Abstract: An obfuscation assisting apparatus assists in the obfuscation of a program. The obfuscation assisting apparatus includes an analyzer which identifies corresponding respective blocks in the source code and in the transformed code generated through the obfuscation of the source code. A browser obtains obfuscation information relating to obfuscation of the respective blocks of the source code and the transformed code, and causes an output device to display the respective parts of the source code and the transformed code, and the obfuscation information in association with each other.

Abstract: A device (110) according to an implementation of the present invention, having a plurality of virtual machines (1002, 1003, 1004, and 1005), includes a virtualization software (1001) which manages the virtual machines. The virtualization software includes an application VM creating unit (1300) which creates a virtual machine for executing a program. A first virtual machine (1002) determines whether a first program is to be executed on the first virtual machine or to be executed on a virtual machine other than the first virtual machine. When the first virtual machine determines that the first program is to be executed on the other virtual machine, the application VM creating unit creates a second virtual machine for executing the first program.

Abstract: A content display apparatus which processes protected information configured, with an aim to prevent access from any unauthorized program, to include: a process managing unit which manages a plurality of processes operable in the content display apparatus; and an access detecting unit configured to detect access to the protected-information access detecting unit which detects access to the protected information. The process managing unit includes an application execution control unit which temporarily stops the operation of each of at least one process other than a process which accesses the protected information among the plurality of processes when the access to the protected information is detected by the protected-information access detecting unit.

Abstract: An information processing device includes an external connection unit which connects to an external device; and a communication control unit which obtains data from a first virtual machine, transmits the data to a second virtual machine, and transmits, to the external connection unit, transmission completion information indicating that the data is already transmitted to the second virtual machine. The external connection unit (i) determines, based on the transmission completion information, whether or not a virtual machine is the second virtual machine to which the data is already transmitted, when the external connection unit receives, from the virtual machine, a request for a connection to the external device, and (ii) permits a connection between the virtual machine and the external device, when the external connection unit determines that the virtual machine is not the second virtual machine to which the data is already transmitted.

Abstract: A method for executing a predetermined software component which is verifiable against integrity measurements, the method including (i) providing a first mapping from logical identifiers to software component enabled status flags, (ii) providing a second mapping from the logical identifiers and previous software component statuses information to actual integrity measurement certificates containing verification data, (iii) looking up the first mapping for a given logical identifier identifying the predetermined software component to get a status flag indicating whether the predetermined software component is enabled, (iv) if the status flag indicates that the predetermined software component is not enabled, updating a current integrity measurement stored within a disabled integrity measurement certificate, and (v) if the status flag indicates that the predetermined software component is enabled and verification of the predetermined software component is successful, updating a current integrity measurement store

Abstract: A method to allow a value to be written into one PCR domain, only if values from a second PCR domain are valid, thus ensuring the extension of the chain of trust between domains.

Abstract: An information processing terminal includes first sealed data respectively having usability conditions of matching with predetermined terminal environment information during a secure boot and second sealed data respectively having usability conditions of matching with terminal environment information upon completion of the secure boot. Upon completion of the secure boot, the second sealed data is unsealed and the first sealed data is resealed using the unsealed data. It is possible to update and re-seal sealed data having a usability condition of matching with predetermined terminal environment information during a secure boot without rebooting a terminal when a program using the sealed data is updated.

Abstract: A method to allow a device to boot in a secure fashion, even though some of the components within the secure device's firmware may not be present, not correctly authorized, or not correctly operating.

Abstract: A terminal that performs secure boot processing when booting, thereby booting reliably even if, during updating of a software module, the power is cut off or the update is otherwise interrupted. The terminal comprises a CPU, a software module storage unit, a certificate storage unit, an updating unit for updating the software module and certificate, a security device provided with a configuration information storage unit for storing the configuration information of the software module, an alternate configuration information storage unit for storing the configuration information of a software module in the configuration before the update, and a boot control unit for verifying and executing the software module by using the certificate. The terminal verifies the certificate of the software module by comparing the configuration information stored by the configuration information storage unit with the configuration information stored by the alternate configuration information storage unit.

