Abstract: The web application firewall device includes a determination unit for determining whether or not the request is an invalid parameter and an analysis receiver. The web application device includes a controller for determining whether or not the request is a valid parameter and a response generation unit for generating a response. The determination unit updates the data for filtering the parameter based on the invalid information. The response generation unit selectively generates these responses including invalid information and valid information to transmit to the web application firewall device.

Abstract: A character input device includes: a terminal control unit that accepts information on a character candidate being a candidate of an input confirmed character, and performs a displaying process of the character candidate, and generates a guide image whose image varies in accordance with a remaining time until an input confirmation of the character candidate; and a display unit that displays the character candidate and the guide image. By displaying the guide image that varies in accordance with the remaining time before the input character is confirmed, how long it takes until the character is confirmed, or whether the character has already been confirmed is reported to the user, so as to avoid an unintended manipulation of the user.

Abstract: An authentication system verifies an authentic computer program, certifies the authenticity itself, and verifies a certification. The authentication system includes a terminal (e.g., requesting device) and a card (e.g., verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. The terminal is forced to update the program when it attempts to use the secret information.

Abstract: A key terminal apparatus includes a crypto-processing LSI that performs predetermined crypto-processing. Unique information identifying the crypto-processing LSI is embedded in the crypto-processing LSI. A predetermined master key corresponding to a predetermined key is embedded in the crypto-processing LSI. The crypto-processing LSI (a) receives an encrypted manufacturer key from the manufacturer key storage unit, (b) decrypts the encrypted manufacturer key using the predetermined master key to generate a manufacturer key, (c) generates a unique manufacturer key identical to the predetermined unique manufacturer key, based on the unique information embedded in the crypto-processing LSI and the generated manufacturer key, and (d) decrypts the received encrypted device key using the generated identical unique manufacturer key to generate a predetermined device key.

Abstract: A program conversion device generates a program by obfuscating an original program, and generates and encrypts conversion parameters for inverse conversion of the obfuscated program. The program conversion device distributes the obfuscated program together with the encrypted conversion parameters. To execute the obfuscated program, a device having a high security level decrypts the encrypted parameters by using a decryption key stored in advance, applies inverse conversion to the obfuscated program by using the decrypted conversion parameters, and executes the program resulting from the inverse conversion. A device having a low security level executes the obfuscated program without any inverse conversion.

Abstract: An image display device includes an image generator, a controller, and a display unit. The image generator generates a guide image which is to be displayed differently with a lapse of time to change the sequential selection mode to the skip selection mode when a user input indicates a long press on a same key over the period which determines that the user input indicates a long key press and the sequential selection mode is moved into the skip selection mode. The controller controls the image generator to generate the guide image. The display unit displays the guide image.

Abstract: A character input device includes: a terminal control unit that accepts information on a character candidate being a candidate of an input confirmed character, and performs a displaying process of the character candidate, and generates a guide image whose image varies in accordance with a remaining time until an input confirmation of the character candidate; and a display unit that displays the character candidate and the guide image. By displaying the guide image that varies in accordance with the remaining time before the input character is confirmed, how long it takes until the character is confirmed, or whether the character has already been confirmed is reported to the user, so as to avoid an unintended manipulation of the user.

Abstract: Provided is a data processing device that can prevent data used by a program from being used by another program in an unauthorized manner, regardless of the quality of the programs. The data processing device includes: a CPU 0201 for executing programs; and an unauthorized operation prevention circuit 0105 that prevents unauthorized accesses to data between programs. An unauthorized operation prevention control unit 0106, which operates in the protected mode and controls the circuit 0105, judges whether or not to permit a program B 0103 that runs in the normal mode to use a memory area that is used by a program A 0102 that runs in the normal mode, based on a function flag assigned to the program B 0103. If it judges to permit, the circuit 0105 is set so that the program B 0103 can use the memory area.

Abstract: In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources. The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.

