DICOMO2008 促廛蹈安ッ�ッ�

(促損促奪揃促巽促坦表造�)

促泪谷促船叩促妊贈促蔵臓造分損其臓造其即調造肇但促丱造促谷(DICOMO2008)促揃促坦促櫂存促側促�

促損促奪揃促巽促坦 7A 促損促足促奪促棚促謄贈卒��箪(CSEC)
�端損綻: 2008年7揃樽11�端(其但) 8:30 - 10:10
�担族属: 促櫂辿促螢�
尊�長: 族村�樽遜�彦 (其綵Ｂ斬座驚��巽続�)

7A-1 (損綻卒�: 8:30 - 8:55)

�棚名	A Proposal of a Knowledge-based Tool to Support ST Developers on Acquisition of Cryptographic Requirements
�淡村�	*Guillermo Horacio Ramirez Caceres (Graduate School of Engineering, Soka University), Atsuo Inomata (Nara Institute of Science and Technology), Yoshimi Teshigawara (Graduate School of Engineering, Soka University)
Page	pp. 1510 - 1515
Keyword	Security Evaluation, Cryptographic Requirements, Knowledge-based
Abstract	At the present time, owing to advance of the broadband mobile communications and the Internet, many home users are enjoying services of IT revolution. Nevertheless, only limited people are aware of the danger of information eavesdropping and privacy invasion, when it comes to security policies. The security information can be understood as the ability of an information system which uses the Evaluation Assurance Levels (EAL) as defined in international standards ISO/IEC 15408 to avoid all accidents or malicious deliberate actions. Accidents and actions which will endanger availability, integrity, and confidentiality of stored or transmitted data as well as corresponding services offered by these networks and systems. Many international standards exist in the IT security field. We have been developing a knowledge-based tool based on multiple international standards. In this paper, we propose a new knowledge-based tool based on FIPS 140-2 and SP 800-57 in addition to ISO/IEC 15408(CC), ISO/IEC 15446, ISO/IEC 13335, ISO/IEC 17799, and ISO/IEC 19791. ISO/IEC 15408 also known as Common Criteria (CC) for Information Technology Security Evaluation is an international standard used as the basis to evaluate the security properties of IT products. CC Part 3 describes 7 security requirements package used for the evaluation, called Evaluations Assurance Level (EAL). In order to evaluate IT products based on CC, developers must create security target (ST). According to CC, the subject of criteria for the assessment of the inherent qualities of cryptographic algorithms is not covered in the CC. However, the Target of evaluation (TOE) may employ cryptographic functionality to help to satisfy several high level security objectives. In this case, ST developers must be able to refer to an external standard. FIPS 140-2 are different from the CC in the abstractness and focus of tests. FIPS 140-2 testing is against a defined cryptographic module and provides a suite of conformance tests to four security levels. All these 2500-odd pages about these international standards may not be the biggest issue. The principal problem of these international standards is the technical languages used with the large number of unfamiliar and technical terms. Specifically, on the cryptographic field, there are too many new technical words, and several standards to apply for cryptography. All these make the contents difficult to understand and the ST developer must read many times when trying to create a ST for evaluation. From the FIPS 140-2 point of view, FIPS 140-2 specifies 11 security requirements to secure design and implementation of cryptographic module. In addition, 4 security levels are specified for each of 11 requirement areas. According to FIPS 140-2, if the operational environment is modifiable, the operating system requirements of the CC are applicable at Security Levels 2 and above. This knowledge-based tools works as a web application and will be able to access at http://teshilab.net. The knowledge-based tool supplements deficiency in ST developer臓�s knowledge by allowing easy access to often complex but necessary information on international standards and security requirements for cryptographic modules. In addition, this knowledge-based tool can also be used to support ST developers to understand the Cryptographic Module Validation Program (CMVP) process. Most of the information on FIPS 140-2, CC and other standards, are graphically displayed on this site. In addition, references in the same standards or to other standards are graphically represented, to help user to read and understand this relationships. Finally, we are working to include in this knowledge-based tool, other important international standards and special publication from NIST to support other aspect of cryptography and risk assessment as our future works.

