Cybersecurity Research Center

Director: Hideki Sunahara (Professor, Graduate School of Media Design (KMD))

Main Campuses: Hiyoshi, Shonan Fujisawa

As the internet becomes an integral part of social infrastructure, it is imperative to implement measures that ensure online activities are safe and secure. This requires not only technical solutions but also the essential development of corresponding organizational management, social systems, and legal frameworks. This research center conducts research and development to devise such multifaceted and comprehensive cybersecurity measures. In this context, we are conducting research and development with a particular focus on the following themes:

Cybersecurity, crisis analysis, crisis prediction, Identity/Trust, educational training packages

■ Regarding activities continuing from the previous fiscal year: background, rationale, and goals for continuation

The following themes implemented in the previous fiscal year will be continued in FY2019.

In the previous fiscal year, we focused on achieving concrete results through R&D experiments centered on the established operational environment. We are beginning to see several results from these efforts, and continuous R&D experiments are essential for this research. Therefore, we will continue these activities, positioning them as the center's core R&D items. In particular, items 1 and 2 will be continued as important projects under a joint research agreement with Hitachi, Ltd., and item 3 is a project adopted by the NEDO SIP (Cross-ministerial Strategic Innovation Promotion Program), making them high-priority items.

■ New activity goals and content for FY2019, and background for implementation

Research topics in cybersecurity are constantly changing. We will continuously monitor these developments and maintain a system to respond swiftly to new research themes. Specifically, we will establish a mechanism to regularly consolidate reports from each member, enabling us to promptly initiate R&D on new topics. In FY2019, we anticipate a rise in challenges related to social and legal systems for the effective implementation of developed technologies, the use of individual-centric personal information, and cybersecurity for the Internet of Things (IoT). We plan to conduct thorough investigations in these areas. IoT, in particular, is a critical field that includes the medical devices discussed in WG5, and we intend to deepen our discussions to include specific applications.

■ Implementation details for the fiscal year's business plan, research results, and degree of achievement

In FY2019, we conducted research activities centered on five WGs (Working Groups) to achieve concrete results.

WG1 advanced its research with a focus on the R&D of distributed SOC construction and operation technologies. In collaboration with the ITC at Keio, we established a distributed SOC and conducted technology development and demonstration experiments for information sharing. These results have been presented at domestic research conferences and are being submitted to academic journals.

WG2 advanced its research with a focus on technology development for Trusted Identity. Based on standards from the OpenID Foundation, FIDO Alliance, and others, we prepared an experimental IdP environment and improved the on-campus authentication infrastructure. We also promoted the use of biometric authentication technologies, with a particular focus on finger vein authentication. These results have been presented at domestic research conferences. Additionally, we discussed the concept of lifetime identity, examining how and when identities should be registered in the digital space and how trust can be built and inherited over time. In this context, we are discussing new procedures that balance the level of trust with the simplicity of registration. Furthermore, we are developing secure file exchange technology for these environments and have compiled necessary recommendations regarding the social and legal systems surrounding security.

WG3 is developing training material packages for human resource development. We are designing security education course curricula for undergraduate and graduate programs, as well as training curricula for critical infrastructure companies. These results have been presented at domestic research conferences and submitted to academic journals. Additionally, we examined the alignment with career paths within companies.

WG4 conducted studies on sharing security-related information, including with core regional organizations. We also analyzed the collected information and advanced discussions on specific collaborations, such as extracting threatening communications.

WG5 held discussions on security in medical settings and developed a system to operate and manage medical devices to ensure their security. Furthermore, to promote international collaboration in this R&D, we held two international symposiums and discussed collaboration with related organizations in Europe, the US, Asia, and Israel. This led to the establishment of the INCS-CoE, and we were able to build concrete collaborative relationships with the participating organizations.

Number of conference presentations: 2 submissions to academic journals (in progress), 3 presentations at domestic research conferences

Achievements in social contributions such as events

In FY2019, the five WGs are achieving concrete results.

In WG1, we coordinated with the ITC to specifically advance the installation of a distributed SOC, and were able to develop and conduct demonstration experiments on the foundational technology for information sharing with related organizations.

In WG2, the development of a concrete authentication infrastructure is progressing, and collaboration with actual on-campus services is advancing. We have also introduced the concept of "lifetime identity" for more concrete service implementation and are building a model, thereby establishing a foundation for a society where the real world and digital space are integrated.

In WG3, based on the security curriculum implemented through on-campus collaboration, we have completed the design and trial of a desirable curriculum and an investigation into its alignment with the career paths of security engineers. This is aimed not only at student education but also for development as an Extension Course for working professionals, which will raise the presence of Keio University in this field.

In WG4, the construction of and collaboration on an information-sharing platform, including with Chubu Electric Power Co., Inc., is progressing, and its implementation is advancing with regard to the state of cybersecurity in local communities.

Additionally, we developed the INCS-CoE as an international collaboration platform and were able to advance concrete collaborative activities with related organizations in the UK, the US, Asia, Israel, and Japan.

We believe that these achievements would be difficult for individual faculties and graduate schools to accomplish alone and are the result of the center's efforts as a university-wide organization.