TOSHIBA REVIEW 2005 Vol.60 No.6 | TOSHIBA REVIEW

This page partially uses JavaScript. This page may not operate normally when these functions are not supported by your browser or the setting is disabled.

TOSHIBA REVIEW
2005. VOL.60 NO.6

Special Reports

Information Security Technologies

Toshiba Information Security Technologies Supporting Safe and Secure Society
ENDO Naoki

Personal Information Protection Law and Toshiba Information Security Technologies
YURA Koji / SHIMBO Atsushi
The Personal Information Protection Law has been fully in force since April 2005 in Japan, against the background of personal data divulgence cases being reported in the newspapers almost daily. Under the law, holders of personal data must now take sufficient measures to maintain their data safely. The convenience of information systems often takes precedence over information security, and insecure information systems have caused many problems. There is now a greater interest in information security because of the law, and the development of more secure information systems as infrastructure is desired.

The companies of the Toshiba Group are making maximum efforts to develop products and services based on information security technologies, forming the foundations of a safe and secure society.

Personal Information Protection Law and Corporate Security Management
SHIIGI Takayoshi / KAWAI Nobuyuki
Following the full enforcement of the Personal Information Protection Law, many corporations have found it necessary to implement information security management programs that meet the requirements of that law. To achieve this objective, these corporations are addressing their information security management needs as part of their general compliance and risk management activities.

It is important for such corporations to take proactive action by continuously maintaining their information security management activities on the corporate level utilizing the information security management system (ISMS) and other related standards and schemes.

IT System Solution Framework for Personal Information Protection Law
KITAORI Shoji
The Personal Information Protection Law stipulates that holders of personal information must take sufficient measures to protect that information. However, the law does not specify concrete means by which this is to be achieved.

Toshiba Solutions Corp. has formulated an original detailed IT system specification called the personal data protection standard for system solutions (PDPS3), based on the guidelines of the Ministry of Economy, Trade and Industry (METI). The PDPS3 standard enables the cooperation of all application systems and security infrastructure systems. By combining PDPS3 with a consulting service, we have realized a system solution framework for personal data protection.

Information Security Infrastructure Provided by Toshiba
KAWAI Nobuyuki
Security attacks such as unauthorized access of personal information occur daily. It is vital for every company and organization to address such security issues due to their devastating impact on the company or organization concerned. How should individual companies and organizations deal with these types of issues? How can they be handled proactively?

Toshiba Solutions Corp. provides information security solutions based on the concept of building a basic architecture for system security.

ID Management Technology for Cost-Saving and Functional Reinforcement of Systems
NOSE Ken-ichiro / IKEDA Tatsuro / KOBAYASHI Chieko
When managing IDs on multiple systems, ID management operations (addition, deletion, etc.) commonly become complex, resulting in a high management cost. Moreover, conformance with legislation such as the Personal Information Protection Law, which came into force in Japan on April 1, 2005, and the creation of mechanisms for user identification and recognition that can reduce the high cost of ID management, have also become important issues.

Toshiba Solutions Corp. has developed ID management technology incorporating a security function that conforms with both the Personal Information Protection Law and the guidelines of the Ministry of Economy, Trade and Industry (METI). By integrating the IDs of multiple enterprise systems, it is possible to develop a system that can reduce the management cost and enhance the system capabilities.

Anonymous Authentication Technology and Its Application
KATO Takehisa / OKADA Koji / YOSHIDA Takuya
With the enforcement of the Personal Information Protection Law, enterprises are obligated to strictly manage personal data. Toshiba Solutions Corp. has developed an anonymous authentication technology that employs the group signature scheme. Service providers need not strictly manage personal data because they can authenticate their clients without the use of personal data. We have developed a prototype anonymous order system based on this anonymous authentication technology. In addition, we have proposed a group signature scheme that decreases computational complexity to 1/10 or less. This scheme can be installed in a cellular phone.

Biometric Authentication Context
TAKAMIZAWA Hidehisa / OKADA Koji / SAISHO Toshiaki
Toshiba Solutions Corp. has proposed the “Biometric Authentication Context” (BAC), which makes authentication possible through an open network using a biometric environment provided by a claimant. BAC is a format for describing information concerning biometric verification processes and the results of such processes executed and verified by an entity (e.g., IC card, biometric device, etc.) that constructs the biometric environment provided by the claimant, and for transferring this information to a verifier of the authentication.

