Presentation is loading. Please wait.

Presentation is loading. Please wait.

Research & Development for Internet Security in Japan

Similar presentations


Presentation on theme: "Research & Development for Internet Security in Japan"— Presentation transcript:

1 Research & Development for Internet Security in Japan
14th AFSIT November 24, 2000 Research & Development for Internet Security in Japan Ryoichi Sasaki ) Senior Chief Researcher Systems Development Laboratory, Hitachi, Ltd. Thank you Mr. Chairman. I am Dr. Sasaki SDL, Hitachi ltd., Japan. Today, I would like to talk about Security Technologies and their application to E Commerce in Japan. AFSIT : Asian Forum for the Standardization of Information Technologies Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

2 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Table of Contents 1. Introduction 2. Security Threats and Countermeasures 3. Status on Security Countermeasures in Japan 4. Security Technology Creates Internet New Era 5. Current Status on Security R&D in Japan 6. R & D on Security Technologies in Hitachi 7. On Security Standards After the introduction,, I will show you current status on Security R&D in Japan. Then, I will talk about the trend on E-Commerce in Japan. Next, R&D on security technologies and E-Commerce in Hitachi will be explained in some detail. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

3 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
1. Introduction Current Situation of Internet in Japan Introduction. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

4 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Trend on Number of Hosts Connected to Internet (%) (Number in '95 is 100% for each country) Japan This slide shows the trend on number of hosts connected to Internet when the number in 95 is 100% in each country. X-axis represents the year, and Y axis shows percentage. We can find that the increase of Japan is much larger than other countries, for example, USA, France or Germany. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

5 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Number of Internet Users in Japan Number (M Persons) Diffusion Rate (%) 76.7 70 70 60 60 50 50 40 40 30 27.1 30 20 19.1% 20 16.9 11.6 10 10 2005 1996 (Year) From White Paper 2000 of Ministry of Posts and Telecommunications Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

6 Predicted Amount of E-Commerce (Business to Business)
Trillion Yen 180 165 160 140 117 Japan 120 USA 100 79 68 80 50 60 45 Announced by MITI in 1999 30 29 40 20 12 19 20 1998 1999 2000 2001 2002 2003 Year Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

7 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Background of Increase of Security Threat Rapid Spread of Internet Increase of Victim Candidates Increased Connection of Enterprise Network to Internet : Attack Increase via Internet to Extreme Valuable Information インターネットの普及 Big Digital Money Flow on Internet: More Powerful Attack to Get Big Money The rapid spread of the Internet in Japan leads to the increase of victim candidates. This is one of the reasons for security threat increase The number of enterprise network connections to the Internet is increasing in Japan. This situation makes it easy for third persons to access very important information in companies via the Internet. The start of big digital money flow on Internet will lead more powerful attack to get big money. As shown in this slide, security threat is increasing rapidly in Japan and worldwide. The security technology is gaining in importance in open network environment. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

8 Loss Caused by Attack to Security in USA
Estimated by FBI / CSI M$ 50 100 150 200 250 1996 100M$ 1997 130M$ 120M$ 1998 1999 260M$ Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

9 Number of Reported Security Incidents in Japan
800 Data from JPCERT 700 600 500 400 300 200 100 97 1Q 97 2Q 97 3Q 97 4Q 98 1Q 98 2Q 98 1Q 98 3Q 98 4Q 99 1Q 99 2Q 99 3Q 99 4Q 00 1Q Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

10 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
2. Security Threats and Countermeasures Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

11 Threats to Security Threats to Security Objects
Loss of Confidentiality (Eavesdropping) Loss of Integrity Network (Interruption) Loss of Availability (Improper Use) As you know, threats to security can be divided into four categories. Loss of confidentiality, loss of integrity, loss of availability and loss of evidence. The attack methods for each threat are described here; Eavesdropping, Interruption, Improper use and repudiation. These three are given by third persons, and this treats against loss of evidence are given by the business partners. . Files Electronic Commerce Loss of Evidence Computer (Repudiation) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

