Abstract: An apparatus for granting electronic signature to a data includes an identification-data acquiring unit that acquires identification data for identifying an owner of a secret key that is used to create the electronic signature, an authorization-data acquiring unit that acquires authorization data corresponding to the identification data acquired, and a signature-granting determining unit that determines whether to grant the electronic signature to the data based on the authorization data acquired.

Abstract: An electronic data storage system stores electronic data with attaching an electronic signature, and output the electronic data along with the attached electronic signature, which decreases the operation costs with a simple operation. By using a public key-based signature, a third party can verify the data, and by using a secret check code, the electronic signature at registration is always valid without risk of falsification. Also by attaching an electronic signature at access, the validity of the stored data is assured, and a third party can verify the data. By using all of these features, the verification by a third party becomes possible over the long term. In this way the long term storage of electronic data is implemented.

Abstract: A central processing unit includes an operation mode storing unit that stores at least one first operation mode from among a plurality of second operation modes, a usable command storing unit that stores at least one command corresponding to each of the at least one first operation mode stored as at least one usable command, an operation mode adding/setting unit that adds into the operation mode storing unit a dynamically specified operation mode from the second operation modes, and sets in the usable command storing unit a command corresponding to the operation mode added, and a firmware acquiring unit that acquires from the outside, firmware that corresponds to the at least one first operation mode stored and that is used for executing the at least one usable command.

Abstract: When a sweeping process and a backup process are performed on an electronic library file in an electronic library, a file storing a history of the sweeping process or a history of a backup process is generated, and the sweeping and the backup processes are managed. Thus, a user can easily manage as to which medium an original document has been swept to or where a backup copy of the original document is. If the uniqueness of the original document shown in a sweep history and a backup history can be secured, the problem that there can be a plurality of original documents on the storage media of a plurality of electronic libraries can be avoided.

Abstract: Security of an information processing apparatus is ensured by performing biological information authentication and collecting the environment information about the information processing apparatus. The information processing apparatus transmits the collected environment information to a first authentication apparatus. An electronic certificate issued by a second authentication apparatus and information encrypted with a secret key issued by the second authentication apparatus are transmitted to the first authentication apparatus. The first authentication apparatus acquires the public key of the second authentication apparatus and the public key of the information processing apparatus so as to decrypt the encrypted information, and judges whether or not the decrypted information is proper. The first authentication apparatus refers to an environment information database and the transmitted information, and judges whether or not the transmitted environment information is proper.

Abstract: A command authorization method that prevents a command issued by a third party from impersonating a command issued by a legitimate user, thereby maintaining high security. An authorization code stored in a command transmitted from a host is collated in a command authorization code parser. If the authorization code coincides with collating information therein, a command parser generates a predetermined access command, which is executed by a command controller.

Abstract: A data management method that by encrypting and distributing digital content prevents copyright infringement, and that prevents authorization information for decrypting the encrypted digital content from being damaged or otherwise lost. Encrypted content 45 is prepared by encrypting digital content 11 with a content key 44. A portion of the digital content 11 is extracted as sample data 41. A secret key 46, by which the content key 44 is encrypted with user information 14, is embedded as invisible information into the sample data 41, thus preparing watermarked sample data 47. The watermarked sample data 47 is synthesized with the encrypted content 45 to form synthesized data 48. The synthesized data 48 is distributed.

Abstract: Data is encrypted and stored in an area on a storage medium accessible by the user outside an external storage device. A decrypting algorithm is stored in an area inaccessible by the user outside the external storage device. The external storage device provided with the storage medium retrieves the decrypting algorithm according to which the data is decrypted using a key obtained from outside the external storage device, for example, from a personal computer connected to the external storage device. Since the encrypted data and its decrypting algorithm are stored on the same storage medium, a specific decrypting algorithm can be assigned to each storage medium, thereby improving the security level for the stored information.

Abstract: A timer apparatus having a power source, a timer unit for outputting time information to which a time is set via a setting terminal, and a control unit in which a program for permitting set of a time in the timer unit only once is written from the outside via a write terminal and which controls the timer unit. After the program is written to the control unit via the write terminal, the write terminal is disconnected, and the power source, timer unit and control unit are molded integrally. A low-cost timer apparatus in which a time cannot be changed incorrectly can be realized without mounting a processor for performing a complicated process.

