IS
IT IT 1,000 10 IT 2011 2011 ICT 2012 3
...1...1...1...2...4...4...5...9...9...9...10...12...12...13...13...15...15...15...16...20...22...22...24...26...26...26...27
2010 454 2015 2010 4.3 1,947 2010 45.3 2011 50 1 1.1-1 SaaS PaaS IaaS Desktop as a Service BCP: Business Continuity Plan 1 1
1.1-1 2010 2015 2 1) SaaS PaaS 2 IDC Japan2011 4 http://www.itmedia.co.jp/enterprise/articles/1104/04/news047.html http://enterprisezine.jp/article/detail/3049 2
IaaS FedRAMP 3 2) 3 http://www.gsa.gov/portal/category/102371 3
2011 2,005 2015 3,454 4 1.2-1 7.7% 36.9% 44.6% 9000 8000 7000 6000 5000 4000 3000 2000 1000 6,811 5,629 4,217 2,714 3,082 2,812 2,005 2,205 1,002 684 7,741 8,456 3,454 3,559 0 2010 2011 2012 2013 2014 2015 2016 ] ] 1.2-1 MRI 4 MCPChttp://www.mcpc-jp.org/news/index.htm 4
1.2 MRI 1.2 7 4 3 60 40 OS PC PC GPS 5
PC PC OS Android IPA 2011 1 Android OS Android 1.2-2 1.2-2 4 1) 6
2) GPS 3) SNS 4) OS OS GPS OS OS ios(iphone)android OSBlackBerry WindowsPhone WindowsMobile ios(iphone) WindowsPhone AppStore Windows Phone Market Place OS iphone, WindowsPhone Android AndroidMarket 5 AppStore Android OS Android Android Android 5 Android Market 2012 3 Google Play Android 7
OS 1.2-1 1.2-1 OS 8
2011 3 4 2.1-1 6 44% 55% 26%29% 21%1 2.1-1 2/3 BCP 9 BCP 2.1-2 BCP 49%17%BCP 7% 78% 15% 6 BCP 2011 6 30 http://www.nri.co.jp/news/2011/110630_1.html 9
2.1-2 BCP BCP BCP PC BCP WEB 7 1) 7 2011 12 19 http://www.ipa.go.jp/security/cloud/cloud_sinsai_r1.html 10
2) PC SNS 3) 8 8 23 3 23 http://www.cas.go.jp/jp/seisaku/jouhouwg/renkei/dai3/sankou4.pdf 11
2011 2011 2.2-1 2.2-1 2011 4 Play Station Network (PSN) 2460 SOE 1 2700 / 1 700 5 36 6 gmail 7 ID 8 700 9 11 80 12
(IPA) 9 APT (Advanced Persistent Threats) 10 1) 2) 3) URL ( ) 4) 5) 6) 7) 8) persistent() 9 http://www.ipa.go.jp/about/press/pdf/110920press.pdf 10 http://www.ipa.go.jp/security/fy23/reports/measures/documents/report20120120.pdf 13
2.2-2 2.2-2 (J-CSIP 11 ) (ISOG-J 15 ) WG 12 13 4000 14 ISOG-J WG 11 Initiative for Cyber Security Information sharing Partnership of Japan 12 http://www.nisc.go.jp/conference/seisaku/dai28/pdf/28seisakupress.pdf 13 http://www.mod.go.jp/j/approach/others/security/security.html 14 http://www.npa.go.jp/keibi/biki3/230804kouhou.pdf 15 Information Security Operation providers Group Japan 14
NIST SP500-291 NIST Cloud Computing Standards Roadmap SaaS SaaS SaaS PaaS IaaS SaaS 3 SaaS SaaS ID SaaS SaaS ID ID ID ID Identity Provider SaaS NIST SP800-63 OpenID ID ID level of assurance 15
ID ID 1.1.2 k- 16 1.2 MDM(Mobile Device Management) MDP(Mobile Data Protection) MDM MDP 16 k 16
OS OS OS Web 2 PC Android OS 3 1.2.2 iphone WindowsPhone Android 17
Android OS 2012 1 NSAAndroid Security EnhancedSE AndroidSE AndroidAndroid OS(iOSAndroidWindowsPhone)OS OS PC TPM(Trusted Platform Module) ISO OS PC OS OS OS 3 SNS SNS Twitter Facebook SNS SNS SNS SNS 18
SNS 17 4OS OS OS 1.2-1 OS ios(iphone) WindowsPhone OS Apple Microsoft Android OS OS OS OS 13 17 http://web-tan.forum.impressrd.jp/e/2010/05/25/8041 19
(JSSEC) 18 BCP 3 1) 18 http://www.jssec.org/dl/guidelines2011_v1.0.pdf 20
2) 3) PC BCP BCP BCP 3 1) BCP 19 BCP BCP RTO 2) BCP BCP 19 IT 20 9 http://www.meti.go.jp/policy/netsecurity/downloadfiles/itsc_gl.pdf 21
3) BCP BCP BCP BCP BCP BCP BCP BCP 4) BCP 2.2 3.4-1 22
3.4-1 20 No 1 () (Virtual Private Network ) () 2 OS OS (WAF) 3 URL 4 () () ( ) 5 () 6 7 (DB ) 20 / http://www.ipa.go.jp/security/j-csip/documents/presentation2.pdf 23
8 No.4 IPA 21 3.4-2 3.4-2 No 1 1. 2. 2 http http 3 RAT 22 proxy (CONNECT ) RAT CONNECT proxy 4 VLAN 21 http://www.ipa.go.jp/security/vuln/newattack.html 22 Remote Access Trojan 24
5 1. AD 23 2. AD 6 SW VLAN 7 8 P2P No.46 RPC 23 Active Directory 25
3 NIST SCAP Security Content Automation Protocol 6 CVE CCE CPEC CVSS XCCDF OVAL 26
IPA 24 BCP IT ICT IT BCP 24 SCAP http://www.ipa.go.jp/security/vuln/seminar/lab_semi_scap_2011_4.html 27
4.3-1 IT BCP SCAP SCAP X.1500 4.3-1 IT 28
IT BCP BCP BCP BCP IT JEITA IT 29
IT 2012224 IT IT IT NIST-SP 500-291 NIST Cloud Computing Standards Roadmap NIST-SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations 1 31
2 3 3.11 MRI MRI 32
IT 201519472010 Microsoft BPOSExchange OnlineIBM LotusLiveGoogle Apps SaaSBCP IDC Japan, 20114 20112011 2009984500IDC Japan, 20109 2011 IDC Japan20114 http://www.itmedia.co.jp/enterprise/articles/1104/04/news047.html http://enterprisezine.jp/article/detail/3049 IDC Japan20109 http://japan.zdnet.com/virtualization/analysis/20419377/ 5 33
CIO 7% 2011CIO 20116 2011526 6 SNS - - IT1%CCCContentsCommunicationCollaboration 14%Gartner20104 IBM SAP Vulcan Stream Work On Track Chatter Office / SAP TwitterUI SharePoint Lotus Notes, Connections Sales OnDemand, Google Docs, Evernote, box WebCenter Suite, CRM On Demand, Beehive Force.com SaaS Exchange Server, Lync, Outlook 2011526 20112 7 34
2015 1000WindowsLinux 60035 VmwarevSphere Hyper-VI/O 201220 UNIX 2015 I/O CPU I/O 20153 10% IT 2008660kW600 kw 201169http://www.keyman.or.jp/3w/prd/05/30004105/ 8 20116Web Web 41 Web 5IT/ 0.230.046 Web 2011420124 OracleSaaS SLA OracleSaaS 30SLA 2011692011317 9 35
http://it.impressbm.co.jp/e/2010/10/26/2874 10 http://it.impressbm.co.jp/e/2010/10/26/2874 11 36
Chatter 20111 Chatter.com ChatterSaleseforce CRMSalesforce CRM ERP CRM ChatteriOSWindows Andorid 2 25% BtoBFAXSEM 20114Chatter ChatterMVP ChatterUP Chatter 375000 IBMTwitterProject Vulcan Office Talk YammerSNS1008 SAPStreamWork http://www.atmarkit.co.jp/news/201004/15/sf.html http://pc.watch.impress.co.jp/docs/column/mobile/20110210_426109.html http://www.publickey1.jp/blog/10/chatter.html 12 Live Live 201010 20 42,0002011100 10PaaSkintone 201123526 http://technolog.jp/solution/cloud/3307 13 37
201012365 2 14 14 2010 2010 - - - CIO CIO 2011CIO 20116 20113 15 38
SLA 16 16 2010 2010 IaaSSaaS PL 17 39
IT Google 18 1/4201011 OSWindows46.4iPhoneiOS37.2 Android13.33iOSWindows iphone4androidipad/ipad2galaxy TAB SalesforceSAP2011/ 2010/11 19 40
IT 201132 201139 895 7.736.944.6 55.3 1 55.9226.5 313.24 1.51 53.62 30.335.54 3.0 1 50.7 20 iphone GALAXY S 169.62 46.4331.9 414.55 11.6 121 21 41
22 17.645.6 26.510.3 E Windows 1 76.8 58.0 37.74.3 67.5 20.412.2 23 140.0237.6 334.74 PC33.95 33.5632.97 32.2 42
2011571 4 3 2011 http://www.mcafee.com/japan/security/mcafee_labs/blog/content.asp?id=1292 24 300PCiPad 4,000 110 1iPad23GWi-Fi ipad PC PC iphone PC ipad3d 2011 ipad 251iPad ipad http://journal.mycom.co.jp/series/iphoneipadkatsuyo/008/index.html http://journal.mycom.co.jp/series/iphoneipadkatsuyo/011/index.html 25 43
ipad 5200 ipad for ipad Tips ipad PC ipad250 3G ipad. ipad http://journal.mycom.co.jp/series/iphoneipadkatsuyo/001/index.html http://journal.mycom.co.jp/series/iphoneipadkatsuyo/002/index.html 26 ipad50 Handbook 3G ID MR 76iPad NotesMicrosoft Online ServicesBPOS(Business Productivity Online Standard Suite) ipad Citrix Receiver PhoneFactor 33iPad Notes ipad PC GIGAPODiPad 1Safari http://journal.mycom.co.jp/series/iphoneipadkatsuyo/007/index.html http://journal.mycom.co.jp/series/iphoneipadkatsuyo/005/index.html 27 44
