公开(公告)号：JPH08153090A

公开(公告)日：1996-06-11

申请号：JP29408794

申请日：1994-11-29

Applicant: IBM

Inventor： TADA MASAMI ,  YUGE MASAHITO ,  MIYASHITA SHICHIRO

IPC: G06F9/06 ,  G06F17/21 ,  G06F17/28

Abstract: PURPOSE: To obtain a sufficient conversion function and speed even if the size of a KANA/KANJI conversion dictionary is small by integrally generating the KANA/KANJI dictionary as a program. CONSTITUTION: A CPU 102, a RAM 104, a keyboard 106, a display device 108, a hard disk 110, a floppy disk driver 112 or the like are connected to a bus 101. Alphanumerics keys, mark input keys, KANJI keys for inputting a KANA/ KANJI conversion mode, conversion keys for indicating a KANA/KANJI conversion processing after 'reading' is inputted are provided on the keyboard 106. The KANA/KANJI conversion dictionary is integrally generated as the program containing a retrieval function with such constitution. The KANA/KANJI conversion dictionary program is compiled as a dynamic link library routine(DLL) especially under an operating system for supporting the DLL, and the dictionary retrieval function is usably exported by the other program.

公开(公告)号：GB2498428A

公开(公告)日：2013-07-17

申请号：GB201221250

申请日：2012-11-27

Applicant: IBM

Inventor： FURUICHI SANEHIRO ,  TADA MASAMI

IPC: G06F21/57 ,  G06F21/34

Abstract: An information processing device that performs authentication processing with a mounted authentication device that securely stores unique identification information, comprises a mounting component, a memory component which stores a table with correspondent listing of the unique identifier information of the authentication device and a count value, and a control component which, when power is activated (boot), starts by reading a first program ST1 (such as a BIOS), and reads the identification information of the mounted authentication device, references the table, and if the count value is larger than a prescribed value ST2, performs authentication processing for the authentication device ST3, and when authentication has succeeded starts by reading a second program ST4 (such as an OS), and if the authentication device continues to be mounted ST5, decreases the table count value ST6 that corresponds to the unique identification information of the authentication device. Re-authentication processing ST7 may be performed, which restricts or stops the second program if failed. This encourages the user to remove the authentication device after authentication, thus preventing the information processing device from being lost or stolen with the device still mounted.

公开(公告)号：DE102012210887A1

公开(公告)日：2013-01-03

申请号：DE102012210887

申请日：2012-06-26

Applicant: IBM

Inventor： FURUICHI SANEHIRO ,  TADA MASAMI ,  TAKU ARATSU

IPC: G06F9/44

Abstract: Eine Aufgabe der vorliegenden Erfindung ist die Bereitstellung eines Verfahrens zum Einrichten einer sicher verwalteten Ausführungsumgebung für eine virtuelle Maschine und eines hierfür verwendeten Programms. Nachdem ein Programm, in dem ein Mittel zum selektiven Maskieren eines Fensterbildschirms einer virtuellen Maschine und eine Sicherheitsfunktion integriert sind, mit Administratorberechtigung in einem Host-Betriebssystem einer Benutzerdatenstation installiert wurde, wird ein Programm mit einer integrierten Sicherheitsfunktion, die der Administrator in der virtuellen Maschine einrichten möchte, und einem integrierten Mittel zum Freigeben der Maske für einen Benutzer bereitgestellt. Wenn eine solche Situation vom Administrator geschaffen wird, kann der Benutzer, der eine virtualisierte Umgebung verwenden möchte, nicht umhin, das Installieren der Sicherheitsfunktion, deren Installation vom Administrator gewünscht wird, in der virtuellen Maschine zu akzeptieren.

