Presentation 2015-07-02
Information Security in National Identification Number called My Number in Japan
Takeshi Niiyama, Toshiro Kita,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) National Identification Number called "My Number" was passed by the House of Councilors on May 24th 2013. It will be effective from Jan 2016. The most significant concern is information leakage of My Number. In this paper, Information leakage incident oversea situation was researched and analyzed the situation. Through this research, some counter is proposed against the information leakage incidents of My Number. Alessandro Acquisti et al reported at Black Hat 2012 that SSN (Social Security Number) is defined using facial identification. Anyone could not assume that SSN was identified using picture on Facebook. By using Google research for 10 hour for each foreign country, there were 34 information leakage incidents of Resident Registration Code (RRC) -called Juki-Net in Japan, 16 information leakage incidents of Social Security Number in United States, 7 information leakage incidents of Residential Register Code in South Korea. In this paper, many information leakage incidents in Japan and outside Japan were reported and analyzed. Based on this report, it is predicable when “My Number” is used for commercial service, information leakage incidents happened would be increased at various places. Many patterns of attack were clarified and many hints to prevent the incidents were shown. Recommend necessary solution or measure against information leakage shall be proposed for government for their public policy. All possible use case of “My Number” was thought. When ISMS was used to evaluate the commercial user of “My Number” based on use cases, some learning items were found. Frequent incidents were IT Theft or lost “My Number on the train or road. Therefore, it is important for people to treat “My Number” carefully or not to expose their ID including “My Number”. For future work, risk evaluation of “My Number” at Campus of University will be done soon. Based on the results, finally, public policy will be proposed for government.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) Security / Information Leakage / My Number / Risk Evaluation
Paper # ISEC2015-12,SITE2015-10,ICSS2015-22,EMM2015-20
Date of Issue 2015-06-25 (ISEC, SITE, ICSS, EMM)

Conference Information
Conference Date 2015/7/2(2days)
Place (in Japanese) (See Japanese page)
Topics (in Japanese) (See Japanese page)
Topics (in English)
Chair / Yukiyasu Tsunoo(NEC) / Noriaki Yoshikai(Nihon Univ.) / Yutaka Miyake(KDDI R&D Labs.) / Akinori Ito(Tohoku Univ.)
Vice Chair / Masahiro Mambo(Kanazawa Univ.) / Kazuto Ogawa(NHK) / Hitoshi Okada(NII) / Tetsuya Morizumi(Toyo Networks & System Integration) / Takashi Nishide(Univ. of Tsukuba) / Yoshiaki Shiraishi(Kobe Univ.) / Masashi Unoki(JAIST) / Masaki Kawamura(Yamaguchi Univ.)
Secretary / Masahiro Mambo(AIST) / Kazuto Ogawa(Toshiba) / Hitoshi Okada(Kanagawa Univ.) / Tetsuya Morizumi(Kyushu Univ.) / Takashi Nishide(Mitsubishi Electric) / Yoshiaki Shiraishi(NII) / Masashi Unoki(Univ. of Electro-Comm.) / Masaki Kawamura(Nagasaki Univ.)
Assistant / Tetsuya Izu(Fujitsu Lab.) / Takaaki Mizuki(Tohoku Univ.) / Noritaka Yamashita(NEC) / Takahiro Haga(Gifu Shotoku Gakuen Univ.) / Katsunari Yoshioka(Yokohama National Univ.) / Kazunori Kamiya(NTT) / Motoi Iwata(Osaka Pref. Univ.) / Kazuhiro Kohno(Kansai Univ.)

Paper Information
Registration To Special Interest Group on Computer Security / Technical Committee on Information Security / Technical Committee on Social Implications of Technology and Information Ethics / Technical Committee on Information and Communication System Security / Technical Committee on Enriched MultiMedia / Special Interest Group on Security Psychology and Trust
Language JPN
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) Information Security in National Identification Number called My Number in Japan
Sub Title (in English)
Keyword(1) Security
Keyword(2) Information Leakage
Keyword(3) My Number
Keyword(4) Risk Evaluation
1st Author's Name Takeshi Niiyama
1st Author's Affiliation Doshisha University(Doshisha Univ.)
2nd Author's Name Toshiro Kita
2nd Author's Affiliation Doshisha University(Doshisha Univ.)
Date 2015-07-02
Paper # ISEC2015-12,SITE2015-10,ICSS2015-22,EMM2015-20
Volume (vol) vol.115
Number (no) ISEC-119,SITE-120,ICSS-121,EMM-122
Page pp.pp.23-30(ISEC), pp.23-30(SITE), pp.23-30(ICSS), pp.23-30(EMM),
#Pages 8
Date of Issue 2015-06-25 (ISEC, SITE, ICSS, EMM)