2022/06/28 更新

写真a

ヨシオカ ノブカズ
吉岡 信和
所属
理工学術院 理工学術院総合研究所
職名
上級研究員(研究院教授)
プロフィール

1971年生.
1993年富山大学工学部電子情報工学科卒業.
1998年北陸先端科学技術大学院大学情報科学研究科博士後期課程修了.
博士(情報科学).
同年(株)東芝入社.
2002年-2021年国立情報学研究所 准教授,
2007年-2021年総合研究大学院大学 准教授,
2021年より早稲田大学理工学術院 理工学術院総合研究所 上級研究員/研究院教授,
2009年より北陸先端科学技術大学院大学 客員准教授,
ソフトウェアセキュリティ,クラウドコンピューティング,およびソフトウェア工学の研究に従事.
情報処理学会,日本ソフトウェア科学会,電子情報通信学会各会員.

学位

  • 博士(情報科学)

経歴

  • 2021年05月
    -
    継続中

    早稲田大学   理工学術院総合研究所   研究員   上級研究員/研究院教授

  • 2007年04月
    -
    2021年04月

    総合研究大学院大学   准教授

  • 2007年04月
    -
    2021年04月

    国立情報学研究所   准教授

  • 2004年08月
    -
    2007年03月

    国立情報学研究所   特任助教授

  • 2002年01月
    -
    2004年07月

    国立情報学研究所   研究員

  • 1998年04月
    -
    2002年01月

    (株)東芝

▼全件表示

所属学協会

  •  
     
     

    IEEE Computer Society

  •  
     
     

    人工知能学会

  •  
     
     

    日本ソフトウェア科学会

  •  
     
     

    電子情報通信学会

  •  
     
     

    情報処理学会

 

研究分野

  • ソフトウェア

研究キーワード

  • 機械学習

  • プライバシー

  • ソフトウェア工学

  • エージェント

  • 分散システム

  • ミドルウェア

  • 要求分析

  • セキュリティ

▼全件表示

論文

  • Abstract security patterns and the design of secure systems

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Joseph Yoder

    Cybersecurity   5 ( 1 ) 1 - 17  2022年12月  [査読有り]

     概要を見る

    Abstract

    During the initial stages of software development, the primary goal is to define precise and detailed requirements without concern for software realizations. Security constraints should be introduced then and must be based on the semantic aspects of applications, not on their software architectures, as it is the case in most secure development methodologies. In these stages, we need to identify threats as attacker goals and indicate what conceptual security defenses are needed to thwart these goals, without consideration of implementation details. We can consider the effects of threats on the application assets and try to find ways to stop them. These threats should be controlled with abstract security mechanisms that can be realized by abstract security patterns (ASPs), that include only the core functions of these mechanisms, which must be present in every implementation of them. An abstract security pattern describes a conceptual security mechanism that includes functions able to stop or mitigate a threat or comply with a regulation or institutional policy. We describe here the properties of ASPs and present a detailed example. We relate ASPs to each other and to Security Solution Frames, which describe families of related patterns. We show how to include ASPs to secure an application, as well as how to derive concrete patterns from them. Finally, we discuss their practical value, including their use in “security by design” and IoT systems design.

    DOI

  • Traceable Business-to-Safety Analysis Framework for Safety-critical Machine Learning Systems

    Jati H. Husen, Hironori Washizaki, Hnin Thandar Tun, Nobukazu Yoshioka, Hironori Takeuchi, Yoshiaki Fukazawa

    1st Conference on AI Engineering – Software Engineering for AI (CAIN 2022)     1 - 2  2022年06月  [査読有り]

  • A New Approach for Machine Learning Security Risk Assessment

    Jun Yajima, Maki Inui, Takanori Oikawa, Fumiyoshi Kasahara, Ikuya Morikawa, Nobukazu Yoshioka

    1st Conference on AI Engineering – Software Engineering for AI (CAIN 2022)     1 - 2  2022年05月  [査読有り]

  • 開発エンジニア向け機械学習セキュリティ脅威分析技術

    矢嶋純, 及川孝徳, 森川郁也, 笠原史禎, 乾真季, 吉岡信和

    2022年 暗号と情報セキュリティシンポジウム(SCIS2022)     1 - 8  2022年01月

  • Literature Review on Log Anomaly Detection Approaches Utilizing Online Parsing Methodology

    Scott Lupton, Hironori Washizaki, Nobukazu Yoshioka, Yoshiaki Fukazawa

    2021 28th Asia-Pacific Software Engineering Conference (APSEC)     1 - 5  2021年12月  [査読有り]

    DOI

  • Cyber-Security Incident Analysis by Causal Analysis using System Theory (CAST)

    Tomoko Kaneko, Nobukazu Yoshioka, Ryoichi Sasaki

    The 21st IEEE International Conference on Software Quality, Reliability, and Security (QRS 2021)    2021年12月  [査読有り]

  • 並列イベントを含む業務プロセスの伝票突合せアセスメント手法の提案

    河本高文, 二木厚吉, 吉岡信和

    コンピュータセキュリティシンポジウム 2021    2021年10月

  • Enterprise Architecture based Representation of Architecture and Design Patterns for Machine Learning Systems

    Hironori Takeuchi, Takuo Doi, Hironori Washizaki, Satoshi Okuda, Nobukazu Yoshioka

    The 13th Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SOEA4EE)     1 - 6  2021年10月  [査読有り]

  • 伝票突合せアセスメント手法の業務プロセスへの適用事例研究

    河本高文, 二木厚吉, 吉岡信和

    情報処理学会論文誌   62 ( 9 ) 1449 - 1510  2021年10月

  • Online Log Parsing: Preliminary Literature Review

    Scott Lupton, Hironori Washizaki, Nobukazu Yoshioka, Yoshiaki Fukazawa

    The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021)     1 - 2  2021年10月  [査読有り]

  • Goal-Oriented Machine Learning-Based Component Development Process

    Jati H. Husen, Hnin Thandar Tun, Nobukazu Yoshioka, Hironori Washizaki, Yoshiaki Fukazawa

    ACM/IEEE 24th International Conference on Model Driven Engineering Languages and Systems (MODELS)     1 - 2  2021年10月  [査読有り]

  • Software Engineering Patterns for Machine Learning Applications (SEP4MLA) – Part 3 – Data Processing Architectures

    Jomphon Runpakprakun, Sien Reeve, Ordonez Peralta, Hironori Washizaki, Foutse Khomh, Yann-Gael Gueheneuc, Nobukazu Yoshioka, Yoshiaki Fukazawa

    28th Conference on Pattern Languages of Programs (PLoP 2021)     1 - 11  2021年10月  [査読有り]

  • 組込みシステム向け障害解析環境の効率改善

    長野岳彦, 小口琢夫, 吉岡信和, 田原康之, 大須賀昭彦

    第32回コンシューマ・デバイス&システム(CDS)研究会     1 - 8  2021年09月

  • KPIツリーを用いた機械学習プロジェクト管理フレームワーク

    浜田伸一郎, 吉岡信和, 内平直志

    日本ソフトウェア科学会第 38 回大会 (2021年度) 論文集     1 - 9  2021年09月

  • 機械学習応用システムの要求工学に関する一考察: 要求獲得上の課題特定のセンスメイキング論的アプローチ

    中木裕章, 岸本眞一郎, 吉岡信和, 内平直志

    日本ソフトウェア科学会第 38 回大会 (2021年度) 論文集     1 - 11  2021年09月

  • The design of secure IoT applications using patterns: State of the art and directions for research

    Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka, Takao Okubo

    Internet of Things   15   1 - 18  2021年09月  [査読有り]

    DOI

  • Tracing CVE Vulnerability Information to CAPEC Attack Patterns Using Natural Language Processing Techniques

    Kenta Kanakogi, Hironori Washizaki, Yoshiaki Fukazawa, Shinpei Ogata, Takao Okubo, Takehisa Kato, Hideyuki Kanuka, Atsuo Hazeyama, Nobukazu Yoshioka

    Information   12 ( 8 ) 2078 - 2489  2021年07月  [査読有り]

     概要を見る

    For effective vulnerability management, vulnerability and attack information must be collected quickly and efficiently. A security knowledge repository can collect such information. The Common Vulnerabilities and Exposures (CVE) provides known vulnerabilities of products, while the Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of common attributes and approaches employed by adversaries to exploit known weaknesses. Due to the fact that the information in these two repositories are not linked, identifying related CAPEC attack information from CVE vulnerability information is challenging. Currently, the related CAPEC-ID can be traced from the CVE-ID using Common Weakness Enumeration (CWE) in some but not all cases. Here, we propose a method to automatically trace the related CAPEC-IDs from CVE-ID using three similarity measures: TF–IDF, Universal Sentence Encoder (USE), and Sentence-BERT (SBERT). We prepared and used 58 CVE-IDs as test input data. Then, we tested whether we could trace CAPEC-IDs related to each of the 58 CVE-IDs. Additionally, we experimentally confirm that TF–IDF is the best similarity measure, as it traced 48 of the 58 CVE-IDs to the related CAPEC-ID.

    DOI

  • CSPM

    Tian Xia, Hironori Washizaki, Yoshiaki Fukazawa, Haruhiko Kaiya, Shinpei Ogata, Eduardo B. Fernandez, Takehisa Kato, Hideyuki Kanuka, Takao Okubo, Nobukazu Yoshioka, Atsuo Hazeyama

    International Journal of Systems and Software Security and Protection   12 ( 2 ) 1 - 18  2021年07月

     概要を見る

    Security and privacy in cloud systems are critical. To address security and privacy concerns, many security patterns, privacy patterns, and non-pattern-based knowledge have been reported. However, knowing which pattern or combination of patterns to use in a specific scenario is challenging due to the sheer volume of options and the layered cloud stack. To deal with security and privacy in cloud services, this study proposes the cloud security and privacy metamodel (CSPM). CSPM uses a consistent approach to classify and handle existing security and privacy patterns. In addition, CSPM is used to develop a security and privacy awareness process to develop cloud systems. The effectiveness and practicality of CSPM is demonstrated via several case studies.

    DOI

  • Analysis of IoT Pattern Descriptions

    Hironori Washizaki, Atsuo Hazeyama, Takao Okubo, Hideyuki Kanuka, Shinpei Ogata, Nobukazu Yoshioka

    2021 IEEE/ACM 3rd International Workshop on Software Engineering Research and Practices for the IoT (SERP4IoT)     22 - 26  2021年06月  [査読有り]

    DOI

  • Systematic Literature Review of Security Pattern Research

    Hironori Washizaki, Tian Xia, Natsumi Kamata, Yoshiaki Fukazawa, Hideyuki Kanuka, Takehisa Kato, Masayuki Yoshino, Takao Okubo, Shinpei Ogata, Haruhiko Kaiya, Atsuo Hazeyama, Takafumi Tanaka, Nobukazu Yoshioka, G Priyalakshmi

    MDPI   12 ( 1 ) 1 - 32  2021年03月  [査読有り]

    DOI

  • CSPM: Metamodel for Handling Security and Privacy Knowledge in Cloud Service Development

    Tian Xia, Hironori Washizaki, Yoshiaki Fukazawa, Haruhiko Kaiya, Shinpei Ogata, Eduardo B. Fernandez, Takehisa Kato, Hideyuki Kanuka, Takao Okubo, Nobukazu Yoshioka, Atsuo Hazeyama

    International Journal of Systems and Software Security and Protection   12 ( 2 ) 1 - 18  2021年01月  [査読有り]

    DOI

  • DeepPatch: Interactive repair of object detection

    Junji Hashimoto, Nobukazu Yoshioka

    2nd International Workshop on Machine Learning Systems Engineering​ (iMLSE 2020)     1 - 2  2020年12月  [査読有り]

  • A Study on Classification and Integration of Research on both AI and Security in the IoT Era

    Ryoichi Sasaki, Tomoko Kaneko, Nobukazu Yoshioka

    11th International Conference on Information Science and Applications (ICISA2020)     1 - 10  2020年12月  [査読有り]

  • STAMP S&S: Safety & Security Scenario for Specification and Standard in the society of AI/IoT

    Tomoko Kaneko, Nobukazu Yoshioka, Ryoichi Sasaki

    2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)     168 - 175  2020年12月  [査読有り]

    DOI

  • 伝票突合せアセスメント手法の業務プロセスへの適用事例研究

    河本高文, 二木厚吉, 吉岡信和

    コンピュータセキュリティシンポジウム 2020     1 - 8  2020年10月

  • システム理論に基づく事故分析手法CASTによる情報セキュリティ・インシデント分析

    金子朋子, 高橋雄志, 吉岡信和, 佐々木良一

    コンピュータセキュリティシンポジウム 2020     1 - 6  2020年10月

  • A five-layer model for analyses of complex socio-technical systems

    Tomoko Kaneko, Nobukazu Yoshioka

    the 27nd Conference on Pattern Languages of Programs Conference 2020 (PLoP 2020)     1 - 26  2020年10月  [査読有り]

  • Landscape of Architecture and Design Patterns for IoT Systems

    Hironori Washizaki, Shinpei Ogata, Atsuo Hazeyama, Takao Okubo, Eduardo B. Fernandez, Nobukazu Yoshioka

    IEEE Internet of Things Journal   7 ( 10 ) 10091 - 10101  2020年10月  [査読有り]

    DOI

  • 機械学習システム全体としての安全性確保の提案

    金子朋子, 髙橋雄志, 吉岡信和

    電子情報通信学会技術研究報告 知能ソフトウェア工学   120 ( 170 ) 25 - 30  2020年09月

  • A Tool to Manage Traceability on Several Models and Its Use Case

    Haruhiko Kaiya, Shogo Tatsui, Atsuo Hazeyama, Shinpei Ogata, Takao Okubo, Nobukazu Yoshioka, Hironori Washizaki

    24th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems (KES2020)   176   1449 - 1458  2020年09月  [査読有り]

    DOI

  • イベント割込みによる業務プロセスの伝票不整合リスク改善手法

    河本高文, 二木厚吉, 吉岡信和

    情報処理学会論文誌   61 ( 9 ) 1486 - 1494  2020年09月  [査読有り]

  • Experimental Evaluation of Traceability Checking Tool for Goal Dependency Modeling

    Haruhiko Kaiya, Wataru Fujita, Ryotaro Yamada, Atsuo Hazeyama, Shinpei Ogata, Takao Okubo, Nobukazu Yoshioka, Hironori Washizaki

    13th International Joint Conference on Knowledge-Based Software Engineering (JCKBSE 2020)     70 - 83  2020年08月  [査読有り]

    DOI

  • STAMP S&S: Layered Modeling for the Complexed System in the Society of AI/IoT

    Tomoko Kaneko, Nobukazu Yoshioka

    13th International Joint Conference on Knowledge-Based Software Engineering (JCKBSE 2020)     122 - 131  2020年08月  [査読有り]

    DOI

  • Smart SE: Smart Systems and Services Innovative Professional Education Program

    Hironori Washizaki, Kenji Tei, Kazunori Ueda, Hayato Yamana, Yoshiaki Fukazawa, Shinichi Honiden, Shoichi Okazaki, Nobukazu Yoshioka, Naoshi Uchihira

    2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)    2020年07月

    DOI

  • A Method for Assessing the Reliability of Business Processes that Reflects Transaction Documents Checking for each Department

    Takafumi Komoto, Kokichi Futatsugi, Nobukazu Yoshioka

    2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)     1758 - 1763  2020年07月  [査読有り]

    DOI

  • Incidents Are Meant for Learning, Not Repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems

    Faeq Rimawi, Liliana Pasquale, Deepak Mehta, Nobukazu Yoshioka, Bashar Nuseibeh

    IEEE Transactions on Software Engineering     1 - 12  2020年03月  [査読有り]

  • Towards A Knowledge Base for Software Developers to Choose Suitable Traceability Techniques

    Haruhiko Kaiya, Atsuo Hazeyama, Shinpei Ogata, Takao Okubo, Nobukazu Yoshioka, Hironori Washizaki

    Procedia Computer Science   159   1075 - 1084  2019年09月  [査読有り]

    DOI

  • A System for Seamlessly Supporting from Security Requirements Analysis to Security Design using a Software Security Knowledge Base

    Atsuo Hazeyama, Hikaru Miyahara, Takafumi Tanaka, Hironori Washizaki, Haruhiko Kaiya, Takao Okubo, Nobukazu Yoshioka

    The 6th International Workshop on The Evolving Security and Privacy Requirements Engineering (ESPRE 2019)     134 - 140  2019年09月  [査読有り]

  • 業務プロセスの伝票不整合リスクの改善手法

    河本高文, 二木厚吉, 吉岡 信和

    情報処理学会論文誌   60 ( 9 ) 1500 - 1508  2019年09月  [査読有り]

  • How do Engineers Perceive Difficulties in Engineering of Machine-Learning Systems? - Questionnaire Survey

    Fuyuki Ishikawa, Nobukazu Yoshioka

    Joint International Workshop on Conducting Empirical Studies in Industry and 6th International Workshop on Software Engineering Research and Industrial Practice (CESSER-IP 2019) at The 41st ACM/IEEE International Conference on Software Engineering (ICSE 2     2 - 9  2019年05月  [査読有り]

  • Landscape of IoT Patterns.

    Hironori Washizaki, Nobukazu Yoshioka, Atsuo Hazeyama, Takehisa Kato, Haruhiko Kaiya, Shinpei Ogata, Takao Okubo, Eduardo B. Fernández

    CoRR   abs/1902.09718  2019年

  • Designing Secure Software by Testing Application of Security Patterns

    Takanori Kobashi, Hironori Washizaki, Nobukazu Yoshioka, Haruhiko Kaiya, Takao Okubo, Yoshiaki Fukazawa

    Exploring Security in Software Architecture and Design   - 34  2019年  [査読有り]

    DOI

  • Landscape of IoT patterns.

    Hironori Washizaki, Nobukazu Yoshioka, Atsuo Hazeyama, Takehisa Kato, Haruhiko Kaiya, Shinpei Ogata, Takao Okubo, Eduardo B. Fernández

    Proceedings of the 1st International Workshop on Software Engineering Research & Practices for the Internet of Things, SERP4IoT@ICSE 2019, Montreal, QC, Canada, May 27, 2019.     57 - 60  2019年  [査読有り]

  • Restructuring Attack Trees to Identify Incorrect or Missing Relationships between Nodes

    Hua Cai, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

    Restructuring Attack Trees to Identify Incorrect or Missing Relationships between Nodes     1 - 8  2018年12月  [査読有り]

  • Taxonomy and Literature Survey of Security Pattern Research

    Hironori Washizaki, Tian Xia, Natsumi Kamata, Yoshiaki Fukazawa, Hideyuki Kanuka, Dan Yamamoto, Masayuki Yoshino, Takao Okubo, Shinpei Ogata, Haruhiko Kaiya, Takehisa Kato, Takafumi Tanaka, Atsuo Hazeyama, Nobukazu Yoshioka, G Priyalakshmi

    AINS 2018     87 - 92  2018年11月  [査読有り]

  • Taxonomy and Literature Survey of Security Pattern Research

    Hironori Washizaki, Tian Xia, Natsumi Kamata, Yoshiaki Fukazawa, Hideyuki Kanuka, Dan Yamaoto, Masayuki Yoshino, Takao Okubo, Shinpei Ogata, Haruhiko Kaiya, Takehisa Kato, Atsuo Hazeyama, Takafumi Tanaka, Nobukazu Yoshioka, G Priyalakshmi

    IEEE Conference on Applications, Information and Network Security (AINS)     1 - 6  2018年11月  [査読有り]

  • Using Security Patterns to Develop Secure Systems - Ten Years Later

    Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka

    International Journal of Systems and Software Security and Protection (IJSSSP)   9 ( 4 ) 1 - 12  2018年10月  [査読有り]

  • 業務プロセスの信頼性のアセスメントツール

    河本 高文, 二木 厚吉, 吉岡 信和

    コンピュータセキュリティシンポジウム2017論文集   ( 2 ) 1280 - 1287  2018年10月

  • 部門ごとの伝票突合せを反映した業務プロセスの信頼性のアセスメント手法

    河本 高文, 二木 厚吉, 吉岡 信和

    情報処理学会論文誌   59 ( 9 ) 1699 - 1708  2018年09月  [査読有り]

  • Evaluating the degree of security of a system built using security patterns

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    Proceedings of the 13th International Conference on Availability, Reliability and Security (ARES 2018)     43:1 - 43:8  2018年08月  [査読有り]

  • Security Requirement Modeling Support System Using Software Security Knowledge Base

    Atsuo Hazeyama, Shun'ichi Tanaka, Takafumi Tanaka, Hiroaki Hashiura, Seiji Munetoh, Takao Okubo, Haruhiko Kaiya, Hironori Washizaki, Nobukazu Yoshioka

    2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)     234 - 239  2018年07月  [査読有り]

  • 機械学習システムの現状と課題そしてこれからのことを話そう

    吉岡信和, 石川冬樹

    第1回機械学習工学ワークショップ(MLSE2018)論文集     82 - 89  2018年07月

  • 機械学習システムがセキュリティに出会うとき

    吉岡 信和

    第1回機械学習工学ワークショップ(MLSE2018)論文集     49 - 53  2018年07月

  • An abstract security pattern for Authentication and a derived concrete pattern, the Credential-based Authentication

    EDUARDO B, FERNANDEZ, NOBUKAZU YOSHIOKA, HIRONORI WASHIZAKI, JOSEPH YODER

    7th Asian Conference on Pattern Languages of Programs (AsianPLoP 2018)    2018年03月  [査読有り]

  • セキュリティ要求分析・保証の統合手法CC-Caseの有効性評価実験

    金子朋子, 高橋雄志, 勅使河原可海, 吉岡信和, 山本修一郎, 大久保隆夫, 田中英彦

    情報処理学会論文誌:コンシューマ・デバイス&システム   8 ( 1 ) 11 - 19  2018年01月  [査読有り]

  • Goal Modeling for Security Problem Matching and Pattern Enforcement

    Yijun Yu, Haruhiko Kaiya, Nobukazu Yoshioka, Zhenjiang Hu, Hironori Washizaki, Yingfei Xiong, Amin Hosseinian-Far

    International Journal of Secure Software Engineering (IJSSE)     1 - 19  2018年  [査読有り]  [招待有り]

  • Cloud Security and Privacy Metamodel - Metamodel for Security and Privacy Knowledge in Cloud Services

    Tian Xia, Hironori Washizaki, Takehisa Kato, Haruhiko Kaiya, Shinpei Ogata, Eduardo B. Fernandez, Hideyuki Kanuka, Masayuki Yoshino, Dan Yamamoto, Takao Okubo, Nobukazu Yoshioka, Atsuo Hazeyama

    Proceedings of 6th International Conference on Model-Driven Engineering and Software Development (MODELSWARD 2018)     1 - 8  2018年01月  [査読有り]

    DOI

  • Eliciting requirements for improving users’ behavior using transparency

    Haruhiko Kaiya, Nobukazu Yoshioka, Hironori Washizaki, Takao Okubo, Atsuo Hazeyama, Shinpei Ogata, Takafumi Tanaka

    Communications in Computer and Information Science   809   41 - 56  2018年  [査読有り]

     概要を見る

    A software system is developed for satisfying requirements of stakeholders. Each requirement will be never satisfied without the collaboration of several components such as the system, devices and people interacting with them, i.e. users. However, a user does not or cannot always behave toward the other components according to their expectations. For example, a user sometimes makes mistake or even misuse of the system. The system thus has to encourage users to behave according to such expectations as well as possible. In this paper, we propose a method for eliciting software requirements that will improve users’ behavior with respect to the expectations. We rely on transparency, i.e. the open flow of information amongst stakeholders because no one can directly manipulate users but transparency has an influence on users’ behavior. We expect users will voluntarily behave better than ever when the system provides suitable information flows. We represent our method by using KAOS goal modeling notation, and show examples how it works.

