JP2016133997A - Fault analysis system, application execution apparatus, fault analysis apparatus, and fault analysis method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To analyze a fault, while ensuring security.SOLUTION: In a fault analysis system, an application execution apparatus 1 includes: a conversion table storage section 3 which stores a conversion table for associating multiple pieces of pre-conversion information with one piece of post-conversion information; and a conversion processing section 4 which converts fault related information on a fault of an application into post-conversion fault related information including the post-conversion information, on the basis of the conversion table. A fault analysis apparatus 2 includes: a reverse conversion table storage section 5 which stores a reverse conversion table for associating one piece of post-conversion information with multiple pieces of pre-conversion information; a reverse conversion processing section 6 which reversely converts the post-conversion fault related information into fault verification information including at least one piece of the pre-conversion information, on the basis of the reverse conversion table; and a fault verification section 7 which verifies the application, on the basis of the fault verification information reversely converted.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a failure analysis system, an application execution device, a failure analysis device, and a failure analysis method, and more particularly to a failure analysis system, an application execution device, a failure analysis device, and a failure analysis method for analyzing an application failure.

  In various information processing systems, a product department (operation maintenance company) that performs operation maintenance work provides service and maintenance of the system, and uses a service provided by a user (customer). In such a system, when a failure occurs in the user environment, the product department investigates (analyzes) the cause of the failure based on information acquired from the user. For example, for the purpose of failure investigation, logs, setting files, user data in a DB (database) output to the file, etc. are sent from the user to the product department.

  On the other hand, in recent years, a method of masking a part of information provided to a third party has been widely used for ensuring security and protecting personal information. As a related technique, for example, Patent Document 1 is known.

JP 2011-34264 A

  As described above, when a failure occurs in the system, it is necessary to provide information from the user to a failure analyst such as a product department in order to analyze the failure. However, if all information is provided as it is from the user to the failure analyst, security cannot be ensured, and thus personal information or information that is not desired to be disclosed may be masked. Then, in the failure analyst's environment, since the actual value of the masked information is not known, there is a problem that failure cannot be reproduced and failure analysis is difficult.

  In view of such problems, an object of the present invention is to provide a failure analysis system, an application execution device, a failure analysis device, and a failure analysis method capable of analyzing a failure while ensuring security.

  The failure analysis system according to the present invention is a failure analysis system including an application execution device that executes an application and a failure analysis device that analyzes a failure of the application, and the application execution device includes a plurality of pieces of pre-conversion information. A conversion table storage unit that stores a conversion table that associates a single post-conversion information with the conversion information, and converts fault-related information related to the fault of the application into post-conversion fault-related information including the post-conversion information based on the conversion table A reverse conversion table storage unit that stores an reverse conversion table that associates the single post-conversion information with the plurality of pre-conversion information, and the post-conversion fault association Information including at least one of the plurality of pre-conversion information based on the inverse conversion table. And inversion processing unit for inversely converting the verification information, based on said inverse transformed fault verification information, and fault verification unit for verifying the failure of the application, are those comprising a.

  An application execution device according to the present invention includes a conversion table storage unit that stores a conversion table that associates a plurality of pieces of pre-conversion information and one post-conversion information, an application execution unit that executes an application, and a fault related to a fault of the application A conversion processing unit that converts information into converted fault-related information including the converted information based on the conversion table, and provides the converted fault-related information to a fault analysis apparatus that analyzes the fault of the application Providing part.

  The failure analysis apparatus according to the present invention relates to a failure of the application from an inverse conversion table storage unit that stores an inverse conversion table that associates one post-conversion information and a plurality of pre-conversion information, and an application execution device that executes an application. An acquisition unit that acquires failure-related information after conversion obtained by converting failure-related information; and failure verification information that includes at least one of the plurality of pre-conversion information based on the inverse conversion table, the failure-related information after conversion An inverse transformation processing unit that inversely transforms into a fault, and a failure verification unit that verifies the failure of the application based on the inversely transformed failure verification information.

  A failure analysis method according to the present invention is a failure analysis method in a failure analysis system including an application execution device that executes an application and a failure analysis device that analyzes the failure of the application, and the application execution device includes a plurality of A conversion table for associating the pre-conversion information with one post-conversion information, and converting the fault-related information regarding the fault of the application into fault-related information after conversion including the post-conversion information based on the conversion table The failure analysis device stores an inverse conversion table that associates the one post-conversion information and the plurality of pre-conversion information, and the failure-related information after the conversion is converted into the plurality of conversions based on the reverse conversion table. Back-converted into fault verification information including at least one of the previous information, and based on the reverse-converted fault verification information. Stomach, is intended to verify the failure of the application.

