Technologies for achieving common functions essential to content sharing business and electronic commerce such as copyright management, electronic settlement, and information delivery.

■ OSGi Service-aggregation Platform (OSAP)

■ Remote Replication System for File Servers (Flexible IP Storage System)

■ Scalable, Secure File-sharing System (SSS)

■ Countermeasure Technologies against "Botnets"

■ Blog-based Community Analyzer ーInnovative Recommendation to Usersー

Home network Ubiquitous Pervasive computing

NTT Cyber Solutions Laboratories

OSGi Service-aggregation Platform (OSAP)

H-PF-1 copyright©2007NTT

With the explosive growth in “always-on” broadband services like optical-fiber access, various objects around the home are

becoming connected to networks. Unsurprisingly including types of PCs that have become mainstream up till now, these

objects also include audio-visual (AV) equipment, information devises, household appliances, and various sensors. Moreover,

reflecting these circumstances, service providers proposing to provide services using such devices connected to a network have

become more varied.

OSAP is a platform technology on which multiple service providers can share a gateway device, called a service gateway

(SGW), and a center system for managing the SGW and, thereby, provide services to users (see figure). The software for

implementing services is composed as a software module called a “bundle”— based on OSGi* standard technology. The

bundle, which is configured according to the service provider, is downloaded to the SGW of a user using a service through the

OSAP and executed. The bundle on the SGW executes, for example, monitoring of in-home sensors, control of home

appliances, and control for integrating these devices and realizes applications. For example, in the case that an intruder is

discovered by a break-in sensor, a home-security service connected to your mobile phone sounds an alarm to inform your

mobile phone that a break-in has happened at home.

By applying OSGi and an expanded OSAP, it is easy, for example, to add new services, customize services for each user,

and promptly deal with bugs. In addition to these features, on the OSAP, a security function of executed bundles, a monitoring

function to check whether bundles are correctly executed, an interface on the service-provider side, and so on can be provided.

In doing so, it is a platform that is easy to use, safely and securely, from either the user side or the service-provider side.

From now onwards, as well as applying OSAP to life-support services for households, NTT Laboratories will continue to take

the lead in applying OSAP in various business fields already using OSGi and in laying down new standardization for OSGi.

* OSGi: Open Services Gateway Initiative (www.osgi.org)

Overview of OSAP

Service provider（SP）

Ｂ

Network

BB NTT expandedportion

OSGiframework

B B

B B BB

PC systems PC systems PC systems

AV systems AV systems AV systems

Home-information Home-information appliances appliances Home-information appliances

Sensor systemsSensor systemsSensor systems

Telecoms systemsTelecoms systemsTelecoms systems

Control

OSAP centersystem

（OSAP-CS）

Service gateway（SGW）

Bundle B B

B B

B B

OSGi Service-aggregation Platform（OSAP）

Business continuity plan Storage Replication Data center

NTT Service Integration Laboratories, NTT Cyber Solutions Laboratories

Remote Replication System for File Servers (Flexible IP Storage System)

H-PF-2 copyright©2007NTT

Companies are increasingly interested in the business continuity plan (BCP) for large disasters. For example, some recent

earthquakes adversely influenced business or even led to the closure of companies and offices. In addition, companies in the

same supply chains are increasingly placing demands to establish BCPs and the Japanese government has issued guidelines

related to BCPs. Companies are especially interested in backups of their information systems. However, disaster recovery

(DR) solutions in large disasters are very expensive, and their users are mainly large companies.

NTT Laboratories have developed a flexible IP storage (FIS) system, to provide inexpensive DR solutions for small and

medium-scale companies. With the FIS, using the iSCSI*1 protocol, companies can inexpensively replicate their data on their

file servers in real time and store it, for example, in a data center at a remote site.

The FIS uses an inexpensive virtual private network such as the FLET’S network and group access optional service, instead

of expensive dedicated lines. As the bandwidth of the FLET’S network is not guaranteed, data transfer may be unstable.

However, we make it possible to transfer data stably with a technology for stabilizing an iSCSI environment. In addition, the FIS

equipment is inexpensive because it uses inexpensive storage with open source software (OSS) such as the iSCSI target,

instead of using an expensive Fibre Channel. Furthermore, by using an iSNS*2 server, we can efficiently operate and manage

the storage system.

We are planning to test the system in a commercial environment and commercialize it.

*1 iSCSI: Internet Small Computer System Interface (RFC3720. Specification that uses SCSI protocols over TCP/IP)*2 iSNS: Internet Storage Name Server (RFC4171. iSCSI Name Server)

FLET'S is a registered trademark of Nippon Telegraph and Telephone East Corporation and Nippon Telegraph and Telephone West Corporation.

