP-ABE schemes for efficient attribute revocation have been proposed. However, they have not been given a formal security proof against a revoked user, that is, whether they satisfy forward secrecy has not been shown or they just do not achieve fine-grained access control of shared data. We propose an attribute revocable attribute-based encryption with the forward secrecy for fine-grained access control of shared data. The proposed scheme can use both "AND" and "OR" policy and is IND-CPA secure under the Decisional Parallel Bilinear Diffie-Hellman Exponent assumption in the standard model.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Oct. 2017, IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, E100D (10), 2432 - 2439, English[Refereed]
Scientific journal
The malicious websites used by drive-by download attacks change their behavior for web client environments. To analyze the behavior of malicious websites, the singleenvironment analysis cannot obtain sufficient information. Hence, it is difficult to analyze the whole aspect of malicious websites. Also, the code obfuscation and cloaking are used in malicious websites to avoid to be analyzed their behavior. In this paper, we propose an analyzing method that combines decoding of the obfuscation code with dynamic analysis using multi-environment analysis system in order to analyze the behavior of the malicious websites in detail. Furthermore, we present two approaches to improve the multi-environment analysis. The first one is automation of traffic log analysis to reduce the cost of analyzing huge traffic logs between the environments and malicious websites. The second one is multimodal analysis for finding the URL of malicious websites.
Institute of Electrical and Electronics Engineers Inc., 05 Sep. 2017, Proceedings - 12th Asia Joint Conference on Information Security, AsiaJCIS 2017, 48 - 54, English[Refereed]
International conference proceedings
- 電子情報通信学会, Sep. 2017, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム), LOIS2017-19 (200), 51 - 56, JapaneseHPKI認証を用いた在宅医療介護連携システムにおける個人情報の開示先制御
Symposium
We focus on the construction of the digital signature scheme for local broadcast, which allows the devices with limited resources to securely transmit broadcast message. A multi-group authentication scheme that enables a node to authenticate its membership in multi verifiers by the sum of the secret keys has been proposed for limited resources. This paper presents a transformation which converts a multi-group authentication into a multi-group signature scheme. We show that the multi-group signature scheme converted by our transformation is existentially unforgeable against chosen message attacks (EUF-CMA secure) in the random oracle model if the multi-group authentication scheme is secure against impersonation under passive attacks (IMP-PA secure). In the multi-group signature scheme, a sender can sign a message by the secret keys which multiple certification authorities issue and the signature can validate the authenticity and integrity of the message to multiple verifiers. As a specific configuration example, we show the example in which the multi-group signature scheme by converting an error correcting code-based multi-group authentication scheme.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Aug. 2017, IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, E100D (8), 1770 - 1779, English[Refereed]
Scientific journal
- Jul. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2017-17, 81 - 86, Japaneseドライブ・バイ・ダウンロード攻撃によるインシデントを再現するフォレンジック支援システム
Symposium
- Jul. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2017-19, 93 - 98, Japaneseサイト構造のクラスタリングを用いた悪性サイトの識別
Symposium
- Jun. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2017-7, 37 - 42, JapaneseLDPC 符号を用いたゼロ知識証明型認証方式について
Symposium
- Mar. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), vol. 116 (no. 522, ICSS2016-64), 147 - 152, JapaneseRepresentation for Attack Activity to Associate Threat Information
Symposium
- Mar. 2017, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2016-47, 7 - 12, Japanese脅威情報の統合的分析に向けた攻撃活動のモデル化
Symposium
- Mar. 2017, 情報処理学会第79回全国大会, (1W-05), 537 - 538, Japanese悪性サイトを攻撃ツールにより分類するWebクローラー
Symposium
Safety on roadways is expected to be achieved by using vehicular ad-hoc networks (VANETs). A VANET includes dynamically moving vehicles that communicate for a certain purpose. The routing procedure in the VANET protocol is required to deliver requested data packets to the vehicles in a short period of time. Conventionally, routing algorithms like the ad-hoc on-demand vector (AODV) routing, the greedy perimeter stateless routing (GPSR), the direct-sequenced distance-vector (DSDV) routing and the dynamic source routing (DSR) have been utilized in most of ad-hoc networks. However, it is well known that the conventional routing algorithms have problems in utilizing for the VANET. For example, the DSR cannot restore link breakages often experienced in the VANET. The DSDV routing protocol consumes a higher bandwidth for message exchanges and imposes excessive overheads. This paper verifies that the cluster based routing (CBR) protocol proposed by Yuyi et al. can overcome the known problems. According to evaluation results obtained by computer simulations implemented with the OMNeT++, the CBR routing protocol outperforms the AODV, GPSR, and DSR protocols in the sense of the packet delivery ratio and the message overheads.
Engineering and Technology Publishing, 01 Feb. 2017, Journal of Communications, 12 (2), 137 - 144, English[Refereed]
Scientific journal
Many physical devices and sensors make it possible to obtain more localized data and applications which provide more localized information for users will appear. Generally, those applications use a storage server for computing location-dependent data. Traffic of Internet of Things (IoT) devices may cause concentration, when data is stored into a server. It is desirable that each location-dependent data is stored in each area, because each data request can be processed there and each user can get the data from a nearby server. This paper proposes the virtual storage with Key-Value Stores over Named Data Networking. In proposed system, the location-dependent data is cached in local servers, which are located at network edge, and each user can get the data from a nearby local server. We evaluate the proposed system by simulation from the views of delay time and energy consumption. We compare the proposed system with the conventional system, in which all data is stored in a certain server and all users retrieve it from the server. We show that the proposed system can reduce the both of delay time and energy consumption compared with the conventional system.
IEEE, 2017, 2017 14TH IEEE ANNUAL CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE (CCNC), 95 - 102, English[Refereed]
International conference proceedings
By exchanging the information on the status and the surrounding environment between devices, devices can determine the optimal action. We focus on the construction of a digital signature scheme for local broadcast, which allows the devices with limited resources to securely transmit broadcast messages. A multi-group authentication scheme that enables a node to authenticate its membership in multi verifiers by the sum of the secret keys has been proposed for its use on devices with limited resources. This paper proposes a multi-group signature scheme by converting the multi-group authentication via the Fiat-Shamir transform. In the proposed scheme, a sender can sign a message by the secret keys which multiple certification authorities issue and the signature can validate the authenticity and integrity of the message to multiple verifiers. By comparing the proposed scheme with a code-based signature scheme, where a sender signs a message by individual secret key as many times as the number of the secret key and each of verifiers verify each signature, the proposed scheme provides efficient multi-group signature in terms of the amount of transmitted data.
IEEE, 2017, 2017 14TH IEEE ANNUAL CONSUMER COMMUNICATIONS & NETWORKING CONFERENCE (CCNC), 449 - 454, English[Refereed]
International conference proceedings
- Nov. 2016, 電気関係学会関西連合大会, (G11-6), 342 - 343, Japanese電子鑑識の動向とネットワークフォレンジック
[Invited]
Symposium
- Nov. 2016, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2016-44, 31 - 35, Japaneseリンクマイニングによる悪性Webサイトの検知性能
Symposium
- 情報処理学会, Oct. 2016, コンピュータセキュリティシンポジウム, (2C1-3), 332 - 339, Japanese近隣サービスで同時検証するためのマルチグループ署名
Symposium
- Oct. 2016, 電子情報通信学会論文誌D, Vol.J99-D (No.10), 1050 - 1054, Japanese
[Refereed]
Scientific journal
- 情報処理学会, Oct. 2016, コンピュータセキュリティシンポジウム, (2F2-2), 496 - 502, Japanese悪性Webサイトを分析するためのマルチ環境解析における通信ログ解析の効率化
Symposium
- 情報処理学会, Oct. 2016, コンピュータセキュリティシンポジウム, (3B4-2), 1229 - 1233, Japaneseリンク構造を用いた悪性Webサイトの検知法
Symposium
- Oct. 2016, 電子情報通信学会論文誌D, Vol.J99-D (No.10), 1022 - 1033, Japanese
[Refereed]
Scientific journal
- Jun. 2016, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2016-5, 25 - 30, Japanese局所的な同報通信のためのマルチグループ署名方式
Symposium
- Jun. 2016, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2016-11, 57 - 62, Japaneseマルチ環境解析を用いた悪性Webサイトの分析について
Symposium
- Jun. 2016, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), ICSS2016-12, 63 - 68, Japaneseマルチ環境でのDrive-by-Download攻撃のリンク構造解析について
Symposium
- Jun. 2016, 電子情報通信学会技術研究報告(情報通信システムセキュリティ), vol. 116 (no. 80, ICSS2016-7), 33 - 38, JapaneseNamed Data Networking上の仮想ストレージとエリア限定情報配信
Symposium
TPM-embedded devices can be used as authentication tokens by issuing certificates to signing keys generated by TPM. TPM generates Attestation Identity Key (AIK) and Binding Key (BK) that are RSA keys. AIK is used to identify TPM. BK is used to encrypt data so that specific TPM can decrypt it. TPM can use for device authentication by linking a SSL client certificate to TPM. This paper proposes a method of an AIK certificate issuance with OpenID and a method of the SSL client certificate issuance to specific TPM using AIK and BK. In addition, the paper shows how to implement device authentication system using the SSL client certificate related to TPM.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Apr. 2016, IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, E99D (4), 1052 - 1061, English[Refereed]
Scientific journal
- Mar. 2016, IEICE Technical Report (Information Communication System Security), (ICSS2015-49), 13 - 18, JapaneseStorage-Efficient Packet Classification for Resource-Constrained Devices
Symposium
- Mar. 2016, IEICE Technical Report (Information Communication System Security), (ICSS2015-69), 135 - 140, JapaneseA Blind Signature-based Pre-Shared Key Exchange for Cyber-Physical Systems
Symposium
- Feb. 2016, 情報処理学会研究報告(高度交通システムとスマートコミュニティ研究会), 2016-ITS-64 (2), JapaneseLT Network Codes Enabled Information-Centric Networking
Symposium
Information Centric Networking (ICN) is a promising paradigm for the future architecture of the Internet. Content Centric Networking (CCN) is an instantiation of the ICN paradigm. The challenging areas of CCN include congestion control, availability, security, etc. We focus on security, especially secure communications. Some schemes applying identity-based encryption (IBE) for content encryption over CCN have been proposed. However, such schemes generally have the key escrow problem that the private key generator which issues decryption keys to receivers can decrypt any ciphertext passively. We propose an IBE scheme approach to the problem by combining partial-double encryption, interest trace back, cut-through fragment forwarding and multi-path routing. Our scheme is IND-ID-CPA secure in the random oracle model.
Information Processing Society of Japan, 15 Jan. 2016, Journal of Information Processing, 24 (1), 2 - 8, English[Refereed]
Scientific journal
Information-Centric Networking advocates ubiquitous in-network caching to enhance content distribution. Nonsafety application in vehicular communications is emerging beyond the initial safety application. However, content distribution based on TCP/IP Internet service in vehicular networks suffers from typical issue of low delivery ratio in urban environments, where high buildings block or attenuate the radio propagation as well as short radio coverage range. In order to solve this issue to deliver proximity marketing files, in this paper we propose in-network caching scheme in vehicular networks in accordance with traffic features, in which every vehicle is treated as either a subscriber to request a file or as a cache node to supply other nodes so as to accelerate file transmission effectively. Cache strategy of leave copy everywhere is uncoordinated and distributed, which fits the random and dynamic vehicular network. The performance evaluation is carried out by comparing the proposed scheme with the legacy solution of TCP/IP based scheme using simulation tools of OMNeT++ and Veins and SUMO, which is supplied with real-world urban map associated with random but reasonable traffic routes generated by our designed software for every vehicle. The simulation results validate the proposed scheme in four aspects: robustness resisting obstacle buildings, reliability and scalability in different traffic loads, low utilization ratios of RSUs and Internet resource, and efficiency of cache functions.
HINDAWI PUBLISHING CORP, 2016, INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2016, English[Refereed]
Scientific journal
Recently, cloud storage systems have been used for various purposes. For example, they are used for content delivery because it is possible to improve responses distributing data for end users by geographically distributed multiple storage nodes. Applications can use them as infrastructures for computing. In the cases, it is desirable that each client node can retrieve the desired data from a nearby storage node for the faster response for end users. In Internet-scaled cloud storage systems, Key-Value Stores(KVS) is used to manage data and it provides REST(Representational State Transfer) API, in which each data has a unique URI(Uniform Resource Identifier) and clients can access the data by the defined methods. The architecture has a high affinity to the CCN (Content-Centric Networking) architecture, on which each data has a unique "Name" to identify it. Over the CCN architecture, data is cached in intermediate-nodes relaying it and the communication is not based on server's IP address but data's "Name." Therefore each client node retrieves desired data from a nearby node caching it. In this paper, in order to improve the response for end users, we propose the cloud storage with KVS over the CCN architecture as a new cloud system. The response time of proposed system is measured with a simple simulation. The results show that the proposed system has better performance than the cloud storage built in distributed data centers over the TCP/IP architecture.
IEEE, 2016, 2016 IEEE 7TH ANNUAL UBIQUITOUS COMPUTING, ELECTRONICS MOBILE COMMUNICATION CONFERENCE (UEMCON), 2016 (UEMCON), 6, English[Refereed]
International conference proceedings
It has been shown that identity-based encryption with keyword search (IBEKS) can be constructed from level-2 anonymous hierarchical identity-based encryption (A-HIBE). A-HIBE is more complicated than nonanonymous HIBE (NA-HIBE). We have shown the definition of Ciphertext Divided A-HIBE (CD-A-HIBE). The basic idea of CD-A-HIBE is to make it possible to regard NA-HIBE as A-HIBE by dividing ciphertext into two parts so as not to leak the information of identity from the original ciphertext of NA-HIBE. We also have shown a concrete construction of CD-A-HIBE from BB1-HIBE, which is one of the NA-HIBE schemes and transformed BB1-CD-A-HIBE to IBEKS whose ciphertext is divided (CD-IBEKS). Then, the computational cost of CD-IBEKS is shown to be often more reasonable than that of IBEKS. In this paper, we show what type of NA-HIBE not limited to BB1-HIBE can be used for constructing CD-A-HIBE and how to transform a certain type of NA-HIBE to CD-A-HIBE generally. Then, we prove that these CD-A-HIBE schemes have indistinguishability and anonymity. The general transformation from CD-A-HIBE to CD-IBEKS is also shown. We prove that these CD-IBEKS schemes have indistinguishability.
