A Domain Specific Language in which Authentication/Authorization control is Enabled

2013 Fiscal Year Final Research Report

• Project/Area Number: 23500079
• Research Category: Grant-in-Aid for Scientific Research (C)
• Allocation Type: Multi-year Fund
• Section: 一般
• Research Field: Computer system/Network
• Research Institution: The University of Tokyo
• Principal Investigator: SATO Hiroyuki 東京大学, 情報基盤センター, 准教授 (20225999)
• Project Period (FY): 2011 – 2013
• Keywords: 認証 / ワークフロー / ポリシー調停 / トラスト / セキュリティ / プライバシー

Research Abstract

We have proposed (1) a (cloud) trust model in which a workflow is deployed,(2)a trust elevation model in which low LoA informations are colledted to elevate to a higher LoA, and made some analysis on trust elevation, (3) a control system of MapReduce in which insecure programs are not allowed to execute, and (4) a policy consumption Web service architecture in which participants evaluate and negotiate the policies of the peers, and decide to subscribe services for oneselves. Those are all component functions of workflow. Having focused on the design and prototype implementation of those components, we have achieved the design and analysis of high functionality components in a workflow.

Research Products

• [Journal Article] A Policy Consumption Architecture that enablesDynamic and Fine Policy Management (2014)
  • Author(s): SATO, Hiroyuki, TANIMOTO Shigeaki, KANAI Atsushi
  • Journal Title: Proceedings of 3rd ASE Int'l Conf Cyber Security Volume: (to be published)
• [Journal Article] A Study of Data Management in Hybrid Cloud (2013)
  • Author(s): Shigeaki Tanimoto, Yorihiro Sakurada, Yoshiaki SEKI, Motoi Iwashita, Hiroyuki Sato, Atsushi Kanai
  • Journal Title: Configuration, Computer Information Science Volume: Vol. 492 Pages: 247-257
  • DOI: 10.1109/SNPD.2013.22
• [Journal Article] ビッグデータを活用したサービスに関するリスクアセスメント (2013)
  • Author(s): 谷本茂明, 関良明, 岩下基, 佐藤周行, 金井敦
  • Journal Title: 電子情報通信学会論文誌 A Volume: Vol.J96-A, No. 4 Pages: 189-194
  • URL: http://ci.nii.ac.jp/naid/110009596936
• [Journal Article] 参加者ごとに異なるポリシーを反映可能な認証フェデレーション機構の実現 (2013)
  • Author(s): 西村 健, 中村 素典, 山地 一禎, 佐藤周行, 大谷 誠, 岡部 寿男, 曽根原 登
  • Journal Title: 電子情報通信学会論文誌D Volume: Vol.J96-D, No. 6 Pages: 1400-1412
  • URL: http://ci.nii.ac.jp/naid/110009611652
• [Journal Article] Privacy Enhancing Proxies in Attribute Releases (2013)
  • Author(s): SATO, Hiroyuki, OKABE, Yasuo, NISHIMURA, Takeshi, YAMAJI, Kazutsuna, NAKAMURA, Motonori
  • Journal Title: Two Approaches, COMPSAC W(MidArch 2013) Pages: 379-384
  • DOI: 10.1109/COMPSACW.2013.65
• [Journal Article] Privacy Preserved Attribute Aggregation to Avoid Correlation of User Activities Across Shibboleth SPs (2013)
  • Author(s): Motonori Nakamura, Takeshi Nishimura, Kazutsuna Yamaji, Hiroyuki Sato, Yasuo Okabe
  • Journal Title: COMPSAC W(MidArch 2013) Pages: 367-372
  • DOI: 10.1109/COMPSACW.2013.52
• [Journal Article] A File-distribution Approach to Achieve High Availability and Confidentiality for Data Storage on Multi-cloud (2013)
  • Author(s): Yuuki KAJIURA, Atsushi KANAI, Hiroyuki SATO, Shigeaki TANIMOTO
  • Journal Title: COMPSAC W(SAPSE 2013) Pages: 212-217
  • DOI: 10.1109/COMPSACW.2013.125
• [Journal Article] Alternation methodology of schedule information on public cloud for preserving privacy (2012)
