WO2021075577A1 - Generating device, program, and generating method - Google Patents

Generating device, program, and generating method Download PDF

Info

Publication number
WO2021075577A1
WO2021075577A1 PCT/JP2020/039196 JP2020039196W WO2021075577A1 WO 2021075577 A1 WO2021075577 A1 WO 2021075577A1 JP 2020039196 W JP2020039196 W JP 2020039196W WO 2021075577 A1 WO2021075577 A1 WO 2021075577A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication
level
security
display data
risk
Prior art date
Application number
PCT/JP2020/039196
Other languages
French (fr)
Japanese (ja)
Inventor
今日子 帆足
英則 土田
剛史 清國
永治 荻原
健一郎 平田
Original Assignee
ソフトバンク株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ソフトバンク株式会社 filed Critical ソフトバンク株式会社
Publication of WO2021075577A1 publication Critical patent/WO2021075577A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services

Definitions

  • the present invention relates to a generator, a program, and a generation method.
  • Patent Document 1 Japanese Unexamined Patent Publication No. 2004-234401
  • a generator may include a level identification unit that specifies the security risk level of communication between an internal communication source and an external communication destination via the Internet in the target company.
  • the generation device may include a display data generation unit that generates display data for displaying a communication object representing communication in association with a risk object corresponding to a security risk level specified by the level identification unit.
  • the level specifying unit may specify the security risk level of each communication between a plurality of internal communication sources and a plurality of external communication destinations via the Internet in the target company, and the display data generation unit may specify the security risk level.
  • Display data may be generated in which the risk objects corresponding to the security risk levels specified by the level specifying unit are associated with the plurality of communication objects representing each of the plurality of communications.
  • the display data generation unit may generate the display data for displaying the risk object in association with the communication object representing the communication whose security risk level is higher than a predetermined level.
  • the display data generation unit may generate the display data for displaying the risk object having a higher emphasis in association with the communication object indicating the communication having a higher security risk level.
  • the display data generation unit may generate display data to be displayed in association with the communication object by using a balloon object including a character string indicating the content of the risk as the risk object.
  • the level specifying unit may specify the security risk level for the data transmitted from the communication source to the communication destination as the security risk level of the communication
  • the display data generation unit may specify the communication source object representing the communication source.
  • the display data may be generated in which the risk objects corresponding to the security risk level are associated with the data transmitted from the communication source to the communication destination and displayed.
  • the level specifying unit may specify the security risk level for the data transmitted from the communication destination to the communication source as the security risk level of the communication, and the display data generation unit may specify the communication destination object representing the communication destination.
  • the display data that displays the risk objects corresponding to the security risk level with respect to the data transmitted from the communication destination to the communication source may be generated.
  • the display data generation unit may generate the display data for displaying the risk object and the risk content object corresponding to the risk content in the communication indicated by the communication object in association with the communication object.
  • the level identification unit is based on the security measure level of the target company, the asset value of the data handled in the communication, and the frequency of security accidents of the data handled in the communication, and the security risk of the communication. You may specify the level.
  • the level specifying unit indicates a numerical value indicating the security measure level, which is higher as the security measure level is higher, and an asset value, which is higher as the asset value is higher. A value obtained by multiplying a numerical value by a numerical value indicating the frequency of occurrence may be specified.
  • the level specifying department may determine the security measure level based on at least one of the company name of the target company, the years elapsed since its establishment, and the business content.
  • the level specifying unit may determine the security measure level based on whether or not the data handled by the target company is subject to confidentiality of communication.
  • the level specifying unit may determine the security measure level based on the number of data handled by the target company.
  • the level specifying unit may determine the security measure level based on whether or not the data handled by the target company includes credit card information.
  • the level specifying unit may determine the security measure level based on whether or not the data handled by the target company includes My Number information.
  • the level specifying unit may determine the security measure level based on the occurrence status of data leakage handled by the target company.
  • a program for making a computer function as the generator is provided.
  • the generation method may include a level specifying stage for specifying the security risk level of communication between the internal communication source and the external communication destination via the Internet in the target company.
  • the generation method may include a display data generation stage for generating display data in which a communication object representing communication is associated with a risk object corresponding to the security risk level specified in the level specifying stage.
