Security Solutions Provided by Fujitsu’s Middleware Products
V Takahisa Hatakeyama V Tatsuji Shimoe V Yoshie Yamanaka V Hideyuki Kageyama (Manuscript received January 12, 2007)
In recent years, companies have increasingly been asked to take more social respon- sibility. From the standpoint of business continuity and complying with regula- tions, it has become more important to establish information security governance. This paper describes the solutions provided by the TRIOLE middleware products that conform to the Fujitsu enterprise security architecture (ESA) and efficiently improve system information security governance. Japanese companies will be obliged to comply with the Japan’s new Financial Instruments and Exchange Law, which includes the Japanese equivalent of the US Sarbanes-Oxley Act, starting in 2008. The ESA-conforming TRIOLE middleware products will facilitate building of a secure system in compliance with laws and regulations, including the Japanese Sarbanes-Oxley act.
1. Introduction security governance in accordance with Fujitsu’s In recent years, companies have increasingly enterprise security architecture (ESA),2) which been asked to take more social responsibility. was released in November 2006. It also describes Installation and replacement of IT systems has the solutions provided by TRIOLE middleware required judgment from a viewpoint of manage- products that efficiently improve information ment. It has especially become important to security governance. ensure information security from the perspec- tive of information security governance based on 2. Security architecture business continuity and compliance instead of and concepts of TRIOLE accident response. middleware In Japan, the Act on the Protection of Fujitsu’s ESA is based on the analyzed Personal Information went into effect in 2005, and organized security requirements that are and the Japan’s new Financial Instruments and common to all companies. It focuses on infor- Exchange Law, which includes the Japanese mation security governance and classifies the equivalent of the US Sarbanes-Oxley Act, will security functions commonly required for compa- come into effect in 2008. Japanese companies nies into the following four areas: are required to prepare for internal control and 1) Identity management and authentication: IT governance, and it has become important to Managing user IDs and passwords and establish information security governance as a confirming user authorization mechanism to prevent and audit fraud.1) This 2) Access control: Strictly managing access paper describes the technical architecture of the so appropriate users can use appropriate middleware products that support information resources such as data and services.
354 FUJITSU Sci. Tech. J., 43,3,p.354-365(July 2007) T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
3) Audit trail: Identifying the cause of a detected security button, or Windows logon. security breach and confirming that no fraud 2) Network authentication has occurred by collecting, maintaining, and Access to or from the network is authen- managing the evidence (logs). ticated using a proxy, RADIUS, or 802.1X 4) Centralized security administration: (EAP-TLS). To support network authentication, Centralizing security management to achieve Fujitsu provides Interstage Security Director,3) consistency and uniformity throughout an SafeAuthor, and IPCOM.4) entire organization. 3) Application authentication When various ISV products conform to the The use of Web applications that are ESA and Fujitsu’s middleware products, the operated with a browser has recently increased, following two benefits can be obtained: and many companies are now using a Web single 1) The system security functions commonly sign-on (SSO) function for these applications. required for companies can be improved just The Web SSO function makes all Web-based by installing the ISV products. applications and services available with a single 2) When product vendors independently provide authentication, whereas without this function the security functions for the above four each job must be authenticated individually. areas, there may be inconsistencies, which Fujitsu provides Interstage Application might, for example, cause a malfunction Server to support Web SSO. when products of different vendors are used It is necessary to set and operate authenti- together. ESA-conforming products, on the cation policies by combining 1), 2), and 3) above. other hand, can be easily and safely linked because they have a common interface. 3.1.2 Authentication method security level Fujitsu provides a security-enhanced suite Basic authentication using an ID and of middleware products that conform to the ESA. password cannot completely prevent spoofing, so The following sections describe the solutions various authentication technologies are used to provided by these Fujitsu middleware products, enhance the security level. Particularly impor- which improve three areas of system security: tant services should be operated using security identity management and authentication, access policies based on a high-level authentication control, and audit trail. method. For example, Fujitsu internally imple- ments and operates its public key infrastructure 3. Identity management and (PKI) system to achieve high-security operation. authentication This system is integrated with a PKI by using 3.1 Authentication solution a smart card to apply secure socket layer To build an authentication system in the (SSL) V3 client authentication to Web SSO open environment, appropriate methods must systems. Fujitsu provides local governments and be selected in consideration of several factors. companies in Japan with the following TRIOLE These factors and related Fujitsu products are security solutions based on the Fujitsu PKI described below. system and has achieved many excellent results with them: 3.1.1 Authentication scopes and methods 1) Systemwalker PKI Manager (certificate 1) Local authentication involving a PC only authority product) Authentication can be done at the individ- 2) Web SSO function of Interstage Application ual PC level by using, for example, fingerprint Server authentication, BIOS authentication with a 3) Safety Domain (software for smart cards)