Information Processing Society of Japan, 15 Sep. 2015, Journal of Information Processing, 23 (5), 562 - 569, English[Refereed]
Scientific journal
- Sep. 2015, 第14回情報科学技術フォーラム講演論文集, 4, 61 - 64, JapaneseSecurity Measures to Share De-identified Data among Multi-centers for Longitudinal Studies
[Refereed]
Symposium
- 情報処理学会, Jul. 2015, マルチメディア,分散,協調とモバイル(DICOMO2015)シンポジウム, 1589 - 1599, JapaneseAttribute Revocable Attribute-Based Encryption with Forward Secrecy for Military Networks
[Refereed]
Symposium
- Jul. 2015, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), (ICSS2015-34), 143 - 149, JapaneseOn Anxiety Factors in Indirect Use for Cloud Type Medical Systems
Symposium
- 情報処理学会, Jul. 2015, マルチメディア,分散,協調とモバイル(DICOMO2015)シンポジウム, 1772 - 1779, JapaneseVehicular Cloud Storage Based on Key-Value Storage over Content-Centric Network
[Refereed]
Symposium
- Jun. 2015, International Journal of Research Studies in Computing, 4 (1), English
[Refereed]
Scientific journal
- Mar. 2015, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 13 - 17, Japanese預託データの非集中化機能について
Symposium
- Mar. 2015, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 7 - 12, Japanese即時認証機能付きセッション鍵交換と視聴覚メディアの効果
Symposium
- Mar. 2015, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 123 - 128, Japanese情報システム・サービスの利用者の利用意図による安心感・納得感・利用意図の関係について
Symposium
- Mar. 2015, 情報処理学会論文誌, 56 (3), 932 - 941, Japanese情報システム・サービスの利用者の安心感と納得感の要因に関する調査
[Refereed]
Scientific journal
- Mar. 2015, 情報処理学会第77回全国大会, 469 - 470, Japaneseミリタリーネットワークのための複数の属性管理機関を持つ属性失効機能付き属性ベース暗号
Symposium
- Mar. 2015, 情報処理学会第77回全国大会, 151 - 152, Japaneseエリア限定コンピューティングのためのVehicular Cloud Storageの検討
Symposium
- Mar. 2015, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 1 - 6, Japaneseエリア限定コンテンツ配信のための無線マルチホップキャッシュネットワーク
Symposium
- Mar. 2015, Proc. of The 77th National Convention of Information Processing Society of Japan, 57 - 58, EnglishTowards Usage Reduction of Infrastructure Resource for Regional Content Distribution
Symposium
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on a cloud storage system. In CP-ABE, the data owner encrypts data under the access structure over attributes and a set of attributes assigned to users is embedded in user's secret key. A user is able to decrypt if his attributes satisfy the ciphertext's access structure. In CP-ABE, processes of user's attribute revocation and grant are concentrated on the authority and the data owner. In this paper, we propose a ciphertext-policy attribute-based encryption scheme delegating attribute revocation processes to Cloud Server by proxy re-encryption. The proposed scheme does not require generations of new secret key when granting attributes to a user and supports any Linear Secret Sharing Schemes (LSSS) access structure. We prove that the proposed scheme is secure against attack by unauthorized users and Cloud Server.
SPRINGER HEIDELBERG, Mar. 2015, HUMAN-CENTRIC COMPUTING AND INFORMATION SCIENCES, 5 (1), English[Refereed]
Scientific journal
- Mar. 2015, IEICE Technical Report (Information Communication System Security), 169 - 174, EnglishPartially Doubly-Encrypted Identity-Based Encryption for Content Centric Networking
Symposium
- Mar. 2015, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), 43 - 48, JapaneseDrive-by-Download攻撃のリンク構造解析
Symposium
- Attribute Revocable Attribute-Based Encryption with Forward Secrecy for Fine-Grained Access Control of Shared Data
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on a cloud storage system. In ABE, to revoke users' attributes, it is necessary to make them unable to decrypt ciphertexts. Some CP-ABE schemes for efficient attribute revocation have been proposed. However, they have not been given formal security proof against a revoked user, that is, whether they satisfy forward secrecy has not been shown or they do not achieve fine-grained access control of shared data. We propose an attribute revocable attribute-based encryption with forward secrecy for fine-grained access control of shared data.
The Institute of Electronics, Information and Communication Engineers, Mar. 2015, IEICE Technical Report (Information Communication System Security), 114 (489), 181 - 186, EnglishSymposium
- Mar. 2015, IEICE Technical Report (Information Communication System Security), 175 - 179, EnglishA Transformation from Attribute-based Encryption to Associative Searchable Encryption by Using Hash Function
Symposium
- Mar. 2015, IEICE Technical Report (Information Communication System Security), 139 - 144, EnglishA Multi-Party Optimistic Certified Email Protocol Using Verifiably Encrypted Signature Scheme For Line Topology
Symposium
- Feb. 2015, International Journal of Digital Information and Wireless Communications, 5 (1), 52 - 59, EnglishCiphertext Diverge-Merge Scheme of Identity-Based Encryption for Cloud-Based File Transmission Service
[Refereed]
Scientific journal
ICN/CCN advocates ubiquitous in-network caching to enhance content distribution. Non-safety application in vehicular communication is emerging beyond the initial safety application. However, it suffers from a typical issue of low delivery ratio in urban environments, where high buildings block and attenuate the radio propagation from RSU infrastructures as well as other technical issues. In this paper, LCE in-network caching strategy with LRU algorithm in vehicular networks is proposed according to traffic characteristics in metropolitan areas. We compare this scheme with the legacy TCP/IP based scheme by simulation tools of OMNeT++ & Veins and SUMO. The simulation results validate that the proposed scheme could achieve stronger robustness against obstacles, higher file capture rate and less dependency on RSU infrastructure.
IEEE, 2015, 2015 SEVENTH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS, 2015-August, 551 - 556, English[Refereed]
International conference proceedings
While many two-party fair exchange protocols have been proposed, more than three-party fair exchange protocol is required depending on a type of applications. Asokan et al. have proposed a multi-party fair exchange protocol for mesh topology. This scheme can be adapted to all kinds of topologies but requires much communication costs, which is 4n(n-1) passes in the all n-participators honest cases and 8n(2)-n-10 passes in the worst case. In previous works, more efficient and multi-functional schemes specialized for a kind of topologies have been proposed but most of these are for ring topology and star topology. Zhou et al. have proposed an efficient multi-party contract signing protocol for line topology. It is shown the two protocols such that a simple protocol which is completed with 4(n-1) passes in the all honest cases and 5n-3 passes in the worst case and an optimized protocol which is completed with 3(n-1) passes in the all honest cases and 4n-2 passes in the worst. This result means that a fair exchange protocol for line topology is efficient in a number of communications nevertheless a certified email protocol specialized for line topology has not been proposed. That is, a certified email protocol run on line topology is only a protocol for mesh proposed by Asokan et al. adapted to line topology, therefore there is large room for reducing a number of communications by specializing for a certified email protocol. In this paper, we propose a three-party certified email protocol for line topology towards a design of n-party protocol. The proposed protocol has such basic properties of certified email as fairness, non-repudiation, trusted third party invisibility and timeliness, as same as the previous works. Our scheme is completed with eight passes in the case of all honest and twelve passes in the worst. The communication cost is less than the Asokan et al.'s scheme with 24 (n=3) passes even if the all n-participators are honest.
IEEE, 2015, 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing (CSCloud), 260 - 265, English[Refereed]
International conference proceedings
- 電子情報通信学会, Jan. 2015, 2015年暗号と情報セキュリティシンポジウム(SCIS2015), 4D1 - 2, Japanese情報システム・サービスの利用者の利用意図による安心感・納得感の関係について
Symposium
Packet classification is an essential function in Internet routers that provides advanced network services such as virtual private networks (VPNs) and quality of service (QoS). Decision tree-based packet classification algorithms such as HiCuts and HyperCuts allow the tradeoff between storage and throughput in the experimental result with the real life rulesets. However, the memory consumption of these algorithms remains high when high throughput is required. In this paper, we propose the tree data structure whose storage is small maintaining high throughput. It is based on the two ideas: The first is to use Level Ordered Unary Degree Sequence (LOUDS) which is a succinct representation of a tree structure. A general tree of n nodes is usually represented in pointer form, requiring 64n bits in 64-bit architecture, whereas LOUDS requires 2n+o(n) bits. Because LOUDS can access any child node from its parent one in constant time, the tree traversal is fast. The second is reducing the information contained in the tree node. This also reduces storage requirements without affecting search speed. The proposed data structure requires up to approximately one ninth less memory than pointer-formed tree, and the time complexity of a packet classification is equivalent to the pointer-formed tree.
IEEE, 2015, PROCEEDINGS OF 2015 THIRD INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR), 487 - 490, English[Refereed]
International conference proceedings
Disruption-tolerant network technologies are becoming solutions to access the confidential information or command by exploiting external storage node. It is necessary to encrypt the shared data to prevent illegal access to ciphertext by the third party. It is expected that commanders could control whether the user can decrypt the ciphertext or not. Besides, it is essential that a key authority distributing keys to users is decentralized to several authorities for avoiding the invasion from enemy. Thus, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) as a suitable encryption scheme for confidential data share and transmission is attracted attention under the military environment. In CP-ABE, the secret key of a user is associated with a set of atrributes; when attributes satisfy the access structure, the ciphertext is able to be decrypted. In this paper, we propose a CP-ABE scheme which can revoke attribute immediately with no updating user's secret key for attribute revocation. In addition, the length of key and ciphertext are fixed. Furthermore the proposed scheme has been compared with other CP-ABE schemes in key size, ciphertext size to validate its efficiency.
IEEE, 2015, PROCEEDINGS OF 2015 THIRD INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR), 491 - 494, English[Refereed]
International conference proceedings
- Dec. 2014, 電子情報通信学会論文誌D, J97-D (12), 1696 - 1700, Japanese複数のSNSと連携する災害時支援システムのアプリケーション開発のためのデータ入出力統合フレームワーク
[Refereed]
Scientific journal
- Dec. 2014, 電子情報通信学会論文誌D, J97-D (12), 1729 - 1732, Japanese当事者のプライバシーを考慮したログの保管とその監査の手法
[Refereed]
Scientific journal
- Dec. 2014, 電子情報通信学会論文誌D, J97-D (12), 1701 - 1704, Japaneseイベント・アクション制御に基づくファイルシステムの提案
[Refereed]
Scientific journal
- Dec. 2014, 電子情報通信学会論文誌D, J97-D (12), 1719 - 1721, JapaneseWindows APIフックを用いた通信監視による不正なPDFファイルの検知
[Refereed]
Scientific journal
- Oct. 2014, 情報処理学会論文誌, 55 (10), 2256 - 2264, Japanese前方秘匿性を満たす属性失効機能付き属性ベース暗号
[Refereed]
Scientific journal
- 情報処理学会, Oct. 2014, コンピュータセキュリティシンポジウム2014(CSS2014), 1222 - 1229, Japanese情報システム・サービスの利用者の安心感・納得感・利用意図の関係について
Symposium
- 情報処理学会, Oct. 2014, コンピュータセキュリティシンポジウム2014(CSS2014), 551 - 558, Japanese暗号文分割型のIDベース検索可能暗号の構成
Symposium
- Sep. 2014, 情報処理学会論文誌, 55 (9), 2159 - 2167プライバシー情報を登録する利用者の安心感の要因に関する調査
[Refereed]
- 情報処理学会/電子情報通信学会, Sep. 2014, 第13回情報科学技術フォーラム, 4, 59 - 62, Japanese医療クラウドサービスの間接的利用の不安因子について
[Refereed]
Symposium
- 情報処理学会, Aug. 2014, 情報処理学会論文誌, 55 (8), 1778 - 1786, JapaneseDual-Purpose Information Sharing System for Direct User Support in Both Ordinary and Emergency Times
[Refereed]
Scientific journal
- Jul. 2014, 情報処理学会研究報告(セキュリティ心理学とトラスト研究会), 2013-SPT-10 (29), Japanese情報システム・サービスの利用者の安心感と納得感の関係について
Symposium
- Jul. 2014, マルチメディア,分散,協調とモバイル(DICOMO2014)シンポジウム予稿集, 2001 - 2004, Japanese視聴覚メディアによる即時認証機能を付加した鍵交換方式
[Refereed]
Symposium
- Jul. 2014, マルチメディア,分散,協調とモバイル(DICOMO2014)シンポジウム予稿集, 752 - 757, Japanese検索可能暗号の検索応答時間を一定にする簡潔データ構造を用いた索引手法
[Refereed]
Symposium
- Jun. 2014, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), 114 (71), 61 - 65, Japanese簡潔データ構造を用いたパケットフィルタリングのリスト表現
Symposium
- Jun. 2014, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), 114 (71), 67 - 72, JapaneseWebベース暗号化ファイル送受信システムとそのOpenIDへの対応
Symposium
- Mar. 2014, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 113 (479), 149 - 154, Japanese臨床研究のための個人識別情報非可視型連結可能システム
Symposium
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 601 - 602, Japanese当事者のプライバシーを考慮したログの保管とその監査について
Research society
- Mar. 2014, 情報処理学会研究報告(セキュリティ心理学とトラスト研究会), 2013-SPT-8 (16), Japanese情報システム・サービスの利用者の安心感と納得感に関する調査
Symposium
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 405 - 406, Japanese検索可能暗号を高速化するための簡潔データ構造を用いた索引手法
Research society
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 607 - 608, Japaneseマルチ環境解析を利用した悪性Webサイトアクセス時のリスク分析支援
Research society
- Mar. 2014, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), 113 (502), 161 - 166, Japaneseマルチ環境解析を利用した悪性Webサイトアクセスが及ぼす影響の分析支援
Symposium
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 367 - 368, Japaneseネットワーク符号化通信における近隣ノードの未受信シンボル推定に基づく再符号化手法
Research society
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 365 - 366, Japaneseネットワーク符号化を用いたリンクロス推定と中間ノードにおけるバッファリングについて
Research society
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 643 - 644, Japaneseネットワーク上でデータと所有者を直接的に紐付けできるステガノグラフィを用いたデータ共有
Research society
- Mar. 2014, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 113 (479), 137 - 141, Japaneseクラウド型ファイル送信サービスのためのIDベース暗号方式とその評価
Symposium
- Mar. 2014, 電子情報通信学会論文誌D, J79-D (3), 514 - 522, JapaneseAn Application Framework for Order-Stamping System Using TPM
[Refereed]
Scientific journal
- Mar. 2014, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), 113 (502), 25 - 30, JapaneseTPMを用いたSSLクライアント認証 ~ OpenIDによる公開鍵証明書の発行とSSLクライアント証明書による端末認証の実現 ~
Symposium
- Mar. 2014, Technocal Report of Information Processing Society of Japan (Intelligent Transport Systems), 2014-ITS-56 (6), EnglishReading Out Scheme for Digitally Signed Random Network Coded Communication on VANET
Symposium
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 597 - 598, JapaneseOpenIDを用いたTPMの公開鍵証明書発行とSSLクライアント認証
Research society
- Mar. 2014, 情報処理学会第76回全国大会講演論文集, 595 - 596, JapaneseOpenIDに対応したWebサービスIDで認証可能なWebベース暗号化ファイル送受信システム
Research society
- Mar. 2014, 電子情報通信学会技術研究報告(情報通信システムセキュリティ研究会), 113 (502), 19 - 24, JapaneseIDベース暗号とIDベース署名を用いた配達証明付きデータ送信の一般的な構成
Symposium
- Mar. 2014, Technocal Report of Information Processing Society of Japan (Intelligent Transport Systems), 2014-ITS-56 (5), EnglishCertificate Revocation List Distribution with Low Frequency Transmission Type Network Coded Communication Using Estimated Unreceived Symbols Broadcast for ITS
Symposium
Data sharing on the cloud server is used because of the low management cost and its convenience. It is desirable for data to be stored on the cloud server in encrypted form for its confidentiality. To address the problem of searching on encrypted data, many searchable encryption schemes have been proposed. The searchable encryption enables the server to perform the keyword search on encrypted data without learning anything about the keyword and the original data. Some schemes have a function of access control over the encrypted data. But in these schemes the number of users providing the encrypted data to the server or performing the keyword search on encrypted data is limited. We propose a searchable encryption scheme with access control which does not limit the number of users providing and searching on the encrypted data. © 2014 Springer-Verlag.
