WO2024069876A1 - Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement - Google Patents

Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement Download PDF

Info

Publication number
WO2024069876A1
WO2024069876A1 PCT/JP2022/036510 JP2022036510W WO2024069876A1 WO 2024069876 A1 WO2024069876 A1 WO 2024069876A1 JP 2022036510 W JP2022036510 W JP 2022036510W WO 2024069876 A1 WO2024069876 A1 WO 2024069876A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
evaluation
trust
trust evaluation
result
Prior art date
Application number
PCT/JP2022/036510
Other languages
English (en)
Japanese (ja)
Inventor
衣緒 古山
一彰 中島
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to PCT/JP2022/036510 priority Critical patent/WO2024069876A1/fr
Publication of WO2024069876A1 publication Critical patent/WO2024069876A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services

Definitions

  • the present invention relates to the evaluation of systems such as networks.
  • reliability is a score for the device calculated based on the strength of the device's security, etc.
  • Patent Document 1 does not disclose the evaluation of the trust set for the network.
  • the object of the present invention is to provide an evaluation device that outputs the results of a network trust evaluation.
  • the evaluation device in one embodiment of the present invention includes an evaluation result acquisition means for acquiring the trust evaluation results of each device, a target information acquisition means for acquiring configuration information of the network to be evaluated, device information on the devices constituting the network, and a trust evaluation index of the network, a trust evaluation means for evaluating the trust of the network based on the configuration information, device information, the trust evaluation index, and the trust evaluation results of the devices, and an output means for outputting the trust evaluation results of the network.
  • the evaluation method obtains the trust evaluation results for each device, obtains configuration information of the network to be evaluated, device information about the devices that make up the network, and a trust evaluation index for the network, evaluates the trust of the network based on the configuration information, device information, trust evaluation index, and the trust evaluation results for the devices, and outputs the trust evaluation results for the network.
  • the recording medium records a program that causes a computer to execute the following processes: acquiring the trust evaluation results for each device; acquiring configuration information of the network to be evaluated, device information about the devices that make up the network, and a trust evaluation index for the network; evaluating the trust of the network based on the configuration information, device information, trust evaluation index, and the trust evaluation results for the devices; and outputting the trust evaluation results for the network.
  • the present invention has the effect of outputting the results of a trust evaluation of a network.
  • FIG. 1 is a block diagram showing an example of a configuration of an evaluation device according to a first embodiment.
  • 2 is a block diagram showing an example of a configuration of a trust evaluation unit;
  • FIG. FIG. 4 is a flow chart showing an example of an operation of the evaluation device.
  • FIG. 11 is a block diagram showing an example of a configuration of an evaluation device according to a second embodiment.
  • FIG. 13 is a block diagram showing an example of a configuration of an evaluation device according to a third embodiment.
  • FIG. 13 is a block diagram showing an example of a configuration of an evaluation device according to a fourth embodiment.
  • FIG. 2 is a block diagram showing an example of a hardware configuration of an evaluation device.
  • FIG. 1 is a block diagram illustrating an example of a configuration of a system that uses an evaluation device.
  • Equipment manufacturers provide reliability related to the security of the device when it is operating alone in a standard evaluation environment. For example, device manufacturers provide a score for the device as reliability, calculated based on the strength of the security of the device when it is operating alone in a standard evaluation environment.
  • the network configuration and the services provided using the network are different, the operation of the devices that make up the network will differ. For example, even if the same device is used, the device will operate differently if the network configuration, such as the number of devices included in the network and the connections between the devices, is different. Furthermore, the device will operate differently if the services provided are different. For this reason, the trust required by service providers that use networks is different from the reliability related to security provided by device manufacturers that assume a general evaluation environment.
  • network trust refers to the reliability of the network, and for example, the reliability of maintaining stable operation of the network. For example, network trust is used by service recipients to decide whether or not to use a service that uses the service provider's network.
  • an embodiment of the present invention evaluates the trustworthiness of a network used by a service provider or the like, and outputs the results of the network trustworthiness evaluation.
  • the embodiment evaluates the trustworthiness of a network.
  • this is only one example of an evaluation target.
  • the embodiment is not limited to networks, and may also evaluate the trustworthiness of a system composed of multiple devices, such as factory equipment.
