Junpei Kawamoto

A method of digital rights management based on Bitcoin protocol

In the digital world, so many copyrighted works are made in an illegal way because it is easy to keep and copy. Digital Rights Management has proposed to prevent this theft. Contents providers often bring in one server who has charge of managing the normal user, but there are some problems that it flocks to the server. Against this problem, P2P based DRM system has considered. All users can transfer the encrypted content to other users, so the content server does not have to load so much traffic from users. As a problem with this method, it is hard to figure out usage situation of contents because P2P based system is divided into many pieces of users. In this paper, we propose a new P2P based DRM system using Bitcoin protocol, which is one of the electric commerce. Bitcoin protocol, timestamp server saves all transactions to prevent double spending. We can bring out all usage situations to apply this system.

An Analysis of IT Assessment Security Maturity in Higher Education Institution

The information technology (IT) has been applied widely in Indonesia Higher Education Institution for various services. Many organizations responsible for managing the IT infrastructure, however, rarely have a framework for assessing the security maturity level of their information management. The implementation of a framework is one of solutions, but has not been yet maximized. Therefore we suggest to combine several frameworks in hope that they can be complementary. The combination of different frameworks will be more effective to monitoring the security maturity level by using an assessment security maturity management. This assessment security maturity management is a combination of framework control objective from IT Governance COBIT® 4.1 (Control Objectives for Information and related Technology) with Management Service in ITIL v3 (Information Technology Infrastructure Library) and ISO/IEC 27001. Since assessment of security maturity management is measured using COBIT® 4.1 assessment framework, and before it was adjusted with the ISO 27001 framework applied maximal. This paper present the results of assessment maturity security management, mapping of combination framework providing an indicator of security maturity level at one of university in Jakarta. A case study conducted shows that combination of some frameworks to support assessment of security maturity management level becomes more effective and efficient.

Improving the accuracy of signature authentication using the eight principles of Yong

The signature authentication on smartphones has been studied as a method to protect personal information. Its authentication accuracy is a challenge due to restrictions such as size of the terminal. In this paper, a signature authentication method that incorporates the calligraphy concept called Eight Principles of Yong is proposed for users of Chinese characters. The Eight Principles of Yong means that the character Yong has the eight techniques needed to describe any Chinese character. In the method, the certifier makes clusters from Yong in advance. Strokes of the template are allocated in clusters. At the time of authentication, strokes of the character are allocated in these clusters. If the cluster is the same as the stroke, the distance between the data decreases.

Host independent and distributed detection system of the network attack by using OpenFlow

Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.

Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions

With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups—that is, different providers and regions. By combining an

A Behavior-Based Method for Detecting DNS Amplification Attacks

\ell

Detection of Android ad library focusing on HTTP connections and view object redraw behaviors

ℓ-out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from