FUJITSU Sci. Tech. J., 43,3,(July 2007) 355 T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
Recently, case studies of advanced system More and more companies have adopted these integration have shown that Web SSO systems approaches, which have expanded the market. are being integrated with biometrics systems. The following international standards are being For example, a financial institution has used developed for authentication and authorization of palm vein authentication based on Fujitsu’s these SOA and Web services: PalmSecure integrated with a Web SSO system 1) Security assertion markup language (SAML) to build a new security system. In this system, SAML5) is a standard specification for ex- simply holding a palm over the scanner displays changing security information using SOAP/XML the initial window of the application menu. defined by the standards body OASIS. The exist- As just described, integration know-how for ing Web SSO function protocols have no mutual combining various products to meet customer connectivity because they are vendor-specific. requirements is extremely important in providing As a result, SAML has been used by more and authentication solutions. Therefore, authentica- more companies because of its mutual connectiv- tion solutions have many variations. ity with the standardized credential for SSO and Figure 1 shows an example application of confirmation protocol for access control. Fujitsu the identification authentication solution. will support SAML in the next few years. 2) Extensible access control markup language 3.2 Next-generation authentication (XACML) protocols XACML6) is a policy description language In recent years, approaches based on the specification for controlling access to Web SOA and Web services that advanced from services. As with SAML, its standard specifica- Web computing have attracted much attention. tion is defined by OASIS.
Installing single sign-on function to internal mission-critical Web system. Sequentially installed in company-wide job servers. Single sign-on function can be developed fully with personal authentication based on PKI infrastructure.
Employee Single sign-on (SSO) system Internal mission-critical Web system System for personnel affairs and Access server general administration My Office Job: A Accessible jobs × Job: B Job: C Job: B ○ Inquiry of access Business support authority Business support systesystemm SafiSafirere Secure personal authentication Job: C × using IC card and PIN code entry. SSO repository High risk with authentication using existing ID and password. Access control Job: D information ○ Registry ○: Accessible server × : Inaccessible
Figure 1 Example application of identification authentication solution using SSO to internal mission-critical system.
356 FUJITSU Sci. Tech. J., 43,3,(July 2007) T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
XACML can describe an access control policy number of systems that support SOA and Web by combining rules, policy statements, and policy services, and Fujitsu will consider supporting the set statements. Although various policy descrip- authentication and authorization systems that tion languages have been considered so far, will be created as a result. XACML is the overriding standard specification for the present circumstances. The authentica- 3.3 Identity management tion and authorization model is well known as The term “identification” means recogni- the common architecture of the access control tion and specification of people, devices, and policy mechanism. Figure 2 gives an outline programs. Information used to identify users, of the relationships among the following compo- applications, devices, and systems is called ID nents based on various authorization models information. such as the Internet Engineering Task Force The term “authentication” means a function (IETF) policy model: or action to confirm that the users and compo- • Policy administration point (PAP) nents (e.g., devices and programs) are who and Manages (generates, verifies, and distrib- what have been envisioned by other parties such utes) the policy. as information service providers. ID information • Policy decision point (PDP) is used for authentication. Determines the accessibility based on the Distributed environments and open systems policy. have various ID information items. Authenti- • Policy information point (PIP) cation using ID information forms the core of Provides user and resource IDs and attri- security, and the importance of centralized bute information required to determine the management of ID information has been accessibility in PDP. rediscovered in internal IT control. Identity • Policy enforcement point (PEP) management middleware is used to perform Controls the accessibility according to the centralized management of ID information. accessibility determination in PDP. The typical problems with internal IT It is expected that this authentication and control are as follows: authorization model will be adopted on a growing 1) Incomplete work separation 2) Inadequate access control for OSs, DBs, and application systems PAP PDP PIP Policy # Attribute 3) Many users can execute privileged user set query processing. System 4) ID information items of retired personnel Response administrator $ % Access control decision and the access authorities for IDs are not deleted. " Accessibility query 5) Access authorities for jobs are left unused & Response and unattended. ! Access Identity management systems are attract- request ' Permit access PEP Target ing attention as a means of solving these object Access ( Return result problems. Fujitsu has already provided identity requester management products as security control note) ! , " , # , ..., ( : model operation order solutions, and these have been successfully used to build and integrate many systems. Fujitsu Figure 2 Authentication and authorization policy model. will further support these identity management
