Tampering monitoring system, management apparatus, and management method

US 8,707,430 B2
Filed: 04/19/2011
Issued: 04/22/2014
Est. Priority Date: 04/26/2010
Status: Active Grant

First Claim

Patent Images

1. A management apparatus for managing an information security apparatus that includes a plurality of monitoring modules that monitor for tampering, the management apparatus comprising:

a non-transitory memory device that stores a program; and

a processing device that executes the program and causes the management apparatus to operate as;

a reception circuit configured to receive, from the information security apparatus, a plurality of monitoring results generated by the monitoring modules, the monitoring modules each being a source monitoring module that monitors and generates a monitoring result for at least one other of the monitoring modules, and each being a target monitoring module that is monitored by at least one other of the monitoring modules;

a detection circuit configured to detect an abnormality relating to tampering of one of the monitoring modules, by referring to fewer than all of the monitoring results received by the reception unit; and

an identification circuit configured to identify, when the abnormality related to the tampering is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from a target monitoring module to a source monitoring module that is a monitoring module that generates a monitoring result for the target monitoring module, starting from the monitoring module that generates the monitoring result related to the abnormality, the chain including one or more links each associating a source monitoring module that generates a monitoring result for a target monitoring module with the target monitoring module monitored by the source monitoring module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information security apparatus includes a plurality of monitoring modules that monitor for tampering. A management apparatus includes a reception unit that receives a plurality of monitoring results each generated by a source monitoring module monitoring a target monitoring module; a detection unit that detects an abnormality by referring to fewer than all of the received monitoring results; and an identification unit that identifies, when an abnormality is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from the target of monitoring to the source of monitoring, starting from the monitoring module that generates the monitoring result related to the abnormality.

19 Citations

View as Search Results

9 Claims

1. A management apparatus for managing an information security apparatus that includes a plurality of monitoring modules that monitor for tampering, the management apparatus comprising:
- a non-transitory memory device that stores a program; and
  
  a processing device that executes the program and causes the management apparatus to operate as;
  
  a reception circuit configured to receive, from the information security apparatus, a plurality of monitoring results generated by the monitoring modules, the monitoring modules each being a source monitoring module that monitors and generates a monitoring result for at least one other of the monitoring modules, and each being a target monitoring module that is monitored by at least one other of the monitoring modules;
  
  a detection circuit configured to detect an abnormality relating to tampering of one of the monitoring modules, by referring to fewer than all of the monitoring results received by the reception unit; and
  
  an identification circuit configured to identify, when the abnormality related to the tampering is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from a target monitoring module to a source monitoring module that is a monitoring module that generates a monitoring result for the target monitoring module, starting from the monitoring module that generates the monitoring result related to the abnormality, the chain including one or more links each associating a source monitoring module that generates a monitoring result for a target monitoring module with the target monitoring module monitored by the source monitoring module.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The management apparatus of claim 1, whereinthe detection circuit detects, as the abnormality, an inconsistency between two or more monitoring results for one of the monitoring modules, andthe identification circuit identifies the monitoring module that has been tampered with by tracing back through chains of monitoring modules by referring to the two or more monitoring results.
  - 3. The management apparatus of claim 2, whereinthe monitoring modules in the information security apparatus each monitor one or more other monitoring modules for tampering at a point in time and transmit the monitoring results,the reception circuit receives the monitoring results for the point in time,the detection circuit detects the inconsistency by determining whether, among the monitoring results received by the reception circuit, a first monitoring result and a second monitoring result for one of the monitoring modules match, andthe identification circuit (i) consecutively traces back through chains of monitoring modules, respectively starting with the first monitoring result and the second monitoring result, by referring to other monitoring results that indicate no tampering, (ii) determines whether an identical monitoring module is arrived at, and (iii) when determining positively, identifies the identical monitoring module as the monitoring module that has been tampered with.
  - 4. The management apparatus of claim 2, whereinthe monitoring modules in the information security apparatus each monitor one or more of the other monitoring modules for tampering at a first point in time and at a later second point in time and transmit the monitoring results at the respective points in time,the reception circuit receives the monitoring results for the first point in time and the monitoring results for the second point in time,the detection circuit detects, among the monitoring results received by the reception circuit, the inconsistency when (i) a first monitoring result by a first monitoring module for a second monitoring module at the first point in time indicates that the second monitoring module has been tampered with, and (ii) a second monitoring result by the first monitoring module for the second monitoring module at the second point in time indicates that the second monitoring module has not been tampered with, andwhen the detection circuit detects the inconsistency, the identification circuit identifies the first monitoring module as the monitoring module that has been tampered with.
  - 5. The management apparatus of claim 1, whereinthe monitoring modules in the information security apparatus each monitor one or more of the other monitoring modules for tampering at a first point in time and at a later second point in time and transmit the monitoring results at the respective points in time,the reception circuit receives the monitoring results for the first point in time and the monitoring results for the second point in time,the detection circuit detects, among the monitoring results received by the reception circuit, the abnormality when (i) a first monitoring result by a first monitoring module for a second monitoring module at the first point in time indicates that the second monitoring module has been tampered with, and (ii) a second monitoring result by the second monitoring module for the first monitoring module at the second point in time indicates that the first monitoring module has not been tampered with, andwhen the first monitoring result indicates that the second monitoring module has been tampered with and the second monitoring result indicates that the first monitoring module has not been tampered with, the identification circuit identifies the second monitoring module as the monitoring module that has been tampered with.