  According to the present invention, it is possible to provide a failure analysis system, an application execution device, a failure analysis device, and a failure analysis method capable of analyzing a failure while ensuring security.

It is a block diagram which shows schematic structure of the failure analysis system which concerns on embodiment. 1 is a block diagram illustrating a configuration of a failure investigation system according to Embodiment 1. FIG. 4 is a flowchart showing an operation of the failure investigation system according to the first embodiment. 6 is a diagram showing an example of a mapping table according to Embodiment 1. FIG. 6 is a diagram illustrating an example of user data according to Embodiment 1. FIG. It is a figure which shows an example of the masked user data which concerns on Embodiment 1. FIG. It is a block diagram which shows the structure of the failure investigation system which concerns on Embodiment 2. FIG. 10 is a flowchart showing an operation of the failure investigation system according to the second embodiment. It is a figure which shows an example of the mapping table which concerns on Embodiment 2. FIG. It is a figure which shows an example of the mapping table which concerns on Embodiment 2. FIG. It is a figure which shows an example of the mapping table which concerns on Embodiment 2. FIG. It is a figure which shows an example of the mapping table which concerns on Embodiment 2. FIG. It is a figure which shows an example of the user data which concerns on Embodiment 2. FIG. It is a figure which shows an example of the masked user data which concerns on Embodiment 2. FIG. It is a figure which shows an example of a special character.

(Study leading to the invention)
As related data masking methods, we examined the following three methods: encryption, masking, and tokenization.

  First, in the method of encrypting data, a person (device) having an encryption key can use the original data by decrypting the encrypted data with the encryption key. In this method, even if personal information or information that the user does not want to disclose is encrypted on the user side, the product department side can decrypt all the information using the encryption key. For this reason, the premise that personal information or information that is not desired to be disclosed is not passed, and security cannot be ensured.

  In the method of masking data, all or part of the original data is replaced with “***” or the like. When masking is performed, the original data cannot be restored, and the length and character type of the original data (full-width / half-width, alphanumeric characters, etc.) cannot be recognized. For example, when the last three digits of “A001” and “A002” are masked, “A ***” and “A ***” are obtained. In this method, since the original data cannot be recognized, the failure caused by the data cannot be reproduced, and the failure cannot be investigated.

  As an example of a failure caused by data, there is an example in which a character in a range not supported by the application is input and malfunctions. For example, when a half-width alphabet is entered where a half-width number is expected, or when multi-byte is not considered, special characters such as external characters, model-dependent characters, and control characters are entered as shown in FIG. May be an obstacle.

  As another example of a failure caused by data, there is an example in which a character / character string is not properly processed due to an application defect. For example, when a yen symbol is included or a wave dash is included, it was expected that a byte order mark (BOM) was / are not added to the UTF-8 data. If not / granted, there is a possibility that the surrogate pair will be in trouble if the handling of the surrogate pair is illegal.

  In the method of tokenizing data, all or part of the original data is replaced with a random value. Once tokenized, the original data cannot be restored (strictly, the tokenized system holds the mapping table between the original data and the token, so it can be restored. The original data length and character type (full-width / half-width, alphabetic numbers, etc.) cannot be recognized. The original data and the token are in a one-to-one relationship (if the data before the token is different, the token becomes different). In the first place, tokenization is usually applied to data with a fixed data format, such as credit card numbers, but the name and address, which is one of the personal information, use multibyte characters and have a variable length. Therefore, it is difficult to apply tokenization. For example, when the lower three digits of “A001” and “A002” are tokenized, they become “AWXY” and “AXYZ”. In this method, as with masking, the original data cannot be recognized, so that the failure caused by the data cannot be reproduced and the failure cannot be investigated.

  As described above, the related mask method cannot analyze a failure while ensuring security.

(Summary of Invention)
FIG. 1 shows a schematic configuration of a failure analysis system according to the embodiment. As shown in FIG. 1, the failure analysis system according to the embodiment includes an application execution device 1 that executes an application and a failure analysis device 2 that analyzes a failure of the application.

