TOSHIBA REVIEW
2003. VOL.58 NO.8

Special Reports
Information Technology for Secure Modern Society

Special Reports

Information Technology for Secure Modern Society

*Information Technology Supporting Secure Modern Society
TAKAOKA Hiroshi

*Toshiba Security Technologies and Their Contribution to Society
YAMADA Asahiko SHIMBO Atsushi KITAORI Shoji
As an open communication environment exemplified by the Internet has become commonplace in daily life, certain aspects of people's lives are shifting from the real world to the virtual world as seen in online shopping and in online registration services provided by public offices. Security technology has therefore become necessary to protect the personal information that has value in the virtual world.

To realize a richer virtual world, Toshiba continues its efforts in research, development, and application of more secure technologies.

*Information Security Management System
SHIIGI Takayoshi ISHIBASHI Yuuichiro IGUCHI Hiroshi
Information security has become much more important in today's networked society, where most organizational activities rely on information and communication technology (ICT)-based networks including the Internet. It is important for such organizations to deal with information security more systematically and effectively on the corporate level by establishing information security management systems (ISMS).

Toshiba regards information security as a key management concern, and is developing a wide range of services for the establishment, implementation, maintenance, and improvement of ISMS.

*Secure System Integration
ODAHARA Ikuya AKIYAMA Koichiro SHIMADA Tsuyoshi
Security design is an important issue in information technology (IT) system integration. In designing security functions for the target system, it is necessary to employ not only advanced technologies and products but also a method focusing on security integration according to the customer's requirements and system architectures.

Toshiba has developed such a security design method and applied it to IT system integration. We have also employed this method to a consultation service for acquiring ISO/IEC 15408 certification of the target system.

*Authentication Service Smart Card Issuing System for Public Key Infrastructure and Its Application
SUZU Takako NOSE Ken-ichiro KITAI Fujio
An authentication service issues highly reliable digital certificates that serve as a means of personal identification in digital systems. They are used by the Japanese government for electronic bidding and other electronic applications, and by private enterprises for electronic contracts, etc.

Toshiba has developed a smart card issuing system corresponding to the Japanese government's TARGUSYS_TM system. This smart card issuing system offers a highly reliable certificate service.

*Video Surveillance Security System
MATSUNO Kazuyoshi MACHIDA Atsushi YAMAGUCHI Tohru
Although Japan has long been said to be one of the safest countries in the world, consciousness of security is growing due to the recent trend in crime. This has significantly enhanced the importance of image surveillance security systems. Moreover, information leakage and accidents have become a risk to companies that can affect their very existence. The influence of these factors is so serious that it far outweighs the influence of other social issues. In this growing market for security systems, the demand for image recorders is rising for remote surveillance and work supporting systems in unmanned areas, due to the improvements realized in digitized performance and integration with networks.

Toshiba has developed the DR5000 series digital video recorder as the core of an image surveillance security system.

*Physical Security System
ANDO Takeshi FUJIMORI Atsushi AZEGAMI Hiroyuki
To maintain the security of people, equipment, and information inside public facilities and buildings, it is necessary to have a physical security system that appropriately manages the physical space, such as an access control system to manage the movements of people through entrances and exits.

With its accumulated experience in the field of security systems for public facilities and buildings as a background, Toshiba can provide a totally integrated system from setting up the security level of each area according to its business characteristics, to the supply of security system equipment. We also support application and maintenance of the system.

The FacePass_TM face recognition security system is an original Toshiba system applying the latest biometric techniques.

*Application of Intrusion Detection and Prevention Technology to MAGNIA_TM 2000Ri/Anti-Hacker System
SHINDO Shuichi YOSHIMURA Masahiko KANNO Shinichi
Due to the diffusion of the Internet, Web servers now play an indispensable role in the transmission of information and the execution of business and services by companies and other organizations. At the same time, damage caused by illegal access, such as denial of service (DoS) to servers, alteration of Web pages, and leakage of data, is also increasing.

Toshiba has developed the first product to solve these problems, the MAGNIA_TM 2000Ri/Anti-Hacker system, which can detect such attacks and defend a Web server from them, and has been supplying it to the market. Users can easily enhance the security of a Web server using this product.

*Secure Network Preventing Distribution of Unknown Packets
KATO Takehisa SHIMIZU Ayumu
Attacks on servers by crackers have recently become more frequent with the growth in systems and services using the Internet. In particular, denial of service attacks pose a serious problem for a service provider.

Toshiba has proposed and developed a system that provides highly available services based on preventing denial of service attacks, distributed denial of service attacks, and connection laundering. Specifically, the network to be protected notifies the security policy to the network of the user environment. User and device authentication then follow in accordance with the security policy. Consequently, the network to be protected is secured by not receiving packets that do not conform with the security policy notified to external networks.

