Abstract: A network packet analyzer according an embodiment includes a memory and one or more hardware processors. The memory stores a plurality of sets of training data in which semantics of one protocol field and one or more patterns indicating characteristics of variations of the parameters of the one protocol field are associated with each other. The hardware processors: captures a network packets and extracts a variable field whose parameter varies in time series; generates, based on the parameter varying in the time series in the variable field, one or more patterns indicating a characteristic of a variation of the parameter; and compares each of the one or more patterns with each of the one or more patterns of the training data and estimate the semantics of the variable field.

Abstract: According to one embodiment, an information processing apparatus includes a processor configured to: acquire a record that is at least one of a record related to a process for data and a record related to consent to the process for the data, from a first storage system that stores the record; acquire a log of an operation performed in relation to at least one of the process and the consent, from a second storage system that stores the log; and verify consistency of the acquired record, based on the acquired log.

Abstract: An information processing apparatus includes: a receiver to receive a verification request of consistency for an object of verification being a handling consent record or a handling execution record related to a handling of data; a searcher to search a storage system storing at least one handling consent record and at least one handling execution record on a basis of the verification request, and acquire the handling consent record or the handling execution record which is the object of verification and a handling consent record and a handling execution record related to the object of verification; a period calculator to calculate at least one of a consent period or a non-consent period on a basis of acquired handling consent record(s); and a verifier to verify the consistency on a basis of acquired handling execution record(s) and at least one of the consent period or the non-consent period.

Abstract: In a case where data is provided to a plurality of third parties, an embodiment of the present invention provides a method and the like for checking the consent and disclosure history of disclosure to the third parties while also reducing the disadvantages from a data leak. An information processing method according to an embodiment of the present invention includes writing, to a blockchain, a consent record indicating a consent with respect to the handling of data and a related party related to the consent or the data. In the case where executing the handling in the consent record would allow the data to be usable by a third party that is neither the executing party executing the handling nor the related party, the consent record is written such that the identifier is changed to a different identifier uniquely corresponding to the third party.

Abstract: According to an embodiment, an information processing apparatus includes: a memory on which first/second processing applications are stored, the first processing application being a secure application; and a processor that is coupled to the memory and executes the first and second processing applications. The first processing application includes an issuance module, a first communication module, and a log verification module. The issuance module issues a command to call a function of the second processing application and links the command to a verification rule. The first communication module transmits, to the second processing application, a command execution request including command identification information that identifies the command, and receives, from the second processing application, an execution log including an execution result of the command identified by the command identification information.

Abstract: According to one embodiment, an information processing apparatus includes one or more processors. The processors store a first public key certificate and second public key certificates in storage. The first public key certificate includes a first validity period, a signature, and a public key. Each of the second public key certificates including a signature and a second validity period that is within the first validity period and shorter than the first validity period. The second validity periods included in the second public key certificates are mutually different. The processors receive specific information of the first public key certificate. The processors transmit one of the plurality of second public key certificate including the second validity period in which a start time of the second validity period is before a current time and generated from the first public key certificate specified by the received specific information to a transmission source of the specific information.

Abstract: An information processing device converts a plurality of original data arranged on a preset n-dimensional map into a plurality of new data arranged on a map according to a conversion rule. In the conversion rule, when an original datum at a target position on the map has a value of out-of-criterion, a new datum at the target position is set to the value of the original datum at the target position, and when the original datum at the target position has a value of within-criterion, each of values of one or more original data excluding an original datum having a value of the out-of-criterion from original data included in a reference region is selected to perform majority voting with the values of the one or more original data selected, and the new datum at the target position is set to a value determined by the majority voting.

Abstract: According to an embodiment, an information processing device includes one or more processors. The one or more processors are configured to: acquire one or more pieces of setting information of a module used for an attack aimed at a target of a penetration test; analyze the acquired setting information to determine a type of the attack; and generate attack step information that defines a condition and a procedure of the attack according to the determined type.

Abstract: According to one embodiment, a data management method performed by a computer, includes: receiving first request information for requesting to execute a first process on first data, the first data being data regarding a person; and determining whether the first process is executable, based on the first request information and consent information, the consent information including a first condition that the person consents to perform the first process.