FUJITSU Sci. Tech. J., 43,3,(July 2007) 357 T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
products, focusing on the standardization trend 4) Log collection and analysis as appropriate. 5) File operation restriction In addition, the mission of the Systemwalker 4. Access control Desktop series is to prevent illegal data access Information systems are now important from PCs from the standpoints of internal social infrastructures, and countermeasures control and IT governance. To fulfill this mission, against illegal access and disclosure of informa- the Systemwalker Desktop series support access tion handled on IT systems have become key control functions to stop the following illegal issues. accesses from unauthorized PCs: For example, data managed by a server and 1) Illegal network access data stored on a PC can be accessed from a system 2) Illegal PC access endpoint PC. Extracted data can easily be 3) Illegal file access copied to the outside through portable media such as USB memories, CDs, DVDs, e-mail, or 4.1 Access control functions provided by printed documents. Systemwalker Desktop series To ensure confidentiality and privacy, The following three Systemwalker Desktop Fujitsu provides the Systemwalker Desktop series products provide access control functions: series to prevent unauthorized disclosure of infor- 1) Systemwalker Desktop Keeper mation from PCs. Performs PC operation restriction in accor- The Systemwalker Desktop series consist of dance with the PC user authority the seven products shown in Figure 3. They are 2) Systemwalker Desktop Rights Master based on the concept that the status of resources Performs data access control for secure use should be confirmed and the following security of data managed using a file server measures should be taken: 3) Systemwalker Desktop Inspection 1) Security patch application Performs network access authority control 2) File encryption according to the PC security level (quarantine 3) PC operation restriction network system)
Steps of client PC security measures
Step 4: File operation restriction Systemwalker Desktop Rights Master
Step 3: Block of illegal connection Systemwalker Desktop Inspection
Step 2: File encryption, PC operation restriction, and log analysis Systemwalker Desktop Encryption Systemwalker Desktop Keeper Systemwalker Desktop Log Analyzer
Step 1: Confirmation of IT resource status, automatic application of security patch, and audit Systemwalker Desktop Patrol Systemwalker Desktop Patrol Assessor
Figure 3 Steps of client PC security measures.
358 FUJITSU Sci. Tech. J., 43,3,(July 2007) T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
The access control technologies provided by 2) Recording of access controls and audit trails the Systemwalker Desktop series7) are described for each user operation, for example, brows- below. ing and file printing 3) Controlling time-limits of accesses to target 4.2 PC operation restriction: Systemwalker files Desktop Keeper These functions can stop disclosure of data With the recent improvement of the IT to third parties and inhibit operations from environment, highly-portable notebook PCs and unauthorized users unless connections are made external media such as USB memories, CDs, and to the license distribution server of DTRM on DVDs that enable data to be easily copied from the intranet. These functions have securely desktop PCs have become widespread, and this protected confidential documents. has heightened the risk of unauthorized informa- DTRM uses the Fujitsu-developed universal tion disclosure. distributed access control (UDAC)8) technology as Systemwalker Desktop Keeper has further a digital rights management (DRM) mechanism enhanced OS-level access controls to control the to control access to individual files. following operations made on data-handling PCs: The UDAC technical proposals and informa- 1) Starting specified applications tion distribution services that use this technology 2) Starting specific services and processes have been promoted in a UDAC consortium that 3) Logon. For example, inhibiting logon by consists of IT companies and content-business users that belong to specific groups companies. This consortium has publicized the 4) Copying windows using the PrintScreen key PKI-based key exchange and other specifications. 