  • First Embodiment 1 is a block diagram showing an example of a configuration of an evaluation device 10 according to the first embodiment.
  • the evaluation device 10 includes an evaluation result acquisition unit 110, a target information acquisition unit 120, a trust evaluation unit 130, and an output unit 140.
  • the evaluation result acquisition unit 110 acquires the trust evaluation result of each device.
  • the evaluation result acquisition unit 110 acquires the trust evaluation result of the device from an organization that has previously evaluated the trust of the device from an objective standpoint, such as a consortium.
  • the evaluation result acquisition unit 110 may store the acquired trust evaluation result of the device in a storage device not shown.
  • the evaluation device 10 may evaluate the trust of at least some of the devices and store the evaluation result in a storage device not shown. In this case, the evaluation result acquisition unit 110 may acquire the trust evaluation result of the device from the storage device.
  • Trustworthiness refers to the reliability of a network or device, for example, the reliability of maintaining stable operation of the network or device.
  • the trustworthiness evaluation index is a viewpoint for evaluating the reliability of a network or device, such as the presence or absence of unauthorized functions of the network or device, the inspection status, and the visualization status of configuration information.
  • the trustworthiness evaluation result is the result of evaluating the network or device based on the trustworthiness evaluation index. It is desirable that the trustworthiness evaluation result is a numerical value that is easy to handle.
  • the trustworthiness evaluation result is not limited to a numerical value, and may be data in a format other than a numerical value, such as "excellent/good/fair/not good" or "large/medium/small”. Specific examples of trustworthiness are as follows. In the following, trustworthiness will be explained using a network. The trustworthiness of a device can be explained by replacing the network in the following explanation with the device as appropriate.
  • Outage Risk Trustworthiness regarding outage risk is the possibility of a network outage and the predicted outage time in the event of an outage.
  • outage risk is the average outage interval or the average recovery time.
  • Outage risk may be the outage risk of a part of a network. For example, a network with a low outage risk is more trustworthy than a network with a high outage risk.
  • Information Leakage Risk Trustworthiness regarding information leakage risk is the presence or absence or possibility of information leakage in a network providing a service, and the status of measures against information leakage, etc.
  • the status of measures against information leakage is, for example, that all measures against information leakage have been implemented, that measures against serious information leakage have been implemented, that measures against information leakage have been identified, or that measures are not identified, etc.
  • a network with a low risk of information leakage is more trustworthy than a network with a high risk of information leakage.
  • the trust of a backdoor is the presence or absence of a backdoor in a network, or the possibility of the existence of a backdoor.
  • the trust of a backdoor may be the backdoor inspection state, such as the inspection method, inspection range, or inspection time of a backdoor in a network.
  • the backdoor inspection method is, for example, inspection using an inspection application, binary inspection of a program running on a device constituting the network, or source code inspection of a program. For example, a network that has been inspected for a backdoor is more trustworthy than a network that has not been inspected for a backdoor.
  • the reliability of risk assessment refers to whether a risk assessment inspection of network vulnerabilities has been conducted, the inspection results, the implementation status of countermeasures, the time of inspection, or the time elapsed since the inspection, etc.
  • the implementation status of vulnerability countermeasures may be that countermeasures have been implemented for all vulnerabilities, that countermeasures for serious vulnerabilities have been implemented, that countermeasures for vulnerabilities are known, or that countermeasures are not known, etc. For example, a network that has been inspected for risk assessment is more reliable than a network that has not been inspected for risk assessment.
  • Incident Response reliability is the defined state of a response when an incident occurs in a network.
  • Incident response reliability may include a range of incidents for which responses are defined, such as responses for major incidents being defined. For example, a network with defined incident responses is more reliable than a network without defined incident responses.
  • the reliability of the performance evaluation test results is the presence or absence of the performance evaluation test results and the performance content in the test results.
  • the reliability of the performance evaluation test results may be the performance evaluation test status, such as the performance evaluation test method, the test scope, the test time, or the elapsed time since the test was conducted. For example, a network whose performance evaluation has been tested is more reliable than a network whose performance evaluation has not been tested.