7A-2 (損綻卒�: 8:55 - 9:20)

�棚名	促損促足促絅��命速促蔵臓村促足促謄俗促船達GSCIP造嘆村存遜造孫造襯安ルー促彜��箪促袖臓村促个亮��探造髪多��評族�
�淡村�	*尊贈村揃遜佑, �谷�� 遜即��, 存奪藤裕損�, ��樽卒孫存 (名他谷�巽続��巽続惘臓�箪孫息続惴側袖脱族�)
Page	pp. 1516 - 1522
Keyword	促損促足促奪促棚促謄贈, IPsec, KINK, �命速促属促襦実ッ�, 促造促坦促肇辿促優奪�
Abstract	促造促坦促肇辿促優奪箸任牢谷其箸測卒��箪造孫造谷存朕余丹�坦造�漏賊未覆鼻造村勸歎造辰�但�担卒愀存村圓��正造砲竪造谷�蛤瓩�紳ぢ��坦孫陲気狸造討造造襦ヂぢ径ぢ�ぢ径なぢ�ら，促造促坦促肇辿促優奪��但�担造離損促足促奪促棚促謄贈�从旦造魯罅実ヂ玉沼とパヂ溝ワー促匹砲竪造谷卒�単造��棚村棚認他據造促蔵促俗促損促孫制存脱�淡�戮揃造束孫圓誰造狸造討造造覆造造里測存遜他探造任蔵造襦ヂぢ渋のぢ紳っ∥潅�業ネットワー促俗造砲捉造造造謄損促足促奪促棚促謄贈造嘆続��櫃孫造襪紳っ∥に∥っ�担�巽造辰其�務造鳳綻造存造多�命速促属促襦実プっ佳溝獣�曚揃臓造属店脱�命速造嘆孫圓側造続造箸�有存炭造兵棚�覆任蔵造襦ヂぢ渋ぢ蛎で我々造禄��丹性造肇損促足促奪促棚促謄贈造嘆揃坦造��┐多促優奪肇錙実ヂ�の蛎鞠安とぢ径っ�FPN臓�Flexible Private Network臓砲噺討屮揃促孫促謄�造嘆�鷯Г揃造討足造多臓促FPN造嘆其単��的造房存遜造孫造襪紳っ∥っﾃ�命速促蔵臓村促足促謄俗促船達造箸揃造�GSCIP臓�Grouping for Secure Communication for IP臓砲嘆存臓討造揃造討造造襦�GSCIP造任�端��棚属造孫造谷�命速促属促襦実プ∥ぢぢ�っ�っ�動尊樽促癲実ドっﾃ�箸濆巽造錣斬にっ�り，�命速造硫��櫃捉造竪造唹店脱�命速造�有無造嘆動的造坊竪�蠅溝るこ造箸測造任足造襦�GSCIP造隆��箪造蓮造促属促襦実プ潅��箪促袖臓村促�GMS臓�Group Management Server臓砲嚢圓側臓促GMS造任��命速促属促襦実プっ�動尊樽促癲実ドっﾃ�棚袖繊造造捉造竪造咼属促襦実プ限安っﾀ言�∥ぢ溝溝紳径などっ佳行ぢβ∥ッ�楾討任魯造促坦促肇辿促優奪箸砲捉造造造�GSCIP造�IPsec造鬚修譴沼れ運�僂孫造谷他狸孫巽造�発生造孫造谷卒��箪�辿族戮嘆�棚��的造傍叩造瓠ね㌢乎裟㌢っ佳鈎ﾇ�ぢ溝る．

7A-3 (損綻卒�: 9:20 - 9:45)

