{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00204344","sets":["581:10023:10027"]},"path":["10027"],"owner":"44499","recid":"204344","title":["コマンド真正性検証を用いたセキュアなATM設計法"],"pubdate":{"attribute_name":"公開日","attribute_value":"2020-04-15"},"_buckets":{"deposit":"26425dfa-a912-4350-9a8d-6c4d2b4706e5"},"_deposit":{"id":"204344","pid":{"type":"depid","value":"204344","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"コマンド真正性検証を用いたセキュアなATM設計法","author_link":["505991","505992","505988","505987","505985","505986","505989","505990"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"コマンド真正性検証を用いたセキュアなATM設計法"},{"subitem_title":"Secure ATM Device Design by Control Command Verification","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"[一般論文] ATM，セキュリティ，マルウェア，ネットワーク，暗号，デバイス","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2020-04-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"横浜国立大学／日立オムロンターミナルソリューションズ株式会社"},{"subitem_text_value":"日立オムロンターミナルソリューションズ株式会社"},{"subitem_text_value":"日立オムロンターミナルソリューションズ株式会社"},{"subitem_text_value":"横浜国立大学"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Yokohama National University / Hitachi-Omron Terminal Solutions, Corporation","subitem_text_language":"en"},{"subitem_text_value":"Hitachi-Omron Terminal Solutions, Corporation","subitem_text_language":"en"},{"subitem_text_value":"Hitachi-Omron Terminal Solutions, Corporation","subitem_text_language":"en"},{"subitem_text_value":"Yokohama National University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/204344/files/IPSJ-JNL6104027.pdf","label":"IPSJ-JNL6104027.pdf"},"date":[{"dateType":"Available","dateValue":"2022-04-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL6104027.pdf","filesize":[{"value":"2.3 MB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"1ed6eb7c-569f-4dba-a79b-97c4e10175e4","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2020 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"緒方, 日佐男"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"石川, 智祥"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"宮本, 範親"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"松本, 勉"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Hisao, Ogata","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tomoyoshi, Ishikawa","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Norichika, Miyamoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Tsutomu, Matsumoto","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"海外では，ATM（Automated Teller Machine）システムは，様々な論理攻撃を受けて不正出金が行われており，深刻な社会問題となっている．既存対策はATM制御部であるPCの保護に重点が置かれているが，ATMの運用では数日おきの紙幣補充回収による内部アクセスや，定期的なPCのソフトウェアやデータ更新が発生するので，PCへのマルウェア侵入の懸念があった．そこで，筆者らは現金処理モジュールといった，ATM内の周辺デバイスに送られるコマンドの真正性を，周辺デバイス自身が検証する「コマンド真正性検証法」を提案した．しかし，磁気カードを用いた出金取引に本検証法を適用すると，既存のセキュリティ制約が少ないために適用箇所や適用の仕方は様々であるうえ，既存運用への影響の最小化といった考慮すべき観点も多数存在するため，適用設計が難しいという問題があった．そこで，本論文では出金取引中の多様な論理攻撃対策，既存運用や周辺デバイス改造への影響最小化を考慮しながら，コマンド真正性検証法をATMに適用する最適なシステム設計法を提案する．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Recently, criminals frequently utilize logical attacks to install malware in the PC of Automated Teller Machines (ATMs) for the sake of unauthorized cash withdrawal from ATMs. Existing security measures primarily try to protect executable files in the PC so as not to be compromised by malware. Such security measures are not so effective or efficient because frequent physical/logical accesses inside each ATM are required in existing ATM operations, for example, once a few days to a week periodical cash replenishment and collection for cash services, and once a quarter periodical software/data updating. To cope with the issues, we proposed an ATM security measure called “Command Verification” that a peripheral device itself verifies a control command received from the PC in other paper. When the measure is applied to magnetic stripe card transactions, many applied systems are derived because of less security constraints resulted from the existing security standards for magnetic stripe card transactions. Proper applied systems should be selected among these many candidate systems from three points of view: preventing a wide range of logical attacks, being harmonized with existing ATM operations, and minimizing to modify existing peripheral devices. This paper proposes a design method to apply the Command Verification to ATM devices/systems by considering the three points.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"989","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"978","bibliographicIssueDates":{"bibliographicIssueDate":"2020-04-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"4","bibliographicVolumeNumber":"61"}]},"relation_version_is_last":true,"item_2_identifier_registration":{"attribute_name":"ID登録","attribute_value_mlt":[{"subitem_identifier_reg_text":"10.20729/00204249","subitem_identifier_reg_type":"JaLC"}]},"weko_creator_id":"44499"},"updated":"2025-01-19T20:14:21.744544+00:00","created":"2025-01-19T01:06:37.984439+00:00","links":{},"id":204344}