Abstract: A display device includes: a first substrate, a second substrate, a light-blocking portion, a pixel, and a wiring line. The second substrate has a main face opposite a main face of the first substrate. The light-blocking portion is disposed on the main face of the first substrate, including an opening, and blocking light. The pixel is disposed on the main faces of the first substrate and the second substrate and delimited by at least a part of the opening. The wiring line is disposed on the main face of the second substrate and at least partially overlapping the opening. The wiring line has a projection protruding toward a first substrate side. The projection has a surface including a curved surface and comprises a plurality of projections disposed at intervals in locations overlapping at least the opening.

Abstract: An ontology generation unit (110) generates information that represents an access policy for each attribute of access in a hierarchical structure, as a plurality of ontologies (30). An application rule generation unit (120) generates an application rule (40). A policy candidate extraction unit (140) acquires an access request (51), and extracts an ontology (30) that includes an attribute included in the access request (51) as an access policy candidate from the plurality of ontologies. An access rule determination unit (150) specifies a plurality of access policies that match the attribute included in the access request (51) form the access policy candidate, applies the application rule (40) to the plurality of access policies, and determines an access rule. A propriety decision unit (160) decides propriety of access based on the access rule.

Abstract: An evaluation-value acquisition unit (102) acquires an evaluation value regarding information security of an evaluated supplier which has been evaluated regarding the information security. A number-of-appearances acquisition unit (105) acquires the number of appearances as to the evaluated supplier of each of two or more keywords regarding the information security in public information. A model generation unit (106) performs multiple regression analysis using the evaluation value of the evaluated supplier and the number of appearances as to the evaluated supplier of each of the two or more keywords in the public information, and generates a regression model whose explanatory variable is the number of appearances of each of the two or more keywords in the public information and whose object variable is the evaluation value.

Abstract: A registration destination determination device (50) determines which data management device, among a plurality of data management devices (20A, 20B), is to manage registration data, such that, with a data type constituting the registration data as a target type, an appearance frequency distribution of values set for the target type of the registration data managed by each of the plurality of data management devices (20A, 20B) is different from an appearance frequency distribution of values set for the target type of the registration data managed by the whole of the plurality of data management devices (20A, 20B).

Abstract: An attribute linkage apparatus (20) transmits attribute information managed by each of a plurality of data management apparatuses (30) to a certain data management apparatus (30) and causes the data management apparatus to specify an access condition to data according to the attribute information and then store the data. The attribute linkage apparatus (20) transmits access information in which attribute information relating to a target user out of the attribute information managed by each of the plurality of data management apparatuses (30) has been set to a certain data management apparatus (30), and causes the data management apparatus to determine whether the access condition is satisfied according to the access information and control an access to data.

Abstract: An encrypted data receiving unit (201) receives encrypted data which has been encrypted, in which a decryption condition to define a user attribute of a decryption-permission user who is permitted to decrypt the encrypted data is embedded. A data storage unit (202) stores the encrypted data received by the encrypted data receiving unit (201) in an encrypted state. A revocation processing unit (209) adds revocation information in which a user attribute of a revoked user who is no longer the decryption-permission user is indicated, to an embedded decryption condition that is embedded in the encrypted data, while the encrypted data remains in an encrypted state.

Abstract: In an information providing apparatus, a rule storage unit stores a processing rule including, as a permitted processing method, a processing method permitted for equipment information transmitted from equipment. Further, a data provision unit acquires a provision request including a processing method of the equipment information as a requested processing method. When the requested processing method matches the permitted processing method included in the processing rule, a data processing unit processes the equipment information by the requested processing method. Further, the data provision unit transmits, as processed information, the processed equipment information to a request source of the provision request.

Abstract: A registration destination determination device (50) determines which data management device, among a plurality of data management devices (20A, 20B), is to manage registration data, such that, with a data type constituting the registration data as a target type, an appearance frequency distribution of values set for the target type of the registration data managed by each of the plurality of data management devices (20A, 20B) is different from an appearance frequency distribution of values set for the target type of the registration data managed by the whole of the plurality of data management devices (20A, 20B).

Abstract: An attribute linkage apparatus (20) transmits attribute information managed by each of a plurality of data management apparatuses (30) to a certain data management apparatus (30) and causes the data management apparatus to specify an access condition to data according to the attribute information and then store the data. The attribute linkage apparatus (20) transmits access information in which attribute information relating to a target user out of the attribute information managed by each of the plurality of data management apparatuses (30) has been set to a certain data management apparatus (30), and causes the data management apparatus to determine whether the access condition is satisfied according to the access information and control an access to data.

Abstract: A server device 201 comprises a communication part 231, a search history storage region 213, a data storage part 210, and a checking part 220. The communication part receives a set of a trapdoor and a deterministic encrypted keyword from a search device 401. The search history storage region 213 stores the set of the trapdoor and the deterministic encrypted keyword. The data storage part 210 stores keyword information in which search target data and an encrypted keyword are associated with each other. If the deterministic encrypted keyword is obvious, a deterministic encrypted keyword corresponding to the encrypted keyword is additionally associated with the search target data and the encrypted keyword in the keyword information. The checking part 220 checks whether or not a deterministic encrypted keyword which matches the received deterministic encrypted keyword exists in the search history storage region 213.