Abstract: In a heterogeneous multiprocessor system having a secure processor and a normal processor, a secure task and an unsecured task are allocated to respective processors. An encrypted code of the secure task is stored in a secure memory, and the secure memory verifies a signature using a public key of a certificate authority, and notifies the secure processor of the validity of the encrypted code. The secure processor fetches an encrypted instruction from the secure memory, and decrypts and executes the instruction.

Abstract: A network system with integrated security protection facilities. The system involves a transmission unit and a reception unit, which are coupled to each other via a network. In the transmission unit, a data management unit performs centralized management of source data that is stored in a plurality of storage units in a distributed manner. In response to a data transmission request from a terminal local to the transmission unit, a data collection unit collects requested data items from the data management unit. A security processor applies appropriate security protection processes to the collected data, depending on its data confidentiality level. An identification data attaching unit attaches identification data to the transmission data. This identification data informs the recipient of what sequence of security process primitives has been applied to the source data. A transmitter sends out the security-protected data over the network.

Abstract: A filtering apparatus includes an illegal request DB (database) which stores patterns of illegal accesses to a Web server, an estimation section which estimates the legality of an access request from a client device based on the illegal access patterns stored in the illegal request DB and on a predetermined estimation rule, and a determination section which determines whether the access request is to be transmitted to the Web server based on an estimation result of the estimation section and on a predetermined determination rule.

Abstract: The filtering system includes the incorrect request database that stores patterns of incorrect accesses to the Web server. The estimation unit that estimates the correctness of an access request from a client device based on the patterns stored in the incorrect request database and a predetermined estimation rule. The decision unit decides whether the access request is to be passed to the Web server based on the result of estimation by the estimation unit and a predetermined decision rule.

Abstract: The present invention is a system capable of protecting copyright and personal information appropriately and allowing users to readily obtain desired contents in a short time at low prices. A recording device stores contents in advance. The recording device encrypts the contents, based on an identifier given uniquely to a medium. The recording device records the encrypted contents on the medium. Moreover, the recording device records limiting conditions for reproducing, displaying or executing the contents on the medium. An execution device decrypts the contents recorded on the medium, based on the identifier. The execution device reproduces, displays or executes the contents under the limiting conditions recorded on the medium.

Abstract: The system includes the monitor agent that analyzes log of an entity. When an abnormality is detected, the monitor agent notifies about the abnormality to the control manager. The control manager decides a countermeasure and a countermeasure request party from the database and informs them to the action agent which the countermeasure request party. The action agent implements the countermeasure.

Abstract: A timer apparatus having a power source, a timer unit for outputting time information to which a time is set via a setting terminal, and a control unit in which a program for permitting set of a time in the timer unit only once is written from the outside via a write terminal and which controls the timer unit. After the program is written to the control unit via the write terminal, the write terminal is disconnected, and the power source, timer unit and control unit are molded integrally. A low-cost timer apparatus in which a time cannot be changed incorrectly can be realized without mounting a processor for performing a complicated process.

Abstract: Before accepting a setting request from a predetermined manager in a plurality of date-and-time managers capable of issuing a date-and-time setting request, a setting request from any manager can be accepted. After accepting a setting request from a predetermined manager, only the setting request from the predetermined manager can be accepted. A date and time can be set in response to an accepted date-and-time setting request.

Abstract: The security information mediation apparatus comprises security information registering unit which registers security information supplied by a client of a user, a transfer unit which transfers the security information registered in the security information registering unit to a client of a program developer. This client judges the usefulness of the security information and outputs reply information when the security information is useful. A reply information registering unit receives the reply information and payment information that indicates payment of the information presentation fee of the corresponding security information from the developer client. A transfer unit transfers the reply information and payment information to the client of the user.

Abstract: A contents utilization control apparatus includes an input unit for inputting a) contents with control module that consist of contents and a control module, and b) a license with control module that consists of a license prepared from contents utilization approval information and a control module. The control module in the contents with control module and the control module in the license with control module cooperate with each other to carry out a control relating to the utilization of the contents.

Abstract: When a sweeping process and a backup process are performed on an electronic library file in an electronic library, a file storing a history of the sweeping process or a history of a backup process is generated, and the sweeping and the backup processes are managed. Thus, a user can easily manage as to which medium an original document has been swept to or where a backup copy of the original document is. If the uniqueness of the original document shown in a sweep history and a backup history can be secured, the problem that there can be a plurality of original documents on the storage media of a plurality of electronic libraries can be avoided.