  • the trustworthiness of a business is the state of understanding of a business for providing a service or the entire business of the service provider, and the state of preparation for recovery work of the business.
  • the state of understanding of a business is, for example, the state of understanding of the scope of impact of each business, or the state of understanding of the priority of each business.
  • a network in which the business is understood is more trustworthy than a network in which the business is not understood.
  • the state of preparation for recovery work is, for example, the state of preparation for recovery from a business with a large scope of impact or a business with a high priority when an incident occurs.
  • a network in which recovery work is prepared is more trustworthy than a network in which recovery work is not prepared.
  • the trustworthiness of a developer is the state of understanding of the attributes of developers such as networks and devices.
  • the understanding state may be, for example, that the attributes of all developers are understood, that some attributes are not understood, or that some developers' attributes are not understood.
  • the attributes may be, for example, nationality, affiliation, development location, or past career.
  • the developer attributes are not limited to the attributes of individuals, but may also be the attributes of corporations or organizations such as development manufacturers. For example, a network in which the developer attributes are understood is more trustworthy than a network in which the developer attributes are not understood.
  • the trustworthiness of a supply chain is the trustworthiness of companies related to the supply chain of a network that provides a service.
  • Companies related to the supply chain are, for example, companies that design, provide, maintain, and manage the network that provides the service.
  • the trustworthiness of a company is, for example, the implementation status of a trustworthiness inspection in each company and the contents of the inspection results.
  • the implementation status of an inspection is whether or not an inspection has been conducted, the extent to which an inspection has been conducted, or the extent to which an inspection has not been conducted. For example, a network in which the trustworthiness of companies that make up the supply chain has been inspected is more trustworthy than a network in which the trustworthiness of companies that make up the supply chain has not been inspected.
  • the target information acquisition unit 120 acquires configuration information of the network to be evaluated, and device information about the devices that make up the network. Furthermore, the target information acquisition unit 120 acquires a trust evaluation index for the network. For example, the target information acquisition unit 120 may acquire configuration information, device information, and a trust evaluation index from a device operated by a service provider or the like.
  • the network trust evaluation index is a viewpoint for evaluating the trust of the network, such as the presence or absence of unauthorized functions of the device, the inspection status, and the visualization status of the configuration information.
  • the network trust evaluation index includes the presence or absence of unauthorized functions of the network, the inspection status, and the visualization status of the configuration information.
  • the network trust evaluation index is an evaluation index that meets the needs of the service provider, such as a service provider showing the trust of the network to the service recipient, such as the user who provides the service.
  • the trust evaluation index is an evaluation index for the above trust items such as "possibility of a backdoor".
  • the trust evaluation index may be a single evaluation index, a collection of multiple evaluation indexes, an integration of multiple evaluation indexes, or an evaluation index calculated using multiple evaluation indexes such as an average.
  • the service provider may create a trust evaluation index based on the service provided and the network used. Alternatively, the service provider may obtain a trust evaluation index from the service recipient, or may create a trust evaluation index according to the request from the service recipient.
  • Configuration information is information about the configuration of the devices included in the network. Examples of configuration information include the connection topology of the devices that make up the network, routes, communication protocols including wired and wireless, and equipment such as connection cables in the case of wired connections.
  • Device information is information about each device that makes up the network. Examples of device information include the manufacturer name, product name, model number, availability of options, purchase date, and firmware version of each device that makes up the network.
  • the target information acquisition unit 120 may acquire information related to the service provider.
  • the information related to the service provider is, for example, the size of the service provider, the business type of the service provider, the industry or business type in which the service provider is included, and stakeholders such as affiliates and competitors of the service provider.
  • the trust evaluation unit 130 evaluates the trust of the network based on the configuration information, device information, trust evaluation index, and the trust evaluation result of the device. If the target information acquisition unit 120 has acquired information related to the service provider as described above, the trust evaluation unit 130 may use the information related to the service provider in evaluating the trust. The trust evaluation unit 130 may use an evaluation method that corresponds to the network and evaluation index to be evaluated.