Springer Verlag, 2014, Lecture Notes in Electrical Engineering, 276, 113 - 118, English[Refereed]
International conference proceedings
File transfer service demands that what users have to do is as little as possible and that no one can see the contents of a file except for a sender and a receiver of the file. In identity-based cryptography (IBC), one can use receiver's identity (ID) as a public key. There is no need to maintain public key certificates and to communicate preliminarily to get public keys. However, in common identity-based encryption (IBE), the decryption right is concentrated on the Private Key Generator (PKG) which generates every user's private key. Therefore, the PKG is asked for complete trust which is difficult to find in many realistic scenarios. In this paper, we propose an encryption scheme which encrypts a message doubly. By using our scheme, the decryption right is distributed to three servers, and the only receiver can decrypt ciphertext. © 2014 Springer-Verlag.
Springer Verlag, 2014, Lecture Notes in Electrical Engineering, 276, 139 - 144, English[Refereed]
International conference proceedings
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on a cloud storage system. In CP-ABE, the data owner encrypts data under the access structure over attributes and a set of attributes assigned to users is embedded in user's secret key. A user is able to decrypt if his attributes satisfy the ciphertext's access structure. In CP-ABE, processes of user's attribute revocation and grant are concentrated on the authority and the data owner. In this paper, we propose a ciphertext-policy attribute-based encryption scheme delegating attribute revocation processes to Cloud Server by proxy re-encryption. The proposed scheme does not require generations of new secret key when granting attributes to a user and supports any Linear Secret Sharing Schemes (LSSS) access structure. © 2014 Springer-Verlag.
Springer Verlag, 2014, Lecture Notes in Electrical Engineering, 276, 119 - 125, English[Refereed]
International conference proceedings
- Jan. 2014, 情報処理学会研究報告(コンシューマ・デバイス&システム研究会), 2014-CDS-9 (21), Japaneseステガノグラフィを用いた第三者の仲介不要なセッション鍵共有方式
Symposium
- Jan. 2014, 情報処理学会研究報告(コンシューマ・デバイス&システム研究会), 2014-CDS-9 (22), JapaneseOpenIDにより利用者認証を分離したTPMの公開鍵証明書発行方式
Symposium
Packet filtering is a function to determine whether a packet is allowed to forward or not by applying rules to a packet. Filtering packets can improve security and performance. Linear search is the simplest and a storage-efficient algorithm. The time to filter a packet grows linearly with the number of rules. If an action list which stores actions (allow or drop) for all manner of packet headers is pre-computed from a rule set, routers can filter a packet in constant time. The list is called Direct Accessible Filter (DAF) in this paper. However, DAF requires large storage. This paper proposes DAF using succinct data structures which are low storage requirement and support fast query. We apply succinct representation techniques to DAF and aim at low storage requirement. Theoretical and experimental results show that DAF using succinct data structure enjoys low storage requirement and constant search speed.
IEEE, 2014, 2014 SECOND INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR), 514 - 518, English[Refereed]
International conference proceedings
- Dec. 2013, 第11回情報学ワークショップ(WiNF2013)論文集, (6-A-2), Japaneseネットワーク上でデータと所有者を直接的に紐付けできるステガノグラフィを用いたデータ共有
Symposium
- Nov. 2013, 電子情報通信学会技術研究報告(ライフインテリジェンスとオフィス情報システム研究会), 113 (327), 45 - 50, Japaneseネットワーク符号化を用いたノード間リンクロス率の推定手法の評価について
Symposium
- Oct. 2013, コンピュータセキュリティシンポジウム2013(CSS2013)予稿集, 396 - 403, Japanese挙動を変える悪性Webサイトのマルチ環境解析
Symposium
- Oct. 2013, 情報処理学会研究報告(セキュリティ心理学とトラスト研究会), 2013-SPT-7 (9), Japanese“Sleights of Privacy: Framing, Disclosures, and the Limits of Transparency”の紹介
Symposium
- Oct. 2013, 情報処理学会研究報告(セキュリティ心理学とトラスト研究会), 2013-SPT-7 (5), Japanese“Confused Johnny: When Automatic Encryption Leads to Confusion and Mistakes”の紹介
Symposium
- 情報処理学会/電子情報通信学会, Sep. 2013, 第12回情報科学技術フォーラム, 4, 105 - 110, Japaneseプロセッサ抽象化API利用アプリケーションの並列処理タスクへのプロセッシングエレメントの動的な配分機構のAndroid実装
[Refereed]
International conference proceedings
- 情報処理学会/電子情報通信学会, Sep. 2013, 第12回情報科学技術フォーラム, 4, 87 - 90, Japaneseスマートハウスにおける電力変動からの不正アクセス検知の検討
[Refereed]
International conference proceedings
- Jul. 2013, マルチメディア,分散,協調とモバイル(DICOMO2013)シンポジウム予稿集, 2013, 2075 - 2082, Japanese複数サーバに復号権限を分散したWebベースファイル送受信システム
[Refereed]
Symposium
- 情報処理学会, Jul. 2013, 情報処理学会論文誌 コンシューマ・デバイス&システム, 3 (3), 11 - 19, JapaneseA Dynamic Processor Resources Allocation Scheme for Energy Saving
[Refereed]
Scientific journal
- Jul. 2013, マルチメディア,分散,協調とモバイル(DICOMO2013)シンポジウム予稿集, 215 - 221, Japanese前方秘匿性を満たす属性失効機能付き属性ベース暗号
[Refereed]
Symposium
- Jul. 2013, マルチメディア,分散,協調とモバイル(DICOMO2013)シンポジウム予稿集, 264 - 270, Japanese暗号プロトコルの実装を支援するためのアプリケーションフレームワーク
[Refereed]
Symposium
- Jul. 2013, マルチメディア,分散,協調とモバイル(DICOMO2013)シンポジウム予稿集, 858 - 864, Japaneseプライバシー情報を登録する利用者の安心感の要因に関する調査
[Refereed]
Symposium
- Jul. 2013, マルチメディア,分散,協調とモバイル(DICOMO2013)シンポジウム予稿集, 1913 - 1921, Japaneseデータ入出力統合フレームワークによる複数のSNSと連携するアプリケーション開発の支援
[Refereed]
Symposium
- Jul. 2013, マルチメディア,分散,協調とモバイル(DICOMO2013)シンポジウム予稿集, 208 - 214, Japaneseアクセス制御機能付き検索可能暗号のIDベース暗号からの構成
[Refereed]
Symposium
信頼できる時刻情報によりデータがいつから存在していたかを証明するタイムスタンプ技術がある.しかし,時刻情報だけでは順序関係が分からないこ とから,データの紛失の検知や全て揃っていることの保証はできない.本稿ではセキュリティチップTPMを用いたVirtual Monotonic Counterが出力する信頼できる通し番号によりデータの順序関係を保証する順序認証システムを提案する.提案システムの実装で手間となるTPMの利用部分を隠蔽し,Java開発者であればシステムの実装が可能となるライブラリを開発した.ライブラリを用いて順序認証システムを試作したところステップ数が約75%削減された.
情報処理学会, 06 Mar. 2013, 第75回全国大会講演論文集, 2013 (1), 595 - 596, JapaneseThe massive disappearance of data is caused by natural disaster, terrorism, fire accidents and so on. If data is stored on an online storage service, the information system can be resumed speedily. To create web applications, Representational State Transfer (REST)-based APIs are offered in some online storage services. However, to modify the system, we have to migrate application data to the online storage service, and have to change file reading/writing operation to related application codes. In this paper, we propose a conversion method from the operations for local file system into HTTP requests for online storage by converting the source code. In the execution of converted code, the file reading/writing operation through networks causes the access delay. Thus, we present a cache function that stores and operates data on local storage in order to reduce the access delay. © 2013 Springer Science+Business Media.
2013, Lecture Notes in Electrical Engineering, 214 (214), 223 - 231, English[Refereed]
International conference proceedings
- Jan. 2013, 2013年暗号と情報セキュリティシンポジウム(SCIS2013)予稿集, JapaneseTPMを用いたVirtual Monotonic Counterの階層型接続による順序認証方式
Public Key Infrastructure Time-Stamp Protocol (PKI TSP) is standardized in RFC3161. In the PKI TSP, a TSA (Time Stamping Authority), which is a trusted third party, authenticates the time-stamp. In this model, the time-stamp authentication depends on the TSA, and a client must be in online status. This paper proposes an offline time-stamp scheme. The proposed scheme authenticates the time-stamp, even when a client cannot communicate with the TSA. The TSA delegates the authority of time-stamp authentication to a client which has been authenticated by a certification authority (CA) using a TPM (Trusted Platform Module). Then a client authenticates the time-stamp using the TPM. The paper also shows that the proposed scheme using the TPM can detect the falsification and forgery of the time.
Information Processing Society of Japan, 15 Sep. 2012, IPSJ Journal, 53 (9), 2117 - 2129, Japanese[Refereed]
Scientific journal
- Sep. 2012, 第11回情報科学技術フォーラム講演論文集, 4, 45 - 50センターから端末への動的なコードの配布・実行・検証機構
[Refereed]
- TPMを用いたオフライン型タイムスタンプシステム
データに対するアクセス権限を持つ者は容易に情報を持ち出せる。アクセス権限を持つ者が情報漏えいをしていないことを示すために,アプリケーションに対して不正な操作をしていないことをログによって示すことを考える。ログの法的証明力を高めるための要件の一つにログの記録日時を証明することが挙げられている。本稿では,端末利用者のアプリケーションに対する操作のログの記録日時を証明する要素技術となるタイムスタンプシステムを提案する。RFC3161で標準化されたタイムスタンプ技術があるが,端末がインターネットに接続できないときは日時を証明できない。本システムはインターネット接続できないオフライン状態でも記録日時が証明できる特徴を持つ。
27 Jun. 2012, マルチメディア,分散,協調とモバイル(DICOMO2012)シンポジウム予稿集, 2305 - 2314, Japanese - Last, Apr. 2012, 電子情報通信学会論文誌, J95-D (4), 799 - 811ActionScriptによるηTペアリング演算ライブラリー
[Refereed]
Scientific journal
RFC3161準拠のタイムスタンプシステムでは,時刻認証の度に外部と通信する必要があり,災害時などのネットワークアクセスができない状況では時刻認証ができない.我々は既に,ローカルでの時刻認証を目的として,セキュリティチップTPMを用いたオフライン型タイムスタンプの提案とその安全性の評価をしている.本稿では,TPM搭載端末上でオフライン型タイムスタンプシステムのクライアントを実装するためのJavaライブラリについて述べる.本ライブラリはIAIKが公開しているTPMのライブラリを利用してタイムスタンプ関連の処理やTPM関連の処理を実装している.本ライブラリを用いることで,十数行のコードでオフライン型タイムスタンプシステムのクライアントを実装することができる.
06 Mar. 2012, 第74回全国大会講演論文集, 619 - 620, JapaneseThere are various studies and developments to notice the traffic information to drivers in the field of Intelligent Transport System (ITS) so that they can prevent traffic accidents. Vehicles must be timely transmitted information with integrity, since it influences an action of vehicles indirectly. Digital signature provides reliability for the information. In high vehicle density area, the vehicles may receive many packets. If each vehicle verifies all signatures of received packets, the transmission delay increases. Increasing of the expired packets causes decrease of the received rate. In this paper, we propose a method for controlling the number of verification dynamically in order to decrease the transmission delay. The proposed method can suppress fall of the received rate.
IEEE, 2012, 2012 12TH INTERNATIONAL CONFERENCE ON ITS TELECOMMUNICATIONS (ITST-2012), 624 - 628, English[Refereed]
International conference proceedings
- A Distribution Scheme of Certificate Revocation List by Inter-vehicle Communication Using a Random Network Coding
Intelligent Transport System (ITS) is for resolving traffic accidents and congestion by using information and communications technology. It is important to ensure the reliability of data in ITS. Public key encryption and digital signature are used for data security. Certification authority (CA) issues a certificate for a public key and manages a certificate revocation list (CRL). While a vehicle moves, it cannot always access the network infrastructure such as road side unit (RSU). If the distribution of CRL is slowly, a vehicle cannot verify the validity of a certificate correctly. This paper proposes a CRL distribution scheme by inter-vehicle communication using random network coding in the situations near intersections with high vehicle density.