  • Author(s): Tatsuya Miyagami, Atsushi Kanai, Noriaki Saito, Shigeaki Tanimoto, Hiroyuki Sato
  • Journal Title: Proceedings of IARIA International Conference on Digital Society Pages: 132-139
  • URL: http://www.thinkmind.org/index.php?view=article&articleid=icds_2012_6_20_10103
• [Journal Article] Quantifying Cost Structure of Campus PKI Based on Estimation and Actual Measurement (2012)
  • Author(s): Shigeaki Tanimoto, Masahiko Yokoi, Hiroyuki Sato, Astushi Kanai
  • Journal Title: Journal of Information Processing Volume: 20(3) Pages: 640-648
  • DOI: 10.2197/ipsjjip.20.640
• [Journal Article] A Solution for Privacy Protection in MapReduce (2012)
  • Author(s): Tran Quang, Hiroyuki Sato
  • Journal Title: Proceedings of 36th IEEE International Computer Software and Applications Conference Pages: 515-520
  • DOI: 10.1109/COMPSAC.2012.70
• [Journal Article] Analysis of Security of PKI Operation with Multiple CP/CPS Based on Level of Assurance (2012)
  • Author(s): Shigeaki TANIMOTO, Shinichi MIZUHARA, Msasahiko YOKOI, Hiroyuki SATO, Atsushi KANAI
  • Journal Title: Proceedings of IEEE Computer Software and Applications Conference Workshop (Middleware Architecture in the Internet) Pages: 100-105
  • DOI: 10.1109/COMPSACW2012.28
• [Journal Article] クラウドスケジュールサービスにおける日付偽装のための鍵共有方式の検討 (2012)
  • Author(s): 横谷 百合, 宮上 達矢, 金井 敦, 谷本茂明, 佐藤 周行
  • Journal Title: Proceedings of DPS Workshop 2012 Volume: 30
  • URL: http://id.nii.ac.jp/1001/00090375/
• [Journal Article] クラウドスケジュールサービスにおけるプライバシー保護のための日付偽装方式の評価 (2012)
  • Author(s): 宮上 達矢, 横谷 百合, 金井 敦, 斉藤典明, 谷本 茂明, 佐藤 周行
  • Journal Title: Proc. DPS Workshop 2012 Volume: 31
  • URL: http://id.nii.ac.jp/1001/00090376/
• [Journal Article] A Formal Model of LoA Elevation in Online Trust (2012)
  • Author(s): Sato, Hiroyuki
  • Journal Title: Academy of Science and Engineering Science Journal Volume: 1(4) Pages: 166-178
  • URL: http://ojs.scienceengineering.org/index.php/science/article/view/56/pdf
• [Journal Article] Building a Security Aware Cloud by Extending Internal Control to Cloud (2011)
  • Author(s): SATO Hiroyuki, Kanai Atsushi, Tanimoto Shigeaki
  • Journal Title: Proceedings of 10th IEEE International Symposium on Autonomous Decentralized Systems (ISADS 2011) Pages: 323-326
  • DOI: 10.1109/ISADS.2011.48
• [Journal Article] Risk Management on the Security Problem in Cloud Computing, Proceedings of Conference on Computers (2011)
  • Author(s): Shigeaki Tanimoto, Manami Hiramoro, Motoi Iwashita, Hiroyuki Sato, Atsushi Kanai
  • Journal Title: Networks, Systems and Industrial Engineering (CNSI 2011) Pages: 147-152
  • DOI: 10.1109/CNSI.2011.82
• [Journal Article] Graded Trust of Certificates and its Management with Extended Path Validation (2011)
  • Author(s): SATO Hiroyuki, KUBO Akira
  • Journal Title: Journal of Information Processing Volume: vol. 19 Pages: 263-273
  • DOI: 10.2197/ipsjjip.19.263
• [Journal Article] Quantifying Cost Structure of Campus PKI (2011)
  • Author(s): Shigeaki Tanimoto, Masahiko Yokoi, Hiroyuki Sato, Atsushi Kanai
  • Journal Title: Proceedings of 11th IPSJ/IEEE International Symposium on Applications and the Internet (SAINT), MIDARCH 2011 Pages: 315-320
  • DOI: 10.1109/SAINT2011.60
• [Journal Article] Federated Authentication in a Hierarchy of IdPs by using Shibboleth (2011)
  • Author(s): SATO Hiroyuki, NISHIMURA Takeshi
