WO2013168375A1 - セキュリティ設計装置及びセキュリティ設計方法 - Google Patents
セキュリティ設計装置及びセキュリティ設計方法 Download PDFInfo
- Publication number
- WO2013168375A1 WO2013168375A1 PCT/JP2013/002696 JP2013002696W WO2013168375A1 WO 2013168375 A1 WO2013168375 A1 WO 2013168375A1 JP 2013002696 W JP2013002696 W JP 2013002696W WO 2013168375 A1 WO2013168375 A1 WO 2013168375A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- security
- component
- model
- identification information
- change
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Definitions
- the present invention relates to a security design apparatus, a security design method, and a program for determining a system realization method.
- Patent Document 1 discloses an example of a security operation management system.
- the security operation management system of Patent Document 1 includes the following configuration.
- the state rule storage means holds a state rule that defines a desired security state.
- the state transition means determines a target state for the state based on the state rule.
- the action determining means executes an action so as to reach the target state.
- Japanese Patent Application Laid-Open No. 2004-151867 states that a security measure corresponding to a change in the state of the system can be realized comprehensively and consistently by the security operation management system having the above-described configuration.
- Patent Document 2 discloses an example of a security risk management system.
- the security risk management system of Patent Literature 2 includes the following configuration.
- the risk analysis means analyzes information indicating the current system state of the target system using a risk model, and calculates a risk value.
- the measure plan generation unit performs analysis using the risk model and the measure model, and generates some measure plans for reducing the security risk.
- the measure plan selecting means selects a measure plan based on the degree of risk reduction and various restrictions.
- Japanese Patent Laid-Open No. 2004-26853 states that an optimum countermeasure plan can be presented by taking into account various restrictions that occur in the target system by the security risk management system having the above-described configuration.
- the first component is a core component for realizing the security function.
- the second component is a component in which the security function is realized by the first component.
- the function of the first component disappears, for example, when a failure occurs in the first component, or when the first component is maintained.
- Patent Documents 1 and 2 do not specifically assume the disappearance of the constituent elements that are the core of the security function implementation, and therefore cannot generate countermeasures in such a case.
- An object of the present invention is to provide a security design device, a security design method, and a program for solving the above-described problems.
- the security design apparatus receives configuration change information including identification information of a first component included in a target system from the outside, and includes component identification information and a security function related to the security function of the target system From a set of security requirement models including at least one security requirement model record including at least identification information, security function realizing method identification information, and security work element identification information, a security requirement model corresponding to the identification information of the first component is obtained.
- Extracting, outputting, and the component is a core component that realizes the security function of another component in the security function realization method specified by the security function identification information and the security function realization method identification information Using component type information indicating whether or not Result of determining whether or not the first component is a core component that realizes a security function of a second component other than the first component in the extracted security requirement model
- Model change determination means for outputting Information indicating the relationship between the security function identification information, the implementation method, the component type, and the security work element when the result of determination by the model change determination means is that the first component is the core component
- It includes a change model generation unit that generates and outputs a changed security requirement model, which is a security requirement model to be realized, and a work extraction unit that extracts and outputs the security work element for the changed security requirement model.
- the computer receives the configuration change information including the identification information of the first component included in the target system from the outside, and the component identification information related to the security function of the target system.
- Security information corresponding to the identification information of the first component from a set of security requirement models including at least one security requirement model record including at least security function identification information, security function implementation method identification information, and security work element identification information A core configuration that extracts and outputs a requirement model and realizes a security function of another component in a security function realization method specified by the security function identification information and the security function realization method identification information.
- the security function identification information, the implementation method, the component type, and the security work element When the first configuration is used without using the first component for the second component using the information indicating the relationship between the target system and the component information of the target system
- a modified security requirement model which is a security requirement model that realizes the same security function as the above, is generated and output. Extract the Yuriti work element, to output.
- the program recorded on the non-volatile recording medium of the present invention is configured to receive configuration change information including the identification information of the first component included in the target system from the outside and relate to the security function of the target system.
- configuration change information including the identification information of the first component included in the target system from the outside and relate to the security function of the target system.
- the corresponding security requirement model is extracted and output, and the component realizes the security function of the other component in the security function realization method specified by the security function identification information and the security function realization method identification information.
- a modified security requirement model which is a security requirement model that realizes the same security function as the case, is generated and output. Extract the security working element, to execute a process of outputting to the computer.
- the first component (core component) that is the core of the security function realization becomes unusable, it is possible to maintain the security before the disappearance of the core component. There is.
- FIG. 1 is a block diagram showing the configuration of the security design device according to the first embodiment.
- FIG. 2 is a diagram illustrating an example of a security requirement model storage unit in the first embodiment.
- FIG. 3 is a diagram illustrating an example of the component type information in the first embodiment.
- FIG. 4 is a diagram illustrating an example of security function information in the first embodiment.
- FIG. 5 is a diagram illustrating an example of system component information in the first embodiment.
- FIG. 6 is a block diagram illustrating a hardware configuration of a computer that implements the security design device according to the first embodiment.
- FIG. 7 is a flowchart showing an outline of the operation of the security design apparatus according to the first embodiment.
- FIG. 8 is a block diagram illustrating a configuration of a security design device according to the second embodiment.
- FIG. 1 is a block diagram showing the configuration of the security design device according to the first embodiment.
- FIG. 2 is a diagram illustrating an example of a security requirement model storage unit in the first embodiment.
- FIG. 9 is a block diagram illustrating a configuration of a security design device according to the third embodiment.
- FIG. 10 is a diagram illustrating an example of security function information according to the third embodiment.
- FIG. 11 is a block diagram illustrating a configuration of a security design device according to the fourth embodiment.
- FIG. 12 is a flowchart showing an outline of the operation of the security design device according to the fourth embodiment.
- FIG. 13 is a block diagram illustrating a configuration of a security design device according to the fifth embodiment.
- FIG. 14 is a block diagram illustrating a configuration of a security design device according to the sixth embodiment.
- FIG. 15 is a diagram illustrating an example of a changed security requirement model storage unit according to the sixth embodiment.
- FIG. 16 is a diagram illustrating an example of the changed security requirement model storage unit according to the sixth embodiment.
- FIG. 17 is a block diagram illustrating a configuration of a security design device according to the seventh embodiment.
- FIG. 1 is a block diagram showing a configuration of a security design device 100 according to the first embodiment of the present invention.
- the security design device 100 includes a model change determination unit 110, a change model generation unit 120, and a work extraction unit 130. Note that the components shown in FIG. 1 are not hardware components but functional units.
