Abstract: An information processing device, includes: a metadata generator generating, based on an update request of firmware, first metadata including identification of the firmware; a time manager; a validity period determiner determining a first validity period for the first metadata based on time acquired from the time manager; a counter counting up a value per unit time; an acquirer acquiring a first counter value of the counter for the first metadata; a storage storing entries in which second metadata including identification of firmware, a second validity period of the second metadata, and a second counter value of the counter having been acquired for the second metadata are associated; and a determiner detecting the second metadata including same identification as the first metadata, acquire the second validity period and the second counter value from the entry including the detected second metadata, and detecting falsification of the first validity period.

Abstract: An information processing system includes an edge server and a low-end device. The edge server has a storage and a processor. The low-end device has a storage and a processor, connected to the edge server. The processor of the low-end device transmits abnormality information for detecting its own abnormality to the edge server, the storage of the edge server stores information on the software. The low-end device information includes the version of the software. The processor of the edge server detects an abnormality in the low-end device based on the abnormality information, acquires version information of the software, acquires information on rollback software which is a version of software older than a version in the version information of the software running in the low-end device from the storage, and requests the low-end device to roll back the software based on the information on the rollback software.

Abstract: According to an embodiment, an information processing apparatus includes: a memory on which first/second processing applications are stored, the first processing application being a secure application; and a processor that is coupled to the memory and executes the first and second processing applications. The first processing application includes an issuance module, a first communication module, and a log verification module. The issuance module issues a command to call a function of the second processing application and links the command to a verification rule. The first communication module transmits, to the second processing application, a command execution request including command identification information that identifies the command, and receives, from the second processing application, an execution log including an execution result of the command identified by the command identification information.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. The one or more processors are configured to: estimate a related program related to a computer program identified with a specific program identifier; register, in a prior calculation result list, a calculation result for the related program and a related identifier for identifying the related program so that the calculation result and the related identifier are associated with each other; acquire the program identifier for identifying the program serving as an execution target; and verify whether the program serving as the execution target is permitted to be executed, based on the acquired program identifier, the calculation result corresponding to the related identifier indicating the acquired program identifier in the prior calculation result list, and a white list.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. The one or more processors are configured to acquire a program identifier of a computer program disposed on a memory and serving as an execution target; read a calculation result corresponding to the acquired program identifier from a storage; and verify whether the computer program serving as the execution target is permitted to be executed, on the basis of the read calculation result and a white list.

Abstract: According to an embodiment, an information processing device includes a prior verifying unit, and an execution control unit. The prior verifying unit is configured to verify integrity of software registered in a whitelist at a timing which does not depend on an execution start of software and generate an execution permission list in which software which is successfully verified is registered as execution-permitted software. The execution control unit is configured to permit execution of the software if the software is registered in the execution permission list as the execution-permitted software when the execution start of the software is detected.

Abstract: According to an embodiment, an information processing apparatus includes one or more processor. The processor is configured to run a process and a process manager to manage the process. The process includes a first key generator, a first authentication code generator, and a first output unit. The first key generator is configured to generate a first message authentication key by using process unique data assigned by the process manager. The first authentication code generator is configured to generate a first message authentication code by using the first message authentication key and a first message. The first output unit is configured to transmit the first message and the first message authentication code to the process manager.

Abstract: According to an embodiment, an information processing apparatus includes processing circuitry. The processing circuitry is configured to detect writing on a first file and register, in a restriction target storage, file information on the first file and perform, when processing on a second file is requested and file information on the second file coincides with the file information stored in the restriction target storage, first restriction to restrict the processing on the second file.

Abstract: According to an embodiment, an information processing apparatus includes processing circuitry configured to function as a start process control unit, a file read detection unit, a determination unit, and a file reading unit. The start process control unit is configured to register at least a specific process of started processes in an identifiable manner into a first list. The file read detection unit is configured to detect a request to read a file by the specific process registered in the first list. The determination unit is configured to determine whether to allow reading of the requested file based on a first condition. The file reading unit is configured to control reading of the file in accordance with a determination result of the determination unit.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. One or more processors acquire first distinctive information of a first piece of software to be executed. When a whitelist that specifies distinctive information of pieces of software that are permitted to be executed records the distinctive information indicating the first distinctive information, one or more processors distinctively identify, as second distinctive information, the distinctive information of a second piece of software that represents another piece of software relating to the first piece of software in the whitelist.

