Vol.2 No.1 (Winter, 2005)

Special Issue: Security for Network Society

IKUM Koichi
Senior Vice President

Cyber attacks by means of viruses and worms are not only increasing in number but infection rates are also speeding up year by year with a consequent aggravation of the effects. This trend sometimes results in the infected systems being incapable of continuing operations over an extensive period of time. Personal information leakage incidents are also tending to be on the increase. The issue has clearly become one of the biggest threats to effective management with average payments for damages currently reaching 550 million yen. This figure represents an average for the 51 cases whose claim damages are able to be estimated out of the 57 cases for the year 2003 reported from the JNSA (Japan Network Security Association). On the other hand, new network systems are being introduced as a result of an expansion of services using broadband and also because of the dissemination and application of the ‘ubiquitous’ concept. Network safety and convenience are also posing issues that are related to security.

NEC’s Efforts for Security

KIMURA Michihiro

For any organization, security is indispensable. New issues on security become obvious as a result of technical innovation, fluidization of social structures and diversification of values. Therefore, it is becoming difficult to maintain security in the current manner. In this paper, after first surveying the issues resulting from changes to the latest business environment, I go on to introduce the security business strategy of NEC and then to outline security solutions and services.

SUGIURA Masashi

This paper is intended to summarize the security solutions of NEC together with the present trends of its recently enhanced security consulting business. The paper also provides simple explanations on various kinds of consulting business and introduces the security consulting menus offered by NEC.

Detection and Recognition Technologies

Yihong GONG

In this paper, we describe a novel multi-object tracking technique that integrates object detection into the object tracking process and solves the tracking problem by finding the globally optimized object trajectories through the multiple hypothesis analysis. The detection module recognizes the target objects in each frame of the video stream. The tracking module accumulates the detection results in a graph-like structure and maintains multiple hypotheses of objects trajectories. The hypotheses are ranked by their likelihoods which are computed over a sufficient number of frames, and the most likely hypothesis is used to generate the object tracking result. At the same time, the tracking module gives feedbacks to the object detection module, which are predictions of object locations in subsequent frames. Through such tight integration of the object detection and tracking, as well as the global optimization of object trajectories, we have accomplished not only robust and efficient object tracking, but also the ability to deal with occlusions, irregular object motions, changing appearances, etc. which are the challenging problems for most traditional tracking methods.

UCHIDA Kaoru

Biometrics technology, which uses physical or behavioral characteristics to identify users, has come to attract increased attention as a means of reliable personal authentication that helps establish the identity of an actual user. Among various modalities of biometrics, fingerprints are known to have the longest history of actual use in law enforcement applications with proven performance. This paper surveys the state of the art in fingerprint identification technology. The current trend of fingerprint sensing and identification algorithms are presented first in detail in order to show how fingerprint-based systems work and then some topics with regard to fingerprint identification are discussed. These include actual examples of fingerprint-based personal identification systems, large-scale fingerprint identification systems (AFIS), international activities on standardization and performance evaluation, and a “Fingerprint User Interface” (FpUI), which is a new type of application of this technology used to enhance human-machine interactions.

SATO Atsushi, IMAOKA Hitoshi, SUZUKI Tetsuaki, HOSOI Toshinori

This paper describes advances in the authors’ face detection and recognition technologies. For face detection, a hierarchical scheme for combined face and eye detection has been developed based on the Generalized Learning Vector Quantization method to achieve precise face alignment. For face recognition, the perturbation space method has been improved to reduce the adverse effects of illumination changes as well as pose changes by using a standard face model. Experimental results have revealed that the proposed method outperforms our previously employed method.

Falsification Prevention and Protection Technologies and Products

MIYAUCHI Koji

XML is spreading quickly as a format for electronic documents and messages. As a consequence, greater importance is being placed on the XML security technology. Against this background research and development efforts into XML security are being energetically pursued. This paper discusses the W3C XML Signature and XML Encryption specifications, which represent the fundamental technology of XML security, as well as other related technologies originally developed by NEC.

KAWAKITA Masaru, YANOO Kazuo, HOSOKAWA Masahiro
TERASAKI Hiroshi, AOKI Satoshi, USUBA Toshimitsu

We have developed InfoCage, which is an information leakage protection software product. InfoCage is a security solution that prevents information leakage from an organization by limiting the confidential data move operations performed by users who are authorized to access secure servers. This paper focuses on the data move control function, which is one of the technical features of the product.