Abstract: A key terminal apparatus includes a crypto-processing LSI that performs predetermined crypto-processing. Unique information identifying the crypto-processing LSI is embedded in the crypto-processing LSI. A predetermined master key corresponding to a predetermined key is embedded in the crypto-processing LSI. The crypto-processing LSI (a) receives an encrypted manufacturer key from the manufacturer key storage unit, (b) decrypts the encrypted manufacturer key using the predetermined master key to generate a manufacturer key, (c) generates a unique manufacturer key identical to the predetermined unique manufacturer key, based on the unique information embedded in the crypto-processing LSI and the generated manufacturer key, and (d) decrypts the received encrypted device key using the generated identical unique manufacturer key to generate a predetermined device key.

Abstract: According to the prior art, it is difficult to ensure an update of a program when a terminal has already been hacked because in that case, there is a possibility that the reliability of the update module has been lost. A card storing secret information to be used by the terminal includes: a function to store an update program for the terminal and confirm whether or not the terminal is authentic by using information obtained from the terminal; and a function to output the secret information when the terminal is judged to be authentic and output an update program when the terminal is judged not to be authentic. With this structure, when the terminal attempts to use the secret information, the terminal is forced to update the program.

Abstract: An authentication system that can show having an authentic computer program, can certify the authenticity of itself, and can verify the certification. The authentication system is composed of a terminal (requesting device) and a card (verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. With this structure, the terminal is forced to update the program when it attempts to use the secret information.

Abstract: Provided is a data processing device that can prevent data used by a program from being used by another program in an unauthorized manner, regardless of the quality of the programs. The data processing device includes: a CPU 0201 for executing programs; and an unauthorized operation prevention circuit 0105 that prevents unauthorized accesses to data between programs. An unauthorized operation prevention control unit 0106, which operates in the protected mode and controls the circuit 0105, judges whether or not to permit a program B 0103 that runs in the normal mode to use a memory area that is used by a program A 0102 that runs in the normal mode, based on a function flag assigned to the program B 0103. If it judges to permit, the circuit 0105 is set so that the program B 0103 can use the memory area.

Abstract: An information processing apparatus switches between an Operating System 1 and an Operating System 2 during operation and comprises: a storing unit including a first area storing data managed by OS1, a second area storing a reset handler containing instructions for returning to OS2 and for branching to OS2, and a switching unit that switches connection/disconnection of the first area with outside; a table storing unit storing information showing the reset handler's position; a CPU having a program counter and executing an instruction at a position indicated by positional information in the program counter; and a management unit that, when instructed to switch from OS1 to OS2 while the apparatus is operating with OS1, instructs the switching unit to disconnect the first area and the CPU to reset. When instructed to reset itself, the CPU initializes its state and sets the reset handler positional information into the program counter.

Abstract: It is troublesome for a distributor (server) to manage a plurality of programs of different obfuscated levels that are suitable for various devices, including ones having a high-speed CPU but with low security level (PCs) and ones having a low-speed CPU but with high security level (consumer products). A program conversion device generates a program by obfuscating an original program, and also generates and encrypts conversion parameters for inverse conversion of the obfuscated program. The program conversion device distributes the obfuscated program together with the encrypted conversion parameters. To execute the obfuscated program, a device having a high security level decrypts the encrypted parameters by using a decryption key stored in advance, applies inverse conversion to the obfuscated program by using the decrypted conversion parameters, and executes the program resulting from the inverse conversion.

Abstract: In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources. The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.

Abstract: An information processing apparatus switches between an Operating System 1 and an Operating System 2 during operation and comprises: a storing unit including a first area storing data managed by OS1, a second area storing a reset handler containing instructions for returning to OS2 and for branching to OS2, and a switching unit that switches connection/disconnection of the first area with outside; a table storing unit storing information showing the reset handler's position; a CPU having a program counter and executing an instruction at a position indicated by positional information in the program counter; and a management unit that, when instructed to switch from OS1 to OS2 while the apparatus is operating with OS1, instructs the switching unit to disconnect the first area and the CPU to reset. When instructed to reset itself, the CPU initializes its state and sets the reset handler positional information into the program counter.