Michiharu Kudoh

Dynamic information flow control architecture for web applications

In typical Web applications, the access control at the database management system is not effective due to the dependency on application behavior. That is, once the information is retrieved, a careless application can easily leak the information to undesirable parties. In addition, database accounts are often shared for multiple Web users in order to allow connection pooling. We propose DIFCA-J (Dynamic Information Flow Control Architecture for Java), to keep track of and control fine-grained information propagation through execution of the program. DIFCA-J allows controlling the information flow at run-time, without needing to modify the source code of the target application or the Java VMs.

Layering negotiations for flexible attestation

Recently, much attention has been paid to research on distributed coalitions that establish trust among the members of groups of computing components in distributed environments. The Trusted Virtual Domains (TVD) that our research division is proposing is a new model of a distributed coalition for establishing multiple trusted coalitions of components on nodes in distributed heterogeneous environments. In a large-scale distributed computing environment where many kinds of components exist and there might be difficult situations to agree common attestation methods among all components beforehand, it is necessary to provide each component with flexible attestation according to its usage scenario for increasing the number of components that can participate in TVD.In this paper, we propose a layering negotiation approach. It divides an attestation process into a global attestation phase that verifies that a TVD is fundamentally secure and supporting essential trusted primitives and a local attestation phase that verifies the integrity of a specific component involved in a usage scenario. And, a combination of attestation methods is decided as a result of negotiation between the components for each kind of attestation at each phase. With our approach, the attestation corresponding to a usage scenario can be done flexibly based on the minimal required attestation needed in the TVD, so the component developers can concentrate on the implementation of the higher-level functions.

Checking assignments of controls to risks for internal control

It has become a more important role in society to manage Internal Control in industry while improper activities by well-known corporations are revealed one after another. Financial Instruments and Exchange Law is promulgated on June 14th, 2006, to impose documentation of financial reporting on Japanese listed companies. To document financial reporting, each company has to evaluate control activities in administrative work-flows. Evaluation is to check if control activities in administrative workflows prevent or mitigate latent risks properly. The decision-making criteria for evaluation depend on the evaluator and are not seen explicitly. This causes lack of consistency of evaluation. To avoid inconsistency, the decision-making criteria for the evaluation should be specified precisely. In this paper, we propose a decision-making criterion for evaluation and show how evaluation can be done with it. Evaluation with precisely defined decision-making criteria raises reliability of financial reporting. This research is helpful to construct an e-Government system for evaluations of business processes for Internal Control.