公开(公告)号：JP2013117911A

公开(公告)日：2013-06-13

申请号：JP2011265908

申请日：2011-12-05

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation

Inventor： FURUICHI SANEHIRO ,  TADA MASAMI

IPC: G06F21/34

CPC classification number: G06F21/34 ,  G06F2221/2111

Abstract: PROBLEM TO BE SOLVED: To provide an information processing device, a control method, and a program which can minimize a security risk.SOLUTION: When a power supply is turned on, a control unit 15 reads out a first program from a first storage unit 12, and starts the first program. According to the first program, the control unit 15 reads out identification information of an authentication device 2 attached to an attachment unit 11, refers to a table T to verify a counter value associated with the identification information of the authentication device 2 is greater than a predetermined value, and performs authentication processing with the authentication device 2. When the counter value is greater than the predetermined value and the authentication is successful, the control unit 15 reads out a second program from a second storage unit 13, and starts the second program. While running the second program, if the authentication device 2 is continuously attached to the attachment part 11, the control unit 15 subtracts the counter value associated with the unique identification information of the authentication device 2 in the table.

Abstract translation: 要解决的问题：提供可以最小化安全风险的信息处理设备，控制方法和程序。

解决方案：当电源接通时，控制单元15从第一存储单元12读出第一程序，并启动第一程序。 根据第一程序，控制单元15读出附接到附接单元11的认证装置2的识别信息，参考表T来验证与认证装置2的识别信息相关联的计数器值大于 并且与认证装置2进行认证处理。当计数器值大于预定值并且认证成功时，控制单元15从第二存储单元13读出第二程序，并开始第二程序 。 在运行第二程序的同时，如果认证装置2连续地附着到附件部11，则控制部15减去与表中的认证装置2的唯一识别信息相关联的计数值。 版权所有（C）2013，JPO＆INPIT

公开(公告)号：JP2012212391A

公开(公告)日：2012-11-01

申请号：JP2011078533

申请日：2011-03-31

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： MUNETO SEIJI ,  HAYATA YASUHIKO ,  TADA MASAMI ,  DAIMON AKIRA

IPC: G06F21/22 ,  G06F9/46 ,  G06F21/20

CPC classification number: G06F21/554 ,  G06F9/45533 ,  G06F21/74 ,  G06F2221/2127 ,  H04L63/1491

Abstract: PROBLEM TO BE SOLVED: To provide protection against unauthorized access.SOLUTION: A system comprises: a detection unit configured to detect unauthorized access to an information processing apparatus; and a control unit configured to shift modes of the information processing apparatus. A computer executes a first virtual machine and a second virtual machine. When the system is operating normally, the control unit causes the information processing apparatus implemented by the first virtual machine to operate in a normal mode, and causes the information processing apparatus implemented by the second virtual machine to operate in a standby mode. If the unauthorized access is detected, the control unit shifts the information processing apparatus implemented by the first virtual machine into a decoy mode, and shifts the information processing apparatus implemented by the second virtual machine into the normal mode.

Abstract translation: 要解决的问题：防止未经授权的访问。 解决方案：系统包括：检测单元，被配置为检测对信息处理设备的未授权访问; 以及控制单元，被配置为移动所述信息处理设备的模式。 计算机执行第一虚拟机和第二虚拟机。 当系统正常运行时，控制单元使得由第一虚拟机实现的信息处理设备以正常模式运行，并使由第二虚拟机实现的信息处理设备在待机模式下操作。 如果检测到未经授权的访问，则控制单元将由第一虚拟机实现的信息处理设备移动到诱饵模式，并将由第二虚拟机实现的信息处理设备移动到正常模式。 版权所有（C）2013，JPO＆INPIT

公开(公告)号：JP2012168755A

公开(公告)日：2012-09-06

申请号：JP2011029418

申请日：2011-02-15

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： TADA MASAMI ,  DAIMON AKIRA ,  HAYATA YASUHIKO ,  TSUMURA TADASHI

IPC: G06F21/20 ,  H04L12/56 ,  H04L12/66

CPC classification number: G05B19/048 ,  G06F21/552 ,  H04L63/1425

Abstract: PROBLEM TO BE SOLVED: To provide an abnormality detection system for efficiently detecting abnormality arising in a control system and for separating the control system where the abnormality is found.SOLUTION: An abnormality detection system includes: multiple control systems that are connected to a network and respectively operate within an individual protection area; a monitoring part that is provided in each control system, inspects data exchanged between the control system and an opposing party's control system to be monitored, and transmits abnormality notification when the opposing party's control system is suspected of abnormality; and a management part 210 that aggregates the abnormality notification transmitted from each monitoring part in the control systems, evaluates a reputation of the control system suspected of abnormality, and causes a protection area where the control system suspected of abnormality operates to limit outbound traffic at least from the inside of the protection area when the suspected control system is determined to have abnormality by comparing an evaluation result with a standard.