  • An example of the communication environment of the generator 100 is shown schematically.
  • An example of the processing flow by the generator 100 is shown schematically.
  • An example of the basic shape 300 of the hazard map is shown schematically.
  • An example of the hazard map 400 is shown schematically.
  • An example of the hazard map 400 is shown schematically.
  • An example of the functional configuration of the generator 100 is shown schematically.
  • An example of the classification process of the company 200 by the countermeasure level acquisition unit 112 is shown schematically.
  • An example of the countermeasure level determination table 600 is shown schematically.
  • An example of the hardware configuration of the computer 1200 that functions as the generator 100 is shown schematically.
  • FIG. 1 schematically shows an example of the communication environment of the generator 100.
  • the generation device 100 according to the present embodiment generates display data for each of the plurality of companies 200 based on the communication status between the inside and outside of the company and the security risk level of the communication.
  • Such display data may be described as a security hazard map.
  • the security risk level indicates the level of security-related risk.
  • Security risk levels include, for example, four levels of caution, warning, critical, and urgent. Each level of security risk level is not limited to this and may be arbitrarily set. Further, the number of security risk levels is not limited to four and may be any number.
  • the generation device 100 receives information about the company 200 from, for example, the communication device 210 of the company 200.
  • Information about the company 200 is entered, for example, by the person in charge 202 at the company 200.
  • the generation device 100 transmits an input sheet for inputting information about the company 200 to the communication device 210, and receives the information input to the input sheet by the person in charge 202.
  • the input sheet may include an input field for each item, or may include an input field for inputting various information in the form of a question.
  • Information about company 200 includes company name, year of establishment, business content, etc. When the company 200 handles personal information, the information about the company 200 may include the number of personal information handled. Further, the information about the company 200 includes the information about the communication of the company 200.
  • Information related to communication includes information related to internal and external communication.
  • Internal / external communication may mean communication between the inside and outside of the company via the Internet.
  • Information on internal and external communication includes information on internal communication sources, external communication destinations, and data sent and received.
  • Information related to communication may include information related to internal communication.
  • Internal communication may mean communication between internals.
  • Information about internal communication includes information on internal communication sources, internal communication destinations, and data sent and received.
  • Information related to communication may include information related to external communication.
  • the external communication may refer to communication between external parties related to the company 200.
  • Information on external communication includes information on external communication sources, external communication destinations, and data sent and received.
  • Information related to communication may include information related to data sent and received.
  • Information about communication may include information about the number of data. For example, when the data to be transmitted / received includes personal information, the information regarding communication indicates how many personal information is transmitted / received.
  • Information on communication may include information on the type of data.
  • the information regarding communication may include information on whether or not the data includes credit card information.
  • the information regarding communication may include information as to whether or not the data includes My Number information.
  • the information regarding communication may include information on whether or not the data includes personal information.
  • the information regarding communication may include information on whether or not the data is subject to confidentiality of communication.
  • the secrecy of communications may be, for example, the "secret of communications" stipulated in the Constitution. Further, the secrecy of communication may be, for example, the "secret of communication" defined in the Telecommunications Business Law.
  • Information on communication may include information on the asset value of data.
  • Information about the asset value of the data can indicate how high the asset value of the data is. For example, the asset value of data is highest when the data contains confidential information, when the data contains personal information, when the data contains confidential information, when the data contains confidential information, and when the data contains any of these information. If it does not include, it will gradually decrease.
  • the asset value of the data may be determined by criteria other than these.
  • Information on communication may include information on the level of data management.
  • Information about communication may include information about how to manage data.
  • the information regarding communication may include information regarding data management rules.
  • the information regarding communication may include information regarding how to handle data.
  • the information regarding communication may include information regarding rules for handling data.
  • Information on communication may include information on the frequency of data security incidents.
  • a data security accident is, for example, a data leakage accident.
  • the generation device 100 may communicate with the communication device 210 via the network 10.
  • the network 10 may be any network.
  • the network 10 includes, for example, the Internet, a LAN, a cloud network, and the like.
  • the generator 100 specifies, for example, the security risk level of communication between an internal communication source and an external communication destination based on information on communication, and sets a communication object representing communication according to the security risk level of the communication. Generate a security hazard map that displays risk objects in association with each other. With such a security hazard map, it is possible to easily grasp the security risk level of each of a plurality of internal and external communications.
