it technology for safe & secure society in the asian region 2_dr. kazuo takaragi.pdf · promote...
TRANSCRIPT
1All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Keynote Speech7th AFITFebruary 19th, 2009
Dr. Kazuo TakaragiSenior Chief ResearcherSystems Development Laboratory, Hitachi ,Ltd.
IT Technology for Safe & Secure Society in the Asian Region
2All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Contents
Background1Security Technology: Component2
34
Security Technology: System & Service
All Rights Reserved Copyright © 2008, Hitachi. Ltd.
Knowledge Based Society
3All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Contents
Background1Security Technology: Component2
34
Security Technology: System & Service
All Rights Reserved Copyright © 2008, Hitachi. Ltd.
Knowledge Based Society
4All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Economic Growth Strategy of Japan in Asia1-11-1
•Co-operate with Asian countries
•Contribute to the growth in Asia
•Enhance roles/
responsibilities
Outward Japan Industries in Asia
Innovation as link for two virtuous
cycles
Virtuous cycle of regional innovation
and demand
Homeward Japan
Virtuous cycle of local innovation
and demand
•Boost domestic demand
•Create good- quality employment
•Energize regions
•Aim to be world’s innovation center•Develop local industries•Increase productivity through IT•Reform service industries
Source: Ministry of Economy, Trade and Industry (September 2008)
5All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Ubiquitous Computing Society1-21-2
IC tagIC tag
CellularCellular PhonePhone PCPC RFIDRFID
Smart CardSmart CardNetworkNetwork
Individuals
Businesses & Critical Infrastructures
Governments
•A person, apparatus, and a company are connected through the network across the boundary
•Critical issues: Security & Privacy
ServerServerStorageStorage
6All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Security Issues & Japanese Gov’t Activities1-31-3
Society Are Under Various Threats⇒ Need to Strengthen Reliability/Security in the Society⇒ Japan’s Gov’t Promoting Infrastructure & Various Actions
VirusVirusInformation
Leakage Information
Leakage Cyber Crime Cyber Crime・Many Incidents/Accidents
・Lower Brand Image・Spyware・Infection by Bot
・DDOS Attack・SPAM Mail・Phishing
*
Legal System StandardizationNational Policy・Private Information Protection・Electronic Signature・J-SOX and Others
・Security Evaluation and Management
・Security Mechanismse-Japan Strategy, e-Japan StrategyⅡ, IT New Reform Strategy, Secure Japan
Society InfrastructureSecure Society
Information SecurityPolicy Meeting
In place since May ‘05
ThreatThreat Threat
Cabinet’s InformationSecurity Center
In place since April ‘05
1st Information SecurityBasic Plan
7All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Japan Network Security Market1-41-4
2008 2010 2012
The network security market will reach 948 billion yen (338 billion baht) in 2012
Service’s growth rate will be 21.3 percent from 2007 to 2012.Tool’s growth rate will be 9.5 percent.
Services: 303Tools: 645Services: 261
Tools: 595Services: 221Tools: 547
Services: 178Tools: 498Services: 136
Tools: 451Services: 115Tools: 409
Source: Fuji Chimera Research Institute, Inc. (August 2008)
Unit: Billion Yen
SaaS, Virtualization, Physical/Cyber Security
8All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Contents
Background1Security Technology: Component2
34
Security Technology: System & Service
Knowledge Based Society
All Rights Reserved Copyright © 2008, Hitachi. Ltd.
9All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Hitachi Revenue by Business Segment2-12-1
Power & Industria l Systems
Logistics, Services, etc.
Electronic Services
Financial Services
Digital Media & Consumer Products
11%21%21%4%
26%
13%
10,248 Billion Yen
Revenue
15%10%
High Functional Materials
*As of March ‘07Information &Telecommunication Systems Number of
Employees 98,257(Hitachi total 384,444)
Number of Employees 98,257(Hitachi total 384,444)
10All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Hitachi’s R&D on Security (1)
Promote both “R&D aiming to create world’s best technology” and “Proposal for the national strategy”
R&DR&DStrategyStrategy
LaboratoriesLaboratories UniversitiesUniversitiesSystems Development
Lab.Central Research Lab.Hitachi Research Lab.
(The University of Cambridge, Katholieke Universiteit Leuven, etc.)State institutionState institution
Ministries and agenciesResearch institute (AIST, NICT, etc.)
ISO, ITU, IETFStandardizationStandardization
PropositionResearch
National project
National strategyNational strategye.g. New IT Reform e.g. New IT Reform
StrategyStrategy
Overseas bases Overseas bases
Security R&D framework in HitachiSecurity R&D framework in Hitachi
HEU, HSAL, HAL, SNSL
HEU:Hitachi Europe Ltd. HSAL:Hitachi Sophia Antipolis Lab.HAL:Hitachi America Ltd. SNSL:SAN Solutions Lab.