Abstract translation: 要解决的问题：提供一种异常检测系统，用于有效地检测控制系统中出现的异常和用于分离发现异常的控制系统。 解决方案：异常检测系统包括：多个控制系统，其连接到网络并分别在单独的保护区域内操作; 在每个控制系统中设置的监视部分，检查控制系统与对方的控制系统之间交换的数据进行监视，并在对方的控制系统被怀疑异常时发送异常通知; 以及管理部210，其对从控制系统中的各监视部发送的异常通知进行聚合，评价疑似异常的控制系统的信誉，并且使得怀疑异常的控制系统的保护区域至少限制出站业务 当通过将评估结果与标准进行比较来确定疑似控制系统具有异常时，从保护区域的内部。 版权所有（C）2012，JPO＆INPIT

公开(公告)号：JP2012168686A

公开(公告)日：2012-09-06

申请号：JP2011028341

申请日：2011-02-14

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： TSUMURA TADASHI ,  DAIMON AKIRA ,  TADA MASAMI ,  HAYATA YASUHIKO ,  AKIYAMA KAZUTO

IPC: G05B23/02 ,  G06F11/30 ,  G06F21/20 ,  G06Q50/10

CPC classification number: G06F21/50 ,  G05B19/0428 ,  G06F11/07 ,  G06F21/554 ,  H04L63/1425

Abstract: PROBLEM TO BE SOLVED: To apply security protection to a control system in an important infrastructure, etc.SOLUTION: An abnormality detecting device 150 in the invention comprises: an identification part 152 for receiving event information that arises within a control network 130, referring to a configuration management database 170 that maintains a dependence relationship between resources (110, 120, etc.) including a control system 102 and between processes, and identifying a group to which a resource pertaining to the event information belongs; a policy storage part 160 for storing one or more policies to associate conditions for regulating a situation suspected of having abnormality with one or more actions; an addition part 156 for acquiring group-related information to be required in applying the policies, and adding the acquired information to the event information; and a determination part 158 for applying the event information to the policies, and determining an action to be associated with the corresponding conditions as an action to be executed. Then, the abnormality detecting device 150 detects abnormality in the control network 130.

Abstract translation: 要解决的问题：在重要基础设施等中对控制系统应用安全保护。解决方案：本发明的异常检测装置150包括：识别部分152，用于接收发生在 控制网络130，参考维护包括控制系统102在内的资源（110,120等）之间以及进程之间的依赖关系的配置管理数据库170，并且识别属于事件信息的资源所属的组; 策略存储部分160，用于存储一个或多个策略以将用于调节怀疑有异常的情况与一个或多个动作相关联的条件; 用于获取在应用策略中需要的组相关信息的添加部分156，并将所获取的信息添加到事件信息中; 以及确定部分158，用于将事件信息应用于策略，并且确定与相应条件相关联的动作作为要执行的动作。 然后，异常检测装置150检测控制网络130中的异常。版权所有：（C）2012，JPO＆INPIT

公开(公告)号：JP2011113310A

公开(公告)日：2011-06-09

申请号：JP2009269119

申请日：2009-11-26

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： TAKAHASHI YUICHI ,  SHIMURA TAKEYUKI ,  TADA MASAMI ,  SHIGA KATSUYUKI

IPC: G06F13/00 ,  G06F3/048 ,  G06F17/30

CPC classification number: G06Q10/107

Abstract: PROBLEM TO BE SOLVED: To enable recipients of an e-mail addressed to a plurality of destination addresses to readily specify messages of their interest.
SOLUTION: A device for processing an e-mail containing a plurality of destination addresses, contents corresponding to the respective destination addresses, and display attributes for displaying the respective contents on a display device includes: means for acquiring the degree of association between a first destination address, which is one of the plurality of destination addresses, and at least one of the other destination addresses; and means for modifying the display attributes for the contents in accordance with the degree of association.
COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：使得寻址到多个目的地地址的电子邮件的接收者能够容易地指定他们感兴趣的消息。 解决方案：一种用于处理包含多个目的地地址的电子邮件的设备，对应于各个目的地地址的内容，以及用于在显示设备上显示各个内容的显示属性包括：用于获取在显示设备之间的关联程度的装置， 作为多个目的地地址之一的第一目的地地址和其他目的地地址中的至少一个; 以及用于根据关联程度修改内容的显示属性的装置。 版权所有（C）2011，JPO＆INPIT

