Abstract: It is possible to provide a privilege for data communication without requiring a troublesome user operation and to realize an information provision system for ensuring anonymousness of the user for a site. A terminal device 10 includes secure communication means 11 which establishes a safety communication session and performs data communication with an information server, electronic gift rule management means 12 which holds an electronic gift rule for defining an electronic gift condition, and data processing means 13 which processes data transmitted/received to/from the information server based on the electronic gift rule under the safety communication session and generates an electronic gift. The electronic gift generated by the data processing means is reflected on the electronic value.

Abstract: The present invention provides mobile terminals with various types of services such as electronic commerce service, music delivery service, and position information service. User applications required for the electronic commerce service, music delivery service, and position information service are respectively configured as service objects each having a server facility, and further a local gateway is provided, whereby various types of services can be used through a browser.

Abstract: The present invention provides mobile terminals with various types of services such as electronic commerce service, music delivery service, and position information service. User applications required for the electronic commerce service, music delivery service, and position information service are respectively configured as service objects each having a server facility, and further a local gateway is provided, whereby various types of services can be used through a browser.

Abstract: The present invention aims at providing an information processing terminal, a status notification system, and a status notification method that can protect both privacy and security when a status of the information processing terminal is notified to a server. An information processing terminal 10 has a disclosure/nondisclosure determination section 1001 that determines a notifiable server for each entry; a log concealing section 1002 that conceals an entry; a multi-log measurement section 1003 that commands to update hashes as to a plurality of parties; a log configuration section 1004 that configures a log directed at a notified party and that causes performance of signing action; a verification request section 1005 that requests verification; a policy storage section 1006 that stores a policy used for determining a party that can be notified; and a log storage section 1007 for storing the entry.

Abstract: A method to allow a value to be written into one PCR domain, only if values from a second PCR domain are valid, thus ensuring the extension of the chain of trust between domains.

Abstract: The objective of the present invention is to provide a mobile electronic commerce system that is superior in safety and usability. The mobile electronic commerce system comprises an electronic wallet 100, supply sides 101, 102, 103, 104 and 105, and a service providing means 110 that is connected by communication means. The service providing means installs a program for an electronic ticket, an electronic payment card, or an electronic telephone card. The electronic wallet employs the installed card to obtain a product or a service or entrance permission. The settlement process is performed by the electronic wallet and the supply side via the communication means, and data obtained during the settlement process are managed by being transmitted to the service providing means at a specific time. A negotiable card can be easily obtained, and when the negotiable card is used the settlement process can be quickly and precisely performed.

Abstract: It is possible to update and re-seal sealed data having a usability condition of matching with predetermined terminal environment information during a secure boot without rebooting a terminal when a program using the sealed data is updated. An information processing terminal (10) has first sealed data (310, 320, 330) respectively having usability conditions (312, 322, 332) of matching with predetermined terminal environment information during a secure boot and second sealed data (340, 350, 360) respectively having usability conditions (342, 352, 362) of matching with terminal environment information upon completion of the secure boot. Upon completion of the secure boot, the second sealed data is unsealed and the first sealed data is resealed using the unsealed data (341, 351, 361).

Abstract: A method to allow programs running within the application space of a device with a secure processor and a trusted computing base to flexibly use certificates that describe the required system state. An information processing device including PSC database (1112), Component and PSC Map (1202), and OS support (1200).

Abstract: The aim is to provide high-speed data synchronization. To achieve the aim, in data synchronization using a plurality of key databases with respect to same data pieces, a key for one key database, which has been determined in advance, is used for updating the data piece managed under the other key database. This reduces the number of key decryption operations. A key management software 116, which manages a key database A120 and a key database B121 each having a tree structure, determines whether to perform data synchronization when requested by an upper-level application to perform data encryption, and performs synchronization of encrypted data by using a key of the other database which has been determined in advance. This reduces the number of times the encrypted key is loaded onto a cryptographic processing unit 114, and realizes high-speed cryptographic processing on data.

Abstract: For the keys in a key tree group composed of root keys for each of multiple stakeholders, a shared key is generated between the multiple stakeholders, and access restrictions with respect to the generated shared key are flexibly set. A shared key control unit and a tamper-resistant module are provided for each of the multiple stakeholders. The shared key is set based on stakeholder dependency relationships. After the shared key is set, access to the shared key is controlled so that access is not possible by malicious stakeholders, so as to maintain the security level.

Abstract: Provided is a key migration device which can securely and reliably control the migration of keys. A migration authority (101) fetches a generation level which is the security level of a first electronic terminal (3011) and an output destination level which is the security level of a third electronic terminal (3013), decides whether the relationship between the generation level and the output destination level satisfies a predetermined condition when a request for fetching a collection of keys is received from the third electronic terminal (3013), outputs the key generated by the first electronic terminal (3011) among the collection of keys to the third electronic terminal (3013) if the predetermined condition is fulfilled, and restricts output to the third electronic terminal (3013) of the key generated by the first electronic terminal (3011) among the collection of keys if the predetermined condition is not fulfilled.

