【Outline】
Following extensive research and development by our team members on the topic outlined in the title, we have successfully obtained an innovative patent for VPN communication that pursues true zero trust, utilizing the Patent Office's Super Early Examination System. This patent leverages features in protocols such as TCP/IP and QUIC, which are equipped with a function to request retransmission under poor communication conditions. Our patented technology verifies the contents of the data received after a retransmission request, determining whether the data has been hacked or if it is from a legitimate source. This method enables strict checking of the communication content even after authentication and authorization, achieving true zero trust. Traditional VPN technology lacks the process of suspecting the communication partner once communication starts; however, our patented technology allows the legitimacy of the communication partner to be verified even during communication. Additionally, if the required security level is military-grade, the use of IC cards and counterattacks against hacking organizations are also claimed in the patent. This patent offers comprehensive measures against modern complex security threats, contributing not only to enhancing corporate and individual digital security but also to government and municipal projects such as Web3 and smart cities.
Patent number: P7433620
Number of claims: 40
Registration date: February 9, 2024 (Reiwa 6)
Issue date: February 20, 2024 (Reiwa 6)
【Company's Challenge Recognition】
The underhanded actions of hacker groups in cyberspace show no signs of stopping. Unlike Old West bank robbers, they operate incognito, can attack from anywhere around the world, and do so 24/7. Given this context, recent cyber incidents and trends show that attack methods are evolving daily, with a notable increase in ransomware attacks, phishing scams, and supply chain attacks. These attacks cause substantial damage to businesses and organizations, significantly impacting business continuity and reliability.
Not only are there many vulnerabilities hidden in the systems and OS we operate, but the necessity to maintain a supply chain for business operations also puts us at a disadvantage in defending against attacks. Cyber attackers can breach an entire corporate network through a single vulnerability and steal confidential information. Moreover, the proliferation of remote work due to the COVID-19 pandemic has blurred the boundaries of corporate networks, providing new opportunities for attackers.
In current and future business environments, enhancing security in communications is more essential than ever. Although various communication solutions claiming zero trust compatibility have emerged recently, none truly realize zero trust. This is because current solutions verify the legitimacy of the communication partner mainly at the top layer (application layer), making it technically difficult to intervene during communication.
Traditional VPNs exchange encryption keys over the Internet, a process vulnerable to decryption by future quantum computers. Furthermore, attackers can store communication data and later decrypt it using quantum computers, making this a critical vulnerability when national-level security is required.
Considering these circumstances, our patented technology, which incorporates true zero trust ideology, becomes crucial. Our technology offers a new approach to ensuring communication security, enabling security checks during communication. This allows businesses to build stronger defenses against cyber-attacks. Additionally, our solution addresses the risk of encryption keys being decrypted by quantum computers, ensuring safe communications even in the future.
【Solution】
Our patented technology represents an innovative solution to security issues in VPN communications. After authentication and authorization, it continuously monitors and verifies the legitimacy of the communication partner. This process, conducted at the transport layer, involves intentionally triggering retransmissions based on data traffic and connection duration, allowing security interventions during communication. A critical aspect is determining whether a connection is legitimate based on whether the retransmitted data matches the original data. Our patented technology introduces a counterintuitive approach: if the same data is retransmitted, communication is immediately cut off. These methods enable Japan's first true zero-trust-compliant VPN communication, underpinned by novelty and progress.
Additionally, by eliminating the internet-based encryption key exchange process, our technology protects communication data from future threats posed by quantum computers. The generation and transfer of secret information occur in physically secure areas inaccessible to hackers, providing an effective solution to security risks associated with the increase in remote work and the prevalence of IoT devices. Particularly in enhancing IoT device security, incorporating our technology into gateway devices can significantly improve the security of connected IoT devices.
Our company plans to deploy this patented technology to partners and eventually sell it as an in-house developed product, providing a high-resilience VPN communication method. Our goal is to create an environment where businesses can operate without the threat of cyber-attacks.
*Future threats involve scenarios where,
years from now, a state or group intending to decrypt top-secret information will store encrypted communication data to decrypt it with quantum computers once available, using the information for malicious purposes. Such threats are already anticipated. Our technology is effective against these future threats, thus playing a significant role in long-term security protection.
Comments