    DOI

  • ER 2016参加報告

    中川 博之, 小林 努, 林 晋平, 吉岡 信和, 鵜林 尚靖

    コンピュータ ソフトウェア   34 ( 3 ) 3_75 - 3_80  2017年

    DOI CiNii

  • Preliminary Systematic Literature Review of Software and Systems Traceability

    Haruhiko Kaiya, Ryohei Sato, Atsuo Hazeyama, Shinpei Ogata, Takao Okubo, Takafumi Tanaka, Nobukazu Yoshioka, Hironori Washizaki

    Procedia Computer Science   112   1141 - 1150  2017年  [査読有り]

     概要を見る

    Traceability is important knowledge for improving the artifacts of software and systems and processes related to them. Even in a single system, various kinds of artifacts exist. Various kinds of processes also exist, and each of them relates to different kinds of artifacts. Traceability over them has thus large diversity. In addition, developers in each process have different types of purposes to improve their artifacts and process. Research results in traceability have to be categorized and analyzed so that such a developer can choose one of them to achieve his/her purposes. In this paper, we report on the results of Systematic Literature Review (SLR) related to software and systems traceability. Our SLR is preliminary one because we only analyzed articles in ACM digital library and IEEE computer society digital library. We found several interesting trends in traceability research. For example, researches related to creating or maintaining traceability are larger than those related to using it or thinking its strategy. Various kinds of traceability purposes are addressed or assumed in many researches, but some researches do not specify purposes. Purposes related to changes and updates are dominant.

    DOI

  • Assessing business processes by checking transaction documents for inconsistency risks and a tool for risk assessment

    Takafumi Komoto, Kokichi Futatsugi, Nobukazu Yoshioka

    Lecture Notes in Business Information Processing   275   70 - 82  2017年  [査読有り]  [招待有り]

     概要を見る

    Business processes can be assessed by checking transaction documents for inconsistency risks and can be classified into two categories. Inconsistency refers to a mismatch between items (product name, quantity, unit price, amount price, etc.) among transaction documents. For any process in the first category, the consistency of any pair of transaction documents in the process is checked, and there is no risk of inconsistency. For any process in the second category, the consistency of some pairs of transaction documents in the process cannot be checked, and there is a risk of inconsistency. This paper proposes a method and a tool for the assessment of risk inconsistencies. The assessment can be used to design and evaluate business processes for a company’s internal control over financial reporting. A business process diagram and inconsistency risk detection algorithm for classifying business processes is provided. A BPA-tool (Business Process Assessment tool) is also presented.

    DOI

  • JMOOCおけるプログラミング入門講座の設計及び実施

    古川雅子, 岡本裕子, 吉岡信和, 山地一禎

    2016年度大学ICT推進協議会年次大会   FE23   1 - 4  2016年12月

  • Implementation support of security design patterns using test templates

    Masatoshi Yoshizawa, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

    Information (Switzerland)   7 ( 2 ) 1 - 19  2016年06月  [査読有り]

     概要を見る

    Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an "aspect test template" to observe the internal processing and a "test case template". Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

    DOI

  • Assessing Business Processes by Checking Transaction Documents for Inconsistency Risks

    Takafumi Komoto, Kokichi Futatsugi, Nobukazu Yoshioka

    Proceedings of the sixth International Symposium on Business Modeling and Software Design     39 - 45  2016年06月  [査読有り]

  • Modeling and security in cloud ecosystems

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Madiha H. Syed

    Future Internet   8 ( 2 ) 1 - 15  2016年04月  [査読有り]

     概要を見る

    Clouds do not work in isolation but interact with other clouds and with a variety of systems either developed by the same provider or by external entities with the purpose to interact with them
    forming then an ecosystem. A software ecosystem is a collection of software systems that have been developed to coexist and evolve together. The stakeholders of such a system need a variety of models to give them a perspective of the possibilities of the system, to evaluate specific quality attributes, and to extend the system. A powerful representation when building or using software ecosystems is the use of architectural models, which describe the structural aspects of such a system. These models have value for security and compliance, are useful to build new systems, can be used to define service contracts, find where quality factors can be monitored, and to plan further expansion. We have described a cloud ecosystem in the form of a pattern diagram where its components are patterns and reference architectures. A pattern is an encapsulated solution to a recurrent problem. We have recently expanded these models to cover fog systems and containers. Fog Computing is a highly-virtualized platform that provides compute, storage, and networking services between end devices and Cloud Computing Data Centers
    a Software Container provides an execution environment for applications sharing a host operating system, binaries, and libraries with other containers. We intend to use this architecture to answer a variety of questions about the security of this system as well as a reference to design interacting combinations of heterogeneous components. We defined a metamodel to relate security concepts which is being expanded.

    DOI

  • 組込み向け進化型ソフトウェアの効率的な拡張性強化手法

    佐々木隆益, 吉岡信和, 田原康之, 大須賀昭彦

    情報処理学会論文誌   57 ( 2 ) 730 - 744  2016年02月  [査読有り]

  • A Metamodel for Security and Privacy Knowledge in Cloud Services

    Hironori Washizaki, Sota Fukumoto, Misato Yamamoto, Takehisa Kato, Shinpei Ogata, Haruhiko Kaiya, Eduardo B. Fernandez, Hideyuki Kanuka, Yuki Kondo, Nobukazu Yoshioka, Takao Okubo, Atsuo Hazeyama, Masatoshi Yoshizawa, Yoshiaki Fukazawa

    Proceedings 2016 IEEE World Congress on Services - SERVICES 2016     142 - 143  2016年  [査読有り]

     概要を見る

    We propose a metamodel for handling security and privacy in cloud service development and operation. The metamodel is expected to be utilized for building a knowledge base to accumulate, classify and reuse existing cloud security and privacy patterns and practices in a consistent and uniform way. Moreover the metamodel and knowledge base are expected to be utilized for designing and maintaining architectures for cloud service systems incorporating security and privacy.

    DOI

  • Literature Survey on Technologies for Developing Privacy-Aware Software

    Atsuo Hazeyama, Nobukazu Yoshioka, Takao Okubo, Hironori Washizaki, Haruhiko Kaiya

    2016 IEEE 24TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW)     86 - 91  2016年  [査読有り]

     概要を見る

    Software development requires the protection of privacy. However, a body of knowledge does not exist for the development of privacy-aware software. Based on a literature survey, this paper introduces various studies that address knowledge regarding the development of privacy-aware software, and describes the current status and future direction toward building a knowledge base for privacy-aware software development.

    DOI

  • Requirements Analysis for Privacy Protection and Third Party Awareness Using Logging Models

    Haruhiko Kaiya, Nobukazu Yoshioka, Takao Okubo, Hironori Washizaki, Atsuo Hazeyama

    NEW TRENDS IN SOFTWARE METHODOLOGIES, TOOLS AND TECHNIQUES   286   155 - 166  2016年  [査読有り]

     概要を見る

    An information system can store personal information of its primary users such as shopping histories, and some third party wants or happens to know such information. Because the system usually provides its privacy policy and its users have to give their consent to it, they sometimes have to partially give up the protection of their privacy. On the other hand, a chance of a third party to know such information is too limited if the policy is too defensive. We proposed a method to explore trade-offs between protection of such information and access permissions for a third party, and exemplified it. In this method, operation logs of a system are focused. The structure of each log is then modelled for analysing what kinds of information can be accessed by a third party. Access limitations of each third party are explored so as to balance the protection of privacy information against access right of third parties.

    DOI

  • Reproducible Scientific Computing Environment with Overlay Cloud Architecture.

    Shigetoshi Yokoyama, Yoshinobu Masatani, Tazro Ohta, Osamu Ogasawara, Nobukazu Yoshioka, Kai Liu, Kento Aida

    Proceedings of 9th IEEE International Conference on Cloud Computing (IEEE CLOUD 2016)     774 - 781  2016年  [査読有り]

    DOI

  • Security in Cloud Computing and Big Data

    Eduardo Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Madiha Syed

    Journal of Future Internet   8 ( 2 ) 1 - 13  2016年  [査読有り]

  • シーケンス図を用いたモデル検査支援ツールcsp-seq

    後藤隼弐, 吉岡信和

    コンピュータソフトウェア   32 ( 4 ) 50 - 73  2015年12月  [査読有り]

    DOI

  • Performance Exploring Using Model Checking A Case Study of Hard Disk Drive Cache Function

    Takehiko Nagano, Kazuyoshi Serizawa, Nobukazu Yoshioka, Yasuyuki Tahara, Akihiko Ohsuga

    The Tenth International Conference on Software Engineering Advances (ICSEA 2015)     31 - 39  2015年12月  [査読有り]

  • A Method for Efficient Extensibility Improvements in Embedded Software Evolution

    Takanori Sasaki, Nobukazu Yoshioka, Yasuyuki Tahara, Akihiko Ohsuga

    Journal of Software   10 ( 12 ) 1375 - 1388  2015年12月  [査読有り]

  • Systematic Mapping of Security Patterns Research

    Yurina Ito, Hironori Washizaki, Masatoshi Yoshizawa, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya, Atsuo Hazeyama, Nobukazu Yoshioka, Eduardo B. Fernandez

    Proceedings of the 22nd Conference on Pattern Languages of Programs Conference 2015 (PLoP 2015)    2015年10月  [査読有り]

  • Finding Potential Threats in Several Security Targets for Eliciting Security Requirements

    Haruhiko Kaiya, Shinpei Ogata, Shinpei Hayashi, Motoshi Saeki, Takao Okubo, Nobukazu Yoshioka, Hironori Washizaki, Atsuo Hazeyama

    10th International Multi-Conference on Computing in the Global Information Technology (ICCGI 2015)     83 - 92  2015年10月  [査読有り]

  • 業務プロセスの品質の判定法

    河本高文, 二木厚吉, 吉岡信和

    情報処理学会論文誌   56 ( 9 ) 1794 - 1800  2015年09月  [査読有り]

  • Method Using Command Abstraction Library for Iterative Testing Security of Web Application

    Seiji Muneto, Noukazu Yoshioka

    International Journal of Secure Software Engineering (IJSSE)   6 ( 3 ) 26 - 49  2015年07月  [査読有り]

  • Keys and Roles of Formal Methods Education for Industry: 10 Year Experience with Top SE Program

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yoshinori Tanabe

    Proceedings of the First Workshop on Formal Methods in Software Engineering Education and Training (FMSEE&T '15)     35 - 42  2015年06月  [査読有り]

  • Overlay Cloudによるバイオインフォマティクスパイプライン再現環境の構築

    横山 重俊, 政谷 好伸, 小笠原 理, 大田 達郎, 吉岡 信和, 合田 憲人

    ハイパフォーマンスコンピューティングと計算科学シンポジウム論文集   ( 2015 ) 101 - 101  2015年05月  [査読有り]

    CiNii

  • Cloud Access Security Broker (CASB): A pattern for accessing secure cloud services

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    Proceedings of the 4th Asian Conference on Pattern Languages of Programs (AsianPLoP 2015)    2015年03月  [査読有り]

  • A Distributed Cloud Architecture for Academic Community Cloud.

    Shigetoshi Yokoyama, Nobukazu Yoshioka

    Cloud Computing and Services Sciences - International Conference in Cloud Computing and Services Sciences, CLOSER 2014, Barcelona Spain, April 3-5, 2014, Revised Selected Papers   512   169 - 186  2015年  [査読有り]

    DOI

  • Patterns for Security and Privacy in Cloud Ecosystems

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    2015 IEEE 2ND WORKSHOP ON EVOLVING SECURITY AND PRIVACY REQUIREMENTS ENGINEERING (ESPRE)     13 - 18  2015年  [査読有り]

     概要を見る

    An ecosystem is the expansion of a software product line architecture to include systems outside the product which interact with the product. We model here the architecture of a cloud-based ecosystem, showing security patterns for its main components. We discuss the value of this type of models.

    DOI

  • A Case-based Management System for Secure Software Development Using Software Security Knowledge

    Masahito Saito, Atsuo Hazeyama, Nobukazu Yoshioka, Takanori Kobashi, Hironori Washizaki, Haruhiko Kaiya, Takao Ohkubo

    KNOWLEDGE-BASED AND INTELLIGENT INFORMATION & ENGINEERING SYSTEMS 19TH ANNUAL CONFERENCE, KES-2015   60   1092 - 1100  2015年  [査読有り]  [招待有り]

     概要を見る

    In recent years, importance on software security technologies has been recognized and various types of technologies have been developed. On the other hand, in spite of recognition of necessity of providing cases that deal with full life cycle for secure software development, only few are reported. This paper describes a case-based management system (CBMS) that consists of an artifact management system and a knowledge-based management system (KBMS) to manage cases for secure software development. The former manages the artifacts created in secure software life cycle. The latter manages software security knowledge. The case-based management system also manages association between artifacts and software security knowledge and supports both visualization among software security knowledge and between artifacts and software security knowledge. We conducted an experiment to evaluate the system. We describe the effectiveness and future work of the system. (C) 2015 The Authors. Published by Elsevier B.V

    DOI

  • Case Base for Secure Software Development Using Software Security Knowledge Base

    Atsuo Hazeyama, Masahito Saito, Nobukazu Yoshioka, Azusa Kumagai, Takanori Kobashi, Hironori Washizaki, Haruhiko Kaiya, Takao Okubo

    IEEE 39TH ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE WORKSHOPS (COMPSAC 2015), VOL 3     97 - 103  2015年  [査読有り]

     概要を見る

    The importance of software security technologies has been gaining attention due to the increase in services on the Internet. Various technologies regarding software security have been developed. However, we believe knowledge regarding software security is not integrated; therefore, we have been developing a knowledge base for secure software development. We previously proposed a learning model that associates artifacts created in secure software development with knowledge in the knowledge base as design rationale. However, only a few case studies that addressed a full life cycle for secure software development have been reported. To mitigate this lack in reported case studies, Okubo et al. created a common task regarding software security. In this study, we developed a case base of secure software development whose artifacts are associated with the knowledge base using this common task as a case.

    DOI

  • TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing

    Takanori Kobashi, Masatoshi Yoshizawa, Hironori Washizaki, Yoshiaki Fukazawa, Nobukazu Yoshioka, Takano Okubo, Haruhiko Kaiya

    2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)     1 - 8  2015年  [査読有り]

     概要を見る

    Because software developers are not necessarily security experts, identifying potential threats and vulnerabilities in the early stage of the development process (e.g., the requirement-or design-phase) is insufficient. Even if these issues are addressed at an early stage, it does not guarantee that the final software product actually satisfies security requirements. To realize secure designs, we propose extended security patterns, which include requirement-and design-level patterns as well as a new model testing process. Our approach is implemented in a tool called TESEM (Test Driven Secure Modeling Tool), which supports pattern applications by creating a script to execute model testing automatically. During an early development stage, the developer specifies threats and vulnerabilities in the target system, and then TESEM verifies whether the security patterns are properly applied and assesses whether these vulnerabilities are resolved.

    DOI

  • Verifying Implementation of Security Design Patterns Using a Test Template

    Masatoshi Yoshizawa, Takanori Kobashi, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

    2014 NINTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES)     178 - 183  2015年  [査読有り]

     概要を見る

    Although security patterns contain security expert knowledge to support software developers, these patterns may be inappropriately applied because most developers are not security specialists, leading to threats and vulnerabilities. Here we propose a validation method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, which consists of the "aspect test template" to observe the internal processing and the "test case template". Providing design information creates a test from the test template. Because a test template is recyclable, it can create easily a test, which can validate the security design patterns. As a case study, we applied our method to a web system. The result shows that our method can test repetition in the early stage of implementation, verify pattern applications, and assess whether vulnerabilities are resolved.

    DOI

  • モデル検査による設計検証

    吉岡信和, 田辺良則, 田原康之, 長谷川哲夫, 磯部祥尚

    コンピュータソフトウェア   31 ( 4 )  2014年11月  [査読有り]  [招待有り]

    DOI

  • 業務プロセスの品質の判定法

    河本高文, 二木厚吉, 吉岡信和

    コンピュータセキュリティシンポジウム2014     260 - 267  2014年10月

  • アカデミッククラウド実現にむけたクラウド支援サービス

    合田憲人, 山地一禎, 中村素典, 横山重俊, 吉岡信和, 政谷好伸, 西村浩二, 棟朝雅晴

    電子情報通信学会技術研究報告インターネットアーキテクチャ   114 ( 236 ) 1 - 5  2014年09月

  • CPU使用率とメモリ帯域使用率を考慮した性能予測手法

    若林昇, 吉岡信和

    研究報告コンシューマ・デバイス&システム   2014-CDS-11 ( 10 ) 1 - 7  2014年08月

  • Abstract security patterns for requirements and analysis of secure systems

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Joseph Yoder

    17th Workshop on Requirements Engineering(WER 2014)    2014年04月  [査読有り]

  • 広大な「マップ」を活用したクラウド監視システムの実運用への適用

    谷沢智史, 中川晋吾, 金指文明, 西村一彦, 長久勝, 横山重俊, 吉岡信和

    電子情報通信学会, 信学技報,IEICE-ICM2013-79   IEICE-113 ( 492 ) 161 - 165  2014年03月

     概要を見る

    国立情報学研究所では仮想マシン貸し出し型のプライベートクラウドedubase Cloudや,物理マシン貸し出し型のプラィベートクラウドの開発,運用を行なっており,さらに,新たにインタークラウド基盤プロトタイプの開発を行い,試験運用を開始している.我々はクラウド運用を効率化するため,編集可能な広大な「マップ」アプローチを提案し,実運用に適用した.この適用事例について報告し,よりよいマップを作るための支援機構について提案する.

    CiNii

  • Patterns for cloud firewalls

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    3rd Asian Conference on Pattern Languages of Programs (AsianPLoP 2014)    2014年03月  [査読有り]

  • A Patern Langauge for Academic Cloud Servicres

    Masaru Nagaku, Satoshi Yazawa, Kenjiro Yamanaka, Nobukazu Yoshioka, Shigetoshi Yokoyama

    AsianPLoP    2014年03月  [査読有り]

  • On-demand Cloud Architecture for Academic Community Cloud - Another Approach to Inter-cloud Collaboration.

    Shigetoshi Yokoyama, Nobukazu Yoshioka

    4th International Conference on cloud computing and service science     661 - 670  2014年  [査読有り]

    DOI

  • Network traffic optimization architecture for scalability in academic inter-cloud computing environments.

    Shigetoshi Yokoyama, Atsushi Matsumoto, Nobukazu Yoshioka

    Network traffic optimization architecture for scalability in academic inter-cloud computing environments", International Workshop on Hot Topics in Cloud service Scalability (HotTopiCS-2014)     1 - 6  2014年  [査読有り]

    DOI

  • Security Driven Requirements Refinement and Exploration of Architecture with multiple NFR points of view

    Takao Okubo, Nobukazu Yoshioka, Haruhiko Kaiya

    2014 IEEE 15TH INTERNATIONAL SYMPOSIUM ON HIGH-ASSURANCE SYSTEMS ENGINEERING (HASE)     201 - 205  2014年  [査読有り]

     概要を見る

    Earlier software architecture design is essential particularly when it comes to security concerns, since security risks, requirements and architectures are all closely interrelated and interacting. We have proposed the security driven twin peaks method with a mutual refinement of the requirements, and architectures. However, there are multiple alternatives to an architecture design for initial requirements, and their choices depend on non-functional requirements (NFRs), such as security, performance, and cost which often largely change. We propose a new method we call TPM-SA2 to avoid any back-track in refinement. Each architectural alternative in TPM-SA2 is refined so that it aligns with the requirements. For each refinement, the requirements can be updated vice versa. TPM-SA2 enables us to predict the impacts on the NFRs by each candidate for the architecture, and choose the most appropriate one with respect to the impact. As a result, we can define the requirements and architectures, and estimated the development costs earlier than ever.

    DOI

  • Validating Security Design Pattern Applications by Testing Design Models

    Takanori Kobashi, Nobukazu Yoshioka, Takao Okubo, Haruhiko Kaiya, Hironori Washizaki, Yoshiaki Fukazawa

    International Journal of Secure Software Engineering (IJSSE)   5 ( 4 ) 1 - 30  2014年  [査読有り]

  • Security and Privacy Behavior Definition for Behavior Driven Development

    Takao Okubo, Yoshio Kakizaki, Takanori Kobashi, Hironori Washizaki, Shinpei Ogata, Haruhiko Kaiya, Nobukazu Yoshioka

    PRODUCT-FOCUSED SOFTWARE PROCESS IMPROVEMENT, PROFES 2014   8892   306 - 309  2014年  [査読有り]

     概要を見る

    There is an issue when security measures are implemented and tested while using agile software development techniques such as Behavior Driven Development (BDD). We need to define the necessary levels of security and the privacy behaviors and acceptance criteria for the BDD. A method for defining the acceptance criteria (BehaveSafe) by creating a threat and countermeasure graph called the T&C graph is proposed in this paper. We have estimated the efficiency of our method with a web based system.

