Abstract: A non-transitory computer-readable recording medium stores a data management program for performing a zero knowledge proof of a credential owned by a user causing a computer to execute: disclosing a commitment of a digital signature of the credential to a verifier server; requesting the verifier server to verify a knowledge proof of the digital signature using the commitment; transmitting, to the verifier server, a plurality of digital signatures including the digital signature of the credential; and requesting the verifier server to verify a set membership proof in which one of the plurality of digital signatures is owned by the user.

Abstract: A non-transitory computer-readable recording medium storing an information management program for causing a computer to execute processing including: receiving distribution information obtained by attaching, to distribution content to be distributed by a user, attribute information on the user that includes signature information that is signed by an issuing authority that issues information regarding an attribute of the user and that proves that the issuing authority has issued the attribute information; verifying whether the attribute information on the user included in the distribution information is the attribute information issued by the issuing authority, by using the signature information; and outputting the distribution content, based on a verification result.

Abstract: An information processing apparatus receives identification information for identifying a given deal and item information specified by a user amongst multiple pieces of item information included in execution results of the given deal. With reference to a storing unit that stores, for each of multiple deals, identification information for identifying the deal in association with multiple pieces of confidential information which are individually generated by concealing each of multiple pieces of item information included in execution results of the deal, the information processing apparatus acquires, amongst pieces of confidential information associated with the identification information, at least the confidential information corresponding to the item information. The information processing apparatus verifies the authenticity of the item information based on a correspondence between the item information and the confidential information.

Abstract: An information processing apparatus generates a commitment by obfuscating item values, and generates zero-knowledge proof information for proving that a user has knowledge of the item values. The information processing apparatus sends an item value, the commitment, and the zero-knowledge proof information to an information processing apparatus. The information processing apparatus generates a commitment from the item value. The information processing apparatus verifies the authenticity of the received item value on the basis of the relationship between the commitments and a commitment registered in a database and the zero-knowledge proof information.

Abstract: An information processing apparatus acquires a first verifiable credential (VC) that proves the validity of attribute information of a holder by a first signature verifiable by verification procedures of a first decentralized identifiers (DID) infrastructure and a second VC that proves the validity of the attribute information of the holder by a second signature verifiable by verification procedures of a second DID infrastructure. Next, the information processing apparatus verifies the second signature contained in the second VC by the verification procedures of the second DID infrastructure. Further, the information processing apparatus transmits a verification request for verifying the first signature contained in the first VC to a verification device capable of verifying the first signature contained in the first VC by the verification procedures of the first DID infrastructure, and then acquires, from the verification device, verification results of the first signature contained in the first VC.

Abstract: A method for transaction control includes: at a computer performing transaction control including receiving a plurality of transaction generated in a plurality of blockchain networks and transmitting the plurality of transactions to one or more blockchain networks corresponding to respective destinations of the plurality of transactions. The transaction control includes controlling, based on an execution cost to execute a transaction in each of the plurality of blockchain networks and a blockchain network generating a first transaction having at least one of a transmission source and a transmission destination being a concealing target among the plurality of blockchain networks, a number of second transactions to be generated by each of the plurality of blockchain networks to conceal the first transaction.

Abstract: An attribute information conversion device includes: a memory; and a processor coupled to the memory and configured to: issue first access information and second access information linked to each other in response to a request upon reception of the request for conversion from attribute information of a first type of a user that may be used in a first service into the attribute information of a second type that may be used in a second service different from the first service; perform, upon acquisition of the attribute information of the user from a terminal through the first access information, conversion of the acquired attribute information from the attribute information of the first type into the attribute information of the second type; and output the converted attribute information to a terminal that has made access through the second access information.

Abstract: A method includes executing a determination process that determines that a setting value is a search key, the setting value being for an item from among a plurality of items in a record identified in a plurality of records, the plurality of records relating to a plurality of pieces of log information that are collected from a plurality of computers; executing a first identification process that identifies, as the record, another record including the search key from among the plurality of records; executing a second identification process that identifies, as the item, a new item from among the plurality of items, the new item being different from an item used to identify the another record in the executing of the first identification process; repeating executing of the processes; and outputting information on at least one computer that is suspected of a cyber-attack, based on the identified records.

Abstract: A device includes: a memory configured to store in advance a command transmitted from malware to hardware via an operating system; and a processor coupled to the memory and configured to: hook a first command transmitted from the operating system to the hardware, and transmit information that causes the malware to determine to terminate operation of the malware to the operating system when the hooked first command corresponds with the command stored in the memory.

Abstract: A device includes a processor configured to accumulate a plurality of logs in the memory, by repeating a capturing process and a logging process, the logging process including extracting a source identifier of a source computer, a destination identifier of a destination computer, and an attribute parameter which is set in an attribute item regarding an operation for the destination computer by the source computer, execute a detection process of detecting a target computer and another infected computer, the detection process including extracting a first destination identifier and a first attribute parameter, from a first log having an identifier of the infected computer in the source identifier, and extracting a second source identifier and a second destination identifier, from a second log having the first attribute parameter in the attribute parameter, and output the first destination identifier, the second source identifier, and the second destination identifier.

Abstract: A communication device includes a memory configured to store information that defines permission and prohibition of access to another communication device from the communication device, and a processor coupled to the memory and configured to in a state where the information is not referenced by an operating system (OS), run the OS, when an access request to the another communication device is received from an application, based on the information, perform a determination of permission or prohibition of access to the another communication device, and based on a result of the determination, perform accessing to the another communication device or rejecting the access request.

Abstract: A device includes: a memory configured to store in advance a command transmitted from malware to hardware via an operating system; and a processor coupled to the memory and configured to: hook a first command transmitted from the operating system to the hardware, and transmit information that causes the malware to determine to terminate operation of the malware to the operating system when the hooked first command corresponds with the command stored in the memory.

Abstract: A method includes executing a determination process that determines that a setting value is a search key, the setting value being for an item from among a plurality of items in a record identified in a plurality of records, the plurality of records relating to a plurality of pieces of log information that are collected from a plurality of computers; executing a first identification process that identifies, as the record, another record including the search key from among the plurality of records; executing a second identification process that identifies, as the item, a new item from among the plurality of items, the new item being different from an item used to identify the another record in the executing of the first identification process; repeating executing of the processes; and outputting information on at least one computer that is suspected of a cyber-attack, based on the identified records.

Abstract: A device includes a processor configured to accumulate a plurality of logs in the memory, by repeating a capturing process and a logging process, the logging process including extracting a source identifier of a source computer, a destination identifier of a destination computer, and an attribute parameter which is set in an attribute item regarding an operation for the destination computer by the source computer, execute a detection process of detecting a target computer and another infected computer, the detection process including extracting a first destination identifier and a first attribute parameter, from a first log having an identifier of the infected computer in the source identifier, and extracting a second source identifier and a second destination identifier, from a second log having the first attribute parameter in the attribute parameter, and output the first destination identifier, the second source identifier, and the second destination identifier.