- the configuration change information includes identification information of the first component included in the target system.
- the configuration change information is information indicating that the operation configuration of the target system has been changed (for example, one of the devices configuring the target system has stopped).
- the configuration change information may be information indicating that the operation configuration of the target system is changed.
- the target system is a target of security design by the security design apparatus 100 of the present embodiment.
- the model change determination unit 110 extracts a security requirement model corresponding to the identification information of the first component from the set of security requirement models and outputs it.
- the security requirement model defines requirements for realizing the security function corresponding to each of one or more security functions in the target system.
- FIG. 2 is a diagram illustrating an example of the security requirement model 810.
- the security requirement model 810 includes one or more security requirement model records 811.
- the security requirement model record 811 includes at least a component identifier, a function name, an implementation method name, and a security work element name related to the security function of the target system.
- the component identifier is an identifier of a component related to the security requirement model.
- the function name is identification information that identifies the security function defined by the security requirement model.
- the function name is also called security function identification information.
- the implementation method name is identification information that identifies the implementation method that realizes the security function defined by the security requirement model.
- the implementation method name is also called security function implementation method identification information.
- the security work element name is identification information for identifying the work element when the security function specified by the function name is realized by the implementation method specified by the implementation method name.
- the security work element name is also called security work element identification information.
- the work element includes a security element identified by the function name and a work element corresponding to the implementation method identified by the implementation method name, and a work element corresponding to the component indicated by the component identifier. .
- the work element “C2” is used for adding an authentication domain or for identifying and authenticating an AP server in order to add or change an AP (Application Server) server (not shown) to the authentication server (not shown). For example, information registration.
- AP Application Server
- the work element “P-A2” is used to set the authentication server IP (Internet Protocol) address to the AP server, and to authenticate the AP server when changing from local authentication to LDAP (Lightweight Directory Access Protocol) authentication. For example, domain settings.
- IP Internet Protocol
- LDAP Lightweight Directory Access Protocol
- the model change determination unit 110 determines whether the first component is a core component in the extracted security requirement model using the component type information.
- the core component is a component that realizes the security function of the second component other than the first component.
- the model change determination part 110 outputs the determined result.
- the component type information indicates whether or not a specific component is a core component that realizes the security function of another component in a specific implementation method of a specific security function.
- FIG. 3 is a diagram showing an example of the component type information 820.
- the component type information 820 includes at least a component type identifier, a function name, an implementation method name, and a core flag.
- the component type information 820 includes a security work element name corresponding to the component type identifier.
- the configuration element type information 820 including the security work element name is a part of information indicating the relationship between the security function identification information, the implementation method, the configuration element type, and the security operation element.
- the component type identifier indicates the type of the component.
- the component identifier for example, AP server 11
- the security design device 100 can associate the component identifier of FIG. 2 with the component type identifier of FIG.
- the correspondence relationship between the constituent element identifier in FIG. 2 and the constituent element type identifier in FIG. 3 does not depend on the above, and for example, the constituent element type identifier may be included in the security requirement model record.
- a correspondence table between the constituent element identifiers of FIG. 2 and the constituent element type identifiers of FIG. 3 may be held in a means (not shown).
- the function name and the implementation method name are the same as the function name and the implementation method name shown in FIG.
- the core flag indicates whether or not the constituent element of the type indicated by the constituent element type identifier is a core constituent element in the security function implementation method specified by the function name and the implementation method name.
- the core component is a component that realizes the security function of other components.
- the core flag indicates “is a core component” when “1”, and indicates “no” when “0”.
- the security work element name indicates a work element corresponding to the type of component indicated by the component type identifier.
- the changed security requirement model is a security requirement model that realizes the same security function as in the case of using the first configuration without using the first configuration element for the second configuration element.
- FIG. 4 is a diagram illustrating an example of the security function information 830.
- the security function information 830 indicates one or more component type identifiers corresponding to the function name and the implementation method name.
- the security function information 830 indicates the security work element name corresponding to the function name and the implementation method name. That is, the security function information 830 is a part of information indicating the relationship between the security function identification information, the implementation method, the component type, and the security work element.
- the function name and the implementation method name are the same as the function name and the implementation method name shown in FIG.
- the component type designates the component type identifier shown in FIG.
- FIG. 5 is a diagram showing an example of information on components of the target system.
- the system component information 840 includes at least a component identifier and status information.
- the component identifier is the same as the component identifier shown in FIG.
- the status information flag indicates whether the component indicated by the component identifier is in an operating state (usable) or stopped (unusable).
- FIG. 6 is a diagram illustrating a hardware configuration of a computer 700 that implements the security design device 100 according to the present embodiment.
- the CPU 701 controls the overall operation of the computer 700 by operating an operating system (not shown).
- the CPU 701 reads a program and data from a recording medium 707 mounted on the storage device 703, for example, and writes the read program and data to the storage unit 702.
- the program is, for example, a program that causes the computer 700 to execute an operation of a flowchart shown in FIG.
- the CPU 701 executes various processes as the model change determination unit 110, the change model generation unit 120, and the work extraction unit 130 illustrated in FIG. 1 according to the read program and based on the read data.
- the CPU 701 may download a program or data to the storage unit 702 from an external computer (not shown) connected to a communication network (not shown).
- the storage unit 702 stores programs and data.
- the storage unit 702 may store a security requirement model 810, component type information 820, security function information 830, system component information 840, and security work elements extracted by the work extraction unit 130.
- the storage device 703 is, for example, an optical disk, a flexible disk, a magnetic optical disk, an external hard disk, and a semiconductor memory, and includes a recording medium 707.
- the storage device 703 records the program so that it can be read by a computer. Further, the storage device 703 may record data so as to be readable by a computer.
- the storage device 703 may store a security requirement model 810, component type information 820, security function information 830, and system component information 840.
- the input unit 704 is realized by, for example, a mouse, a keyboard, a built-in key button, and the like, and is used for an input operation.
- the input unit 704 is not limited to a mouse, a keyboard, and a built-in key button, and may be a touch panel, an accelerometer, a gyro sensor, a camera, or the like.
- the output unit 705 is realized by a display, for example, and is used for confirming the output.
- the output unit 705 may be included as a part of the work extraction unit 130 and display a security work element.
- the communication unit 706 implements an interface with an external device and an external system (for example, a target system).
- the communication unit 706 is included as a part of the model change determination unit 110 and receives the configuration change information.
- the communication unit 706 may receive the security requirement model 810, the component type information 820, the security function information 830, and the system component information 840. Further, the communication unit 706 may be included as a part of the work extraction unit 130 and transmit the extracted security work element.