  • Evaluation of Flexibility to Changes Focusing on the Variable Structures in Legacy Software

    Takanori Sasaki, Nobukazu Yoshioka, Yasuyuki Tahara, Akihiko Ohsuga

    KNOWLEDGE-BASED SOFTWARE ENGINEERING, JCKBSE 2014   466   252 - 269  2014年  [査読有り]

     概要を見る

    Light weight development processes like Agile have emerged in response to rapidly changing market requirements. However such processes are inadequate for software in embedded systems. As embedded software undergoes frequent refactoring, targeting only immediate requirements. As a result maintainability decreases because the system is not designed to respond to changes in the associated hardware. In this paper, we propose a method for detection of variation points and variability mechanisms. We also propose a technique for evaluation of flexibility to changes. Our approach is based on analyses of the call graph and the inheritance structure of source code to identify a layer structure that is specific to embedded software. These techniques provide us with objective and quantitative information about costs of adding functionality. We applied the proposal method to an actual product's code before and after the refactoring and could verify an improvement in system's variability.

    DOI

  • MASG: Advanced misuse case analysis model with assets and security goals

    Takao Okubo, Kenji Taguchi, Haruhiko Kaiya, Nobukazu Yoshioka

    Journal of Information Processing   22 ( 3 ) 536 - 546  2014年  [査読有り]

     概要を見る

    Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do. © 2014 Information Processing Society of Japan.

    DOI

  • Security Requirements Analysis Using Knowledge in CAPEC

    Haruhiko Kaiya, Sho Kono, Shinpei Ogata, Takao Okubo, Nobukazu Yoshioka, Hironori Washizaki, Kenji Kaijiri

    ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS   178   343 - 348  2014年  [査読有り]

     概要を見る

    Because all the requirements analysts are not the experts of security, providing security knowledge automatically is one of the effective means for supporting security requirements elicitation. We propose a method for eliciting security requirements on the basis of Common Attack Patterns Enumeration and Classification (CAPEC). A requirements analyst can automatically acquire the candidates of attacks against a functional requirement with the help of our method. Because technical terms are mainly used in the descriptions in CAPEC and usual phrases are used in the requirements descriptions, there are gaps between them. To bridge the gaps, our method contains a mapping between technical terms and noun phrases called term maps.

    DOI

  • Requirements Refinement and Exploration of Architecture for Security and Other NFRs

    Takao Okubo, Nobukazu Yoshioka, Haruhiko Kaiya

    ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS   178   286 - 298  2014年  [査読有り]

     概要を見る

    Earlier software architecture design is essential particularly when it comes to security concerns, since security risks, requirements and architectures are all closely interrelated and interacting. We have proposed the security driven twin peaks method with a mutual refinement of the requirements, and architectures. However, there are multiple alternatives to an architecture design for initial requirements, and their choices depend on non-functional requirements (NFRs), such as security, performance, and costs which have a big impact on the quality of the software. We propose a new method called TPM-SA2 to avoid any back-track in refinement. Each architectural alternative in TPM-SA2 is refined so that it aligns with the requirements. For each refinement, the requirements can be updated vice versa. TPM-SA2 enables us to predict the impacts on the NFRs by each candidate for the architecture, and choose the most appropriate one with respect to the impact. As a result, we can define the requirements and architectures, and estimated the development costs earlier than ever.

    DOI

  • プライバシーを守ったITサービスの提供技術:0.編集にあたって

    吉岡, 信和, 佐久間, 淳, 竹之内, 隆夫

    情報処理   54 ( 11 ) 1104 - 1105  2013年10月

  • プライベートプラウド監視ツールの開発に向けた一考察

    谷沢智史, 西村一彦, 長久勝, 横山重俊, 吉岡信和

      113 ( 86 ) 41 - 46  2013年06月

  • リスク分析手法とモデル検査を組合せた高信頼設計プロセスの提案

    若林昇, 吉岡信和

      2013-SE-179 ( 34 ) 1 - 7  2013年03月

  • アカデミッククラウドアーキテクチャの提案と評価

    横山重俊, 桑田 喜隆, 吉岡信和

    情報処理学会論文誌   54 ( 2 ) 688 - 698  2013年02月  [査読有り]

  • Model-assisted access control implementation for code-centric ruby-on-rails web application development

    Seiji Munetoh, Nobukazu Yoshioka

    Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013     350 - 359  2013年  [査読有り]

     概要を見る

    In a Web application framework suitable for a code-centric development approach, maintaining the faultlessness of the security features is an issue because the security features are dispersed throughout the code during the implementation. In this paper, we propose a method and develop a static verification tool for Web applications that checks the completeness of the security features implementation. The tool generates a navigation model from an application code while retaining the security properties and then checks the consistency of the security properties on the model since access control is relevant to the application behavior. We applied the proposed tool to various Ruby on Rails Web application source codes and then tested their authentication and authorization features. Results showed that the tool is an effective aid in the implementation of security features in code-centric and iterative Web application development. © 2013 IEEE.

    DOI

  • Validating security design patterns application using model testing

    Takanori Kobashi, Nobukazu Yoshioka, Takao Okubo, Haruhiko Kaiya, Hironori Washizaki, Yoshiaki Fukazawa

    Proceedings - 2013 International Conference on Availability, Reliability and Security, ARES 2013     62 - 71  2013年  [査読有り]

     概要を見る

    Software developers are not necessarily security specialists, security patterns provide developers with the knowledge of security specialists. Although security patterns are reusable and include security knowledge, it is possible to inappropriately apply a security pattern or that a properly applied pattern does not mitigate threats and vulnerabilities. Herein we propose a method to validate security pattern applications. Our method provides extended security patterns, which include requirement- and design-level patterns as well as a new model testing process using these patterns. Developers specify the threats and vulnerabilities in the target system during an early stage of development, and then our method validates whether the security patterns are properly applied and assesses whether these vulnerabilities are resolved. © 2013 IEEE.

    DOI

  • RAILROADMAP: An Agile Security Testing Framework for Web-application Development

    Seiji Munetoh, Nobukazu Yoshioka

    2013 IEEE SIXTH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION (ICST 2013)     491 - +  2013年  [査読有り]

     概要を見る

    We propose a model-assisted security testing framework for developing Web applications. We devised a tool called "RailroadMap" that automatically extracts a behavior model from the code base of Ruby-on-Rails. This model provides a unified point of view for analyzing security problems by representing an application's behavior, which includes all security functions and possible attack scenarios.

    DOI

  • Goal-Oriented Security Requirements Analysis for a System Used in Several Different Activities

    Haruhiko Kaiya, Takao Okubo, Nobuyuki Kanaya, Yuji Suzuki, Shinpei Ogata, Kenji Kaijiri, Nobukazu Yoshioka

    ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS (CAISE)   148   478 - 489  2013年  [査読有り]

     概要を見る

    Because an information system is used in different activities simultaneously today, we have to analyze usages of the system in the existing activities and to-be usages in an intended activity together. Especially, security aspects should be carefully analyzed because existing activities are not always secure. We propose a security requirements analysis method for resolving this problem. To take both existing and intended activities into account together, we integrate them on the basis of the unification of common actors. To explore possible attacks under integrated activities, we enumerate achievable attacks on the basis of the possible means in each actor with the help of security knowledge. To avoid or mitigate the attacks and to achieve fundamental goals, we disable some means or narrow down the means to be monitored with the help of propositional logic formulae. Through case studies on insurance business, we illustrated our idea.

    DOI

  • モデルテストによるセキュリティ分析・設計パターンの適用支援

    小橋 孝紀, 大久保 隆夫, 海谷 治彦, 吉岡 信和, 伊永 祥太, 鷲崎 弘宜, 深澤良彰

    コンピュータセキュリティシンポジウム 2012     655 - 662  2012年10月

  • Evaluation of Flexibility to Changes Focusing on the Variable Structures in Legacy Software

    Takanori Sasaki, Nobukazu Yoshioka, Yasuyuki Tahara, Akihiko Ohsuga

    Proc. of JCKBSE 2014   2012   171 - 180  2012年08月  [査読有り]

  • Analyzing Impacts on Software Enhancement Caused by Security Design

    Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

    International Journal of Secure Software Engineering (IJSSE), IGI Global     37 - 61  2012年02月  [査読有り]

  • Intercloud Object Storage Service: Colony

    Shigetoshi Yokoyama, Nobukazu Yoshioka, Motonobu Ichimura

    THIRD INTERNATIONAL CONFERENCE ON CLOUD COMPUTING, GRIDS, AND VIRTUALIZATION (CLOUD COMPUTING 2012)     95 - 98  2012年  [査読有り]

     概要を見る

    Intercloud object storage services are crucial for inter-organization research collaborations that need huge amounts of remotely stored data and machine image. This study introduces a prototype implementation of wide-area distributed object storage services, called colony, and describes a trial of its cloud storage architecture and intercloud storage services for academic clouds.

  • Multilevel Modeling of Physiological Systems and Simulation Platform: PhysioDesigner, Flint and Flint K3 Service.

    Yoshiyuki Asai, Takeshi Abe, Masao Okita, Tomohiro Okuyama, Nobukazu Yoshioka, Shigetoshi Yokoyama, Masaru Nagaku, Kenichi Hagihara, Hiroaki Kitano

    The 12th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT)     215 - 219  2012年  [査読有り]

    DOI

  • An Academic Community Cloud Architecture for Science Applications.

    Shigetoshi Yokoyama, Nobukazu Yoshioka

    The 12th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT)     108 - 112  2012年  [査読有り]

    DOI

  • Mutual refinement of security requirements and architecture using twin peaks model

    Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

    Proceedings - International Computer Software and Applications Conference     367 - 372  2012年  [査読有り]

     概要を見る

    It is difficult to sufficiently specify software security requirements because they depend on a software architecture that has not yet been designed. Although the Twin Peaks model is a reference model to elicit a sufficient amount of software requirements in conjunction with the architectural requirements, it is still unclear how the security requirements can be elicited while taking the architecture into consideration. We propose a novel method to elicit the security requirements with architecture elaboration based on the Twin Peaks model, which is called the Twin Peaks Model application for Security Analysis (TMP-SA). In our method, security countermeasures for attacks are elicited as the security requirements incrementally according to the refinement of the architecture. We can comprehensively explore the alternatives for the countermeasures (security requirements) and choose the most suitable one for each project because we can focus on the architecture-specific security issues as well as architecture-independent security issues. We have applied our method to several applications and discuss its advantages and limitations. We found that our method is suitable for iterative development, and it enables us to find threats caused by architectural issues that are severely difficult to find when analyzing only the requirements issues. © 2012 IEEE.

    DOI

  • Dodai-Deploy: Fast Cluster Deployment Tool.

    Shigetoshi Yokoyama, Nobukazu Yoshioka

    19th International Conference on Web Services (ICWS 2012)     681 - 682  2012年  [査読有り]

    DOI

  • edubase cloud: cloud platform for cloud education.

    Shigetoshi Yokoyama, Nobukazu Yoshioka, Takahiro Shida

    First International Workshop on Software Engineering Education based on Real-World Experiences (EduRex 2012)     17 - 20  2012年  [査読有り]

    DOI

  • Cloud in a cloud for cloud education.

    Shigetoshi Yokoyama, Nobukazu Yoshioka, Takahiro Shida

    4th International Workshop on Principles of Engineering Service-Oriented Systems (PESOS)     63 - 64  2012年  [査読有り]

    DOI

  • Cluster as a Service for Self-Deployable Cloud Applications.

    Shigetoshi Yokoyama, Nobukazu Yoshioka

    Proc. of 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid 2012)     703 - 704  2012年  [査読有り]

    DOI

  • System security requirements analysis with answer set programming

    Gideon Bibu, Nobukazu Yoshioka, Julian Padget

    2012 2nd IEEE International Workshop on Requirements Engineering for Systems, Services, and Systems-of-Systems, RESS 2012 - Proceedings     10 - 13  2012年  [査読有り]

     概要を見る

    The need for early consideration of security during system design and development cannot be over-emphasized, since this allows security features to be properly integrated into the system rather than added as patches later on. A necessary pre-requisite is the elicitation and analysis of the security requirements prior to system design. Existing methods for the security requirements phase, such as attack trees and misuse case analysis, use manual means for analysis, with which it is difficult to validate and analyse system properties exhaustively. We present a computational solution to this problem using an institutional (also called normative) specification to capture the requirements in the InstAL action language, which in turn is implemented in answer set programming (a kind of logic programming language). The result of solving the answer set program with respect to a set of events is a set of traces that capture the evolution of the model over time (as defined by the occurrence of events). Verification is achieved by querying the traces for specific system properties. Using a simple scenario, we show how any state of the system can be verified with respect to the events that brought about that state. We also demonstrate how the same traces enable: (i) identification of possible times and causes of security breaches and (ii) establishment of possible consequences of security violations. © 2012 IEEE.

    DOI

  • Three misuse patterns for cloud computing

    Keiko Hashizume, Nobukazu Yoshioka, Eduardo B. Fernandez

    Security Engineering for Cloud Computing: Approaches and Tools     36 - 53  2012年  [査読有り]

     概要を見る

    Cloud computing is a new computing model that allows providers to deliver services on demand by means of virtualization. One of the main concerns in cloud computing is security. In particular, the authors describe some attacks in the form of misuse patterns, where a misuse pattern describes how an attack is performed from the point of view of the attacker. Specially, they describe three misuse patterns: Resource Usage Monitoring Inference, Malicious Virtual Machine Creation, and Malicious Virtual Machine Migration Process. © 2013, IGI Global.

    DOI

  • A Framework for Validating Task Assignment in Multiagent Systems Using Requirements Importance

    Hiroyuki Nakagawa, Nobukazu Yoshioka, Akihiko Ohsuga, Shinichi Honiden

    PRINCIPLES AND PRACTICE OF MULTI-AGENT SYSTEMS   7057   443 - +  2012年  [査読有り]

     概要を見る

    Multi-agent systems (MASs) are one of the effective approaches for dealing with the recent increase in software complexity and their autonomy. In the MAS research community, there has recently been increasing interest in the adoption of requirements engineering techniques to bridge the gap between the system requirements and the system design. One of the most important tasks based on the requirements description in the MAS design activity is the extraction of roles, which are the fundamental components of multi-agent systems, from it. It is also important to comprehend the relative degree of responsibility of the individual roles. The comprehension helps the developer decide the system architecture and discuss the performance and stability of the system. We introduce the concept of importance as a quantitative metric and an evaluation framework for the extraction of a suitable role set for the system and the task assignment to these roles. The importance is propagated from the requirements to the roles through their assigned tasks. We demonstrate the effectiveness of our framework through a case study and show that our metric and evaluation framework help not only to identify the importance of each role, but also to determine the system architecture.

    DOI

  • A Network-Aware Object Storage Service.

    Shigetoshi Yokoyama, Nobukazu Yoshioka, Motonobu Ichimura

    2012 SC Companion: High Performance Computing, Networking Storage and Analysis, Salt Lake City, UT, USA, November 10-16, 2012     556 - 561  2012年  [査読有り]

    DOI

  • ゴール指向分析に基づくモデル検査のための外部環境の抽象化手法

    乾道孝, 吉岡信和, 落水浩一郎

    情報処理学会論文誌   52 ( 12 ) 3205 - 3220  2011年12月  [査読有り]

  • セキュリティソフトウェア工学の研究動向

    吉岡信和, 大久保隆夫, 宗藤誠治

    日本ソフトウェア科学会, コンピュータソフトウェア   28 ( 3 ) 43 - 60  2011年09月  [査読有り]  [招待有り]

    DOI

  • AOJS:JavaScriptのためのアスペクト指向プログラミング・フレームワーク

    大橋昭, 久保淳人, 水町友彦, 江口和樹, 村上真一, 高橋竜一, 鷲崎弘宜, 深澤良彰, 鹿糠秀行, 小高敏裕, 杉本信秀, 永井洋一, 山本里枝子, 吉岡信和, 石川冬樹, 碇尚史

    コンピュータソフトウェア   28 ( 3 ) 114 - 131  2011年08月  [査読有り]

    DOI

  • A modelling framework to support internal control

    Takafumi Komoto, Kenji Taguchi, Haralambos Mouratidis, Nobukazu Yoshioka, Kokichi Futatsugi

    2011 5th International Conference on Secure Software Integration and Reliability Improvement - Companion, SSIRI-C 2011     187 - 193  2011年  [査読有り]

     概要を見る

    This paper presents a modelling framework to support Internal Control. The proposed framework is intended to be used for the design and evaluation of internal controls by organisations and their auditors. One component of the framework is a modelling language and the other is a process to establish internal controls. The proposed modelling language is based on Secure Tropos modelling language. It extends Secure Tropos in several ways in order to conceptualize some aspects of internal controls in which organisational structure and relationships between major stakeholders are taken into account. In this paper we describe the proposed framework by presenting an internal control model and show how risks can be analysed in the models according to the proposed process. © 2011 IEEE.

    DOI

  • Two patterns for distributed systems: Enterprise service bus (ESB) and distributed publish/subscribe

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    ACM International Conference Proceeding Series    2011年  [査読有り]

     概要を見る

    We present two common patterns for distributed systems: Enterprise Service Bus (ESB) and Distributed Publish/Subscribe (P/S). ESB defines a common bus structure that provides basic brokerage functions as well as a set of other appropriate services. The ESB has been used mostly for web services but it can be used for any distributed system. The P/S realizes a system structure where subscribers register to receive events produced by a publisher. The P/S has been described usually in a centralized environment and we emphasize here its distributed nature. These patterns are mainly intended for web services application and distributed systems architects and designers. In those applications, the ESB and the Distributed P/S are architectural units that need to be combined with other architectural units. © Copyright 2011 Carnegie Mellon University.

    DOI

  • An approach to model-based development of secure and reliable systems

    Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka, Michael VanHilst

    Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011     260 - 265  2011年  [査読有り]

     概要を見る

    A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system. © 2011 IEEE.

    DOI

  • Effective security impact analysis with patterns for software enhancement

    Takao Okubo, Haruhiko Kaiya, Nobukazu Yoshioka

    Proceedings of the 2011 6th International Conference on Availability, Reliability and Security, ARES 2011     527 - 535  2011年  [査読有り]

     概要を見る

    Unlike functional implementations, it is difficult to analyze the impact software enhancements on security. One of the difficulties is identifying the range of effects by new security threats, and the other is developing proper countermeasures. This paper proposes an analysis process that uses two kinds of security pattern: security requirements patterns for identifying threats and security design patterns for identifying countermeasures at an action class level. With these two patterns and the conventional traceability methodology, developers can estimate and compare the amounts of modifications needed by multiple security countermeasures. © 2011 IEEE.

    DOI

  • IMPULSE: A design framework for multi-agent systems based on model transformation

    Hiroyuki Nakagawa, Nobukazu Yoshioka, Akihiko Ohsuga, Shinichi Honiden

    Proceedings of the ACM Symposium on Applied Computing     1411 - 1418  2011年  [査読有り]

     概要を見る

    The purpose of this study is to reduce the difficulties encountered when designing multi-agent systems (MAS). Although MAS are one of the more effective approaches for dealing with the recent increase in software complexity, they are themselves difficult to develop. We believe the difficulties in determining agent responsibilities and the organizational structure as the most significant obstacles to MAS development. In this paper, we propose a design framework for MAS, which includes restriction rules in the goal-oriented requirements description and a generator that transforms the restricted requirements description into a general MAS design model. We demonstrate the effectiveness of our framework through a case study and show how the framework can be used to construct MAS design models more precisely than conventional methods permit. © 2011 ACM.

    DOI

  • Edubase cloud: An open-source cloud platform for cloud engineers

    Nobukazu Yoshioka, Shigetoshi Yokoyama, Yoshionori Tanabe, Shinichi Honiden

    Proceedings - International Conference on Software Engineering     73 - 73  2011年  [査読有り]

     概要を見る

    Education for cloud engineers is crucial in terms of innovation in the development of cloud technologies. We propose a new cloud platform based on open-source software that uses multi-clouds for the education. © 2011 Authors.

    DOI

  • A Framework for Validating Task Assignment in Multi-agent Systems using Requirements Importance (Early Innovation)

    Hiroyuki Nakagawa, Nobukazu Yoshioka, Akihiko Ohsuga, Shinichi Honiden

    The 13th International Conference on Principles and Practice of Multi-Agent Systems     207 - 214  2010年11月  [査読有り]

  • Aligning security requirements and security assurance using the common criteria

    Kenji Taguchi, Nobukazu Yoshioka, Takayuki Tobita, Hiroyuki Kaneko

    SSIRI 2010 - 4th IEEE International Conference on Secure Software Integration and Reliability Improvement     69 - 77  2010年  [査読有り]  [招待有り]

     概要を見る

    This paper presents a new approach, which attempts to provide a basic framework in which security requirements and security assurance can be aligned in a uniform and concise way in a single requirements modelling methodology. This framework aims at providing security requirements modelling method for the system development as well as security assurance under the Common Criteria (IEC/ISO 15408), an international standard for security assurance and evaluation for IT products. We will adopt use case diagrams as a basis for this modelling method and extend them based on a meta model derived from the Common Criteria, which includes all relevant security concepts and their relationships for an analysis of security threats. We take Multi Function Peripherals (MFPs) as a working example and demonstrate how our proposed modelling method can effectively elicit/analyze security requirements in this paper. © 2010 IEEE.

    DOI

  • Model-Driven Security Patterns Application Based on Dependences among Patterns

    Yuki Shiroma, Hironori Washizaki, Yoshiaki Fukazawa, Atsuto Kubo, Nobukazu Yoshioka

    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS     555 - 559  2010年  [査読有り]

     概要を見る

    The spread of open-software services through the Internet increases the importance of security. A security pattern is one of the techniques in which developers utilize security experts' knowledge. Security patterns contain typical solutions about security problems. However there is a possibility that developers may apply security patterns in inappropriate ways due to a lack of consideration on dependencies among patterns. Application techniques of security patterns that consider such dependencies have not been proposed yet. In this paper, we propose an automated application technique of security patterns in model driven software development by defining applications procedures of security patterns to models as model transformation rules with consideration for pattern dependencies. Our technique prevents inappropriate applications such as the application of security patterns to wrong model elements and that in wrong orders. Therefore our technique supports developers apply security patterns to their own models automatically in appropriate ways.

    DOI

  • Measuring the level of security introduced by security patterns

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Michael VanHilst

    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS     565 - 568  2010年  [査読有り]

     概要を見る

    It is possible to reasonably measure the security quality of individual security patterns. However, more interesting is to ask: Can we show that a system built using security patterns is secure in some sense? We discuss here some issues about evaluating the security of a system built using security patterns. We consider the use of threats and misuse patterns to perform this evaluation.