Abstract: The present invention provides an information processing apparatus that is capable of continuously performing secure boot between module groups in the case where software of a terminal device consists of module groups provided by a plurality of providers, while keeping independence between the providers. The information processing apparatus is provided with a linkage certificate that contains a first configuration comparison value, which indicates a cumulative hash value of the first module group to be started up by secure boot, and a module measurement value, which indicates a hash value of the first module of the second module group to be started up by secure boot. After the secure boot of the first module group, it is verified that the first module group has been started up by comparison with the first configuration comparison value.

Abstract: A content display apparatus which processes protected information configured, with an aim to prevent access from any unauthorized program, to include: a process managing unit which manages a plurality of processes operable in the content display apparatus; and an access detecting unit configured to detect access to the protected-information access detecting unit which detects access to the protected information. The process managing unit includes an application execution control unit which temporarily stops the operation of each of at least one process other than a process which accesses the protected information among the plurality of processes when the access to the protected information is detected by the protected-information access detecting unit.

Abstract: The present invention provides an information processing device, an authentication system, etc. that save a server the trouble of updating a database, etc., even when a software module in a client device is updated, and that are capable of verifying whether software modules that have been started in the client device are valid. The terminal device A100 holds private keys 1 and 2, and performs authentication processing with the terminal device B101 using the private key 2. The private key 1 has been encrypted such that the private key 1 is decryptable only when secure boot is completed. The private key 2 has been encrypted such that the private key 2 is decryptable using the private key 1 only when the application module X that has been started is valid. When the authentication processing is successful, the terminal device B101 verifies that the terminal device A100 has completed secure boot and the application module X that has been started in the terminal device A100 is valid.

Abstract: A device (110) according to an implementation of the present invention, having a plurality of virtual machines (1002, 1003, 1004, and 1005), includes a virtualization software (1001) which manages the virtual machines. The virtualization software includes an application VM creating unit (1300) which creates a virtual machine for executing a program. A first virtual machine (1002) determines whether a first program is to be executed on the first virtual machine or to be executed on a virtual machine other than the first virtual machine. When the first virtual machine determines that the first program is to be executed on the other virtual machine, the application VM creating unit creates a second virtual machine for executing the first program.

Abstract: Techniques for protecting memory locations within a stakeholder's engine according to the Multi-Stakeholder Model, and a protocol for remote attestation to a device supporting the Multi-Stakeholder Model that provides extra evidence of the identity of the three actors.

Abstract: A method manages optional trusted components that are active within a device, such that the device itself controls the availability of trusted components. The device includes: a storing unit storing a plurality of pieces of software and a plurality of certificates; a receiving unit receiving the certificates; and a selecting unit selecting one of the certificates. The device further includes an executing unit verifying an enabled one of the plurality of pieces of software using the selected and updated one of the certificates.

Abstract: Provided is an information processing device which is capable of preventing data leakage caused by a malicious application or malicious device driver and of allowing cooperation among virtual machines.

Abstract: A method to allow a device to boot in a secure fashion, even though some of the components within the secure device's firmware may be not present, not authorised, or not correctly operating.

Abstract: An obfuscation evaluation method which sufficiently evaluates an obfuscation performed on a program. The obfuscation evaluation method includes: a step of executing an obfuscated code module produced by obfuscating an original code module of a program, and generating a trace output file by logging a result of the execution; and a step of identifying the degree of obfuscation of the obfuscated code module by evaluating the trace output file.

Abstract: A method to allow a value to be written into one PCR domain, only if values from a second PCR domain are valid, thus ensuring the extension of the chain of trust between domains.

Abstract: It is possible to update and re-seal sealed data having a usability condition of matching with predetermined terminal environment information during a secure boot without rebooting a terminal when a program using the sealed data is updated. An information processing terminal (10) has first sealed data (310, 320, 330) respectively having usability conditions (312, 322, 332) of matching with predetermined terminal environment information during a secure boot and second sealed data (340, 350, 360) respectively having usability conditions (342, 352, 362) of matching with terminal environment information upon completion of the secure boot. Upon completion of the secure boot, the second sealed data is unsealed and the first sealed data is resealed using the unsealed data (341, 351, 361).