Joint study
2-22-2
11All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Hitachi’s R&D on Security (2)2-32-3
Cryptographyelliptic curve/
stream/quantum
PKIFirewall
/VPNauthentication
CVS
Digital watermarkalgorithm
BiometricsFinger Vein
Biometric ID system
Virus detection
Securityaudit
Infrastructure
Application Intrusion detection
Tamper-proof
Digital watermark
system
Service Authenticationservice
Critical infrastructure
Private InformationPrevention
Concentration in Core Concentration in Core CompetenceCompetence
Advanced DevelopmentAdvanced DevelopmentStart in advance and announce the results
(Conference/Newspapers/Patent)
Develop core technologies that support Hitachi and/or social
infrastructure on the core
Strategy of Creating Top Technologies in the WorldStrategy of Creating Top Technologies in the World
Priority Research Areas in SecurityPriority Research Areas in Security
Document Security
RFID
RFID:Radio Frequency Identification
12All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Finger Vein Authentication2-42-4
Belongs to Each Individual
Not ViewableFrom Outside
No ChangeThru Entire LifeFinger Vein
User friendly (password-less),Highly accurate identification
Infrared Light
Camera
Finger
Finger Vein Pattern Matching
Hitachi’s Share in JapaneseBiometrics market in 2007(*)
- 40 %- 6 billion yen
(*) Source: Fuji Chimera Research Institute, Inc. (August 2008)
Biometrics Accuracy Usability Cost Privacy
Finger vein Very High Medium Medi- um
VeryPrivate
Fingerprint High Medium Low NoPrivacy
Face Medium High Medi- um
NoPrivacy
13All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Finger Vein Authentication (R&D)2-52-5Server-Client Solution
OK/NG
ExtractionExtraction
SensorSensor
Server
Transfor-mation
Transfor-mation
Client
ParameterParameter
Enrolled dataEnrolled data
Enrollment Verification
Biometrics
MatchingMatching・Never restored・Revocable and updatable
AdvancedCancelable Biometrics:・Privacy protection: Server executes the matching without the raw biometric data known to the server.・No forgery: transformed data cannot be restored without user’s password.
cf. ConventionalITU-T X.1084:・Client executes the matching, server only acknowledges the result.
14All Rights Reserved Copyright © 2009,Hitachi.Ltd.
μ-chip
Advanced Concept of the world’s smallest RFID
2-62-6
Smallest chip size 0.4x0.4mm for product
HITACHI pavilion
Admission Reservation
Entrance gateCheck
Secure Ticket with μ-chip embedded
EXPO 2005 AICHI adopts µ-chipAdmission tickets contain µ-chips More than 20 million
15All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Next-generation μ-chip (R&D)2-72-7Advanced research for downsizing
µ-Chip with an embedded antenna µ-Chip with an embedded antenna Dec. 2003
µ-Chip
0.4mm 0.4mm
antenna
•Easily embedded in paper materials•Sophisticated means of preventing counterfeiting the paper
0.4mm x 0.4mm with built-in antenna
Advanced
Super Micro RFIDSuper Micro RFIDISSCC 2007
0.05mm x 0.05mm RFID tag
•Will open the way to new applications for RFID tags
More Advanced
16All Rights Reserved Copyright © 2009,Hitachi.Ltd.
The image quality of the information embedded contents is at the world’s highest level. The image quality of the information embedded The image quality of the information embedded contents is at the worldcontents is at the world’’s highest level.s highest level.
• Information is embedded everywhere in the texts and drawings.
original Watermark embedded
Digital Watermark Technology2-82-8Hitachi’s Digital Watermark Technology for document paper
17All Rights Reserved Copyright © 2009,Hitachi.Ltd.
First business in the world utilizing digital watermarking technology for black and white documents. Prevention of information leakage from printed documents. Tracking management for the printed material.
Digital Watermark Print Solution
Notifying user identification and time of printingNotifyingNotifying user user identification identification and time of printingand time of printing
Paper document
2. Check document as apredefined proc.
2. Check document as apredefined proc.
PrinterScanner
PC
Software for embedding a digital watermark
Software for verification of the digital watermark
3. Digital watermark detection
3. Digital watermark detection
1. Document printed out
1. Document printed out
【verification】
2-92-9
Watermark embedded
original
18All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Block CiphersJapan MISTY1, CamelliaMISTY1, CamelliaUS TDEACanada CAST-128US AESKorea SEED
Stream CiphersDedicated Key Stream GeneratorJapan MUGIMUGISweden SNOW2.0
Output FunctionJapan MULTIMULTI--S01S01 output functionbinary-additive output function
Asymmetric CiphersJapan HIME(R),HIME(R), PSEC-KEM Germany ACE-KEMUS RSA-ES, RSA-KEM,
ECIES-KEM
Number of AlgorithmsHitachi:3Hitachi:3
Hitachi MULTI 2 : Digital TV Tuner, etc.
M6 : DTCP* HDD Recorder, etc.
Cryptography2-102-10De Facto Standard
De Jure Standard (ISO/IEC 18033)
*
Digital Transmission Content Protection
19All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Contents
Background1Security Technology: Elemental Technologies2
34
Security Technology: System & Service
Knowledge Based Society
All Rights Reserved Copyright © 2005, Hitachi. Ltd.
20All Rights Reserved Copyright © 2009,Hitachi.Ltd.
CVS (Certificate Validation Server)
CVS : Certificate Validation Server CA : Certification Authority
BCA
Internetsignature
Application form
Citizenship certificate
Government (B department officer)
signature
Citizen A
Department A CA
Department B CA
Bridge CA
Prefecture X CA
Prefecture Y CA
Bridge CA
GPKILGPKI Individual
authentication
・high speed validation of certificates
・one-stop service for validation
Officer certificate
CVS CVSCVS
Exclusive application to Japanese GPKI/LGPKI, public individual authentication platforms, which are the world’s largest authentication system High speed validation of digital certificates issued by CA for electronic application/e-commerce
Exclusive application to Exclusive application to Japanese GPKI/LGPKI, public individual Japanese GPKI/LGPKI, public individual authentication platforms, which areauthentication platforms, which are the worldthe world’’s largest authentication s largest authentication systemsystemHigh speed validation of digital certificates issued by CA for eHigh speed validation of digital certificates issued by CA for electronic lectronic application/eapplication/e--commercecommerce
Two-way authentication
Citizenship certificate
Application form
Citizenship certificate
3-13-1
CVS
electronic application declaration
21All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Secure Service Platform (SSP)
SSP : Secure Service PlatformCVS : Certificate Validation Server SIP : Session Initiation Protocol
Advanced fundamental technology in enhancing the security of the Internet. Realization of secure service platform “SSP” that enables secure, reliable communication between otherwise uncertain individuals in ubiquitous environment.
Advanced fundamental technology in enhancing the security of the Internet.Realization of secure service platform “SSP” that enables secure, reliable communication between otherwise uncertain individuals in ubiquitous environment.
User ASecure channelSecure channel
User B
Unauthorized user
SSP server(SIP + CVS)certificate certificate
Certificate Certificate validationvalidation
Certificate authority 1
Certificate authority N
User C
Reject all sessions except the ones by way of SSP
Internet
SSP feature
Session management
Digital certificate validation(CVS)
Cryptographic key generation/distribution (at every channel)
Direction of the business: Aimed at…• domestic & international carrier/ISP• corporate information system
Direction of the business: Aimed atDirection of the business: Aimed at……•• domestic & international carrier/ISPdomestic & international carrier/ISP•• corporate information system corporate information system
3-23-2
22All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Contents
4 Knowledge Based Society
All Rights Reserved Copyright © 2008, Hitachi. Ltd.
Security Technology: Component
Security Technology: System & Service
Background123
23All Rights Reserved Copyright © 2009,Hitachi.Ltd.
The Uprise of Knowledge Based Society4-14-1
DesireSatisfaction
Social richness
IndustrializedIndustrialized InformatizedInformatized
Era
Electronics
products
Utilization
productsDiversity of productsSophisticated functionsDiversity of productsSophisticated functions
Diversity of usageNew values
Diversity of usageNew values
information
products
Ubiquitous Information SocietyUbiquitous Information SocietyKnowledge basedKnowledge based
information
Society
knowledge
24All Rights Reserved Copyright © 2009,Hitachi.Ltd.
What to Do Now: Design of Information Sharing4-24-2
What to do:- Gather technical background. E.g. SAML, Liberty, PKI, SSP, ・・・- Technical/Political system design
Market: Food, Labor, Transport, Medical Treatment, Health, Environment, Energy, Leisure, Entertainment, etc.
RetailerRetailer
SalesDB
LogisticsLogistics
LogisticsDB
ProducerProducer ConsumersConsumers
Company ACompany ADB
ProcessProcess
ManufacturingDB
Interface for Information Sharing
Purpose:Share the information of services among stakeholders for Safe & Secure Society
Company BCompany BDB
Interface for Information Sharing
Information sharing
Cross domain
DB: Data Base, SAML: Security Assertion Markup Language, PKI: Public Key Infrastructure, SSP: Secure Service Platform
25All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Social Infrastructure including virtuous nature of culture
Innovation Creating Infrastructure4-34-3
Real World“Value” Creation Field
People in the Asian Region
“Value”
IT Infrastructure
Fusion of “Information &
Knowledge”Infrastructure
CreateConnect Communicate
Visualize ProtectStore
“Information & Knowledge” Create new value of
Knowledge by sharing information
Fusion of “Information &
Knowledge”Field
“Information & Knowledge”
26All Rights Reserved Copyright © 2009,Hitachi.Ltd.
Oriental sense of values :仁 "Dear feeling to others and tenderness are practiced" 義 "Priority is given to protecting the right deed over profits " 孝 “Parents are valued” ・・・
Technical/Political system design
Seeing Virtuous Nature4-44-4
Western sense of values :Wisdom "Deep reason is realized" Justice "Society and human being are corrected in the figure which should exist such"・・・
Seeing virtuous nature of culture each other such as:
Share trusted information, knowledge/wisdom to realize valuable business cooperation