5) Writing data to specified drive units DTRM uses the UDAC technology to 6) Printing data from specified applications independently handle the license information 7) Attaching files in e-mails about the encrypted files and their access infor- Systemwalker Desktop Keeper links with mation. Therefore, it allows protected files to the authentication server (Microsoft Active be freely copied and distributed between PCs Directory) to apply the above operation restric- under DTRM and also allows operations under tions for each terminal or user according to the permission conditions that are based on license user’s position, work type, job, and other details. information (e.g., access count and period). Because authorities are set and managed for Moreover, encrypting documents using each user or group to be authorized, PC opera- AES-128 and communication protocols for each tions according to a policy can be controlled for license acquisition can localize a security problem each department, job, or person. such as hacking of protected files. The confiden- Systemwalker Desktop Keeper also collects tial document protection function can prevent PC operation logs, and making this known to damage caused by hacking from spreading users can deter them from illegally accessing throughout the entire system. PCs. 4.4 Quarantine network system: 4.3 Data access control: Systemwalker Systemwalker Desktop Inspection Desktop Rights Master Traditionally, measures against illegal Systemwalker Desktop Rights Master access, hacking, and other vulnerabilities include (DTRM) provides the following solutions for a firewall for protection against attacks from confidential documents: outside, an intrusion detection system (IDS), and 1) Secure protection with encryption (AES-128) antivirus software. Recently, technologies for
FUJITSU Sci. Tech. J., 43,3,(July 2007) 359 T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
protecting against illegal access to a corporate series. The IPCOM L series can control the network from unauthorized PCs and from autho- network by using the dynamic access control rized PCs that have no security measures are list. The SR-S series supports a dynamic VLAN attracting attention. As PCs become an integral function based on IEEE802.1X authentication part of everyday life, it is becoming increasingly (Figure 4). common for people to take business-use PCs The quarantine network system checks the outside, for example, on business trips, and user authentication and MAC address authen- also connect private PCs to corporate networks tication and also checks whether the security without permission. The information disclosures policies are satisfied when connecting to a client and virus infections caused by these practices PC. The security policies include policies about have not been negligible, and these technologies the security patch application status, the update have been promoted to mitigate these risks. status of the antivirus software definition file, To stop illegal connections, the validity of and the installation status of optional software. the PC user and the PC should be confirmed The system then determines whether the PC can (authentication). It should also be confirmed be connected to the corporate network. The job that the security patches of PCs and the defini- servers that can be connected to the corporate tion file of their antivirus software are up to date network can be limited for each user. Unless the (security measures check). If any impropriety or security policies are satisfied, connection permis- deficiency is detected, the connection should not sion can be limited to the update server instead be permitted. While it is not so difficult to take of merely rejecting a connection request. The these actions for PCs that have a fixed connection quarantine network system can automatically to a corporate network to be managed, they are apply a required security patch and virus pattern not so easy to take for mobile PCs that are taken for a PC whose connection has been rejected by outside. There are two main reasons for this. linking with Systemwalker Desktop Patrol for First, the existing technologies require prelimi- the update server. Systemwalker Desktop Patrol nary software installation, registration, and provides an automatic application function for setup for monitoring and cannot take appropriate security patches and virus patterns. As just action for mobile PCs. The other reason is that mentioned, the quarantine network system the existing technologies have no mechanism for enables autonomous maintenance of the corpo- forcibly blocking access from deficient PCs. rate network security level. To help solve these problems, Fujitsu provides a quarantine network system that 5. Audit trail monitors PC networks to block and isolate illegal The increase in illegal accesses to infor- PC communications. This system combines a mation systems and the resultant information dynamic virtual LAN (VLAN) based on IEEE802.1X disclosures are worldwide problems. According authentication, authentication with a network to data released by the Department of Justice equipment dynamic access list, and an access (DOJ), an estimated 3.6 million households (about control mechanism. The system controls the 3% of all U.S. households) experienced some sort network connections of PCs according to the of personal information theft in the first half of check results for the PCs’ security measures. 2004. The total amount of damages was antici- In the Fujitsu quarantine network system, pated to reach 3.2 billion dollars. The number of Systemwalker Desktop Inspection, which is the damages concerning personal information contin- management server, links with the network ued to rise throughout 2004 and subsequent server IPCOM L series and secure switch SR-S years. Under these circumstances, it is the social
360 FUJITSU Sci. Tech. J., 43,3,(July 2007) T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
Management server
Systemwalker MAC address Desktop Inspection Required application information Quarantine dictionary and log
Update server Setting of connection Authentication, Job server destination range Security quarantine for each user information Systemwalker Desktop Patrol
IPCOM L
Authentication gateway/switch SR-S
Office floor
Authorized PC Unauthorized PC Mobile PC
Figure 4 Quarantine network system.