  • Journal Title: Proceedings of 11th ISPJ/IEEE International Symposium on Applications and the Internet (SAINT), MIDARCH 2011 Pages: 327-332
  • DOI: 10.1109/SAINT2011.62
• [Journal Article] A New Formula of Information Security Risk Analysis that takes Risk Improvement Factor into Account (2011)
  • Author(s): SATO Hiroyuki
  • Journal Title: Proceedings of IEEE 3rd International Conference on Privacy, Security, Risk and Trust Pages: 1243-1248
  • DOI: 10.1109/PASSAT/SocialCom.2011.44
• [Journal Article] 情報資産価値を用いた最適保存先決定手法 (2011)
  • Author(s): 藤巻文孝, 金井敦, 斉藤典明, 谷本茂明, 佐藤周行
  • Journal Title: 情報処理学会 第19回 マルチメディア通信と分散処理ワークショッ プ (DPSWS2011) Pages: 200-207
  • URL: http://id.nii.ac.jp/1001/00089881/
• [Presentation] ダイナミックなクラウド選択のための SLA の XML 化に関する提案 (2014)
  • Author(s): 横谷 百合, 金井 敦, 谷本 茂明, 佐藤周行
  • Organizer: 情報処理学会 第158回DPS研究会
  • Place of Presentation: 東京
  • Year and Date: 2014-03-07
• [Presentation] 属性情報と認可条件を相互に秘匿する認証連携プロキシ (2014)
  • Author(s): 岡部寿男, 佐藤周行, 山地一禎, 中村素典
  • Organizer: 電子情報通信学会第88回インターネットアーキテクチャ研究会
  • Place of Presentation: 加賀市
  • Year and Date: 2014-02-27
• [Presentation] Dynamic and Fine Grained Control of Policies by XMLed Policy management (2014)
  • Author(s): Sato, H., Tanimoto, S., Kanai, A
  • Organizer: 3C2-1, 暗号と情報セキュリティシンポジウム (SCIS)
  • Place of Presentation: 鹿児島
  • Year and Date: 2014-01-23
• [Presentation] 秘密分散を用いたセキュリティ強度可変プロトコルの提案 (2014)
  • Author(s): 五十嵐綾, 金井敦, 谷本茂明, 佐藤周行
  • Organizer: 3F1-1, 暗号と情報セキュリティシンポジウム (SCIS)
  • Place of Presentation: 鹿児島
  • Year and Date: 2014-01-23
• [Presentation] 学認における属性交換フレームワーク (2013)
  • Author(s): 島岡正基, 佐藤周行
  • Organizer: コンピュータセキュリティシンポジウム 2013
  • Place of Presentation: 高松
  • Year and Date: 2013-10-22
• [Presentation] 属性提供サーバに対してサービス提供サーバを秘匿する匿名化プロキシ (2013)
  • Author(s): 岡部 寿男, 佐藤 周行, 西村 健, 山地一禎, 中村 素典
  • Organizer: マルチメディア, 分散, 協調とモバイル(DICOMO2013)シンポジウム, 8F-2
  • Place of Presentation: 帯広
  • Year and Date: 2013-07-12
• [Presentation] 情報流通連携のためのオープンなID連携プラットフォームにおけるプライバシー保護機能の高度化 (2013)
  • Author(s): 中村 素典, 西村 健, 山地 一禎, 佐藤周行, 岡部 寿男, 山崎 崇生, 崎村 夏彦
  • Organizer: マルチメディア, 分散, 協調とモバイル(DICOMO2013)シンポジウム, 8F-4
  • Place of Presentation: 帯広
  • Year and Date: 2013-07-12
• [Presentation] PEOFIAMP : Privacy Enhancements for Open Federated identity/Access Management Platforms (2013)
  • Author(s): Motonori NAKAMURA, Takeshi NISHIMURA, Kazu YAMAJI, Hiroyuki SATO, Yasuo OKABE, Takao YAMASAKI, Tsuyoshi MINAMI, Nat SAIKIMURA
  • Organizer: Terena Networking Conference 2013 (Poster)
  • Place of Presentation: Maastricht
  • Year and Date: 2013-06-02
• [Presentation] 学割サービス実現のためのSAML-OpenID ゲートウェイの試作 (2013)
  • Author(s): 中村素典, 西村健, 山地一禎, 佐藤周行, 岡部寿男
  • Organizer: IPSJ IOT 研究会
  • Place of Presentation: 弘前
  • Year and Date: 2013-05-09
• [Presentation] 侵入者の距離によりダイナミックにセキュリティレベルを制御するシステムの検討 (2013)
  • Author(s): 末次 正人, 榎本 真也, 金井 敦, 谷本茂明, 佐藤 周行
  • Organizer: 第154回 情報処理学会 DPS 研究会, 4A-25
  • Place of Presentation: 東京
  • Year and Date: 2013-03-14
• [Presentation] ダイナミックに制御する情報漏洩対策システムの検討 (2012)
  • Author(s): 榎本真也, 金井 敦, 谷本茂明, 佐藤周行
  • Organizer: 第11回情報科学技術フォーラム(FIT2012)論文集
  • Year and Date: 20120000
• [Presentation] MapReduce におけるプライバシーの手法の提案 (2012)
  • Author(s): Tran Quang, 佐藤周行
  • Organizer: 2D1-5E, 暗号と情報セキュリティシンポジウム(SCIS 2012)
  • Place of Presentation: 金沢
  • Year and Date: 2012-01-31