- 1993 to 2001 : SEC Co. Ltd.
- 2001 to 2003 : IBM T.J. Watson Research Center
- 2003 to present : IBM Japan, Tokyo Research Laboratory
- April 2008 to present : Committee member of IPSJ CSEC WG
- April 2009 to present : Editorial committee member of IPSJ Magazine
- Web 2.0/SaaS Security
- Data Leakage Prevention
- Trusted Computing and Trusted Virtual Domains
My Favorite Pursuit
- Jogging / Marathon
- Hiking / Mountain Climbing
Web 2.0/SaaS Security
In particular, the current browser security model is designed under an assumption that the content within a server is mutually trustworthy. However, Web 2.0 emphasizes collaboration and interaction of users, which implies that any webpage could include content from multiple participants, including potentially malicious ones. In addition, the use of mashup introduces more chances to integrate potentially malicious content into a single webpage.
Our team addresses the Web 2.0 seucurity issues from different aspects, such as the server-side protection, attack detection and filtering at proxy servers, and retrofit of the browser security model. Our article on the developerWorks identifies some Ajax threats and proposes best practices.
Trusted Computing and Trusted Virtual Domains
I have been interested in the Trusted Computing technology since I joined TRL in 2003. Because of heterogeneity and complexity of IT systems, and because of plethora of various kinds of threats and attacks, it becomes increasingly difficult to have confidence in what and how computing systems behave. The Trusted Computing technology allows us to verify and validate integrity and assurance of not only your computer but also that of somebody you are talking to. It is an essential technology that raises the bar of security and trust in next-gen IT environment.
Please also visit:
- IBM Research Security Page
- Trusted Virtual Domains web page at IBM Research
- the project page at TRL
- We have successfully organized the 2nd Workshop on Advances in Trusted Computing (WATC'06 Fall), Nov.30-Dec.1, 2006, in Tokyo, Japan.
- Trusted Mobile Platform proposes a next-gen security architecture for mobile devices.
Before joining TRL, I was working with the pervasive computing solution team in IBM Watson Research Center, where we tried to bring the office of the future into reality in collaboration with Steelcase, one of the largest office furniture manufacturer in USA. BlueSpace was introduced by many mass media (that is something really exciting -- to see the prototype GUI you wrote on the front page of the New York Times :-)
BlueSpace was demonstrated in shows including CeBIT, Gartner Symposium, etc. If you are interested in seeing the live demo, visit one of Industrial Solutions Labs in Hawthorne, NY or Zurich, Switzerland.
BlueSpace integrates various technologies, such as sensor and actuator devices, peripheral displays, futuristic office facility, and exciting Everywhere Displays. I was most interested in the Context-Aware computing and my research focus was to build a framework for context-aware applications.