�棚名	促妊存促多促谷促如村促多他攀嘆��全促廛辿促奪肇侫息臓村促�臓�Dig-Force促揃促蝓実ヂ座』の蛎��っ�評族�
�淡村�	*属族�樽佑村湛 (�狸袖綻�典臓�巽続��巽続惘臓�竪端族奮惶損遜儻側袖脱族幣丹�坦�命速促叩促妊贈促蔵孫息続��豺�), 藤�� 揃遜祐, �綻澤 �達里損�, 尊卒臓孫�� 桧狸 (�狸袖綻�典臓�巽続��巽続惘臓孫息続惴側袖脱族幣丹�坦�命速促叩促妊贈促蔵続��豺�)
Page	pp. 1523 - 1530
Keyword	促妊存促多促谷促侫息促狸促鵐献奪俗, TPM, 促蹈�, 促劵孫促謄螢径ヂ溝獣位�, 促束促叩促辿
Abstract	臓臓其叩年臓造促造促鵐拭村促優奪箸��叩袖擇�伴造造臓造促続促坦促團紂実ヂ紳っ佳使っぢ臣�蛤叩造辰促肇辿促屮襪��箪造即造討造造襦ヂまぢ親餌暫沼に∥に∥加��巽続惘臓造��屬辰尊�判属歎制�戮覆匹砲竪造蝓っ�幣戮測造竪造棚多閥叩造砲覆辰討足造討造造襦ヂぢ径ぢ紳ぢ�って∥っ�幣戮妊妊存促多促谷促如村促多造測遜��廚幣攀嘆造箸揃造銅竪造螳径っ�っ�るケ臓村促孫造測�箪造即造� 造俗造谷造世蹐βと考ぢ�っ�っ�る．臓臓造続造側造揃造多他�靴��┐襪紳め，卒谷其箸任蓮造臓�1臓縫続促坦促團紂実ヂ紳にっ�っ�デヂ限ヂ紳ッ�デ∥実ヂ紳の取扱�脱造�生造存造谷尊樽其箸里続造坦�廚辰尊樽其箸��炭�嘆造嘆促妊存促多促谷促如村促多造箸揃造導��櫃揃臓造臓�2臓��幣戮魑�続造孫造世賊造任呂覆俗�幣戮袖造譴紳際でっ��但��任造測族未多造損造谷造茲βにぢ溝るた造叩造亮棚遜巽造箋斬術でぢ�っ�デヂ限ヂ紳ッ�フヂ�ッ�ンジッヂ�（以佳実∥�DF臓砲�整��廚砲覆辰討足造討造造襦� 臓臓促妊存促多促谷促侫息促狸促鵐献奪俗促揃促孫促謄�臓憤焚村臓造DF促揃促孫促謄�臓砲箸蓮造促続促坦促團紂実ヂ紳ぢ�安作し造多�但�討嘆袖足録造揃臓造存紊�ら検他擇測造任足造谷造茲βなヂ蛎ッ蛎ピュー促多促揃促孫促謄�造任蔵造襦ド�者っ�は∥ぢぢ蛎っ�DF促揃促孫促謄�造蓮造��峽��屬砲竪造蝪佳蔀�ﾃ�造�分�爐径ぢ紳∥ヂ庵�つは∥ぢ潅��箪造袖造譴紳ネットワー促俗卒超足族村造��淡�僂孫造谷促優奪肇錙実ヂ�径紳と∥ぢぢ渋っ�以蛎安の消�獣�っ��淡�僂孫造襯溝ヂ紳ッ蛎ドヂ�ッ㌢ン型でぢ�る．臓臓促優奪肇錙実ヂ�径紳はヂ蛎ッ蛎ピュー促多造嘆��尊遒溝る従其醗歎造測属造揃造討造造谷�反促造測卒��箪造孫造谷促優奪肇錙実ヂ�（以佳実∥ぢ潅��箪造袖造譴紳ネットワー促俗臓砲嘆族陲靴謄続促坦促團紂実ヂ紳っ佳一元卒��箪造揃造討造造襪紳っ∥リア促襯紳ヂぢッ�造�動尊樽造嘆卒道襪溝るこ造箸測造任足造襦ヂネットワー促俗揃多造�DF促揃促孫促謄�造牢谷其箸砲但導�綻造袖造狸造呂存造叩造討足造討捉造蝓ぢ潅�連存側袖脱造發ぢろい造鱈孫圓誰造狸造討造造襦ヂぢ径ぢ�ぢ径なぢ�ら，遜他其醗歎造離続促坦促團紂実ヂ紳にっ�っ�挫�業は消�に潅��箪造袖造譴紳ネットワー促俗卒超足族村造任蔵造谷造箸聾造辿造覆造臓促卒��箪造袖造譴紳ネットワー促俗造��続造袖造狸造討造造覆造促続促坦促團紂実ヂ紳で渋沼業庵径の挫�業っ佳蟻㌻紳ぢ溝るた造叩造砲蓮造促孫促多促坦促疋蔵促鱈促鷏燭�DF促揃促孫促謄爐��廚任蔵造襦ヂぢ蛎のよう造淵孫促多促坦促疋蔵促鱈促坦卒超足族村造任�DF促揃促孫促謄�造慮側袖脱造�筆村圓蕕��里谷存造棚造任禄他�竪孫圓誰造狸造討続造覆束造辰多臓促臓臓促孫促多促坦促疋蔵促鱈促坦卒超足族村造任蓮造促続促坦促團紂実ヂ紳っﾆ安挫�っ佳リア促襯紳ヂぢッ�造粘道襪径ぢ紳り，促蓮村促疋妊贈促孫促俗造嘆村竪造螻安ぢ溝とぢぢっぢ進��箪的造丙樽其箸嘆促船則促奪俗造孫造襪蛎とぢ�でぢ㌢なぢぢぢ蛎とぢ�ら，促優奪肇錙実ヂ�径紳っ�っ�っ�証誼佳デ∥実ヂ紳っ��个孫造谷��正造��性造嘆損箪造�必�廚測造蔵造襦� 臓臓造遜造続造�筆村圓辿造蓮造促劵孫促謄螢径ヂ溝獣位沼と暗号機能造嘆損箪造辰多促損促足促奪促棚促謄贈促妊丱造促孫造嘆�僂造造襪蛎とにっ�り，臓�1臓縫孫促多促坦促疋蔵促鱈促坦卒超足族村造如造臓�2臓縫続促坦促團紂実ヂ紳っﾃ��尊樽造嘆孫圓即造�必造尊袖足録造測損弔谷造茲βにぢ溝っ�ととっ�に∥ぢ｜�3臓��尊遒径ぢ紳人っ加��蠅径∥ぢ｜�4臓傍足録造揃造多促如村促多造測族綻造其造鵑気狸造討造造覆造造続造箸嘆存紊�っ��荵安者ぢ�限∥証でぢ㌢るス促多促坦促疋蔵促鱈促坦揃多DF促揃促孫促謄�臓�Dig-Force臓廚嘆孫涌討揃造多臓促臓臓村尊櫃縫廛鱈促肇多促造促廚嘆続束発造揃臓造存臓他擇嘆孫圓辰多揃谷族漫造属�全性造旅發�DF促揃促孫促謄�造任蔵造襪蛎とぢ��ぢ�っぢ紳ぢ�∥�DF促揃促孫促謄�造粒謄廛蹈安ッ�ムが��正造��儿孫造袖造狸造覆造造箸造造側前�鵑�蔵造襪紳め，Dig-Force造嘆村存遜造孫造襪紳っ∥には紳径ぢ紳なる検討造測必�廚箸覆辰多臓促臓臓造遜造続造如造Dig-Force造嘆造竪造棚属�全造�動尊遒蟻ぢ斬るた造叩造�Trusted Platform Module造嘆�僂造造董造DF促揃促孫促謄�造琉�全性造鮓‐擇任足造襯径ヂ溝テッ�臓�Dig-Force2臓廚嘆続束発造揃造多臓促造続造�Dig-Force2造嘆�僂造造�DF促揃促孫促謄�造�動尊樽造嘆�歉擇孫造谷造世賊造任覆俗臓造��正造淵廛蹈安ッ�ムが動尊遒径なぢぢ環饗㌢っ佳挫�っ�出ぢ溝ぢ蛎とぢ�でぢ㌢ぢ紳∥� 臓臓造泙多臓造Dig-Force造離蔵促廛螢餌∥実ヂ径ッ�ッ蛎とぢ径て∥ぢ庵ッﾅ関径限などの限渋消�へっﾆ鈎�綻造嘆��蠅径ぢ紳ヂ径ヂ溝テッ�臓�MILY臓廚嘆孫涌討揃造多臓促造続造離揃促孫促謄�造蓮造促続促坦促團紂実ヂ紳などのデヂ限ヂ紳ッ�デ∥実ヂ紳っﾂ沼∥ぢヂ�ッ∥ッ�にっ�る撮賊討嘆促如村促多造箸揃造�同損綻造暴竪�箪造孫造襪蛎とぢ�ら，促続促坦促團紂実ヂ紳以蛎安のデ∥実ヂ紳っ佳ログ促如村促多造箸揃造銅竪造螳径ぢ�るこ造箸嘆��徴造箸揃造討造造襦�MILY造嘆村存遜造孫造襪蛎とにっ�り，村棚遜僂慮遜他狸造砲捉造造造討録卒�顛泙辰脳�箸覆匹箸箸但造暴��脱造鬟�叩促辿造砲竪造辰道贈賊討揃臓造造遜造狸造辿造嘆Dig-Force造嘆促戞村促孫造箸揃造多DF促揃促孫促謄�造��僂孫造襪蛎とにっ�り，属奪�纏旦存里覆匹砲但�弍綻造任足造谷物造塙佑即造討造造襦� 臓臓�楾討任蓮造Dig-Force造硫嘆�但造函造Dig-Force2袖擇�MILY造離廛鱈促肇多促造促廚嘆尊樽成造揃有��性造嘆存臓討造揃造多造里��坦孫丹造嘆孫圓側臓促