  The application execution device 1 includes a conversion table storage unit 3 and a conversion processing unit 4. The conversion table storage unit 3 stores a conversion table that associates a plurality of pre-conversion information and one post-conversion information. The conversion processing unit 4 converts the failure related information related to the application failure into converted failure related information including the converted information based on the conversion table.

  The failure analysis apparatus 2 includes an inverse conversion table storage unit 5, an inverse conversion processing unit 6, and a failure verification unit 7. The inverse conversion table storage unit 5 stores an inverse conversion table that associates one post-conversion information with a plurality of pre-conversion information. The inverse conversion processing unit 6 inversely converts the converted failure-related information into failure verification information including at least one of a plurality of pre-conversion information based on the inverse conversion table. The failure verification unit 7 verifies the failure of the application based on the reversely converted failure verification information.

  As described above, in the embodiment, the application execution apparatus on the user side converts the failure-related information based on the conversion table that associates a plurality of pieces of pre-conversion information with one post-conversion information, and the failure on the product department side The analysis device converts the failure related information based on the reverse conversion table similar to the conversion table and analyzes the failure. Since one post-conversion information corresponds to a plurality of pre-conversion information, the post-conversion information cannot be restored to specific pre-conversion information, so security can be ensured. Further, since the failure is verified from the failure verification information including a plurality of pieces of pre-conversion information, the failure can be analyzed.

(Embodiment 1)
The first embodiment will be described below with reference to the drawings. In the first embodiment, mask processing is performed using a conversion table obtained by simply dividing a character code area. A character string having a possibility of causing a problem is generated from the data after the mask processing, and data in which a problem occurs due to the brute force is detected within the range of the character string.

  FIG. 2 is a block diagram showing a configuration of the failure investigation system according to the present embodiment. As shown in FIG. 2, the failure investigation system according to the present embodiment investigates a customer environment (application execution device) 10 that is a system that executes an application on the customer (user) side, and a failure that occurs in the customer environment 10. A product department environment (failure analysis device) 20 which is a system for (analysis) is provided.

  The customer environment 10 and the product department environment 20 are composed of one or any number of information processing devices (computers). The customer environment 10 and the product department environment 20 are connected to each other so as to be able to transmit and receive information to each other via a network, for example. In addition, you may transmit required information not only via a network but via a recording medium. Each of the customer environment 10 and the product department environment 20 includes a transmitting unit (providing unit) for transmitting necessary information and a receiving unit (acquiring unit) for receiving information.

  The customer environment 10 includes a database 100, an application 110, a mask processing device 120, and a problem data location notification device 140. The product department environment 20 includes a character string generation / problem identification device 130 and a verification device 134.

  The database 100 is a database that stores customer data. Customer data includes personal information of users (customers) and other information that is not desired to be disclosed to product departments or third parties. The personal information is information related to the individual user, such as name, date of birth, gender, address, telephone number, mail address, and the like. The database 100 provides the stored customer data as user data 101. The user data 101 is a file in which customer data in the database 100 is exported for failure investigation. Customer data may be referred to as user data.

  The application 110 is a system (execution processing unit) that executes an application program in the customer environment 10. When referred to as an application, an application program and an execution processing unit that executes the application program may be included. In the failure investigation system according to the present embodiment, a failure occurring in this application 110 is investigated. The application 110 outputs a log 111 when an application program failure occurs. The log 111 includes information such as the state of the application 110 at the time of failure occurrence, and is information used for failure investigation.

  The mask processing apparatus 120 has a mapping table (mapping table) 123. For example, the mask processing apparatus 120 (customer environment 10) has a mapping table storage unit that stores the mapping table 123 in advance. The mask processing device 120 executes mask processing on the user data 101 and the log 111 based on the mapping table 123. The mask processing device 120 outputs the masked user data 121 and the masked log 122 generated by the mask processing. The mapping table 123 is a conversion table that associates a plurality of pieces of pre-conversion information with one post-conversion information, and the mask processing apparatus 120 converts the user data 101 and the log 111 (failure related information) using this conversion table. Conversion processing unit.

  The mapping table 123 according to the present embodiment is a conversion table (conversion table) for converting a character code into another code for each predetermined range. The mapping table 123 is required for the character codes used by the application 110. For example, when the application 110 uses UTF-8 and Shift_JIS character codes, the UTF-8 mapping table 123 and the Shift_JIS mapping table 123 are required. The mapping table 123 divides the character code in units of a certain number of characters, and defines mapping of the range of the divided character code and the range code (for example, expressed in hexadecimal of 8 bytes) representing the range.