  • FIG. 2 schematically shows an example of the processing flow by the generation device 100.
  • the flow of processing in which the generation device 100 generates a security hazard map of a certain company 200 is shown.
  • step 102 the step may be abbreviated as S
  • the generator 100 acquires information about the target company 200.
  • the generator 100 extracts internal / external communication, internal communication, and external communication from the information about the company 200.
  • the generation device 100 specifies the security risk level for one of the extracted plurality of communications. In S108, the generation device 100 determines whether or not the security risk level has been specified for all the extracted communications. If it is determined that the process is not completed, the process returns to S106, and if it is determined that the process is completed, the process proceeds to S110.
  • the generation device 100 generates a security hazard map including a plurality of communication objects representing each of the plurality of communications extracted in S104 and a risk object corresponding to each security risk level of the plurality of communications. For example, the generation device 100 associates a risk object only with a communication object whose communication security risk level is higher than a predetermined level among a plurality of communication objects.
  • the generation device 100 displays the security hazard map generated in S110.
  • the generation device 100 may display the security hazard map on the display included in the generation device 100. Further, the generation device 100 may transmit the security hazard map to the communication device 210 and display the security hazard map on the display included in the communication device 210.
  • FIG. 3 schematically shows an example of the basic shape 300 of the security hazard map.
  • the basic shape 300 includes an internal area 310, an Internet area 320, an external area 330, an icon legend area 340, and a line legend area 350.
  • an internal communication source for internal / external communication for example, an internal communication source for internal / external communication, and a communication source and communication destination for internal communication are arranged.
  • an external communication destination in internal / external communication for example, an external communication destination in internal / external communication, and a communication source and communication destination in external communication are arranged.
  • the communication object representing internal / external communication includes an object representing an internal communication source, an object representing an external communication destination, and an object representing communication.
  • the object representing the communication will cross the Internet area 320.
  • the communication object representing internal communication includes an object representing an internal communication source, an object representing an internal communication destination, and an object representing communication.
  • the communication object representing external communication includes an object representing an external communication source, an object representing an external communication destination, and an object representing communication.
  • an icon legend corresponding to an object representing a communication source, a communication destination, etc. is arranged in the icon legend area 340.
  • an icon legend corresponding to an object representing a communication source, a communication destination, etc. is arranged in the line legend area 350.
  • a legend of a line object corresponding to an object representing communication is arranged in the line legend area 350.
  • FIG. 4 and 5 schematically show an example of the security hazard map 400.
  • FIG. 4 shows the state before the placement of the risk object
  • FIG. 5 shows the state after the placement of the risk object.
  • the high security area 402 is arranged in the in-house area 310, and the dedicated PC (Personal Computer) 404 is arranged in the high security area 402.
  • the business system 410 and the customer 420 are arranged in the external area 330
  • the management system 412, the WEB server 414, and the database 416 are arranged in the business system 410
  • the mobile terminal 422 and the PC 424 are arranged in the customer 420.
  • a FW432 representing a firewall is arranged between the in-house area 310 and the Internet area 320
  • a FW434 is arranged between the Internet area 320 and the outside area 330.
  • the HP (Home Page) input 442 represents a communication in which the mobile terminal 422 and the PC 424 transmit the input data to the management system 412 via the home page by the WEB server 414.
  • Browsing 452 represents communication for browsing data managed by the management system 412 from the dedicated PC 404.
  • Operation 454 and development / maintenance 456 represent communication for accessing the database 416 from the dedicated PC 404 for operation, development, and maintenance.
  • the tag object 502, the tag object 504, and the tag object 506 are examples of risk objects.
  • the tag object 502 indicates that the security risk is relatively high because the access right holder who can access the data managed by the management system 412 by using the dedicated PC 404 is not sufficiently educated and trained.
  • the tag object 504 indicates that the security risk is relatively high because the handling rules of the external storage medium are not sufficient.
  • the tag object 506 indicates that the security risk of the management system 412 is relatively high because the log acquisition is not sufficient.