IEEE, 2012, 2012 INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY AND ITS APPLICATIONS (ISITA 2012), 392 - 395, English[Refereed]
International conference proceedings
Some time-stamping services are on business for protection of a document. A user can get the time-stamp just by connecting a terminal to the internet. However, if the user cannot connect to the internet, the document cannot be protected. Without regard to the internet access, if the user can get the time-stamp anywhere, time-stamping can use in many other situations. This paper proposes an offline time-stamping scheme. The scheme generates the time-stamp in a user's terminal using TPM. TPM is a security chip. In this scheme, TPM is used for preventing a terminal user from generating a time-stamp containing falsified time. This paper shows an example of a design and an implementation of an offline time-stamping system based on the scheme. The system is designed in the REST-over-HTTP style. By using HTTP, the development is simplified because it is not necessary to build an interface, API, or others for each system a developer need to build. The implemented system can issue a time-stamp about 1,140ms under the experimental environment.
IEEE, 2012, 2012 IEEE INTERNATIONAL CONFERENCE ON CONTROL SYSTEM, COMPUTING AND ENGINEERING (ICCSCE 2012), 404 - 409, English[Refereed]
International conference proceedings
Digital time-stamp is a component for making a digital evidence of data. It proves that there has been a data since a particular time, and the data has not been falsified after time-stamping. A PKI-based time-stamping scheme is standardized in RFC3161. In the scheme, Time Stamping Authority (TSA), which is a trusted third party, issues a digital time-stamp and a client cannot requests time-stamp to TSA without internet access. This paper proposes an offline time-stamping scheme using TPM. TPM is a security chip equipped with a terminal and provides an extra layer of security to the terminal. The proposed scheme can make time-stamp that is detectable with falsification and forgery. The implementation of the proposed scheme requires the knowledge of TPM. This paper shows the Java library for easy development of the offline time-stamping using TPM.
IEEE, 2012, 2012 IEEE SYMPOSIUM ON COMPUTER APPLICATIONS AND INDUSTRIAL ELECTRONICS (ISCAIE 2012), 64 - 69, English[Refereed]
International conference proceedings
タイムスタンプサービスとは,電子データがある時刻において存在し,それ以降改ざんされていないことをTSA(Time Stamp Authority)により保証するサービスである.我々は既に,規模拡張性/頑強性/外部秘匿性を持つ階層型タイムスタンプサービスの提案を行い,そのモデルの安全性について議論した.本稿では,提案モデルに基づいたオフライン型タイムスタンプサービスについて述べる.まず,サービスのシステム構成を示し,サービスを構成する主体の機能要件を定義した.そして,REST(Representational State Transfer)アーキテクチャスタイルによるTSAサービスの実装とクライアントにおけるTPMを用いた安全なタイムスタンプの生成について述べる.
12 Oct. 2011, コンピュータセキュリティシンポジウム2011 論文集, 199 - 204, Japanese- Sep. 2011, 第10回情報科学技術フォーラム講演論文集, 4, 147 - 152グループ化した蓄積情報を活用する知識継承の一手法
[Refereed]
タイムスタンプサービスとは,電子データがある時刻において存在し,それ以降改ざんされていないことをTSA(Time Stamp Authority)により保証するサービスである.時刻保証要求者は時刻保証が必要になる度にTSAに要求を出さなければならない.一般的に外部に設置されているTSAに処理が集中する従来の二者間モデルでは大量のデータに対する時刻保証は容易ではない.また,端末がオフライン中の時刻保証も困難である.時刻保証を要求した事実を外部に秘匿しておきたい場合もある. 本稿では,まず,TSAの負荷分散を目的としたタイムスタンプサービスの二種類のTSAによるモデルを提案し,その安全性について議論する.そして,そのモデルに基づいた,スケーラブルな時刻保証,端末がオフライン中の時刻保証,時刻保証事実の外部秘匿の3点を目的とした端末内での時刻保証を実現するTPMを用いた一方式を提案し,安全性を評価する.
30 Jun. 2011, マルチメディア、分散協調とモバイルシンポジウム2011論文集, 2011, 1002 - 1015, Japanese- Jun. 2011, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), 2 (2), 83 - 94, EnglishA Server-Aided Computation Protocol Revisited for Confidentiality of Cloud Service
[Refereed]
Scientific journal
- Mar. 2010, 情報処理学会論文誌, 51 (3), 1083 - 1093, Japanese社会ネットワーク分析を用いたスパム対策:固有ベクトル中心性に基づくメールフィルタリン
[Refereed]
Scientific journal
- Corresponding, 2010, 第9回情報科学技術フォーラム講演論文集, 4, 147 - 150情報共有を円滑にするための明示的な返信を不要とするコミュニケーションツール
[Refereed]
International conference proceedings
- 2010, 情報処理, 51 (5), 525プライアブル・デバイス -しなやかにカスタマイズできる端末と利用者主導によるユーザビリティの向上-
[Refereed]
Scientific journal
Recent decline in birthrate and aging of population has significantly boosted demand for home care services. The decision to reduce or abolish care facilities by 2011 reflecting the shift in government policy from facility-oriented to home-oriented care also has an impact. However, discrepancies in maintaining service quality are occurring due to chronic shortage and low pay of care professionals. Because care services are provided by diverse geographically-dispersed professionals of the medical, nursing, and caring fields, prompt sharing of knowledge among "team care" members is required to maintain service quality. Thus, we developed a knowledge distribution support system to support team care, aiming to maintain and improve care service quality. As important information source, we devised a "care card method" approach that collects in written form, and digitizes field tacit care knowledge over time of those cared and performed trials in the field to verify the system's validity.
Japan Association for Medical Informatics, 2010, Japan Journal of Medical Informatics, 29 (2), 63 - 73, Japanese[Refereed]
Scientific journal
- 2009, 情報文化学会誌, 16 (2), 12 - 20在宅介護サービスにおける現場知を基にしたチームケアの知識流通システムの開発と評価
[Refereed]
- 2009, 第8回情報科学技術フォーラム講演論文集, 4, 101 - 108アプリケーションの実装時組み込み型手順提示機構の提案と評価
[Refereed]
International conference proceedings
- A filter check system for defeating attacks which employ IP source address spoofing
To secure network layer is needed for stable IP network as infrastructure. As TCP SYN flooding attack shows, sender of attack packet generally masquerades as others by spoofing source IP address in the packet. IP network becomes more secure, if backbone network through which IP spoofing packet does not flow can be realized. Egress filtering is a way of not flowing IP spoofing packet into backbone network. Each customer network should activate egress filtering for being an effective stratagem. From not only the view point of IP network security but also suppression of threat to be springboard, egress filter must be applied in all customer networks. However, no tool is ready for easily checking egress filtering. In this paper, we show an egress filter check system which can obtain results of egress filter check on routers in a path to arbitrary host.
Lead, INT INST INFORMATICS & SYSTEMICS, 2007, WMSCI 2007: 11TH WORLD MULTI-CONFERENCE ON SYSTEMICS, CYBERNETICS AND INFORMATICS, VOL II, PROCEEDINGS, 289 - +, English[Refereed]
International conference proceedings
- Oct. 2006, Proceedings of International Symposium on Information Theory and its Applications (ISITA2006), 403 - 408, EnglishA Categorizing-Guessed-Values Approach for the Key Recovery Attack against WEP
[Refereed]
International conference proceedings
- 2006, 電子情報通信学会論文誌, Vol.J89-D (No.12), 2564 - 2578組織内システムにおいてエンティティの行動を管理するネットワークサービスアクセス制御
[Refereed]
- 2006, 情報処理学会論文誌, Vol.47 (No.8), 2524 - 2534メモリ上に展開されたコードを使うウイルス解析支援システム
[Refereed]
- Access control by service connector with single sign-on function
In operation of server hosts in client/server model, allowing to connect a service with public is a frequent cause of illegal access. An administrator takes on heavy work load in conventional model of service provision, because access control is implemented in each application level. In this paper, we propose a model for access control using an application gateway which has functions of single sign-on, user authentication and service provisions. We call the application gateway service connector. The proposed model can improve security on server host and realize centralized user management and access-log analysis, and it has an effect to reduce a load of administrator.
Lead, INT INST INFORMATICS & SYSTEMICS, 2005, WMSCI 2005: 9th World Multi-Conference on Systemics, Cybernetics and Informatics, Vol 2, 255 - 259, English[Refereed]
International conference proceedings
In this paper, we present an attack to break WEP that avoids weak IVs used in the FMS attack. Our attack is a known IV attack that doesn't need the specific pattern of the TVs. This attack transforms most TVs of WEP into weak TVs. If we attempt to avoid all weak TVs used in our attack, the rate at which TVs are avoided is too large to use practical. When using a 128-bit session key, the efficiency of our attack is 2(72.1) in the most effective case. This implies that our attack can recover a 128-bit session key within realistically possible computational times.
SPRINGER-VERLAG BERLIN, 2005, COMPUTATIONAL INTELLIGENCE AND SECURITY, PT 2, PROCEEDINGS, 3802, 17 - 26, English[Refereed]
Scientific journal
- Port randomized VPN by mobile codes
A key advantage of SSL VPN is that no specialized client software is required. When a user requests access to a server, the SSL client module, which is a Java applet code, is downloaded into the host at first. However, it is quite likely that not all applications run well, because a client can not connect with a server through an HTTPS tunnel in some applications as we know. Moreover, there is the possibility that we can not use the VPN connections when the SSL port is under Denial of Service (DoS) or Distributed DoS (DDoS) attack. In this paper, we propose a port randomized VPN architecture such that any application can use the VPN and the VPN has strength against DoS or DDoS attack. The proposed VPN uses the same Java applet as existing SSL VPNs use, but the function of the applet, which we call mobile code, is dynamically changed by Java Remote Method Invocation (RMI). The VPN client applet can cooperate with a VPN server and a firewall in server side.
Lead, IEEE, 2004, CCNC 2004: 1ST IEEE CONSUMER COMMUNICATIONS AND NETWORKING CONFERENCE, PROCEEDINGS, 671 - 673, English[Refereed]
International conference proceedings
- Dec. 2003, Proceedings of The IASTED International Conference on Communication, Network, and Information Security(CNIS 2003), 132 - 135, EnglishAn Improved Internal-State Reconstruction Method of a Stream Cipher RC4
[Refereed]
International conference proceedings
- Remote access VPN with port protection function by mobile codes
Concern about SSL VPN technology as a class of VPNs has been growing recently because a key advantage of SSL VPN is that it requires no specialized client software. When a user requests access to a server, the SSL client module, a Java applet code, is downloaded into the host first. However, it is quite likely that not all applications run well because a client can not connect with a server through an HTTPS tunnel in some applications. This study proposes a remote access VPN architecture that allows any application to use the VPN. The proposed VPN uses the same Java applet as existing SSL VPNs, but the function of the applet, which we call mobile code, is changed dynamically by Java Remote Method Invocation (RMI). The VPN client applet can cooperate with a VPN server and a firewall in server side. As a result, the proposed VPN has strength against Denial of Service (DoS) attacks.
Lead, SPRINGER-VERLAG BERLIN, 2003, INFORMATION SECURITY APPLICATIONS, 2908, 16 - 26, English[Refereed]
International conference proceedings
- Lead, 2003, 情報処理学会論文誌, Vol.44 (No.8), 2170 - 2177, Japaneseパケット往復時間の予測誤差を使った乱数生成法
[Refereed]
Scientific journal
- Aug. 2002, 情報処理学会論文誌, 43 (8), 2542 - 2551, JapaneseWebサーバリモート監視システムの実装および評価
[Refereed]
Scientific journal
- Lead, 2002, 電子情報通信学会論文誌D-I, Vol.J85-D-I (No.7), 614 - 625, Japaneseネットワークのサービス品質管理を容易化するセキュリティプロトコルの一方式
[Refereed]
Scientific journal
- Lead, Oct. 2000, 電子情報通信学会論文誌(A), J83-A (10), 1169 - 1179, Japanese非線形コンバイナ型乱数生成器の特性-線形複雑度,相互情報量,無相関性について-
[Refereed]
In the Internet, the IXP (Internet Exchange Point) /s tend to be congested since all traffic must go through the IXP's if the ISP (Internet Service Provider) 's belong to the different upper ISP's. In particular, this problem is serious in Japan since we have only a few IXP's. To ease this problem, we focus on the HTTP traffic exchanged among the neighboring ISP's since the web browsing causes major traffic in the Internet. In this paper, we provide a structure of regional HTTP-IXP and its experimental results. Our HTTP-IXP system aims to reduce the backborn traffic with comparatively low cost by exchanging the regional HTTP traffic via HTTP cash server. Our experimental results show that the backborn traffic can be reduced without the degradation of any user QoS (Quality of Service).
Lead, The Institute of Systems, Control and Information Engineers, 2000, Transactions of the Institute of Systems, Control and Information Engineers, 13 (4), 168 - 178, Japanese[Refereed]
Scientific journal
- 1998, 画像電子学会誌, Vol.27 (No.3), 253 - 262広域インターネット上での静止および動画像配送実験
[Refereed]
Scientific journal
MISC
- 電子情報通信学会, 03 Mar. 2016, 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, 115 (488), 13 - 18, EnglishStorage-Efficient and Low-Power Packet Classification for Internet of Things (情報通信システムセキュリティ)
- 電子情報通信学会, 03 Mar. 2016, 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, 115 (488), 135 - 140, EnglishInstantly Self-Verifiable Pre-Shared Key Exchange for Cyber-Physical Systems (情報通信システムセキュリティ)
- The Relation on Sense of Security and Consent for an Information System and Service
There is concern over the abuse of personal information and the breach of privacy in spite of having been developing security infrastructure technology. It was thought that the user felt relieved by a safe technique. However, safe systems do not necessarily give a sense of security to the people. We have investigated the factors of sense of security for users of an information system and service. The result has been shown that the factor of "Capability and Knowledge" includes an ability to manage personal information and guarantee for users. Generally, providers' ability could not be taken users without provision of the information. Therefore, providing providers' information should have a relationship with user's sense of security. The research results of information providing method say that reassuring by providing information needs consent. In this research, on the hypothesis that consent is included in the factors of sense of security, we conduct a survey and the exploratory factor analysis of the relationship between sense of security and consent. Then, by using structural equation modeling (SEM), we show that consent would be one of the factors of sense of security.