Abstract: According to one embodiment, an information processing apparatus includes a first memory, a signal generation unit, an integrity check unit, and an access-right update unit. Firmware is stored in the first memory. The signal generation unit is configured to generate a signal when there is access violating access right, to the first memory. The integrity check unit is configured to perform, when the access violating access right is a verification request with respect to a predetermined verification target region, integrity check with respect to the verification target region in response to the signal. The access-right update unit is configured to update access right corresponding to the verification target region, to which the integrity check has been performed.

Abstract: According to an embodiment, an information processing apparatus includes: a memory on which first/second processing applications are stored, the first processing application being a secure application; and a processor that is coupled to the memory and executes the first and second processing applications. The first processing application includes an issuance module, a first communication module, and a log verification module. The issuance module issues a command to call a function of the second processing application and links the command to a verification rule. The first communication module transmits, to the second processing application, a command execution request including command identification information that identifies the command, and receives, from the second processing application, an execution log including an execution result of the command identified by the command identification information.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. The one or more processors are configured to acquire a program identifier of a computer program disposed on a memory and serving as an execution target; read a calculation result corresponding to the acquired program identifier from a storage; and verify whether the computer program serving as the execution target is permitted to be executed, on the basis of the read calculation result and a white list.

Abstract: According to an embodiment, an information processing device includes a prior verifying unit, and an execution control unit. The prior verifying unit is configured to verify integrity of software registered in a whitelist at a timing which does not depend on an execution start of software and generate an execution permission list in which software which is successfully verified is registered as execution-permitted software. The execution control unit is configured to permit execution of the software if the software is registered in the execution permission list as the execution-permitted software when the execution start of the software is detected.

Abstract: An information processing apparatus according to an embodiment includes a reception unit and switching unit. The reception unit receives an interrupt. The switching unit that switches a second operating system (OS) which is executing in a core to a first OS to which the interrupt for the first OS is input, when the reception unit receives an interrupt for the core in which the first OS is a priority OS and the second OS is not the priority OS.

Abstract: According to an embodiment, an information processing apparatus includes processing circuitry configured to function as a start process control unit, a file read detection unit, a determination unit, and a file reading unit. The start process control unit is configured to register at least a specific process of started processes in an identifiable manner into a first list. The file read detection unit is configured to detect a request to read a file by the specific process registered in the first list. The determination unit is configured to determine whether to allow reading of the requested file based on a first condition. The file reading unit is configured to control reading of the file in accordance with a determination result of the determination unit.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. One or more processors acquire first distinctive information of a first piece of software to be executed. When a whitelist that specifies distinctive information of pieces of software that are permitted to be executed records the distinctive information indicating the first distinctive information, one or more processors distinctively identify, as second distinctive information, the distinctive information of a second piece of software that represents another piece of software relating to the first piece of software in the whitelist.

Abstract: According to an embodiment, an information processing apparatus includes one or more processor. The processor is configured to run a process and a process manager to manage the process. The process includes a first key generator, a first authentication code generator, and a first output unit. The first key generator is configured to generate a first message authentication key by using process unique data assigned by the process manager. The first authentication code generator is configured to generate a first message authentication code by using the first message authentication key and a first message. The first output unit is configured to transmit the first message and the first message authentication code to the process manager.

Abstract: According to an embodiment, an information processing apparatus includes processing circuitry. The processing circuitry is configured to detect writing on a first file and register, in a restriction target storage, file information on the first file and perform, when processing on a second file is requested and file information on the second file coincides with the file information stored in the restriction target storage, first restriction to restrict the processing on the second file.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. The one or more processors are configured to: estimate a related program related to a computer program identified with a specific program identifier; register, in a prior calculation result list, a calculation result for the related program and a related identifier for identifying the related program so that the calculation result and the related identifier are associated with each other; acquire the program identifier for identifying the program serving as an execution target; and verify whether the program serving as the execution target is permitted to be executed, based on the acquired program identifier, the calculation result corresponding to the related identifier indicating the acquired program identifier in the prior calculation result list, and a white list.