  • the generation device 100 may emphasize each of the tag object 502, the tag object 504, and the tag object 506 according to the height of the security risk level. For example, the generation device 100 applies the color scheme emphasized as the security risk level is higher to the tag object 502, the tag object 504, and the tag object 506. Further, for example, the generation device 100 increases the size of the tag object 502, the tag object 504, and the tag object 506 as the security risk level increases. In this way, by emphasizing according to the level of security risk, it is possible to intuitively grasp the difference in security risk level.
  • the balloon object 512 may also be an example of a risk object.
  • the balloon object 512 includes a character string indicating the content of the risk for communication by the dedicated PC 404.
  • the balloon object 512 shows that there is a risk of information leakage due to internal improprieties and data destruction due to erroneous operation with respect to communication by the dedicated PC 404.
  • the character string included in the balloon object 512 can be registered, for example, by the administrator of the generation device 100 or the like.
  • the generation device 100 may display the balloon object 512 and the risk content object corresponding to the risk content in the communication indicated by the communication object in association with each other on the communication object.
  • the internal fraud object 514 corresponding to the internal fraud is displayed.
  • the tag object 502 and the tag object 504 make it possible to grasp that there is a security risk in the communication by the dedicated PC 404, and the balloon object 512 and the internal malicious object 514 make it possible to grasp what kind of risk actually exists. can do.
  • FIG. 6 schematically shows an example of the functional configuration of the generator 100.
  • the generation device 100 includes an information collection unit 102, an information storage unit 104, a level identification unit 110, a display data generation unit 120, and a display data output unit 122.
  • the information collection unit 102 collects information about the company 200 for each of the plurality of companies 200.
  • the information collecting unit 102 receives information about the company 200 from each of the plurality of companies 200.
  • the information collecting unit 102 stores the collected information in the information storage unit 104.
  • the level specifying unit 110 acquires the information of the company 200 for which the display data is generated from the information storage unit 104, and specifies the security risk level of each of the plurality of communications in the company 200.
  • the level specifying unit 110 specifies, for example, the security risk level of communication between an internal communication source and an external communication destination via the Internet in the company 200.
  • the level specifying unit 110 may specify the security risk level of communication between the internal communication source and the internal communication destination in the company 200.
  • the level specifying unit 110 may specify the security risk level of communication between an external communication source and an external communication destination. Further, the level specifying unit 110 specifies, for example, the security risk level for the data transmitted from the communication source to the communication destination. Further, the level specifying unit 110 specifies, for example, the security risk level for the data transmitted from the communication destination to the communication source.
  • the level specifying unit 110 has a countermeasure level acquisition unit 112, an asset value acquisition unit 114, and an occurrence frequency acquisition unit 116.
  • the countermeasure level acquisition unit 112 acquires the security countermeasure level of the company 200.
  • the security measure level of the company 200 may be the level of the security measure required for the company 200.
  • the security measure level of the company 200 is registered by, for example, the administrator of the generation device 100, and is stored in the information storage unit 104. In this case, the countermeasure level acquisition unit 112 acquires the security countermeasure level of the target company 200 from the information storage unit 104.
  • the countermeasure level acquisition unit 112 may determine the security countermeasure level of the company 200 based on the information about the company 200 stored in the information storage unit 104.
  • the countermeasure level acquisition unit 112 determines the security countermeasure level of the company 200 based on, for example, the company name of the company 200, the elapsed years since its establishment, and the content of the business.
  • the countermeasure level acquisition unit 112 may further determine the security countermeasure level based on whether or not the data handled by the company 200 is subject to confidentiality of communication. Further, the countermeasure level acquisition unit 112 may further determine the security countermeasure level based on the number of data handled by the company 200.
  • the countermeasure level acquisition unit 112 may further determine the security countermeasure level based on whether or not the data handled by the company 200 includes credit card information.
  • the countermeasure level acquisition unit 112 may further determine the security countermeasure level based on whether or not the data handled by the company 200 includes the My Number information.
  • the countermeasure level acquisition unit 112 may determine the security countermeasure level based on the occurrence status of data leakage handled by the company 200. Details of the method for determining the security measure level will be described later.
  • the asset value acquisition unit 114 acquires the asset value of the data handled in the communication for each of the plurality of communications.
  • the asset value acquisition unit 114 may acquire the asset value of the data handled in the communication by referring to the information related to the communication stored in the information storage unit 104.
  • Occurrence frequency acquisition unit 116 acquires the frequency of occurrence of security accidents of data handled in communication for each of a plurality of communications.