The Institute of Electronics, Information and Communication Engineers, 03 Jul. 2014, IEICE technical report. Social Implications of Technology and Information Ethics, 114 (116), 195 - 202, Japanese - Survey on Sense of Security and Consent for Information Systems and Services
There is concern over the abuse of personal information and the breach of privacy in spite of having been developing security infrastructure technology, systems construction and operation technique. It was thought that the user felt relieved by a safe technique. However, safe systems do not necessarily give Anshin to the people. It can be expected that the studies of Anshin can help system construction and providing services available in Anshin. In this research, on the assumption that the sense of consent is contained in factors of sense of security, we identify the factors that make up the sense of security and consent. We conducted an exploratory factor analysis by asking two hundred and ten college students. We divide them into two groups according to their use intention of information systems and services, and compare the factors of the high use intention group with that of the low use intention group. From the results, the low use intention group tends to get security by realizing usability rather than by understanding safety or a guarantee, and get consent by good efficiency and convenience rather than by influence of imminent others.
The Institute of Electronics, Information and Communication Engineers, 27 Mar. 2014, IEICE technical report. Information and communication system security, 113 (502), 89 - 94, Japanese - 11 Sep. 2013, 日本医学放射線学会秋季臨床大会抄録集, 49th, S532-S533, JapanesefMRIによる高齢者向け体力測定に用いられる運動認知機能計測方法の神経基盤評価
- Partially Doubly-Encrypted ID-based Encryption and its Security
In concealing files by common key encryption, a key used for the encryption must be shared safely between a sender and a receiver. When ID-based encryption (IBE)which does not require public key certificates is used for key sharing, all private keys needed to decrypt ciphertexts are generated by the Private Key Generator (PKG). In this paper, we propose an IBE-based encryption scheme which satisfies following properties: 1)Even the PKG cannot decrypt ciphertexts. 2)The number of entities needed to construct the scheme is few. Then, we prove that our scheme is secure against passive attack even if either server out of two servers constructing our scheme colludes with an attacker, and give the comparison result.
The Institute of Electronics, Information and Communication Engineers, 25 Mar. 2013, IEICE technical report. Information and communication system security, 112 (499), 19 - 24, Japanese - Design and Implementation of Application Framework for Pairing-based Cryptography
Applications of pairing-based cryptography are searchable encryption, secure function evaluation and so on. To implement pairing-based cryptography, application developers use pairing libraries. If the developer replaces a pairing library with a faster one, he/she needs to modify source code of pairing-based cryptography. In this paper, we propose an application framework for pairing-based cryptography for the purpose of reducing the amount of changed codes when the developer changes a library. The overhead of our framework is marginal and reuse percentage is high.
The Institute of Electronics, Information and Communication Engineers, 25 Mar. 2013, IEICE technical report. Information and communication system security, 112 (499), 13 - 18, Japanese - Medical Consumer Controllable Information Disclosing Method by Secret Sharing for Personal Health Record
There is a need for self-management of medical and health information by medical consumers themselves using PHR (Personal Health Record) because of an aging society and an increasing lifestyle-related disease. In this study, we proposed a method to store the encrypted information in one place and disclose it to a necessary medical institution by secret sharing-base scheme. In addition, we confirmed the feasibility as a result of implementing a form which can be decrypted by a web browser and considered the points to keep in mind with requirements for the guideline on storage when the method applies to a real environment system.
The Institute of Electronics, Information and Communication Engineers, 07 Mar. 2013, IEICE technical report. Life intelligence and office information systems, 112 (466), 71 - 76, Japanese - A Secure Personal Information Management Method Using Linkable Anonymizing and Hybrid Cipher for Information Sharing Systems in Home Medical Care and Nursing
There is a demand for collaborative approach to provide efficient services with various profession in the home medical care and nursing. It is expected that the information sharing system support them by ICT. on the system handling medical information, private information of user must be managed strictly for privacy. However it is defficult to manage all interspersed private information in the record of service. In this study, we have proposed a secure personal information management method using linkable anonymizing and hybrid cipher and evaluated the implemented system.
The Institute of Electronics, Information and Communication Engineers, 07 Mar. 2013, IEICE technical report. Life intelligence and office information systems, 112 (466), 65 - 70, Japanese - VANETにおけるネットワーク符号化通信の動的な署名検証制御
高度道路交通システムの一分野として,ドライバーへ交通情報を提供して交通事故を未然に防ぐ研究が行われている.適切なタイミングで正しい情報を提供するためにVANETにおけるネットワーク符号化パケットに電子署名を適用した通信方式が提案されている.高車両密度のとき,各車両は復号に必要な数以上の署名を検証して通信遅延が蓄積される.通信遅延を削減するために我々は動的に署名の検証回数を制御する手法を提案している.本稿では,署名検証回数の動的制御手法の効果について評価した結果を示している.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 115 - 117, Japanese - ランダムネットワーク符号化を用いた路車間・車車間通信による証明書失効リスト配布について
高度道路交通システム(ITS)に は道路交通環境問題の解決を図るものがある.ITSアプリケーションではVANET(Vehicular Ad-hoc NETwork)で交換されるデータによってドライバーの誘導をする.車両同士で交換されるデータは受 信した車両の挙動へ影響を与えることから,データの完全性を保つ必要がある.データの完全性を保つためにPKIベースの電子署名を用いる場合,認証局は公開鍵証明書の発行,証明書の有効性検証の ための証明書失効リスト(CRL)の配布をする.CRLの配布によりITSアプリ ケーションの送受信を妨げないことが望ましい.我々は,ネットワークリソースを抑えつつCRL配 布可能台数を減らさないランダムネットワーク符号化を用いた路車間・車車間通信によるCRLの 配布方式を提案している.本稿では,シミュレーション実験により,消失訂正符号化ベースの配布方式と提案方式の配布性能の比較を行う.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 581 - 583, Japanese - Windows APIフックの通信監視による攻撃コードを含むPDFファイルの検知
ドライブ・バイ・ダウンロード攻撃では,端末を悪性のWebサイトへ誘導してマルウェアに感染させる際にPDF閲覧ソフトの脆弱性を悪用する.閲覧時に脆弱性を突いてマルウェアをダウンロードし実行する攻撃コードを組み込んだPDFファイルが攻撃に使用される.攻撃コードはアンチウイルスソフトに検知されないように難読化されていることがあり,詳細な検査が求められるが解析に時間をかけると業務が滞る.そこで,PDFファイルの善悪を短時間で判断するために,閲覧時に発生する通信を監視するモジュールを提案する.通信に使用するWindows APIをフックし,攻撃コードがマルウェア配布サイトへアクセスする動作を検知する.PDF通信監視モジュールを試作し,D3M(Drive-by-Download Data by Marionette)データセットから取り出したPDF検体を用いて評価した.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 551 - 553, Japanese - 暗号文の提供者を不特定多数とする検索者を限定したキーワード検索可能暗号方式
キーワードの暗号文を復号することなく,トラップドアを持つユーザーだけが,特定のキーワードの暗号文であるか検索できる暗号方式としてキーワード検索可能暗号が提案されている.検索可能暗号では,暗号文毎に検索者を限定するアクセス制限の機能を持つ方式が提案されている.これらの方式は,暗号文を作成できるユーザー(提供者)が一人だけである,もしくは検索者の人数に制限がある.本稿ではBonehらのIDベース暗号方式を基に,提供者が不特定多数でアクセス制限が可能なキーワード検索可能暗号方式を提案する.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 517 - 519, Japanese - 難読化された攻撃コードの挙動を反映したトラフィック可視化による攻撃解析支援のためのインタフェース
マルウェアによる被害が拡大している.マルウェアの感染活動は,攻撃者の操作により感染させる能動的攻撃に加え,ユーザの操作を契機として感染させる受動的攻撃が用いられるようになった.さらに,解析を妨害するために攻撃コードの難読化がなされているものが増えている.そのような攻撃に対しては,通信データを解析して悪性サイトのURLを特定しフィルタリングすることが,被害を抑える基本的な対策である.悪性サイトのURLを特定するには,通信データから攻撃フローを抽出することが求められる.本稿では,攻撃コードを解析した上で通信データを地理的可視化し,通信データから攻撃フローを抽出する攻撃解析支援インタフェースを提案する.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 539 - 541, Japanese - 暗号アプリケーション開発のためのペアリング演算フレームワーク
クラウドを利用したシステム開発が盛んに行われている.今後はM2M,ライフログ等のビッグデータ処理システムや医療情報共有システムが実装されていくことになる.クラウドを利用したシステム開発でIDベース暗号,秘匿計算といった暗号技術の利用が期待されている.このような暗号技術を実現するペアリング暗号が注目されている.本研究では,幅広い応用が期待されるペアリング暗号の実装時の処理を再利用することを目的として,ペアリング演算フレームワークを提案する.本フレームワークでは,ペアリング暗号の実装で利用する処理を拡張性を考慮して提供する.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 531 - 533, Japanese - 更新用の属性鍵とプロキシ再暗号化により属性失効処理を分散させる属性ベース暗号
属性ベース暗号では一般に,属性を失効したユーザが暗号文を復号し続けられるのを防ぐために,データ所有者は新しい公開鍵で共有データを再暗号化しなければならない.また,システム権威者は再暗号化された共有データを他のユーザが復号できるように新しい秘密鍵を送信しなければならない.これまでに提案されているデータ所有者とシステム権威者が行なう属性失効処理を分散させる方式では,ユーザの属性を追加・変更するためには新しい秘密鍵の発行が必要である.本稿では,プロキシ再暗号化を利用して属性失効処理をクラウドサーバに分散し,ユーザの属性を追加・変更するときに新しい秘密鍵の発行が不要な暗号文ポリシー属性ベース暗号を提案する.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 521 - 523, Japanese - 帰宅困難者支援システムにプライバシー情報を登録する住民の安心感に関する調査
日本は水害が多い国であり,台風や集中豪雨などによって交通機関が運休し,帰宅困難者が発生することがある.そのような被災者に情報を与えるような災害支援システムが開発されているが,システムには住民の連絡先などのプライバシー情報の登録が必要である.そのようなサービスを利用してもらうためには安心して情報を登録できるようなシステムでなければならない.本研究は帰宅困難者支援システムにプライバシー情報を登録するときの安心感について,その要因を明らかにし,システムやサービスの開発および提供に役立てることを目的とする.本稿では大学生219人に対して行った質問紙調査の分析結果を述べる.因子分析の結果,ユーザビリティに関わる因子や他者の影響に関わる因子など,5因子を抽出した.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 597 - 599, Japanese - Webベースファイル送受信システムのための部分的に二重暗号化するIDベース暗号方式
企業や研究機関等で,内容を秘匿してファイルの送受信を行いたいというニーズが存在する.受信者の公開情報をもとに暗号文を作成できるIDベース暗号(IBE)では,復号鍵発行サーバ(PKG)は任意の受信者宛の暗号文を復号できる.ファイルの暗号化を行う機密ファイル送受信システムにIBEを利用する場合,PKGがファイルの内容を見ることができる.本稿では,PKGにファイルの内容を見られない機密ファイル送受信システムのためのIBE方式を提案する.提案方式を構成する,メッセージ成分保管サーバとPKGのうち一方が攻撃者と結託した場合にも安全であることを示す.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 527 - 529, Japanese - マルチプラットフォーム対応の配達証明付きデータ送受信フレームワーク
パーソナル情報はセンシティブな情報であるため,データの悪用を防ぐような運用が求められる.そのための技術の一つとして配達証明を本研究では注目する. これまでに様々な配達証明付きデータ送受信プロトコルが提案されている.配達証明付きデータ送受信プロトコルを実装するにはライブラリで支援できる暗号演算の他に,プロトコルの流れの制御や状態管理といった機能が必要である.これらの機能はライブラリだけで支援できるものではない. 本稿では, Javaによるマルチプラットフォーム対応の配達証明付きデータ送受信フレームワークを提案する.そしてフレームワークを用いてサンプルアプリケーションを実装し,ホットスポットとフローズンスポットのステップ数からフレームワークによる実装の支援ができていることを評価する.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 395 - 397, Japanese - TPMを用いた二要素認証のための構成証明識別鍵による認証方式
強固なセキュリティが求められるシステムには多要素認証によるアクセス制御をすることが推奨されている.端末に搭載が進むセキュリティチップTPMは,AIK(Attestation Identity Key)というRSA署名鍵を生成し耐タンパ領域で演算・保管できる.すでに広く用いられているパスワード認証に加え,AIKを利用者認証の要素の一つに使えるようになれば,より強固なセキュリティを実現できる.しかしながら,AIKの署名対象はTPM内部で生成された情報に限定され,フォーマットが定まっているため任意のデータに署名できず,チャレンジアンドレスポンス方式はそのまま適用できない.本稿では,AIKを使った認証方式を提案し,方式の実装により性能を評価している.クライアント1台あたり認証要求から結果を受け取るまでの時間が3650msとなることを確認している.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 367 - 369, Japanese - 動的解析と連携する通信可視化によるドライブ・バイ・ダウンロード攻撃の解析支援
ドライブ・バイ・ダウンロード攻撃 (Drive-by-Download attack:以下DBD攻撃) による被害が増加している.攻撃の防御・被害の抑制を目指すなら,各組織で迅速に連携して対策を講じられることが望ましい.より有効な対策を講じるなら攻撃の全容を把握したいが,人が通信データから疑わしいフローを見つけ,さらにそれに含まれるコードを一つずつ手動で解析することは容易ではない.本稿では通信データに含まれる攻撃の一連の流れを可視化し,攻撃に利用されるコードの動的解析を統合したDBD攻撃解析支援システムを提案する.提案システムのプロトタイプにより,D3M 2012(Drive-by-Download Data by Marionette 2012)データセットを用いて評価を行った.
