it technology for safe & secure society in the asian region 2_dr. kazuo takaragi.pdf · promote...

1All Rights Reserved Copyright © 2009,Hitachi.Ltd.

Keynote Speech7th AFITFebruary 19th, 2009

Dr. Kazuo TakaragiSenior Chief ResearcherSystems Development Laboratory, Hitachi ,Ltd.

IT Technology for Safe & Secure Society in the Asian Region


Contents

Background1Security Technology: Component2

34

Security Technology: System & Service

All Rights Reserved Copyright © 2008, Hitachi. Ltd.

Knowledge Based Society


Contents


34





Economic Growth Strategy of Japan in Asia1-11-1

•Co-operate with Asian countries

•Contribute to the growth in Asia

•Enhance roles/

responsibilities

Outward Japan Industries in Asia

Innovation as link for two virtuous

cycles

Virtuous cycle of regional innovation

and demand

Homeward Japan

Virtuous cycle of local innovation

and demand

•Boost domestic demand

•Create good- quality employment

•Energize regions

•Aim to be world’s innovation center•Develop local industries•Increase productivity through IT•Reform service industries

Source: Ministry of Economy, Trade and Industry (September 2008)


Ubiquitous Computing Society1-21-2

IC tagIC tag

CellularCellular PhonePhone PCPC RFIDRFID

Smart CardSmart CardNetworkNetwork

Individuals

Businesses & Critical Infrastructures

Governments

•A person, apparatus, and a company are connected through the network across the boundary

•Critical issues: Security & Privacy

ServerServerStorageStorage


Security Issues & Japanese Gov’t Activities1-31-3

Society Are Under Various Threats⇒ Need to Strengthen Reliability/Security in the Society⇒ Japan’s Gov’t Promoting Infrastructure & Various Actions

VirusVirusInformation

Leakage Information

Leakage Cyber Crime Cyber Crime・Many Incidents/Accidents

・Lower Brand Image・Spyware・Infection by Bot

・DDOS Attack・SPAM Mail・Phishing

＊

Legal System StandardizationNational Policy・Private Information Protection・Electronic Signature・J-SOX and Others

・Security Evaluation and Management

・Security Mechanismse-Japan Strategy, e-Japan StrategyⅡ, IT New Reform Strategy, Secure Japan

Society InfrastructureSecure Society

Information SecurityPolicy Meeting

In place since May ‘05

ThreatThreat Threat

Cabinet’s InformationSecurity Center

In place since April ‘05

1st Information SecurityBasic Plan


Japan Network Security Market1-41-4

2008 2010 2012

The network security market will reach 948 billion yen (338 billion baht) in 2012

Service’s growth rate will be 21.3 percent from 2007 to 2012.Tool’s growth rate will be 9.5 percent.

Services: 303Tools: 645Services: 261

Tools: 595Services: 221Tools: 547

Services: 178Tools: 498Services: 136

Tools: 451Services: 115Tools: 409

Source: Fuji Chimera Research Institute, Inc. (August 2008)

Unit: Billion Yen

SaaS, Virtualization, Physical/Cyber Security


Contents


34





Hitachi Revenue by Business Segment2-12-1

Power & Industria l Systems

Logistics, Services, etc.

Electronic Services

Financial Services

Digital Media & Consumer Products

11%21%21%4%

26%

13%

10,248 Billion Yen

Revenue

15%10%

High Functional Materials

*As of March ‘07Information &Telecommunication Systems Number of

Employees 98,257(Hitachi total 384,444)

Number of Employees 98,257(Hitachi total 384,444)


Hitachi’s R&D on Security (1)

Promote both “R&D aiming to create world’s best technology” and “Proposal for the national strategy”

R&DR&DStrategyStrategy

LaboratoriesLaboratories UniversitiesUniversitiesSystems Development

Lab.Central Research Lab.Hitachi Research Lab.

(The University of Cambridge, Katholieke Universiteit Leuven, etc.)State institutionState institution

Ministries and agenciesResearch institute (AIST, NICT, etc.)

ISO, ITU, IETFStandardizationStandardization

PropositionResearch

National project

National strategyNational strategye.g. New IT Reform e.g. New IT Reform

StrategyStrategy

Overseas bases Overseas bases

Security R&D framework in HitachiSecurity R&D framework in Hitachi

HEU, HSAL, HAL, SNSL

HEU:Hitachi Europe Ltd. HSAL：Hitachi Sophia Antipolis Lab.HAL:Hitachi America Ltd. SNSL：SAN Solutions Lab.

Joint study

2-22-2


Hitachi’s R&D on Security (2)2-32-3

Cryptographyelliptic curve/

stream/quantum

PKIFirewall

/VPNauthentication

CVS

Digital watermarkalgorithm

BiometricsFinger Vein

Biometric ID system

Virus detection

Securityaudit

Infrastructure

Application Intrusion detection

Tamper-proof

Digital watermark

system

Service Authenticationservice

Critical infrastructure

Private InformationPrevention

Concentration in Core Concentration in Core CompetenceCompetence

Advanced DevelopmentAdvanced DevelopmentStart in advance and announce the results

(Conference/Newspapers/Patent)

Develop core technologies that support Hitachi and/or social

infrastructure on the core

Strategy of Creating Top Technologies in the WorldStrategy of Creating Top Technologies in the World

Priority Research Areas in SecurityPriority Research Areas in Security

Document Security

RFID

RFID：Radio Frequency Identification


Finger Vein Authentication2-42-4

Belongs to Each Individual

Not ViewableFrom Outside

No ChangeThru Entire LifeFinger Vein

User friendly (password-less),Highly accurate identification

Infrared Light

Camera

Finger

Finger Vein Pattern Matching

Hitachi’s Share in JapaneseBiometrics market in 2007(*)

- 40 %- 6 billion yen

(*) Source: Fuji Chimera Research Institute, Inc. (August 2008)

Biometrics Accuracy Usability Cost Privacy

Finger vein Very High Medium Medi- um

VeryPrivate

Fingerprint High Medium Low NoPrivacy

Face Medium High Medi- um

NoPrivacy


Finger Vein Authentication (R&D)2-52-5Server-Client Solution

OK/NG

ExtractionExtraction

SensorSensor

Server

Transfor-mation

Transfor-mation

Client

ParameterParameter

Enrolled dataEnrolled data

Enrollment Verification

Biometrics

MatchingMatching・Never restored・Revocable and updatable

AdvancedCancelable Biometrics:・Privacy protection: Server executes the matching without the raw biometric data known to the server.・No forgery: transformed data cannot be restored without user’s password.

cf. ConventionalITU-T X.1084:・Client executes the matching, server only acknowledges the result.


μ-chip

Advanced Concept of the world’s smallest RFID

2-62-6

Smallest chip size 0.4x0.4mm for product

HITACHI pavilion

Admission Reservation

Entrance gateCheck

Secure Ticket with μ-chip embedded

EXPO 2005 AICHI adopts µ-chipAdmission tickets contain µ-chips More than 20 million


Next-generation μ-chip (R&D)2-72-7Advanced research for downsizing

µ-Chip with an embedded antenna µ-Chip with an embedded antenna Dec. 2003

µ-Chip

0.4mm 0.4mm

antenna

•Easily embedded in paper materials•Sophisticated means of preventing counterfeiting the paper

0.4mm x 0.4mm with built-in antenna

Advanced

Super Micro RFIDSuper Micro RFIDISSCC 2007

0.05mm x 0.05mm RFID tag

•Will open the way to new applications for RFID tags

More Advanced


The image quality of the information embedded contents is at the world’s highest level. The image quality of the information embedded The image quality of the information embedded contents is at the worldcontents is at the world’’s highest level.s highest level.

• Information is embedded everywhere in the texts and drawings.

original Watermark embedded

Digital Watermark Technology2-82-8Hitachi’s Digital Watermark Technology for document paper


First business in the world utilizing digital watermarking technology for black and white documents. Prevention of information leakage from printed documents. Tracking management for the printed material.

Digital Watermark Print Solution

Notifying user identification and time of printingNotifyingNotifying user user identification identification and time of printingand time of printing

Paper document

2. Check document as apredefined proc.

2. Check document as apredefined proc.

PrinterScanner

PC

Software for embedding a digital watermark

Software for verification of the digital watermark

3. Digital watermark detection

3. Digital watermark detection

1. Document printed out

1. Document printed out

【verification】

2-92-9

Watermark embedded

original


Block CiphersJapan MISTY1, CamelliaMISTY1, CamelliaUS TDEACanada CAST-128US AESKorea SEED

Stream CiphersDedicated Key Stream GeneratorJapan MUGIMUGISweden SNOW2.0

Output FunctionJapan MULTIMULTI--S01S01 output functionbinary-additive output function

Asymmetric CiphersJapan HIME(R),HIME(R), PSEC-KEM Germany ACE-KEMUS RSA-ES, RSA-KEM,

ECIES-KEM

Number of AlgorithmsHitachi:3Hitachi:3

Hitachi MULTI 2 : Digital TV Tuner, etc.

M6 : DTCP* HDD Recorder, etc.

Cryptography2-102-10De Facto Standard

De Jure Standard (ISO/IEC 18033)

*

Digital Transmission Content Protection


Contents

Background1Security Technology: Elemental Technologies2

34





CVS (Certificate Validation Server)

CVS : Certificate Validation Server CA : Certification Authority

BCA

Internetsignature

Application form

Citizenship certificate

Government (B department officer)

signature

Citizen A

Department A CA

Department B CA

Bridge CA

Prefecture X CA

Prefecture Y CA

Bridge CA

GPKILGPKI Individual

authentication

・high speed validation of certificates

・one-stop service for validation

Officer certificate

CVS CVSCVS

Exclusive application to Japanese GPKI/LGPKI, public individual authentication platforms, which are the world’s largest authentication system High speed validation of digital certificates issued by CA for electronic application/e-commerce

Exclusive application to Exclusive application to Japanese GPKI/LGPKI, public individual Japanese GPKI/LGPKI, public individual authentication platforms, which areauthentication platforms, which are the worldthe world’’s largest authentication s largest authentication systemsystemHigh speed validation of digital certificates issued by CA for eHigh speed validation of digital certificates issued by CA for electronic lectronic application/eapplication/e--commercecommerce

Two-way authentication


Application form


3-13-1

CVS

electronic application declaration


Secure Service Platform (SSP)

SSP : Secure Service PlatformCVS : Certificate Validation Server SIP : Session Initiation Protocol

Advanced fundamental technology in enhancing the security of the Internet. Realization of secure service platform “SSP” that enables secure, reliable communication between otherwise uncertain individuals in ubiquitous environment.

Advanced fundamental technology in enhancing the security of the Internet.Realization of secure service platform “SSP” that enables secure, reliable communication between otherwise uncertain individuals in ubiquitous environment.

User ASecure channelSecure channel

User B

Unauthorized user

SSP server(SIP + CVS)certificate certificate

Certificate Certificate validationvalidation

Certificate authority 1

Certificate authority N

User C

Reject all sessions except the ones by way of SSP

Internet

SSP feature

Session management

Digital certificate validation(CVS)

Cryptographic key generation/distribution (at every channel)

Direction of the business: Aimed at…• domestic & international carrier/ISP• corporate information system

Direction of the business: Aimed atDirection of the business: Aimed at……•• domestic & international carrier/ISPdomestic & international carrier/ISP•• corporate information system corporate information system

3-23-2


Contents

4 Knowledge Based Society


Security Technology: Component


Background123


The Uprise of Knowledge Based Society4-14-1

DesireSatisfaction

Social richness

IndustrializedIndustrialized InformatizedInformatized

Era

Electronics

products

Utilization

productsDiversity of productsSophisticated functionsDiversity of productsSophisticated functions

Diversity of usageNew values

Diversity of usageNew values

information

products

Ubiquitous Information SocietyUbiquitous Information SocietyKnowledge basedKnowledge based

information

Society

knowledge


What to Do Now: Design of Information Sharing4-24-2

What to do:- Gather technical background. E.g. SAML, Liberty, PKI, SSP, ・・・- Technical/Political system design

Market: Food, Labor, Transport, Medical Treatment, Health, Environment, Energy, Leisure, Entertainment, etc.

RetailerRetailer

SalesＤＢ

LogisticsLogistics

LogisticsＤＢ

ProducerProducer ConsumersConsumers

Company ACompany ADB

ProcessProcess

ManufacturingＤＢ

Interface for Information Sharing

Purpose：Share the information of services among stakeholders for Safe & Secure Society

Company BCompany BDB

Interface for Information Sharing

Information sharing

Cross domain

DB: Data Base, SAML: Security Assertion Markup Language, PKI: Public Key Infrastructure, SSP: Secure Service Platform


Social Infrastructure including virtuous nature of culture

Innovation Creating Infrastructure4-34-3

Real World“Value” Creation Field

People in the Asian Region

“Value”

IT Infrastructure

Fusion of “Information &

Knowledge”Infrastructure

CreateConnect Communicate

Visualize ProtectStore

“Information & Knowledge” Create new value of

Knowledge by sharing information

Fusion of “Information &

Knowledge”Field

“Information & Knowledge”


Oriental sense of values :仁 "Dear feeling to others and tenderness are practiced" 義 "Priority is given to protecting the right deed over profits " 孝 “Parents are valued” ・・・

Technical/Political system design

Seeing Virtuous Nature4-44-4

Western sense of values :Wisdom "Deep reason is realized" Justice "Society and human being are corrected in the figure which should exist such"・・・

Seeing virtuous nature of culture each other such as:

Share trusted information, knowledge/wisdom to realize valuable business cooperation


Ending

Thank you for your attention!


it technology for safe & secure society in the asian region 2_dr. kazuo takaragi.pdf · promote...

Documents