    DOI

  • Security patterns: Comparing modeling approaches

    Armstrong Nhlabatsi, Arosha Bandara, Shinpei Hayashi, Charles B. Haley, Jan Jurjens, Haruhiko Kaiya, Atsuto Kubo, Robin Laney, Haralambos Mouratidis, Bashar Nuseibeh, Thein T. Tun, Hironori Washizaki, Nobukazu Yoshioka, Yijun Yu

    Software Engineering for Secure Systems: Industrial and Research Perspectives     75 - 111  2010年  [査読有り]

     概要を見る

    Addressing the challenges of developing secure software systems remains an active research area in software engineering. Current research efforts have resulted in the documentation of recurring security problems as security patterns. Security patterns provide encapsulated solutions to specific security problems and can be used to build secure systems by designers with little knowledge of security. Despite this benefit, there is lack of work that focus on evaluating the capabilities of security analysis approaches for their support in incorporating security analysis patterns. This chapter presents evaluation results of a study we conducted to examine the extent to which constructs provided by security requirements engineering approaches can support the use of security patterns as part of the analysis of security problems. To achieve this general objective, the authors used a specific security pattern and examined the challenges of representing this pattern in some security modeling approaches. The authors classify the security modeling approaches into two categories: Problem and solution and illustrate their capabilities with a well-known security patterns and some practical security examples. Based on the specific security pattern they have used our evaluation results suggest that current approaches to security engineering are, to a large extent, capable of incorporating security analysis patterns. © 2011, IGI Global.

    DOI

  • Using security patterns to develop secure systems

    E.B. Fernandez, N. Yoshioka, H. Washizaki, J. Jurjens, M. VanHilst, G. Pernul

    Software Engineering for Secure Systems, IGI Global     16 - 31  2010年  [査読有り]

    DOI

  • Model-Driven Security Patterns Application Based on Dependences among Patterns

    Yuki Shiroma, Hironori Washizaki, Yoshiaki Fukazawa, Atsuto Kubo, Nobukazu Yoshioka

    FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS     555 - 559  2010年  [査読有り]

     概要を見る

    The spread of open-software services through the Internet increases the importance of security. A security pattern is one of the techniques in which developers utilize security experts' knowledge. Security patterns contain typical solutions about security problems. However there is a possibility that developers may apply security patterns in inappropriate ways due to a lack of consideration on dependencies among patterns. Application techniques of security patterns that consider such dependencies have not been proposed yet. In this paper, we propose an automated application technique of security patterns in model driven software development by defining applications procedures of security patterns to models as model transformation rules with consideration for pattern dependencies. Our technique prevents inappropriate applications such as the application of security patterns to wrong model elements and that in wrong orders. Therefore our technique supports developers apply security patterns to their own models automatically in appropriate ways.

    DOI

  • A worm misuse pattern

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    ACM International Conference Proceeding Series    2010年  [査読有り]

     概要を見る

    We have proposed a new type of pattern, the misuse pattern. This pattern describes, from the point of view of the attacker, how a type of attack or misuse is performed (what system units it uses and how)
    it also provides ways of stopping the attack by enumerating possible security patterns that can be applied for this purpose, and helps analyzing the attack once it has happened by indicating where can we find forensics data as well as what type of data. A catalog of misuse patterns is needed to let designers evaluate their designs with respect to possible threats. We present here a misuse pattern for a generic worm, which describes the essential and typical characteristics of this type of malware. We consider how to stop this malware and we also discuss some examples and variations.

    DOI

  • A security pattern for data integrity in P2P systems

    Benjamin Schleinzer, Nobukazu Yoshioka

    ACM International Conference Proceeding Series    2010年  [査読有り]

     概要を見る

    Peer-To-Peer-systems (P2P) introduced new methods to distribute large amounts of data to end users. To increase the distribution speed resources from all participating network nodes, the peers, are used, and therefore the workload on own resources decreases. To utilize all peers large data is split into small pieces, so called chunks, and these chunks are distributed among peers therefore making each chunk available on different peers. To identify and find chunks in P2P-systems hash algorithms are used, and each peer is responsible for a specific range of the hash's keyspace and all chunks that fall within this keyspace. With data stored on multiple peers new security risks in terms of confidentiality, integrity, and availability arise. Our security pattern targeted specifically for P2P-systems helps system designers to identify possible threats and show appropriate countermeasures. We show how secure hash algorithms can guarantee the integrity of the distributed data even though chunks are sent to, received from, and stored by multiple, possible untrustworthy, peers.

    DOI

  • パターン間の関係を考慮したセキュリティパターン適用支援

    城間祐輝, 久保淳人, 吉岡信和, 鷲崎弘宣, 深澤良彰

    ソフトウェアエンジニアリング最前線2009     75 - 82  2009年09月  [査読有り]

  • Evolution of a course on model checking for practical applications

    Yasuyuki Tahara, Nobukazu Yoshioka, Kenji Taguchi, Toshiaki Aoki, Shinichi Honiden

    SIGCSE Bulletin Inroads   41 ( 2 ) 38 - 44  2009年06月  [査読有り]

     概要を見る

    Although model checking is expected as a practical formal verification approach for its automatic nature, it still suffers from difficulties in writing the formal descriptions to be verified and applying model checking tools to them effectively. The difficulties are found mainly in grasping the exact system behaviors, representing them in formal languages, and using model checking tools that fit the best to the verification problems. Even capable software developers need extensive education to overcome the difficulties. In this paper, we report our education course of practical applications of model checking in our education project called Top SE. Our approach consists of the following two features. First, we adopt UML as the design specification language and create the descriptions for each specific model checking tool from the UML diagrams, to enable easy practical application of model checking. Second, we build taxonomies of system behaviors, in particular behaviors of concurrent systems that are main targets of model checking. We can organize the knowledge and the techniques of practical model checking according to the taxonomies. The taxonomies are based on several aspects of system behaviors such as synchronization of transitions, synchronization of communications, and modeling of system environments. In addition, we make clear which model checking tools fit which types of systems. We treat the three different model checking tools: SPIN, SMV, and LTSA. Each tool has its specific features that make the tool easier or more difficult to be applied to specific problems than others. In our education course, we explain the taxonomies, the knowledge, and the techniques using very simple examples. We also assign the students exercises to apply the knowledge and the techniques to more complicated problems such as the dining philosopher problem, data copying between a DVD recorder and a hard disk recorder, and the alternating bit protocol.

    DOI

  • Evolution of a course on model checking for practical applications

    Yasuyuki Tahara, Nobukazu Yoshioka, Kenji Taguchi, Toshiaki Aoki, Shinichi Honiden

    SIGCSE Bulletin Inroads   41 ( 2 ) 38 - 44  2009年06月  [査読有り]

     概要を見る

    Although model checking is expected as a practical formal verification approach for its automatic nature, it still suffers from difficulties in writing the formal descriptions to be verified and applying model checking tools to them effectively. The difficulties are found mainly in grasping the exact system behaviors, representing them in formal languages, and using model checking tools that fit the best to the verification problems. Even capable software developers need extensive education to overcome the difficulties. In this paper, we report our education course of practical applications of model checking in our education project called Top SE. Our approach consists of the following two features. First, we adopt UML as the design specification language and create the descriptions for each specific model checking tool from the UML diagrams, to enable easy practical application of model checking. Second, we build taxonomies of system behaviors, in particular behaviors of concurrent systems that are main targets of model checking. We can organize the knowledge and the techniques of practical model checking according to the taxonomies. The taxonomies are based on several aspects of system behaviors such as synchronization of transitions, synchronization of communications, and modeling of system environments. In addition, we make clear which model checking tools fit which types of systems. We treat the three different model checking tools: SPIN, SMV, and LTSA. Each tool has its specific features that make the tool easier or more difficult to be applied to specific problems than others. In our education course, we explain the taxonomies, the knowledge, and the techniques using very simple examples. We also assign the students exercises to apply the knowledge and the techniques to more complicated problems such as the dining philosopher problem, data copying between a DVD recorder and a hard disk recorder, and the alternating bit protocol.

    DOI

  • 無線センサネットワークにおける複数プログラムの動的配備

    末永 俊一郎, 吉岡 信和, 本位田 真一

    情報処理学会論文誌   50 ( 1 ) 14 - 30  2009年02月  [査読有り]

  • Misuse cases + assets + security goals

    Takao Okubo, Kenji Taguchi, Nobukazu Yoshioka

    Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009   3   424 - 429  2009年  [査読有り]

     概要を見る

    Security is now the most critical feature of any, computing systems. Eliciting and analyzing security requirements, in the early stages of the system development process is highly, recommended to reduce security vulnerabilities which might be, found in the later stages of the system development process. In, order to address this issue, we will propose a new extension, of the misuse case diagram for analyzing and eliciting security, requirements with special focus on assets and security goals. We, will also present the process model in which business requirements, and system requirements related to security features are, separately analyzed and elicited in different phases. This process, model helps us to analyze the requirements related to business, goals in an earlier phase and to the system goals in a later phase, so that any concerns related to them are dealt with separately.We will illustrate our approach with a case study taken from an, accounting software package. © 2009 IEEE.

    DOI

  • Overview of the 3rd international workshop on software patterns and quality (SPAQu'09)

    Hironori Washizaki, Nobukazu Yoshioka, Eduard B. Fernandez, Jan Jurjens

    Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications, OOPSLA     713 - 714  2009年  [査読有り]

     概要を見る

    We will discuss here the theoretical, social, technological and practical issues related to quality aspects of software patterns including security and safety aspects. The workshop will provide the opportunity for bringing together researchers and practitioners, and for discussing the future prospects of this area. As for the workshop format, first, we will have short talks on what software patterns are, and how they are related to quality. Second, we will have accepted position paper presentations to expose the latest researches and practices on software patterns and quality. Finally, we will discuss several topics related to these presentations in small groups. Newcomers, interested researchers and practitioners are free to attend the workshop to facilitate their understandings, researches and practices on software patterns and quality.

    DOI

  • Proceedings of the Third International Workshop on Software Patterns and Quality(SPAQu'09)

    Hironori Washizaki, Nobukazu Yoshioka, Eduardo B.Fernandez, Jan Jurjens(Editors

    Technical Report GRACE-TR-2009-07,GRACE Center,National Institute of Informatics    2009年  [査読有り]

  • What top-level software engineers tackle after learning formal methods: Experiences from the top SE project

    Fuyuki Ishikawa, Kenji Taguchi, Nobukazu Yoshioka, Shinichi Honiden

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   5846   57 - 71  2009年  [査読有り]

     概要を見る

    In order to make practical use of formal methods, it is not sufficient for engineers to obtain general, fundamental knowledge of the methods and tools. Actually, it is also necessary for them to carefully consider their own contexts and determine adequate approaches to their own problems. Specifically, engineers need to choose adequate methods and tools, determine their usage strategies, and even customize or extend them for their effective and efficient use. Regarding the point, this paper reports and discusses experiences on education of formal methods in the Top SE program targeting software engineers in the industry. The program involves education of a variety of scientific methods and tools with group exercises on practical problems, allowing students to compare different approaches while understanding common principles. In addition, the program involves graduation studies where each student identifies and tackles their own problems. Statistics on problem settings in the graduation studies provide interesting insights into what top-level engineers tackles after learning formal methods. © 2009 Springer-Verlag Berlin Heidelberg.

    DOI

  • A propose of the Cooperation Support Agent for face-to-face class and e-learning

    Masako Urakami, Seiji Shimizu, Yasukuni Okataku, Nobukazu Yoshioka, Masakazu Ito, Hiroki Iwasaki, Kenshiro Okamura, Masahiro Sugimoto, Tetsuya Sumida, Masayuki Fujii, Yoshinori Mihara, Fumino Yoshidome, Akira Miyamoto

    Proc.The 4th Asian(OCMT-QDU)Cooperative Technology and Education Conference     39 - 43  2009年  [査読有り]

  • Group Migration by Mobile Agents in Wireless Sensor Networks

    Shunichiro Suenaga, Nobukazu Yoshioka, Shinichi Honiden

    The Computer Journal    2009年  [査読有り]

  • Improving the Classification of Security Patterns

    Hironori Washizaki, Eduardo B. Fernandez, Katsuhisa Maruyama, Atsuto Kubo, Nobukazu Yoshioka

    PROCEEDINGS OF THE 20TH INTERNATIONAL WORKSHOP ON DATABASE AND EXPERT SYSTEMS APPLICATION     165 - +  2009年  [査読有り]

     概要を見る

    There are a large number of security patterns encapsulating reusable solutions to recurrent security problems. However, catalogs of security patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. There is a need to conduct more precise classifications of security patterns. We analyze here ways to represent security patterns using specialized models for their precise classification. We define two new types of models, one that describes how a security pattern relates to several classification dimensions (Dimension Graph), and another that describes how security patterns relate to each other (Pattern Graphs). We show these ideas with examples from security patterns.

    DOI

  • AOJS: Aspect-Oriented Java Script Programming Framework for Web Development

    Hironori Washizaki, Atsuto Kubo, Tomohiko Mizumachi, Kazuki Eguchi, Yoshiaki Fukazawa, Nobukazu Yoshioka, Hideyuki Kanuka, Toshihiro Kodaka, Nobuhide Sugimoto, Yoichi Nagai, Rieko Yamamoto

    ACP4IS'09: 8TH WORKSHOP ON ASPECTS, COMPONENTS AND PATTERNS FOR INFRASTRUCTURE SOFTWARE     31 - 35  2009年  [査読有り]

     概要を見る

    Java Script is a popular scripting language that is particularly useful for client-side programming together with HTML/XML on the Web. As Java Script programs become more complex and large, separation of concerns at the implementation level is a significant challenge. Aspect orientation has been a well known concept to realize improved separation; however, existing mechanisms require modifications in the target modules for aspect weaving in Java Script (i.e., not "complete" separation). In this paper, we propose an Aspect-Oriented Java Script framework, named "AOJS", which realizes the complete separation of aspects and other core modules in Java Script. AOJS can specify function executions, variable assignments and file initializations in Java Script programs as the joinpoints of aspects. Moreover, AOJS guarantees the complete separation of aspects and core program modules by adopting a proxy-based architecture for aspect weaving. By utilizing these features, we confirmed that AOJS offers improved modifiability and extendability for Java Script programming.

    DOI

  • Generative Dynamic Deployment of Multiple Components in Wireless Sensor Networks

    Shunichiro Suenaga, Nobukazu Yoshioka, Shinichi Honiden

    WONS 2009: SIXTH INTERNATIONAL CONFERENCE ON WIRELESS ON-DEMAND NETWORK SYSTEMS AND SERVICES     183 - +  2009年  [査読有り]

     概要を見る

    Wireless sensor networks (WSN) consist of spatially distributed nodes that monitor physical conditions. In the past, most WSNs have been designed with a single specific application in mind. Recent developments however are expanding the applicability of WSNs and are increasing the demand for deploying multiple applications simultaneously. To host multiple applications in a single WSN, current solutions provide mechanisms for components to be dynamically deployed to nodes. However, two issues make the present form of dynamic deployment impractical for applications involving distributed collaboration and the redeployment of multiple distributed components. For one, existing works lack a suitable architecture for cooperation and interaction between components in WSNs. Another problematic aspect is the insufficiency of current methods in efficiently deploying multiple components throughout the network. To address these issues, we propose an architecture based on multiple components that have specific responsibilities in regard to deployment and a generative approach for dynamic deployment of such components.

    DOI

  • Modeling Misuse Patterns

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2     566 - +  2009年  [査読有り]

     概要を見る

    Security patterns are now starting to be accepted by industry. Security patterns are useful to guide the security design of systems by providing generic solutions that can stop a variety of attacks but it is not clear to an inexperienced designer what pattern should be applied to stop a specific attack. They are not useful either for forensics because they do not emphasize the modus operandi of the attack. To complement security patterns, we have proposed a new type of pattern, the misuse pattern. This pattern describes, from the point of view of the attacker how a type of attack is performed (what units it uses and how), defines precisely the context of the attack, analyzes the ways of stopping the attack by enumerating possible security patterns that can be applied for this purpose, and describes how to trace the attack once it has happened by appropriate collection and observation of forensics data. We present here a model that characterizes the precise structure of this type of pattern.

  • AOJS: アスペクトを完全分離記述可能な JavaScript アスペクト指向プログラミング・ フレームワーク

    久保淳人, 水町友彦, 鷲崎弘宜, 深澤良彰, 鹿糠秀行, 小高敏裕, 杉本信秀, 永井洋一, 山本里枝子, 吉岡信和

    ソフトウェア工学の基礎〈15〉日本ソフトウェア科学会FOSE 2008    2008年11月  [査読有り]

  • 診療情報共有のための新しいセキュリティ基盤システムの開発

    山上 浩志他

    医療情報学    2008年11月  [査読有り]

  • トップエスイー:ソフトウェア開発におけるトップレベル技術者の育成

    鷲崎弘宜, 田口研治, 吉岡信和, 粂野文洋, 田原康之, 本位田 真一

    Quality One   4   5 - 11  2008年11月  [査読有り]

  • Education Course of Practical Model Checking

    Yasuyuki Tahara, Nobukazu Yoshioka, Kenji Taguchi, Toshiaki Aoki, Shinichi Honiden

    First International Workshop on Formal Methods Education and Training, Technical Report GRACE-TR-2008-03   3   33 - 48  2008年10月  [査読有り]

  • ユビキタスコンピューティングにおけるアプリケーション開発手法に関する研究動向

    鄭顕志, 中川博之, 川俣洋次郎, 吉岡信和, 深澤良彰, 本位田真一

    コンピュータソフトウェア   25 ( 4 ) 121 - 132  2008年10月  [査読有り]

  • 適応エージェントのためのユビキタスコンピューティングミドルウェア

    鄭 顕志, 石川 冬樹, 吉岡 信和, 深澤 良彰, 本位田 真一

    コンピュータソフトウェア   25 ( 4 ) 11 - 19  2008年10月  [査読有り]

    DOI

  • ユビキタスコンピューティングにおける分散協調・連携技術の研究動向

    石川 冬樹, 阿部 玲, 高橋 竜一, 吉岡 信和, 深澤 良彰, 本位田 真一

    コンピュータソフトウェア   25 ( 4 ) 133 - 144  2008年10月  [査読有り]

  • Transparent Application Lifetime Management in Wireless Sensor Networks

    Eric Platon, Shunichiro Suenaga, Nobukazu Yoshioka, Shinichi Honiden

    the 10th International Conference on Ubiquitous Computing (UbiComp 2008)    2008年09月  [査読有り]

  • ユビキタスコンピューティングにおけるイベントに基づいたアクセス制御

    石川 冬樹, 清 雄一, 吉岡 信和, 本位田 真一

    マルチメディア,分散,協調とモバイル(DICOMO2008)シンポジウム 論文集     435 - 438  2008年07月  [査読有り]

  • Design and Construction of the Cooperation Support Agent for Face-to-face Class and E-learning

    Masaaki Kunishige, Misako Urakami, Seiji Shimizu, Yasukuni Okataku, Nobukazu Yoshioka

    The 23rd International Technical Conference on Circuits/Systems, Computers and Communications    2008年06月  [査読有り]

  • A Survey on Security Patterns

    Nobukazu Yoshioka, Hironori Washizaki, Katsuhisa Maruyama

    Progress in Informatics   5   35 - 47  2008年05月  [査読有り]

    DOI

  • Report on the 2nd Workshop on Software Patterns and Quality: (SPAQu'08)

    Hironori Washizaki, Nobukazu Yoshioka, Eduardo B. Fernandez, Jan Ju'rjens

    PLoP08 - 15th Conference on Pattern Languages of Programs, Proceedings    2008年  [査読有り]

     概要を見る

    We held the 2nd Workshop on Software Patterns and Quality (SPAQu'08) as a focus group of the 15th Conference on Pattern Languages of Programs (PLoP '08), to discuss the theoretical, social, technological and practical issues related to quality aspects of software patterns, including security aspects. In this report we summarize the objectives and results of the workshop. © 2008 is held by the author(s).

    DOI

  • Abstract security patterns

    Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka

    PLoP08 - 15th Conference on Pattern Languages of Programs, Proceedings    2008年  [査読有り]

     概要を見る

    We introduce the concept of "abstract" security patterns that deal with abstract security mechanisms, rather than concrete implementations. We also show an organization of abstract security patterns and concrete ones into hierarchies. © 2008 is held by the author(s).

    DOI

  • Enforcing a security pattern in stakeholder goal models

    Yijun Yu, Haruhiko Kaiya, Hironori Washizaki, Yingfei Xiong, Zhenjiang Hu, Nobukazu Yoshioka

    Proceedings of the ACM Conference on Computer and Communications Security     9 - 13  2008年  [査読有り]

     概要を見る

    Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements. Copyright 2008 ACM.

    DOI

  • Incorporating database systems into a secure software development methodology

    Eduardo B. Fernandez, Jan Jurjens, Nobukazu Yoshioka, Hironori Washizaki

    DEXA 2008: 19TH INTERNATIONAL CONFERENCE ON DATABASE AND EXPERT SYSTEMS APPLICATIONS, PROCEEDINGS     310 - +  2008年  [査読有り]

     概要を見る

    We have proposed in the past three separate methodologies for secure software development. We have found that they have many common and complementary aspects and we proposed a combination of them that appears as a good approach to secure software development. The combined methodology applies security at all stages, considers the architectural levels of the system, applies security policies through the use of patterns, and formalizes some portions of the design. We have studied in some detail how to elicit and describe security requirements, how to reflect these requirements in the conceptual model, how to estimate some performance aspects, how to formalize some aspects such as communication protocols, and how to map the conceptual requirements into design artifacts. A design aspect which we have not studied is the incorporation of databases as part of the secure architecture. The database system is a fundamental aspect for security because it stores the persistent information, which constitutes most of the information assets of the institution. We present here some ideas on how to make sure that the database system has the same level of security than the rest of the secure application.

    DOI

  • Classifying security patterns

    Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka, Atsuto Kubo, Yoshiaki Fukazawa

    PROGRESS IN WWW RESEARCH AND DEVELOPMENT, PROCEEDINGS   4976   342 - +  2008年  [査読有り]

     概要を見る

    Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.