12 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Countermeasure against Attacker Countermeasure by Technology (1) Protection against Intrusion (a) Access Control (Firewall etc.) (b) Encryption (2) Prevention,Detection, Recovery (a) Security Surveillance (b) Security Audit etc. Attacker Intrusion Masquerade Security Hole Attack Countermeasure by Management (a) Security Policy Establishment (b) Security Education Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

13 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
3. Status on Security Countermeasures in Japan Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

14 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Investigated Results on Security Measure Status (1) Investigated by JIPDEC in 1999 No. of Companies :867 No. of Mean Employees:2194 persons Security Policy Rate% is decided in only less than one fifth of companies. 1.7 0.7 18.9 43.5 9.3 25.8 Decided Deciding Under Consideration Not Decided Unnecessary No Answer JIPDEC: Japan Information Processing Development Corporation Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

15 Investigated Results on Security Measure Status (2)
Security Specialist Rate(%) exists in less than one fourth of companies. 0.6 23.8 1 12.5 62.2 Exist Under Consideration Not Exist Not Necessary No Answer Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

16 Investigated Results on Security Measure Status (3)
Firewall is used in more than 50% companies. Usage of Password 90 83.4 Usage of Firewall 80 70 Usage of Access Control Soft 60 Access Control to Outside 50.7 50 40.9 Limitation of Network Operator 40 33.6 Inhibition of Changing LAN Connection 30 25.8 21.3 Log Analysis 20 14.2 10.4 10 Others 1.5 No Measure 1 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

17 Investigated Results on Security Measure Status (3)
Cipher is used in less than 15% companies. Usage of Cipher Rate(%) 2.7 Not Usage 14.7 No Answer 82.6 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

18 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
4. Security Technology Creates Internet New Era Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

19 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Security Technologies Support Internet New Era Future Direction Additional Features E-Election E-Government EC(B to C) E-Auction E-Library Creation of new value of services Socialnet New Social Infrastructure Application to Management Strategy Extranet EC(B to B) Intranet Information Sharing GroupWare Improvement of work efficiency Internet* Mail, News, WEB Information Exchange Note:* Narrow Meaning Inter Individuals Inner Companies Inter Companies Public, Home etc. Coverage Security Technologies Digital Signature Digital Watermarking Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

20 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Outline of Digital Signature < Objectives of Digital Signature or Electronic Seal > (1) Entity Authentication : Protection from Masquerade (2) Message Authentication : Detection of Message Manipulation Objectives Real World Digital World Usage of Asymmetric Cipher* : It is possible to identify single signature key user. Usage of Seal or Signature for Identifying Originator (1) Entity Authentication Usage of Paper and Ink for Detecting Manipulation Usage of Hash Function : It is possible to detect manipulation by checking hash value. (2) Message Authentication * Asymmetric Cipher equals Public Key Cipher Digital Signature or Electronic Seal Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

21 Digital Signature Scheme
If only one bit of M was changed, the hash value will be changed totally Digital Signature Scheme Authenticated Private Key of Bob ( Sa ) :Secret Public Key of Bob ( Pa ) : Open Encryption by Using Sa and Asymmetric Cipher Hash Value ( h(M)) Decryption by Using Pa and Asymmetric Cipher Pair Keys h’=Pa(S) = Compare Hash Function(h) Digital Signature (S=Sa(h(M))) Digital Signature (S=Sa(h(M))) h”=h(M) Massage (M) M +Digital Signature M +Digital Signature Hash Function(h) Bob Alice Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

22 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Necessity of Certification Authority Objective:Certificate the real owner of public key Pa ( Protect to pretend Pc generated by Carol as Pa of Bob) (3) Registration of Pa and the Owner Certification Authority:CA Private Key of CA: Sn Secret (Asymmetric Cipher ) Public Key of CA: Pn Open (2) Pa (4) Public Key Certificate (6) Pn (X.509 V.3) with Sn (Pa) (7) Calculate Pa Pa= Pn(Sn(Pa)) (8) Use Pa for     Verification (1) Generate Private Key:Sa Public Key :Pa (5) Signed Message + X.509 Certificate Bob Alice (Note:There was same system in the era of King Hammurabi about 4100 years ago .) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

