公开(公告)号：JP2012226508A

公开(公告)日：2012-11-15

申请号：JP2011092735

申请日：2011-04-19

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： URAMOTO NAOHIKO ,  AKIYAMA KAZUTO ,  KUDO MICHIHARU ,  TAKAHASHI HITOMI

IPC: G06F13/00 ,  G06F11/20 ,  G06F11/30

CPC classification number: H04L63/1408 ,  H04L67/12

Abstract: PROBLEM TO BE SOLVED: To take appropriate actions when an anomaly is detected in industrial control systems.SOLUTION: A communication control system for controlling communication among multiple industrial control systems connected via a network includes: a communication relay apparatus for relaying communication between at least two industrial control systems; a monitoring section for monitoring the multiple industrial control systems; and a control section for switching, if the monitoring section detects an anomaly from at least one of the industrial control systems, communication between the industrial control system with the anomaly detected and another industrial control system so that the communication is performed via the communication relay apparatus.

Abstract translation: 要解决的问题：在工业控制系统中检测到异常时采取适当的措施。 解决方案：用于控制经由网络连接的多个工业控制系统之间的通信的通信控制系统包括：用于中继至少两个工业控制系统之间的通信的通信中继装置; 监测多个工业控制系统的监测部分; 以及用于切换的控制部分，如果所述监视部分检测到来自所述工业控制系统中的至少一个的异常，则所述工业控制系统与所检测到的异常的通信与另一个工业控制系统之间的通信，以使得经由所述通信中继装置 。 版权所有（C）2013，JPO＆INPIT

公开(公告)号：JP2008299414A

公开(公告)日：2008-12-11

申请号：JP2007142191

申请日：2007-05-29

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： SEKI DAISHIN ,  MAKINO SATOSHI ,  URAMOTO NAOHIKO ,  YOSHIHAMA SACHIKO

IPC: G06F21/22 ,  G06F13/00 ,  G06F21/24

CPC classification number: G06F21/51

Abstract: PROBLEM TO BE SOLVED: To perform access control based on a policy such that harmful processing is not performed to a file of a Web server from an unreliable site by a script such as JavaScript included in a content input from the outside. SOLUTION: By performing the access control based on origin of a portion of a document in each portion of the document inside the HTML document constituting a Web page, it is prevented that the content provided by an ill-intentioned user or a server unauthorizedly performs reading/writing to another portion of the HTML document. That is, by automatically attaching a label expressing a domain that is the origin of the content (including a JavaScript program) to the content on the server side, the access control (cross domain access control) astride a domain on a client side becomes possible. A set of the content, metadata, and the access control policy is sent from the server side to the client side. COPYRIGHT: (C)2009,JPO&INPIT

Abstract translation: 要解决的问题：执行基于策略的访问控制，使得不通过由外部输入的内容中包含的诸如JavaScript的脚本从不可靠站点对Web服务器的文件执行有害处理。 解决方案：通过在构成网页的HTML文档内部的文档的每个部分中基于文档的一部分的原点执行访问控制，防止由不良用户或服务器提供的内容 未经授权地对HTML文档的另一部分执行读取/写入操作。 也就是说，通过将表示作为内容的起源（包括JavaScript程序）的域的标签自动附加到服务器侧的内容，跨越客户端的域的访问控制（跨域访问控制）成为可能 。 一组内容，元数据和访问控制策略从服务器端发送到客户端。 版权所有（C）2009，JPO＆INPIT

公开(公告)号：JP2006339895A

公开(公告)日：2006-12-14

申请号：JP2005160528

申请日：2005-05-31

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： SAKUMA ATSUSHI ,  URAMOTO NAOHIKO

IPC: H04L9/32 ,  G06F19/00 ,  G06F19/28

CPC classification number: G06F21/6254

Abstract: PROBLEM TO BE SOLVED: To more efficiently sort the private data held by each holder than in the prior art without being known by other holders. SOLUTION: The system sorts a plurality of private data (PD) a plurality of parties hold every kind. Each of the plurality of parties has an encrypt key commutable about the order in a multiple encryption. At every kind of already sorted PD, the system selects typical parties P1, P3 of parties holding the kind of PD, exchanges encrypted data of each party's PD between P1, P3 and a target party P5, encrypts each encrypted data obtained by P5 with an encrypt key of P5 to obtain data 1, further encrypts the encrypted data obtained by P1, P3 to obtain data 2 using encrypt keys of P1, P3, and decides that P1, P3 and P5 have the same kind of PD if the data 1 of P1, P3 agree with the data 2. COPYRIGHT: (C)2007,JPO&INPIT