一般社団法人情報処理学会, 06 Mar. 2013, 全国大会講演論文集, 2013 (1), 365 - 367, Japanese - The Institute of Electronics, Information and Communication Engineers, 05 Mar. 2013, Proceedings of the IEICE General Conference, 2013 (1), 132 - 132, JapaneseD-9-34 Application Framework for Order-Stamping by Virtual Monotonic Counter Using TPM
- Mar. 2013, 情報処理学会全国大会講演論文集, 75th (4), 4.919 - 4.920, Japanese連結可能匿名化された医療情報の安全管理措置の検討
[Refereed]
Report scientific journal
- A Dynamic Processor Resources Allocation Mechanism for Energy Saving
専門家による遠隔診断等の動画像通信などのように,汎用携帯端末を長時間利用できるように低消費電力化の需要が高まっている.汎用携帯端末には多種のプロセッサが搭載されてきており,消費電力当りの処理能力向上にはヘテロジニアスコンピューティング技術の利用が考えられる.しかし,ハイパフォーマンスコンピューティング分野で行われている負荷分散や自動調節等の研究成果は互換性の点から汎用端末にそのまま適用できない.本稿では,汎用携帯端末においてプロセッサ抽象化 API 利用アプリケーションが汎用的に動作可能な方式を提案する.提案方式を Linux OS 上で OpenCL を用いて実装した.提案方式は汎用的に利用可能であることと動画像通信を例にして省電力効果があることを確認した.There is a growing demand for a long time use by low power consumption to be able to use general-purpose mobile devices. Since the various processors have been mounted on a general-purpose mobile device, using heterogeneous computing technology to improve processing ability per power consumption can be applied. Although the research results about load balancing or automatic adjustment have been shown in the field of high performance computing, they are not directly applicable to general-purpose device in terms of compatibility. This paper proposes a method that an application can use API abstract processor in general-purpose mobile devices. The implementation of the proposed method using OpenCL on Linux OS is shown. We confirm that the proposed method is generically available and it gives an energy saving effect in an example of video communication.
09 Jan. 2013, 研究報告グループウェアとネットワークサービス(GN), 2013 (38), 1 - 8, Japanese - On Distribution of Certificate Revocation List Using Random Network Coding for VANET
Intelligent transport system (ITS) is for resolving traffic accidents and congestion by using information and communications technology. Vehicular ad hoc network (VANET) has some applications which decrease the traffic accidents and solve the congestion. The exchanged data must be ensured confidence, since it influences an action of vehicles indirectly. When PKI-based digital signature are used for data security, a certification authority issues a certificate for public key, and manages and distributes certificate revocation list (CRL) Although the CRL distribution is a key component, it disturbs other application traffic. The number of the packets which is transmitted by CRL distribution should be decrease in order not to disturb the application traffic. This paper proposes a CRL distribution scheme which uses random network coding in VANET and shows the simulation results.
The Institute of Electronics, Information and Communication Engineers, 15 Nov. 2012, IEICE technical report. Information and communication system security, 112 (315), 1 - 6, Japanese - A Framework for Issuing AIK Certificate for Two-Factor Authentication by TPM and Its Support System
An information system that handles confidential information should be used multi-factor authentication. TPM-embedded terminals have become widespread. TPM can securely generate and store AIK which is a kind of non-migratable RSA key pair. AIK can be used as a factor of user authentication so that an information system would become more secure. However, there is no regulation of certificate issuance that can associate AIK and a user. This paper shows a framework for certificate issuance which can associate AIK and a user. Then, the paper proposes a support system to issue AIK certificate. The proposed system reduces the user's operation time for issuing AIK certificate.
The Institute of Electronics, Information and Communication Engineers, 15 Nov. 2012, IEICE technical report. Information and communication system security, 112 (315), 43 - 48, Japanese - On the Sense of Security for Registering Privacy Information to Return Refugee Supporting System
In Japan, public transportation is sometimes temporary suspended because of a typhoon and a torrential downpour. Hence, many people get difficulty in going home. Systems for return refugee have been proposed. However, such systems are not necessarily give Anshin to the people. In this research, we identify the factor of the sense of security for people when they register their privacy information with a return refugee supporting system. We conducted a questionnaire survey with thirty-one college students, and have found five factors by the explanatory factor analysis.
The Institute of Electronics, Information and Communication Engineers, 15 Nov. 2012, IEICE technical report. Information and communication system security, 112 (315), 55 - 60, Japanese - IDベース暗号とIDベース署名を用いた配達証明付きデータ送信方式
ネットワークを介したデータの送受信証明の方法の一つに,仲介者を利用したデータとその受領書を交換するものがある.送信者と受信者は受領書によって第三者に送受信の事実を証明することができる.PKIを用いた方法では,データの送信先が増加するにつれて送信者は多くの電子証明書の取得や管理をしなければならない.送信者が低スペックな端末を利用するためには電子証明書の増大は望ましくない.本稿では電子証明書の取得や管理を不要にするため,Boneh,FranklinのIDベース暗号とCha,CheonのIDベース署名を組み合わせたデータ送信証明方式を提案し,それらの方式に基づいた安全性を示す.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 609 - 611, Japanese - 災害時対応に用いるプライバシー情報共有支援のための開示先制御が容易なデータ共有方式
自然災害の被害を抑える減災の取り組みが注目されている.住民が通勤・通学先,その経路,時間帯,家族の連絡先を登録しておき,災害発生時に自治体が家族の連絡先に被害状況を伝えることで,家族はそこから適切な避難行動を指示でき,円滑な情報伝達が実現できる.我々は既に,この情報伝達を支援するシステムを実現するために,登録する情報を情報の保管者と自治体が(2,2)閾値復号で共有することで,住民が容易に開示先制御できる暗号方式を提案している.その暗号方式では,情報の利用者がオフラインの場合,処理を継続できない場合がある.本稿では,情報の利用者がオフラインでも処理を継続できる改良を加えた方式を提案する.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 103 - 105, Japanese - インベントリ証明書によるアクセス制御システムの設計と実装
企業情報システムにもクラウドが広まりつつあるが,私用の端末での利用はセキュリティリスクがあるため,企業は利用して良い端末についてポリシーを定めてアクセス制御すべきである.本論文では端末のソフトウェアやハードウェアに関する情報であるインベントリに対して証明書を発行し,その証明書にもとづいてアクセス制御するインベントリの証明書によるアクセス制御システムを提案する.本システムは,不正なインベントリやインベントリの提出を防ぐためにTPMによる電子署名と認証を行う.端末に導入して良い,または悪いソフトウェアやハードウェアをポリシーとして定め,実装によりポリシーを満たす端末かどうか認証してアクセス制御が行えることを確認した.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 159 - 161, Japanese - ネットワーク符号化通信のための動的IDベース署名方式のVANETでのシミュレーション
ネットワーク符号化を用いた通信に対する脅威として汚染攻撃がある. 汚染攻撃に対抗する方法として2010年にYixinらが提案した動的IDベース署名方式がある.しかし,動的IDベース署名方式は署名,検証ともに計算コストが高く,ITS(高度道路交通システム)のような車両の送信周期が短くかつパケットの高い受信率が求められているシステムでの利用可能性について未知である.そこで本稿では,シミュレーション実験によるネットワーク符号化のための署名,検証コストが通信に与える影響について述べる.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 39 - 41, Japanese - TPMに基づく端末認証のための認証局のRESTベースの実装と公開鍵証明書発行支援
ユーザ認証のみによるアクセス制御では,正当な利用者による組織が把握しない端末からの情報システムへのアクセスが許されることになる.そのような端末からの情報漏洩を防ぐためにTPM(Trusted Platform Module)を用いた端末認証に着目した.端末認証の実現には,TPMで生成されるAIK(Attestation Identity Key)に対する公開鍵証明書を発行する認証局が必要になる.本稿では,認証局のRESTベースでの実装と,証明書発行の利用者を支援するインタフェースの開発について述べる.RESTベースの実装によりクライアント開発時の認証局との連携を容易にでき,インタフェースの開発により容易にAIKの公開鍵証明書発行ができるようになった.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 79 - 81, Japanese - メールアドレスを公開鍵とするWebベース機密情報伝送システムの試作
我々は既に,機密情報伝送を安全かつ簡便に配送するためのシステムと暗号方式を提案している.そのシステムの特徴は,権力の一箇所集中を防ぐために,3種のサーバを用いている点である.適用する暗号方式としてIDベース暗号,楕円ElGamal暗号を基にした暗号方式を提案している.さらに,3種のサーバのうち2つのサーバから情報が漏れた場合でも,提案システムが能動的攻撃に対して安全であること,IND-ID-CCA安全性を満たすことを既に示している.本稿では,提案システムの試作について述べる.機密情報を安全かつ簡便に伝送できるシステムであることを確認した.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 327 - 329, Japanese - クラウドサービスの利用者の特定ができるIDベース暗号方式
クラウドサービスの利用がビジネスにおいても増加する一方で,その利用には不安が残っている.その一因は利用者にとってサービス提供者が信頼できるかわからないことであり,サービス提供者にとっても証明できないことは多くの利用への障害となっている.証明を得るために監査を行うことが考えられるが,セキュリティの問題から監査人には通信内容を知られないことが望ましい.そこで,正当なサービスの運用/利用の保証を監査人が平文を知ることなく行い,その証明を行う仕組みが必要となる.本稿では,IDベースの検証者指定署名と鍵共有を基にした,平文を知られず利用者の特定が可能なIDベース暗号方式を提案する.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 647 - 649, Japanese - メールサービスの認証を利用したIDベース暗号の復号鍵発行手法
IDベース暗号において,信頼のおけるサーバであるPKGではユーザに復号鍵を発行する際にユーザ認証が必要となる.本稿では,PKGに認証情報を渡さずに認証を行うために,ユーザのメールサービスへの認証に基づく復号鍵の発行手法を提案する.PKGとメールサービスの認証を連携するには,復号鍵受信ユーザへのなりすましとメールサーバ間での盗聴を防止する必要がある.メールの送信者認証およびDH鍵共有を利用することで,安全なユーザ認証を可能にした.PKGとBoneh, FranklinのIDベース暗号方式を実装し,安全に復号鍵の受け渡しができることを確認した.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 649 - 651, Japanese - サーバの配付コードをクライアントに動的実行させてサーバで動作検証できる動的コードの配付・実行・検証機構
クライアントとサーバのプログラムが連携してユーザの目的を達成するサービスで,ユーザーはクライアントソフトウェアの改ざんや実行拒否をできる。アンチウィルスソフトの場合,ウィルスパターンファイルが更新されないなど正しく保護されない可能性がある。そこで、本論文ではサーバがコードをクライアントに配布し実行させ、正しく動作したことをサーバが検証できるコードの配布・実行・検証機構を提案する。提案機構ではサーバがRPCによりユーザの介入なくクライアントを操作し、サーバ上のコードを動的にロード・実行させる。コード内にはサーバの生成した乱数が含まれており、これにより動作検証を行う。
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 593 - 595, Japanese - ユーザモードプロセスからカーネルモードプロセスへ受け渡しするデータを外部秘匿するロード手法
エンドポイントのポリシー強制では,端末利用者が更新されたポリシーをリロードしないという不正が懸念され,更新されたポリシーがロードされたことを第三者に証明できることがフォレンジクスの観点からは望ましい.本研究ではカーネルモードのポリシー強制プログラムがポリシーファイルを他のユーザモードプログラムから受け取って動作に反映する処理を安全に行う手法を提案する.提案手法はポリシーファイルを暗号化することでポリシーファイルを端末利用者に見せないという特徴を持つ.提案手法を組み込んだ場合のプログラムの負荷の増加を測定し,使用メモリ量,CPU使用率の増加量について評価を行う.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 637 - 639, Japanese - VANETでのネットワーク符号化通信の署名検証回数について
VANETにおいてデータの取得に要する時間を短縮するために利用されるネットワーク符号化通信においては汚染攻撃の影響が懸念される.ネットワーク符号化通信に対する汚染攻撃から単純に防御するには暗号もしくは署名技術を用いればよい.そのような考え方による動的IDベース署名による符号化パケットの検証をする方式が提案されている.しかし,署名検証を各車両毎で行うとデータ転送に時間がかかり,効率的なデータ転送が求められるVANETにおいては望ましくない.本稿では,周辺状況を考慮にいれることで受信率を低下させることなく署名回数を削減する転送方式について検討し,シミュレーションにより評価を行う.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 473 - 475, Japanese - 送信要求と要求元端末接続点の統合的な表示により円滑な授受を支援するファイル送受信システム
ファイルの授受には,ファイルの送信要求を伝える,相手が確認する,メールや共有システムを用いてファイルを送る,ファイルを確認して受け取るという作業が必要であり,円滑なファイルの授受ができるとは言い難い.本稿では,ファイルの送信要求と要求元端末がアクセスできる場所への接続点を統合して提示することで円滑なファイルの授受を実現するシステムを提案する.提案システムを構築して運用し,一般に利用されるファイル送受信手段と比較を行い,実際にファイルの円滑な授受を支援できていることを確認した.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 277 - 279, Japanese - グループ化した蓄積情報を活用する知識継承支援システム
組織力を高めるためには,個人の能力を高めることが必要である.しかし,新入社員などの若手が一人で学習し成長することは容易ではない.一般的に,メンター(指導者)がプロテジェ(被指導者)に知識を伝達するという方法が取られるが,未熟なプロテジェにはメンターの伝えたい意味や仕事の全体の流れが伝わらないことが多い.円滑な知識継承を行う上で重要なのは,メンターのコンテクストや仕事のプロセスを示す情報を伝え,優れた行動モデルを共有することであるという結果がある.本稿では,有用な知識を効率よく伝えられられるコンテクスト共有を支援し,メンターの知識継承にかかる負担を減らすことを目的としたシステムの実装とその運用評価について述べる.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 189 - 191, Japanese - 災害時対応に用いるプライバシー情報共有支援システムの設計と試作
自然災害による被害を完全に防ぐことは難しく、被害を最小限に食い止める減災にも努めなければならない。サービス利用者は災害発生前に避難支援となる通勤・通学先、経路・時間帯、家族の連絡先といったプライバシー情報をサービスに登録、災害発生時にサービスはそれらの情報を家族に連絡し、家族は登録したサービス利用者に適切な避難行動を促す、以上のような情報伝達を実現するのに必要な利用者のプライバシー情報を保護する暗号を用いたデータ共有方式を提案している。本稿では暗号化されたデータを管理するシステムの設計と試作について述べる。また、我々のデータ共有方式と従来の公開鍵暗号や属性ベース暗号を用いた方式と計算量や処理時間について比較し、優位性を示す。
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 707 - 709, Japanese - RESTベースのオンラインストレージへのアプリケーションのデータ移行
本稿では,REST APIが用意されているオンラインストレージサービスに設定ファイルや利用者のデータ等を保管する耐障害性に優れたアプリケーションの開発を支援する手法を提案する.提案手法では,データベースに対する処理要求をオンラインストレージに対する処理要求に変換することでアプリケーションの開発コストを削減する.提案手法のアプリケーションが,ローカルに保管するアプリケーションに対してどの程度の遅延があるかを調べ,キャッシュ機構の検討を行う.