23 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Example of Structure for CAs Hierarchical Structure of CAs Root CA Certificate CA1 CA2 CA11 CA12 EE1 EE2 EE3 EE4 EE: End Entity ( User of CA ) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

24 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
PKI for Supporting Certification PKI consists of protocols, services, and standards supporting applications of public-key cipher (asymmetric cipher), especially related the use of Certificate Authority(CA). PKI : Public Key Infrastructure Root CA Certificate CA1 CA2 CA11 CA12 EE1 EE2 EE3 EE4 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

25 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Security Technologies Support Internet New Era Future Direction Additional Features E-Election E-Government EC(B to C) E-Auction E-Library Creation of new value of services Socialnet New Social Infrastructure Application to Management Strategy Extranet EC(B to B) Intranet Information Sharing GroupWare Improvement of work efficiency Internet* Mail, News, WEB Information Exchange Note:* Narrow Meaning Inter Individuals Inner Companies Inter Companies Public, Home etc. Coverage Security Technologies Digital Signature Digital Watermarking Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

26 Example of Watermarking
Original Image Embedded Image Owner Htachi buyer Sasaki Extract-ing Software Embedd-ing software Owner Hitachi Buyer Sasaki This slide shows example of Watermark processing. Watermark is embedded in this area. Embedded Position Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

27 5. Current Status on Security R&D in Japan
Next, I will outline current status on security R&D in Japan. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

28 Main Players on Security R & D in Japan
Government MITI - IPA MPT - TAO STA Fund for Security Projects Universities Companies Collaboration This slide show main players on Security R&D in Japan. Players group consist in Government, Universities and Companies. In Government, MITI and MPT are main players, where MITI means ---, MPT means MITI - IPA line and MPT - Tao line respectively prepare the fund for security projects of universities and companies. Now, IPA means ---,TAO means ---. MITI : Ministry of International Trade and Industry MPT : Ministry of Posts and Telecommunications IPA : Information - Technology Promotion Agency, Japan TAO : Telecommunications Advancement Organization of Japan STA : Science and Technology Agency Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

29 Main Players on Security R & D in Japan
Government MITI - IPA MPT - TAO IPA - Security Center (1) Anti-Computer-Virus Activities (2) Countermeasures Against Unauthorized Access to Computers in Cooperation with JPCERT (3) Study of Cryptography and Authentication Technologies (4) Study of IT Security Evaluation and Certification / Validation Scheme Fund for Security Projects Universities Companies The IPA has security center. Main activities of the security center are described here. First is anti-computer-virus activities, IPA is an authorized organization to receive reports of compute virus contamination. Second is ---. Third is ---. IPA studies cryptography technologies throughout the world, and supports R&D in these areas. IPA also engages in ---. Collaboration MITI : Ministry of International Trade and Industry MPT : Ministry of Posts and Telecommunications IPA : Information - Technology Promotion Agency, Japan Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

30 Main Players on Security R & D in Japan
Government Universities MITI - IPA MPT - TAO O Tokyo University (Professor IMAI), O Chuo University (Professor TSUJII), O Yokohama National University, O Kyushu University, O Keio University etc. Fund for Security Projects Universities Companies As Universities, Tokyo University, Chuo University, Yokohama National University and so, on are main players on Security R&D in Japan. Prof Tsujii and Prof. Imai are Key persons in this field. Collaboration MITI : Ministry of International Trade and Industry MPT : Ministry of Posts and Telecommunications IPA : Information - Technology Promotion Agency, Japan TAO : Telecommunications Advancement Organization of Japan Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

31 Main Players on Security R & D in Japan
Government COMPANY MITI - IPA O NTT, O Hitachi, O Mitsubishi, O NEC, O NTT Data, O Fujitsu, O Panasonic, etc. MPT - TAO Fund for Security Projects Universities Companies As companies, NTT, Hitachi, Mitsubishi and so on are the main players on Security R&D. I believe Hitachi is one of the strongest players. Collaboration MITI : Ministry of International Trade and Industry MPT : Ministry of Posts and Telecommunications IPA : Information - Technology Promotion Agency, Japan TAO :Telecommunications Advancement Organization of Japan Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