  • FIG. 2 is a block diagram showing an example of the configuration of the trust evaluation unit 130.
  • the trust evaluation unit 130 includes an inspection item creation unit 131, an inspection item determination unit 132, and an evaluation result creation unit 133.
  • the test item creation unit 131 creates test items for devices to evaluate the trustworthiness of the network based on the configuration information and the trust evaluation index. For example, the test item creation unit 131 uses the configuration information to identify one or more devices that correspond to the trust evaluation index of the network from among the devices that make up the network. Then, the test item creation unit 131 creates test items for evaluating the trust evaluation index for the identified devices.
  • the test item creation unit 131 creates an item as a test item to check the presence or absence of a performance evaluation test result for each device to be tested.
  • the test item creation unit 131 creates an item as a test item to test the possibility of a backdoor for the device to be tested.
  • the test item creation unit 131 may create multiple test items for one trust evaluation index, or may create one test item for multiple trust evaluation indexes.
  • the test item creation unit 131 may use device information when creating the test items.
  • the inspection item determination unit 132 determines the inspection items created above based on the device information and the trust evaluation results of the devices. For example, when the inspection item is the presence or absence of an inspection result for the performance evaluation of each device, the inspection item determination unit 132 first determines the performance evaluation items of each device based on the device information. Then, the inspection item determination unit 132 determines the presence or absence of an inspection result for the performance evaluation items of each device based on the trust evaluation results of the devices. Alternatively, when inspecting the possibility of a backdoor in a network, the inspection item determination unit 132 determines the possibility of a backdoor for each device based on the device information and the trust evaluation results of the devices. The inspection item determination unit 132 may use configuration information when determining the inspection items.
  • the evaluation result creation unit 133 creates the network trust evaluation result based on the trust evaluation index and the analysis result of the inspection item. For example, the evaluation result creation unit 133 creates the network trust evaluation result by integrating or replacing the analysis results of the above inspection items.
  • the format of the analysis result of the inspection item may be different for each inspection item. Or, the analysis result of the inspection item may be in a data format that is difficult for people other than experts to judge. Or, multiple analysis results may be related to one trust evaluation index. Or, one analysis result may be related to multiple trust evaluation indexes. Therefore, the evaluation result creation unit 133 integrates or replaces the analysis results to correspond to the trust evaluation index, and creates the network trust evaluation result.
  • the network trust evaluation result is the reliability of the network, and is the result of evaluating the network based on the network trust evaluation index, which is a viewpoint for evaluating the trust of the network.
  • the output unit 140 outputs the network trust evaluation result.
  • the output unit 140 outputs the network trust evaluation result to a device of a service provider that uses the network.
  • the output unit 140 may output the network trust evaluation result to a device of an insurance company that accepts insurance for service providers that use the network.
  • the output unit 140 may output the network trust evaluation result to a storage device that can be accessed by service providers and service recipients, such as a storage device on the cloud.
  • the output unit 140 may output the network trust evaluation result to a location that can be referenced by service providers and service recipients, such as a homepage on the Internet.
  • FIG. 3 is a flow diagram showing an example of the operation of the evaluation device 10.
  • the evaluation result acquisition unit 110 acquires the trust evaluation result of each device (step S301).
  • the target information acquisition unit 120 acquires configuration information of the network to be evaluated, device information on the devices that make up the network, and a trust evaluation index for the network (step S302).
  • the trust evaluation unit 130 evaluates the trust of the network based on the configuration information, device information, trust evaluation index, and the trust evaluation result of the devices (step S303).
  • the output unit 140 outputs the trust evaluation result of the network.
  • the evaluation device 10 stores the trust evaluation results for each device.
  • the evaluation device 10 then acquires configuration information of the network to be evaluated, device information on the devices that make up the network, and a trust evaluation index for the network.
  • the evaluation device 10 evaluates the trust of the network based on the configuration information, device information, trust evaluation index, and the trust evaluation results for the devices, and outputs the network trust evaluation results.