Abstract translation: 要解决的问题：为了更有效地分类每个持有人所持有的私人数据而不是现有技术，而不被其他持有者所知。 解决方案：系统对多个私人数据（PD）进行排序，多个对象持有。 多个方中的每一方具有可以在多重加密中与订单交换的加密密钥。 在每种已经排序的PD中，系统选择持有该类PD的各方的典型方P1，P3，在P1，P3和目标方P5之间交换各方PD的加密数据，对P5获得的每个加密数据进行加密 P5的加密密钥获取数据1，进一步加密由P1，P3获得的加密数据，以使用P1，P3的加密密钥获取数据2，并且如果数据1的数据1为1，则确定P1，P3和P5具有相同类型的PD P1，P3同意数据2.版权所有（C）2007，JPO＆INPIT

公开(公告)号：JP2002164884A

公开(公告)日：2002-06-07

申请号：JP2000336586

申请日：2000-11-02

Applicant: IBM

Inventor： MARUYAMA HIROSHI ,  URAMOTO NAOHIKO

IPC: G06Q10/00 ,  G06Q50/00 ,  G09C1/00 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  G06F17/60

Abstract: PROBLEM TO BE SOLVED: To provide a security function using electronic signature without the need to change application programs, by mounting means, which conduct electronic signature, verification, and logging of messages received/transmitted via networks, in the form of a proxy server. SOLUTION: An application 10, which conducts data processing, and a signature proxy server 20 connected with the application 10 via a LAN 100 are provided. The signature proxy server 20 intercepts message communication from the application 10 to external devices of the LAN 100, conducts electronic signature on message documents in this message communication, and transmits message documents attached with the electronic signature to a device of transmission destination.

公开(公告)号：CA2611429C

公开(公告)日：2015-03-24

申请号：CA2611429

申请日：2006-06-08

Applicant: IBM

Inventor： INOKUCHI AKIHIRO ,  URAMOTO NAOHIKO

IPC: G06F17/30 ,  G06F19/00 ,  G06Q50/22 ,  G16H10/60

Abstract: A medical guide service for a doctor, a patient, a general user, and a medical institution. The medical guide system may include a unit that creates medical record data and a unit that extracts the medical record data for each patient. The unit that extracts the medical record data uses examination data before a predetermined dividing point in a chronological order as before-dividing-point data and treatment data after the predetermined dividing point in the chronological order as after-dividing-point data. A unit extracts a treatment pattern from the after-dividing-point data. Another unit derives a rule that associates the examination results with the treatment pattern from the treatment pattern and the before-dividing-point data.

公开(公告)号：JP2012212380A

公开(公告)日：2012-11-01

申请号：JP2011078466

申请日：2011-03-31

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： YOSHIHAMA SACHIKO ,  MUNETO SEIJI ,  URAMOTO NAOHIKO ,  SUZUKI SACHIKO ,  HITO SHOHEI

IPC: G06F21/22

CPC classification number: G06F8/65 ,  G06F11/1433 ,  G06F21/566 ,  G06F2221/033

Abstract: PROBLEM TO BE SOLVED: To distinguish between an attack with unauthorized access and a change of behavior resulted from an authorized software update to information processing units.SOLUTION: An inspection apparatus is used for inspecting an information processing unit to which software updates are applied. The inspection apparatus includes a collection component configured to collect behavior, for each of a plurality of software updates, of the information processing unit to which one software update is applied. The apparatus also includes a determination component configured to compare the behaviors collected for each of the plurality of software updates to one another to determine whether the behavior of the information processing unit after the one software update is applied thereto is normal.

Abstract translation: 要解决的问题：区分未经授权的访问攻击和由授权的软件更新到信息处理单元所导致的行为变化。

解决方案：检查装置用于检查应用了软件更新的信息处理单元。 检查装置包括：收集部件，被配置为针对应用了一个软件更新的信息处理单元收集用于多个软件更新中的每一个的行为。 该装置还包括确定部件，其被配置为将针对多个软件更新中的每一个收集的行为彼此进行比较，以确定在一个软件更新之后信息处理单元的行为是否正常。 版权所有（C）2013，JPO＆INPIT

公开(公告)号：JP2012159997A

公开(公告)日：2012-08-23

申请号：JP2011018948

申请日：2011-01-31

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： WATANABE YUJI ,  URAMOTO NAOHIKO

IPC: G06Q50/10 ,  G06Q50/30

CPC classification number: H04W4/021 ,  G06F17/30943 ,  G06Q30/0201 ,  G06Q50/30 ,  G07B15/06 ,  G08G1/0112 ,  G08G1/0129 ,  G08G1/0141 ,  H04W4/028

Abstract: PROBLEM TO BE SOLVED: To provide a technique by which trace data derived from record data collected from a V2X communication system is disclosed only when the trace data satisfies a certain condition.SOLUTION: In an inventive technique for controlling the disclosure of trace data related to traveling objects, ranges wand/or transit time ranges (s, e) (j is an integer of 1, 2, ..., L) of the ranges ware calculated at each L regions of a certain range, such that the condition that the L regions are passed within a predetermined period of time is satisfied and k (k is an integer of 2 or more) or more traveling objects exist, and according to that the traveling objects move in the calculated ranges win the calculated transit time ranges (s, e), the calculated trace data or a part of the trace data is returned as a search result.

