Concept of Cyber Security and Activities of Secure …...2019/04/06 · Discussion & Future work...

Copyright© Secure IoT Platform Consortium. All rights reserved.

サイバー・セキュリティの理念とIoT協議会・SCOPEの活動

Concept of Cyber Security

and

Activities of Secure IoT Platform Consortium/SCOPE

2019/04/11

一般社団法人セキュアIoTプラットフォーム協議会

Copyright© Secure IoT Platform Consortium. All rights reserved.2

セキュアIoTプラットフォーム協議会理事長Chairman of Secure IoT Platform Consortium

中央大学研究開発機構教授Professor of Chuo University Research and Development Initiative

東京工業大学名誉教授Honorable Professor Tokyo Institute of Technology

辻井重男 Shigeo TSUJII


Agenda

1. 三止揚・MELT-UP 情報セキュリティの理念とその実現に向けて

Drei Aufheben →

Management, Ethics, Law and Technology

2. SIOTP協議会の活動 Activities of Secure IoT Platform Consortium

3. SCOPEの研究開発活動 Activities of SCOPE ( Strategic Information and

(総務省委託研究） Communications R&D Promotion Programme )


Agenda 1

三止揚・MELT-UP

情報セキュリティの理念とその実現に向けて

Drei Aufheben →

Management, Ethics, Law and Technology


多様な価値観

Example M. J. Sandel (Professor, Harvard University)

What’s the Right Thing to do ?

自由至上主義・平等主義(Libertarianism・ Liberal Egalitarianism)

共同体主義 (Communitarianism)

功利主義 (Utilitarianism)


From the view point of Cyber Security

I propose Three Ideas

1 Freedom (Data processing)

2. Safety, Security, Public Welfare

3. Privacy, Personal Right


サンデルの体系*と本提案の三止揚の関係

共同体主義（共同体固有文化）

功利主義（最大多数の最大幸福）

自由

プライバシー安心・安全

MELT-UP・三止揚

自由主義（自由至上主義 /自由平等主義）

* 西垣通著：ネット社会の「正義」とは何か


The development of the computer and the network expands freedom of the

activity of people, but simultaneously causes a serious problem such as

invasion of security and privacy.

Because these are mutually contradicting confrontations, there is a value conflict

situation difficult to resolve.

自由の拡大Expansion

of

Freedom

プライバシー保護

Protection

of

Privacy

安全性向上Improvement

of

Security

三止揚3 Aufheben

Copyright©2006 Shigeo Tsujii


Example: GAFA vs GDPR

Freedom: GAFA Google Apple Facebook Amazon

Privacy: General Data Protection Reguration


Facebookの場合

2019/03/22 日経新聞「フェイスブック、ターゲット広告見直し」

「データ倫理」成長要件に公正や透明性点検欠かせず


情報セキュリティに関する３つの価値

自由安心・安全プライバシー；三止揚の為

MELT UP；・M ：Management and Market 管理経営・市場・E ：Ethics 倫理、行動規範、国民性・L ：Law System 法律、条令、ガイドライン・T ：Technology セキュリティ技術、暗号

⇒MELTをMELT（融合）させ、技術の進歩や社会・組織の要請に応じて、PDCA Cycle のように、循環的に対応させることが不可欠。


セキュアな社会基盤の構築

Copyright ? 2003 Shigeo TSUJII


セキュアIoTプラットフォーム構築に向けてのMELT up活動


IoT を含む S/MIME の普及へ向けての MELT up 活動


マイナンバーの利用拡大に向けての MELT up 活動


暗号通貨（ビットコイン）・ブロックチェインの高信頼化へ向けての MELT up 活動


Agenda 2

セキュアIoTプラットフォーム協議会の活動Activities of Secure IoT Platform Consortium


協議会概要

Activities

・The wider use of Secure IoT Platfom、and related activities to achieve de facto standardization・Business Development thru Open Innovation and promotion of IoT utilization・Conducting joint experiment(s) - Proof of Concept (POC)・Announcement of latest IoT related development(s)

Established April 2017

Organization General Incorporated Association

Board of Directors

・Chairman: Shigeo Tsujii: Professor, Chuo University Research and Development InitiativeHonorary Professor, Tokyo Institute of Technology

・Director: Masahiro Sano: Director, Ubiquitous AI CorporationTsutomu Taguchi: Vice President, I-NET CorpHaruhisa Fujikawa: Director, SECOM Trust Systems Co.,Ltd.Yasutoshi Magara: President, Cybertrust Co.,Ltd.Toshiaki Miki: Director, LAC Co.,Ltd

・Advisory: Ryoichi Sasaki: Professor, Tokyo Denki University, Director, Cyber Security Research CentreYoshie Munakata: President, B,Grove, former Vice President, Intel JapanToshio Morimoto: former CIO, Saga prefecture

Copyright© Secure IoT Platform Consortium. All rights reserved.