32 Security Technologies for Research
Field Technology 1 Certification Element Technology 2 Access Control 3 Encryption 4 Digital Signature 5 Computer Virus 6 Secure Network System Technology Recovery 7 8 Vulnerability 9 Risk Assessment 10 Interdependency Social Technology 11 Risk Communication Security User Interface 12 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

33 Comparison of Research Area in USA and Japan
Field Technology USA* Japan+ 1 Certification 29 33 Element Technology 2 Access Control 28 6 3 Encryption 24 47 4 Digital Signature 4 2 5 Computer Virus 6 1 6 Secure Network 3 System Technology Recovery 3 7 4 8 Vulnerability 4 9 Risk Assessment 3 6 10 Interdependency 1 1 Social Technology 11 Risk Communication 3 12 Security User Interface 3 * Ratio of number of papers in ACM and IEEE for this ten years (Total No.:4696) + Ratio of number of papers in IPSJ and IEICE for this ten years (Total No.:555) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

34 Main Players on Security R & D in Japan
Government COMPANY MITI - IPA O NTT, O Hitachi, O Mitsubishi, O NEC, O NTT Data, O Fujitsu, O Panasonic, etc. MPT - TAO Fund for Security Projects Universities Companies As companies, NTT, Hitachi, Mitsubishi and so on are the main players on Security R&D. I believe Hitachi is one of the strongest players. Collaboration MITI : Ministry of International Trade and Industry MPT : Ministry of Posts and Telecommunications IPA : Information - Technology Promotion Agency, Japan TAO :Telecommunications Advancement Organization of Japan Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

35 6. R & D on Security Technologies in Hitachi
Next, I will outline threats to security and the countermeasures in general. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

36 Hitachi’s Security Services and Products
Total Power Hitachi’s Security Concept Hardware Products Attack! Secureplaza Crypt LSI Smart Card Router Software Products Systems Integration Services Operation Services Encryption Library Message Firewall Certificate Authority Hitachi provides not only hardware and software products but also systems integration and operation services as shown in this slid under the security concept named secureplaza. As systems integration services, we have experiences to built EC systems for consumer and inter corporate EC systems. As operation services, Hitachi provides CA service and security monitoring and so on. The researchers of our laboratory are engaged in R & D for these services as well as these products. EC Security Monitoring EC System Inter-Corporate EC Attack! Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

37 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
History on R&D of Security in Hitachi Phase 3 ( ) Phase 1 ( ) Phase 2 ( ) Business Establishment Period Products Development Period Technology Development Period We started the security R&D about 12 years ago. First 6 years was technology development period, and the number of researchers was very limited. To our regret, we could not directly connect our research activities to security products. Spread of Internet made security important, and from 1993, many security products for example cipher software were made based on our R&D. From 1998, Hitachi started security service business in addition to security products. We also engage in the R&D for security service business. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

38 Business Area and Developed Security Technologies
SI & Operation Security Monitoring, Key Recovery Service Special Service Certificate Authority, Notary System Middle Software Secure Commerce Protocol, Key Management ,Group Security Soft- ware Encryption Algorithms Digital Water Marking Library This table shows business area and related main security technologies we developed. First, I will talk about ciphers for encryption. Encryption for Hardware Equipment Biometrics for Authentication Hard- Ware Subsystem Component LSI for Encryption, Smart Card Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

39 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Common Key Cipher and Public Key Cipher Common Key Cipher Public Key Cipher Examples DES RSA Relation between Encryption/ Decryption Keys Encryption Key = Decryption Key Encryption Key ≠ Decryption Key Secret Key Delivery Necessary Not Necessary Digital Signature Straightforward Difficult As you know, ciphers can be divided into two categories; that is common key cipher and public key cipher. The representative of common key cipher is DES, and that of public key cipher is RSA. Speed Fast Slow Key Delivery Applications Data Encryption Digital Signature Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

