Patents by Inventor Hiroki Shizuya

Hiroki Shizuya has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9594909
    Abstract: To aim provide a software update apparatus including an install module group composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server, a replacement protection control module to be used for updating a protection control module having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.
    Type: Grant
    Filed: October 30, 2013
    Date of Patent: March 14, 2017
    Assignee: PANASONIC CORPORATION
    Inventors: Manabu Maeda, Yuichi Futa, Natsume Matsuzaki, Kaoru Yokota, Masao Nonaka, Yuji Unagami, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Marika Minagawa
  • Patent number: 9311487
    Abstract: A management device 200d comprises: a key share generation unit 251d generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and an output unit 252d outputting each of the key shares to a different one of a plurality of detection modules. The detection modules acquire and store therein the key shares. The protection control module 120d comprises: an acquisition unit 381d acquiring the key shares from the detection modules; a reconstruction unit 382d reconstructing the decryption key by composing the key shares; a decryption unit 383d decrypting the encrypted application program with use of the decryption key; and a deletion unit 384d deleting the decryption key, after the decryption by the decryption unit is completed.
    Type: Grant
    Filed: March 1, 2012
    Date of Patent: April 12, 2016
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Shuji Isobe, Atsushi Umeta
  • Patent number: 9166972
    Abstract: A distributing device for generating private information correctly even if shared information is destroyed or tampered with. A shared information distributing device for use in a system for managing private information by a secret sharing method, including: segmenting unit that segments private information into a first through an nth pieces of shared information; first distribution unit that distributes the n pieces of shared information to n holding devices on a one-to-one basis; and second distribution unit that distributes the n pieces of shared information to the n holding devices so that each holding device holds an ith piece of shared information distributed by the first distribution unit, as well as a pieces of shared information being different from the ith piece of shared information in ordinal position among n pieces of shared information, “i” being an integer in a range from 1 to n.
    Type: Grant
    Filed: November 25, 2014
    Date of Patent: October 20, 2015
    Assignee: Panasonic Corporation
    Inventors: Manabu Maeda, Masao Nonaka, Yuichi Futa, Kaoru Yokota, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Masaki Yoshida
  • Publication number: 20150121079
    Abstract: A distributing device for generating private information correctly even if shared information is destroyed or tampered with. A shared information distributing device for use in a system for managing private information by a secret sharing method, including: segmenting unit that segments private information into a first through an nth pieces of shared information; first distribution unit that distributes the n pieces of shared information to n holding devices on a one-to-one basis; and second distribution unit that distributes the n pieces of shared information to the n holding devices so that each holding device holds an ith piece of shared information distributed by the first distribution unit, as well as a pieces of shared information being different from the ith piece of shared information in ordinal position among n pieces of shared information, “i” being an integer in a range from 1 to n.
    Type: Application
    Filed: November 25, 2014
    Publication date: April 30, 2015
    Inventors: Manabu MAEDA, Masao NONAKA, Yuichi FUTA, Kaoru YOKOTA, Natsume MATSUZAKI, Hiroki SHIZUYA, Masao SAKAI, Shuji ISOBE, Eisuke KOIZUMI, Shingo HASEGAWA, Masaki YOSHIDA
  • Patent number: 8930660
    Abstract: A distributing device for generating private information correctly even if shared information is destroyed or tampered with. A shared information distributing device for use in a system for managing private information by a secret sharing method, including: segmenting unit that segments private information into a first through an nth pieces of shared information; first distribution unit that distributes the n pieces of shared information to n holding devices on a one-to-one basis; and second distribution unit that distributes the n pieces of shared information to the n holding devices so that each holding device holds an ith piece of shared information distributed by the first distribution unit, as well as a pieces of shared information being different from the ith piece of shared information in ordinal position among n pieces of shared information, “i” being an integer in a range from 1 to n.
    Type: Grant
    Filed: January 31, 2008
    Date of Patent: January 6, 2015
    Assignee: Panasonic Corporation
    Inventors: Manabu Maeda, Masao Nonaka, Yuichi Futa, Kaoru Yokota, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Masaki Yoshida
  • Patent number: 8800038
    Abstract: Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.
    Type: Grant
    Filed: April 15, 2011
    Date of Patent: August 5, 2014
    Assignee: Panasonic Corporation
    Inventors: Yuichi Futa, Yuji Unagami, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa
  • Patent number: 8769312
    Abstract: Tampering monitoring system can detect whether protection control module is tampered with even if some of detection modules are tampered with. Tampering monitoring system includes protection control module detection modules, and management device. Protection control module includes: generation unit generating d pieces of distribution data from computer program, n and d being positive integers, d smaller than n; selection unit selecting d detection modules; and distribution unit distributing d pieces of distribution data to d detection modules. Each detection module judges whether received piece of distribution data is authentic to detect whether protection control module is tampered with, and transmits judgment result indicating whether protection control module is tampered with. Management device receives judgment results from d detection modules and manages protection control module with regard to tampering by using received judgment results.