and moral responsibility of individual companies 5.1 Log collection and management to take adequate security measures. The logs to be collected are generally Because problems such as illegal access determined according to the information system cannot be prevented completely, early problem security policies. Many different logs, ranging detection and handling are necessary. To do from OS logs to middleware and application so, the detailed operation status of information logs, should be collected. The audit log manage- systems should be recorded, managed, and ment function of Systemwalker Centric Manager analyzed as an audit trail (audit log). Then, supports the collection of logs in a variety of based on this trail, appropriate measures should output formats, including the following: be established and taken. 1) OS log (e.g., syslog, loginlog, sulog for UNIX, Fujitsu provides audit log management and event log for Windows) analysis solutions that use Systemwalker Centric 2) Access log of the Web server (Interstage Manager as the core component. These solutions Application Server, Apache, and IIS) are based on the trail management architecture, 3) Operation and activation logs of which is one of Fujitsu’s ESAs. Systemwalker Centric Manager This section describes the considerations 4) Client operation log of Systemwalker and solutions in the following audit log manage- Desktop Keeper ment and analysis phases: 5) Audit log of the database server (Symfoware) • Log collection and management 6) Access log of the storage unit (ETERNUS • Log audit and analysis NR1000 series9)) 7) Logs of the form processing software products (Interstage List Works, Interstage
FUJITSU Sci. Tech. J., 43,3,(July 2007) 361 T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
List Creator, and Interstage List Manager) ensure secure and reliable log collection Managing logs distributed to servers on a 3) To reduce the network load, collection of server or application basis is very costly, and the only logs that have been added. Also, a split collected audit logs can contain gigabytes or even transfer function terabytes of data. Therefore, a mechanism that 4) Identification of the collected audit log (e.g., can safely and securely manage large audit logs by date, server, and application unit) over the long term is required. To achieve this mechanism, the audit log 5.2 Log audit and analysis management function of Systemwalker Centric It is important to analyze logs on a routine Manager10) collects audit logs on the job servers basis. Aggregating the processing contents for and sends them to the IT operation manage- each date, day of the week, and time of day and ment server for centralized management. In also analyzing trends makes it easier to detect addition, this function periodically stores the unusual events that may be signs of failures. audit logs into storage units such as ETERNUS Periodic analysis allows the users to audit the for longterm storage (Figure 5). information system status. Systemwalker Centric Manager also provides The audit log analysis function provided by the following functions required to manage the Systemwalker uses the aggregation and search audit logs: engine of Interstage Navigator11) to enable batch 1) Automatic log collection searching and aggregation for multiple logs 2) Encrypted communication at collection to under complicated conditions (Figure 6).
Storage server
Operation management server Storage of audit logs
Collection and management of audit logs
Job server File server access log Client operation log ・ ・ Web server access log ・ ・DB server access log Job application log File server ・ PC management server Web server DB server Record of operation
File copy DB access
URL access
Client (operation PC)
Figure 5 Collection and storage of audit logs from entire system.
362 FUJITSU Sci. Tech. J., 43,3,(July 2007) T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
Audit log
Input of search conditions Output of search conditions
Log normalization
Normalized log
Batch search of multiple logs
Figure 6 Log normalization and search.
DB server Application server ?
User-A System-ID
User-B System-ID
System-ID TBL-B updated System-ID TBL-A inserted
(a) Problem in 3-hierarchy system
Interstage Application Server Symfoware Server !
User-A +User-A
System-ID
User-B +User-B
User-A TBL-B updated User-B TBL-A inserted (b) Solution provided by Fujitsu middleware
Figure 7 Problem and solution in 3-hierarchy system.