Remote replication system for file servers (Flexible IP storage system)

Office

Windowsclients

File server

LAN

Main disk（buffer）

Data center etc.

iSNSserver

Sub disk

Application

Linux kernel

Samba Mirroring

File system layer

Disk virtualization layer

iSCSI initiator driver

Buffered data size（image）

Day/time

Remote replication（iSCSI）

FLET’S network etc. （w/Group access）

Bulk file transfer Encryption Delivery certificate Express delivery

NTT Information Sharing Platform Laboratories

Scalable, Secure File-sharing System (SSS)

H-PF-3 copyright©2007NTT

The volume of electronic mail (e-mail, for short) dealing with work flows in the business world, such as graphic advertising,

design data, medical data, image data, and software, is increasing from the megabyte range to the gigabyte range day-by-day.

Along with this trend, it is becoming indispensable to ensure that bulk transfer of files exceeding the capacity limits allotted to e-

mail are transmitted safely without fail. In the meantime, recently, owing to leakage of personal information, secret information,

and such, security consciousness regarding transfer of files externally by means of free file transfer services, various memory

media, and so on is growing even in the general business world. With these circumstances in mind, NTT Laboratories is

pushing ahead with development of a Scalable Secure File-sharing System called SSS.

SSS realizes several key functions: file transfer/reception unconscious of file capacity, secrecy assurance by “Camellia*1”

encryption of transferred data, personal authentication by electronic certificate, issuance of delivery certificates by a third party

at a delivery agency to prove receival of files, a transfer restriction function for restricting the authorized domain of transmissions/

receivals in order to prevent wrong shipments. With these functions this system, safe and reliable file transfer with business

contacts in the business world is possible. Moreover, relaxing the limits on TCP*2 transmission speed to remote locations by

means of TCP multi-session technology enables delivery services at higher speeds than conventional speeds, thereby

increasing the convenience regarding transfer on the eve of deadlines. In addition, a client lineup split into three types was

developed, and the type is selected according to intended application ranging from industrial corporations to general business.

Through the above-described features, it is possible to provide new added-value postal services—such as registration, express

delivery, and delivery certification—on a network.

This system has been in trial service—in which about 3,000 people at NTT-The Holding Company (including 20 NTT Group

companies) participated—since October 2006. From this trial, know-how concerning settlement and operation of encrypted

transmission of secret information has been accumulated. From now onwards, we will push ahead with upgrading and

expanding of the system in terms of further usability improvement and provision of common file transfer services among NTT

Group companies.

*1 Camellia: A symmetric key block cipher developed in 2000 by NTT and Mitsubishi Electric Corporation.*2 TCP: Transmission Control Protocol

Camellia is a registered trademark of Nippon Telegraph and Telephone Corporation and Mitsubishi Electric Corporation.

Overview of SSS

Overview of SSS functions Client lineupDedicated

application type

Browser type

Command type

P.S. “⇒” Typical application user

Electronic certificate authority/time stamp authority

SSSserver

Certification of receipt

SSSclient

SSSclient

Delivery certificateIssuing of delivery certificate

Interruption and restartInterrupt transfer during network failure and resumetransfer after recovery

Transfer of large filesUp to 100 GB at a time

Encryption of transferdata（Camellia）Data not readable by third parties

User certification（ID/PW, electronic certification）Authentication of receiver identity

Transfer restrictionPrevention of data transfer to wrong address

ExpresstransferShort data transfer time Various

usescenes

*1 GUI: Graphical User Interface　　*2 CUI: Character-based User Interface

Mailer like GUI*1

⇒In-house user Industry user

Web-browser GUI⇒Outside user

Script-based CUI*2 for workflow and application collaboration⇒Industry user

Botnet Bot Malware Honeypot

NTT Information Sharing Platform Laboratories

Countermeasure Technologies against “Botnets”

H-PF-4 copyright©2007NTT

Computer viruses of recent years have evolved from a conformation aimed simply at independent proliferation of the virus

into a conformation referred to as “bots”—that is, a virus that carries out actions in accordance with the commands of an

attacker. By connecting to a central management server relaying attack commands and creating a “botnet” of several hundred

to several ten thousand computers, the bots secretly work as DDoS* attacks and infrastructure systems for spam-mail

distribution and proliferation services provided on the black market.

With this state of affairs in mind, at NTT Laboratories we have developed technologies that will become indispensable in

deterring such threats from botnets. These technologies include a decoy terminal called a “honeypot”, a bot analysis system for

ascertaining bot behavior in a short time, and an integrated management system for presenting information ranging from trends

and invasion routes of attacks to bot behavior in an easy-to-understand fashion. Hooked up to the Internet like a vulnerable

terminal, the honeypot is a mechanism that sucks in bots for analysis. This mechanism incorporates technologies, such as

technology for detecting and sucking in all bots and technology for hiding the honeypot from the attacker, developed in-house at

NTT Laboratories. Moreover, as regards the bot-analysis system, by setting up a virtual Internet space and moving the bots in

it, it is possible to ascertain the behavior of bots on a network of bots in a short time. With these technologies, it has become

possible to provide notifications of infected instructions for users unaware of bot infection and promote countermeasures as well

as to promptly grasp the influence of bots on networks and relay servers connecting bots and dispense countermeasures.