1,500700 ARiPhoneWine- Link() AR Android iphone30 40 iphone iphone30 157 iphone iphone http://journal.mycom.co.jp/series/iphoneipadkatsuyo/004/index.html http://journal.mycom.co.jp/series/iphoneipadkatsuyo/009/index.html 28 iphone Web BloombergSimplex FX 2009 iphone itune 4iPhone 30 3 ipad1,300mr MR 20107 MR - - http://it.impressbm.co.jp/e/2010/10/26/2874 http://www.itmedia.co.jp/promobile/articles/0912/16/news049_2.html 201128 http://www.otsuka.co.jp/company/release/2010/0607_02.html 29 45
- - - SNS - GPS SIM Android Geinimi 20111IPA iphone Android Blackberry Windows Mobile OS OS Jailbreak McAfee2011 Symbian OS1Android2 Research In MotionRIM BISBlackberry Internet Service Windows OS http://dt.business.nifty.com/articles/4307.html 30 iosos Android Windows PhoneWindows Phone Market Place Android Android OS MDM MDM URL OS 31 46
PC PC 3GWi-FiGPS GPS 32 47
2011IT1323 JIPDEC/ITR20116 20 15IT 2011 ITN= N=500 N=500 N=500 201152025 Web IT2011JIPDECITR http://www.itr.co.jp/company_outline/press_release/110627pr/ 34 262955 211 6245 44 20116 3,0003,000 BCPNRI,2011/06/30 http://www.nri.co.jp/news/2011/110630_1.html 35 48
BCP49200729%1736% 32BCP7 BCP3 BCP BCP BCP BCP BCP BCP BCP BCP BCPNRI,2011/06/30 http://www.nri.co.jp/news/2011/110630_1.html 36 42 39383 BCPNRI,2011/06/30 http://www.nri.co.jp/news/2011/110630_1.html 37 49
IT Ustream Youtube AmazonEC Google WEB IT20116 http://www.jtec.or.jp/6.14kouenkai_meti_sekine.2.pdf 38 CIA ID CIA CIA CIA UPS CIADoS CIA PC ATM UPS HDDRAIDHDDTB JNSA2011/6/29 39 50
2011 CIA SK 4 5 5 5 6 6 7 7 8 8 9 11 2011 2011 PlayStation NetworkPSN2460SOE1 2700/ 1700 Eidosmontreal.comWeb350 25000 360083 gmail SNS3500 700 500 1180 1,320 40 URL - - - - IPA, 20121 41 51
IPA J-CSIPNDA 3 J-CSIP IPA, 201111 http://www.ipa.go.jp/security/j-csip/documents/presentation2.pdf 42 IT 52
IT - / - - - Android - - IT - - - - - - SNS - GPS SIM 44 IDCConfidentialityAAvailability AC IT-BCP ITJEITA SNSFacebookTwitter - - - - 45 53
4 5 7 8 8 8 2010 IT Finder 54
NIST 5 / NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 48 SaaS PaaSIaaS // Cloud Software as a Service SaaS Cloud Platform as a Service OS Cloud Infrastructure as a Service IaaS by Vivek Kundra, Federal Cloud Computing Strategy, Feb 2011 3 IInternetMID SLA NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 49 55
2 IT 3 / / PI PII CIO PII NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 50 1 NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 51 56
3 1 2 3 4 1 5 6 7 8 2 vs vs NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 52 P2P VM SLA/ 2 P2P P2P SLA P2P P2P P2P P2P 1. SLA PKI VM - P2P SLA 2. 3.IaaS 4. 5. 6. 7. 8. 9. SLA 10. NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 53 57
DoS API NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 54 ID ID secure-by-default Web NIST NIST-SP SP 500-291 NIST Cloud Computing Standards Roadmap July,2011 July,2011MRI 55 58
NIST NIST-SP SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations May,2011 May,2011 MRI 56 NIST NIST-SP SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations May,2011 May,2011 MRI 57 59
NIST NIST-SP SP 800-146 DRAFT Cloud Computing Synopsis and Recommendations May,2011 May,2011 MRI 58 60
TEL