Abstract: A data storage system (1) uses an encryption scheme in which an encrypted file can be decrypted using a decryption key when a decryption condition set in the encrypted file is satisfied by a user attribute set in the decryption key. The data storage system (1) stores encrypted files encrypted by the encryption scheme in a file storage apparatus (20). When user attribute is specified from a user terminal (10), the data storage system (1) extracts the encrypted file of which the decryption condition is satisfied by the specified user attribute from among the encrypted files stored in the file storage apparatus (20), and displays the extracted encrypted files classified by decryption condition.

Abstract: A data storage unit (202) stores encrypted data while remaining in an encrypted state, and stores decryption conditions to define a user attribute of a decryption-permission user who is permitted to decrypt the encrypted data. In a case wherein revocation information to indicate a user attribute of a revoked user who is no longer the decryption-permission user has been added to the decryption condition when update timing arrives, a revocation information removing unit (206) removes the revocation information from the decryption condition while the encrypted data remains in the encrypted state.

Abstract: The present invention relates to an authentication device that executes an online transaction typified by a transfer process of an online banking service. The authentication device includes a secret information storage unit to store secret information; a verification unit to verify validity of input data including input information of a user; an information extraction unit to extract the input information from the input data the validity of which has been verified by the verification unit; an authentication information generation unit to generate authentication information with the input information extracted by the information extraction unit and the secret information stored in the secret information storage unit; and a display unit to display the authentication information generated by the authentication information generation unit.

Abstract: A database (7) stores a first identifier and visiting destination authentication information in association with each other, the first identifier being generated from visitor authentication information which is one of an encrypted face photograph image and key data used for generating the encrypted face photograph image, the visiting destination authentication information being the other of the encrypted face photograph image and the key data. An authentication terminal apparatus (9) receives authentication data from a mobile terminal device (2) used by a visitor (1) who intends to enter a facility and generates a second identifier from the authentication data in the same generation procedure as that of the first identifier.

Abstract: A data storage unit (202) stores encrypted data while remaining in an encrypted state, and stores decryption conditions to define a user attribute of a decryption-permission user who is permitted to decrypt the encrypted data. In a case wherein revocation information to indicate a user attribute of a revoked user who is no longer the decryption-permission user has been added to the decryption condition when update timing arrives, a revocation information removing unit (206) removes the revocation information from the decryption condition while the encrypted data remains in the encrypted state.

Abstract: A method for manufacturing a colored aluminum product or a colored aluminum alloy product includes the following steps of (i) subjecting a substrate made of aluminum or aluminum alloy to an anodic oxidation in a treatment solution containing phosphoric acid to form an anodic oxidation film having a plurality of pores on a surface of the substrate, (ii) treating the substrate with warm water having a temperature between 40 and 100° C., and (iii) immersing the substrate in a pigment composition for coloration includes pigment particles, a dispersing agent and water to fill the pigment particles into a plurality of the pores in the anodic oxidation film on the surface of the substrate, thereby performing coloration.

Abstract: An encrypted data receiving unit (201) receives encrypted data which has been encrypted, in which a decryption condition to define a user attribute of a decryption-permission user who is permitted to decrypt the encrypted data is embedded. A data storage unit (202) stores the encrypted data received by the encrypted data receiving unit (201) in an encrypted state. A revocation processing unit (209) adds revocation information in which a user attribute of a revoked user who is no longer the decryption-permission user is indicated, to an embedded decryption condition that is embedded in the encrypted data, while the encrypted data remains in an encrypted state.

Abstract: An image forming apparatus includes a coating portion configured to perform a coating process that forms a coating film on a recording sheet with an image formed thereon, a main transport path configured to transport the recording sheet with the image formed thereon and to have a branching portion formed thereon, and a sub transport path configured to be once branched from the main transport path at the branching portion and to be returned to the main transport path again. The coating portion is disposed on the sub transport path.

Abstract: A cryptographic system (10) uses a cryptographic scheme capable of decrypting ciphertext on which one of two pieces of information corresponding to each other is set, with a decryption key on which the other piece of information is set. A key generation apparatus (401) generates a user private key on which one of key information u and key information y corresponding to each other is set, and a re-encryption key to convert ciphertext which can be decrypted with an attribute private key on which one of user attribute information x and user attribute information v corresponding to each other is set, into a re-ciphertext on which the other of the key information u and the key information y is set. A ciphertext storage apparatus (201) stores ciphertext on which the other of the user attribute information x and the user attribute information v is set. A re-encryption apparatus (301) re-encrypts the ciphertext stored in the ciphertext storage apparatus with the re-encryption key to generate the re-ciphertext.

Abstract: A data search server stores a system ciphertext including a data ciphertext and a keyword ciphertext in each category-specific DB unit for each data category, and stores each category-determination secret key being associated with each category-specific DB unit. A search request receiving unit receives from a data search terminal a search request including a search trapdoor and an index tag. A data searching unit searches for a category-determination secret key with which the index tag is decrypted to the same value as a key-determination value. Using the search trapdoor, the data searching unit performs a search of a Public-key Encryption with Keyword Search scheme on system ciphertexts in a category-specific DB unit associated with this category-determination secret key. A search result transmitting unit transmits to the data search terminal a data ciphertext included in a system ciphertext which has been found as a hit in the search.