Established : April 2017

Organization: General Incorporated Association（一般社団法人）

Purpose of Establishment

The Secure IoT Platform Council creates a safe and secure new

social infrastructure for global IoT equipment and services

（セキュアIoTプラットフォーム協議会は全世界のIoT機器およびサービスに対し安心・安全な新社会基盤を創出する）


医療、金融、電力、交通など重要インフラデバイスが偽情報を発すれば、生命や社会基盤が損なわれかねない。

個人や組織が管理すべきIoTについては、

「多い」、「永い」、「安い」、「低い」

の４点が、真正性保証に深刻な課題を投げかけている。


IoTセキュリティ対策の4課題

・多い：やがて、500億台にも達する。

・永い：Life cycleが永い。今後、導入される重要インフラのデバイスにPKI (Public Key Infrastructure) 電子認証を入れたとしても既存の重要デバイスに対しての対応が難しい。

・安い：個々のデバイスは低価格のものが多く、真正性の保証のために高いコストを掛けられない。

・低い：利用者の真正性保証に対する意識は未だ低い。


Layering of IoT System and Related Guideline


セキュアIoTプラットフォーム協議会設立趣旨


Plan of Activities

The wider use of Secure IoT Platformand related activities to achieve de facto standardization

①Business Development thru Open Innovation and promotion of IoT utilization（次世代IoTセキュリティ標準の規格化、及びデファクトスタンダード化に向けての普及活動）

②Conducting joint experiment(s) （IoT利活用推進および事例構築）

③Proof of Concept (POC)（共同実証実験(POC)の実施）

➃Announcement of latest IoT related development(s)（最新IoT関連情報の発信）


Agenda 3

総務省委託研究 SCOPE戦略的情報通信研究開発推進事業

Strategic Information and Communications R&D Promotion Programme

IoTデバイス認証基盤の構築と新AI手法（リーマン幾何学）による表情認識の医療介護への応用についての研究開発（2018～2020年）

Research on Construction for PKI Authentication of IoT devices

and Recognition of Personal Expression

based on novel AI method using Riemann Geometry


SCOPE研究の4階層を貫く理念

真贋の判定こそはモノ層から社会層まで貫く理念

Decision Making of Fact or Fake is Essential Idea

Penetrating from IoT Device Layer to Social Layer


4層真贋判定（主要テーマ）

• デバイス層 IoT PKI 電子認証

• ネットワーク層拡張S/MIMEコンセプトのIoTへの拡張

• データ管理層クラウドにおける暗号化状態処理

• 社会層新AI手法(リーマン幾何学）による表情認識


情報サービス層における真贋判定の代表例として、

中央大学趙晋輝教授等の成果（Professor J. Chao, Chuo University)

等の成果

これまでのAIに換わる数学的手法による表情認識

を挙げる。


敵対学習(Adversarial training)を回避できる新しいAI

GAN (Generative Adversarial Networks)

現在の深層学習(Deep Learning) で起きる誤認識

Philosopher

カント(Immanuel Kant)の顔をヘーゲル(Georg Wilhelm Friedrich Hegel)に誤認識


Current AI based on highly nonlinear maps on Euclid

space, which could cause mis-recognition

and poor generalization （汎化性能が低い）due to local

minima（局所的最適解）and curse of dimension etc.

Example Philosopher Kant →Hegel (next slide)

Our Research is adopting Riemann geometry

（リーマン幾何学）which represents the nonlinearity by

curveness of Riemann space. Without supervised

learning and optimization by gradient descent, this

approach is free of adversarial examples.


https://www.google.com/imgres?imgurl=https://upload.wikimedia.org/wikipedia/commons/thumb/0/08/Hegel_portrait_by_Schlesinger_1831.jpg/200px-Hegel_portrait_by_Schlesinger_1831.jpg&imgrefurl=https://ja.wikipedia.org/wiki/%E3%82%B2%E3%82%AA%E3%83%AB%E3%82%AF%E3%83%BB%E3%83%B4%E3%82%A3%E3%83%AB%E3%83%98%E3%83%AB%E3%83%A0%E3%83%BB%E3%83%95%E3%83%AA%E3%83%BC%E3%83%89%E3%83%AA%E3%83%92%E3%83%BB%E3%83%98%E3%83%BC%E3%82%B2%E3%83%AB&docid=_T19olCEHmnPcM&tbnid=R97hhh2X1Q5vwM:&vet=1&w=200&h=253&bih=488&biw=1097&ved=0ahUKEwiO5PCT06HhAhVuFqYKHRIeAhUQMwg3KAAwAA&iact=c&ictx=1


以下、趙教授(Professor J. Chao)作成スライド


Facial Expression recognition by Riemann geometry

Current facial expression

recognition based on

category theory by P. Eckman.

Happiness

Sadness

Surprise

Facial

image

Recognition

system

20%

5%

40%

• Provides discrete, linguistic description.

• But expressions have infinite variations beyond language labels could describe. Basic expressions by Eckman, Frasen 1985


Problems in the psychological spaces

1. No direct correspondence between

expressions and physical stimuli.

2. The spaces are built from only basic

expressions, but not subtle and delicate ones.

3. SD scores and similarity evaluation are not

good quantitative representation

Spaces used in engineering are based on purely

physical stimuli or images which contains no

subjective perceptional information.

Problems in the image spaces

快

覚醒度

Psychological expression space

by Russell & Bullock,1985

arousal

valence

The dimension theory represents

expressions in a psychological space.


This research: use Riemann geometry

1. Build a psychophysical expression space from facial

images: physical stimuli.

2. Introduce Riemann metric by JND(just noticeable difference)

thresholds, which are subjective unit circles.

3. Apply Riemann geometry to recognize expressions.

Measurement of JND and application of Riemann geometry

Euclidean spaceRiemannian Space

( , ) ( )T i j

G ijd d d G d g dx dx= =x x x x x

A Riemann space is a space where local distance is defined

by Riemann metric tensor G(x) :

Unit sphere=JND

( ) 1Td G d =x x x


Measurement of JND Thresholds

Along a sequence of expression images that change from one expression to another expression, measure the facial expression that is the starting point and the expression image that felt the difference for the first time.

start

A sequence of expression images

・・・

JNDThe image we need

Anger Disgust


JND are ellipsoids in expression space

39

JND thresholds are ellipsoids with various shapes, showing the expression space is not Euclidean

but a Riemann space.

Similarities are observed between different subjects


Two close images but distinct expressions


Two remote images but similar expressions


The JND thresholds define Riemann metric tensor

Analytics of expression space by Riemann geometry

Discussion & Future work

Quantitative representation

• Future Work and applications

• Creation of facial expression recognition model

• Dimension estimate and reduction for expression space.

Perception visualization• Compare and

compensate individual differences in facial expression perception.

• Applications in medical care for ages and

Quantitative representation of expressions and

A new facial expression space as a Riemann space


データ管理層(Digital Management Layer)

DX（digital Transformation) 環境が広がる中で、クラウドに１）データを暗号化して預けること２）預けたデータを処理する場合、平文に復号

せずに、暗号化状態の儘、処理することが、情報漏洩を防ぎ、情報の真正性を保証するために不可欠である。


以下、山口教授(Professor H. Yamaguchi)作成スライド


Workflow of Data

user

Natural

Language

-Problem-

Reply

Logical

Formula for

Natural

Language

Structured

Natural

Language

(SCDL)

Private

Information

Retieval

( Bits,Records,

Semantic ･･･DBMS)

Oblevious

Logical

Logical-

Based

Encrypted

Computing

Biological/

Biomedical

Evaluation


PIR schemes enable a user to privately relieve data. This means that the queries

give database no partial information ( in information theoretic or computational

sense) on the identity of the item retrieved by the user.

Encrypted ComputingEncrypted result which, when decrypted, matches the result of operations

Performed on the text. This scheme based on the arithmetic constraints. On the

other hands, fully homomorphic encryption scheme are formed him to make on

additional very strong harness assumption. In this paper, we apply the exclusive-

or arithmetic which guards the intermediate results.

We work flow of evaluating similarity of encrypted sequence with and evaluation

result are kept A secret.

Private Information Retrieval (PIR)


Example of SCDLFind nucleotide or amino acid sequenced from a database

that are similar to a given sequence.

SELECT NFROM R (input) s, R (input) s’

WHERE blasy (s, s’)


Encrypted Computing

（Goldwasser-Micaliの論理演算方）

Encryption of x.

Encryption of a bit b is

E(b) = xb r2 mod 2. random r ∈ {0, …, m-1}.

The homomorphic property is then

Obtain a value of exclusive- or

computation

where Å denotes addition mod 2.

(i.e. exclusive-or).

48


Evatuation of similarity of two DNA sequence

Two DNA sequence Sooo387,

Evaluation Result While encrypted


ネットワーク層(Network Layer)

Improved S/MIME Including IoT


以下、才所研究員 (Researcher T. Saisho)作成スライド


Research and development of protocols

that realize the following functions

in the application layer of the OSI reference model.

(1)Authenticity assurance at the network layer

a: Authenticity of the sending device

b: Authenticity of the received data

(2)Anonymity of the sending device

(3)Specificity and traceability of the sending device


(1)Authenticity assurance at the network layer

a: Authenticity of the sending device (spoofed device detection)

b: Authenticity of the received data (tampered data detection)Ensuring the authenticity of

the sending devices and data

with the signature of

the IoT system operating

organization

IoT System

Operating Organization

Ensuring the authenticity of

the sending devices and data

with the signature of

the sending device

Sending DeviceData Utilization

Organization

Ensuring the authenticity of the sending devices and data

by the chain of signature verification


(2)Anonymity of the sending device

IoT System


Identifying the sending device

by private internal code

Data Utilization

Organization

Sending Device


by public external code

Convert internal code

to external code

Ensuring the anonymity of the sending device

to the data utilization organization


(3)Specificity and traceability of the sending device

IoT System


Sending DeviceData Utilization

Organization

Convert external code

to internal code

Ensuring the specificity and traceability of

the sending device


by private internal code


by public external code


Danke schön

Thank you very much

多謝深謝

Concept of Cyber Security and Activities of Secure …...2019/04/06 · Discussion & Future work...

Documents

Transcript of Concept of Cyber Security and Activities of Secure …...2019/04/06 · Discussion & Future work...