TANAKA Nobuyoshi, FUKUDA Koji, NAKADA Hiroaki, SHIMOKAWA Hiroki

“:Quarantine,” new antivirus technology, has been getting increasing attention due to the recent emergence of harmful worms such as SQLSlammer, Blaster and Nachi. This technology is designed to prevent insecure PC’s connect to enterprise network at border. NEC has worked on developing this technology for a while and has recently started to ship the “PC Quarantine System,” integrated with the cyber attack protection system “CapsSuite V3.0,” has various unique features which other vendors’ products do not have. This paper outlines and describes the features of the “PC Quarantine System.”

NAKAE Masayuki, OGAWA Ryuichi, SATO Yasushi, SHIOZAWA Sonomi

Conventional server applications such as Web applications usually perform their tasks through the collaboration of several processes including CGI processes and shell processes, etc. If any of the processes are taken over by attackers, the security of the entire applications could be compromised. To protect the server applications, it is necessary to protect all related processes. We propose a behavior-based process confinement method that restricts irregular process behavior. This method prevents the process behavior from violating given rules, called Context-Sensitive Policies (CSP). CSP’s specify not only a set of system calls that each process is permitted to invoke, but also the relationship between system call sequences and application-dependent specifications, so that they can correctly describe the normal behavior of server applications. This paper describes a CSP matching algorithm with actual process events and how the algorithm efficiently prevents the processes from being taken over by attacks such as code injection. This paper also describes the implementation of this method and the result of its evaluation.

YAMANISHI Kenji, TAKEUCHI Jun-ichi, MARUYAMA Yuko

It becomes increasingly important to detect intrusions with unknown patterns in order to protect our business from cyber terrorism threats. This paper introduces data mining technologies designed for this purpose; SmartSifter (outlier detection engine), ChangeFinder (change-point detection engine), AccessTracer (anomalous behavior detection engine). All of them are able to learn statistical patterns of logs adaptively and to detect intrusions as statistical anomalies relative to the learned patterns. We briefly overview the principles of these engines and illustrate their applications to network intrusion detection, worm detection, and masquerader detection.

SHIRAKAWA Takahisa

NEC attaches great importance to security for its business PCs (The brand names of NEC’s business PCs are Mate and VersaPro). This approach is used because NEC thinks that the PC is a key element in maintaining the security of the overall business system. For example, it has now become necessary to handle secret information by using a PC in various settings in the world of business. This paper introduces NEC opinion on security systems, essentials and viewpoints. It also comments on “Trusted Computing” by discussing the activities of the Trusted Computing Group (TCG) which is the industry organization, and summarizes TCG specifications. In conjunction with the above, the solutions that NEC has achieved by utilizing the Trusted Platform Module (TPM) are introduced.

Fundamental Security Technologies

SAKO Kazue, YONEZAWA Shoko, TERANISHI Isamu

This paper presents NEC’s activities on anonymous authentication. Anonymous authentication is a means of authorizing a user without identification. The technology serves as a breakthrough to enhance the privacy of the user and yet preserve the security of the system. A well-known example of such an authentication scheme is called the ‘group signature scheme,’ where a user can be authorized as a group member without identifying the name of the member. We propose a new group signature schemes that solve the member revocation problem and the centralized authority problem. We further propose a new notion of k-times anonymous authentication, whereby unlike the group signature scheme; no authority can identify a user who has accessed less than k-times.

TOMITA Akihisa, NAMBU Yoshihiro, TAJIMA Akio

Recent developments in Quantum Key Distribution (QKD) system are reviewed. A high sensitivity photon detector combining the two avalanche photon diodes (APD) has been demonstrated for qubit discrimination in 1,550nm. A stable interferometer on a planer light-wave circuit (PLC) has been developed. Single-photon interference over 150km has been achieved as a result of the above improvements. A temperature insensible QKD system is being developed for high speed (100kbps) key transmission over a 40km fiber.

From the Keynote Speech at C&C User Forum 2004

KANASUGI Akinobu
President, NEC Corporation

We have already discussed much about the Ubiquitous Environment and now we would like to review what exactly “Ubiquitous” is. “Ubiquitous” is characterized by the possibility of connecting with an object, or “anything.” This is in addition to other properties often spoken of, such as “anytime,” “anywhere” and “anyone.” Moreover, we must create an environment in which these properties can be enjoyed “worldwide”

News