[Japanese Version]

Masakazu Soshi's WWW page

Masakazu Soshi has been an associate professor of Hiroshima City University since June 2007. He received his B.E. and M.S. degrees from University of Tokyo, in 1991 and in 1993 respectively, and his Ph.D. degree from University of Electro-Communications in 1999. He also worked for University of Electro-Communications from 1997 to 1998, and for Japan Advanced Institute of Science and Technology (JAIST) from 1999 to 2007.

Specialties : Security Control, Anonymous Communication, Tamper-resistant Software, Quantum Computation, IP Traceback

Theoretical Analysis of Access Matrix Models

The safety problem is the one to determine whether or not a given subject can eventually obtain an access privilege to a given object. Generally speaking, unfortunately, the safety problem is undecidable. Little is known about protection systems where the safety problem is decidable, except for strongly constrained systems (e.g., monotonic systems).

Therefore, I have studied decidability of the safety problem for non-monotonic protection systems and successfully showed that it becomes decidable in some cases. In my subsequent research, I will go on to investigate decidability of the problem for non-monotonic systems on which less restrictions are imposed.

Non-interference Security Models

As mentioned above, because it is (in terms of computational complexity) extremely hard to analyze the behavior of access matrix models, in reality it is often the case that information flow control is enforced in addition to ordinary access control. In that case, it is likely that information leakage may occur through channels which are not normally supposed to transfer information between objects (such channels are called `covert channels.') In order to identify and rule out such channels, we have to formally specify security requirements of a system and accordingly develop the system that satisfies the specification. Non-interference security model can be used for that purpose. However, the model is not intuitive and has the disadvantage that it is difficult to design and develop systems based on the model. Consequently I am interested in devising a non-interference model that has no such difficulties.

Anonymous Communication

In today's computer networks, it is one of the utmost concerns to provide anonymity for protecting users' privacy. However previous anonymous communication protocols have such disadvantages that prohibitive computational cost for repeated encryption is imposed, or that receiver anonymity is not achieved.

Therefore, we have proposed a new anonymous communication scheme with cyclic routes. Cyclic routes have a desirable feature that there exist neither starting points nor end points. This feature is quite useful to realize anonymous communication where identities of senders (starting points) and receivers (end points) must be made unknown. Thus our scheme reduces the cost of key distribution, encryption, and decryption, maintaining anonymity of both senders and receivers.

Tamper-resistant software

Software obfuscation, which transforms programs into the form that is hard to understand and tamper illegally, is a promising approach for protection of intellectual property rights of software in untrusted environments. Unfortunately most of previous obfuscation techniques do not have a theoretical basis and thus it is unclear how effective they are. Therefore I have studied new software obfuscation techniques, which are based on the difficulty of interprocedural analysis. The essence of the obfuscation techniques is a new complexity problem to precisely determine the address a function pointer points to in the presence of arrays of function pointers. The problem can be shown to be NP-hard and hence the fact provides a theoretical basis for the obfuscation techniques. Furthermore, we have already implemented a prototype obfuscation tool that obfuscates C programs according to the proposed techniques. Some of the experimental results can be found in our papers.

Quantum Computation, Protocols

Classical computer systems are now approaching to the limits with respect to an areal size of a computational bit, tolerable heat emission, and performance. Therefore, quantum computation has recently been attracting so much interest, since it is expected to solve these problems. For example, the postulates of quantum mechanism are reversible and so quantum computation can be done without heat emission, at least in theory. Unfortunately, due to several technological obstacles, it is said that at best it will take a few decades before quantum computers are actually realized, although, quantum communication systems are now being into a practical use. Therefore I have been doing research in the area of quantum computation, quantum protocols (especially quantum coin flipping protocols), and quantum communication systems.

IP Traceback Schemes

In recent years the Internet has been exposed to a serious threat of DoS (denial of service) attacks. Therefore, widespread attention has been paid to IP traceback schemes, which try to identify the initiator who has mounted the attacks. I am in particular interested in developing theories and architectures of efficient IP traceback technology.

Security Architecture

In recent years, more and more computers become interconnected through computer networks and the establishment of security of a proper level in such environments is of critical importance.

To this end, I considered an agent-oriented architecture as a promising computing paradigm for such environments and have studied security models and mechanisms for it. My research interest is to incorporate those results into a new security architecture in open distributed environments.

Selected Publications

Masakazu Soshi
E-mail: soshi at **you should be able to guess my E-mail address!** hiroshima-cu ac jp

Embedded System Design Laboratory
Hiroshima City University