  • the occurrence frequency acquisition unit 116 may acquire the occurrence frequency of a security accident of the data handled in the communication by referring to the information related to the communication stored in the information storage unit 104.
  • the level specifying unit 110 may specify the security risk level of communication based on the security measure level of the data handled in communication, the asset value, and the frequency of occurrence of security accidents.
  • the level identification unit 110 has a numerical value indicating a security measure level that becomes higher as the security measure level is higher, a numerical value indicating an asset value that becomes higher as the asset value is higher, and security as a communication security risk level.
  • the level identification unit 110 specifies the security risk level by storing the registration data in which the range of the corresponding value is registered for each of the plurality of levels included in the security risk level in advance and referring to the registration data. You may.
  • the higher the security measure level required for the data handled in communication the higher the security risk level can be specified.
  • the higher the asset value of the data handled in communication the higher the security risk level can be identified.
  • the higher the frequency of security accidents of data handled in communication the higher the security risk level can be identified.
  • the display data generation unit 120 generates display data based on the information stored in the information storage unit 104 and the security risk level specified by the level identification unit 110.
  • the display data generation unit 120 generates display data including a communication object representing each of a plurality of communications of the target company 200.
  • the display data generation unit 120 generates display data for displaying the communication object in association with the risk object corresponding to the security risk level of the communication indicated by the communication object.
  • the display data generation unit 120 generates display data for displaying a risk object in association with a communication object representing a communication whose security risk level is higher than a predetermined level, for example.
  • the display data generation unit 120 may generate display data in which the risk objects are associated with and displayed only on the communication objects representing the communication in which the security risk level is higher than the predetermined level among the plurality of communication objects. Further, the display data generation unit 120 specifies, for example, a predetermined number of communication objects in descending order of security risk level, and generates display data for displaying the identified communication objects in association with the risk objects.
  • the display data generation unit 120 may generate display data in which a risk object having a higher emphasis is associated with a communication object indicating a communication having a higher security risk level.
  • the risk object with a higher degree of emphasis may be a risk object with a higher degree of emphasis on the color scheme. Further, the risk object with higher emphasis may be a risk object having a larger size. Further, the risk object having a higher degree of emphasis may be a risk object having a higher degree of emphasis on the shape.
  • the display data generation unit 120 may generate display data to be displayed in association with a communication object, using a balloon object including a character string indicating the content of the risk as a risk object.
  • the display data generation unit 120 may generate display data for displaying the balloon object and the risk content object corresponding to the risk content in the notification indicated by the communication object in association with each other.
  • the display data generation unit 120 generates display data for displaying the balloon object in association with the risk content object, for example.
  • the display data generation unit 120 may generate display data in which a communication source object representing a communication source is associated with a risk object corresponding to a security risk level for data transmitted from the communication source to the communication destination.
  • the display data generation unit 120 may generate display data in which a communication destination object representing the communication destination is associated with a risk object corresponding to the security risk level for the data transmitted by the communication destination to the communication source.
  • the display data output unit 122 outputs the display data generated by the display data generation unit 120.
  • the display data output unit 122 displays, for example, display data on a display included in the generation device 100. Further, the display data output unit 122 transmits display data to the communication device 210, for example, and displays the display data on the display provided in the communication device 210.
  • FIG. 7 schematically shows an example of the classification process of the company 200 by the countermeasure level acquisition unit 112.
  • the countermeasure level acquisition unit 112 can first classify the company 200 by executing the classification process shown in FIG. 7.
  • the countermeasure level acquisition unit 112 determines whether or not the company name includes a character string registered in advance.
  • a character string for example, a character string that is particularly likely to be the target of an attack from overseas is registered by including it in the company name.
  • An example of the character string is "bank" or the like. If it is included, the process proceeds to S204, and if it is not included, the process proceeds to S210.
  • the countermeasure level acquisition unit 112 determines whether or not it has been less than three years since the company was established. If it is determined that it is less than 3 years, the process proceeds to S206, and if it is determined that it is not less than 3 years, the process proceeds to S208.
  • the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 corresponds to the licensed business. If the countermeasure level acquisition unit 112 determines that it is applicable, the company 200 is classified as classification C, and if it is determined that it is not applicable, the company 200 is classified as classification B.