From now onwards, while continuing our combined efforts to implement concrete bot countermeasures through cooperation

with outside organizations, we will continue research and development on collection technology for handling multiple infection

routes of successive bots as well as on analysis and countermeasure technologies that can keep pace with the increasing

sophistication of bots.

* DDoS: Distributed Denial of Service

Countermeasures against botnet

Management systemInformation covering trends of attacks against the honeypot to invasion routes and behavior of bots is presented in an easy-to-understand manner on a web user interface（UI）.

Is placed on the Internetand collects bots

HoneypotAnlysis of the botin a short time

Dynamic analysis system

Analysisreport Attack log

Bot program

Bot program

Bot

Bot

BotInternetInfection

CGM Blog Mood analysis Semantic web Recommendation

NTT Network Service Systems Laboratories

Blog-based Community Analyzer – Innovative Recommendation to Users –

まったりした音楽A

今日の音楽B さん

Teenage fanclub

・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・

・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・

・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・・

C さん

H-PF-5 copyright©2007NTT

“Blogs” and social-network services (SNSs)—allowing a user’s topics of interest to be transmitted on the Internet and

supporting discussions between users—are rapidly gaining in popularity. By using such blogs and analyzing all areas of users’

interests and identifying what kind of mood expressions are used by a user to describe their topics of interest, it is anticipated

that extremely detailed information can be recommended to users and exploited for “contents marketing”.

“The blog-based community analyzer” extracts general ideas that users are interested in from blog descriptions of users and

selects a “user community” for sharing interests according to the closeness of their interests. Furthermore, in contrast to

existing “recommendation mechanisms” like that used by Amazon Japan Co. Ltd., the analyzer recommends information with a

big “gap” between ideas already expressing a user’s interests and ideas a user might be interested in as “information for

bringing about innovation”. In particular, in correspondence with topics of interest, it is possible to finely discriminate information

right down to “mood information”, that is, whether a user feels “positive” or “negative” towards a certain piece of information.

From August to December 2006, a trial service called “DoblogMusic”—for recommending music-related topics on the “Doblog”

service of NTT DATA—was carried out. According to the frequency of access and comments of actual users during the trial, the

usefulness of community selection and recommendation was confirmed.

Moreover, during the “BRAND COLLECTION” trial service of NTT Communications (carried out from February to March

2007), a trial “mood search” for mobile phones—which allows searching for fashion brands according to “mood phrases” such

as “sweet line”—was performed, and a questionnaire evaluation, gathering comments like “an interesting approach showing

innovation”, was done.

After consulting the trial results from 2006, in 2007, we at NTT Network Service Systems Laboratories plan to practically

apply the analyzer for applications in categories other than books, dining out, movies, music, and fashion and for marketing of

consumer-generated-media (CGM) analysis results through, for example, a service for comparing positive and negative

information concerning and purchased goods.

Doblog is a registered trademark of NTT DATA Corporation.

Our trial service “DoblogMusic” and “BRAND COLLECTION”

Blog site of user A

Recommendation display page shown to user A

Latest fashion-related blogs

1. Ambiguous words are made specific

2. Navigate to fashion boutiques

Searchinput

Mood search results

〈Sweet line! 〉（Brand B）

Window-shoppingJeans of youngwomen

Substantiation

CGM

Click

I feel the start of autumn by wearing the brouse woven by cotton of fine quality.

Mr.AMr.BMr.C

Music diaryMusic diary

DoblogMusic

Recommendations Sweet line!

Search

やさしい音楽

［comments］

［23：14］

最近やさしい音楽をもとめているのか,今日はまたAIRとelf powerをききました.elf powerはやさしいねえ.ほっとする.Death Cab For Cutieもそうだね. AIRはそうでもないかな.

Topical brands unknown to person in question

Discovery ofunpredictability

Typical representative phrases presently making the news related to brands

Looking overpopular contents

By clicking the “recommendations” information that appears beside the blog, user A can view a list of recommended artists.

List of recommended artists

Degree of innovationSmall（0）

Large（3）

List of users with similar interests

Blog-body

Jimmy Eat World (Emo)

Jessica Simpson (Teen Beat)Entries of Neighbours

Van Dyke Parks (Adult Alternative)Entries of Neighbours

List of user blog entries close to the user’s interests

Genre: Alternative/punk rock, British pop, British rockArtist: Teenage fanclub

Genre: Alternative/punk rock, British pop, British rockArtist: Teenage fanclub

Innovative Artists

Neighbours