  The character string generation / problem identification device (failure identification unit) 130 has the same mapping table 133 as the mapping table 123 of the customer environment 10. For example, the character string generation / problem identification device 130 (product department environment 20) has a mapping table storage unit that stores the mapping table 133 in advance. The character string generation / problem identification device 130 analyzes the problem of the masked user data 121 and the masked log 122 based on the mapping table 133. The character string generation / problem identification device 130 generates a problem possibility character string 135 based on the mapping table 133, and from the verification result of the verification device 134, the problem data location 131 indicating the position of the data where the problem has occurred and the problem A problem data list 132 including the generated data is generated. The mapping table 133 is an inverse conversion table that correlates one post-conversion information and a plurality of pre-conversion information corresponding to the mapping table 133, and the character string generation / problem identification device 130 uses this reverse conversion table, This is an inverse conversion processing unit that inversely converts the masked user data 121 and the masked log 122 (failure-related information after conversion) into a problem possibility character string 135 (failure verification information).

  The character string generation / problem identification device 130 generates all of the character strings that can be generated from the masked data included in the masked user data 121 and the masked log 122 as the problem possibility character string 135. The problem possibility character string 135 is a character string of M to the (N / 8) th power, where Nbyte is masked data and the number of divided characters defined at the time of mask processing is M characters. The reason why N is divided by 8 is that a masked character string 8 bytes is generated from one character of the original data.

  The verification device 134 automatically verifies (tests) whether a problem occurs in the character string input from the character string generation / problem identification device 130. The verification device 134 receives one character string, determines whether the character string operates normally, and returns OK (no problem) / NG (problem). Since which character string in the problem possibility character string is different in each system, it is necessary to make a verification device 134 for each system. For example, the verification device 134 may be realized in the same environment as the application 110 of the customer environment 10 or may be realized virtually in the same environment as the application 110.

  The problem data location notifying device 140 identifies data with a problem based on the problem data location 131, the problem data list 132, the user data 101, and the log 111, and generates a problem location 141.

  The operation of the failure investigation system according to the present embodiment will be described using the flowchart of FIG.

  First, the mask processing apparatus 120 masks the user data 101 and the log 111 (S101). The mask processing device 120 processes each of the user data 101 and the log 111 one line at a time, and performs mask processing on a value in the case of a mask target attribute set in advance. The mask processing device 120 processes each data of the user data 101 and the log 111 one by one in order from the front (head) to the back of the data, and compares them with the mapping code 123 within the character code range to which the character belongs. Replace with the corresponding range code. Normally, the system determines which character code is used for each attribute, and therefore uses a character code mapping table required by the system for each attribute.

  For example, a mapping table 123 of UTF-8 as shown in FIG. 4 is used. Here, the unit of the number of characters to be divided (included in the range) is 16 (hereinafter also described as 16). In addition, a character code outside the UTF-8 range (cannot be mapped to UTF-8) is defined to be represented by a special range code FFFFFFFF.

  When masking the user data 101 whose character code is UTF-8, the mapping table 123 of FIG. 4 is used. An example of masking the user data 101 as shown in FIG. 5 will be described. The user data 101 has a character code of UTF-8 and includes a user ID (UserID) and address (Address) line for each user. The mask processing device 120 converts the characters in each line of the user data 101 into the range codes in the mapping table 123 in order and performs mask processing.

  According to the mapping table 123 of FIG. 4, when the character “A” is represented by the UTF-8 character code, “41”, the corresponding range code is “00000004”. When the character “0” is represented by the UTF-8 character code, it is “30”, so the corresponding range code is “00000003”. When the character “1” is represented by the UTF-8 character code, it is “31”, and the corresponding range code is “00000003”. Similarly, when mask processing (conversion processing) is performed character by character, masked user data 121 as shown in FIG. 6 is obtained.

  Subsequently, the mask processing apparatus 120 transmits the generated masked user data 121 and the masked log 122 to the character string generation / problem identification apparatus 130 of the product department environment 20 (S102). Note that the masked user data 121 and the masked log 122 are masked data and need not be encrypted.

  Subsequently, the character string generation / problem identification device 130 uses the masked user data 121, the masked log 122, and the verification device 134 to determine which data in the masked user data 121 and the masked log 122 has a problem. (S103). The character string generation / problem identification device 130 acquires a masked character string from the masked user data 121 and the masked log 122, and sequentially processes all the masked character strings. The character string generation / problem identification device 130 generates a problem possibility character string 135 using one masked character string and the mapping table 133.