40 Common Key Cipher Developed in Japan
Company Name Year Comment FEAL-N E2 1990 NTT 1998 Candidate of AES MULTI2 MULTI-S01 1989 2000 Hitachi Stream Cipher This table shows comparison of common key ciphers. As ciphers developed in Japan, FEAL -N of NTT, MISTY of Mitsubishi and MULTI of HITACHI are well known. Mitsubishi MISTY 1996 NEC Unicorn 1997 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

41 Products Related MULTI
(a) Encryption Software Library (Keymate/MULTI) (b) Encryption LSI for Satellite Broadcast (Japan Standard for Digital Satellite Broadcast) TV PerfecTV DirecTV Japan IRD MULTI algorithm is contained in Hitachi's encryption software library named Keymate/MULTI. Keymate/MULTI is used in many systems, for examples, production systems, OA systems, etc. MULTI algorithm is Japan standard cipher for digital satellite broadcast. Therefore, MULTI chips are used in all sender and receivers of digital satellite broadcast systems e.g. PerfecTV, DirecTV Japan and JskyB. In addition, improved MULTI is the baseline cipher for IEEE 1394 recommended by an De facto International Standardization Group CPTWG. MULTI Chip MULTI is the baseline cipher recommend by CPTWG for IEEE1394 CPTWG: Copy Protection Technology Working Group Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

42 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Common Key Cipher and Public Key Cipher Common Key Cipher Public Key Cipher Examples DES RSA Relation between Encryption/ Decryption Keys Encryption Key = Decryption Key Encryption Key ≠ Decryption Key Secret Key Delivery Necessary Not Necessary Digital Signature Straightforward Difficult As mentioned earlier, ciphers can be divided into two category, that is common key cipher and public key cipher. The representative of common key cipher is DES, and that of public key cipher is RSA. Speed Fast Slow Key Delivery Applications Data Encryption Digital Signature Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

43 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Necessity of New Public Key Cipher RSA Required key length for safe enough bits bits bits Improvement of Hardware and Integer Factorization Method Computation time when key length becomes twice 6 times - 8 times As public key cipher, RSA is famous and has been used widely. However, safe enough key length has been changing as shown here caused by improvement of computer hardware and integer factorization method. Computation time becomes 6-8 times when key length becomes twice. Because computation time of public key cipher was neck, Hitachi has decided new public key cipher in 1996. Hitachi has decide to develop new public key cipher in 1996. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

44 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Hitachi Elliptic Curve Cryptosystem(ELCURVE) Encryption/ Decryption K-out-of-N Scheme Digital Signature Scheme Hitachi original scheme Elliptic Curve based on 2 powers Elliptic Curve based on large prime numbers Type of Elliptic Curve ELCURVE Software Library for PC and WS (Product:Keymate/Crypto) Software for Smart Card ( Prototype ) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

45 Development of ELCURVE on Smart Card
PC Smart Card H8/3111 BLOCK DIAGRAM H8/300 CPU I/O PORT ROM 14K BYTES EEPROM 8K BYTES ・High speed calculation by utilizing co-processor in smart card designed for fast RSA calculation RAM 512 BYTES CO-PROCESSOR RAM 288 BYTES CPU:5MHZ、 CO-PROCESSOR:10MHZ EXTERNAL CLOCK :10MHZ DIGITAL SIGNATURE(160BITS) 0.17 SEC Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

46 Business Area and Developed Security Technologies
SI & Operation Security Monitoring, Key Recovery Service Special Service Certificate Authority, Notary System Middle Software Secure Protocol, Key Management , Group Security Soft- ware Encryption Algorithms Digital Water Marking Library Encryption for Hardware Equipment Biometrics for Authentication Hard- Ware Subsystem Component LSI for Encryption, Smart Card Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

47 Application Areas of Watermarking
Protection by watermarking needed Contents kind Examples high paint- ing program Still picture painting book education software movie Photography Motion picture Price music Movies in DVD $10 Picture in digital book magazine Music news- paper Voice Voice in movie TV-news karaoke Text Sentence in digital book catalogue Application programs low Program 1month short long Life span Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