*Hybrid Traceback Scheme for Finding True Source of Packets
IKEDA Tatsuro YAMADA Tatsuya
Internet Protocol (IP) traceback has attracted attention as a technology for coping with denial of service, distributed denial of service, and connection laundering attacks. IP traceback is the generic term for the technology, which determines the true source of attacking packets. Toshiba has proposed a "hybrid traceback" system that combines two types of IP traceback schemes: active and passive. This system is able to reflect the tracer's intention and achieve detailed tracing with a lower load on the network than conventional schemes.

*Database Technologies for System Risk Management
HARASHIMA Shuji SUZUKI Hiroyuki
Information systems play an important role in many organizations, supporting their activities including e-mail exchange and file sharing. Risk management for information systems is therefore a subject of prime importance. Risks in an information system include physical destruction of the system, unauthorized access to the system, and unexpected information disclosure caused by careless operation of the system. Database security can be used to minimize these types of risks.

Toshiba is developing a system integration method that reduces operation risks, applying inference control.

*Cryptographic IP for System LSIs
MOTOYAMA Masahiko SHIMIZU Hideo FUJISAKI Koichi
Toshiba has developed a cryptographic intellectual property (IP) series, which is a key technology for information security and system LSIs. Almost all of the standard cryptographic algorithms are available in this series. High-performance or small-area implementation is achieved by applying the results of theoretical research on cryptography. The Advanced Encryption Standard (AES) IP, which has the smallest area as far as we know, is the representative result of this series. This cryptographic IP series can be used to reduce the design time and improve the performance of system LSIs.

*Ultrasmall Random Number Generators for High-Level Information Security
FUJITA Shinobu UCHIDA Ken YASUDA Shinichi
High-level random number generators (RNGs) are required for information security systems such as authentication and cipher systems. In engineering use, random numbers are generated either arithmetically or physically. Especially for mobile devices, small RNGs are essential as the hardware resources are strictly limited.

Toshiba has developed ultrasmall RNGs that can generate high-quality random numbers. In these circuits, fluctuating signals observed in nano-scale silicon devices are utilized as the origin of randomness.

Feature Articles

*High-Density Electron Emission from Ion-Implanted Diamond
SAKAI Tadashi ONO Tomio SAKUMA Naoshi
Diamond has outstanding potential as a wide-band-gap semiconductor. Its properties such as the large band-gap (5.5 eV), breakdown electric field strength (10⁷ V/cm), and thermal conductivity (2,000 W/(m･K)) suggest ideal values for power device semiconductors and wide-band-gap electron emitters.
Toshiba has taken high-quality diamond layers grown by chemical vapor deposition (CVD) and processed them by ion implantation to obtain both ohmic metal contact and surface conductivity. The ion-implanted diamond showed high-current-density electron emission

(>1 A/cm²) with an actual current on the order of 1 mA. This result confirms the possibility of using diamond for high-power-density electron emitters.

*National ID Card Supporting Java^TM Applications
SHIMIZU Hiroo FUKUDA Aki
The national ID card, to be issued in Japan from August 2003, will be used for the issuance of copies of resident cards over a wide area as well as special registration measures for address relocations and verification of applicants. Each of these municipal services will be realized by accessing a reader/writer designed for the national ID card.

For the national ID card, Toshiba has developed a new contactless IC card with the card operating system contained in an LSI, enabling it to support multiple JavaCard^TM applications. The communication interface of this IC card complies with ISO/IEC14443 Type B. Moreover, to ensure advanced security this IC card is equipped with an encryption process incorporating highly improved tamper-resistant functions.

*Life Diagnosis Techniques for Thermal Barrier Coatings in Gas Turbines
KUBO Takahiro TAKAKI Keisuke KITAYAMA Kazuhiro
The application of thermal barrier coatings (TBCs) has expanded to include even the rotating blades of the latest gas turbines. TBC damage evaluation and repair techniques are therefore highly important for safe plant operation. Spallation of the coating layer represents critical damage to a TBC. For damage diagnosis, it is necessary to evaluate delamination propagation and detect delamination under the TBC. Toshiba investigated the mechanism of damage by carrying out thermomechanical fatigue (TMF) tests under actual hot parts conditions. In order to detect delamination under a TBC on the entire blade surface, Toshiba has developed a mirror-reflected infrared imaging technique

.*Latest OCR Technology As Applied to Various Business Solutions
MISHIMA Takeshi SEINO Kazushi
Although business solutions are continuing to shift to paperless operations using the latest computer network technologies centering around information technology, paper documents are still commonly handled in daily business. On the other hand, optical character reader (OCR) and image processing technologies continue to improve. OCRs can therefore handle a wide range of vouchers and other forms. No longer do they simply scan images or recognize characters. Rather, they are now positioned as information format conversion equipment to convert various information such as images, colors, characters, and meanings from paper to other media.

Frontiers of Research & Development

*Three-Dimensional Displays Creating New Visual Culture

*Prediction and Control System for Material Properties in Hot-Strip Rolling