Abstract: The present invention provides an information processing device, an authentication system, etc. that save a server the trouble of updating a database, etc., even when a software module in a client device is updated, and that are capable of verifying whether software modules that have been started in the client device are valid. The terminal device A100 holds private keys 1 and 2, and performs authentication processing with the terminal device B101 using the private key 2. The private key 1 has been encrypted such that the private key 1 is decryptable only when secure boot is completed. The private key 2 has been encrypted such that the private key 2 is decryptable using the private key 1 only when the application module X that has been started is valid. When the authentication processing is successful, the terminal device B101 verifies that the terminal device A100 has completed secure boot and the application module X that has been started in the terminal device A100 is valid.

Abstract: The present invention provides an information processing apparatus that is capable of continuously performing secure boot between module groups in the case where software of a terminal device consists of module groups provided by a plurality of providers, while keeping independence between the providers. The information processing apparatus is provided with a linkage certificate that contains a first configuration comparison value 503, which indicates a cumulative hash value of the first module group to be started up by secure boot, and a module measurement value 505, which indicates a hash value of the first module of the second module group to be started up by secure boot. After the secure boot of the first module group, it is verified that the first module group has been started up by comparison with the first configuration comparison value 503.

Abstract: To make an electronic value usable for both service on a network and service in the real world while ensuring security, convenience and economical efficiency, the electronic value issued for a user is controlled on an electronic wallet of a private electronic value bank, the electronic value controlled on the electronic wallet of a bank is cached in a mobile electronic wallet on a smart card of a user's portable terminal 5, and the electronic wallet is linked such that it is operated via the network when the mobile electronic wallet is operated. When the electronic value on the smart card is used for the service provided in a real environment such as a ticket gate of a train station, on-line transaction does not occur every time it is used, but the electronic wallet of the bank is updated when the portable terminal and the bank communicate later.

Abstract: The present invention provides a migration apparatus that realizes safe migration of data between devise that use different encryption algorithms and different security authentication levels. The fourth electronic terminal device 2502 sends, to the migration authority 2501, a request for migration of a virtual machine to the fifth electronic terminal device 2503. If the fifth electronic terminal device 2503 is not an illegitimate device, the migration authority 2501 sends a migration request to the fifth electronic terminal device 2503. The fifth electronic terminal device 2503 sends, to the migration authority 2501, a digital signature and so on, together with the request. The migration authority 2501 makes a judgment. If the result is “OK”, the migration authority 2501 sends the result “OK” to the fifth electronic terminal device 2503.

Abstract: A terminal having a plurality of virtual machines in one-to-one correspondence with a plurality of stakeholders is enabled to activate in compliance with the trust dependency relation among the virtual machines and a virtual machine monitor. The terminal includes: the plurality of virtual machines in one-to-one correspondence with the plurality of stakeholders; a plurality of tamper-resistant modules in one-to-one correspondence with the virtual machines, and a management unit controlling the virtual machines and the tamper-resistant modules in mutually related manner. Each virtual machine securely boots with reference to a certificate having a trust dependency with one or other virtual machines.

Abstract: A method to allow a device to boot in a secure fashion, even though some of the components within the secure device's firmware may not be present, not correctly authorized, or not correctly operating.

Abstract: Provided is a migration system considering security authentication levels and data protection strength levels of the both security devices between which data is migrated. A first terminal 102 includes a mechanism for protecting data by a private key in the public key method held by TPM, and a second terminal 103 includes a key in the private key method encrypted by the private key in the public key method held by TPM and a mechanism for protecting the data by the key. A Migration Authority 101 holds a security policy table describing a security policy and judges whether data movement from the first terminal 102 to the second terminal 103 is enabled according to the security policy table.

Abstract: A portable terminal includes a receiver, a barcode former configured to form barcodes and a display. The barcode former forms a barcode from the data received by the receiver and the display displays the formed barcode.

Abstract: A terminal that performs secure boot processing when booting, thereby booting reliably even if, during updating of a software module, the power is cut off or the update is otherwise interrupted. The terminal comprises a CPU, a software module storage unit, a certificate storage unit, an updating unit for updating the software module and certificate, a security device provided with a configuration information storage unit for storing the configuration information of the software module, an alternate configuration information storage unit for storing the configuration information of a software module in the configuration before the update, and a boot control unit for verifying and executing the software module by using the certificate. The terminal verifies the certificate of the software module by comparing the configuration information stored by the configuration information storage unit with the configuration information stored by the alternate configuration information storage unit.