- the functional unit block of the security design device 100 shown in FIG. 1 is realized by the computer 700 having the hardware configuration shown in FIG.
- the means for realizing each unit included in the computer 700 is not limited to the above.
- the computer 700 may be realized by one physically coupled device, or may be realized by two or more physically separated devices connected by wire or wirelessly and by a plurality of these devices. .
- the recording medium 707 in which the above-described program code is recorded may be supplied to the computer 700, and the CPU 701 may read and execute the program code stored in the recording medium 707.
- the CPU 701 may store the code of the program stored in the recording medium 707 in the storage unit 702, the storage device 703, or both. That is, the present embodiment includes an embodiment of a recording medium 707 that stores a program (software) executed by the computer 700 (CPU 701) temporarily or non-temporarily.
- FIG. 7 is a flowchart showing the operation of this embodiment. Note that the processing according to this flowchart may be executed based on the program control by the CPU 701 described above. Further, the step name of the process is described by a symbol as in S601.
- the model change determination unit 110 receives the configuration change information (for example, “authentication server 1: stop”) (S601).
- the model change determination unit 110 extracts and outputs a security requirement model corresponding to the identification information (for example, “authentication server 1”) of the component included in the configuration change information (S602).
- the “identification information of the component included in the configuration change information” is hereinafter referred to as change component identification information.
- the security requirement model is, for example, a security requirement model 810 including a security requirement model record 811 of the authentication server 1 shown in FIG.
- the model change determination unit 110 refers to the component type information (for example, the component type information 820 shown in FIG. 3), and determines whether or not the component indicated by the changed component identification information is a core component. Is determined from the core flag, and the determination result is output (S603).
- the model change determination unit 110 refers to the component type information 820 illustrated in FIG. 3, and the component indicated by “authentication server 1” (that is, the corresponding component type identifier “authentication server”) is the core. It is determined that it is a component. Then, the model change determination unit 110 outputs a determination result (for example, “authentication server 1: core configuration information”).
- the change model generation unit 120 uses the security function information 830 and the system component information 840 to generate and output a change security requirement model (S604). Note that the change model generation unit 120 may not perform any processing when the determination result output from the model change determination unit 110 is “No”.
- the change model generation unit 120 refers to the security function information 830 and acquires a record 831 including the same function name as the function name included in the security requirement model 810.
- the change model generation unit 120 refers to the system component information 840, the determination result is “authentication server 1: core configuration information”, and the record 831 is a component of “authentication server” as its component type. It is determined that the type identifier is included, and a record 841 whose component identifier is “authentication server 1” and whose status information is “driving” (that is, other than “authentication server 1 ⁇ U>) ⁇ / U>) is obtained. To do.
- the change model generation unit 120 changes the “authentication server 1” of the component identifier included in the security requirement model 810 to “ A modified security requirement model replaced with “authentication server 2” is generated.
- the change model generation unit 120 outputs the generated change security requirement model.
- the change model generation unit 120 refers to the security function information 830 and acquires a record 832 including the same function name as the function name included in the security requirement model 810.
- the change model generation unit 120 determines that the component identifier from the security requirement model 810 is “authentication server 1”.
- a modified security requirement model is generated by deleting the security requirement model record 811.
- the change model generation unit 120 changes the realization method name of the change security requirement model to “local authentication” based on the realization method name included in the record 832 being “local authentication”. Generate a model.
- the change model generation unit 120 replaces “C2” of the security work element name of the changed security requirement model with “C1”. Generate a modified security requirement model.
- the changed model generation unit 120 refers to the component type information 820 based on the replacement of the implementation method name, the component type identifier is “AP server”, the function name is “identification authentication”, and The security method element name “P-A1” corresponding to the implementation method name “local authentication” is extracted. Subsequently, the change model generation unit 120 generates a change security requirement model in which the security work element name “PA2” of the change security requirement model is replaced with the extracted security work element name “PA1”. To do.
- the change model generation unit 120 outputs the change security requirement model.
- the change model generation unit 120 may acquire necessary information by an arbitrary method and generate a change security requirement model. Accordingly, the identification information of the security function, the implementation method, the information indicating the relationship between the component type and the security work element, and the information on the component of the target system may be held or provided in an arbitrary format.
- the security design device 100 may hold the system component information in the storage unit 702.
- the model change determination unit 110 may update the state information based on the received configuration change information.
- the changed model generation unit 120 may output information indicating the generation failure of the changed security requirement model.
- the failure to generate the changed security requirement model occurs, for example, when the record 831 including the same function name as the function name included in the security requirement model 810 cannot be acquired.
- the work extraction unit 130 confirms whether the result determined by the model change determination unit 110 is “is a core component” or “not” (S605).
- the work extraction unit 130 extracts and outputs the security work element included in the changed security requirement model. (S606). Then, the process ends.
- the security design device 100 receives, for example, configuration change information from a monitoring device (not shown) that monitors the operating status of each component of the target system, and sends it to a configuration control device (not shown) that controls the configuration of the target system.
- the extracted security work element is output.
- the configuration control device adds an authentication domain for newly adding or changing an AP (Application Server) server (not shown) to the authentication server (not shown) based on the received security work element. Registration and authentication information of the AP server may be registered. Also, the configuration control device sets the IP address of the authentication server to the AP server based on the received security work element, and sets the authentication domain to the AP server when changing from local authentication to LDAP authentication. You can go.
- AP Application Server
- the security design device 100 may output the extracted security work element to the output unit 705.
- the operator may perform each setting work based on the security work element.
- the security design device 100 receives the configuration change information from the input unit 704 and displays the extracted security work elements on the output unit 705. In this case, the security design device 100 may output either or both of the security requirement model 810 and the changed security requirement model. Further, the security design device 100 may output information “whether or not it is a core component” that is a result of determination by the model change determination unit 110.
- the first effect of the present embodiment described above is that even when the first component that is the core of the security function realization becomes unusable, it is possible to maintain the security before the disappearance of the core component. It is a point.
- model change determination unit 110 determines whether or not the first component is the core component, the change model generation unit 120 generates the change security requirement model, and the work extraction unit 130 This is because the security work elements are extracted and output.
- the second effect of the present embodiment described above is that security maintenance can be automated.
- the security design device 100 receives the configuration change information from the monitoring device that monitors the operating status of each component of the target system, and the extracted security work is sent to the configuration control device that controls the configuration of the target system. This is because the element is output.
- the configuration control device receives the security work element and can add and change various settings.
- the third effect of the present embodiment described above is that it becomes possible to verify the reliability of security maintenance in the target system.