Abstract: According to one embodiment, an information processing method performed by a computer includes receiving a holding request that includes target data and first identification information regarding the target data to generate second identification information different from the first identification information; generating first pseudonymized data that includes the second identification information and the target data, and holding the first pseudonymized data in a first hardware holding device; generating first pseudonymous association data that associates the first identification information with the second identification information, and storing the first pseudonymous association data in a first hardware storage; calculating a first value by an operation based on the first pseudonymous association data; and providing first record information for a storage system, the storage system being configured to store the first record information, the first record information including the first value and including first

Abstract: In a case where data is provided to a plurality of third parties, an embodiment of the present invention provides a method and the like for checking the consent and disclosure history of disclosure to the third parties while also reducing the disadvantages from a data leak. An information processing method according to an embodiment of the present invention includes writing, to a blockchain, a consent record indicating a consent with respect to the handling of data and a related party related to the consent or the data. In the case where executing the handling in the consent record would allow the data to be usable by a third party that is neither the executing party executing the handling nor the related party, the consent record is written such that the identifier is changed to a different identifier uniquely corresponding to the third party.

Abstract: A terminal device according to an embodiment includes an accepting unit, a secret value generating unit, a response data generating unit, and an output unit. The accepting unit accepts an inquiry about genome data of each user. The secret value generating unit generates a secret value by applying a one-way function to the genome data. The response data generating unit generates response data to the inquiry on the basis of the secret value generated by the secret value generating unit and contents of the inquiry. The output unit outputs the response data generated by the response data generating unit.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. The one or more processors are configured to: estimate a related program related to a computer program identified with a specific program identifier; register, in a prior calculation result list, a calculation result for the related program and a related identifier for identifying the related program so that the calculation result and the related identifier are associated with each other; acquire the program identifier for identifying the program serving as an execution target; and verify whether the program serving as the execution target is permitted to be executed, based on the acquired program identifier, the calculation result corresponding to the related identifier indicating the acquired program identifier in the prior calculation result list, and a white list.

Abstract: A control apparatus with automated test suites according to an embodiment includes capability information storage, and at least one hardware processor configured to function as an analyzer, an organizer, and an executor. The capability information storage stores therein a plurality of capabilities defining actions indicating attack methods. The analyzer parses at least one of network structure information of a system under test and vulnerability information of the system under test to extract the actions from the capabilities. The organizer generates an attack path through which an achieved state of an attack goal is reached by combining the actions extracted by the analyzer. The executor executes the actions included in the attack path.

Abstract: According to an embodiment, an information processing apparatus includes one or more processors. The one or more processors are configured to acquire a program identifier of a computer program disposed on a memory and serving as an execution target; read a calculation result corresponding to the acquired program identifier from a storage; and verify whether the computer program serving as the execution target is permitted to be executed, on the basis of the read calculation result and a white list.

Abstract: A network packet analyzer according an embodiment includes a memory and one or more hardware processors. The memory stores a plurality of sets of training data in which semantics of one protocol field and one or more patterns indicating characteristics of variations of the parameters of the one protocol field are associated with each other. The hardware processors: captures a network packets and extracts a variable field whose parameter varies in time series; generates, based on the parameter varying in the time series in the variable field, one or more patterns indicating a characteristic of a variation of the parameter; and compares each of the one or more patterns with each of the one or more patterns of the training data and estimate the semantics of the variable field.

Abstract: According to an embodiment, an information processing device includes a prior verifying unit, and an execution control unit. The prior verifying unit is configured to verify integrity of software registered in a whitelist at a timing which does not depend on an execution start of software and generate an execution permission list in which software which is successfully verified is registered as execution-permitted software. The execution control unit is configured to permit execution of the software if the software is registered in the execution permission list as the execution-permitted software when the execution start of the software is detected.

Abstract: An information processing apparatus according to an embodiment includes one or more hardware processor. The one or more hardware processor divides original data into a plurality of pieces of division data, each piece of the division data including a non-overlap with one another, and executes alteration processing in mutually different manners on the plurality of pieces of division data, the mutually different manners corresponding one-to-one to the plurality of pieces of division data.

Abstract: According to an embodiment, an information processing apparatus includes one or more processor. The processor is configured to run a process and a process manager to manage the process. The process includes a first key generator, a first authentication code generator, and a first output unit. The first key generator is configured to generate a first message authentication key by using process unique data assigned by the process manager. The first authentication code generator is configured to generate a first message authentication code by using the first message authentication key and a first message. The first output unit is configured to transmit the first message and the first message authentication code to the process manager.

Abstract: According to an embodiment, an information processing apparatus includes processing circuitry. The processing circuitry is configured to detect writing on a first file and register, in a restriction target storage, file information on the first file and perform, when processing on a second file is requested and file information on the second file coincides with the file information stored in the restriction target storage, first restriction to restrict the processing on the second file.