  For example, if the masked data is “0000000400000003000000000300000003” (32 bytes) and the number of divided characters is 16, 65536 (= 16 ^ (32/8)) character strings are generated. If the character code of this data is UTF-8, the first character “00000004” is one of the character codes 40 to 4F, the second character “00000003” is one of the character codes 30 to 3F, and the third character is “00000003”. Is any one of the character codes 30 to 3F, and the fourth character “00000003” is any one of the character codes 30 to 3F, and a character string is generated with each combination.

  Specific character strings are “@ 000”, “@ 001”,... “O ???>” “O ???”. If the range in which characters are present cannot be narrowed down without applying this embodiment, a character string is generated by combining all the characters held by the character code, so the number of characters in the character code (unicode is 10). 10,000 or more) (N / 8) power. Even if the data is 4 characters, there are combinations of 100,000 4 or more, and it is impossible to find out among them.

  The character string generation / problem identification device 130 passes one character string in the problem possibility character string 135 to the verification device 134, and if the verification device 134 returns NG, the character string that causes a failure in the customer environment 10 And the character string is output to the problem data list 132. Further, the character string generation / problem identification device 130 uses the file name and line number of the masked user data 121 or the masked log 122 in which the masked character string that is the source of the character string that does not operate normally exists as the problem data. Output to location 131. This is performed for all problem possibility character strings 135.

  Subsequently, the character string generation / problem identification device 130 transmits the generated problem data location 131 and the problem data list 132 to the problem data location notification device 140 of the customer environment 10 (S104). Since the problem data list 132 includes personal information and information that is not disclosed, it is necessary to encrypt the communication path.

  Subsequently, the problem data location notifying device 140 notifies the data in which a problem actually occurs using the problem data location 131, the problem data list 132, the user data 101, and the log 111 (S105). The problem data location notifying device 140 identifies which data in the user data 101 and the log 111 has a problem from the file name and line number described in the problem data location 131, and the data is included in the problem data list 132. If so, it is determined that there is a problem data, and the data is output to the problem location 141. The customer (user) can determine the problematic data from the problem part 141.

  Here, the reason why the problem data list 132 is included is to prevent erroneous detection. For example, if there are two pieces of data “AA (no problem)” and “AB (no problem)” in the user data 101, the masked character strings are both “0000000400000004”. Although the character string generation / problem identification device 130 knows that the data having a problem is “AB”, the problem possibility character string 135 generated from the masked character string “AA” includes “AB”. Both the lines “AA” and “AB” are output to the problem data portion 131. If the problem data location notifying device 140 determines only by the line number, “AA” having no problem is also determined to have a problem, so it is necessary to check whether it is included in the problem data list 132.

  As described above, in the present embodiment, it is not necessary to send logs and user data that are not subjected to mask processing from the customer environment to the product department environment for the purpose of troubleshooting. In this embodiment, without sending personal information or information that you do not want to disclose, the product department can reproduce the failure from the masked data, identify the problem data, and present it to the customer it can.

  In the present embodiment, logs and user data subjected to mask processing corresponding to the character code range are sent from the customer environment to the product department environment. From the masked data subjected to the mask processing according to the present embodiment, a plurality of data including data in which a problem actually occurs in the customer environment is generated.

  If it is simply “Generate multiple data including data that actually caused problems in the customer's environment”, even if there is no masked data, it can be generated by combining the characters held in the character code . However, in the case of Unicode, the characters held by the character code exceed 100,000, and the combination of characters becomes the power of 100,000, and it is impossible to find problematic data from them. In the present embodiment, processing can be actually performed by narrowing down the number of a plurality of data including data in which a problem has occurred.

  As described above, all the plurality of data generated from the masked data are checked to determine whether there is a problem. A list of problematic data and the location of the problematic data in the log or user data is sent to the customer environment, and the actual problematic data is identified from this information and presented to the customer. This makes it possible to analyze the problem while ensuring security.

  In some cases, the presented data is passed to the product department for investigation, but even in that case, personal information that is passed to the product department and information that is not disclosed can be minimized. For example, even if it is necessary to continuously investigate the product department environment, providing only problematic data will minimize the provision of personal information and information that you do not want to disclose.