  • the evaluation device 10 outputs a network trust evaluation result that meets the needs of service providers and the like, rather than the reliability related to the security of devices provided by device manufacturers and the like.
  • service providers and the like can acquire a network trust evaluation result that meets the needs of the service providers and the like from the evaluation device 10.
  • Second Embodiment 4 is a block diagram showing an example of the configuration of the evaluation device 11 according to the second embodiment.
  • the evaluation device 11 includes a certificate creation unit 150 in addition to the configuration of the evaluation device 10.
  • the certificate creation unit 150 creates a certificate for the results of the network trust evaluation.
  • the certificate is data that indicates that the results of the network trust evaluation have not been tampered with.
  • the certificate creation unit 150 creates the certificate using, for example, electronic authentication or a blockchain.
  • the certificate is often provided to the service recipient, etc., together with the network trust evaluation result. Therefore, the certificate may include both the trust evaluation result and data indicating that the network trust evaluation result has not been tampered with. For ease of explanation, the certificate will be described below as including the network trust evaluation result.
  • the output unit 140 then outputs the certificate to the service provider, etc.
  • the evaluation device 10 of the first embodiment outputs the network trust evaluation result evaluated based on the trust evaluation index obtained from the service provider or the like.
  • the network trust evaluation result in the first embodiment does not have a mechanism for preventing tampering. Therefore, the network trust evaluation result in the first embodiment is not necessarily data in an appropriate format as a certificate to be submitted to a service recipient who receives a service from the service provider. Therefore, the evaluation device 11 creates and outputs a certificate as data indicating that the network trust evaluation result has not been tampered with.
  • the service provider can provide the certificate output by the evaluation device 11 to the service recipient or the like to indicate that the network trust evaluation result has not been tampered with.
  • Third Embodiment 5 is a block diagram showing an example of the configuration of the evaluation device 12 according to the third embodiment.
  • the evaluation device 12 includes an improvement plan formulation unit 160 in addition to the configuration of the evaluation device 10.
  • the evaluation device 12 may also include a certificate creation unit 150.
  • the improvement plan formulation unit 160 formulates an improvement plan for the trustworthiness of the network based on the results of the network trust evaluation.
  • the formulation of an improvement plan for the trustworthiness of the network is to determine measures to modify at least one of the network configuration and the devices that constitute the network in order to improve the results of the network trust evaluation.
  • the improvement plan may be, for example, a change in the network configuration, including the addition or removal of devices, or a change in the devices.
  • the improvement plan may be an improvement of the trust evaluation results of the devices.
  • the trust evaluation index is the presence or absence of a performance evaluation test result
  • the results of the network trust evaluation include a result that there is a device that does not have a performance evaluation test result.
  • the improvement plan formulation unit 160 may formulate an improvement plan that includes conducting an inspection of the device that does not have an inspection result as an improvement plan.
  • the improvement plan formulation unit 160 may formulate an improvement plan for the network by referring to standard evaluation results in the industry in which the service provider is included, or improvement plans used by other companies. For example, the improvement plan formulation unit 160 may formulate an improvement plan for an item that deviates greatly from the standard evaluation result.
  • the improvement plan formulation unit 160 may formulate an improvement plan for the devices included in the network by referring to the improvement plan provided by the manufacturer of the devices included in the network. For example, if the firmware of the device has been updated, the improvement plan formulation unit 160 may formulate an improvement plan to apply the latest firmware provided by the device manufacturer. Then, the output unit 140 outputs the improvement plan to the service provider. As a result, the service provider can improve the reliability of the network by referring to the improvement plan output by the evaluation device 12.
  • Fourth Embodiment 6 is a block diagram showing an example of the configuration of the evaluation device 13 according to the fourth embodiment.
  • the evaluation device 13 includes a validity determination unit 170 in addition to the configuration of the evaluation device 10.
  • the evaluation device 13 may include a certificate creation unit 150, may include an improvement plan formulation unit 160, or may include both the certificate creation unit 150 and the improvement plan formulation unit 160.
  • the validity determination unit 170 determines the validity of the trust evaluation index of the network.
  • the validity of the trust evaluation index indicates whether the trust evaluation index is appropriate as a criterion for determining the trust of the network.
