Deploying JP Vendor Status Notes (JVN) for Dissemination of Security Information Throughout Japan

Masato Terada
Senior Researcher
Systems Development Laboratory,
Hitachi, Ltd.

1. Vendor response to relentless security attacks
2. Need for domestic venue for sharing vulnerabilities information: start of JVN
3. Information security early warning partnership framework
4. RSS: key to successful dissemination of security information
5. Widespread participation in JVN reduces total costs

(Actively involved in JVN activities as Keio University Graduate Student, part-time researcher at the Information -Technology Promotion Agency Security Center, and associate staff on JPCERT/CC technologies)

Increasing incidents of computer viruses, unauthorized accesses and other abuses scaning to exploit the vulnerabilities of software products used in personal computers, mobile phones, and other digital consumer devices are causing increasing harm to cyber communities. This article provides an overview of JP Vendor Status Notes (JVN), an initiative to cope with this situation by collecting information for dealing with such vulnerabilities throughout Japan and making the information available in a form that can be readily disseminated over the Internet. JVN has been managed within the framework of the Ministry of Economy, Trade and Industry's (METI) "Information Security Early Warning Partnership" initiative, and the progress and activities of JVN have attracted a great deal of interest.

* Professional affiliation and official position are at the time of publication.
(Publication: July 12, 2005)