Abstract: A storage unit stores transaction data to be recorded on a blockchain. When receiving identification information identifying a processing system for processing the transaction data among processing systems, a processing unit calculates a function value using a parameter corresponding to the received identification information and a function. The processing unit notifies a determination unit, which determines the processing system for processing the transaction data from among the processing systems, of the transaction data and signature data generated from the function value.

Abstract: A blockchain linking method for a computer to execute a process includes when deleting, a first block that precedes a second block from a blockchain, extracting first information that satisfies a certain condition from among a plurality of pieces of information stored in the first block, the first block and the second block being included in a plurality of blocks included in the blockchain; generating a third block that stores second information that includes the first information, the third information being generated such that a hash value obtained from the second information is equal to a hash value stored in the second block; and linking the third block before the second block in the blockchain.

Abstract: A control method includes generating third key information, when receiving a recording request for asset information to a blockchain and first key information, based on the first key information and second key information stored in a specific storage area, generating fourth key information by decrypting key information associated with the blockchain among a plurality of pieces of encrypted key information, by using the generated third key information, transmitting the fourth key information and the recording request to the blockchain.

Abstract: A control method includes generating third key information, when receiving a recording request for asset information to a blockchain and first key information, based on the first key information and second key information stored in a specific storage area, generating fourth key information by decrypting key information associated with the blockchain among a plurality of pieces of encrypted key information, by using the generated third key information, transmitting the fourth key information and the recording request to the blockchain.

Abstract: An information processing apparatus includes: a memory; and a processor coupled to the memory and configured to: generate, in response to reception of a token issue request including transaction information from a user, a permission rule for determining a permission range of transaction contents based on the transaction information; transmit a token corresponding to the permission rule to a web application which processes a proxy transaction for the user, and determine, in response to reception of a signature issue request based on a transaction request by the user including the token from the web application, whether or not to issue a digital signature corresponding to the signature issue request, based on whether or not the transaction contents included in the transaction request are within the permission range determined by the permission rule corresponding to the token included in the signature issue request.

Abstract: An information-storage system storing information includes, an information-storage unit configured to store data, an encoding/decoding unit configured to encode and store input data in the information-storage unit, and decode and output the encoded data stored in the information-storage unit upon receiving a request for an information output, a transmission unit configured to output the encoded data stored in the information-storage unit, the encoded data being left undecoded, and store the encoded data in a backup spot different from the information-storage unit, a status-monitoring unit configured to monitor an unusual status of the information-storage system, and a selection unit configured to select the transmission unit between the encoding/decoding unit and the transmission unit when the status-monitoring unit confirms the unusual status of the information-storage system.

Abstract: A malware detecting apparatus, monitoring apparatus, malware detecting program, and malware detecting method are provided. The method detects a plurality of nodes that have sent connection request information commonly to one of first destinations among a set of monitoring target nodes, detects, for each node in the set of monitoring target nodes, the number of second destinations to which the node has sent connection request information, identifies a node infected with malware based on the plurality of nodes detected and the number of second destinations detected, and outputs a result of the identification.

Abstract: An anti-worm program allows a computer to execute control of communication suspected as worm communication, the program allowing the computer to execute: a communication information acquisition step that acquires communication information which is information concerning communication from a target source; and a communication control step that has a control amount calculation formula for calculating the control amount of the communication from the target source using the communication information and performs control of the communication from the target source based on the communication control amount obtained using the control amount calculation formula.

Abstract: An information-storage system storing information includes, an information-storage unit configured to store data, an encoding/decoding unit configured to encode and store input data in the information-storage unit, and decode and output the encoded data stored in the information-storage unit upon receiving a request for an information output, a transmission unit configured to output the encoded data stored in the information-storage unit, the encoded data being left undecoded, and store the encoded data in a backup spot different from the information-storage unit, a status-monitoring unit configured to monitor an unusual status of the information-storage system, and a selection unit configured to select the transmission unit between the encoding/decoding unit and the transmission unit when the status-monitoring unit confirms the unusual status of the information-storage system.

Abstract: The apparatus analyzes management information about network information collected from a computer and a router, detects a change in the management information specific to the activity of an unauthorized access program (worm), and generates alert information including a type of apparatus whose collected management information indicates the detected change and address information about an apparatus suspected of performing the activity of a worm. When the type of apparatus in the alert information refers to a computer, the apparatus generates an instruction to delete relayed information for the computer. When the type of apparatus refers to a network connection apparatus, the apparatus generates an instruction to set a filter for cutting off the communications of a worm with the network connection apparatus. Thus, the apparatus transmits the instructions.

Abstract: A malicious access-detecting apparatus which is cable of grasping the whole aspect of an attack which can occur, before it actually occurs. A monitoring information-collecting section collects monitoring information including the network events detected by the monitoring devices on networks. A malicious apparatus group-deriving section retrieves a corresponding piece of the event information from an event information storage device, and derives, based on the retrieved piece of the event information, apparatuses that are involved in relevant detected network events which belong to the predetermined type of network events and of which addresses of senders or recipients are same, as a malicious apparatus group involved in the predetermined type of malicious access. A storage section stores information on each derived malicious apparatus group. An output section outputs a list of the each derived malicious apparatus group.