  • the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 falls under the licensed business. If the countermeasure level acquisition unit 112 determines that it is applicable, the company 200 is classified as classification C, and if it is determined that it is not applicable, the company 200 is classified as classification B.
  • the countermeasure level acquisition unit 112 determines whether or not it has been less than three years since the company was established. If it is determined that it is less than 3 years, the process proceeds to S212, and if it is determined that it is not less than 3 years, the process proceeds to S214.
  • the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 falls under the licensed business. If it is determined that the countermeasure level acquisition unit 112 is applicable, the company 200 is classified as classification C, and if it is determined that the countermeasure level acquisition unit 112 is not applicable, the company 200 is classified as classification A.
  • the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 falls under the licensed business. If it is determined that the countermeasure level acquisition unit 112 is applicable, the company 200 is classified as classification C, and if it is determined that the countermeasure level acquisition unit 112 is not applicable, the company 200 is classified as classification D.
  • FIG. 8 schematically shows an example of the countermeasure level determination table 600.
  • the countermeasure level acquisition unit 112 determines the security countermeasure level of the company 200 by using the classification of the company 200 and the countermeasure level determination table 600.
  • the security measure level consists of MAX, MID, and MIN
  • the number of security measure levels is not limited to three, and may be any number.
  • the countermeasure level acquisition unit 112 determines the security countermeasure level of the company 200 when the classification of the company 200 is classification A, and MAX 10,000 to 1 million when the personal information handled is 1 million or more. In that case, MID is tentatively decided in case of less than 10,000 cases. Further, the countermeasure level acquisition unit 112 provisionally sets the security countermeasure level of the company 200 to MID when the classification of the company 200 is classification B, MAX when the classification is C, and MIN when the classification is D. Decide.
  • the countermeasure level acquisition unit 112 determines whether or not the company 200 possesses information that is subject to confidential communication, whether or not it possesses at least one of the number of personal information to be handled, credit card information, and my number information. Adjust the security measure level according to the measure level determination table 600 based on whether an information leakage accident occurred within 5 years and whether the situation is such that personal information is not yet retained while starting a business. .. For example, the countermeasure level acquisition unit 112 sets the security countermeasure level to MAX when the company 200 holds information that is the target of confidentiality of communication.
  • FIG. 9 schematically shows an example of the hardware configuration of the computer 1200 that functions as the generator 100.
  • a program installed on the computer 1200 causes the computer 1200 to function as one or more "parts" of the device according to the present embodiment, or causes the computer 1200 to perform an operation associated with the device according to the present embodiment or the one or more.
  • a plurality of "parts" can be executed and / or a computer 1200 can be made to execute a process according to the present embodiment or a stage of the process.
  • Such a program may be run by the CPU 1212 to cause the computer 1200 to perform certain operations associated with some or all of the blocks of the flowcharts and block diagrams described herein.
  • the computer 1200 includes a CPU 1212, a RAM 1214, and a graphic controller 1216, which are connected to each other by a host controller 1210.
  • the computer 1200 also includes input / output units such as a communication interface 1222, a storage device 1224, a DVD drive 1226, and an IC card drive, which are connected to the host controller 1210 via an input / output controller 1220.
  • the DVD drive 1226 may be a DVD-ROM drive, a DVD-RAM drive, or the like.
  • the storage device 1224 may be a hard disk drive, a solid state drive, or the like.
  • the computer 1200 also includes a legacy I / O unit such as a ROM 1230 and a keyboard, which are connected to the I / O controller 1220 via an I / O chip 1240.
  • the CPU 1212 operates according to the programs stored in the ROM 1230 and the RAM 1214, thereby controlling each unit.
  • the graphic controller 1216 acquires the image data generated by the CPU 1212 in a frame buffer or the like provided in the RAM 1214 or itself so that the image data is displayed on the display device 1218.
  • the communication interface 1222 communicates with other electronic devices via the network.
  • the storage device 1224 stores programs and data used by the CPU 1212 in the computer 1200.
  • the DVD drive 1226 reads a program or data from a DVD-ROM 1227 or the like and provides it to the storage device 1224.
  • the IC card drive reads the program and data from the IC card and / or writes the program and data to the IC card.