Abstract translation: 要解决的问题：提供一种技术，通过该技术，只有当跟踪数据满足一定条件时，才能公开从V2X通信系统收集的记录数据导出的跟踪数据。 解决方案：在用于控制与旅行对象相关的跟踪数据的公开的创新技术中，范围w j /或传送时间范围（s j ）（j是1,2，...，L的整数） 在一定范围的每个L个区域中计算> j ，使得满足L个区域在预定时间段内通过的条件，并且k（k是2以上的整数）或更多行进 并且根据所计算的通行时间范围（s j ）中的移动对象在计算出的范围w j ，e j ），返回计算的跟踪数据或跟踪数据的一部分作为搜索结果。 版权所有（C）2012，JPO＆INPIT

公开(公告)号：JP2009134653A

公开(公告)日：2009-06-18

申请号：JP2007311726

申请日：2007-11-30

Applicant: Internatl Business Mach Corp ,  インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Maschines Corporation

Inventor： URAMOTO NAOHIKO

IPC: G06F21/24 ,  G06F12/00

CPC classification number: G06F21/6218 ,  G06F2221/2141

Abstract: PROBLEM TO BE SOLVED: To provide an access control method and a server device for changing response information from data stored in a network resource or access request information to the data on the basis of an access control value. SOLUTION: An access control method is performed by a network server to which a plurality of user client terminals are connected. In the access control method, in response to accesses from users to data stored in the network resource, the access control method searches a plurality of access control rules prepared in advance so as to control accesses from the users and each including an access control value which has one of a finite integer number of values, based on at least either of information on the user or information on the data. Then, on the basis of the searched access control rule, the access control value is determined. Thereafter, response information from the data or access request information to the data is changed on the basis of the determined access control value. COPYRIGHT: (C)2009,JPO&INPIT

Abstract translation: 要解决的问题：提供一种访问控制方法和服务器设备，用于根据访问控制值将存储在网络资源中的数据或访问请求信息改变为数据。 解决方案：访问控制方法由连接有多个用户客户终端的网络服务器执行。 在访问控制方法中，响应于从用户对存储在网络资源中的数据的访问，访问控制方法搜索预先准备的多个访问控制规则，以便控制来自用户的访问，并且每个包括访问控制值， 基于关于用户的信息或关于数据的信息中的至少一个，具有有限整数值的值之一。 然后，根据搜索到的访问控制规则，确定访问控制值。 此后，基于确定的访问控制值来改变从数据或访问请求信息到数据的响应信息。 版权所有（C）2009，JPO＆INPIT

公开(公告)号：JP2002041776A

公开(公告)日：2002-02-08

申请号：JP2000199021

申请日：2000-06-30

Applicant: IBM

Inventor： NAKAMURA YUICHI ,  HIDAKA KAZUYOSHI ,  URAMOTO NAOHIKO

IPC: G06Q10/00 ,  G06Q20/00 ,  G06Q20/02 ,  G06Q20/10 ,  G06Q20/14 ,  G06Q30/02 ,  G06Q30/06 ,  G06Q40/00 ,  G06Q40/02 ,  G06Q40/04 ,  G06Q50/00 ,  G06F17/60

Abstract: PROBLEM TO BE SOLVED: To save the user's labor and time for management by allowing a user (customer) to leav his or her household account book information on a server side and to make a financial institution, etc., as the server side positively use the customer's household account book information for advertisement. SOLUTION: This hosting service system for household account book information is equipped with a user terminal 8 which is connected to a network and a service provider (financial institution) 10 which is connected through the network and provides household account book information 12 by users including plural items to the user terminal 8 and this service provider (financial institution) 10 generates additional information based upon the analysis result of the household account book information 12 by an information processing module 15 for specific items of the household account book information 12 by the users, adds the additional information to the household account book information 12, and provides them to the user terminal 8.

公开(公告)号：SG194695A1

公开(公告)日：2013-12-30

申请号：SG2013080361

申请日：2012-05-08

Applicant: IBM

Inventor： KUDOH MICHIHARU ,  URAMOTO NAOHIKO ,  AKIYAMA KAZUHITO

Abstract: [Document type]Abstract [Title of the Invention]ANOMALY DETECTION SYSTEM FOR DETECTING ANOMALY IN MULTIPLE CONTROL SYSTEMS[Abstract][Problem to be Solved]To allow multiple industrial control systems to cooperate to detect an anomaly.[Solution]An anomaly detection system for detecting an anomaly in a plurality of control systems comprises a plurality of analysis devices that are associated with the respective control systems and that acquire an event occurring in an associated control system and analyze the event to determine whether there is an anomaly. A first analysis device among the plurality of analysis devices determines whether an event occurring in the associated control system is to be indicated to a second analysis device among the plurality of analysis devices, and the second analysis device determines that there is an anomaly on condition that the event indicated by the first analysis device has correlation with an event indicated by an analysis device other than the first analysis device. [Selected Drawing] Figure 2