Abstract: A recording medium recording a network shutdown control program permitting suitable preventive measures to be taken. A detector monitors each network segment to be managed, and on detecting a communication fulfilling a predetermined condition, the detector generates a detection notification and sends the notification to a quarantine manager. On acquiring the detection notification generated by the detector of the local device or a detection notification generated by a remote network shutdown device, the quarantine manager generates a shutdown operation request in accordance with quarantine policy stored in a quarantine policy storage, and sends the request to a communication shutdown unit. In accordance with the shutdown operation request, the communication shutdown unit sets shutdown data identifying a target of shutdown and controls packets to be input to and output from the network segment so that the packets may be shut off or passed.

Abstract: A malware detecting apparatus, monitoring apparatus, malware detecting program, and malware detecting method are provided. The method detects a plurality of nodes that have sent connection request information commonly to one of first destinations among a set of monitoring target nodes, detects, for each node in the set of monitoring target nodes, the number of second destinations to which the node has sent connection request information, identifies a node infected with malware based on the plurality of nodes detected and the number of second destinations detected, and outputs a result of the identification.

Abstract: An anti-worm program allows a computer to execute control of communication suspected as worm communication, the program allowing the computer to execute: a communication information acquisition step that acquires communication information which is information concerning communication from a target source; and a communication control step that has a control amount calculation formula for calculating the control amount of the communication from the target source using the communication information and performs control of the communication from the target source based on the communication control amount obtained using the control amount calculation formula.

Abstract: An unauthorized access detection device capable of detecting unauthorized accesses which are made through preparation, in real time. When a packet travels on a network, a key data extractor obtains the packet and obtains key data. Next an ongoing scenario detector searches an ongoing scenario storage unit for an ongoing scenario with the key data as search keys. A check unit determines whether the execution of the process indicated by the packet after the ongoing scenario detected by the ongoing scenario detector follows an unauthorized access scenario being stored in an unauthorized access scenario storage unit. Then a report output unit outputs an unauthorized access report depending on the check result of the check unit.

Abstract: The apparatus analyzes management information about network information collected from a computer and a router, detects a change in the management information specific to the activity of an unauthorized access program (worm), and generates alert information including a type of apparatus whose collected management information indicates the detected change and address information about an apparatus suspected of performing the activity of a worm. When the type of apparatus in the alert information refers to a computer, the apparatus generates an instruction to delete relayed information for the computer. When the type of apparatus refers to a network connection apparatus, the apparatus generates an instruction to set a filter for cutting off the communications of a worm with the network connection apparatus. Thus, the apparatus transmits the instructions.

Abstract: In a network relay device, unauthorized access from an internal computer to an external network is detected, an unauthorized destination service port used for the unauthorized access is specified, and a substitute port is allocated. A service relay unit and the internal computer are instructed to use the substitute port instead of the unauthorized destination service port, and an unauthorized access notification is sent. Mutual conversion of the unauthorized destination service port and a substitute service port is carried out, to relay a packet between an internal network and the external network.

Abstract: A computer-readable recording medium recording a worm detection parameter setting program for setting an appropriate worm detection parameter for target environments. When a log reader loads a communication log created within a prescribed time period, a log classifier classifies the entries of the communication log into categories based on communication contents. A frequency distribution creator analyzes the entries of a category, counts the number of appearance of each worm detection parameter value for each object of a preset network unit, and creates frequency distribution information. A threshold derivation unit analyzes the frequency distribution information and derives a threshold value that is used for determining whether a worm is propagating. An output unit outputs to an output device the threshold value for the worm detection parameter for the category, together with the frequency distribution information created by the frequency distribution creator, thereby providing a user with the information.

Abstract: A recording medium recording a network shutdown control program permitting suitable preventive measures to be taken. A detector monitors each network segment to be managed, and on detecting a communication fulfilling a predetermined condition, the detector generates a detection notification and sends the notification to a quarantine manager. On acquiring the detection notification generated by the detector of the local device or a detection notification generated by a remote network shutdown device, the quarantine manager generates a shutdown operation request in accordance with quarantine policy stored in a quarantine policy storage, and sends the request to a communication shutdown unit. In accordance with the shutdown operation request, the communication shutdown unit sets shutdown data identifying a target of shutdown and controls packets to be input to and output from the network segment so that the packets may be shut off or passed.

Abstract: A computer-readable recording medium recording a worm detection program which is preferably usable for a large-scale network and is capable of detecting worm communication with little information. A worm detection device which runs this program has a switching hub function, and comprises five physical ports that are network interfaces, a communication acquisition section, and a worm detector, for example. The communication acquisition section acquires ICMP type3 (destination unreachable message) packets going out of the physical ports. The worm detector determines whether the packet communication is worm communication, based on information on the ICMP type3 packets obtained for each source MAC address by the communication acquisition section and worm criteria set for determining whether communication is worm communication.