    Type: Grant
    Filed: October 19, 2011
    Date of Patent: July 1, 2014
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Eisuke Koizumi, Shingo Hasegawa
  • Patent number: 8745735
    Abstract: To aim to provide a monitoring system and a program execution apparatus that are capable of maintaining the security intensity even in the case where an unauthentic install module is invalidated. Install modules included in an apparatus each monitor an install module, which is a monitoring target indicated by a monitoring pattern included therein, as to whether the install module performs malicious operations. An install module that performs malicious operations is invalidated in accordance with an instruction from an update server. The monitoring patterns are restructured by the update server such that the install modules except the invalidated install module are each monitored by at least another one of the install modules. The restructured monitoring patterns are distributed to the install modules except the invalidated install module.
    Type: Grant
    Filed: November 20, 2009
    Date of Patent: June 3, 2014
    Assignee: Panasonic Corporation
    Inventors: Manabu Maeda, Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Masao Nonaka, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa
  • Patent number: 8726374
    Abstract: A management device detects whether any normal monitoring module that has not been tampered with exists by referring to monitoring results received from an information security device and selects, when existence is detected, one of the monitoring modules and assumes that the selected monitoring module has been tampered with. The monitoring device then successively applies a procedure to monitoring modules other than the selected monitoring module by referring to the monitoring results, starting from the selected monitoring module, the procedure being to assume that any monitoring module determining that a monitoring module assumed to have been tampered with is normal has also been tampered with. As a result of the procedure, when all of the monitoring modules are assumed to have been tampered with the management device determines the selected monitoring module to be a normal monitoring module that has not been tampered with.
    Type: Grant
    Filed: February 15, 2010
    Date of Patent: May 13, 2014
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Manabu Maeda, Yuichi Futa, Natsume Matsuzaki, Masao Nonaka, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Makoto Carlos Miyauchi
  • Patent number: 8707430
    Abstract: An information security apparatus includes a plurality of monitoring modules that monitor for tampering. A management apparatus includes a reception unit that receives a plurality of monitoring results each generated by a source monitoring module monitoring a target monitoring module; a detection unit that detects an abnormality by referring to fewer than all of the received monitoring results; and an identification unit that identifies, when an abnormality is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from the target of monitoring to the source of monitoring, starting from the monitoring module that generates the monitoring result related to the abnormality.
    Type: Grant
    Filed: April 19, 2011
    Date of Patent: April 22, 2014
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa
  • Patent number: 8683214
    Abstract: The present invention aims to perform tamper detection on a protection control module without having detection modules come to know the key data and functions thereof. The detection modules of the present invention perform tamper detection by verifying whether or not the correspondence between the input and output data of the application decryption process performed by the protection control module is correct. Furthermore, the present invention offers improved security against leaks of the application output data by the detection modules by having a plurality of detection modules verify different data blocks.
    Type: Grant
    Filed: September 16, 2010
    Date of Patent: March 25, 2014
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Junya Iwazaki
  • Publication number: 20140059679
    Abstract: To aim provide a software update apparatus including an install module group composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server, a replacement protection control module to be used for updating a protection control module having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.
    Type: Application
    Filed: October 30, 2013
    Publication date: February 27, 2014
    Applicant: Panasonic Corporation
    Inventors: Manabu MAEDA, Yuichi FUTA, Natsume MATSUZAKI, Kaoru YOKOTA, Masao NONAKA, Yuji UNAGAMI, Hiroki SHIZUYA, Masao SAKAI, Shuji ISOBE, Eisuke KOIZUMI, Shingo HASEGAWA, Marika MINAGAWA
  • Patent number: 8600896
    Abstract: To aim provide a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules has a function of receiving, from an external server (200), a replacement protection control module (121) to be used for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations. If any of the install modules is verified as having the possibility of performing the malicious operations, any another one of the install modules that is verified as not having the possibility revokes the any install module verified as having the possibility.
    Type: Grant
    Filed: November 6, 2008
    Date of Patent: December 3, 2013
    Assignee: Panasonic Corporation
    Inventors: Manabu Maeda, Yuichi Futa, Natsume Matsuzaki, Kaoru Yokota, Masao Nonaka, Yuji Unagami, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Marika Minagawa
  • Patent number: 8544093
    Abstract: A malicious-module identification device identifies and deactivates a malicious module operating in an information processing device connected thereto via a network. The malicious-module identification device is provided with a reception unit for receiving results of tampering detection from a plurality of modules for detecting tampering, and a determination unit for assuming that a module among the plurality of modules is a normal module, determining, based on the assumption, whether a contradiction occurs in the received results of tampering detection and identifying the module assumed to be a normal module as a malicious module when determining that a contradiction occurs. A deactivation unit outputs an instruction to deactivate the module identified as the malicious module.
