Project/Area Number |
12133205
|
Research Category |
Grant-in-Aid for Scientific Research on Priority Areas
|
Allocation Type | Single-year Grants |
Review Section |
Science and Engineering
|
Research Institution | Tokyo Institute of Technology |
Principal Investigator |
SHIBAYAMA Etsuya Tokyo Institute of Technology, Graduate School of Information Science and Engineering, Professor, 大学院・情報理工学研究科, 教授 (80162642)
|
Co-Investigator(Kenkyū-buntansha) |
TAKAHASHI Shin Tokyo Institute of Technology, Graduate School of Information Science and Engineering, Assistant, 大学院・情報理工学研究科, 助手 (00272691)
WAKITA Ken Tokyo Institute of Technology, Graduate School of Information Science and Engineering, Associate Professor, 大学院・情報理工学研究科, 助教授 (10242265)
MATSUOKA Satoshi Tokyo Institute of Technology, Global Scientific Information and Computing Center, Professor, 学術国際情報センター, 教授 (20221583)
|
Project Period (FY) |
2000 – 2003
|
Project Status |
Completed (Fiscal Year 2003)
|
Budget Amount *help |
¥32,200,000 (Direct Cost: ¥32,200,000)
Fiscal Year 2003: ¥7,300,000 (Direct Cost: ¥7,300,000)
Fiscal Year 2002: ¥11,400,000 (Direct Cost: ¥11,400,000)
Fiscal Year 2001: ¥13,500,000 (Direct Cost: ¥13,500,000)
|
Keywords | security policy / Security automaton / Grid computing / Virtual machine / Communication library / Integrity check / Language processor / Debugging / Grid / 仮想マシン / バイトコード変換 / クラスタ計算 / 可用性 / Java / 分散共有メモリ / 耐故障性 / チェックポイント / バイトコード処理系 / 情報流 / 耐故障 / クラスタ |
Research Abstract |
As a first step to building next generation secure information infrastructures, we have investigated the following three areas, representing three different viewpoints : descriptions, users, and systems. 1. Flexible Security Policy Description Schemes and Their Enforcement Mechanisims Taking account that mutual ly untrusted parties may have to collaborate or do trade with one another in the Internet era, we propose a new model of security policy that is compatible with privacy protections. Our research results include a model of policy negotiation using at tribute authentications, description schemes based upon security automata, an enforcement mechanism with instrumentation, and optimization with partial evaluations. 2. Convenient Methodologies for Constructions and Operations of Secure Software Systems We propose (semi-) automated construct ions and operations of secure software systems by developers, operators, and end-users. Our research results include automatic exploitations of security policies from information of package managers, semi-automated constructions of secure programuing language processors, development environments of secure software including a visual language system and a debugger. 3. Foundations of Next Generation Information Infrastructures We propose various security mechanisms for computing systems utilizing massive resources. Our research results include a fault-tolerant and high performance communication library, a scalable authentication algorithm, a remote installation and recovery tool for PC clusters, a virtual machine technology for the resolution of interference among virtual organizations.
|