- the work extraction unit 130 outputs the security work element, and when the changed security requirement model cannot be generated, the changed model generation unit This is because the information 120 indicates that the changed security requirement model generation failure has been output.
- FIG. 8 is a block diagram showing a configuration of the security design device 102 according to the second exemplary embodiment of the present invention.
- the security design device 102 according to the second embodiment includes a change model generation unit 122 instead of the change model generation unit 120 as compared to the security design device 100 according to the first embodiment.
- the change model generation unit 122 of the present embodiment generates a change security requirement model having a definition different from that of the change model generation unit 120 when the result determined by the model change determination unit 110 is “core component”.
- the changed security requirement model is a security requirement model that realizes a security function for the second component without using the first component.
- the security function is the same security function as that in the case of using the first component by the same implementation method as in the case of using the first component.
- the change model generation unit 122 refers to the security function information 830 and records 831 including the function name identical to the function name included in the security requirement model 810 and the implementation method name indicating the same implementation method. To get.
- the change model generation unit 122 does not acquire the record 832 illustrated in FIG. 4 when the security requirement model 810 and the determination result (for example, “authentication server 1: core configuration information”) are received.
- the operation of the modified model generation unit 122 other than the above is the same as the operation of the modified model generation unit 120.
- the effect of the present embodiment described above is the same as that before the disappearance of the core component even when the first component that is the core of the security function realization becomes unusable.
- the security can be maintained by the same implementation method.
- the reason is that the change model generation unit 122 uses the first configuration for the second component, using the first configuration without using the first component, according to the same implementation method as when using the first configuration. This is because a modified security requirement model that realizes the same security function as that in the case of generating is generated.
- FIG. 9 is a block diagram showing the configuration of the security design apparatus 103 according to the third embodiment of the present invention.
- the security design device 103 according to the third embodiment includes a change model generation unit 123 instead of the change model generation unit 120 as compared to the security design device 100 according to the first embodiment.
- the changed security requirement model is a security requirement model that realizes a security function for the second component.
- the security function is executed without using the first component, and the security level is a specific range with respect to the security level when the first configuration is used, and the first configuration is used. Is the same security function.
- FIG. 10 is a diagram showing an example of the security function information 850 in the present embodiment.
- the security function information 850 further includes a security level corresponding to the function name and the implementation method name.
- the security level is, for example, a natural number of 1 or more, and the higher the security level, the higher the security level (the stronger the security). Regardless of the above, the security level may be any expression (for example, “high, medium, low”).
- the change model generation unit 123 refers to the security function information 850 and acquires the record 851.
- the record 851 includes a function name that is the same as the function name included in the security requirement model 810 and a security level value that is equal to or greater than the security level value of the security requirement model 810.
- the change model generating unit 123 sets the security level of the record 851 including the component type identifier corresponding to the function name, the implementation method name, and the component identifier of the security requirement model 810, and the security level of the security requirement model 810. Value of level.
- the change model generation unit 123 does not acquire the record 852 when the security requirement model 810 and the determination result (for example, “authentication server 1: core configuration information”) are received.
- the change model generation unit 123 refers to the security function information 830, and the difference between the function name identical to the function name included in the security requirement model 810 and the security level value of the security requirement model 810 is “2”.
- the record 851 including the following security level values may be acquired.
- the change model generation unit 123 may acquire the record 852 when receiving the security requirement model 810 and the determination result (for example, “authentication server 1: core configuration information”).
- the operation of the modified model generation unit 123 other than the above is the same as the operation of the modified model generation unit 120.
- the effect of the present embodiment described above is the same as that before the disappearance of the core component even when the first component that is the core of the security function realization becomes unusable.
- the security level can be maintained in a specific range with respect to the security level when the first configuration is used.
- the change model generation unit 123 does not use the first component, and the security level is within a specific range with respect to the security level when the first configuration is used. This is because the changed security requirement model that realizes the same security function as that in the case of using the first configuration is generated.
- FIG. 11 is a block diagram showing a configuration of the security design device 104 according to the fourth exemplary embodiment of the present invention.
- the security design device 104 further includes an alternative model generation unit 144 as compared with the security design device 100 according to the first embodiment. Further, the security design device 104 includes a work extraction unit 134 instead of the work extraction unit 130 as compared to the security design device 100 of the first embodiment.
- the alternative model generation unit 144 uses the system component information 840 to determine an alternative security requirement model. Generate and output.
- the alternative security requirement model is a security requirement model in which the first component (for example, the AP server 11) is replaced with an alternative component (for example, the AP server 13).
- FIG. 12 is a flowchart showing the operation of the present embodiment. Note that the processing according to this flowchart may be executed based on the program control by the CPU 701 described above. Further, the step name of the process is described by a symbol as in S601.
- step S601 to step S604 is the same as the operation shown in FIG.
- the alternative model generation unit 144 uses the system component information 840 based on the received determination result to generate and output the changed security requirement model (S614).
- the alternative model generation unit 144 may not perform any processing when the determination result output by the model change determination unit 110 is “core component”.
- the work extraction unit 134 confirms whether the result determined by the model change determination unit 110 is “core component” or “no” (S615).
- the work extraction unit 134 extracts and outputs the security work element included in the changed security requirement model. (S616). Then, the process ends.
- the work extraction unit 134 extracts and outputs the security work element included in the alternative change security requirement model. (S617). Then, the process ends.
- the effect of the present embodiment described above is that the security work element is extracted for the first component even when the first component is not the core component. However, it is possible to output.
- the reason is that the alternative model generation unit 144 generates an alternative security requirement model, and the work extraction unit 134 extracts and outputs the security work element included in the alternative security requirement model.
- FIG. 13 is a block diagram showing the configuration of the security design device 105 according to the fifth exemplary embodiment of the present invention.
- the security design device 105 in the present embodiment further includes a model difference extraction unit 155 as compared with the security design device 100 in the first embodiment.
- the security design device 105 may include a work extraction unit 134 instead of the work extraction unit 130.
- the model difference extraction unit 155 extracts and outputs the difference between the security work element extracted by the work extraction unit 134 and the security work element of the security requirement model 810 extracted by the model change determination unit 110. You may do it. That is, the model difference extraction unit 155 may extract and output a difference in security work elements between the changed security requirement model, the alternative security requirement model, and the security requirement model 810.
- the effect of the present embodiment described above is that, in addition to the effect of the first embodiment, the process of returning from the changed security requirement model and the alternative security requirement model to the security requirement model 810 can be facilitated. .
- model difference extraction unit 155 extracts and outputs the difference in the security work element between the changed security requirement model and the alternative security requirement model and the security requirement model 810.