(Embodiment 2)
The second embodiment will be described below with reference to the drawings. Note that description of portions similar to those of the first embodiment is omitted as appropriate. In the second embodiment, mask processing is performed from data that can cause a failure known from past experience (knowledge-based data obtained from past experience) and character characteristics, and data causing a problem is found from this information. .

  FIG. 7 is a block diagram showing a configuration of the failure investigation system according to the present embodiment. As shown in FIG. 7, the failure investigation system according to the present embodiment includes a customer environment 10 and a product department environment 20 as in the first embodiment. The customer environment 10 includes a database 100, an application 110, a mask processing device 120, and a problem data location notification device 140. The product department environment 20 includes a character string generation / problem identification device 130 and a verification device 134. Yes.

  The mapping table 123 according to the present embodiment stores data (learning data including a failure element) that can cause a failure that is known from character characteristics and past experience for performing mask processing.

  By converting the character code into a code indicating character characteristics, it is possible to detect a problem that a character in a range not supported by the application 110 is input and malfunctions. For example, when a half-width alphabet is entered where a half-width number is expected, or when multi-byte is not considered, special characters such as external characters, model-dependent characters, and control characters are entered as shown in FIG. A failure in case can be detected.

  In addition, by converting the character code into a code based on the knowledge obtained from past experience (the code of the failure element that may cause a failure), the character / character string is not properly processed due to a malfunction of the application. If a problem can be detected. For example, when a yen symbol is included or a wave dash is included, it was expected that a byte order mark (BOM) was / are not added to the UTF-8 data. If not / given, it is possible to detect a failure when the surrogate pair handling is illegal. Moreover, the accuracy of problem detection can be increased by increasing the knowledge (learning data) of past experience.

  The mask processing device 120 executes mask processing on the user data 101 and the log 111 based on the mapping table 123. The character string generation / problem identification device 130 generates a problem possibility character string 135 based on the same mapping table 133 as the mapping table 123, and from the verification result of the verification device 134, problem data indicating the position of data where the problem has occurred. Only the location 131 is generated. The problem data location notifying device 140 identifies data with a problem based on the problem data location 131, the user data 101, and the log 111, and generates a problem location 141.

  The operation of the failure investigation system according to the present embodiment will be described using the flowchart of FIG.

  First, the mask processing apparatus 120 masks the user data 101 and the log 111 (S111). The mask processing device 120 processes each data of the user data 101 and the log 111 one by one in order from the front to the back of the data, compares the data with the mapping table 123, and creates a code based on the characteristics and knowledge held by the characters. replace.

  For example, a mapping table 123 as shown in FIGS. 9A to 9C and FIG. 10 is used. 9A to 9C are examples of the character feature mapping table 123, and FIG. 10 is an example of the knowledge mapping table 123 obtained from past experiences. 9B shows the Shift_JIS detailed number in the mapping table 123 of FIG. 9A, and FIG. CB shows the UTF-8 detailed number in the mapping table 123 of FIG. 9A. In the examples of FIGS. 9A to 9C, codes (item numbers and detailed numbers) indicating characterization by character types such as single-byte numerals and single-byte English characters and characterization by the character code system of Shift_JIS and UTF-8 are defined. In the example of FIG. 10, a code (item number) is defined that indicates that the yen sign problem, the wave dash problem, the presence / absence of the byte order mark, and the handling of the surrogate pair are illegal.

  An example of masking the user data 101 as shown in FIG. 11 will be described. The user data 101 has a character code of Shift_JIS and includes a line of a user ID (UserID) and a display device name (displayName). The mask processing device 120 converts the characters of each line of the user data 101 into the code of the item number and the detailed number of the mapping table 123 in order and performs the mask processing. For example, character features are represented by “[]” (square brackets) one character at a time, and when there are multiple characters, they are separated by “,” (comma). In addition, the replacement is performed using the item number and detail number of the mapping table 123. If there are a plurality of replacements, they are separated by “,” (comma).

  According to the mapping table 123 of FIGS. 9A to 9C and FIG. 10, the character “A” is a single-byte alphabetic character, so the corresponding item number and detail number code is “001: 2”, and the character “A” The character code system is “3”, so the corresponding item number and detail number code is “002: 1”. Since the character “table” is a double-byte character type, the corresponding item number and detail number code is “001: 5”, and the character “table” has 41 character code systems. The code of the item number and the detailed number to be performed is “002: 4”, and the character “table” has 5C (yen symbol) in the second byte, so the code of the corresponding item number is “101”. Since the character “circled number 1” is a double-byte character, the corresponding item number and detail number code is “001: 5”, and the character “circled number 1” is a character code system. Is the 13th section, the code of the corresponding item number and detail number is “002: 3”. Similarly, when mask processing is performed for each character and “[]” and “,” are used, the masked user data 121 as shown in FIG. 12 is obtained.