Network Anomaly Detection and Prevention Technologies and Their Application
KONNO Toru / TATEOKA Masamichi
Many corporate users have deployed intrusion detection and prevention systems in order to protect their Web servers from various attacks on the Internet. However, new attack incidents that exploit unveiled security holes have begun to rapidly proliferate, making it difficult to respond using legacy pattern matching techniques.
To solve this security issue, Toshiba Solutions Corp. has developed unknown-attack detection and prevention technologies in the AntiHacker-ProTM product. We have implemented L7 parametric analysisTM, which statistically analyzes network application data in real time. We have also leveraged the Taguchi method to accomplish a highly accurate attack detection rate.

Access Control Scheme for Protecting Server Applications
UMESAWA Kentaro / TAKAHASHI Toshinari
Fixing software vulnerabilities that are exploitable via a network is a matter of urgency for a system administrator. However, sometimes it is difficult to fix such vulnerabilities in a timely manner because there are many administrative problems in the systems operation area and some of the vulnerabilities do not have a program for fixing them at that time. This problem is especially serious in remote access services, which are currently experiencing high demand but have insufficient measures available.

To solve this problem, Toshiba has developed the transmission control protocol (TCP) layer application protector (TAP), which prevents attackers from establishing TCP connections by means of an authentication mechanism at the TCP layer.

Security Design Methodology and Its Support Tool
AKIYAMA Koichiro / KITO Toshiyuki / UMESAWA Kentaro
While the expanding network creates great convenience in the realm of information systems, network-caused security incidents such as virus attacks are constantly occurring. This is becoming a major threat in people's lives.

In response to this situation, Toshiba has formulated a security design methodology that shows the necessary steps in system design in order to comprehensively avoid such threats. We have also developed a system integrator support tool for efficient design of the target system.

Security Processor Technology Compliant with Open-Source Operating Systems
HASHIMOTO Mikio / HARUKI Hiroyoshi / KAWABATA Takeshi
Toshiba has developed a security processor architecture called the license controlling multiparty secure processor (L-MSP).

L-MSP permits neither analysis nor modification of application programs running on open-source operating systems such as Linux or ITRON. This technology is based on embedded cryptographic hardware and access control mechanisms, and can be used for digital content protection, intellectual property protection, and other such applications.

Feature Articles

C-Band 90 W GaAs Power FET
KIMURA Hideki / TAKATSUKA Shinji / TAKAGI Kazutaka
Demand for GaAs field effect transistors (FETs) of higher output power and lower distortion for such applications as satellite communication transmitters has been increasing in recent years.

Toshiba already has an internally matched C-band 60 W GaAs FET in its product lineup. In this paper, we report on our development of an internally matched C-band GaAs FET with an output power of 90 W at 6 GHz, ranked as the highest in the world. This was achieved by optimization of wafer and gate structures, as well as improvement of the package configuration for better heat dissipation.

Remote Monitoring System for Air Conditioners
TOBA Akira / TANAKA Toshiyuki / HONGO Ichiro
In the field of air conditioners for business and industrial use, there is strong demand not only for improved performance but also reduced maintenance costs. Toshiba Carrier Corp. has developed a remote monitoring system as a new service that offers low maintenance costs and provides an effective tool for energy-saving management. This system employs Internet technology and features high data-analysis performance using abundant data as well as easy data access from the monitoring center, which can be situated in any location.

Control System for Running Multiple Air Conditioners
TAKAHASHI Isao / TANI Kazutoshi / NAKATSUGAWA Norihiko
Buildings equipped with a number of air conditioners of the multi-split type are appearing nowadays. This is because people want to have individually controlled air conditioning for their own rooms, so that they can maximize comfort by making precise adjustments according to their needs. On the other hand, the demand for energy saving and easy maintenance must also be taken into consideration. Accordingly, a sophisticated control system for running a cluster of air conditioners is required in modern buildings.

Toshiba Carrier Corp. has developed an air-conditioner control system that is capable of individually controlling up to 512 air conditioners, eight times the number controllable by conventional systems. The new system collects the running data of each air conditioner and sends commands via an Ethernet communication network and local servers. The total running conditions are displayed on a touch-panel screen driven by a Windows^® CE controller.

Paint Film Degradation Analysis System with Improved Portability and Versatility
TAKEUCHI Fumiaki / ITO Kojiro / HIRATE Toshiaki
Paint film degradation analysis systems detect the degradation symptoms of paint film on electrical equipment or structures installed outdoors at an early stage by measuring the impedance of the paint film.

Toshiba has developed a paint film degradation analysis system with improved portability and versatility that allows paint film to be evaluated in higher and narrower places, and is also capable of measuring high-performance paint films. This system consists of a measuring section that uses a personal digital assistant (PDA) for improved portability and expands the measurement range of impedance for greater versatility, as well as an analysis and diagnosis section that displays the results via Web browser for enhanced availability.

yN	Frontiers of Research & Development

Parallel Refrigeration Cycle for Refrigerator