- FIG. 14 is a block diagram showing a configuration of the security design device 106 according to the sixth exemplary embodiment of the present invention.
- the security design device 106 includes a change model generation unit 126 instead of the change model generation unit 120, as compared with the security design device 100 according to the first embodiment.
- the change model generation unit 126 generates the first change security requirement model and the second change security requirement model in the same manner as the change model generation unit 120.
- FIG. 15 is a diagram illustrating an example of the first changed security requirement model 861.
- FIG. 16 is a diagram illustrating an example of the second changed security requirement model 862.
- the change model generation unit 126 indicates that of the security function information 850 shown in FIG. Based on the security level, the first changed security requirement model 861 is selected and output.
- the change model generation unit 126 of the first change security requirement model 861 Based on the fact that the number of components is 3 and the number of components of the second changed security requirement model 862 is 2, the second changed security requirement model 862 is selected.
- the requirement application determination rule may be any rule regardless of the above example. Further, the security design device 106 may select a changed security requirement model by using a plurality of requirement application determination rules in order of priority.
- the security design device 106 holds a requirement application determination rule in advance. Further, the security design device 106 may acquire the requirement application determination rule from the input unit 704.
- the reason is that the change model generation unit 126 generates a plurality of change security requirement models, selects one change security requirement model from the generated plurality of change security requirement models based on the requirement application determination rule, and outputs the change security requirement model. It is because it tried to do.
- FIG. 17 is a block diagram showing the configuration of the security design apparatus 107 according to the seventh embodiment of the present invention.
- the security design device 107 includes a model change determination unit 110, a changed model generation unit 120, a work extraction unit 130, an alternative model generation unit 144, and a model difference extraction unit 155.
- the security design device 107 further includes a security requirement model storage unit 181, a component type information storage unit 182, a security function information storage unit 183, and a system component information storage unit 184.
- the security requirement model storage unit 181, the component type information storage unit 182, the security function information storage unit 183, and the system component information storage unit 184 may include the storage unit 702 or the storage device 703.
- the model change determination unit 110 is the same as the model change determination unit 110 shown in FIG.
- the change model generation unit 120 is the same as the change model generation unit 120 illustrated in FIG.
- the work extraction unit 130 is the same as the work extraction unit 130 illustrated in FIG.
- the alternative model generation unit 144 is the same as the alternative model generation unit 144 shown in FIG.
- the model difference extraction unit 155 is the same as the model difference extraction unit 155 shown in FIG.
- the security requirement model storage unit 181 stores a security requirement model 810.
- the component element type information storage unit 182 stores component element type information 820.
- the security function information storage unit 183 stores security function information 830.
- the system component information storage unit 184 stores system component information 840.
- the security design device 107 includes a change model generation unit 122 shown in FIG. 8, a change model generation unit 123 shown in FIG. 9, or a change model generation unit 126 shown in FIG. 14 instead of the change model generation unit 120. Also good. Further, the security design device 107 may include a work extraction unit 134 instead of the work extraction unit 130.
- each component described in each of the above embodiments does not necessarily need to be an independent entity.
- each component may be realized as a module with a plurality of components.
- each component may be realized by a plurality of modules.
- Each component may be configured such that a certain component is a part of another component.
- Each component may be configured such that a part of a certain component overlaps a part of another component.