  • the validity determination unit 170 may determine the validity of the trust evaluation index, for example, by using the total value or average value of items included in the trust evaluation result of the network. Alternatively, the validity determination unit 170 may determine that the trust evaluation index is not valid when the trust evaluation result of the network includes an item that cannot be determined, such as when there is no trust evaluation result of the corresponding device. Alternatively, the validity determination unit 170 may determine that the trust evaluation index is not valid when at least a part of the trust evaluation results does not satisfy a threshold value.
  • the validity determination unit 170 may determine the validity of the trust evaluation index by comparing it with a standard trust evaluation index of the industry in which the service provider is included, or an average of trust evaluation indexes used by other companies. Alternatively, the validity determination unit 170 may determine the validity based on the consistency or reciprocity between items included in the trust evaluation index. Alternatively, the validity determination unit 170 may determine the validity based on the ratio of devices related to the trust evaluation index to the entire network in the network configuration, or the range of related devices. The validity determination unit 170 may divide the trust evaluation index into multiple groups and determine the validity of each group. Then, the output unit 140 outputs the validity of the trust evaluation index to the service provider. As a result, the service provider can understand the validity of the trust evaluation index based on the validity output by the evaluation device 13.
  • the result of the judgment of the validity of the trust evaluation index may be expressed as validity or not, or may be expressed using a numerical value such as 0.0 to 1.0. Furthermore, if the trust evaluation index is not valid, such as the validity being lower than the threshold, the validity judgment unit 170 may output to the service provider via the output unit 140 that the trust evaluation index is not valid. At that time, the validity judgment unit 170 may output to the service provider the judged validity value and the judgment content used to calculate the validity value. In this case, the service provider may, for example, reset the trust evaluation index and output it to the evaluation device 13. The validity judgment unit 170 may repeat the above operation until the trust evaluation index becomes valid, such as when the validity of the trust evaluation index becomes equal to or higher than the threshold. Then, when the trust evaluation index becomes valid, the validity judgment unit 170 may notify the trust evaluation unit 130 that the trust evaluation index is valid.
  • the trust evaluation unit 130 may acquire the trust evaluation index from the validity determination unit 170.
  • the target information acquisition unit 120 outputs the acquired trust evaluation index to the validity determination unit 170.
  • the validity determination unit 170 judges the validity of the trust evaluation index, and when the trust evaluation index is not valid, outputs information indicating the need to reset the trust evaluation index to a service provider or the like via the output unit 140.
  • the information indicating the need to reset indicates that resetting is necessary or the degree to which resetting is necessary.
  • the validity determination unit 170 may output an instruction to reset to the service provider via the output unit 140, or may output the determined validity value and threshold value.
  • the validity determination unit 170 judges the validity of the trust evaluation index reacquired by the target information acquisition unit 120.
  • the validity determination unit 170 executes the operation of resetting the trust evaluation index until the trust evaluation index becomes valid. Then, when the trust evaluation index becomes valid, the validity determination unit 170 may output the trust evaluation index to the trust evaluation unit 130.
  • the trust evaluation unit 130 may obtain validity from the validity determination unit 170 and execute the operation of resetting the trust evaluation index as described above.
  • the trust evaluation unit 130 may use the validity of the trust evaluation index when evaluating the trust. For example, when the analysis results of the test items are the same, the trust evaluation unit 130 may evaluate the network's trust evaluation result when the validity is low as a lower evaluation result than the network's trust evaluation result when the validity is high.
  • evaluation device 10 Each component of the evaluation device 10, etc. may be configured with a hardware circuit. Alternatively, in the evaluation device 10, etc., each component may be configured using multiple devices connected via a network. For example, the evaluation device 10, etc. may be configured using cloud computing. Alternatively, in the evaluation device 10, etc., multiple components may be configured with a single piece of hardware.
  • the evaluation device 10 etc. may be realized as a computer device including a central processing unit (CPU), a read only memory (ROM), a random access memory (RAM), and a network interface card (NIC).
  • Figure 7 is a block diagram showing the configuration of a computer device 600, which is an example of a hardware configuration of the evaluation device 10 etc.
  • the computer device 600 includes a CPU 610, a ROM 620, a RAM 630, a storage device 640, and a NIC 650.