6. A management method used in a management apparatus for managing an information security apparatus that includes a plurality of monitoring modules that monitor for tampering, the management method comprising the steps of:
- a) receiving, from the information security apparatus, a plurality of monitoring results generated by the monitoring modules, the monitoring modules each being a source monitoring module that monitors and generates a monitoring result for at least one other of the monitoring modules, and each being a target monitoring module that is monitored by at least one other of the monitoring modules;
  
  b) detecting an abnormality relating to tampering of one of the monitoring modules by referring to fewer than all of the monitoring results received in the receiving step; and
  
  c) identifying, when the abnormality related to the tampering is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from a target monitoring module to a source monitoring module that is a monitoring module that generates a monitoring result for the target monitoring module, starting from the monitoring module that generates the monitoring result related to the abnormality, the chain including one or more links each associating a source monitoring module that generates a monitoring result for a target monitoring module with the target monitoring module monitored by the source monitoring module.

7. A non-transitory computer-readable recording medium having recorded thereon a computer program for management used in a management apparatus for managing an information security apparatus that includes a plurality of monitoring modules that monitor for tampering, the computer program causing the management apparatus, which is a computer, to execute the steps of:
- a) receiving, from the information security apparatus, a plurality of monitoring results generated by the monitoring modules, the monitoring modules each being a source monitoring module that monitors and generates a monitoring result for at least one other of the monitoring modules, and each being a target monitoring module that is monitored by at least one other of the monitoring modules;
  
  b) detecting an abnormality relating to tampering of one of the monitoring modules, by referring to fewer than all of the monitoring results received in step a); and
  
  c) identifying, when the abnormality related to the tampering is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from a target monitoring module to a source monitoring module that is a monitoring module that generates a monitoring result for the target monitoring module, starting from the monitoring module that generates the monitoring result related to the abnormality, the chain including one or more links each associating a source monitoring module that generates a monitoring result for a target monitoring module with the target monitoring module monitored by the source monitoring module.

8. An integrated circuit for managing an information security apparatus that includes a plurality of monitoring modules that monitor for tampering, the integrated circuit comprising:
- a non-transitory memory device that stores a program; and
  
  a processing device that executes the program and causes the integrated circuit to operate as;
  
  a reception circuit configured to receive, from the information security apparatus, a plurality of monitoring results generated by the monitoring modules, the monitoring modules each being a source monitoring module that monitors and generates a monitoring result for at least one other of the monitoring modules, and each being a target monitoring module that is monitored by at least one other of the monitoring modules;
  
  a detection circuit configured to detect an abnormality relating to tampering of one of the monitoring modules by referring to fewer than all of the monitoring results received by the reception circuit; and
  
  an identification circuit configured to identify, when the abnormality related to the tampering is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from a target monitoring module to a source monitoring module that is a monitoring module that generates a monitoring result for the target monitoring module, starting from the monitoring module that generates the monitoring result related to the abnormality, the chain including one or more links each associating a source monitoring module that generates a monitoring result for a target monitoring module with the target monitoring module monitored by the source monitoring module.

9. A monitoring system formed by an information security apparatus that includes a plurality of monitoring modules that monitor for tampering and a management apparatus for managing the information security apparatus, the management apparatus comprising:
- a non-transitory memory device that stores a program; and
  
  a processing device that executes the program and causes the management apparatus to operate as;
  
  a reception circuit configured to receive, from the information security apparatus, a plurality of monitoring results generated by the monitoring modules, the monitoring modules each being a source monitoring module that monitors and generates a monitoring result for at least one other of the monitoring modules, and each being a target monitoring module that is monitored by at least one other of the monitoring modules;
  
  a detection circuit configured to detect an abnormality relating to tampering of one of the monitoring modules by referring to fewer than all of the monitoring results received by the reception circuit; and
  
  an identification circuit configured to identify, when the abnormality related to the tampering is detected, a monitoring module that has been tampered with from among (i) a monitoring module that generates a monitoring result related to the abnormality, and (ii) one or more monitoring modules identified by tracing back through a chain of monitoring modules consecutively from a target monitoring module to a source monitoring module that is a monitoring module that generates a monitoring result for the target monitoring module, starting from the monitoring module that generates the monitoring result related to the abnormality, the chain including one or more links each associating a source monitoring module that generates a monitoring result for a target monitoring module with the target monitoring module monitored by the source monitoring module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Unagami, Yuji, Futa, Yuichi, Matsuzaki, Natsume, Shizuya, Hiroki, Sakai, Masao, Isobe, Shuji, Koizumi, Eisuke, Hasegawa, Shingo
Primary Examiner(s)
Nguyen, Dustin

Application Number

US13/089,433
Publication Number

US 20110265180A1
Time in Patent Office

1,099 Days
Field of Search

726 22- 26, 713/188, 713/194
US Class Current

726/22
CPC Class Codes

G06F 11/3048   where the topology of the c...

G06F 11/3065   Monitoring arrangements det...

G06F 21/12   Protecting executable software

G06F 21/552   involving long-term monitor...

G06F 21/6281   at program execution time, ...

G06F 2221/2103   Challenge-response

G06F 2221/2143   Clearing memory, e.g. to pr...

Tampering monitoring system, management apparatus, and management method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Tampering monitoring system, management apparatus, and management method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others