- each component and a module that realizes each component may be realized by hardware if necessary. Moreover, each component and the module which implement
- the program is provided by being recorded on a non-volatile computer-readable recording medium such as a magnetic disk or a semiconductor memory, and is read by the computer when the computer is started up.
- the read program causes the computer to function as a component in each of the above-described embodiments by controlling the operation of the computer.
- a plurality of operations are not limited to being executed at different timings. For example, another operation may occur during the execution of a certain operation, or the execution timing of a certain operation and another operation may partially or entirely overlap.
- each of the embodiments described above it is described that a certain operation becomes a trigger for another operation, but the description does not limit all relationships between the certain operation and other operations. For this reason, when each embodiment is implemented, the relationship between the plurality of operations can be changed within a range that does not hinder the contents.
- the specific description of each operation of each component does not limit each operation of each component. For this reason, each specific operation
- movement of each component may be changed in the range which does not cause trouble with respect to a functional, performance, and other characteristic in implementing each embodiment.
- the present invention can be applied to an apparatus that supports formulation, verification, evaluation, and improvement in information system security design.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
Description
前記モデル変更判定手段が判定した結果が前記第1の構成要素は前記中核構成要素であるの場合に、前記セキュリティ機能の識別情報と実現方式と構成要素種別とセキュリティ作業要素との関係を示す情報と、前記対象システムの構成要素の情報とを利用し、前記第2の構成要素について、前記第1の構成要素を使用することなく、前記第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである、変更セキュリティ要件モデルを生成し、出力する変更モデル生成手段と、前記変更セキュリティ要件モデルについて前記セキュリティ作業要素を抽出し、出力する作業抽出手段と、を含む。
図1は、本発明の第1の実施形態に係るセキュリティ設計装置100の構成を示すブロック図である。
モデル変更判定部110は、構成変化情報を外部から受信する。その構成変化情報は、対象システムに含まれる第1の構成要素の識別情報を含む。その構成変化情報は、その対象システムの運用構成の変更(例えば、対象システムを構成する装置の一つが停止)したことを示す情報である。尚、その構成変化情報は、その対象システムの運用構成の変更することを示す情報であってもよい。ここで、その対象システムは、本実施形態のセキュリティ設計装置100による、セキュリティ設計の対象である。
ここで、セキュリティ要件モデルについて説明する。セキュリティ要件モデルは、対象システムにおける1以上のセキュリティ機能のそれぞれに対応して、そのセキュリティ機能を実現するための要件を定義する。
モデル変更判定部110に戻って、説明する。
ここで、その構成要素種別情報について説明する。
変更モデル生成部120は、モデル変更判定部110が判定した結果が「中核構成要素である(第1の構成要素は中核構成要素である)」の場合に、セキュリティ機能情報と、対象システムの構成要素の情報とを利用し、変更セキュリティ要件モデルを生成する。そして、変更モデル生成部120は、その生成した変更セキュリティ要件モデルを出力する。ここで、その変更セキュリティ要件モデルは、第2の構成要素について、第1の構成要素を使用することなく、第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである。
作業抽出部130は、変更モデル生成部120が生成した変更セキュリティ要件モデルについて、そこに含まれるセキュリティ作業要素を抽出し、出力する。
変更モデル生成部120は、セキュリティ機能情報830を参照し、セキュリティ要件モデル810に含まれるその機能名と同一の機能名を含むレコード831を取得する。
変更モデル生成部120は、セキュリティ機能情報830を参照し、セキュリティ要件モデル810に含まれるその機能名と同一の機能名を含むレコード832を取得する。
次に、本発明の第2の実施形態について図面を参照して詳細に説明する。以下、本実施形態の説明が不明確にならない範囲で、前述の説明と重複する内容については説明を省略する。
本実施形態の変更モデル生成部122は、モデル変更判定部110が判定したその結果が「中核構成要素である」の場合に、変更モデル生成部120と異なる定義の変更セキュリティ要件モデルを生成する。その変更セキュリティ要件モデルは、第2の構成要素について、第1の構成要素を使用することなく、セキュリティ機能を実現する、セキュリティ要件モデルである。そのセキュリティ機能は、第1の構成要素を使用する場合と同一の実現方式による、第1の構成要素を使用する場合と同一のセキュリティ機能である。
次に、本発明の第3の実施形態について図面を参照して詳細に説明する。以下、本実施形態の説明が不明確にならない範囲で、前述の説明と重複する内容については説明を省略する。
本実施形態の変更モデル生成部123は、モデル変更判定部110が判定した結果が「中核構成要素である」の場合に、変更モデル生成部120と異なる定義の変更セキュリティ要件モデルを生成する。その変更セキュリティ要件モデルは、第2の構成要素について、セキュリティ機能を実現する、セキュリティ要件モデルである。そのセキュリティ機能は、第1の構成要素を使用することなく実行され、セキュリティレベルが第1の構成を使用する場合のセキュリティレベルに対して特定の範囲であって、第1の構成を使用する場合と同一のセキュリティ機能である。
次に、本発明の第4の実施形態について図面を参照して詳細に説明する。以下、本実施形態の説明が不明確にならない範囲で、前述の説明と重複する内容については説明を省略する。
代替モデル生成部144は、モデル変更判定部110が判定した結果が「否(第1の構成要素が中核構成要素でない)」の場合に、システム構成要素情報840を利用し、代替セキュリティ要件モデルを生成し、出力する。その代替セキュリティ要件モデルは、第1の構成要素(例えば、APサーバ11)を代替用の構成要素(例えば、APサーバ13)に置き換えたセキュリティ要件モデルである。
作業抽出部134は、モデル変更判定部110が判定した結果が「中核構成要素である」の場合に、その変更セキュリティ要件モデルについて、そこに含まれるそのセキュリティ作業要素を抽出し、出力する。また、作業抽出部134は、モデル変更判定部110が判定した結果が「否」の場合に、その代替セキュリティ要件モデルについて、そこに含まれるそのセキュリティ作業要素を抽出し、出力する。
次に、本発明の第5の実施形態について図面を参照して詳細に説明する。以下、本実施形態の説明が不明確にならない範囲で、前述の説明と重複する内容については説明を省略する。
モデル差異抽出部155は、作業抽出部130が抽出したそのセキュリティ作業要素と、モデル変更判定部110が抽出したそのセキュリティ要件モデル810のそのセキュリティ作業要素との差異を抽出し、出力する。即ち、モデル差異抽出部155は、変更セキュリティ要件モデルとセキュリティ要件モデル810とのそのセキュリティ作業要素の差異を抽出し、出力する。
次に、本発明の第6の実施形態について図面を参照して詳細に説明する。以下、本実施形態の説明が不明確にならない範囲で、前述の説明と重複する内容については説明を省略する。
変更モデル生成部126は、複数の変更セキュリティ要件モデルを生成し、要件適用判断規則に基づいて、その生成した複数の変更セキュリティ要件モデルから1つの変更セキュリティ要件モデルを選択し、出力する。
次に、本発明の第7の実施形態について図面を参照して詳細に説明する。以下、本実施形態の説明が不明確にならない範囲で、前述の説明と重複する内容については説明を省略する。
102 セキュリティ設計装置
103 セキュリティ設計装置
104 セキュリティ設計装置
105 セキュリティ設計装置
106 セキュリティ設計装置
107 セキュリティ設計装置
110 モデル変更判定部
120 変更モデル生成部
122 変更モデル生成部
123 変更モデル生成部
126 変更モデル生成部
130 作業抽出部
134 作業抽出部
144 代替モデル生成部
155 モデル差異抽出部
181 セキュリティ要件モデル記憶部
182 構成要素種別情報記憶部
183 セキュリティ機能情報記憶部
184 システム構成要素情報記憶部
700 コンピュータ
701 CPU
702 記憶部
703 記憶装置
704 入力部