  • the CPU 610 reads a program from at least one of the ROM 620 and the storage device 640. The CPU 610 then controls the RAM 630, the storage device 640, and the NIC 650 based on the read program.
  • the computer device 600 controls these components to realize the functions of the evaluation result acquisition unit 110, the target information acquisition unit 120, the trust evaluation unit 130, the output unit 140, the certificate creation unit 150, the improvement plan formulation unit 160, and the validity determination unit 170. In this way, the evaluation device 10 and the like may realize functions as a combination of hardware and software.
  • the CPU 610 may read a program contained in the recording medium 690 that stores a computer-readable program using a recording medium reading device (not shown). Alternatively, the CPU 610 may receive a program from an external device (not shown) via the NIC 650, save it in the RAM 630 or the storage device 640, and operate based on the saved program.
  • the ROM 620 stores programs and fixed data executed by the CPU 610.
  • the ROM 620 is, for example, a programmable ROM (P-ROM) or a flash ROM.
  • the RAM 630 temporarily stores programs and data executed by the CPU 610.
  • the RAM 630 is, for example, a dynamic RAM (D-RAM).
  • the storage device 640 stores data and programs that the computer device 600 stores for the long term.
  • the storage device 640 may store the results of the device trust evaluation acquired by the evaluation result acquisition unit 110.
  • the storage device 640 may also operate as a temporary storage device for the CPU 610.
  • the storage device 640 is, for example, a hard disk device, a magneto-optical disk device, a solid state drive (SSD), or a disk array device.
  • ROM 620 and storage device 640 are non-volatile (non-transitory) recording media.
  • RAM 630 is a volatile (transitory) recording medium.
  • CPU 610 can operate based on programs stored in ROM 620, storage device 640, and RAM 630. In other words, CPU 610 can operate using either non-volatile recording media or volatile recording media. When realizing each function, CPU 610 may use at least one of RAM 630 and storage device 640 as a temporary storage medium for programs and data.
  • the NIC 650 relays data exchange with external devices (not shown) via the network.
  • the NIC 650 relays communication with a service provider's device.
  • the NIC 650 is, for example, a local area network (LAN) card.
  • the NIC 650 is not limited to being wired, and may be wireless.
  • the computer device 600 configured in this manner executes the operations of each component in the evaluation device 10, etc., to realize the functions of the evaluation device 10, etc.
  • FIG. 8 is a block diagram for explaining an example of the configuration of a system 60 using the evaluation device 11.
  • the system 60 includes the evaluation device 11, a network 20 used by a service provider to provide a service, a terminal 30 used by the service provider, and a terminal 40 used by a service recipient.
  • the service provider operates the terminal 30 to output configuration information, device information, and a trust evaluation index for the network 20 to the evaluation device 11.
  • the evaluation device 11 operates as described above to create a certificate regarding the trust of the network and output it to the terminal 30 of the service provider.
  • the certificate is data including both data indicating that no tampering has been performed on the trust evaluation result of the network and the trust evaluation result of the network.
  • the service provider operates terminal 30 to output the acquired certificate to terminal 40 of the service recipient on network 20.
  • the service recipient decides whether or not to receive the service provided from network 20 based on the certificate acquired by terminal 40. If the service recipient decides to receive the service, he or she operates terminal 40 to receive the service provided from network 20.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Economics (AREA)
  • Human Resources & Organizations (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computer Hardware Design (AREA)
  • Marketing (AREA)
  • General Business, Economics & Management (AREA)
  • General Health & Medical Sciences (AREA)
  • Primary Health Care (AREA)
  • Development Economics (AREA)
  • Educational Administration (AREA)
  • Health & Medical Sciences (AREA)
  • Game Theory and Decision Science (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Pour délivrer en sortie un résultat d'évaluation concernant la fiabilité d'un réseau, un dispositif d'évaluation selon la présente invention comprend : un moyen d'acquisition de résultat d'évaluation qui acquiert un résultat d'évaluation de fiabilité pour chaque instrument ; un moyen d'acquisition d'informations cibles qui acquiert des informations de configuration concernant le réseau à évaluer, des informations d'instrument concernant l'instrument formant le réseau et un indice d'évaluation de fiabilité du réseau ; un moyen d'évaluation de fiabilité qui évalue la fiabilité du réseau sur la base des informations de configuration, des informations d'instrument, de l'indice d'évaluation de fiabilité et du résultat d'évaluation de fiabilité pour l'instrument ; et un moyen de sortie qui délivre un résultat d'évaluation de fiabilité pour le réseau.
PCT/JP2022/036510 2022-09-29 2022-09-29 Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement WO2024069876A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/036510 WO2024069876A1 (fr) 2022-09-29 2022-09-29 Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/036510 WO2024069876A1 (fr) 2022-09-29 2022-09-29 Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement

Publications (1)

Publication Number Publication Date
WO2024069876A1 true WO2024069876A1 (fr) 2024-04-04

Family

ID=90476898

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/036510 WO2024069876A1 (fr) 2022-09-29 2022-09-29 Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement

Country Status (1)

Country Link
WO (1) WO2024069876A1 (fr)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006268544A (ja) * 2005-03-24 2006-10-05 Ntt Communications Kk ネットワーク接続制御システム、ネットワーク接続制御方法、およびネットワーク接続制御プログラム
JP2015156578A (ja) * 2014-02-20 2015-08-27 日本電信電話株式会社 ネットワーク評価装置及び方法及びプログラム
JP2016143299A (ja) * 2015-02-04 2016-08-08 株式会社日立製作所 リスク評価システムおよびリスク評価方法
JP2018077597A (ja) * 2016-11-08 2018-05-17 株式会社日立製作所 セキュリティ対策立案支援システムおよび方法
WO2019186722A1 (fr) * 2018-03-27 2019-10-03 日本電気株式会社 Système d'évaluation de sécurité, procédé d'évaluation de sécurité et programme
US20190386974A1 (en) * 2018-06-19 2019-12-19 Arm Ip Limited Data Trust Score
WO2021029160A1 (fr) * 2019-08-09 2021-02-18 日本電気株式会社 Dispositif d'inspection de porte dérobée, dispositif utilisateur, système, procédé et support lisible par ordinateur non transitoire
WO2022118395A1 (fr) * 2020-12-02 2022-06-09 日本電気株式会社 Dispositif de commande de réseau, système de réseau, procédé de commande de réseau, et support non transitoire lisible par ordinateur

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006268544A (ja) * 2005-03-24 2006-10-05 Ntt Communications Kk ネットワーク接続制御システム、ネットワーク接続制御方法、およびネットワーク接続制御プログラム
JP2015156578A (ja) * 2014-02-20 2015-08-27 日本電信電話株式会社 ネットワーク評価装置及び方法及びプログラム
JP2016143299A (ja) * 2015-02-04 2016-08-08 株式会社日立製作所 リスク評価システムおよびリスク評価方法
JP2018077597A (ja) * 2016-11-08 2018-05-17 株式会社日立製作所 セキュリティ対策立案支援システムおよび方法
WO2019186722A1 (fr) * 2018-03-27 2019-10-03 日本電気株式会社 Système d'évaluation de sécurité, procédé d'évaluation de sécurité et programme
US20190386974A1 (en) * 2018-06-19 2019-12-19 Arm Ip Limited Data Trust Score
WO2021029160A1 (fr) * 2019-08-09 2021-02-18 日本電気株式会社 Dispositif d'inspection de porte dérobée, dispositif utilisateur, système, procédé et support lisible par ordinateur non transitoire
WO2022118395A1 (fr) * 2020-12-02 2022-06-09 日本電気株式会社 Dispositif de commande de réseau, système de réseau, procédé de commande de réseau, et support non transitoire lisible par ordinateur

Similar Documents

Publication Publication Date Title
US9710257B2 (en) System and method to map defect reduction data to organizational maturity profiles for defect projection modeling
US9349015B1 (en) Programmatically detecting collusion-based security policy violations
US20060025985A1 (en) Model-Based system management
Ampatzoglou et al. The perception of technical debt in the embedded systems domain: an industrial case study
US8661412B2 (en) Managing automated and manual application testing
US11610136B2 (en) Predicting the disaster recovery invocation response time
CN109543891B (zh) 容量预测模型的建立方法、设备及计算机可读存储介质
CN111931047B (zh) 基于人工智能的黑产账号检测方法及相关装置
CN110727580A (zh) 响应数据生成、全流程接口数据处理方法及相关设备
CN112035350B (zh) 针对区块链系统的测试方法、装置及计算机设备
US20190354913A1 (en) Method and system for quantifying quality of customer experience (cx) of an application
US11373004B2 (en) Report comprising a masked value
CN117501658A (zh) 安全事件告警的可能性评估
WO2024069876A1 (fr) Dispositif d'évaluation, procédé d'évaluation et support d'enregistrement
CN111639903A (zh) 一种针对架构变更的评审处理方法及相关设备
Lyvas et al. A hybrid dynamic risk analysis methodology for cyber-physical systems
Blanco et al. Hub location with protection under interhub link failures
US20080244519A1 (en) Identifying, Correcting and Displaying Application Website and Device Compatibility Issues
Habibi et al. Generating test as a web service (TaaWS) through a method-based attribute grammar
WO2024069875A1 (fr) Dispositif d'évaluation, terminal, système d'évaluation, procédé d'évaluation et support d'enregistrement
US20240126927A1 (en) Ui/ux development system applied with blockchain for preventing forgery/falsification and forgery/falsification verification method using the same
Heisel et al. Risk identification based on architectural patterns
US11861015B1 (en) Risk scoring system for vulnerability mitigation
US20230281368A1 (en) Systems and methods for identifying and remediating architecture risk
Gol Mohammadi et al. Trustworthiness cases–toward preparation for the trustworthiness certification

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22960936

Country of ref document: EP

Kind code of ref document: A1