  Subsequently, the mask processing apparatus 120 transmits the generated masked user data 121 and the masked log 122 to the character string generation / problem identification apparatus 130 of the product department environment 20 (S112). Note that the masked user data 121 and the masked log 122 are masked data and need not be encrypted.

  Subsequently, the character string generation / problem identification device 130 uses the masked user data 121, the masked log 122, and the verification device 134 to determine which data in the masked user data 121 and the masked log 122 has a problem. (S103). The character string generation / problem identification device 130 acquires a masked character string from the masked user data 121 and the masked log 122, and sequentially processes all the masked character strings. The character string generation / problem identification device 130 generates a problem possibility character string 135 using one masked character string and the mapping table 133.

  The character string generation / problem identification device 130 generates a character string that can be generated from the masked data included in the masked user data 121 and the masked log 122 as one problem possibility character string 135. The reason is that if a problem occurs when inputting an external character, it can be determined by trying one arbitrary external character. When there are a plurality of characters that satisfy the character characteristics of the masked data, the character string generation / problem identification device 130 acquires the characters at random. For example, from “[001: 5, 002: 4, 101], [001: 5, 002: 4], [001: 5, 002: 4], [001: 5, 002: 3]”, before the mask A character string such as “Hagiwara line 5 (circled number 5)” and “Busy busy” is generated.

  The character string generation / problem identification device 130 passes the problem possibility character string 135 to the verification device 134. When the verification device 134 returns NG, the character string generation / problem identification device 130 determines that the character string causes a failure in the customer environment 10 and masks it. The file name and line number of the masked user data 121 or masked log 122 in which the completed character string exists are output to the problem data location 131.

  Subsequently, the character string generation / problem identification device 130 transmits the generated problem data location 131 to the problem data location notification device 140 of the customer environment 10 (S114). Since the problem data portion 131 is a file name and a line number, it is not necessary to encrypt the communication path.

  Subsequently, the problem data location notifying device 140 notifies the data in which a problem actually occurs using the problem data location 131, the user data 101, and the log 111 (S115). The problem data location notification device 140 identifies which data in the user data 101 and the log 111 has a problem from the file name / line number described in the problem data location 131 and outputs the data to the problem location 141. The customer can determine the problematic data from the problem location 141.

  As described above, in the present embodiment, as in the first embodiment, there is no need for the customer to send personal information or information that the customer does not want to disclose, and the product department reproduces the failure from the masked data and issues Data can be identified.

  Logs and user data subjected to the mask processing according to the present embodiment as described above are sent from the customer environment to the product department environment. In the mask processing according to the present embodiment, is it possible to perform mask processing with information indicating that the data has characteristics or data that may cause a failure, and to correctly process data having these characteristics? Determine if. The location in the log or user data where the problem data is located is sent to the customer environment, and the actual problem data is identified from this information and presented to the customer. This makes it possible to analyze the problem while ensuring security.

  Note that the present invention is not limited to the above-described embodiment, and can be changed as appropriate without departing from the spirit of the present invention.

  Each configuration in the above-described embodiment is configured by hardware and / or software, and may be configured by one piece of hardware or software, or may be configured by a plurality of pieces of hardware or software. Each function (each process) of the customer environment and the product department environment may be realized by a computer having a CPU, a memory, and the like. For example, a failure analysis program for performing the failure analysis method according to the embodiment may be stored in the storage device, and each function may be realized by executing the failure analysis program stored in the storage device by the CPU.

  These programs can be stored using various types of non-transitory computer readable media and supplied to a computer. Non-transitory computer readable media include various types of tangible storage media. Examples of non-transitory computer-readable media include magnetic recording media (for example, flexible disks, magnetic tapes, hard disk drives), magneto-optical recording media (for example, magneto-optical disks), CD-ROMs (Read Only Memory), CD-Rs, CD-R / W and semiconductor memory (for example, mask ROM, PROM (Programmable ROM), EPROM (Erasable PROM), flash ROM, RAM (random access memory)) are included. The program may also be supplied to the computer by various types of transitory computer readable media. Examples of transitory computer readable media include electrical signals, optical signals, and electromagnetic waves. The temporary computer-readable medium can supply the program to the computer via a wired communication path such as an electric wire and an optical fiber, or a wireless communication path.