705 出力部
706 通信部
707 記録媒体
810 セキュリティ要件モデル
811 セキュリティ要件モデルレコード
820 構成要素種別情報
830 セキュリティ機能情報
831 レコード
832 レコード
840 システム構成要素情報
841 レコード
850 セキュリティ機能情報
851 レコード
852 レコード
861 変更セキュリティ要件モデル
862 変更セキュリティ要件モデル
Claims (8)
- 対象システムに含まれる第1の構成要素の識別情報を含む、構成変化情報を外部から受信し、
前記対象システムのセキュリティ機能に関連する、構成要素識別情報とセキュリティ機能識別情報とセキュリティ機能実現方式識別情報とセキュリティ作業要素識別情報とを少なくとも含むセキュリティ要件モデルレコードを1以上含むセキュリティ要件モデルの集合から、前記第1の構成要素の識別情報に対応するセキュリティ要件モデルを抽出し、出力し、
構成要素が、前記セキュリティ機能識別情報及び前記セキュリティ機能実現方式識別情報で特定されるセキュリティ機能の実現方式における、他の構成要素のセキュリティ機能を実現する、中核構成要素であるか否かを示す構成要素種別情報を利用して、前記第1の構成要素が、前記抽出したセキュリティ要件モデルにおいて、前記第1の構成要素以外の第2の構成要素のセキュリティ機能を実現する中核構成要素であるか否かを判定し、判定した結果を出力するモデル変更判定手段と、
前記モデル変更判定手段が判定した結果が前記第1の構成要素は前記中核構成要素であるの場合に、前記セキュリティ機能の識別情報と実現方式と構成要素種別とセキュリティ作業要素との関係を示す情報と、前記対象システムの構成要素の情報とを利用し、前記第2の構成要素について、前記第1の構成要素を使用することなく、前記第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである、変更セキュリティ要件モデルを生成し、出力する変更モデル生成手段と、
前記変更セキュリティ要件モデルについて前記セキュリティ作業要素を抽出し、出力する作業抽出手段と、
を含むセキュリティ設計装置。 - 前記変更モデル生成手段は、前記第1の構成を使用する場合と同一の実現方式により前記第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである、変更セキュリティ要件モデルを生成し、出力する
ことを特徴とする請求項1記載のセキュリティ設計装置。 - 前記セキュリティ機能情報は、前記セキュリティ機能の識別情報と前記実現方式と前記構成要素種別と前記セキュリティ作業要素とセキュリティの高さを示すセキュリティレベルとの関係を示し、
前記変更モデル生成手段は、前記セキュリティレベルが前記第1の構成を使用する場合のセキュリティレベルに対して特定の範囲であって、前記第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである、変更セキュリティ要件モデルを生成し、出力する
ことを特徴とする請求項1または2記載のセキュリティ設計装置。 - 前記モデル変更判定手段が判定した結果が前記否の場合に、前記対象システムの構成要素の情報を利用し、前記第1の構成要素を代替用の構成要素に置き換えたセキュリティ要件モデルである、代替セキュリティ要件モデルを生成し、出力する代替モデル生成手段を更に含み、
前記作業抽出手段は、前記モデル変更判定手段が判定した結果が前記第1の構成要素は前記中核構成要素であるの場合に前記変更セキュリティ要件モデルについて、及び前記結果が否の場合に前記代替セキュリティ要件モデルについて、前記セキュリティ作業要素を抽出し、出力する
ことを特徴とする請求項1乃至3のいずれか1項に記載のセキュリティ設計装置。 - 前記変更セキュリティ要件モデル及び前記代替セキュリティ要件モデルと、前記モデル変更判定手段が抽出したセキュリティ要件モデルと、のセキュリティ作業要素の差異を抽出し、出力するモデル差異抽出手段を更に含む、
ことを特徴とする請求項1乃至4のいずれか1項に記載のセキュリティ設計装置。 - 前記変更モデル生成手段は、複数の前記変更セキュリティ要件モデルを生成し、要件適用判断規則に基づいて、前記複数の変更セキュリティ要件モデルから1つの変更セキュリティ要件モデルを選択し、出力する
ことを特徴とする請求項1乃至5のいずれか1項に記載のセキュリティ設計装置。 - コンピュータが、
対象システムに含まれる第1の構成要素の識別情報を含む、構成変化情報を外部から受信し、
前記対象システムのセキュリティ機能に関連する、構成要素識別情報とセキュリティ機能識別情報とセキュリティ機能実現方式識別情報とセキュリティ作業要素識別情報とを少なくとも含むセキュリティ要件モデルレコードを1以上含むセキュリティ要件モデルの集合から、前記第1の構成要素の識別情報に対応するセキュリティ要件モデルを抽出し、出力し、
構成要素が、前記セキュリティ機能識別情報及び前記セキュリティ機能実現方式識別情報で特定されるセキュリティ機能の実現方式における、他の構成要素のセキュリティ機能を実現する、中核構成要素であるか否かを示す構成要素種別情報を利用して、前記第1の構成要素が、前記抽出したセキュリティ要件モデルにおいて、前記第1の構成要素以外の第2の構成要素のセキュリティ機能を実現する中核構成要素であるか否かを判定し、判定した結果を出力し、
前記判定した結果が前記第1の構成要素は前記中核構成要素であるの場合に、前記セキュリティ機能の識別情報と実現方式と構成要素種別とセキュリティ作業要素との関係を示す情報と、前記対象システムの構成要素の情報とを利用し、前記第2の構成要素について、前記第1の構成要素を使用することなく、前記第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである、変更セキュリティ要件モデルを生成し、出力し、
前記変更セキュリティ要件モデルについて前記セキュリティ作業要素を抽出し、出力する
セキュリティ設計方法。 - 対象システムに含まれる第1の構成要素の識別情報を含む、構成変化情報を外部から受信し、
前記対象システムのセキュリティ機能に関連する、構成要素識別情報とセキュリティ機能識別情報とセキュリティ機能実現方式識別情報とセキュリティ作業要素識別情報とを少なくとも含むセキュリティ要件モデルレコードを1以上含むセキュリティ要件モデルの集合から、前記第1の構成要素の識別情報に対応するセキュリティ要件モデルを抽出し、出力し、
構成要素が、前記セキュリティ機能識別情報及び前記セキュリティ機能実現方式識別情報で特定されるセキュリティ機能の実現方式における、他の構成要素のセキュリティ機能を実現する、中核構成要素であるか否かを示す構成要素種別情報を利用して、前記第1の構成要素が、前記抽出したセキュリティ要件モデルにおいて、前記第1の構成要素以外の第2の構成要素のセキュリティ機能を実現する中核構成要素であるか否かを判定し、判定した結果を出力し、
前記判定した結果が前記第1の構成要素は前記中核構成要素であるの場合に、前記セキュリティ機能の識別情報と実現方式と構成要素種別とセキュリティ作業要素との関係を示す情報と、前記対象システムの構成要素の情報とを利用し、前記第2の構成要素について、前記第1の構成要素を使用することなく、前記第1の構成を使用する場合と同一のセキュリティ機能を実現するセキュリティ要件モデルである、変更セキュリティ要件モデルを生成し、出力し、
前記変更セキュリティ要件モデルについて前記セキュリティ作業要素を抽出し、出力する処理をコンピュータに実行させる
プログラムを記録した不揮発性記録媒体。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/397,612 US20150121452A1 (en) | 2012-05-07 | 2013-04-22 | Security design device and security design method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2012105998 | 2012-05-07 | ||
JP2012-105998 | 2012-05-07 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013168375A1 true WO2013168375A1 (ja) | 2013-11-14 |
Family
ID=49550444
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2013/002696 WO2013168375A1 (ja) | 2012-05-07 | 2013-04-22 | セキュリティ設計装置及びセキュリティ設計方法 |
Country Status (3)
Country | Link |
---|---|
US (1) | US20150121452A1 (ja) |
JP (1) | JPWO2013168375A1 (ja) |
WO (1) | WO2013168375A1 (ja) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6897140B2 (ja) * | 2017-02-14 | 2021-06-30 | 富士フイルムビジネスイノベーション株式会社 | 設計支援システムおよびプログラム |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2009055417A (ja) * | 2007-08-28 | 2009-03-12 | Nec Infrontia Corp | 無線端末を認証する認証システム、その認証方法及び無線基地局 |
WO2009037897A1 (ja) * | 2007-09-20 | 2009-03-26 | Nec Corporation | セキュリティ運用管理システム、セキュリティ運用管理方法およびセキュリティ運用管理プログラム |
Family Cites Families (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7757271B2 (en) * | 2000-04-19 | 2010-07-13 | Hewlett-Packard Development Company, L.P. | Computer system security service |
US7448068B2 (en) * | 2002-10-21 | 2008-11-04 | Microsoft Corporation | Automatic client authentication for a wireless network protected by PEAP, EAP-TLS, or other extensible authentication protocols |
JP2005284437A (ja) * | 2004-03-29 | 2005-10-13 | Hitachi Ltd | ストレージ装置 |
US20060088027A1 (en) * | 2004-07-07 | 2006-04-27 | Wolfgang Becker | Dynamic log for computer systems of server and services |
US20060070033A1 (en) * | 2004-09-24 | 2006-03-30 | International Business Machines Corporation | System and method for analyzing effects of configuration changes in a complex system |
US20090126022A1 (en) * | 2004-11-25 | 2009-05-14 | Nec Corporation | Method and System for Generating Data for Security Assessment |
JP4794242B2 (ja) * | 2005-08-30 | 2011-10-19 | 富士通株式会社 | 制御方法、制御プログラム及び制御装置 |
US7571349B2 (en) * | 2006-08-18 | 2009-08-04 | Microsoft Corporation | Configuration replication for system recovery and migration |
JP4157900B2 (ja) * | 2006-12-27 | 2008-10-01 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 電子機器の設定情報を作成するための情報処理装置、方法、及びプログラム |
US7908660B2 (en) * | 2007-02-06 | 2011-03-15 | Microsoft Corporation | Dynamic risk management |
KR100951144B1 (ko) * | 2007-10-19 | 2010-04-07 | 한국정보보호진흥원 | 업무 모델 기반의 네트워크 취약점 점검 시스템 및 방법 |
CN101686458B (zh) * | 2008-09-28 | 2013-06-12 | 华为技术有限公司 | 一种终端配置和管理方法及终端装置 |
JP5289041B2 (ja) * | 2008-12-26 | 2013-09-11 | キヤノン株式会社 | データ処理装置、データ処理方法、及びコンピュータプログラム |
CN101783848B (zh) * | 2009-01-20 | 2013-03-27 | 京瓷办公信息系统株式会社 | 图像形成系统 |
US8370462B2 (en) * | 2009-02-03 | 2013-02-05 | Oracle International Corporation | Service configuration assurance |
US8726407B2 (en) * | 2009-10-16 | 2014-05-13 | Deviceauthority, Inc. | Authentication of computing and communications hardware |
US8595334B2 (en) * | 2010-02-22 | 2013-11-26 | Microsoft Corporation | Incrementally managing distributed configuration data |
CN102195961B (zh) * | 2010-03-16 | 2014-03-12 | 京瓷办公信息系统株式会社 | 图像形成系统以及图像形成方法 |
JP5640556B2 (ja) * | 2010-08-23 | 2014-12-17 | 富士ゼロックス株式会社 | 画像形成装置及び画像形成プログラム |
JP5143198B2 (ja) * | 2010-08-24 | 2013-02-13 | 株式会社バッファロー | ネットワーク中継装置 |
US8805970B2 (en) * | 2010-10-25 | 2014-08-12 | International Business Machines Corporation | Automatic management of configuration parameters and parameter management engine |
-
2013
- 2013-04-22 JP JP2014514369A patent/JPWO2013168375A1/ja active Pending
- 2013-04-22 WO PCT/JP2013/002696 patent/WO2013168375A1/ja active Application Filing
- 2013-04-22 US US14/397,612 patent/US20150121452A1/en not_active Abandoned
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2009055417A (ja) * | 2007-08-28 | 2009-03-12 | Nec Infrontia Corp | 無線端末を認証する認証システム、その認証方法及び無線基地局 |
WO2009037897A1 (ja) * | 2007-09-20 | 2009-03-26 | Nec Corporation | セキュリティ運用管理システム、セキュリティ運用管理方法およびセキュリティ運用管理プログラム |
Also Published As
Publication number | Publication date |
---|---|
JPWO2013168375A1 (ja) | 2016-01-07 |
US20150121452A1 (en) | 2015-04-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11120145B2 (en) | Method and system of ensuring interaction of devices of the internet of things (IoT) | |
US9767293B2 (en) | Content based hardware security module assignment to virtual machines | |
US10325109B2 (en) | Automatic and dynamic selection of cryptographic modules for different security contexts within a computer network | |
JP4232767B2 (ja) | ソフトウェア認証システムおよびソフトウェア認証プログラム、並びにソフトウェア認証方法 | |
CN110324399B (zh) | 将集群意识纳入设施管理门户 | |
US9501646B2 (en) | Program verification apparatus, program verification method, and computer readable medium | |
US20240061790A1 (en) | Locally-stored remote block data integrity | |
US20210211308A1 (en) | Partitioning certificate revocation lists | |
CN110597662B (zh) | 备份数据自动验证方法、装置、用户设备及存储介质 | |
US20130185763A1 (en) | Distributed processing system, distributed processing method and computer-readable recording medium | |
WO2021059852A1 (ja) | 情報変換装置、情報変換システム、情報変換方法および記録媒体 | |
WO2013168375A1 (ja) | セキュリティ設計装置及びセキュリティ設計方法 | |
US10248790B2 (en) | Information processing system, controlling method, and controlling computer program | |
US11784996B2 (en) | Runtime credential requirement identification for incident response | |
CN111492621B (zh) | 用于控制分组传输的服务器和方法 | |
JP7192367B2 (ja) | 通信障害解析装置、通信障害解析システム、通信障害解析方法および通信障害解析プログラム | |
US11762961B2 (en) | Management of software licenses for deployed images | |
US20230308283A1 (en) | Blockchain program verifications | |
US12050619B2 (en) | Data retrieval using distributed workers in a large-scale data access system | |
JP6922293B2 (ja) | 情報処理装置 | |
JP2017074745A (ja) | 画像形成装置、画像形成システムおよび画像形成装置の設定引き継ぎ方法 | |
KR20240082672A (ko) | 스크래핑 지원 서버, 스크래핑 서비스 방법 및 이를 위한 컴퓨터 프로그램 | |
JP2014203240A (ja) | セキュリティ対策を支援する情報処理装置、セキュリティ対策支援方法、及びそのためのプログラム | |
JP2016139170A (ja) | 情報処理装置及び情報処理プログラム | |
CN118194321A (zh) | 内核模块生成、加载方法、设备、存储介质及程序产品 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13787066 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2014514369 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14397612 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13787066 Country of ref document: EP Kind code of ref document: A1 |