    DOI

  • Developing Consistent Contractual Policies in Service Composition

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    The 2007 IEEE Asia-Pacific Services Computing Conference (IEEE APSCC 2007)     527 - 534  2007年12月  [査読有り]

    DOI

  • モデル変換に基づく要求記述を利用した形式仕様記述の構築

    中川博之, 吉岡信和, 田口研治, 本位田真一

       2007年11月  [査読有り]

  • Agreements and Policies in Cooperative Mobile Agents: Formalization and Implementation

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    The 9th International Symposium on Distributed Objects Middleware and Applications (DOA 2007)     683 - 700  2007年11月  [査読有り]

  • ユビキタスコンピューティングにおけるコンテキストのモデル化,管理に関する研究動向

    中村善行, 清家良太, 鄭顕志, 吉岡信和, 深澤良彰, 本位田真一

    合同エージェントワークショップ&シンポジウム2007 (JAWS2007)    2007年10月  [査読有り]

  • Errors and Misconceptions in Learning i*

    Toshihiko Tsumaki, Yasuyuki Tahara, Nobukazu Yoshioka, Haruhiko Kaiya, Kenji Taguchi, Shinichi Honiden

    2nd International Workshop on Requirements Engineering Education and Training (REET'07)    2007年10月

  • サービス合成における契約ポリシーの決定・検証問題の形式化とその支援

    石川冬樹, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2007 (JAWS2007)    2007年10月  [査読有り]

  • 要求の重要度を用いたマルチエージェントシステムの分析モデル検証

    中川博之, 吉岡信和, 本位田真一

    電子情報通信学会論文誌   J90-D ( 9 ) 2281 - 2292  2007年09月  [査読有り]  [招待有り]

  • Event Calculusに基づく合意を用いたモバイルエージェントの協調

    石川冬樹, 吉岡信和, 本位田真一

    電子情報通信学会論文誌   J90-D ( 9 ) 2349 - 2364  2007年09月  [査読有り]  [招待有り]

  • IMPULSE: KAOSを利用したマルチエージェントシステムの分析モデル構築

    中川博之, 吉岡信和, 本位田真一

    情報処理学会論文誌処理   48 ( 8 ) 2551 - 2565  2007年08月  [査読有り]  [招待有り]

  • Policy-based Runtime Partner Management in Process-Based Services

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    2007 IEEE International Conference on Web Services (ICWS 2007)    2007年07月  [査読有り]

    DOI

  • トップエスイー教育プログラム

    Shinichi Honiden, Yasuyuki Tahara, Nobukazu Yoshioka, Kenji Taguchi

    In Proc. of 29th International Conferene of Sotware Engineering (ICSE 2007), IEEE CS,     708 - 717  2007年05月  [査読有り]  [招待有り]

  • "プロセス記述によるサービス合成のパーベイシブコンピューティングへの適用 ,"

    石川 冬樹, 吉岡 信和, 本位田 真一

    情報処理学会論文誌   ( Vol.48 No.4 ) 1785 - 1798  2007年04月  [査読有り]  [招待有り]

  • セキュリティパターンに基づく安全で効率的な企業間連携システムの設計法

    Nobukazu Yoshioka, Shinichi Honiden, Anthony Finkelstein

    Proc. of The 8th International IEEE Enterprise Distributed Object Computing Conference (EDOC 2004),     84 - 97  2007年04月  [査読有り]  [招待有り]

  • プロセス記述によるサービス合成のパーベイシブコンピューティングへの適用

    石川 冬樹, 吉岡 信和, 本位田 真一

    情報処理学会論文誌   48 ( 4 ) 1785 - 1798  2007年04月  [査読有り]  [招待有り]

  • ゴール指向要求工学方法論の共通用語モデルと共通パターン

    田原康之, 長野伸一, 吉岡信和, 本位田真一

    情報処理学会論文誌   48 ( 3 )  2007年03月  [査読有り]

  • ユビキタス環境で活躍するエージェント

    吉岡信和, 本位田真一

    情報処理   ( Vol.48,No.3 ) 29 - 35  2007年03月  [査読有り]  [招待有り]

  • Using security patterns to build secure systems

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Jan Jurjens

    Proceedings of the 1st International Workshop on Software Patterns and Quality (SPAQu'07)     47 - 48  2007年  [査読有り]

  • 1st international workshop on software patterns and quality (SPAQu'07)

    Hironori Washizaki, Nobukazu Yoshioka

    Proceedings - Asia-Pacific Software Engineering Conference, APSEC     557 - 558  2007年

     概要を見る

    Although numbers of software pattern catalogues and languages have been published, little is known about quality of patterns, quality by patterns and quality aspects of pattern activities. This workshop seeks to gain an improved understanding on the theoretical, social, technological and practical issues related to quality aspects of patterns including security and safety. © 2007 IEEE.

    DOI

  • Novel Applications in Ubiquitous Computing

    Christian Sommer, Shunichiro Suenaga, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007) 2007年10月29日 合同エージェントワークショップ&シンポジウム2007(JAWS2007)   - suenaga  2007年  [査読有り]

  • Top SE: Educating superarchitects who can apply software engineering tools to practical development in Japana

    Shinichi Honiden, Yasuyuki Tahara, Nobukazu Yoshioka, Kenji Taguchi, Hironori Washizaki

    ICSE 2007: 29TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, PROCEEDINGS     708 - +  2007年

     概要を見る

    This paper discusses the Top SE program established to bridge the industry-academia gap. The program features extensive use of software engineering tools, not only to introduce students to the tools, but also as a conduit for learning the techniques and guidelines needed to apply the tools to practical software development situations. The curriculum is organized around practical problems mainly from the area of digital home appliances and focuses on upper stream software development processes.
    The Top SE program is developed and operated by a close collaboration between industry and academia. We illustrate our discussion with examples from one of the courses, Verification of Design Models, which takes up model checking technologies, including three specific tools: SPIN, SMV, and LTSA.

    DOI

  • Smartive: Agreement-based Mobile Composite Agents for Multimedia Services

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    International Conference on Intelligent Agents Web Technologies and Internet Commerce (IAWTIC 2006)    2006年11月  [査読有り]

    DOI

  • Context-awareなコンテンツ流通のためのセキュリティアーキテクチャ

    清雄一, 粂野文洋, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2006 (JAWS2006)    2006年10月  [査読有り]  [招待有り]

  • Formal Model of Mobile BPEL4WS Process

    Fuyuki Ishikawa, Yasuyuki Tahara, Nobukazu Yoshioka, Shinichi Honiden

    International Journal of Business Process Integration and Management (IJBPIM)   Vol. 1 ( Issue 3 ) 192 - 209  2006年09月  [査読有り]

    DOI

  • Service-Oriented and Autonomous Distribution and Provision of Multimedia Contents

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    Poster Track at The 5th International Joint Conference on Autonomous Agents and Multi Agent Systems (AAMAS 2006)     949 - 951  2006年05月  [査読有り]

    DOI

  • モバイルエージェントの合意に基づいた協調とサービス管理

    石川 冬樹, 吉岡 信和, 本位田 真一

    合同エージェントワークショップ&シンポジウム2006 (JAWS2006)    2006年03月  [査読有り]  [招待有り]

  • "コンテンツ流通エージェントのための強化学習メカニズム ," (2006).

    片岡慧, 吉岡信和, 石川冬樹, 鄭顕志, 本位田真一

    合同エージェントワークショップ&シンポジウム2006 (JAWS2006)    2006年03月  [査読有り]  [招待有り]

  • マルチメディアサービスのためのモバイル合成エージェント:Smartive

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    International Conference on Intelligent Agents, Web Technologies and Internet Commerce (IAWTIC 2006)    2006年03月  [査読有り]  [招待有り]

  • サービス指向で自律的なマルチメディアコンテンツの流通と提供

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    Proc. of the Fifth International Joint Conference on Autonomous Agents and Multi Agent Systems (AAMAS 2006), ACM     949 - 951  2006年03月  [査読有り]  [招待有り]

  • ソフトウェア設計に対するモデル駆動型検証プロセス

    長野 伸一, 吉岡 信和, 田原 康之, 本位田 真一

    情報処理学会論文誌   ( vol.47, no.1 ) 193 - 208  2006年03月  [査読有り]  [招待有り]

  • ゴール指向要求工学の体系化のための共通用語

    田原 康之, 長野 伸一, 吉岡 信和, 本位田 真一

    情報処理学会論文誌   Vol.47 ( No.2 ) 596 - 608  2006年03月  [査読有り]  [招待有り]

  • エージェント間協調のためのプロトコルを利用したポリシー表現とその監視法の提案

    吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2006 (JAWS2006)    2006年03月  [査読有り]  [招待有り]

  • Incorporating Agreements on Service Options into BPEL-based Services

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    International Conference on Intelligent Agents Web Technology and Internet Commerce (IAWTIC'2005)     796 - 803  2005年11月  [査読有り]

  • Location Scope : A Conceptual Event Modeling for Location-Aware Application Development

    Kazutaka Matsuzaki, Nobukazu Yoshioka, Shinichi Honiden

    2nd International Workshop on Mobility Aware Technologies and Applications, October 17-19, 2005, Montreal, Canada    2005年10月  [査読有り]

  • Common Metamodel of Goal-Oriented Requirements Engineering Methodologies

    Yasuyuki Tahara, Shinichi Nagano, Nobukazu Yoshioka, Sshinichi Honiden

    The Third International Workshop on Comparative Evaluation in Requirements Engineering Paris, France August 29, 2005    2005年10月  [査読有り]

  • Mobile agent system for Web service integration in pervasive network

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    Systems and Computers in Japan   36 ( 11 ) 34 - 48  2005年10月

     概要を見る

    Efforts to realize Web service technology for dynamic integration of distributed components have been started. There is also a proposal for a language that describes the integration flow in a platform-independent form. It is expected that Web service integration will be applied not only to the Internet, but also to various environments such as pervasive networks composed of mobile devices with wireless connections. In the latter case, it is necessary to deal with resource saving problems such as those that arise in a relatively low speed and unstable wireless channel. This study applies the mobile agent technique to the above problem and proposes a mobile agent system for Web service integration. In the proposed system, the physical actions of the mobile agents, that is, migration and cloning, are separated from the integration logic, and are represented as rules to be added to the integration flow description. By this separation, the physical behavior can be added or modified according to environmental conditions without modifying the integration flow. © 2005 Wiley Periodicals, Inc.

    DOI

  • A Framework for Synthesis of Web Services and Mobile Agents

    Fuyuki Ishikawa, Yasuyuki Tahara, Nobukazu Yoshioka, Shinichi Honiden

    International Journal of Pervasive Computing and Communications (JPCC)   Vol.1 ( Issue3 ) 227 - 245  2005年09月  [査読有り]

  • Developing Service-Oriented Compounds of Cooperative Mobile Agents

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    Workshop on Service-Oriented Computing and Agent-Based Engineering, Utrecht, The Netherlands    2005年07月  [査読有り]

  • Agent Synthesis: Partnership and Agreement in Cooperative Mobile Agents

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    The Fourth International Joint Conference on Autonomous Agents and Multi Agent Systems (AAMAS 2005), July 25 to 29, 2005, The Netherlands     1267 - 1268  2005年07月  [査読有り]

  • IOM/T : An Interaction Description Language for multi-agent systems

    Takuo DOI, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    The Fourth International Joint Conference on Autonomous Agents and Multi Agent Systems, July 25 to 29, 2005,The Netherlands     778 - 785  2005年07月  [査読有り]

  • Framework for Hierarchical Agent Synthesis and Its Multimedia Application

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    SOCABE Workshop at AAMAS2005     1267 - 1268  2005年07月  [査読有り]

  • FRAMEWORK FOR HIERARCHICAL MOBILE AGENTS: TOWARD SERVICE-ORIENTED AGENT COMPOUND

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    The 7th International Conference on Enterprise Information Systems (ICEIS-2005)    2005年05月  [査読有り]

  • BPELに基づくサービスへのサービスオプションに関する合意の組み込み

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    Web Technology and Internet Commerce (IAWTIC'2005)     796 - 803  2005年03月  [査読有り]  [招待有り]

  • ユビキタス環境下での柔軟で管理可能なコンテンツの活動

    Kazutaka Matsuzaki, Nobukazu Yoshioka, Shinichi Honiden

    OTM Workshops, LNCS 3762, Springer-Verlag (2005).    2005年03月  [査読有り]  [招待有り]

  • Webサービスとモバイルエージェントの統合のためのフレームワーク

    Fuyuki Ishikawa, Yasuyuki Tahara, Nobukazu Yoshioka, Shinichi Honiden

    International Journal of Pervasive Computing and Communications (JPCC)   ( Vol.1 Issue3 ) 227 - 245  2005年03月  [査読有り]  [招待有り]

  • 協調的なモバイルエージェントのサービス指向合成の開発

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    不明    2005年03月  [査読有り]  [招待有り]

  • MANET上の場所に束縛されたモバイルエージェント

    Kenji Tei, Nobukazu Yoshioka, Yoshiaki Fukazawa, Shinichi Honiden

    不明    2005年03月  [査読有り]  [招待有り]

  • 階層型エージェント合成のためのフレームワークとそのマルチメディアアプリケーション応用

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    不明    2005年03月  [査読有り]  [招待有り]

  • インタラクション記述言語: IOM/T

    Takuo Doi, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    不明    2005年03月  [査読有り]  [招待有り]

  • 階層型に拡張されたモバイルエージェントフレームワークとそのマルチメディアアプリケーション応用

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    7th International Conference on Enterprise Information Systems(ICEIS-2005)    2005年03月  [査読有り]  [招待有り]

  • 自己制御型コンテンツのポリシーに基づく開発支援手法の提案

    松崎和賢, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2005 (JAWS2005) (2005).    2005年03月  [査読有り]  [招待有り]

  • サービス指向に基づいたマルチメディアコンテンツの自律的な流通と提供

    石川冬樹, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2005 (JAWS2005) (2005).    2005年03月  [査読有り]  [招待有り]

  • 契約による設計を用いたインタラクションの実装

    土肥拓生, 吉岡信和, 田原康之, 本位田真一

    合同エージェントワークショップ&シンポジウム2005 (JAWS2005) (2005).    2005年03月  [査読有り]  [招待有り]

  • Location Scope:ロケーションアウェアソフトウェア開発支援手法の提案

    松崎和賢, 吉岡信和, 本位田真一

    情報処理学会論文誌   ( Vol.46, No.12 ) 2925 - 2939  2005年03月  [査読有り]  [招待有り]

  • 分散システム開発におけるモデル検査への視覚的支援手法

    田原康之, 吉岡信和, 大須賀昭彦, 本位田真一

    情報処理学会論文誌   ( Vol.46, No.2 ) 459 - 469  2005年03月  [査読有り]  [招待有り]

  • モバイルエージェントによるバッテリ切れ避難システム:EASTER

    粂野文洋, 金子平祐, 吉岡信和, 深澤良彰, 本位田真一

    電子情報通信学会論文誌   D-I Vol.J88 ( No.9 ) 1388 - 1401  2005年03月  [査読有り]  [招待有り]

  • 階層構造制御に注目したモバイルエージェントフレームワークとそのマルチメディア応用

    石川 冬樹, 吉岡 信和, 田原 康之, 本位田 真一

    電子情報通信学会論文誌   ( Vol. J88-D-I No.9 ) 1402 - 1417  2005年03月  [査読有り]  [招待有り]

  • 階層構造制御に注目したモバイルエージェントフレームワークとそのマルチメディア応用

    石川冬樹, 吉岡信和, 田原康之, 本位田真一

    電子情報通信学会論文誌, 「ソフトウェアエージェントとその応用」特集号   VOL.J88-D1 ( No.9 ) 1402  2005年03月  [査読有り]  [招待有り]

  • インタラクション記述言語IOM/T

    土肥拓生, 吉岡信和, 田原康之, 本位田真一

    電子情報通信学会論文誌 「ソフトウェアエージェントとその応用」特集号   ( VOL.J88-D1, No.9 ) 1299 - 1311  2005年03月  [査読有り]  [招待有り]

  • ユビキタス情報システムのためのマルチエージェントフレームワーク: Mobeet

    Nobukazu Yoshioka, Akihiko Ohsuga, Shinichi Honiden,Mobeet

    LNCS 3508, Springer-Verlag     18 - 35  2005年03月  [査読有り]  [招待有り]

  • モバイルBPEL4WSプロセスのための形式モデル

    Fuyuki Ishikawa, Yasuyuki Tahara, Nobukazu Yoshioka, Shinichi Honiden

    International Journal of Business Process Integration and Management (IJBPIM).   Vol.1 ( Issue3 )  2005年03月  [査読有り]  [招待有り]

  • Mobile and cooperative compounds of multimedia services

    F Ishikawa, N Yoshioka, Y Tahara, S Honiden

    2005 IEEE International Conference on Services Computing, Vol 1, Proceedings     129 - 136  2005年  [査読有り]

     概要を見る

    This work proposes a novel model where multimedia contents with their related services (business processes and functions) are packaged together as mobile agents. This is intended to enable content providers both to encapsulate their contents and to provide value-added services, for flexible content editing, delivery, and presentation. In addition, agents encapsulating contents/services can contain other agents in themselves (synthesis of agents). A mobile agent compound integrating multiple contents/services can be thus dynamically formed, in which multiple agents work cooperatively and migrate together as a unit. This paper also describes our proposed MAFEH/WS framework for the model. Agents in the model can be developed by incorporating simple parameter settings for synthesis control into business process descriptions in BPEL4WS.

  • Flexible and maintainable contents activities in ubiquitous environment

    K Matsuzaki, N Yoshioka, S Honiden

    ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS 2005: OTM 2005 WORKSHOPS, PROCEEDINGS   3762   14 - 15  2005年  [査読有り]

     概要を見る

    In future ubiquitous environments, contents (data, movie, text, graphics, etc.) will be more sophisticated and context-aware so that they can enrich user experience. We have proposed the Active Contents (AC) framework, which is based on contents encapsulation with program and aspect definition to allow contents to behave actively. AC can be seen as a software component with several viewpoints of contributors (planner, designer, programmer, etc.). The problem is about maintainability of AC which is modified by the contributors based on their own viewpoints.
    In this position paper, we propose a mechanism to allow such contributors to modify AC with context-aware aspect. In our mechanism, based on location binding analysis for AC, parallel executions to be performed at a sepaxate location axe detected and automatically executed using workflow-aware communication.

    DOI

  • Using mobile agent for location-specific data retrieval in MANET

    K Tei, N Yoshioka, Y Fukazawa, S Honiden

    INTELLIGENCE IN COMMUNICATION SYSTEMS   190   157 - 168  2005年  [査読有り]

     概要を見る

    Location-specific data retrieval is an attractive application in a Mobile Ad-hoc Network (MANET). Simple solution for it is that an observer retrieves the data by geocasting from an observer node, but its overhead highly depends on location of the observer and the designated region. We propose a mobile agent approach. A mobile agent migrates from the observer node to a node in the designated region, retrieves data from there, and summarizes, filters, and compresses the retrieved data, This data is sent back to the observer, when the observer request. Since the data is retrieved by the mobile agent located near the data Sources, the data retrieval in the mobile agent approach would involve low overhead, even if the observer is far from the target region or moves around. In the MANET, however, even after the first migration; to stay near data Sources, a mobile agent should migrate to another node in response to node movements.. In this paper, we propose the Geographically Bound Mobile Agent (GBMA) which is a mobile agent that migrates to always be located in a designated region. Moreover, to clarify where the GBMA should be located and when the GBMA starts to migrate, we introduce two geographic zones: required zone and expected zone, Compared with the conventional methods with geocast or with a conventional mobile agent, the GBMA with these zones for retrieving location-specific data can reduce the total number of messages.

  • Mobeet: A multi-agent framework for ubiquitous information systems

    N Yoshioka, A Ohsuga, S Honiden

    AGENT-ORIENTED INFORMATION SYSTEMS II   3508   19 - 35  2005年

     概要を見る

    In recent years, the rapid development of network infrastructure and the spread of terminals capable of network access have made it possible to access networks at any place and at any time. Ubiquitous information systems, in which necessary information can be accessed easily and safely at any place, are becoming an important issue. It is, however, hard to design such distributed systems when the user uses many kinds of terminals and migrates with these. That is, traditional approaches to development of distributed systems have problems when the systems are used in a ubiquitous environment. This paper proposes a new framework for ubiquitous information systems. The framework includes three kinds of agents: User Interface Agents, Programmable Agents and Service Mediation Agents. We can easily design ubiquitous information systems by ensuring that these agents collaborate. In addition, in cases where distributed systems must be implemented on various networks and terminals, it gives a high degree of flexibility to the systems. We also evaluate the framework's flexibility.

  • Geographically bound mobile agent in MANET

    K Tei, N Yoshioka, Y Fukazawa, S Honiden

    PROCEEDINGS OF MOBIQUITOUS 2005     516 - 518  2005年  [査読有り]

     概要を見る

    A location-specific data retrieval, which is data retrieval from nodes in a designated region at the time, is an attractive application in a Mobile Ad-hon Network (MANET). However, almost all nodes in a MANET are powered by batteries, the location-specific data retrieval should involve a small number of messages. In this paper, we use a mobile agent to retrieve the location-specific data. A mobile agent migrates to a node in a designated region, and retrieves data from nodes in this region. Since, after migration, the agent can communicate with nodes in the designated region through low overhead short length hops, the mobile agent can retrieve data at low message cost for long periods, even if the owner of this agent moves around. However, even after migrating to node in the designated region, in order to stay near this region, a mobile agent should migrate to other nodes in response to the movement of the node hosting this agent. In this paper, we propose the Geographically Bound Mobile Agent (GBMA) which is a mobile agent that periodically migrates in order to always be located in a designated region. In order to clarify where the GBMA should be located and when the GBMA starts to migrate, two geographic zones are set to the GBMA: required zone and expected zone. The required zone ease tracking of the GBMA, and the expected zone ease adjustment of the GBMA migration timing.

    DOI

  • モバイルかつ協調的なマルチメディアサービスの合成

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    The 2005 IEEE International Conference on Services Computing (SCC2005)   I   129 - 136  2005年  [査読有り]  [招待有り]

    DOI

  • CAM法を用いた個人嗜好モデルに基づく商品推薦システム

    村上知子, 吉岡信和, 折原良平, 古川康一

    人工知能学会論文誌   20 ( 5 ) 346 - 355  2005年  [査読有り]  [招待有り]

    DOI CiNii

  • A multiagent framework for pervasive computing: The Mobeet framework

    N Yoshioka, A Ohsuga, S Honiden

    ELECTRICAL ENGINEERING IN JAPAN   149 ( 3 ) 49 - 64  2004年11月  [査読有り]

     概要を見る

    Pervasive computing is becoming a more important issue for open distributed systems. It is, however, hard to design such distributed systems when the user uses many kinds of terminals and migrates with these. This paper has proposed a new framework for pervasive computing. The framework includes three kinds of agents: User Interface Agents, Programmable Agents, and Service Mediation Agents. We can easily design a flexible distributed system by collaborating these agents. We also evaluate the framework from the flexibility point of view. (C) 2004 Wiley Periodicals, Inc.

