Yoshimi Teshigawara

A Study on Sensor Multiplicity in Optical Fiber Sensor Networks

We have developed a novel optical fiber sensor network system with hetero-core spliced fiber optic sensors. Our previous work demonstrated that the system can play a dual role as a gigabit-class communication network and a sensing system when a limited number of sensors are used. However, optical devices are generally expensive. Thus, in order to use the devices efficiently, it is required that the system allow more sensors to be inserted into a fiber line. In this paper, we propose an enhanced system that can improve sensor multiplicity. The system utilizes a new type of sensor module that generates optical loss only for a short time. We analyze the relationship between sensor multiplicity and communication quality when using such sensor modules, and present results of the performance of this enhanced system in simulated experiments.

LAN fault management ensemble

LAN systems are widely used in distributed environment and it becomes more indispensable to manage distributed LAN systems in an integrated manner as enterprise-level networks. This paper describes the LAN fault management ensemble which has been developed by the Ensemble Team of INTAP NM (Network Management) Technical Committee. Ensembles represent specific solutions to particular problems of the networks as a collection of managed resources, functions and scenarios. This ensemble provides a method of managing an enterprise-level private network in particular fault management areas. OSI management is adopted as a platform to manage LANs which are assumed to be managed by SNMP or OSI layer management protocols. This ensemble takes a state-oriented approach which is better suited, and provides more efficient integrated network management for large-scale enterprise networks containing many resources to be managed, because SNMP management is performed by polling based on the stateless approach. In addition, this ensemble adopts international standards or publicly available specifications regarding the necessary management information. Integrated management is executed by the OSI manager and proxy agents. Proxy agents act as OSI agents and convert information gathered by SNMP manager/agents or OSI layer management entities to OSI. Various network resources such as FDDI, Ethernet and MIB-II are defined on the basis of definition of the ISO/IEC, IEEE and NM Forum standards and additional necessary resources are uniquely defined for this ensemble requirements.

Security guideline tool for home users based on international standards

Purpose – The level of security of home information systems can be described as their capacity to resist all the accidental or deliberate malicious activities based on the evaluation assurance levels (EAL) as defined in international standards. The purpose of this paper is to propose a security guideline tool for home users based on the implementation of a protection profile (PP) for home user systems.Design/methodology/approach – The application was developed in three basic steps. First, a PP for home user systems was created on the basis of the international standard ISO/IEC 15408. Then, the paper created a knowledge base including the PP information, as well as a security policy including other international standards, as mentioned above. Finally, the paper created a web application tool to be used as a security guideline for home users.Findings – This tool is developed in order to support users to understand the threats which affect their environment and select the appropriate security policy. By usin...

A Knowledge-Based Tool to Support Clear Relationship between Threats and Countermeasures Based on International Standards

In this paper, we propose a web application for security policy management by using threats-countermeasure model based on international standards. The main objective of this research is to create a knowledge-base to identify and specify the threats that affect the IT environment. In addition, our proposed knowledge-base system intends to fuse similar security controls or objectives to create effectively a security guideline for a specific IT environment. This web application display a detail of the most common threats to the information systems, and for each threat, present a set of related security controls from different international standards including ISO/IEC 27002.

A Threat Model for Security Specification in Security Evaluation by ISO/IEC 19791

ISO/IEC TR 19791 is an international standard that must be used as the basis for the security evaluation of operational systems. This standard has been recently developed, and the first version was made available in May 2006. ISO/IEC TR 19791 is intended to be an extension of ISO/IEC 15408, known as “Common Criteria” (CC). In order to evaluate an IT product or system using CC or ISO/IEC TR 19791, developers must create a Security Target (ST), or a System Security Target (SST). However, a problem encountered in creating these is the determination of the Security Problem Definitions (SPDs), because the SPDs fall outside of the scope of CC. Neither ISO/IEC 15408 nor ISO/IEC TR 19791 provides a framework for risk analysis or the specification of threats. In this paper, we propose a threat model based on multiple international standards and evaluated ST information, and describe a Web application that can be used for security specifications in the production of STs and SSTs which are to be evaluated by CC and ISO/IEC TR 19791, respectively.

A threat model for security specification in security evaluation by ISO/IEC 19791

ISO/IEC TR 19791 is an international standard that must be used as the basis for the security evaluation of operational systems. This standard has been recently developed, and the first version was made available in May 2006. ISO/IEC TR 19791 is intended to be an extension of ISO/IEC 15408, known as “Common Criteria” (CC). In order to evaluate an IT product or system using CC or ISO/IEC TR 19791, developers must create a Security Target (ST), or a System Security Target (SST). However, a problem encountered in creating these is the determination of the Security Problem Definitions (SPDs), because the SPDs fall outside of the scope of CC. Neither ISO/IEC 15408 nor ISO/IEC TR 19791 provides a framework for risk analysis or the specification of threats. In this paper, we propose a threat model based on multiple international standards and evaluated ST information, and describe a Web application that can be used for security specifications in the production of STs and SSTs which are to be evaluated by CC and ISO/IEC TR 19791, respectively.