48 Actual Applications of Water Mark
Protection by watermarking needed (1) Copy Detection in Toppan Co. for Selling Digital Arts ( Still Picture ) (2) Copy Protection Standard Proposal for DVD - RAM in CPTWG ( Motion Picture ) (3) Internet - Marks For WWW paint- ing program book education software movie Price music $10 magazine news- paper TV-news karaoke catalogue Water mark system is applied these targets. First is --. Second is --. Third is ---. I will explain the Internet Marks in some detail. 1month short long Life span Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

49 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Problems Web systems are important social infrastructures. Means for effective information delivery and collection Bases for most EC systems However they have trust problems. Impersonation (e.g., fake Web site represents itself as an established site) Criminal actions (e.g., receives money and then disappears without sending goods) Unclear service policies (e.g., on returning goods) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

50 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Authentication using visual seals Authority issues seals guaranteeing or rating Web sites. Seals are pasted on the Web pages. Consumers trust or know service levels of the Web sites via the seals. Problems Seals are easily forged and copied onto unauthorized Web pages. Reliable seal system is needed. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

51 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Internet-Mark technology Internet-Marks are verifiable seals because digital signatures are embedded in them by digital watermarking. Private key of issuer Internet-Marks can be verified via the embedded digital signatures. Digital object for which Internet-mark will be used. Embedded digital signature Digital signature Recommend for School Education SCIENCE ΕΔΩ Assoc. Recommend for School Education SCIENCE ΕΔΩ Assoc. Watermarking Material image (JPEG, bit map, etc.) Internet-Mark (JPEG, bit map, etc.) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

52 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Details of Internet-Mark Private key of issuer Web site address Additional info. - term of validity etc. Certificate for issuer Digital signature Paste Web page Signature, etc. Watermarking Material Image Internet-Mark Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

53 Business Area and Developed Security Technologies
SI & Operation Security Monitoring, Key Recovery Service Special Service Certificate Authority, Notary System Middle Software Secure Commerce Protocol, Key Management ,Group Security Soft- ware Encryption Algorithms Digital Water Marking Library Encryption for Hardware Equipment Biometrics for Authentication Hard- Ware Subsystem Component LSI for Encryption, Smart Card Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

54 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Biometric Authentication Devices of Hitachi Prototype model for Product Demonstration model Fingerprint Device Veridicom FPS100A 300×300×8bits 12Mbps USBI/F Hitachi’s Contactless Smart Card & R/W 8bits CPU 8kB EEPROM 9600bps Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

55 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Outline of Secured Office System PCs for End User Live scanner Live scanner Entrance Entrance control Door DB access control Log-on access control Workflow control Door Control unit Log DB DB Smart Card certificated fingerprint Smart card R/W Temporal Fingerprint file Verification Server User’s Office Certification Authority Issuer Center Enrollment Server Card Issuer System  User List Smart Card certificated fingerprint X.509 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

56 Business Area and Developed Security Technologies
SI & Operation Security Monitoring, Key Recovery Service Special Service Certificate Authority, Notary System Middle Software Secure Commerce Protocol, Key Management ,Group Security Soft- ware Encryption Algorithms Digital Water Marking Library Encryption for Hardware Equipment Biometrics for Identification Hard- Ware Subsystem Component LSI for Encryption, Smart Card Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

57 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Hitachi Certificate Authority Server For Operator CA system Against Invasion Firewall Encryption CA Server Against Inside Crime Prevent Single Operation Certification List インタネット Firewall Front End Server We assisted to develop the CA system. This CA system is based on SET standard. It has the functions to prevent the invasion of third persons by using Firewall and Encryption, and to prevent inside crime by inhibiting single operation of operators for very important operation. This CA systems works in some sites. Hitachi is also offering CA servers as a product. In addition, company established by Hitachi Fujitsu and NEC etc. will perform the CA service in near future. Certificate Certificate Certificate Consumer Store Bank/Card Company Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

58 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Image of CA & NA System for Ministry of Justice Certificate Certificate Authority Notary Service Notary Authority NA CA CA Archiving a digital document NA CA NA B A Time Stamping Authorizing a private document 1998/3/6 14:10 Making(Writing) a notarial deed Authorize NA B NA B B A NA A NA A NA CA B NA CA Corporate A Corporate B Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

59 Business Area and Developed Security Technologies
SI & Operation Security Monitoring, Key Recovery Service Special Service Certificate Authority, Notary System Middle Software Secure Commerce Protocol, Key Management ,Group Security Soft- ware Encryption Algorithms Digital Water Marking Library Encryption for Hardware Equipment Biometrics for Identification Hard- Ware Subsystem Component LSI for Encryption, Smart Card Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

60 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
7. On Security Standards Conclusion. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

61 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Security Standards and Related Organizations Security Basic Field Security Application Field World Wide Official : ISO-SC27, ITU etc. SET (Certification) MULTOS (Card OS ) CPTWG (Copy Protection ) etc. Private :IETF(Protocol) etc. National Level Official: NIST(AES), JIS etc. Private : IEEE (1394) etc. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

62 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
On Cryptography Standard 1.National Level / Official (1) USA: AES Project by NIST AES (Advanced Encryption Standard ) was selected in Oct - > Rijndael Proposed from Belugium (2) JAPAN: CRYPTEC Project by IPA and TAO ( Chair: Prof. Imai ) Assessment of Security and the Implementation of Available Cryptographic Techniques to Achieve information Security in the Electronic Government -> Technical Report Including a List of Analytical Results on Security Profile and Implementation Aspects for Proposed Cryptographic Technologies ( in March, 2001 ) (3) EC : NESSIE Project by the Information Technology Programme of the European Commission Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

63 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
On Cryptography Standard 2. World Wide / Official Standardization of Ciphers has started at ISO/IEC JTC1 SC 27 (#18033) from 1999. < From Registration to Real Standard > Standardization Items (1) Asymmetric Ciphers (2) Block Ciphers (3) Stream Ciphers Symmetric Ciphers (Common Key Ciphers) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

64 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Security Standards and Related Organizations Security Basic Field Security Application Field World Wide Official : ISO-SC27, ITU etc. SET (Certification) MULTOS (Card OS ) CPTWG (Copy Protection ) etc. Private :IETF(Protocol) etc. National Level Official: NIST(AES), JIS etc. Private : IEEE (1394) etc. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

65 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
IETF WG on Security Category WG Infrastructure Common Authentication Technology (cat) IP Security Protocol (ipsec) Intrusion Detection Exchange Format (idwg) Public-Key Infrastructure (X.509) (pkix) Simple Public Key Infrastructure (spki) XML Digital Signatures (xmldsig) Middleware Authenticated Firewall Traversal (aft) One Time Password Authentication (otp) Secure Shell (secsh) Transport Layer Security (tls) Application An Open Specification for Pretty Good Privacy (openpgp) Domain Name System Security (dnssec) S/MIME Mail Security (smime) Web Transaction Security (wts) Secure Network Time Protocol (stime) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

66 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
8. Conclusion Conclusion. Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

67 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Conclusions 1. R & D on security technologies in Japan were explained. 2. Future Tendency (1) Attack will increase and be harder in future. (2) More powerful countermeasures will be required, especially in security surveillance, audit, evaluation and education. (3) Attack will be given from all over the world. Therefore, world wide collaborations must be performed to protect against the attacks. We talked mainly about the countermeasure offered by Hitachi and other companies in Japan. (1) (same) (2) (3) Copyright (c) 2000 Hitachi, Ltd. All rights reserved.

68 Copyright (c) 2000 Hitachi, Ltd. All rights reserved.
Research & Development for Internet Security in Japan END Copyright (c) 2000 Hitachi, Ltd. All rights reserved. 33


Download ppt "Research & Development for Internet Security in Japan"

Similar presentations


Ads by Google