  • Location-aware Application Development Methodology using Mobile Agent-based System

    K. Matsuzaki, N. Yoshioka, S. Honiden

    International Workshop on Mobility Aware Technologies and Applications (MATA2004), October 20-22, 2004 - Florian?polis, Brazil    2004年10月  [査読有り]

  • Security Patterns: A Method for Constructing Secure and Efficient Inter-Company Coordination Systems

    N. Yoshioka, S. Honiden, A. Finkelstein

    The 8th International IEEE Enterprise Distributed Object Computing Conference (EDOC 2004) 20-24 September 2004, Monterey, California, USA     84 - 97  2004年09月  [査読有り]

    DOI

  • Bridging the Gap between AUML and Implementation using FOPL

    Takuo Doi, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    Proc. of the Second International Workshop on Programming Multi-Agent Systems(ProMAS 2004)     69 - 78  2004年07月  [査読有り]

  • Behavior Descriptions of Mobile Agents for Web Services Integration

    Fuyuki Ishikawa, Yasuyuki Tahara, Nobukazu Yoshioka, Shinichi Honiden

    2004 IEEE International Conference on Web Services (ICWS 2004)     342 - 349  2004年07月  [査読有り]

    DOI

  • Toward Synthesis of Web Services and Mobile Agents

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    AAMAS'2004 Workshop on Web Services and Agent-based Engineering (WSABE2004)     48 - 55  2004年07月  [査読有り]

  • モバイルエージェントを用いたユビキタスアプリケーション開発法

    Kazutaka Matsuzaki, Nobukazu Yoshioka, Shinichi Honiden

    International Workshop on Ubiquitous Computing (IWUC 2004)    2004年04月  [査読有り]  [招待有り]

  • Ubiquitous Application Development using a Mobile Agent-based System

    K. Matsuzaki, N. Yoshioka, S. Honiden

    International Workshop on Ubiquitous Computing (IWUC 2004), April 13-14, 2004 - Porto, Portugal     204 - 212  2004年04月  [査読有り]

  • Mobile Agent System for Web Services Integration in Pervasive Networks

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    International Workshop on Ubiquitous Computing (IWUC 2004)     38 - 47  2004年04月  [査読有り]

  • ロジック書き換えパターンの検証方法の提案

    吉岡信和, 本位田真一

    ソフトウェア工学の基礎XI,日本ソフトウェア科学会    2004年03月  [査読有り]  [招待有り]

  • マルチメディアコンテンツ流通のためのモバイルエージェントのモデル駆動開発

    苅部卓哉, 吉岡信和, 田原康之, 本位田真一

    ソフトウェア工学の基礎XI,日本ソフトウェア科学会    2004年03月  [査読有り]  [招待有り]

  • マルチエージェントシステムのためのインタラクション主導開発におけるシステム分析

    土肥拓生, 吉岡信和, 田原康之, 本位田真一

    ソフトウェア工学の基礎XI,日本ソフトウェア科学会    2004年03月  [査読有り]  [招待有り]

  • 階層型モバイルエージェントの自律的な合成のための記述とその基板に関する検討

    石川冬樹, 田原康之, 吉岡信和, 本位田真一

    ソフトウェア工学の基礎XI,日本ソフトウェア科学会    2004年03月  [査読有り]  [招待有り]

  • P2Pグリッドにおけるモバイルエージェントを用いた生存性の高いサービスの構築

    鄭顕志, 吉岡信和, 深澤良彰, 本位田真一

    ソフトウェア工学の基礎XI,日本ソフトウェア科学会    2004年03月  [査読有り]  [招待有り]

  • 位置指向設計プロセス:モバイル環境における状況依存アプリケーションのアスペクト指向設計

    松崎和賢, 吉岡信和, 本位田真一

    ソフトウェア工学の基礎XI,日本ソフトウェア科学会    2004年03月  [査読有り]  [招待有り]

  • 位置情報を利用するエージェントのロケーション指向設計

    松崎和賢, 吉岡信和, 本位田真一

    エージェント合同シンポジウム(JAWS 2004)論文集    2004年03月  [査読有り]  [招待有り]

  • マルチエージェントシステムのインタラクション主導要求分析

    土肥拓生, 吉岡信和, 田原康之, 本位田真一

    エージェント合同シンポジウム(JAWS 2004)論文集    2004年03月  [査読有り]  [招待有り]

  • P2P グリッドにおけるサービスの効率的障害退避

    鄭顕志, 吉岡信和, 深澤良彰, 本位田真一

    エージェント合同シンポジウム(JAWS 2004)論文集    2004年03月  [査読有り]  [招待有り]

  • 階層型モバイルエージェントの合成における合意記述

    石川冬樹, 田原康之, 吉岡信和, 本位田真一

    エージェント合同シンポジウム(JAWS 2004)論文集    2004年03月  [査読有り]  [招待有り]

  • アクティブコンテンツ:コンテンツ流通のためのモバイルエージェントフレームワーク

    苅部卓哉, 吉岡信和, 田原康之, 本位田真一

    エージェント合同シンポジウム(JAWS 2004)論文集    2004年03月  [査読有り]  [招待有り]

  • モバイルエージェントを使ったLocation-awareアプリケーションの開発法

    Kazutaka Matsuzaki, Nobukazu Yoshioka, Shinichi Honiden

    Proc. of International Workshop on Mobility Aware Technologies and Applications (MATA2004), LNCS 3284     13 - 26  2004年03月  [査読有り]  [招待有り]

  • Webサービスとモバイルエージェントの統合

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    AAMAS'2004 Workshop on Web Services and Agent-based Engineering (WSABE) (2004).    2004年03月  [査読有り]  [招待有り]

  • IOM/TによるAUMLと実装のギャップの解決

    Takuo Doi, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    International Workshop on Programming Multi-Agent Systems(ProMAS 2004), LNAI 3346     147 - 162  2004年03月  [査読有り]  [招待有り]

  • Webサービス連携のためのモバイルエージェントのビヘイビア記述

    Fuyuki Ishikawa, Yasuyuki Tahara, Nobukazu Yoshioka, Shinichi Honiden

    2004 IEEE International Conference on Web Services (ICWS 2004)     342 - 349  2004年03月  [査読有り]  [招待有り]

  • Webサービス連携のためのモバイルエージェントシステム

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yasuyuki Tahara, Shinichi Honiden

    International Workshop on Ubiquitous Computing (IWUC 2004)    2004年03月  [査読有り]  [招待有り]

  • Webサービス連携のためのモバイルエージェント動作記述

    石川冬樹, 田原康之, 吉岡信和, 本位田真一

    情報処理学会論文誌   ( Vol.45 No.6 ) 1614 - 1629  2004年03月  [査読有り]  [招待有り]

  • パーベイシブネットワークにおけるWebサービス連携のためのモバイルエージェントシステム

    石川冬樹, 吉岡信和, 本位田真一

    電子情報通信学会論文誌   VOL.J87-D-I ( NO.7 ) 782 - 795  2004年03月  [査読有り]  [招待有り]

  • パーベイシブコンピューティングのためのマルチエージェントフレームワーク: Mobeetフレームワーク

    N. Yoshioka, A. Ohsuga, S. Honiden

    Electrical Engineering in Japan,John Wiley & Sons, Inc   ( Vol.149, Issue 3 ) 49 - 64  2004年03月  [査読有り]  [招待有り]

  • ユビキタス環境のためのエージェント指向ソフトウェアの開発と応用

    吉岡信和, 大須賀昭彦, 本位田真一

    システム/制御/情報   ( Vol.48, No.11 ) 22 - 27  2004年03月  [査読有り]  [招待有り]

    DOI

  • パターンに基づくモバイル環境のためのモバイルエージェントフレームワーク

    Nobukazu Yoshioka, Shinichi Honiden

    Proc. of International Workshop on Mobility Aware Technologies and Applications (MATA2004), LNCS 3284, Springer-Verlag,     369 - 380  2004年03月  [査読有り]  [招待有り]

  • パターンを用いたセキュアなモバイルエージェントシステム設計法

    吉岡信和, 田原康之, 大須賀昭彦, 本位田真一

    情報処理学会論文誌   ( Vol.45, No.3 ) 842 - 857  2004年03月  [査読有り]  [招待有り]

  • A pattern oriented mobile agent framework for mobile computing

    N Yoshioka, S Honiden

    MOBILITY AWARE TECHNOLOGIES AND APPLICATIONS, PROCEEDINGS   3284   369 - 380  2004年  [査読有り]

     概要を見る

    As a consequence of the increasing role of computers throughout society, computers, especially mobile devices, are used in diverse situations. Additionally, the computing environment is becoming more changeable. A network application coordinating mobile devices needs to be able to adapt to changes in the environments. In this paper, we propose a new architecture for mobile computing, which uses a mobile agent technology and adapts to changes flexibly. The framework splits the specification of an application into network environments, coordination logic and patterns. Patterns are applied to the coordination logic in order to derive appropriate behaviors automatically.

  • モバイルエージェントによる動的環境下のサービス利用の効率的実現手法

    松崎和賢, 吉岡信和, 本位田真一

    人工知能学会誌   19 ( 4 ) 311 - 321  2004年  [査読有り]  [招待有り]

    DOI

  • 高安全モバイルエージェントシステムアーキテクチャ

    岡宅泰邦, 奥冨秀俊, 大岸伸之, 吉岡信和, 本位田真一

    電気学会論文誌   124 ( 1 ) 56 - 63  2004年  [査読有り]  [招待有り]

    DOI

  • ユビキタスネットワークに対応した動的パターン適用に基づくモバイルエージェントシステム構築法

    吉岡信和, 本位田真一

    IEEE Computer Society, 情報処理学会論文誌   ( Vol.45, No.1 ) 12 - 23  2004年01月  [査読有り]  [招待有り]

  • An authentication architecture for collaboration among agents in ad hoc networks

    Y Okataku, N Yoshioka, S Honiden

    ELECTRONICS AND COMMUNICATIONS IN JAPAN PART I-COMMUNICATIONS   87 ( 5 ) 11 - 19  2004年  [査読有り]  [招待有り]

     概要を見る

    This paper proposes an authentication architecture for collaboration among agents in a network environment without security assurance. The architecture requires that there should exist at least one secure node (oasis node). The oasis node generates the same number of authentication codes as the number of objects of authentication, using random numbers and agent information, and distributes the codes among the agents. The agents gather at the specified oasis node and obtain verification by the oasis node, based on the distributed random value and the authentication code. In the authentication architecture proposed in this paper, the random number and the authentication code are publicized information which can be compromised by eavesdropping. But the algorithm for generation and verification of the authentication code is not publicized. The architecture is suited for handling authentication processing in ad hoc collaboration among an unspecified number of agents. (C) 2004 Wiley Periodicals, Inc. Electron Comm Jpn Pt 1, 87(5): 11-19, 2004; Published online in Wiley InterScience (www.interscience.wiley.com). DOI 10.1002/ ecja.10165.

    DOI

  • A Security Architecture for Collaboration Among Many and Unspecified Agents

    Y. Ohtsuka, H. Okutomi, N. Yoshioka, S. Honiden

    8th International Workshop on Mobile Multimedia Communications (MoMuC2003), Oct.6-8, 2003, Munich, Germany    2003年10月  [査読有り]

  • Ambient Calculusに基づくアクティブコンテンツの形式モデル

    Y. Tahara, N. Yoshioka, S. Honiden

    Proc. of 5th International Workshop on Mobile Agents for Telecommunication Applications (MATA’03), LNCS 2881     132 - 141  2003年10月  [査読有り]  [招待有り]

  • パターンを利用したセキュアかつ効率的なモバイルエージェントアプリケーション開発

    田原康之, 吉岡信和, 大須賀昭彦, 本位田真一

    情報処理学会論文誌   ( Vol. 44, No.6 ) 1483 - 1497  2003年06月  [査読有り]  [招待有り]

  • Webサービス連携のためのモバイルエージェント動作記述

    石川冬樹, 田原康之, 吉岡信和, 本位田真一

    ソフトウェア工学の基礎X,日本ソフトウェア科学会    2003年03月  [査読有り]  [招待有り]

  • エージェントのペアリングによる再利用性と動的環境適応性を考慮に入れた記述分離

    松崎和賢, 吉岡信和, 本位田真一

    ソフトウェア工学の基礎X,日本ソフトウェア科学会    2003年03月  [査読有り]  [招待有り]

  • UMLを用いたセキュアなアプリケーション開発のための支援手法

    苅部卓哉, 吉岡信和, 本位田真一

    ソフトウェア工学の基礎X,日本ソフトウェア科学会    2003年03月  [査読有り]  [招待有り]

  • エージェント間プロトコル記述言語FOPLの提案

    土肥拓生, 吉岡信和, 本位田真一

    ソフトウェア工学の基礎X,日本ソフトウェア科学会    2003年03月  [査読有り]  [招待有り]

  • モバイルエージェントによる柔軟なコンテンツ流通を実現するアクティブコンテンツ

    吉岡信和, 田原康之, 本位田真一

    ソフトウェア工学の基礎X,日本ソフトウェア科学会    2003年03月  [査読有り]  [招待有り]

  • モバイルエージェントによるデジタルコンテンツ流通

    苅部卓哉, 吉岡信和, 田原康之, 本位田真一

    エージェント合同シンポジウム(JAWS 2003)論文集    2003年03月  [査読有り]  [招待有り]

  • モバイルエージェントによるWeb サービス連携モデル

    石川冬樹, 吉岡信和, 田原康之, 本位田真一

    エージェント合同シンポジウム(JAWS 2003)論文集    2003年03月  [査読有り]  [招待有り]

  • インタラクションプロトコル記述言語FOPL

    土肥拓生, 吉岡信和, 田原康之, 本位田真一

    エージェント合同シンポジウム(JAWS 2003)論文集    2003年03月  [査読有り]  [招待有り]

  • アドホックなサービス利用を援するエージェントプラットフォーム拡張の提案

    松崎和賢, 吉岡信和, 田原康之, 本位田真一

    エージェント合同シンポジウム (JAWS 2003) 論文集    2003年03月  [査読有り]  [招待有り]

  • モバイルエージェントを用いた小規模Grid 構築

    鄭顕志, 吉岡信和, 本位田真一, 深澤良彰

    エージェント合同シンポジウム(JAWS 2003)論文集    2003年03月  [査読有り]  [招待有り]

  • パーベイシブネットワークにおけるWebサービス連携のためのモバイルエージェントシステム

    石川冬樹, 吉岡信和, 本位田真一

    オブジェクト指向シンポジウム2003    2003年03月  [査読有り]  [招待有り]

  • バッテリー切れを考慮したモバイルエージェントを使ったシステム退避システム: Easter

    H. Kaneko, Y. Fukazawa, F. Kumeno, N. Yoshioka, S. Honiden

    不明    2003年03月  [査読有り]  [招待有り]

  • 不特定多数のエージェントの協調のためのセキュリティアーキテクチャ

    Y. Okataku, H. Okutomi, N. Ohgishi, N. Yoshioka, S. Honiden

    8th International Workshop on Mobile Multimedia Communications, (2003).    2003年03月  [査読有り]  [招待有り]

  • アドホックネットワークにおけるエージェント間共同作業のための認証機構

    岡宅泰邦, 吉岡信和, 本位田真一

    電子情報通信学会論文誌   ( Vol.J86-B, No.3 ) 419 - 427  2003年03月  [査読有り]  [招待有り]

  • モバイルエージェントによる柔軟なコンテンツ流通を実現するアクティブコンテンツ

    吉岡信和, 田原康之, 本位田真一

    情報処理学会論文誌:データベース   ( Vol.44, No.SIG 18 ) 45 - 57  2003年03月  [査読有り]  [招待有り]

  • Mobile agent based evacuation system when the battery runs out: EASTER

    H Kaneko, Y Fukazawa, F Kumeno, N Yoshioka, S Honiden

    PROCEEDINGS OF THE FIRST IEEE INTERNATIONAL CONFERENCE ON PERVASIVE COMPUTING AND COMMUNICATIONS (PERCOM 2003)     460 - 469  2003年  [査読有り]

     概要を見る

    As mobile computing becomes common, the battery issue of mobile computing devices has become increasingly notable. To this end, research and development of various power-conservation devices and methods are actively taking place. However, the conventional method of extending the battery life through power-conservation can never prevent the unintentional shutdowns of applications due to the dead battery. This research aims to realize the evacuation of applications on a mobile computing device to another device before the battery runs out by creating the application as a mobile agent Particularly, by introducing the concept of the Crisis Management Center dynamic and smooth evacuation of multiple application agents will become possible. This paper explains and verifies the effectiveness of the EASTER (Escape Agent System from dying batTERy), a system developed for the purpose of recovering the applications when a battery is running out through the use of mobile agent system.

  • A formal model of active contents based on the ambient calculus

    Y Tahara, N Yoshioka, S Honiden

    MOBILE AGENTS FOR TELECOMMUNICATION APPLICATIONS, PROCEEDINGS   2881   132 - 141  2003年  [査読有り]

     概要を見る

    The recent innovation of telecommunication and networking technology is enabling easy and flexible distribution of digital multimedia contents. However, such rapid progress has brought about various problems on intellectual properties and security. We are investigating a technique to solve the problem called active contents based on hierarchical structures of mobile agents. The agents work as wrappers of contents and can easily manage the policies for contents distribution. In this paper, we give a formal model of active contents in order to establish rigorous foundations for the active contents technique, especially the system of the policy control mechanisms. Using the model, we can verify if the behaviors of the active contents satisfy the given policies or not. An example of the redistribution prohibition policy illustrates how the verification works.

  • MIC方式を用いたモバイル環境に適したエージェントの多重管理方式の提案

    岡宅泰邦, 吉岡信和, 本位田真一

    電気学会論文誌   123 ( 4 ) 670 - 676  2003年  [査読有り]  [招待有り]

    DOI CiNii

  • パーベイシブ・コンピューティングのためのマルチエージェントフレームワーク: Mobeet

    吉岡信和, 大須賀昭彦, 本位田真一

    電気学会論文誌C   123 ( 8 ) 1473 - 1485  2003年  [査読有り]  [招待有り]

    DOI

  • PCクラスタ対応マルチエージェントフレームワーク

    吉岡信和, 鄭顕志, 深澤良彰, 本位田真一

    合同エージェントワークショップ&シンポジウム(JAWS2002)     119 - 130  2002年11月  [査読有り]

  • Evaluation of a multi agent framework for open distributed systems

    N Yoshioka, T Kawamura, A Ohsuga, S Honiden

    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E85A ( 11 ) 2396 - 2406  2002年11月  [査読有り]

     概要を見る

    Interoperability between different systems is becoming a more important issue for open distributed systems. In this paper, we investigate what kind of framework we need for constructing open distributed systems. Firstly, we enumerate the features and functions which the framework should have. We then evaluate a proposed multi-agent framework, Bee-gent, by using a typical example of open distributed systems. Lastly, we show clearly what is required for such a framework.

  • オープン分散システムのためのマルチエージェントフレームワークの評価

    Nobukazu Yoshioka, Takahiro Kawamura, Akihiko Ohsuga, Shinichi Honiden

    IEICE TRANS. FUNDAMETALS   VOL.E85-A ( NO.11 ) 2396 - 2406  2002年11月  [査読有り]  [招待有り]

  • Pattern based Design for Secure and Safe Mobile Agent Systems

    N. Yoshioka, Y. Tahara, S. Honiden, A. Ohsuga

    Artificial and Computational Intelligence (ACI 2002)     365 - 117  2002年09月

  • 携帯電話アプリケーション開発のためのスクリプトシステムの提案

    直原正樹, 吉岡信和, 深澤良彰, 本位田真一

    エージェント合同シンポジウム (JAWS 2002)論文集     461 - 462  2002年03月  [査読有り]  [招待有り]

  • モバイル端末連携支援Bee-gent 拡張フレームワーク

    松崎和賢, 吉岡信和, 本位田真一

    エージェント合同シンポジウム(JAWS 2002)論文集     321 - 322  2002年03月  [査読有り]  [招待有り]

  • Webサービス連携エージェントのためのビヘイビアルール記述言語

    石川冬樹, 吉岡信和, 本位田真一

    エージェント合同シンポジウム (JAWS 2002)論文集     353 - 363  2002年03月  [査読有り]  [招待有り]

  • モバイルエージェントによるバッテリ切れ避難システム : Easter

    金子平祐, 深澤良彰, 粂野文洋, 吉岡信和, 本位田真一

    エージェント合同シンポジウム(JAWS 2002)論文集     314 - 320  2002年03月  [査読有り]  [招待有り]

  • パターンを利用したセキュアかつ効率的なモバイルエージェントアプリケーション開発

    田原康之, 吉岡信和, 大須賀昭彦, 本位田真一

    情報処理学会     43 - 50  2002年03月  [査読有り]  [招待有り]

  • PCクラスタに対応したマルチエージェントシステムの提案

    吉岡信和, 鄭顕志, 深澤良彰, 本位田真一

    エージェント合同シンポジウム (JAWS 2002)論文集     353 - 363  2002年03月  [査読有り]  [招待有り]

  • セキュリティとセーフティのためのパターンに基づくモバイルエージェント設計法

    Yoshioka, Tahara, Ohsuga, Honiden

    ACI 2002, Proc. of IASTED (2002).    2002年03月  [査読有り]  [招待有り]

  • Secure and Efficient Mobile Agent Application Reuse Using Patterns

    Yasuyuki Tahara, Nobukazu Yoshioka, Akihiko Ohsuga, Shinichi Honiden

    Proceedings of the 2001 symposium on Software reusability: putting software reuse in context     78 - 85  2001年05月  [査読有り]

  • パターンを使った安全で効率のよいモバイルエージェントアプリケーションの再利用

    Yasuyuki Tahara, Nobukazu Yoshioka, Akihiko Ohsuga

    ACM SIGSOFT Software Engineering Notes   ( Volume 26 , Issue 3 ) 78 - 85  2001年03月  [査読有り]  [招待有り]

  • モバイルエージェントのためのセキュリティ

    Yoshioka, Tahara, Ohsuga, Honiden

    AGENT-ORIENTED SOFTWARE ENGINEERING   1957 ( LNCS No.1957 ) 223 - 234  2001年  [査読有り]  [招待有り]

    DOI

  • セーフティ・セキュリティを考慮したモバイルエージェントの開発法,オブジェクト指向シンポジウム2000

    吉岡信和, 田原康之, 大須賀昭彦, 本位田真一

    情報処理学会     33 - 40  2000年03月  [査読有り]  [招待有り]

  • A Methodology for Safety of Mobile Agents, Proc. of MAMA'2000 held at the ISA 2000.