DESCRIPTION OF SYMBOLS 1 Application execution apparatus 2 Failure analysis apparatus 3 Conversion table storage part 4 Conversion processing part 5 Reverse conversion table storage part 6 Inverse conversion processing part 7 Failure verification part 10 Customer environment 20 Product department environment 100 Database 101 User data 110 Application 111 Log 120 Mask processing device 121 Masked user data 122 Masked log 123 Mapping table 130 Character string generation / problem identification device 131 Problem data location 132 Problem data list 133 Mapping table 134 Verification device 135 Problem possibility character string 140 Problem data location notification device 141 Problem

Claims (10)

A failure analysis system comprising an application execution device that executes an application and a failure analysis device that analyzes a failure of the application,
The application execution device is:
A conversion table storage unit that stores a conversion table that associates a plurality of pieces of pre-conversion information with one post-conversion information;
A conversion processing unit that converts the failure related information related to the failure of the application into converted failure related information including the converted information based on the conversion table;
With
The failure analysis device
An inverse conversion table storage unit that stores an inverse conversion table that associates the one post-conversion information with the plurality of pre-conversion information;
An inverse conversion processing unit configured to inversely convert the failure-related information after the conversion into failure verification information including at least one of the plurality of pre-conversion information based on the inverse conversion table;
A failure verification unit that verifies the failure of the application based on the reversely converted failure verification information;
A failure analysis system. The plurality of pre-conversion information in the conversion table and the reverse conversion table corresponds to a range of character codes used by the application.
The failure analysis system according to claim 1. The post-conversion information in the conversion table and the reverse conversion table is information indicating character characteristics of the plurality of pre-conversion information.
The failure analysis system according to claim 1. The post-conversion information in the conversion table and the reverse conversion table is information indicating that a failure element is included in the character code of the plurality of pre-conversion information.
The failure analysis system according to claim 1. The conversion processing unit converts log information generated by the application when a failure occurs and user information related to a user of the application execution device into the converted failure-related information.
The failure analysis system according to any one of claims 1 to 4. The failure analysis device includes a failure specifying unit that outputs failure location information indicating a location of failure information determined to have a failure as a result of verifying the failure,
The application execution device includes a failure factor detection unit that detects a failure factor based on the failure position information and the failure-related information.
The failure analysis system according to any one of claims 1 to 5. The failure analysis device includes a failure identification unit that outputs failure location information indicating the location of failure information determined to have a failure as a result of verifying the failure, and the failure information,
The application execution device includes a failure factor detection unit that detects a failure factor based on the failure position information, the failure information, and the failure-related information.
The failure analysis system according to any one of claims 1 to 5. A conversion table storage unit that stores a conversion table that associates a plurality of pieces of pre-conversion information with one post-conversion information;
An application execution unit for executing the application;
A conversion processing unit that converts the failure related information related to the failure of the application into converted failure related information including the converted information based on the conversion table;
A providing unit that provides the failure-related information after the conversion to a failure analysis device that analyzes the failure of the application;
An application execution device. An inverse conversion table storage unit for storing an inverse conversion table for associating one post-conversion information with a plurality of pre-conversion information;
An acquisition unit that acquires the converted fault related information obtained by converting the fault related information related to the fault of the application from the application execution device that executes the application;
An inverse conversion processing unit configured to inversely convert the failure-related information after the conversion into failure verification information including at least one of the plurality of pre-conversion information based on the inverse conversion table;
A failure verification unit that verifies the failure of the application based on the reversely converted failure verification information;
A failure analysis apparatus. A failure analysis method in a failure analysis system comprising an application execution device that executes an application and a failure analysis device that analyzes a failure of the application,
The application execution device is:
Storing a conversion table associating a plurality of pre-conversion information and one post-conversion information;
Converting failure related information related to the failure of the application into converted failure related information including the converted information based on the conversion table;
The failure analysis device
Storing an inverse conversion table associating the one post-conversion information and the plurality of pre-conversion information;
The failure-related information after the conversion is inversely converted to failure verification information including at least one of the plurality of pre-conversion information based on the inverse conversion table,
Verifying the failure of the application based on the inversely converted failure verification information;
Failure analysis method.

Images