FUJITSU Sci. Tech. J., 43,3,(July 2007) 363 T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
The basic requirements for the audit log of this solution to provide various audit log analysis function are that it: management and analysis solutions. 1) Normalizes logs and absorbs the differences in output formats between logs to enable 6. Conclusion batch searches and aggregation of multiple This paper described Fujitsu’s middleware logs. solutions for ESA security areas. Installing 2) Provides standard templates for search Fujitsu’s ESA-conforming products facilitates conditions. The templates must be custom- linkages between products and enhances infor- izable as necessary. mation security governance of an entire system. 3) Provides standard templates for aggregation Fujitsu will continue to provide ESA- reports. The templates must be customiz- conforming products to improve information able as necessary. security governance. The user ID and IP address are the common search keys for associating multiple logs in References which a series of processes are recorded and then 1) T. Hatakeyama et al.: Infrastructure for Security Compliance Management System. (in Japanese), analyzing them. In fact, log association may be FUJITSU, 57, 2, p.115-121 (2006). difficult. 2) T. Shiozaki, M. Okuhara, and N. Yoshikawa: Fujitsu Enterprise Security Architecture. In general 3-hierarchical Web systems, the FUJITSU Sci. Tech. J., 43, 2, p.153-158 (2007). application server accesses the DB server using http://www.fujitsu.com/downloads/MAG/ vol43-2/paper01.pdf the application server-specific ID instead of the 3) Fujitsu: Interstage Security Director. user ID. This is done to improve performance, http://www.fujitsu.com/global/services/ software/interstage/products/sdirector/ for example, by reducing the number of logins to Features.html the DB system. Accordingly, the audit log output 4) Fujitsu: IPCOM S Series Functions Overview. http://www.fujitsu.com/downloads/SG/fapl/ by the DB server has no information to identify ipcom/ipcoms_functions.pdf the user [Figure 7 (a)]. 5) SAML2.0 Assertions and Protocols. http://docs.oasis-open.org/security/saml/v2.0/ To solve this problem, it is necessary to make saml-core-2.0-os.pdf a link between the application server and DB 6) XACML2.0 Specification Document. http://docs.oasis-open.org/xacml/2.0/ server in order to transfer the user ID. In the access_control-xacml-2.0-core-spec-os.pdf Fujitsu middleware solution, the application 7) Fujitsu: Systemwalker Desktop Series. (in 11) Japanese). server Interstage Application Server links with http://systemwalker.fujitsu.com/jp/solution/ the DB server Symfoware12) to transfer the user solution_31.html 8) UDAC Consortium. ID. This system enables the user ID to be stored http://www.udac-consortium.org/index_e.html correctly in the DB server audit log so the associ- 9) Fujitsu: ETERNUS. http://www.fujitsu.com/global/services/ ated logs can be analyzed [Figure 7 (b)]. computing/storage/ 10) Fujitsu: Systemwalker. http://www.fujitsu.com/global/services/ 5.3 Summary of audit trail software/systemwalker/ The Fujitsu middleware solution focusing 11) Fujitsu: Interstage. http://www.fujitsu.com/global/services/ on Systemwalker Centric Manager has an audit software/interstage/ trail architecture. As mentioned above, this 12) Fujitsu: Symfoware. http://www.fujitsu.com/global/services/ solution enables safe and secure audit trail software/symfoware/ management and analysis, which can improve the efficiency of the PDCA cycle of information system security management. Fujitsu will further enhance the functions
364 FUJITSU Sci. Tech. J., 43,3,(July 2007) T. Hatakeyama et al.: Security Solutions Provided by Fujitsu’s Middleware Products
Takahisa Hatakeyama, Fujitsu Ltd. Yoshie Yamanaka, Fujitsu Ltd. Mr. Hatakeyama received the B.S. and Ms. Yamanaka received the B.S. degree M.S. degrees in Marine System Engi- in Physics from Toho University, Chiba, neering from the University of Osaka Japan in 1988. She joined Fujitsu Ltd. Prefecture, Sakai, Japan in 1986 and in 1988, where she was engaged in 1988, respectively. He joined Fujitsu research and development of computer Ltd., Kawasaki, Japan in 1988, where graphic systems. Since 2000, she has he has been engaged in research been engaged in research and devel- and planning of network and security opment of security solutions. She is software. also developing client security systems.
Tatsuji Shimoe, Fujitsu Ltd. Hideyuki Kageyama, Fujitsu Ltd. Mr. Shimoe received the B.S. degree Mr. Kageyama received the B.E. in Chemistry from Sophia University, degree in Civil Engineering from Meijo Tokyo, Japan in 1980. He joined University, Nagoya, Japan in 1988. He Fujitsu Ltd. Japan in 1981, where he joined Fujitsu Aichi Engineering Ltd. has been engaged in research and in 1988. Then, he moved to Fujitsu development of distributed comput- Ltd., Nagoya, Japan in 2005, where he ing and security-related systems. He has been engaged in development of qualified as a CISSP in 2006. enterprise management software. He received the Telecommunication Man- agement Research Award of the IEICE in 2002.
FUJITSU Sci. Tech. J., 43,3,(July 2007) 365