    Yoshioka, Tahara, Ohsuga, Honiden

    不明    2000年03月  [査読有り]  [招待有り]

  • A Methodology For Safety Of Mobile Agents

    N. Yoshioka, Y. Tahara, A. Ohsuga, S. Honiden

    International ICSC Symposium on Multi-Agents and Mobile Agents in Virtual Organizations and E-Commerce (MAMA'2000)    2000年  [査読有り]

  • 抽象解釈を用いたプログラムの段階的具象化法

    Nobukazu Yoshioka, Masato Suzuki, Takuya Katayama

    IWSSD'98     126 - 134  1998年03月  [査読有り]  [招待有り]

  • 抽象解釈を用いたプログラムの段階的具象化法,ソフトウェア工学の基礎III

    吉岡信和, 鈴木正人, 片山卓也

    日本ソフトウェア科学会    1996年03月  [査読有り]  [招待有り]

  • セキュリティを考慮したモバイルエージェントシステム構築法

    吉岡信和, 大須賀昭彦, 田原康之, 本位田真一

    情報処理学会論文誌掲載予定    [査読有り]

▼全件表示

書籍等出版物

  • CC-Case: Safety & Security Engineering Methodology for AI/IoT

    Tomoko Kaneko, Nobukazu Yoshioka( 担当: 共著)

    Nova Science Publishers  2020年07月

  • Assessing Security and Privacy Behavioural Risks for Self-Protection Systems

    Yijun Yu, Nobukazu Yoshioka, Tetsuo Tamai( 担当: 共著)

    Springer  2019年01月

  • Education of Scientific Approaches to Trustworthy Systems for Industry - After 10 Years

    Fuyuki Ishikawa, Nobukazu Yoshioka, Yoshinori Tanabe( 担当: 共著)

    CRC Press  2016年09月

  • Three Misuse Patterns for Cloud Computing

    Keiko Hashizume, Nobukazu Yoshioka, Eduardo B. Fernandez( 担当: 共著)

    IGI Global  2012年09月

  • アカデミッククラウド調査報告書2012

    吉岡信和, 棟朝雅晴, 本橋賢二, 西村一彦, 谷沢智史, 横山重俊( 担当: 共著)

    (株)インプレスR&D  2012年08月

  • Security Patterns: Comparing Modeling Approaches

    A. Bandara, S. Hayashi, J. Jurjens, H. Kaiya, A. Kubo, R. Laney, H. Mouratidis, A. Nhlabatsi, B. Nuseibeh, H. Shinpei, Y. Tahara, T. Tun, H. Washizaki, N. Yoshioka, Y. Yu

    Information Science Reference  2010年09月

  • Using security patterns to develop secure systems

    E.B. Fernandez, N. Yoshioka, H. Washizaki, J. Jurjens, M. VanHilst, G. Pernul

    Information Science Reference  2010年09月

  • XAC Project: Towards a Middleware for Open Wireless Sensor Networks

    Kenji Tei, Shunichiro Suenaga, Yoshiyuki Nakamura, Yuichi Sei, Hikotoshi Nakazato, Yoichi Kaneki, Nobukazu Yoshioka, Yoshiaki Fukazawa, Shinichi Honiden

    Information Science Publishing  2010年03月

  • SPINによる設計モデル検証?モデル検査の実践ソフトウェア検証

    吉岡信和, 青木利晃, 田原康之

    近代科学社  2008年09月 ISBN: 4764903547

  • 考えるコンテンツ 「スマーティブ」,丸善ライブラリー374 ,丸善,ISBN 4-621-05374-4 (2005)

    本位田真一, 吉岡信和, 由利伸子

    丸善株式会社  2005年03月

▼全件表示

Misc

  • STAMP S&S システム理論によるセーフティ・セキュリティ統合リスク分析

    金子朋子, 林浩史, 高橋雄志, 吉岡信和, 大久保隆夫, 佐々木良一

    コンピュータセキュリティシンポジウム 2019     41 - 47  2019年10月

    研究発表ペーパー・要旨(全国大会,その他学術会議)  

  • イベント割込みによる業務プロセスの伝票不整合リスクの改善手法

    河本高文, 二木厚吉, 吉岡信和

    コンピュータセキュリティシンポジウム 2019     1 - 8  2019年10月

    研究発表ペーパー・要旨(全国大会,その他学術会議)  

  • ソフトウェアセキュリティ知識ベースを用いた要求分析及び設計における知識提示手法の開発とケーススタディによる評価

    山田侑樹, 櫨山淳雄, 吉岡信和

    電子情報通信学会技術研究報告知能ソフトウェア工学   118 ( 463 ) 51 - 56  2019年03月

  • ICSE 2018 参加報告

    吉岡信和, 鵜林尚靖, 石川冬樹, 鄭顕志, 鷲崎弘宜

    コンピュータソフトウェア    2019年01月  [査読有り]  [招待有り]

    会議報告等  

  • 機械学習応用システムのセキュリティとプライバシ

    吉岡 信和

    情報処理   60 ( 1 ) 34 - 39  2018年12月  [招待有り]

    記事・総説・解説・論説等(学術雑誌)  

  • セキュリティパターン研究の分類体系と文献調査

    鷲崎弘宜, XIA Tian, 鎌田夏実, 大久保隆夫, 小形真平, 海谷治彦, 加藤岳久, 鹿糠秀行, 田中昂文, 櫨山淳雄, 山本暖, 吉岡信和, 吉野雅之

    情報処理学会研究報告(Web)   2018 ( SE-198 ) Vol.2018‐SE‐198,No.25,1‐7 (WEB ONLY)  2018年03月

    J-GLOBAL

  • ソフトウェアセキュリティ知識ベースを活用したセキュリティ要求分析からセキュリティ設計を支援するシステムの開発

    宮原光, 櫨山淳雄, 田中昂文, 鷲崎弘宜, 海谷治彦, 大久保隆夫, 吉岡信和

    電子情報通信学会技術研究報告   117 ( 465(KBSE2017 39-63) ) 67‐72  2018年02月

    J-GLOBAL

  • 特集「実践的IT教育」の編集にあたって

    鵜林 尚靖, 吉田 則裕, 井垣 宏, 大久保 隆夫, 大場 みち子, 粂野 文洋, 森本 千佳子, 吉岡 信和

    コンピュータ ソフトウェア   35 ( 1 ) 1_2 - 1_2  2018年

    DOI CiNii

  • ER 2016参加報告

    中川 博之, 小林 努, 林 晋平, 吉岡 信和, 鵜林 尚靖

    コンピュータソフトウェア   34 ( 3 ) 75 - 80  2017年08月  [査読有り]  [招待有り]

    会議報告等  

  • セキュリティ要求分析・保証の統合手法CC‐Caseの有効性評価実験

    金子朋子, 高橋雄志, 勅使河原可海, 吉岡信和, 山本修一郎, 大久保隆夫, 田中英彦

    情報処理学会研究報告(Web)   2017 ( CDS-19 ) Vol.2017‐CDS‐19,No.16,1‐8 (WEB ONLY)  2017年05月

    J-GLOBAL

  • ソフトウェアセキュリティ知識ベースを活用したセキュリティ要求分析からセキュリティ設計を支援するシステムの提案

    櫨山淳雄, 宮原光, 田中昂文, 橋浦弘明, 鷲崎弘宜, 吉岡信和, 海谷治彦, 大久保隆夫

    情報処理学会全国大会講演論文集   79th ( 1 ) 1.335‐1.336  2017年03月

    J-GLOBAL

  • プライバシーを考慮したソフトウェア開発技術の文献に基づく動向調査

    櫨山淳雄, 鷲崎弘宜, 吉岡信和, 海谷治彦, 大久保隆夫

    人工知能学会第18回知識流通ネットワーク研究会    2016年03月

  • Overlay Cloudで構成するDistributed Cloud : nano cloudとmicro cloudとmega cloudをつなぐ (サービスコンピューティング)

    横山 重俊, 政谷 好伸, 吉岡 信和

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 236 ) 23 - 26  2015年10月

    CiNii

  • 形式検証を用いた攻撃分析フレームワークの提案

    大久保 隆夫, 海谷 治彦, 鷲崎 弘宣, 吉岡 信和

    コンピュータセキュリティシンポジウム2015    2015年10月

    研究発表ペーパー・要旨(全国大会,その他学術会議)  

  • クラウドサービスの開発と運用においてセキュリティとプライバシを扱うためのメタモデル

    鷲崎 弘宜, 福本 創太, 山本 美聡, 芳澤 正敏, 大久保 隆夫, 小形 真平, 海谷 治彦, 加藤 岳久, 櫨山 淳雄, 吉岡 信和

    コンピュータセキュリティシンポジウム2015    2015年10月

    研究発表ペーパー・要旨(全国大会,その他学術会議)  

  • Overlay Cloudで構成する論文再現環境

    横山重俊, 政谷好伸, 小笠原理, 大田達郎, 吉岡信和, 合田憲人

    情報処理学会研究報告(Web)   2015 ( IOT-31 ) VOL.2015-IOT-31,NO.1 (WEB ONLY)  2015年09月

    J-GLOBAL

  • セキュリティ, プライバシー向け共通問題EMSsecの提案

    大久保隆夫, 海谷治彦, 鷲崎弘宣, 小形真平, 柿崎淑郎, 櫨山淳雄, 吉岡信和

    電子情報通信学会技術研究報告知能ソフトウェア工学   ( KBSE2015-15 ) 69 - 74  2015年07月

  • Overlay Cloudで構成するWebサービスバックアップサイト構築例

    横山重俊, 政谷好伸, 吉岡信和, 合田憲人

    情報処理学会研究報告(Web)   2015 ( IOT-30 ) VOL.2015-IOT-30,NO.12 (WEB ONLY)  2015年06月

    J-GLOBAL

  • Overlay Cloudで構成するインタークラウド環境

    横山重俊, 政谷好伸, 吉岡信和, 合田憲人

    電子情報通信学会 サービスコンピューティング研究会    2015年06月

    研究発表ペーパー・要旨(全国大会,その他学術会議)  

  • 広大な「マップ」を活用したクラウド監視システム改善のための参照ログ解析

    谷沢智史, 中川晋吾, 金指文明, 西村一彦, 長久 勝, 政谷好伸, 横山重俊, 吉岡信和

    電子情報通信学会 サービスコンピューティング研究会    2015年06月

    研究発表ペーパー・要旨(全国大会,その他学術会議)  

  • Enlightening Test-Driven with Formal, Formal with Test-Driven through Spec-Test-Go-Round

    Fuyuki Ishikawa, Takuo Doi, Kazunori Sakamoto, Nobukazu Yoshioka, Yoshinori Tanabe

    Technical Report, GRACE Center, National Institute of Informatics   ( GRACE-TR-2015-05 ) 1 - 17  2015年06月

    機関テクニカルレポート,技術報告書,プレプリント等  

  • ソフトウェアセキュリティ知識ベースを活用したセキュアなソフトウェア開発事例ベースの提案

    櫨山淳雄, 齊藤大仁, 吉岡信和, 小橋孝紀, 鷲崎弘宜, 海谷治彦, 大久保隆夫

    情報処理学会全国大会講演論文集   77th ( 1 ) 1.185-1.186  2015年03月

    J-GLOBAL

  • ソフトウェアセキュリティ知識を活用したセキュアなソフトウェア開発のための事例ベース管理システムの開発

    齊藤大仁, 櫨山淳雄, 吉岡信和, 小橋孝紀, 鷲崎弘宜, 海谷治彦, 大久保隆夫

    電子情報通信学会技術研究報告   114 ( 501(KBSE2014 52-64) ) 31 - 36  2015年02月

    J-GLOBAL

  • D-9-25 ミニプログを利用した避難行動推薦(2) : 自己適応システム技術の適用(D-9.ライフインテリジェンスとオフィス情報システム,一般セッション)

    田原 康之, 大須賀 昭彦, 川村 隆浩, 清 雄一, 中川 博之, 吉岡 信和, 松本 一教, 一色 正男

    電子情報通信学会総合大会講演論文集   2015 ( 1 ) 142 - 142  2015年02月

    CiNii

  • ミニブログを利用した避難行動推薦(2)―自己適応システム技術の適用―

    田原康之, 大須賀昭彦, 川村隆浩, 清雄一, 中川博之, 吉岡信和, 松本一教, 一色正男

    電子情報通信学会大会講演論文集(CD-ROM)   2015   ROMBUNNO.D-9-25  2015年02月

    J-GLOBAL

  • ミニブログを利用した避難行動推薦(3)―プライバシ保護データマイニングの適用―

    清雄一, 大須賀昭彦, 田原康之, 川村隆浩, 中川博之, 吉岡信和, 松本一教, 一色正男

    電子情報通信学会大会講演論文集(CD-ROM)   2015   ROMBUNNO.D-9-26  2015年02月

    J-GLOBAL

  • ミニブログを利用した避難行動推薦(1)―システム概要―

    大須賀昭彦, 田原康之, 川村隆浩, 清雄一, 中川博之, 吉岡信和, 松本一教, 一色正男

    電子情報通信学会大会講演論文集(CD-ROM)   2015   ROMBUNNO.D-9-24  2015年02月

    J-GLOBAL

  • BP-2-5 インタークラウドのオンデマンド構築にむけて(BP-2.Application-Driven Software Defined Infrastructureを実現する技術とその応用,パネルセッション,ソサイエティ企画)

    合田 憲人, 横山 重俊, 政谷 好伸, 吉岡 信和, 漆谷 重雄

    電子情報通信学会総合大会講演論文集   2015 ( 2 ) "SS - 11"-"SS-12"  2015年02月

    CiNii

  • インタークラウドのオンデマンド構築にむけて

    合田憲人, 横山重俊, 政谷好伸, 吉岡信和, 漆谷重雄

    電子情報通信学会大会講演論文集(CD-ROM)   2015   ROMBUNNO.BP-2-5  2015年02月

    J-GLOBAL

  • ソフトウェアセキュリティ知識ベースを活用したセキュアなWebアプリケーション開発事例ベースの試作

    櫨山淳雄, 齊藤大仁, 吉岡信和, 熊谷梓, 小橋孝紀, 鷲崎弘宜, 海谷治彦, 大久保隆夫

    電子情報通信学会技術研究報告   114 ( 420(KBSE2014 39-51) ) 49 - 54  2015年01月

    J-GLOBAL

  • クラウド監視「マップ」の参照ログ解析による改善の試み

    谷沢智史, 中川晋吾, 金指文明, 西村一彦, 長久勝, 政谷好伸, 横山重俊, 吉岡信和

    電子情報通信学会技術研究報告   115 ( 72(SC2015 1-8) )  2015年

    J-GLOBAL

  • シーケンス図を用いたモデル検査支援ツール

    後藤 隼弐, 吉岡 信和

    日本ソフトウェア科学会大会論文集   31   304 - 321  2014年09月

    CiNii

  • ビブリオ・トーク -私のオススメ-:ピープルウエア 第3版 -ヤル気こそプロジェクト成功の鍵

    吉岡 信和

    情報処理   55 ( 10 ) 1128 - 1129  2014年09月  [招待有り]

    書評論文,書評,文献紹介等  

  • MASG: Advanced Misuse Case Analysis Model with Assets and Security Goals

    Takao Okubo, Kenji Taguchi, Haruhiko Kaiya, Nobukazu Yoshioka

    情報処理学会論文誌   55 ( 5 )  2014年05月

     概要を見る

    Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.3 (online)DOI http://dx.doi.org/10.2197/ipsjjip.22.536------------------------------Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.22(2014) No.3 (online)DOI http://dx.doi.org/10.2197/ipsjjip.22.536------------------------------

    CiNii

  • 『研究会温故知新シリーズ』ー研究会の30年をふりかえってー

    吉岡 信和

    コンピュータソフトウェア   31 ( 4 ) 19 - 22  2014年05月  [招待有り]

    記事・総説・解説・論説等(学術雑誌)  

  • アカデミックインタークラウドの構想 (サービスコンピューティング)

    合田 憲人, 横山 重俊, 吉岡 信和, 山中 顕次郎, 長久 勝, 青木 道宏, 阿部 俊二, 漆谷 重雄

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 376 ) 1 - 6  2014年01月

     概要を見る

    クラウドコンピューティングの普及により,学術機関においてもパブリッククラウドや大学が運用するプライベートクラウドを利用する機会が増えている.本稿では,著者らが検討を進めているアカデミックインタークラウドの構想について述べる.本アカデミックインタークラウドでは,大学が運用するプライベートクラウド群と大学間共通の資源として利用可能なクラウド基盤を高性能かつ安全なネットワークにより接続するとともに,クラウド間で計算資源を連携・共有するためのサービスを提供することにより,高度な研究教育支援を実現する.

    CiNii

  • プライバシー要求工学の概要と展望

    吉岡 信和

      54 ( 11 ) 1115 - 1120  2013年10月  [招待有り]

    記事・総説・解説・論説等(学術雑誌)  

  • 割り込み処理に着目した組込みソフトウェアへのモデル検査適用の検討 (知能ソフトウェア工学)

    佐々木 隆益, 吉岡 信和, 田原 康之, 大須賀 昭彦

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   113 ( 215 ) 19 - 24  2013年09月

     概要を見る

    組み込み製品において,不適切な割り込み処理による不具合をテストで検出するのは再現性がなく困難である.これに関しては,モデル検査技術による解決の可能性がある.しかしながら,割り込みのようなハードウェアに依存したシステムにおけるモデル検査の効率的でかつ実践可能な手法の提案は少ない.本研究では,ハードウェアを含めたシステムモデリングの必要性を明らかにし,Promelaによる割り込みのフレームワークを提案する.また提案手法を用いることで,ハードウェアやモデル検査について熟知していない一般ソフトウェアエンジニアでも,効率的にハードウェアを含めたシステムのモデル検査が可能なことをARPプロトコルの振る舞いに適用し確認した.

    CiNii

  • FMEAとモデル検査を組合せた高信頼設計プロセスの提案

    若林 昇, 吉岡 信和

    日本ソフトウェア科学会大会論文集   30   265 - 273  2013年09月

    CiNii

  • クラウドソフトウェアの継続的デリバリについて

    横山 重俊, 吉岡 信和

    ウィンターワークショップ2013・イン・那須 論文集   ( 2013 ) 71 - 72  2013年01月

    CiNii

  • 私物デバイスの業務活用におけるセキュリティ要求変化予測法

    鈴木 祐司, 海谷 治彦, 小形 真平, 大久保 隆夫, 金谷 延幸, 吉岡 信和

    電子情報通信学会技術研究報告. KBSE, 知能ソフトウェア工学   112 ( 314 ) 55 - 60  2012年11月

    CiNii

  • プライベートクラウド監視アーキテクチャの提案

    谷沢智史, 西村一彦, 長久勝, 横山重俊, 吉岡信和

    電子情報通信学会技術研究報告   112 ( 77(SC2012 1-4) ) 1 - 6  2012年06月

     概要を見る

    国立情報学研究所では「思う存分自分のアイデアを試せるIT実験室」をコンセプトに,プライベートクラウドedubase Cloudを開発し,教育関係者に向けて提供を行なっている.このedubase Cloudの運用を行う中で,以下のような問題点が明らかになってきた.(1)システムを構成するハードウェア,ソフトウェアが提供する監視サービスはそれぞれ別々のソフトウェアとして提供されており,システム全体の統合的な監視,管理が困難である.(2)監視すべき内容は観点(利用普及の観点や,システム運用の観点)により様々であるため,表示形態などあらかじめ決定することが困難である.本講演では,これらの問題を解決するための監視アーキテクチャを提案し,試作したツールを紹介する.

    CiNii J-GLOBAL

  • IT技術者育成のためのクラウドコンピューティング基盤 (ICTの高度化による先進的学習支援に向けて : 技術と人間の共生を目指して)

    横山 重俊, 桑田 喜隆, 吉岡 信和

    教育システム情報学会研究報告   26 ( 7 ) 161 - 168  2012年03月

    CiNii

  • 物理・仮想マシンの統一的なクラスタ管理フレームワーク:dodai

    横山重俊, 長久勝, 吉岡信和

    情報処理学会シンポジウム論文集   2012 ( 1 ) 29 - 30  2012年01月

    J-GLOBAL

  • クラウドコンピューティングで変わる大学のIT活用

    吉岡 信和

    医学図書館   59 ( 4 ) 207 - 211  2012年  [招待有り]

    速報,短報,研究ノート等(学術雑誌)  

  • 教育・研究のためのクラウド基盤:edubase Cloud

    吉岡信和, 長久勝, 横山重俊, 本位田真一

    全国共同利用情報基盤センター研究開発論文集   ( 33 ) 115 - 119  2011年11月

    J-GLOBAL

  • セキュリティの知識を共有するセキュリティパターン

    吉岡 信和

    情報処理学会, 情報処理   52 ( 9 ) 1134 - 1139  2011年09月  [招待有り]

    記事・総説・解説・論説等(学術雑誌)  

  • Amazon事例,国内新サービスから学ぶ クラウド時代のシステム管理実践基礎知識 設定作業/ロードバランサ/サーバ監視...第7章 クラウドが向かう先 クラウド間相互連携,グリッド連携...

    吉岡信和, 横山重俊, 西村一彦, KARANJIT Prabin

    Softw Des   ( 241 ) 55 - 59  2010年11月

    J-GLOBAL

  • ディペンダビリティ確保にむけたアスペクト指向技術動向

    鷲崎 弘宜, 高橋 竜一, 村上 真一, 大橋 昭, 吉岡 信和, 石川 冬樹, 久保 淳人, 山本 里枝子, 小高 敏裕, 錠 尚史, 鹿糠 秀行, 杉本 信秀

    研究報告ソフトウェア工学(SE)   2010 ( 17 ) 1 - 8  2010年05月

     概要を見る

    ソフトウェアの開発にあたり可用性や保守性,セキュリティに代表されるディペンダビリティを確保するために有効なアスペクト指向技術の研究ならびに実践の動向について,文献や会議を中心とした調査結果を報告する.本調査において技術の適用対象として,主として Web アプリケーション・エンタープライズアプリケーションを扱う.We report a result of a brief survey on progress in researches and practices in aspect-oriented software development (AOSD) technology for software dependability including availability, maintainability and security. Web/enterprise applications are the main target of the survey.

    CiNii

  • XAC project: Towards a middleware for open wireless sensor networks

    Kenji Tei, Shunichiro Suenaga, Yoshiyuki Nakamura, Yuichi Sei, Hikotoshi Nakazato, Yoichi Kaneki, Nobukazu Yoshioka, Yoshiaki Fukazawa, Shinichi Honiden

    Designing Solutions-Based Ubiquitous and Pervasive Computing: New Issues and Trends     214 - 231  2010年  [査読有り]

     概要を見る

    In pervasive computing environment (Satyanarayanan, 2001), common context management system, that make context of the real world be shared among the context-aware applications, is required to reduce development cost of each context-aware applications. A wireless sensor network (WSN) will be a key infrastructure for the context management system. Towards pervasive computing, a WSN integrated into context management system should be open infrastructure. In an open WSN should (1)handle various kinds of tasks, (2)manage tasks at runtime, (3)save resource consumption, and (4)adapt to changes of environments. To develop such an open WSN, middleware supports are needed, and our XAC project tries to develop a middleware for the open WSN. The XAC project is a research project to develop a middleware for open WSN. In this chapter, the auhors show research issues related to open WSN from the viewpoints of task description language, runtime task management, self-adaptability, and security. © 2010, IGI Global.