公开(公告)号：JP2011086055A

公开(公告)日：2011-04-28

申请号：JP2009237369

申请日：2009-10-14

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： FURUICHI SANEHIRO ,  AKIYAMA KAZUTO ,  TADA MASAMI

IPC: G06F1/32 ,  G06F3/12

CPC classification number: H04L41/0803 ,  H04L41/0213 ,  H04L41/0833 ,  H04L43/0817 ,  H04L67/125 ,  H04L67/18

Abstract: PROBLEM TO BE SOLVED: To achieve reduced office power consumption by, when the number of active user computers in the vicinity of the network printer is large, setting the network printer in a standby state and, when that number is small, powering off the network printer. SOLUTION: A method for managing a first unit and one or more other units connected to the first unit over a network is provided. The method includes (i) detecting, by a management unit, the operating state of the other units positioned within a specific range from the first unit on the basis of the location of each of the first and other units over the network, the operating state including at least an operating state at which a service request is capable of being transmitted to the first unit. The method further includes (ii) transmitting, by the management unit, to the first unit, an instruction to change an operating state of the first unit depending on a number of the other units being in the detected operating state at which the service request is capable of being transmitted. COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：为了通过在网络打印机附近的活动用户计算机的数量大的情况下实现办公室功耗的降低，将网络打印机设置为待机状态，并且当该数量小时， 关闭网络打印机。 提供了一种用于管理通过网络连接到第一单元的第一单元和一个或多个其它单元的方法。 该方法包括（i）基于网络上的第一单元和其他单元的位置，由管理单元检测位于来自第一单元的特定范围内的其他单元的操作状态，操作状态 包括至少能够将服务请求发送到第一单元的操作状态。 该方法还包括（ii）由管理单元向第一单元发送根据其中检测到的服务请求的操作状态的其他单元的数量来改变第一单元的操作状态的指令 能够传输。 版权所有（C）2011，JPO＆INPIT

公开(公告)号：JP2010257167A

公开(公告)日：2010-11-11

申请号：JP2009105837

申请日：2009-04-24

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： TADA MASAMI ,  UEDA HIDEKUNI ,  SUGIURA TOMOKI ,  HIROTA KENJI

IPC: G06F13/00

CPC classification number: G06Q10/107 ,  H04L51/16 ,  H04L51/28

Abstract: PROBLEM TO BE SOLVED: To provide an apparatus, a method and a computer program for checking the destination email address of an email including historical information, which, in a case where a plurality of users exchange emails including historical information with each other, eliminate the need for the users to disclose the content of the cited historical information and prevent the emails from being sent by mistake to destinations unintended by the users, thereby maintaining confidentiality.
SOLUTION: An email including historical information that cites emails exchanged between a plurality of users as historical information is created. A part or all of an email address included in the historical information cited in the created email including historical information is collected as address information. The collected address information is stored. It is checked whether or not the destination email addresses set in the email including the historical information contain the stored address information, and alert information indicating the destination email address not including the address information is output.
COPYRIGHT: (C)2011,JPO&INPIT

Abstract translation: 要解决的问题：提供一种用于检查包括历史信息的电子邮件的目的地电子邮件地址的装置，方法和计算机程序，所述历史信息在多个用户交换包括彼此的历史信息的电子邮件的情况下 消除了用户公开所引用的历史信息的内容的需要，并且防止电子邮件被错误地发送给用户非预期的目的地，从而保持机密性。

解决方案：包括历史信息的电子邮件，其中引用作为历史信息的多个用户之间交换的电子邮件。 作为包含历史信息的创建的电子邮件中引用的历史信息中包含的电子邮件地址的一部分或全部被收集为地址信息。 收集的地址信息被存储。 检查包括历史信息的电子邮件中设置的目的地电子邮件地址是否包含存储的地址信息，并且输出指示不包括地址信息的目的地电子邮件地址的警报信息。 版权所有（C）2011，JPO＆INPIT