    Type: Grant
    Filed: February 15, 2010
    Date of Patent: September 24, 2013
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Manabu Maeda, Yuichi Futa, Natsume Matsuzaki, Masao Nonaka, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Makoto Carlos Miyauchi
  • Patent number: 8516574
    Abstract: An update server acquires, from an apparatus, a result of verifications relating to tampering of a protection control module and each of install modules included in an install module group. The update server determines a processing procedure of the apparatus depending on the acquired result of the verifications. Specifically, if it is judged that the protection control module and each of the install modules is unauthentic, then the update server transmits, to the apparatus, an instruction to perform updating of the unauthentic protection control module in preference to a revocation of the unauthentic install module.
    Type: Grant
    Filed: November 24, 2009
    Date of Patent: August 20, 2013
    Assignee: Panasonic Corporation
    Inventors: Yuji Unagami, Manabu Maeda, Yuichi Futa, Natsume Matsuzaki, Masao Nonaka, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa
  • Patent number: 8464347
    Abstract: Provided is a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules receives, from an external server (200), a replacement protection control module (121) for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified, by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations.
    Type: Grant
    Filed: November 6, 2008
    Date of Patent: June 11, 2013
    Assignee: Panasonic Corporation
    Inventors: Manabu Maeda, Yuichi Futa, Natsume Matsuzaki, Kaoru Yokota, Masao Nonaka, Yuji Unagami, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa, Marika Minagawa
  • Patent number: 8452975
    Abstract: The present invention provides a signature generation device and a signature verification device capable of countering a transcript attack that seeks a private key by analyzing a plurality of signed documents (pairs of a message and a signature) signed using the NTRUSign signature scheme. The signature generation device calculates a hash value vector H of message data, adds a vector based on a private distribution to the hash value vector H to calculate a converted hash value vector H?, and seeks, as a signature vector S, the closest lattice point to the converted hash value vector H? in a lattice defined by private key basis vectors. The signature verification device determines whether the distance between the hash value vector H of the message data and the signature vector S is equal to or less than L? and, if so, recognizes the message data as valid.
    Type: Grant
    Filed: March 2, 2009
    Date of Patent: May 28, 2013
    Assignee: Panasonic Corporation
    Inventors: Yuichi Futa, Hiroki Shizuya, Shuji Isobe, Shingo Hasegawa
  • Publication number: 20130039491
    Abstract: A management device 200d comprises: a key share generation unit 251d generating a plurality of key shares by decomposing a decryption key, the decryption key being for decrypting an encrypted application program generated as a result of encryption of the application program; and an output unit 252d outputting each of the key shares to a different one of a plurality of detection modules. The detection modules acquire and store therein the key shares. The protection control module 120d comprises: an acquisition unit 381d acquiring the key shares from the detection modules; a reconstruction unit 382d reconstructing the decryption key by composing the key shares; a decryption unit 383d decrypting the encrypted application program with use of the decryption key; and a deletion unit 384d deleting the decryption key, after the decryption by the decryption unit is completed.
    Type: Application
    Filed: March 1, 2012
    Publication date: February 14, 2013
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Shuji Isobe, Atsushi Umeta
  • Publication number: 20120246490
    Abstract: Tampering monitoring system 10d can detect whether protection control module is tampered with even if some of detection modules are tampered with. Tampering monitoring system 10d includes protection control module 120d, n detection modules, and management device 200d. Protection control module 120d includes: generation unit 310d generating d pieces of distribution data from computer program, n and d being positive integers, d smaller than n; selection unit 311d selecting d detection modules; and distribution unit 302d distributing d pieces of distribution data to d detection modules. Each detection module judges whether received piece of distribution data is authentic to detect whether protection control module is tampered with, and transmits judgment result indicating whether protection control module is tampered with. Management device 200d receives judgment results from d detection modules and manages protection control module with regard to tampering by using received judgment results.
    Type: Application
    Filed: October 19, 2011
    Publication date: September 27, 2012
    Inventors: Yuji Unagami, Yuichi Futa, Natsume Matsuzaki, Hiroki Shizuya, Eisuke Koizumi, Shingo Hasegawa
  • Publication number: 20120084557
    Abstract: Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.
    Type: Application
    Filed: April 15, 2011
    Publication date: April 5, 2012
    Inventors: Yuichi Futa, Yuji Unagami, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa