Concept of Cyber Security and Activities of Secure …...2019/04/06 · Discussion & Future work...
Transcript of Concept of Cyber Security and Activities of Secure …...2019/04/06 · Discussion & Future work...
Copyright© Secure IoT Platform Consortium. All rights reserved.
サイバー・セキュリティの理念とIoT協議会・SCOPEの活動
Concept of Cyber Security
and
Activities of Secure IoT Platform Consortium/SCOPE
2019/04/11
一般社団法人セキュアIoTプラットフォーム協議会
Copyright© Secure IoT Platform Consortium. All rights reserved.2
セキュアIoTプラットフォーム協議会理事長Chairman of Secure IoT Platform Consortium
中央大学研究開発機構教授Professor of Chuo University Research and Development Initiative
東京工業大学名誉教授Honorable Professor Tokyo Institute of Technology
辻井重男 Shigeo TSUJII
Copyright© Secure IoT Platform Consortium. All rights reserved.3
Agenda
1. 三止揚・MELT-UP 情報セキュリティの理念とその実現に向けて
Drei Aufheben →
Management, Ethics, Law and Technology
2. SIOTP協議会の活動 Activities of Secure IoT Platform Consortium
3. SCOPEの研究開発活動 Activities of SCOPE ( Strategic Information and
(総務省委託研究) Communications R&D Promotion Programme )
Copyright© Secure IoT Platform Consortium. All rights reserved.4
Agenda 1
三止揚・MELT-UP
情報セキュリティの理念とその実現に向けて
Drei Aufheben →
Management, Ethics, Law and Technology
Copyright© Secure IoT Platform Consortium. All rights reserved.5
多様な価値観
Example M. J. Sandel (Professor, Harvard University)
What’s the Right Thing to do ?
自由至上主義・平等主義(Libertarianism・ Liberal Egalitarianism)
共同体主義 (Communitarianism)
功利主義 (Utilitarianism)
Copyright© Secure IoT Platform Consortium. All rights reserved.6
From the view point of Cyber Security
I propose Three Ideas
1 Freedom (Data processing)
2. Safety, Security, Public Welfare
3. Privacy, Personal Right
Copyright© Secure IoT Platform Consortium. All rights reserved.7
サンデルの体系*と本提案の三止揚の関係
共同体主 義(共同体固有文化)
功 利 主 義(最大多数の最大幸福)
自由
プライバシー 安心・安全
MELT-UP・三止揚
自 由 主 義(自由至上主義 /自由平等主義)
* 西垣 通著:ネット社会の「正義」とは何か
Copyright© Secure IoT Platform Consortium. All rights reserved.8
The development of the computer and the network expands freedom of the
activity of people, but simultaneously causes a serious problem such as
invasion of security and privacy.
Because these are mutually contradicting confrontations, there is a value conflict
situation difficult to resolve.
自由の拡大Expansion
of
Freedom
プライバシー保護
Protection
of
Privacy
安全性向上Improvement
of
Security
三止揚3 Aufheben
Copyright©2006 Shigeo Tsujii
Copyright© Secure IoT Platform Consortium. All rights reserved.9
Copyright© Secure IoT Platform Consortium. All rights reserved.10
Example: GAFA vs GDPR
Freedom: GAFA Google Apple Facebook Amazon
Privacy: General Data Protection Reguration
Copyright© Secure IoT Platform Consortium. All rights reserved.11
Facebookの場合
2019/03/22 日経新聞「フェイスブック、ターゲット広告見直し」
「データ倫理」成長要件に公正や透明性点検欠かせず
Copyright© Secure IoT Platform Consortium. All rights reserved.12
情報セキュリティに関する3つの価値
自由 安心・安全 プライバシー; 三止揚の為
MELT UP;・M :Management and Market 管理経営・市場・E :Ethics 倫理、行動規範、国民性・L :Law System 法律、条令、ガイドライン・T :Technology セキュリティ技術、暗号
⇒MELTをMELT(融合)させ、技術の進歩や社会・組織の要請に応じて、PDCA Cycle のように、循環的に対応させることが不可欠。
Copyright© Secure IoT Platform Consortium. All rights reserved.13
セキュアな社会基盤の構築
Copyright ? 2003 Shigeo TSUJII
Copyright© Secure IoT Platform Consortium. All rights reserved.14
セキュアIoTプラットフォーム構築に向けてのMELT up活動
Copyright© Secure IoT Platform Consortium. All rights reserved.15
IoT を含む S/MIME の普及へ向けての MELT up 活動
Copyright© Secure IoT Platform Consortium. All rights reserved.16
マイナンバーの利用拡大に向けての MELT up 活動
Copyright© Secure IoT Platform Consortium. All rights reserved.17
暗号通貨(ビットコイン)・ブロックチェインの高信頼化へ向けての MELT up 活動
Copyright© Secure IoT Platform Consortium. All rights reserved.18
Agenda 2
セキュアIoTプラットフォーム協議会の活動Activities of Secure IoT Platform Consortium
Copyright© Secure IoT Platform Consortium. All rights reserved.19
協議会概要
Activities
・The wider use of Secure IoT Platfom、and related activities to achieve de facto standardization・Business Development thru Open Innovation and promotion of IoT utilization・Conducting joint experiment(s) - Proof of Concept (POC)・Announcement of latest IoT related development(s)
Established April 2017
Organization General Incorporated Association
Board of Directors
・Chairman: Shigeo Tsujii: Professor, Chuo University Research and Development InitiativeHonorary Professor, Tokyo Institute of Technology
・Director: Masahiro Sano: Director, Ubiquitous AI CorporationTsutomu Taguchi: Vice President, I-NET CorpHaruhisa Fujikawa: Director, SECOM Trust Systems Co.,Ltd.Yasutoshi Magara: President, Cybertrust Co.,Ltd.Toshiaki Miki: Director, LAC Co.,Ltd
・Advisory: Ryoichi Sasaki: Professor, Tokyo Denki University, Director, Cyber Security Research CentreYoshie Munakata: President, B,Grove, former Vice President, Intel JapanToshio Morimoto: former CIO, Saga prefecture
Copyright© Secure IoT Platform Consortium. All rights reserved.
Established : April 2017
Organization: General Incorporated Association(一般社団法人)
Purpose of Establishment
The Secure IoT Platform Council creates a safe and secure new
social infrastructure for global IoT equipment and services
(セキュアIoTプラットフォーム協議会は全世界のIoT機器およびサービスに対し安心・安全な新社会基盤を創出する)
Copyright© Secure IoT Platform Consortium. All rights reserved.21
Copyright© Secure IoT Platform Consortium. All rights reserved.22
医療、金融、電力、交通など重要インフラデバイスが偽情報を発すれば、生命や社会基盤が損なわれかねない。
個人や組織が管理すべきIoTについては、
「多い」、「永い」、「安い」、「低い」
の4点が、真正性保証に深刻な課題を投げかけている。
Copyright© Secure IoT Platform Consortium. All rights reserved.23
IoTセキュリティ対策の4課題
・多い:やがて、500億台にも達する。
・永い:Life cycleが永い。今後、導入される重要インフラのデバイスにPKI (Public Key Infrastructure) 電子認証を入れたとしても既存の重要デバイスに対しての対応が難しい。
・安い:個々のデバイスは低価格のものが多く、真正性の保証のために高いコストを掛けられない。
・低い:利用者の真正性保証に対する意識は未だ低い。
Copyright© Secure IoT Platform Consortium. All rights reserved.24
Layering of IoT System and Related Guideline
Copyright© Secure IoT Platform Consortium. All rights reserved.25
セキュアIoTプラットフォーム協議会設立趣旨
Copyright© Secure IoT Platform Consortium. All rights reserved.26
Plan of Activities
The wider use of Secure IoT Platformand related activities to achieve de facto standardization
①Business Development thru Open Innovation and promotion of IoT utilization(次世代IoTセキュリティ標準の規格化、及びデファクトスタンダード化に向けての普及活動)
②Conducting joint experiment(s) (IoT利活用推進および事例構築)
③Proof of Concept (POC)(共同実証実験(POC)の実施)
➃Announcement of latest IoT related development(s)(最新IoT関連情報の発信)
Copyright© Secure IoT Platform Consortium. All rights reserved.27
Agenda 3
総務省 委託研究 SCOPE戦略的情報通信研究開発推進事業
Strategic Information and Communications R&D Promotion Programme
IoTデバイス認証基盤の構築と新AI手法(リーマン幾何学)による表情認識の医療介護への応用についての研究開発(2018~2020年)
Research on Construction for PKI Authentication of IoT devices
and Recognition of Personal Expression
based on novel AI method using Riemann Geometry
Copyright© Secure IoT Platform Consortium. All rights reserved.28
SCOPE研究の4階層を貫く理念
真贋の 判定こそは モノ層から 社会層まで 貫く理念
Decision Making of Fact or Fake is Essential Idea
Penetrating from IoT Device Layer to Social Layer
Copyright© Secure IoT Platform Consortium. All rights reserved.29
4層 真贋判定(主要テーマ)
• デバイス層 IoT PKI 電子認証
• ネットワーク層 拡張S/MIMEコンセプトのIoTへの拡張
• データ管理層 クラウドにおける暗号化状態処理
• 社会層 新AI手法(リーマン幾何学)による表情認識
Copyright© Secure IoT Platform Consortium. All rights reserved.30
情報サービス層における真贋判定の代表例として、
中央大学 趙 晋輝 教授 等の成果(Professor J. Chao, Chuo University)
等の成果
これまでのAIに換わる数学的手法による表情認識
を挙げる。
Copyright© Secure IoT Platform Consortium. All rights reserved.31
敵対学習(Adversarial training)を回避できる 新しいAI
GAN (Generative Adversarial Networks)
現在の深層学習(Deep Learning) で起きる誤認識
Philosopher
カント(Immanuel Kant)の顔をヘーゲル(Georg Wilhelm Friedrich Hegel)に誤認識
Copyright© Secure IoT Platform Consortium. All rights reserved.32
Current AI based on highly nonlinear maps on Euclid
space, which could cause mis-recognition
and poor generalization (汎化性能が低い)due to local
minima(局所的最適解)and curse of dimension etc.
Example Philosopher Kant →Hegel (next slide)
Our Research is adopting Riemann geometry
(リーマン幾何学)which represents the nonlinearity by
curveness of Riemann space. Without supervised
learning and optimization by gradient descent, this
approach is free of adversarial examples.
Copyright© Secure IoT Platform Consortium. All rights reserved.33
Copyright© Secure IoT Platform Consortium. All rights reserved.34
以下、趙教授(Professor J. Chao)作成スライド
Copyright© Secure IoT Platform Consortium. All rights reserved.35
Facial Expression recognition by Riemann geometry
Current facial expression
recognition based on
category theory by P. Eckman.
Happiness
Sadness
Surprise
Facial
image
Recognition
system
20%
5%
40%
• Provides discrete, linguistic description.
• But expressions have infinite variations beyond language labels could describe. Basic expressions by Eckman, Frasen 1985
Copyright© Secure IoT Platform Consortium. All rights reserved.36
Problems in the psychological spaces
1. No direct correspondence between
expressions and physical stimuli.
2. The spaces are built from only basic
expressions, but not subtle and delicate ones.
3. SD scores and similarity evaluation are not
good quantitative representation
Spaces used in engineering are based on purely
physical stimuli or images which contains no
subjective perceptional information.
Problems in the image spaces
快
覚醒度
Psychological expression space
by Russell & Bullock,1985
arousal
valence
The dimension theory represents
expressions in a psychological space.
Copyright© Secure IoT Platform Consortium. All rights reserved.37
This research: use Riemann geometry
1. Build a psychophysical expression space from facial
images: physical stimuli.
2. Introduce Riemann metric by JND(just noticeable difference)
thresholds, which are subjective unit circles.
3. Apply Riemann geometry to recognize expressions.
Measurement of JND and application of Riemann geometry
Euclidean spaceRiemannian Space
( , ) ( )T i j
G ijd d d G d g dx dx= =x x x x x
A Riemann space is a space where local distance is defined
by Riemann metric tensor G(x) :
Unit sphere=JND
( ) 1Td G d =x x x
Copyright© Secure IoT Platform Consortium. All rights reserved.38
Measurement of JND Thresholds
Along a sequence of expression images that change from one expression to another expression, measure the facial expression that is the starting point and the expression image that felt the difference for the first time.
start
A sequence of expression images
・・・
JNDThe image we need
Anger Disgust
Copyright© Secure IoT Platform Consortium. All rights reserved.39
JND are ellipsoids in expression space
39
JND thresholds are ellipsoids with various shapes, showing the expression space is not Euclidean
but a Riemann space.
Similarities are observed between different subjects
Copyright© Secure IoT Platform Consortium. All rights reserved.40
Two close images but distinct expressions
Copyright© Secure IoT Platform Consortium. All rights reserved.41
Two remote images but similar expressions
Copyright© Secure IoT Platform Consortium. All rights reserved.42
The JND thresholds define Riemann metric tensor
Analytics of expression space by Riemann geometry
Discussion & Future work
Quantitative representation
• Future Work and applications
• Creation of facial expression recognition model
• Dimension estimate and reduction for expression space.
Perception visualization• Compare and
compensate individual differences in facial expression perception.
• Applications in medical care for ages and
Quantitative representation of expressions and
A new facial expression space as a Riemann space
Copyright© Secure IoT Platform Consortium. All rights reserved.43
データ管理層(Digital Management Layer)
DX(digital Transformation) 環境が広がる中で、クラウドに1) データを暗号化して預けること2) 預けたデータを処理する場合、平文に復号
せずに、暗号化状態の儘、処理することが、情報漏洩を防ぎ、情報の真正性を保証するために不可欠である。
Copyright© Secure IoT Platform Consortium. All rights reserved.44
以下、山口教授(Professor H. Yamaguchi)作成スライド
Copyright© Secure IoT Platform Consortium. All rights reserved.45
Workflow of Data
user
Natural
Language
-Problem-
Reply
Logical
Formula for
Natural
Language
Structured
Natural
Language
(SCDL)
Private
Information
Retieval
( Bits,Records,
Semantic ・・・DBMS)
Oblevious
Logical
Logical-
Based
Encrypted
Computing
Biological/
Biomedical
Evaluation
Copyright© Secure IoT Platform Consortium. All rights reserved.46
PIR schemes enable a user to privately relieve data. This means that the queries
give database no partial information ( in information theoretic or computational
sense) on the identity of the item retrieved by the user.
Encrypted ComputingEncrypted result which, when decrypted, matches the result of operations
Performed on the text. This scheme based on the arithmetic constraints. On the
other hands, fully homomorphic encryption scheme are formed him to make on
additional very strong harness assumption. In this paper, we apply the exclusive-
or arithmetic which guards the intermediate results.
We work flow of evaluating similarity of encrypted sequence with and evaluation
result are kept A secret.
Private Information Retrieval (PIR)
Copyright© Secure IoT Platform Consortium. All rights reserved.47
Example of SCDLFind nucleotide or amino acid sequenced from a database
that are similar to a given sequence.
SELECT NFROM R (input) s, R (input) s’
WHERE blasy (s, s’)
Copyright© Secure IoT Platform Consortium. All rights reserved.48
Encrypted Computing
(Goldwasser-Micaliの論理演算方)
Encryption of x.
Encryption of a bit b is
E(b) = xb r2 mod 2. random r ∈ {0, …, m-1}.
The homomorphic property is then
Obtain a value of exclusive- or
computation
where Å denotes addition mod 2.
(i.e. exclusive-or).
48
Copyright© Secure IoT Platform Consortium. All rights reserved.49
Evatuation of similarity of two DNA sequence
Two DNA sequence Sooo387,
Evaluation Result While encrypted
Copyright© Secure IoT Platform Consortium. All rights reserved.50
ネットワーク層(Network Layer)
Improved S/MIME Including IoT
Copyright© Secure IoT Platform Consortium. All rights reserved.51
以下、才所研究員 (Researcher T. Saisho)作成スライド
Copyright© Secure IoT Platform Consortium. All rights reserved.52
Research and development of protocols
that realize the following functions
in the application layer of the OSI reference model.
(1)Authenticity assurance at the network layer
a: Authenticity of the sending device
b: Authenticity of the received data
(2)Anonymity of the sending device
(3)Specificity and traceability of the sending device
Copyright© Secure IoT Platform Consortium. All rights reserved.53
(1)Authenticity assurance at the network layer
a: Authenticity of the sending device (spoofed device detection)
b: Authenticity of the received data (tampered data detection)Ensuring the authenticity of
the sending devices and data
with the signature of
the IoT system operating
organization
IoT System
Operating Organization
Ensuring the authenticity of
the sending devices and data
with the signature of
the sending device
Sending DeviceData Utilization
Organization
Ensuring the authenticity of the sending devices and data
by the chain of signature verification
Copyright© Secure IoT Platform Consortium. All rights reserved.54
(2)Anonymity of the sending device
IoT System
Operating Organization
Identifying the sending device
by private internal code
Data Utilization
Organization
Sending Device
Identifying the sending device
by public external code
Convert internal code
to external code
Ensuring the anonymity of the sending device
to the data utilization organization
Copyright© Secure IoT Platform Consortium. All rights reserved.55
(3)Specificity and traceability of the sending device
IoT System
Operating Organization
Sending DeviceData Utilization
Organization
Convert external code
to internal code
Ensuring the specificity and traceability of
the sending device
Identifying the sending device
by private internal code
Identifying the sending device
by public external code
Copyright© Secure IoT Platform Consortium. All rights reserved.56
Danke schön
Thank you very much
多謝 深謝