7A-4 (損綻卒�: 9:45 - 10:10)

�棚名	多��標脱造粒袖念造亡丹造鼎俗促螢溝ヂ�っ��从旦存炭族未離但促妊覯渋に関ぢ溝る検討
�淡村�	*族�藤孫属属狸, 勅損伐聾其族蝶造 (�浪��巽続��巽続惘臓)
Page	pp. 1531 - 1540
Keyword	促螢溝ヂ��, 多��標脱, 促侫息促谷促肇張蝓実加加��, 促螢溝ヂ�ッ�デッ�, 促戰造促存促蔵促坦促優奪肇錙実ヂ�
Abstract	属狸�未法造�反促造離優奪肇錙実ヂ�にぢ�ぢ餌っ�リス促俗造辰�从旦造蓮造造蔵造谷促螢溝ヂ�の限佳在佳渋ぢ�沼のリス促俗造慮族尊濂遜造嘆誘発造孫造谷造覆匹離螢溝ヂ�間の庵�存卒愀存臓造複多担造離螢溝ヂ�に乎座果っ家�潅限ぢ溝っ��从旦造�存尊澆覆�複損即造粉愀存造嘆損箪造辰討造造襦ヂぢ渋のぢ紳め，促螢溝ヂ�っﾀ蟻確っ��聴速造�適�擇��从旦造侶竪�棚造��動廚任呂覆造臓促造袖造辿造法造族罅溝はぢ蛎っ�まで∥っ�从旦�儿孫造嘆伴造側促優奪肇錙実ヂ��淡�兒綻造砲捉造造造謄損促足促奪促棚促謄贈造嘆属飮箪族�能造��从旦揃竪�棚村棚法造嘆存臓討造揃造討足造多造測臓造�从��螢溝ヂ�限佳在佳渋のどっﾃ�奮測造髻ぅ優奪肇錙実ヂ�消ヂのどぢ蛎っ��制造揃造討造造谷造里束造測��討任蔵造辰多臓促造遜造続造��楾討任蓮造促螢溝ヂ�ぢ�限佳在佳渋ぢ溝っ��っ�っ佳消誼��遷属椰泙�表存遜造揃臓造�从旦造�併造損造謄優奪肇錙実ヂ�ッ�デッ�消ヂっ��屬孫造襦ヂぢ蛎っ�にっ�り，促螢溝ヂ�限佳在佳渋っﾎ�っ�っっ�从旦存炭族未嘆促優奪肇錙実ヂ�環饗㌢と照合し造導�認造任足造襦ヂぢ蟻っ�に∥ぢ消誼��遷属楹�率造嘆�僂造造襪蛎とで∥っ�椒但促妊谷造嘆促戰造促存促蔵促坦促優奪肇錙実ヂ�とぢ径て安径ぢぢ∥ぢリス促俗存族尊濂遜造慮其属淡造凌辰測造測族�能造箸覆襦