Abstract: A log output device includes processing circuitry configured to perform a hook for a predetermined event relating to a log message and calculate a hash value from the log message for each hook, provide an encrypted digital signature to the hash value, and output the log message and the hash value to which the digital signature is provided.

Abstract: A detection device includes processing circuitry configured to acquire position information and a file size of a falsification detection target file, and determine a change in the position information or the file size acquired, and detect falsification of the falsification detection target file in a case where there is a change in the position information or the file size.

Abstract: A detection system includes a node and a verification server, wherein the node includes first processing circuitry configured to generate a plurality of random values based on a seed received from the verification server, and generate a response based on information on an area of a first storage content specified by the plurality of generated random values, and transmit the generated response to the verification server, and the verification server includes second processing circuitry configured to generate a plurality of random values based on the seed, generate a verification response based on information on an area of a second storage content specified by the plurality of generated random values, determine whether the response received from the node matches the verification response, and output a determination result.

Abstract: A detection system includes two or more nodes and a base station that holds information on each of the nodes, wherein the base station includes first processing circuitry configured to search for a circuit passing through all nodes in a network only once, sequentially calculate as many hash values as a number of nodes in the network, and notify each node of an order in the circuit, a hash value according to the order among the calculated hash values, and a node in a subsequent stage in the circuit, and each of the nodes includes second processing circuitry configured to send a hash value notification of which is provided and a challenge to a node in a subsequent stage according to the order notification of which is provided, and verify whether or not the sent hash value matches a value calculated from the hash value notification of which is provided.

Abstract: A detection device includes: an encoding unit that converts one packet to be detected into one fixed-length vector by using natural language processing technology; and a detection unit that detects presence or absence of an abnormality in the packet to be detected based on the fixed-length vector converted by the encoding unit using a detection model.

Abstract: A collation unit checks the presence/absence of alteration of all files when an apparatus is started. A cyclic collation unit checks the presence/absence of alteration of a predetermined file at predetermined time intervals during the operation of the apparatus.

Abstract: A tampering detection device includes tampering detection circuitry configured to acquire an access frequency of a monitoring target file, calculate a number of times of scanning in a scan pattern for each monitoring target file on a basis of the access frequency acquired, and determine the scan pattern on a basis of the number of times of scanning calculated.

Abstract: A storage unit stores a size of a free area of storage of target equipment, and software saved in the storage. The generation unit generates a graph including a number of nodes according to the size of the free area of the storage, and transmits the graph to the target equipment. The calculation unit calculates a hash value corresponding to each software block saved in the storage. The verification unit verifies the presence or absence of tampering of the storage of the target equipment using the hash value corresponding to the block calculated, a response calculated using the graph returned to a challenge that specifies a node of the graph, and a hash value corresponding to the block returned as the response to the challenge that specifies the block.

Abstract: A device acquires a file path of determination target equipment that is a determination target of file integrity, generates a concealment path for digesting the acquired file path for each file path, generates a concealment determination reference in which the generated concealment path and a hash value obtained by digesting file data stored in the determination target equipment are listed in association with each other, generates a concealment list by associating the file path stored in the determination target equipment with the generated concealment path, generates a determination reference by associating the file path with a hash value obtained by digesting the file data using the generated concealment determination reference and the generated concealment list, and calculates a hash value for each piece of the file data in the determination target equipment and determines file integrity based on the hash value and a hash value included in the determination reference.

Abstract: A tampering detection device includes tampering detection circuitry configured to acquire an access pattern of a monitoring target file, extract a time-series pattern of access for each monitoring target file from the access pattern acquired, and determine a scan pattern on a basis of the time-series pattern of access extracted.

Abstract: A relay device transfers a plurality of original data fragments corresponding to a plurality of secret sharing values of original data to a plurality of secure computation devices, transfers, to each of the secure computation devices, a request to send a result fragment based on a secure computation result corresponding to any one of the original data fragments, and transfers the result fragment. The relay device controls timing with which the original data fragments are transferred and timing with which the request to send is transferred.

Abstract: A storage unit stores a size of a free area of storage of target equipment, and software saved in the storage. The generation unit generates a graph including a number of nodes according to the size of the free area of the storage, and transmits the graph to the target equipment. The calculation unit calculates a hash value corresponding to each software block saved in the storage. The verification unit verifies the presence or absence of tampering of the storage of the target equipment using the hash value corresponding to the block calculated, a response calculated using the graph returned to a challenge that specifies a node of the graph, and a hash value corresponding to the block returned as the response to the challenge that specifies the block.

Abstract: A database system comprises a determining part 13 determining whether or not to conceal information to be registered in a database, a terminal device 1 that, if the determining part 13 determines that the information is to be concealed, generates N information fragments by secret-sharing the information and sends the N information fragments to a system management device 2, where N is a predetermined positive integer, the system management device 2 sending the N information fragments received from the terminal device 1 to N different database devices 3, and N database devices 3 each storing one of N information fragments received from the system management device 2.

Abstract: Data processing is performed while personal information is kept concealed. A registrant terminal splits a registration input password and allocates the split pieces to secure computation servers. The secure computation servers verify whether the password matches. The registrant terminal splits target data and allocates the data shared values to the secure computation servers. The secure computation servers store the data shared values. A user terminal splits a utilization input password and allocates the split pieces to the secure computation servers. The secure computation servers verify whether the password matches. The user terminal sends a data processing request to the secure computation servers. The secure computation servers execute secure computation of the data shared values to generate processing result shared values. The user terminal recovers the processing result from the processing result shared values.

Abstract: A database system comprises a determining part 13 determining whether or not to conceal information to be registered in a database, a terminal device 1 that, if the determining part 13 determines that the information is to be concealed, generates N information fragments by secret-sharing the information and sends the N information fragments to a system management device 2, where N is a predetermined positive integer, the system management device 2 sending the N information fragments received from the terminal device 1 to N different database devices 3, and N database devices 3 each storing one of N information fragments received from the system management device 2.

Abstract: A relay device transfers a plurality of original data fragments corresponding to a plurality of secret sharing values of original data to a plurality of secure computation devices, transfers, to each of the secure computation devices, a request to send a result fragment based on a secure computation result corresponding to any one of the original data fragments, and transfers the result fragment. The relay device controls timing with which the original data fragments are transferred and timing with which the request to send is transferred.

Abstract: Data processing is performed while personal information is kept concealed. A registrant terminal splits a registration input password and allocates the split pieces to secure computation servers. The secure computation servers verify whether the password matches. The registrant terminal splits target data and allocates the data shared values to the secure computation servers. The secure computation servers store the data shared values. A user terminal splits a utilization input password and allocates the split pieces to the secure computation servers. The secure computation servers verify whether the password matches. The user terminal sends a data processing request to the secure computation servers. The secure computation servers execute secure computation of the data shared values to generate processing result shared values. The user terminal recovers the processing result from the processing result shared values.

Abstract: A first connection between a first terminal 10 and a relay server device 30 is established when the relay server 30, having a connection standby function, is triggered by first connection establishment request information transmitted from the first terminal 10 having a connection establishment request function but not having the connection standby function. A second connection between a second terminal 20 and the relay server device 30 is established when the relay server 30 is triggered by second connection establishment request information transmitted from the second terminal 20 having the connection establishment request function. First endpoint information corresponding to the first connection and the identifier of the first terminal 10 are stored in association with each other in a memory 30g of the relay server device 30.