Tomohiro Shigemoto

Development of qualification of security status suitable for cloud computing system

Cloud services have recently been expanding rapidly, but business users are still in the minority compared with consumer users. From the viewpoint of organizational risk management, it is necessary to control the risks of the cloud computing environment used as part of an organizations information system in order to minimize any negative influence on the organizations mission or business processes. In a previous article, the authors divided cloud security metrics into two security levels. One level shows how the security metrics influence the mission or business processes in 27 dimensions. The other level shows the security status at the time and the influence range when an incident occurs. This article focuses the latter variable security level and describes the results of developing a cloud security visualization system that was designed based on collection, analysis, and visualization architecture to calculate the level. From the viewpoint of security risk management, the system is considerered to be effective for cloud service providers because it reduces the time needed to investigate the cause of incidents and to recover from them, it helps in triage assessment when many incidents happen simultaneously, and it can detect warnings of an incident and forestall such incidents before they occur.

Detection and control system for Peer-to-Peer file exchange application

As P2P (Peer-to-Peer) file sharing software is widely deployed, it causes some serious problems, such as network traffic congestion, unwanted file sharing by computer viruses that abuse P2P software, and so on. Detecting and controlling traffic of P2P software is an important issue to solve these problems. In this paper, we propose a basic architecture to observe large-scale network traffic, identify the P2P traffic and control them. This architecture consists of four units, the observation unit, the analysis unit, the control unit and the managing unit. We evaluate the architecture using lOGbps full duplex traffic, and demonstrate that this system can control the P2P traffic properly.