一般社団法人情報処理学会, 06 Mar. 2012, 全国大会講演論文集, 2012 (1), 705 - 707, Japanese - The Institute of Electronics, Information and Communication Engineers, 06 Mar. 2012, Proceedings of the IEICE General Conference, 2012, "S - 25"-"S-26", JapaneseAS-2-5 A Delegation Scheme of Decryption Right in Data Sharing by (2,n)-Threshold Decryption
- 06 Mar. 2012, 情報処理学会全国大会講演論文集, 74th (3), 3.173-3.174, Japanese視覚運動変換型の認知機能計測用Webシステムの開発
- Development of software to present the same tests of physical strength of visuomotor transformation at the cognitive processing of concept formation for the analysis in brain activity using fMRI
It has been focused for effect of exercise on dementia. We want to clarify the relationship between exercise and brain function in order to evaluate cognitive function needed to body movements using fMRI. However, physical fitness cannot apply to measurement in fMRI due to physical limitations of MRJ. This paper proposes software to present the same tests of physical strength of visuomotor transformation at the cognitive processing of concept formation. We confirmed that our software can be used in fMRI.
The Institute of Electronics, Information and Communication Engineers, Jan. 2012, IEICE technical report. Life intelligence and office information systems, 111 (383), 45 - 50, Japanese - 12 Oct. 2011, コンピュータセキュリティシンポジウム2009 (CSS2009) 論文集, 2009, 1 - 6, JapaneseAn End-host based Logging Mechanism Using TPM and TSS
- 22 Aug. 2011, 情報科学技術フォーラム, FIT 2011, 659 - 660, Japanese行動データを取得するWebアプリケーションのための処理時間予測による測定精度保証
- TPMに基づく端末認証のための認証局構築
XaaSと総称されるネットワークを経由してサービスを利用する形態が増えている.我々は,サーバサイドネットワークの保護と適応的制御のためのTPMを用いた接続資格保証基盤のモデルを提案している. 本研究では,その方式で使われるプライベートCAの機能を登録局と認証局に分けて考え,認証局を実現するための具体的な方法を示し実装を行う.我々の認証局は,端末のTPMから作られるAIK鍵に対する電子証明書を発行することで,端末の正当性を保証する役割を担う.
一般社団法人情報処理学会, 02 Mar. 2011, 全国大会講演論文集, 2011 (1), 569 - 571, Japanese - 02 Mar. 2011, 情報処理学会全国大会講演論文集, 73rd (4), 4.721-4.722, Japanese予防医療のための生体機能測定用Webアプリケーションの動作精度保証機構
- 2010, Proceedings of Forum on Information Technology 2010, 4, 147 - 150A Communication Tool With No Need To Explicitly Reply For Smooth Information Sharing
- 2010, 情報処理, 51 (5), 525Pliable Devices - Improvement of Usability by User Leading with Pliably Customizable Terminal -
- 2010, An Official Journal of the Japan Association for Medical Informatics, 29 (2)Development and Evaluation of a Knowledge Distribution Support System for Team Care-- Information Coordination based on Electronic Sharing of Home Care Service Records --
- 2010, IPSJ Journal, Vol.51 (No.3), 1 - 11Antispam Method Using Social Network Analysis: Eigenvector Centrality-based Email Filtering
- Forum on Information Technology, 20 Aug. 2009, 情報科学技術フォーラム講演論文集, 8 (4), 463 - 464, JapaneseM-094 Blog Based Sensor Data Annotating System for Creating Information Spirally
- 社団法人電子情報通信学会, 04 Mar. 2009, 電子情報通信学会総合大会講演論文集, 2009 (0), S - 25-S-26, JapaneseAS-1-3 On Host-based Logging for Network Forensics
- Sensor Information Sharing System Using Weblog
This paper describes a sensor information sharing system that shares and creates sensor information using weblog media. The aim of the system is to trigger a loop of creating and sharing of sensor information and circulate it spirally. In order to achieve this aim, the system equips functions supporting induction and acquirement of sensor information. The evaluation of the system showed that the functions achieved the desired effect.
The Japan Joint Automatic Control Conference, 2009, Proceedings of the Japan Joint Automatic Control Conference, 52 (0), 172 - 172, Japanese - 2009, Journal of the Japan Information-culture Society, 16 (2), 12 - 20Development and Evaluation of a Knowledge Distribution System for Team Care Basd on Tacit Knowledge in Home Care Services
- 2009, Proc. The 8th Forum on Information Technology, 4, 101 - 108An Operation Presentation Mechanism For GUI Application and its Evaluation
- On Host-based Packet Capturing Mechanism for Network Forensics
Digital forensics is application of computer crime investigation and analysis techniques in the interests of determing potential legal evidence. In this paper, we will give some considerations about host-based network forensic system that communication packets are collected and preserved in each monitored host. The system has advantages in terms of comprehending communication state, however its each process requires ensuring reliability, availability and maintaining legal probative force. We show host-based packet capturing mechanism and process flow, which consist of log collection, preservation, for satisfying the above requirement.
The Institute of Electronics, Information and Communication Engineers, 06 Nov. 2008, IEICE technical report, 108 (285), 1 - 6, Japanese In a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an l-bit secret key from only the first l bits of the initial state of RC4 using linear equations with the time complexity less than that of one execution of KSA. It can recover the secret keys of which number is 2(103.6) when the size of the secret key is 128 bits. That is, the 128-bit secret key can be recovered with a high probability when the first 128 bits of the initial state are determined using the internal state reconstruction method.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Jan. 2008, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, E91A (1), 3 - 11, EnglishIn a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an l-bit secret key from only the first l bits of the initial state of RC4 using linear equations with the time complexity less than that of one execution of KSA. It can recover the secret keys of which number is 2(103.6) when the size of the secret key is 128 bits. That is, the 128-bit secret key can be recovered with a high probability when the first 128 bits of the initial state are determined using the internal state reconstruction method.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Jan. 2008, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, E91A (1), 3 - 11, English- Forum on Information Technology, 22 Aug. 2007, 情報科学技術フォーラム一般講演論文集, 6 (3), 475 - 478, JapaneseJ-039 Group Communication Support Using Index That Represents Message Balance
- Forum on Information Technology, 22 Aug. 2007, 情報科学技術フォーラム一般講演論文集, 6 (4), 461 - 464, JapaneseO-012 Mail Sets for Spam Filtering Tests
- 2007, 教育システム情報学会誌, Vol.24 (No.4), 301 - 310顔認識技術を利用した受講者撮影支援システムの提案と試作
- 2007, 教育システム情報学会誌, Vol.24 (No.4), 301 - 310顔認識技術を利用した受講者撮影支援システムの提案と試作
- A Development of Camera Control System to Support Recording Lecture Video
Recently, the growing popularity of network infrastructure has dramatically increased the number of delivery of the lecture with a cheap camera system in many universities. This approach does not require a specific classroom. However, a workload of the establishment and operation of a camera becomes some problem, hi this paper, we describe a development of a camera control system for recording lecture video.
The Institute of Electronics, Information and Communication Engineers, 02 Mar. 2006, IEICE technical report, 106 (583), 117 - 120, Japanese - 2006, 教育システム情報学会全国大会講演論文集, 31st円滑な講義撮影を支援する講義適応型カメラ制御システムの提案
Summary national conference
- 2006, 情報科学技術レターズ, 411 - 414特定少数グループ向けP2P型バックアップシステム
- 2006, Trans. of IEICE D, Vol.J89-D (No.12), 2564 - 2578Network Service Access Control for Behavioral Management of Entities in Organization
- 2006, Information Technology Letters, 411 - 414P2P-type backup system for specified minority group
- 2006, IPSJ Journal, Vol.47 (No.8), 2524 - 2534Unknown Virus Analysis Support System Using Code Loaded on Memory
- 教育システム情報学会, Nov. 2005, 教育システム情報学会研究報告, 20 (4), 27 - 32, Japanese遠隔講義のための動画像QoS管理手法 (インターネット新技術による学習環境)
- 26 Oct. 2005, 情報処理学会シンポジウム論文集, 2005 (13,Vol.1), 151 - 156, JapaneseDevelopment of a Damage Prediction System Based on the Event Dependent Model on Time-Series Data
- Security Analysis for a Single One-Time Password Method Usable by Multi-Authentication Agents
One-Time Password (OTP) method is a secure password-based authentication method by changing password in each session. We have already proposed a single OTP method usable by multi-authentication agents. In this paper, we evaluate the security of the proposed method. We show the proposed method can protect the secret information of user from not only unknown the opponents but also the agents and other users. And, the proposed method can protect the secret information of the agent from not only unknown the opponents but also the users and other agents. Additionally, the proposed method is secu...
一般社団法人電子情報通信学会, 08 Sep. 2005, IEICE technical report. Office Information Systems, 105 (283), 29 - 34, Japanese - Speed-Up by Adapting Stream Cipher and an Improvement of Usability for OpenVPN
Virtual Private Network (VPN) is a technology to construct a private network over public networks. Software-based VPN products are popular, because they don't need any appliance. OpenVPN is one of the most popular software-based VPN products and has high flexibility. However, the usability of OpenVPN is not so high because its setting requires expert knowledge of VPN. Additionally, the throughput decreases by the overhead of encryption because the encryption time of block cipher is large. This paper presents a method to improve the usability. A client can set VPN up on a VPN setting server ...
Information Processing Society of Japan (IPSJ), 19 May 2005, IPSJ SIG Notes, 2005 (41), 41 - 46, Japanese - A Single One-Time Password Method Usable by Multi-Authentication Agents
One-Time Password (OTP) method is a secure password-based authentication method by changing password in each session. A lot of OTP methods have been proposed, but most methods don't consider use of multi-authentication agents. The authorization model using multi-authentication agents achieves high usability and scalability. In this paper, we propose a single OTP method usable by multi-authentication agents. The proposed method can protect secret information of user from not only unknown opponents but also agents and other users. Additionally, the proposed method has high scalability because...
Information Processing Society of Japan (IPSJ), 19 May 2005, IPSJ SIG Notes, 2005 (41), 53 - 58, Japanese - A Chosen IV Attack against FMS Attack-Resistant WEP Implementation
WEP protocol is a security protocol to protect privacy of the wireless LAN communication. Original WEP was broken by the FMS attack in 2001. FMS attack-resistant WEP implementation removes weak IVs to resist the FMS attack. We have already proposed a known IV attack to FMS attack-resistant WEP implementation, and have pointed out that most WEP's IVs become weak IV. When 64-bit session key, the threat of the practical attack for the FMS attack-resistant WEP implementation increases greatly by the known IV attack. When 128-bit session key, the known IV attack recover 104-bit secret key of the...
一般社団法人電子情報通信学会, 10 Mar. 2005, Technical report of IEICE. ISEC, 104 (731), 43 - 48, Japanese - A Note on Probabilistic Internal-State Reconstruction Method to Stream Ciphers with Time-variant Tables
Internal-state reconstruction method is a method for reconstructing the internal state of stream ciphers with time-variant tables. The key size and the key scheduling algorithm of stream ciphers with time-variant tables do not influence the time-complexity of internal-state reconstruction method. We have already proposed an efficient deterministic internal-state reconstruction method based on a tree-search algorithm. In this paper, we improve the method by applying probabilistic internal-state reconstruction method proposed by Golic. The proposed method is most effective method in the all i...
一般社団法人電子情報通信学会, 14 Jul. 2004, Technical report of IEICE. ISEC, 104 (200), 41 - 48, Japanese - SSSM : A New Key Stream Generator with Time-variant Tables
A new key stream generator with time-variant tables, named SSSM, is proposed. SSSM is high-speed and secure key stream generator operated by the unit of 32-bit. This paper gives the algorithm and analytical result of SSSM.
一般社団法人電子情報通信学会, 14 Jul. 2004, Technical report of IEICE. ISEC, 104 (200), 49 - 52, English - A Probabilistic Internal-State Reconstruction Method to Stream Ciphers with Time-variant Tables
Internal-state reconstruction method is a method for reconstructing the internal state of some stream ciphers with time-variant tables. We have already proposed an efficient deterministic internal-state reconstruction method. In this paper, we improve the method by applying probabilistic internal-state reconstruction method proposed by Golic in 2000.
一般社団法人電子情報通信学会, 14 May 2004, IEICE technical report. Office Information Systems, 104 (69), 1 - 6, Japanese - A New Keystream Generator with Time-variant Tables
Stream cipher using keystream generator with time-variant tables is suitable for software implementation. RC4 is the most widely used keystream generator with time-variant tables. There have been many security analyses of RC4. In this paper, we propose a new stream cipher using keystream generator with time-variant tables. Our stream cipher is faster than RC4. The method has resistance for several cryptanalysis.
一般社団法人電子情報通信学会, 14 May 2004, IEICE technical report. Office Information Systems, 104 (69), 7 - 12, Japanese - 15 Dec. 2003, SITA2003, 26 (2), 417 - 420, JapaneseA Server-Authenticated One-Time Password Method
- 15 Dec. 2003, 情報理論とその応用シンポジウム予稿集 = The proceedings of the Symposium on Information Theory and Its Applications, 26 (1), 37 - 40, JapaneseIt is Not Large for the Amount of Calculation Which Derives the Private Key of RC4
- Internal-state reconstruction of a stream cipher RC4
Knudsen et al. proposed an efficient method based on a tree-search algorithm with recursive process for reconstructing the internal state of RC4 stream cipher. However, the method becomes infeasible for word size n > 5 because its time complexity to reconstruct the internal state is too large. This letter proposes a more efficient method than theirs. Our method can reconstruct the internal state by using the pre-known internal-state entries, which are fewer than their method.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Oct. 2003, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, E86A (10), 2636 - 2638, English - Internal-state reconstruction of a stream cipher RC4
Knudsen et al. proposed an efficient method based on a tree-search algorithm with recursive process for reconstructing the internal state of RC4 stream cipher. However, the method becomes infeasible for word size n > 5 because its time complexity to reconstruct the internal state is too large. This letter proposes a more efficient method than theirs. Our method can reconstruct the internal state by using the pre-known internal-state entries, which are fewer than their method.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Oct. 2003, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, E86A (10), 2636 - 2638, English - A method for improving fast correlation attack using parity check equations modifications
A nonlinear combiner random number generator is a general keystream generator for certain stream ciphers. The generator is composed of several linear feedback shift registers and a nonlinear function; the output is used as a keystream. A fast correlation attack is a typical attack for such keystream generators. Mihaljevic, Fossorier, and Imai have proposed an improved fast correlation attack. The attack is based on error correction of information bits only in the corresponding binary linear block code; APP threshold decoding is employed for the error correction procedure. In this letter, we propose a method which improves the success rate of their attacks with similar complexity. The method adds some intentional error to original parity check equations. Those equations are then used in APP threshold decoding.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Aug. 2003, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, E86A (8), 2155 - 2158, English - A method for improving fast correlation attack using parity check equations modifications
A nonlinear combiner random number generator is a general keystream generator for certain stream ciphers. The generator is composed of several linear feedback shift registers and a nonlinear function; the output is used as a keystream. A fast correlation attack is a typical attack for such keystream generators. Mihaljevic, Fossorier, and Imai have proposed an improved fast correlation attack. The attack is based on error correction of information bits only in the corresponding binary linear block code; APP threshold decoding is employed for the error correction procedure. In this letter, we propose a method which improves the success rate of their attacks with similar complexity. The method adds some intentional error to original parity check equations. Those equations are then used in APP threshold decoding.
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG, Aug. 2003, IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, E86A (8), 2155 - 2158, English - Unknown Virus Detection System using Virtual Network
The spread of computer virus by E-mail is a social problem. In particular, unknown virus which can not be detected by a general virus detection scheme based on pattern matching tends to expand the damage. It is also necessary to find out a countermeasure against a metamorphic virus, which changes itself whenever it infects a computer, because a pattern matching-based virus detection scheme can not detect the virus. It is known that a dynamic heuristic scheme is effective to detect unknown or metamorphic viruses. In the scheme, after a doubtful target file is actually run on a computer and its behavior on the computer is monitored, we judge whether the file is a virus or not. In this paper, we propose a dynamic heuristic scheme-based system which runs a target file attached to E-mail on a virtual machine and a virtual network, and monitored its behavior pattern in the virtual environment. We describe an implementation of proposed system, and show some evaluation results.
The Institute of Electronics, Information and Communication Engineers, 10 Jul. 2003, Technical report of IEICE. ISEC, 103 (195), 113 - 120, Japanese - 2003, IPSJ Journal, Vol.44 (No.8), 2170 - 2177A Random Number Generation Using Prediction Error of Round Trip Time on IP Network
- On unlawful access detection by remote surveillance
In this paper, we give an center management model in unlawful access detection. Agents gather the network information in each management domain. When the agent detects abnormal event, it communicates to the center and the center analyzes the network information to specify the unlawful access by using IDS. The advantages of this model are that the administrator of each domain does not need to update signatures of IDS and he can receive an essential information of an unlawful access and the way of its countermeasure.
The Institute of Electronics, Information and Communication Engineers, 06 May 2002, IEICE technical report. Office Information Systems, 102 (45), 25 - 30, Japanese - 一般社団法人電子情報通信学会, 07 Mar. 2002, Proceedings of the IEICE General Conference, 2002 (1), JapaneseRemote Patrol Method for Web Server Systems
- 2002, IPSJ Journal, Vol.43 (No.8), 2542 - 2551Implementation and Evaluation of Remote Patrol System for Web Server
- 2002, Trans. of IEICE D-I, Vol.J85-D-I (No.7), 614 - 625A Security Protocol Intended to Ease QoS Management in IP Networks
- Development and Experiment of Detection System for Web Page Alteration via the Internet
With the spread of the Internet, illegal access via the Internet becomes serious problem. WWW contents are frequently altered by opponent, and the attack is a social problem recently. DNS attack for WWW is not detected by existent detection systems for web page alteration, because the systems inspect the web page from the inside of the system. Moreover, not all the administrators can easily build the secure network including the WWW server and the detection system. In this paper, we show a new surveillance system for web page alteration from the outside of the network. This system has an ef...
一般社団法人電子情報通信学会, 12 Nov. 2001, Technical report of IEICE. OFC, 101 (435), 29 - 34, Japanese In the Internet, the IXP (Internet Exchange Point) /s tend to be congested since all traffic must go through the IXP's if the ISP (Internet Service Provider) 's belong to the different upper ISP's. In particular, this problem is serious in Japan since we have only a few IXP's. To ease this problem, we focus on the HTTP traffic exchanged among the neighboring ISP's since the web browsing causes major traffic in the Internet. In this paper, we provide a structure of regional HTTP-IXP and its experimental results. Our HTTP-IXP system aims to reduce the backborn traffic with comparatively low cost by exchanging the regional HTTP traffic via HTTP cash server. Our experimental results show that the backborn traffic can be reduced without the degradation of any user QoS (Quality of Service).
THE INSTITUTE OF SYSTEMS, CONTROL AND INFORMATION ENGINEERS (ISCIE), 2000, Transactions of the Institute of Systems, Control and Information Engineers, Vol.13 (No.4), 168 - 178- 2000, Trans. of IEICE A, Vol.J83-A (No.10), 1169 - 1179Some Properties on Non-Linear Combiner Function -On Linear Complexity, Mutual Information and Correlation Immunity-
- The Institute of Systems, Control and Information Engineers, 2000, Trans. of ISCIE, Vol.13 (No.4), 168 - 178
- Construction of WLL using low power data transmission system and its experimental results
In this paper, we report the wireless local loop (WLL) which is experimentally constructed in Wajiki Town, Tokushima prefecture mainly by the ministry of posts and telecommunications, and its experimental results. The WLL is realized as a distributed wireless network using low power CDMA transceiver, and it has some good features from the point of view of institution, management and cost. From the experimental results, it is observed that the WLL networks show the almost equal throughput to INS and the communication applications such as IP-FAX, IP-Phone, TV-phone, mail, Web server and video server are available in practice.
The Institute of Electronics, Information and Communication Engineers, 20 May 1999, Technical report of IEICE. OFC, 99 (69), 31 - 36, Japanese - Study on Construction of Local IXP and Its Experimental Results
In this paper, we discuss the structure of local HTTP-IXP server and its experimental results. Such local HTTP-IXP server aims to reduce HTTP traffic, which is major in Internet, by refining the network topology among local ISP's and sharing WWW contents in local area effectively by means of the layered cache structure. Experimental results show that local HTTP-IXP server can reduce HTTP traffic in backborn network and improve quality of service of ISP.
The Institute of Electronics, Information and Communication Engineers, 22 May 1998, Technical report of IEICE. OFC, 98 (75), 23 - 28, Japanese - 1998, Journal of IIEEJ, Vol.27 (No.3), 253 - 262A Packet Distribution Experiment of Still and Moving Images over the Internet
- Some notes on the Non-linear Combiner Generator and that against a Linear Attack
We proposed a Dynamic Random Generator(DRG)[1] which is one of Non-linear combiner generators. Tanaka and Kaneko proposed a Linear Attack to the non-lineal generator[2], that needs much smaller than its period. In this paper, we compare DRG with other generators about linear complexity and mutual information, and evaluate the linear attack. As a result, it is very difficult for non-linear function with a structure adding one or two LFSRs to attack.
The Institute of Electronics, Information and Communication Engineers, 20 May 1996, ISEC96, 96 (47), 23 - 32, Japanese
Books etc
- Contributor, 第13章pp.247-260, オーム社, Nov. 2021, Japanese, ISBN: 9784274227974データサイエンスの考え方 : 社会に役立つAI×データ活用のために
- オーム社, 2010, ISBN: 9784274209581暗号と情報セキュリティ(共著)
Presentations
- The Second NTU-Kobe U Joint Workshop on Data Science and AI, Mar. 2018, English, Nanyang Technological University, Singapore, International conferenceMalicious Website Detection and Exploit-kit Identification Techniques Using Website Structure
Oral presentation
- 情報処理学会50周年記念(第72回)全国大会, 2010知識創造モデルの共同化プロセスにおける知識流通を支援するシステム
- 情報処理学会50周年記念(第72回)全国大会, 2010単一の鍵で多重帰属できるグループファイル共有プロトコルの評価
- 情報処理学会50周年記念(第72回)全国大会, 2010信頼できるメールアドレスを公開鍵とするWebベース機密情報伝送システムの提案
- 情報処理学会50周年記念(第72回)全国大会, 2010情報資産のセキュリティレベルを多角的に解析するためのレイヤを選択的に複合できる統合可視化手法
- 情報処理学会50周年記念(第72回)全国大会, 2010処理能力の低いスクリプト言語と高速通信路を組合せるWebサービスのためのElGamal暗号の依頼計算
- 情報処理学会50周年記念(第72回)全国大会, 2010ポリシー強制ポイントをエンドホストで実現するための通信制御機構の提案
- 情報処理学会50周年記念(第72回)全国大会, 2010ホスト間直接通信型ファイル配送システムのためのインスタントな宛先IDとホストだけが管理する秘密を用いたペアリングによる暗号通信
- 情報処理学会50周年記念(第72回)全国大会, 2010ファイル提供要求に対する確実な応答を誘発し遺漏のない情報流通を支援するシステムの提案
- 情報処理学会50周年記念(第72回)全国大会, 2010サーバサイドネットワークを保護するためのTPMを用いた接続資格保証基盤の提案
- 情報処理学会50周年記念(第72回)全国大会, 2010エンドポイントでポリシー強制を行うアクセス制御モデル
- 情報処理学会50周年記念(第72回)全国大会, 2010アプリケーションの実装時組み込み型操作手順提示機構のユーザビリティ評価
- 情報処理学会50周年記念(第72回)全国大会, 2010Webクライアント上での暗号化のためのペアリング演算ライブラリのActionScriptでの実装
- 2010知識創造モデルの共同化プロセスにおける知識流通を支援するシステム
- 2010ファイル提供要求に対する確実な応答を誘発し遺漏のない情報流通を支援するシステムの提案
- 2010単一の鍵で多重帰属できるグループファイル共有プロトコルの評価
- 2010ホスト間直接通信型ファイル配送システムのためのインスタントな宛先IDとホストだけが管理する秘密を用いたペアリングによる暗号通信
- 2010Webクライアント上での暗号化のためのペアリング演算ライブラリのActionScriptでの実装
- 2010処理能力の低いスクリプト言語と高速通信路を組合せるWebサービスのためのElGamal暗号の依頼計算
- 2010信頼できるメールアドレスを公開鍵とするWebベース機密情報伝送システムの提案
- 2010サーバサイドネットワークを保護するためのTPMを用いた接続資格保証基盤の提案
- 2010エンドポイントでポリシー強制を行うアクセス制御モデル
- 2010ポリシー強制ポイントをエンドホストで実現するための通信制御機構の提案
- 2010情報資産のセキュリティレベルを多角的に解析するためのレイヤを選択的に複合できる統合可視化手法
- 2010アプリケーションの実装時組み込み型操作手順提示機構のユーザビリティ評価
- 第8回情報科学技術フォーラム(FIT2009), 2009蓄積された要素知識群からの伝達を効率的にするインタフェース
- 情報学ワークショップ2009(WiNF2009), 2009在宅介護現場知の知識共有・情報連携支援システムに関する研究
- 情報学ワークショップ2009(WiNF2009), 2009ネットワーク符号化を用いたALM通信方式のためのシミュレーションフレームワークの提案
- 第32回情報理論とその応用シンポジウム(SITA2009), 2009ネットワーク符号化および予測符号化を用いた画像のマルチキャスト通信
- 第8回情報科学技術フォーラム(FIT2009), 2009スパイラルな情報創出に向けたブログ型センサデータアノテーションシステム
- コンピュータセキュリティシンポジウム2009(CSS2009), 2009TPMとTSSを用いたエンドホストのロギング機構
- 情報学ワークショップ2009(WiNF2009), 2009ActionScript によるペアリング演算ライブラリの開発
- SITA2009, 2009Multicast Communication of Image Data Using the Network and Predictive Codings
- WiNF2009, 2009Pairing arithmetic library by ActionScript
- WiNF2009, 2009A Knowledge Management and Sharing Support System for Tacit Knowledge of Home Care Services
- WiNF2009, 2009Simulation Framework for AML Communication with Network Coding
- CSS2009, 2009An End-host based Logging Mechanism Using TPM and TSS
- FIT2009, 2009Interface for Efficient Transferring From Stored Group of Knowledge Element
- FIT2009, 2009Blog Based Sensor Data Annotating System for Creating Information Spirally
Association Memberships
Research Projects
- 学術研究助成基金助成金/基盤研究(C), Apr. 2016 - Mar. 2019, Principal investigator
Competitive research funding
- 学術研究助成基金助成金/基盤研究(C), Apr. 2013 - Mar. 2016, Principal investigator
Competitive research funding
- 2008 - 2008暗号プロトコルとその応用に関する研究
Competitive research funding
- 2008 - 2008Study on Cryptographic Protocols and its Applications
Competitive research funding
- 2007 - 2007ネットワークフォレンジックに関する研究
Competitive research funding
- 2007 - 2007Study on Network Forensics
Competitive research funding
- 2006 - 2006オーバーレイネットワークの効率的な通信方式に関する研究
Competitive research funding
- 2006 - 2006Study on Efficient Communication in Overlay Network
Competitive research funding
- 1997 - 1997分散ネットワーク環境のセキュリティに関する研究
Competitive research funding
- 1997 - 1997Study on Security in Distributed Network
Competitive research funding
- 1995 - 1995安全で高速なストリーム暗号方式に関する研究
Competitive research funding
- 1995 - 1995Study on Stream Cipher with High Security and Efficiency
Competitive research funding