    DOI

  • ソフトウェアエンジニアリングシンポジウム2009開催報告

    岸 知二, 鵜林 尚靖, 野田 夏子, 山城 明宏, 石尾 隆, 吉岡 信和, 田原 康之, 豊島 真澄, 松浦 佐江子, 片峯 恵一, 白銀 純子

    研究報告ソフトウェア工学(SE)   2009 ( 21 ) 1 - 8  2009年10月

     概要を見る

    2009 年 9 月 7 日から 9 日の 3 日間に東京女子大学 (東京都・杉並区) にて開催したソフトウェアエンジニアリングシンポジウム 2009 (SES2009) の概要について報告する.This paper reports on "Software Engineering Symposium 2009 (SES2009)" held at Tokyo Woman's Christian University in Suginami Ward (Suginami-ku), Tokyo from September 7th to 9th.

    CiNii

  • 第15回プログラムのパターンランゲージ会議(PLoP2008)参加報告(実装,検証,報告)

    久保 淳人, 鷲崎 弘宜, 吉岡 信和, 井庭 崇, 大久保 隆夫

    情報処理学会研究報告. ソフトウェア工学研究会報告   2009 ( 31 ) 311 - 316  2009年03月

     概要を見る

    2008年10月にアメリカ・ナッシュビルにて開催された第15回プログラムのパターンランゲージ会議(PLoP2008)に参加したので,取り上げられた主な内容を報告する.本会議では27件のパターン論文と1件の研究論文が採録され,4トラックに分かれて議論された.

    CiNii

  • SQUAREではじめるセキュリティ要求工学

    Nancy R. Mead, 吉岡信和

    情報処理   50 ( 3 ) 193 - 197  2009年03月

    書評論文,書評,文献紹介等  

  • セキュリティ要求工学の概要と展望

    吉岡信和, Bashar Nuseibeh

    情報処理   50 ( 3 ) 187 - 192  2009年03月

    書評論文,書評,文献紹介等  

  • 特集 セキュリティ要求工学の実効性

    吉岡信和, 田口研治

    情報処理   50 ( 3 ) 185 - 186  2009年03月

    書評論文,書評,文献紹介等  

  • コモ ンクライテリアのためのモデリング手法の提案

    吉岡信和

    情報処理学会研究会    2009年

    CiNii

  • Special Projects - Smart and Interactive e-Learning System Based on Smartive

    Nobukazu Yoshioka, Shinichi Honiden

    3rd Intentional Conference of Conputer AdedLanguage Leaning (WorldCALL 2008)     48 - 49  2008年08月

    記事・総説・解説・論説等(学術雑誌)  

  • ウインターワークショップ2008・イン・道後開催報告

    阿萬 裕久, 青木 利晃, 沢田 篤史, 山本 晋一郎, 渥美 紀寿, 白銀 純子, 浦本 直彦, 松塚 貴英, 羽生田 栄一, 鷲崎 弘宜, 野中 誠, 吉岡 信和, 田原 康之

    情報処理学会研究報告. ソフトウェア工学研究会報告   2008 ( 55 ) 65 - 72  2008年06月

    CiNii J-GLOBAL

  • ユビキタス環境で活躍するエージェント

    吉岡信和

    社団法人情処学会, Journal of Information Processing Society of Japan     266 - 270  2007年

    CiNii

  • エージェントで実現する自由で安全なコンテンツ流通

    吉岡信和, 本位田真一

    開隆堂, CHANNEL   ( vol.6-4 ) 1  2006年03月

    書評論文,書評,文献紹介等  

  • 考えるコンテンツ?スマーティブで実現する自由で安全なコンテンツ流通

    吉岡信和, 本位田真一

    電気通信振興会   Vol.24 ( No.7 ) 32 - 33  2006年03月

    書評論文,書評,文献紹介等  

  • Context-awareサービスのための開発法の提案

    吉岡信和, 本位田真一

    ソフトウェア工学の基礎XIII, 日本ソフトウェア科学会     125 - 130  2006年03月

    書評論文,書評,文献紹介等  

  • クラウドソーシングを利用したソフトウェア開発のプロジェクトマネジメント

    末永 俊一郎, 馬場, 雪乃, 土肥, 拓生, 吉岡 信和

    人口知能学会全国大会2015  

▼全件表示

受賞

  • ソフトウェア論文賞

    2018年08月   日本ソフトウエア科学会   シーケンス図を用いたモデル検査支援ツールcsp-seq  

    受賞者: 後藤隼弐, 吉岡信和

  • 解説論文賞

    2017年09月   日本ソフトウェア科学会   モデル検査による設計検証  

    受賞者: 吉岡信和, 田辺良則, 田原康之, 長谷川哲夫, 磯部祥尚

  • Best Paper Award

    2015年11月   The Tenth International Conference on Software Engineering Advances (ICSEA 2015)   Performance Exploring Using Model Checking A Case Study of Hard Disk Drive Cache Function  

    受賞者: Takehiko Nagano, Kazuyoshi Serizawa, Nobukazu Yoshioka, Yasuyuki Tahara, Akihiko Ohsuga

  • Best Paper Award

    2015年06月   the First Workshop on Formal Methods in Software Engineering Education and Training (FMSEE&T '15)   Keys and Roles of Formal Methods Education for Industry: 10 Year Experience with Top SE Program  

    受賞者: Fuyuki Ishikawa, Nobukazu Yoshioka, Yoshinori Tanabe

  • 文部科学大臣表彰, 平成24年度科学技術分野, 理解増進部門

    2012年04月   文部科学省   先端ソフトウェア技術の普及啓発  

    受賞者: 本位田真一, 吉岡信和, 田辺良則

共同研究・競争的資金等の研究課題

  • ブロックチェーン・ビッグデータ・クラウド及びIoTを使用したハイパーコネクテッドスマートシティを実現するマルチレイヤセキュリティ技術

    情報通信研究機構  欧州との連携によるハイパーコネクテッド社会のためのセキュリティ技術の研究開発

    研究期間:

    2018年07月
    -
    2021年06月
     

    東日本電信電話株式会社, 高橋

  • 高信頼な機械学習応用システムによる価値創造

    国立研究開発法人 科学技術振興機構  未来社会創造事業 探索加速型 「超スマート社会の実現」領域 サイバー世界とフィジカル世界を結ぶモデリングとAI

    研究期間:

    2018年12月
    -
    2020年03月
     

    吉岡 信和

  • プライバシーとセキュリティを統合した要求分析フレームワーク

    文部科学省  国際共同研究加速基金(国際共同研究強化)

    研究期間:

    2016年01月
    -
    2019年03月
     

    吉岡 信和

  • プライバシーとセキュリティを統合した要求分析フレームワーク

    文部科学省  基盤研究(B)(一般)

    研究期間:

    2015年04月
    -
    2019年03月
     

    吉岡 信和

講演・口頭発表等

  • Incidents Are Meant for Learning, Not Repeating: Sharing Knowledge About Security Incidents in Cyber-Physical Systems (Journal First)

    Faeq Rimawi, Liliana Pasquale, Deepak Mehta, Nobukazu Yoshioka, Bashar Nuseibeh

    The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2021  

    発表年月: 2021年08月

  • 機械学習応用システムの安全性の研究動向と今後の展望

    吉岡信和  [招待有り]

    電子情報通信学会 知能ソフトウェア工学研究会  

    発表年月: 2021年01月

  • AIシステムの観点からの次世代セキュリティ

    吉岡信和  [招待有り]

    第7回ASF次世代セキュリティシンポジウム  

    発表年月: 2020年12月

  • 機械学習応用システムの開発技術(機械学習工学)の現状と今後の展望

    吉岡信和  [招待有り]

    第29回OSSユーザの会  

    発表年月: 2020年11月

  • 機械学習応用システムにおけるセーフティとセキュリティの課題と取り組むべき研究 -自動運転を題材に-

    吉岡信和  [招待有り]

    第3回機械学習工学研究会  

    発表年月: 2020年07月

  • 機械学習応用システムの要求工学はなぜ難しいのか?

    吉岡信和

    情報処理学会 ウィンターワークショップ2020  

    発表年月: 2020年01月

  • 機械学習応用システムの工学的アプローチ: その研究動向と今後の展望

    吉岡 信和  [招待有り]

    IEEE Computer Society Kansai Chapter 2019年第1回技術講演会  

    発表年月: 2019年07月

  • 高信頼な機械学習応用システムによる価値創造について

    吉岡 信和  [招待有り]

    Open QA4AI Conference  

    発表年月: 2019年05月

  • 攻撃に強いサービスを作る IoT時代のセキュリティ設計

    吉岡 信和  [招待有り]

    ビジネスに効く科学,東京商工会議所 北支部  

    発表年月: 2018年08月

  • Current and Future challenge of Model and Modeling on Security and Privacy

    Nobukazu Yoshioka  [招待有り]

    The 1st International Workshop for Models and Modelling on Security and Privacy  

    発表年月: 2016年11月

  • A Metamodel for Security and Privacy Knowledge in Cloud Services

    Hironori Washizaki, Sota Fukumoto, Misato Yamamoto, Masatoshi Yoshizawa, Yoshiaki Fukazawa, Takehisa Kato, Takao Okubo, Hideyuki Kanuka, Yuki Kondo, Shinpei Ogata, Atsuo Hazeyama, Haruhiko Kaiya, Eduardo B. Fernandez

    The Third International Workshop on Patterns Promotion and Anti-patterns Prevention (PPAP)  

    発表年月: 2016年03月

  • Pattern varieties and their uses in building systems

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    The Third International Workshop on Patterns Promotion and Anti-patterns Prevention (PPAP)  

    発表年月: 2016年03月

  • プライバシーを考慮したソフトウェア開発技術の文献に基づく動向調査

    櫨山淳雄, 鷲崎弘宜, 吉岡信和, 海谷治彦, 大久保隆夫

    人工知能学会第18回知識流通ネットワーク研究会  

    発表年月: 2016年03月

  • 形式検証を用いた攻撃分析フレームワークの提案

    大久保 隆夫, 海谷 治彦, 鷲崎 弘宣, 吉岡 信和

    コンピュータセキュリティシンポジウム2015  

    発表年月: 2015年10月

  • クラウドサービスの開発と運用においてセキュリティとプライバシを扱うためのメタモデル

    鷲崎 弘宜, 福本 創太, 山本 美聡, 芳澤 正敏, 大久保 隆夫, 小形 真平, 海谷 治彦, 加藤 岳久, 櫨山 淳雄, 吉岡 信和

    コンピュータセキュリティシンポジウム2015  

    発表年月: 2015年10月

  • シーケンス図を用いたモデル検査支援ツール

    後藤隼弐, 吉岡信和

    日本ソフトウェア科学会第31回大会  

    発表年月: 2014年09月

  • FMEAとモデル検査を組合せた高信頼設計プロセスの提案

    若林昇, 吉岡信和

    日本ソフトウェア科学会第30回大会  

    発表年月: 2013年09月

  • クラウドコンピューティングで変わる大学のIT活用と将来展望

    吉岡 信和  [招待有り]

    私立大学キャンパスシステム研究会(CS研)第1回第六分科会  

    発表年月: 2013年06月

  • An Academic Cloud for Education and Research in Japan

    吉岡 信和  [招待有り]

    Cloud Computing 2012  

    発表年月: 2012年08月

  • アカデミック クラウド フォーラム

    棟朝雅晴, 日下部茂, 吉岡信和, 滝澤真一朗, 福田安宏, 西村浩二  [招待有り]

    Citrix Cloud Vision 2012 Spring  

    発表年月: 2012年04月

  • edubase cloudと学認

    吉岡 信和  [招待有り]

    学認シンポジウム2012  

    発表年月: 2012年03月

  • 教育・研究用クラウド: edubase Cloud

    吉岡 信和  [招待有り]

    平成23年度第3回学術情報基盤オープンフォーラム  

    発表年月: 2012年03月

  • edubase cloudについて

    吉岡 信和  [招待有り]

    平成23年度第2回学術情報基盤オープンフォーラム  

    発表年月: 2011年12月

  • 分散クラウドシステムにおける遠隔連携技術

    棟朝雅晴, 柏崎礼生, 日下部茂, 天野浩文, 小林泰三, 横山重俊, 吉岡信和, 西村浩二, 滝澤真一朗, 實本英之

    学際大規模情報基盤共同利用・共同研究拠点 第3回シンポジウム  

    発表年月: 2011年07月

  • 大学等の商用クラウドサービス利用に関するセキュリティポリシーを考える

    曽根秀昭, 早貸淳子, 西本逸郎, 阿部俊二, 吉岡信和, 玉造潤史, 辻澤隆彦, 長谷川孝博, 岡部寿男, 松本淳一, 阿部伸一, 高橋正和, 高倉敏行  [招待有り]

    学術情報基盤オープンフォーラム2011  

    発表年月: 2011年06月

  • 学んで試せる学術用クラウド: edubase Cloud

    吉岡 信和  [招待有り]

    グリッド協議会第32回ワークショップ  

    発表年月: 2011年03月

  • オープンソースの学術向けクラウド「edubase Cloud」の取組み

    吉岡 信和  [招待有り]

    グローバルクラウド基盤連携技術フォーラム 第2回合同部会  

    発表年月: 2011年01月

  • 世界一のセキュリティを目指す分野間連携

    大久保隆夫, 須賀祐治, 力武 健次, 吉岡信和, 竹森敬祐, 竹森敬祐

    コンピュータセキュリティシンポジウム 2010  

    発表年月: 2010年10月

  • セキュリティ工学の最前線

    吉岡 信和  [招待有り]

    ソフトウェアセキュリティ最前線  

    発表年月: 2010年10月

  • セキュリティ事故事例から統合的な対策手法を考える

    椎木孝斉, 須賀祐治, 大久保隆夫, 鵜野幸一郎, 宮地充子, 吉岡信和

    第50回コンピュータセキュリティ研究発表会  

    発表年月: 2010年05月

  • IMPULSE: a Design Framework for Multi-agent Systems Based on Model Transformation

    Hiroyuki Nakagawa, Nobukazu Yoshioka, Akihiko Ohsuga, Shinichi Honiden

    SE Track of SAC 2011  

    発表年月: 2010年03月

  • A Worm misuse pattern

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    1st Asian Conference on Pattern Languages of Programs  

    発表年月: 2010年03月

  • セキュリティ開発手法の最新動向

    吉岡 信和  [招待有り]

    第12回ISSスクエア水平ワークショップ  

    発表年月: 2009年11月

  • モデル検査ツールを使った設計モデルの検証

    吉岡 信和  [招待有り]

    Modeling Forum 2009,Sep.2009  

    発表年月: 2009年09月

  • 日本の情報基盤を安全にする-セキュリティ標準化の同行と今後-

    宮地充子, 前田俊行, 柴山悦哉, 鵜飼裕司, 大久保隆夫, 金子浩之, 岡村久道, 吉岡信和

    第164回ソフトウェア工学・第45回コンピュータセキュリティ・第13回組み込みシステム・第4回情報セキュリティ心理学とトラスト研究グループ合同研究発表会  

    発表年月: 2009年05月

  • Improving the Classification of Security Patterns

    Hironori Washizaki, Eduardo B. Fernandez, Katsuhisa Maruyama, Atsuto Kubo, Nobukazu Yoshioka

    DEXA Workshop 2009  

    発表年月: 2009年

  • モデル検査ツールによる設計モデルの検証

    吉岡 信和

    UMLフォーラム2009  

    発表年月: 2009年

  • Misuse Patterns

    Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki

    The 4th International Workshop on Software Engineering for Secure Systems (SESS'08)   (Leipzig, Germany) 

    発表年月: 2008年05月

  • Developing Consistent Contractual Policies in Service Composition

    Fuyuki Ishikawa, Nobukazu Yoshioka, Shinichi Honiden

    the 2007 IEEE Asia-Pacific Services Computing Conference (IEEE APSCC 2007)   (筑波、日本)  the 2007 IEEE Asia-Pacific Services Computing Conference (IEEE APSCC 2007)  

    発表年月: 2007年12月

  • Agreements and Policies in Cooperative Mobile Agents: Formalization and Implementation

    石川冬樹, 吉岡信和, 本位田真一

    The 9th International Symposium on Distributed Objects, Middleware, and Applications (DOA 2007)   (Algarve, Portugal)  The 9th International Symposium on Distributed Objects, Middleware, and Applications (DOA 2007)  

    発表年月: 2007年11月

  • Novel Applications in Ubiquitous Computing

    Christian Sommer, Shunichiro Suenaga, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007)   (沖縄県、日本)  合同エージェントワークショップ&シンポジウム2007(JAWS2007)  

    発表年月: 2007年10月

  • ユビキタスコンピューティングにおけるコンテンツの形成・流通・利用・管理に関する研究動向

    馬場雪乃, 福地大輔, 清雄一, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007)   (沖縄県、日本)  合同エージェントワークショップ&シンポジウム2007(JAWS2007)  

    発表年月: 2007年10月

  • ユビキタスコンピューティングにおけるコンテキストのモデル化,管理に関する研究動向

    中村善行, 清家良太, 鄭顕志, 吉岡信和, 深澤良彰, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007)   (沖縄県、日本)  合同エージェントワークショップ&シンポジウム2007(JAWS2007)  

    発表年月: 2007年10月

  • ユビキタスコンピューティングにおけるアプリケーション開発手法に関する研究動向

    鄭顕志, 中川博之, 川俣洋次郎, 吉岡信和, 深澤良彰, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007)   (沖縄県、日本)  合同エージェントワークショップ&シンポジウム2007(JAWS2007)  

    発表年月: 2007年10月

  • ユビキタスコンピューティングにおける分散協調・連携技術の研究動向

    石川冬樹, 阿部玲, 高橋竜一, 吉岡信和, 深澤良彰, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007)   (沖縄県、日本)  合同エージェントワークショップ&シンポジウム2007(JAWS2007)  

    発表年月: 2007年10月

  • サービス合成における契約ポリシーの決定・検証問題の形式化とその支援

    石川冬樹, 吉岡信和, 本位田真一

    合同エージェントワークショップ&シンポジウム2007(JAWS2007)   (沖縄県、日本)  合同エージェントワークショップ&シンポジウム2007(JAWS2007)  

    発表年月: 2007年10月

  • Errors and Misconceptions in Learning i*

    Toshihiko Tsumaki, Yasuyuki Tahara, Nobukazu Yoshioka, Haruhiko Kaiya, Kenji Taguchi, 本位田真一

    2nd International Workshop on Requirements Engineering Education and Training (REET'07)   (Delhi, India)  2nd International Workshop on Requirements Engineering Education and Training (REET'07)  

    発表年月: 2007年10月

  • Policy-based Runtime Partner Management in Process-Based Services

    石川冬樹, 吉岡信和, 本位田真一

    IEEE International Conference on Web Services (ICWS 2007)   (Utha, USA)  IEEE International Conference on Web Services (ICWS 2007)  

    発表年月: 2007年07月

▼全件表示

 

委員歴

  • 2018年06月
    -
    継続中

    日本ソフトウェア科学会  監事

  • 2018年04月
    -
    継続中

    日本ソフトウェア科学会 機械学習工学研究会  運営委員

  • 2015年01月
    -
    継続中

    IEEE Computer Society Japan Chapter  役員

  • 2014年04月
    -
    継続中

    日本ソフトウェア科学会 実践的IT教育研究会  運営委員

  • 2004年01月
    -
    継続中

    合同エージェントワークショップ&シンポジウム(JAWS)  プログラム委員

  • 2020年07月
    -
    2020年12月

    the 2nd International Workshop on Machine Learning Systems Engineering  Co-Organizer

  • 2018年04月
    -
    2020年11月

    日本科学技術連盟 SQuBoK第3版策定部会  委員

  • 2007年04月
    -
    2020年03月

    日本ソフトウェア科学会  企画委員

  • 2018年09月
    -
    2019年09月

    合同エージェントワークショップ&シンポジウム(JAWS) 2019  実行委員長

  • 2018年09月
    -
    2018年12月

    The International Workshop on Evidence-based Security and Privacy in the Wild 2018 (WESPr-18)  Co-organizer

  • 2018年09月
    -
    2018年12月

    The 1st International Workshop on Machine Learning Systems Engineering (iMLSE 2018)  Co-organizer

  • 2009年01月
    -
    2017年12月

    特定非営利活動法人 トップエスイー教育センター  理事

  • 2011年06月
    -
    2015年06月

    Japan Society for Software Science and Technology  a board member

  • 2011年06月
    -
    2015年06月

    日本ソフトウェア科学会  理事

  • 2013年04月
    -
    2015年03月

    Japan Society for Software Science and Technology  Chair of the Planning committee

  • 2013年04月
    -
    2015年03月

    日本ソフトウェア科学会  企画委員長

  • 2010年04月
    -
    2015年03月

    the Information Processing Society of Japan  Editorial commitee of IPSJ Magazine

  • 2010年04月
    -
    2015年03月

    情報処理学会  情報処理 編集委員

  • 2011年04月
    -
    2013年03月

    日本科学技術連盟  SQuBoK検討委員

  • 2008年04月
    -
    2012年03月

    日本ソフトウェア科学会  編集委員

  • 2011年07月
    -
    2012年02月

    経済産業省  平成23年度次世代高信頼・省エネ型IT基盤技術開発・実証事業(ソーシャルクラウド基盤技術に関する調査研究) 「ソーシャルクラウド検討委員会」 主査

  • 2009年12月
    -
    2010年03月

    内閣官房情報セキュリティセンター  情報セキュリティ技術の研究開発における政府関与のあり方に関する調査 アドバイザ

  • 2009年12月
    -
    2010年03月

    内閣官房情報セキュリティセンター  リスク要件リファレンスモデル作業部会 主査

  • 2009年12月
    -
    2010年03月

    経済産業省  平成21年度コンピュータセキュリティ早期警戒体制の整備事業 (ISO/IEC15408評価技術の利用促進に係る調査), 評価者向け・開発者向けマニュアル作成のための検討会

  • 2009年09月
    -
    2010年03月

    情報処理推進機構  リカレント教育部会 主査

▼全件表示