  • the ROM 1230 stores a boot program or the like executed by the computer 1200 at the time of activation and / or a program depending on the hardware of the computer 1200.
  • the input / output chip 1240 may also connect various input / output units to the input / output controller 1220 via a USB port, a parallel port, a serial port, a keyboard port, a mouse port, and the like.
  • the program is provided by a computer-readable storage medium such as a DVD-ROM 1227 or an IC card.
  • the program is read from a computer-readable storage medium, installed in a storage device 1224, RAM 1214, or ROM 1230, which is also an example of a computer-readable storage medium, and executed by the CPU 1212.
  • the information processing described in these programs is read by the computer 1200 and provides a link between the program and the various types of hardware resources described above.
  • the device or method may be configured to implement the operation or processing of information in accordance with the use of the computer 1200.
  • the CPU 1212 executes a communication program loaded in the RAM 1214, and performs communication processing on the communication interface 1222 based on the processing described in the communication program. You may order.
  • the communication interface 1222 reads and reads transmission data stored in a transmission buffer area provided in a recording medium such as a RAM 1214, a storage device 1224, a DVD-ROM 1227, or an IC card. The data is transmitted to the network, or the received data received from the network is written to the reception buffer area or the like provided on the recording medium.
  • the CPU 1212 makes the RAM 1214 read all or necessary parts of a file or a database stored in an external recording medium such as a storage device 1224, a DVD drive 1226 (DVD-ROM1227), an IC card, etc. Various types of processing may be performed on the data of. The CPU 1212 may then write back the processed data to an external recording medium.
  • an external recording medium such as a storage device 1224, a DVD drive 1226 (DVD-ROM1227), an IC card, etc.
  • Various types of processing may be performed on the data of.
  • the CPU 1212 may then write back the processed data to an external recording medium.
  • the CPU 1212 describes various types of operations, information processing, conditional judgment, conditional branching, unconditional branching, and information retrieval described in various parts of the present disclosure with respect to the data read from the RAM 1214. Various types of processing may be performed, including / replacement, etc., and the results are written back to the RAM 1214. Further, the CPU 1212 may search for information in a file, a database, or the like in the recording medium. For example, when a plurality of entries each having an attribute value of the first attribute associated with the attribute value of the second attribute are stored in the recording medium, the CPU 1212 is the first of the plurality of entries. The attribute value of the attribute of is searched for the entry that matches the specified condition, the attribute value of the second attribute stored in the entry is read, and the first attribute that satisfies the predetermined condition is selected. You may get the attribute value of the associated second attribute.
  • the program or software module described above may be stored on a computer 1200 or in a computer-readable storage medium near the computer 1200.
  • a recording medium such as a hard disk or RAM provided in a dedicated communication network or a server system connected to the Internet can be used as a computer-readable storage medium, whereby the program can be transferred to the computer 1200 via the network.
  • the blocks in the flowchart and the block diagram in the present embodiment may represent the stage of the process in which the operation is executed or the "part" of the device having a role of executing the operation.
  • Specific stages and “parts” are supplied with dedicated circuits, programmable circuits supplied with computer-readable instructions stored on computer-readable storage media, and / or with computer-readable instructions stored on computer-readable storage media. It may be implemented by the processor.
  • Dedicated circuits may include digital and / or analog hardware circuits, and may include integrated circuits (ICs) and / or discrete circuits.
  • Programmable circuits include, for example, field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), etc., such as logical products, logical sums, exclusive logical sums, negative logical products, negative logical sums, and other logical operations. , Flip-flops, registers, and reconfigurable hardware circuits, including memory elements.
  • FPGAs field programmable gate arrays
  • PLAs programmable logic arrays
  • logical products logical sums, exclusive logical sums, negative logical products, negative logical sums, and other logical operations.
  • Flip-flops, registers, and reconfigurable hardware circuits including memory elements.
  • the computer-readable storage medium may include any tangible device capable of storing instructions executed by the appropriate device, so that the computer-readable storage medium having the instructions stored therein is in a flow chart or block diagram. It will include a product that contains instructions that can be executed to create means for performing the specified operation.
  • Examples of the computer-readable storage medium may include an electronic storage medium, a magnetic storage medium, an optical storage medium, an electromagnetic storage medium, a semiconductor storage medium, and the like. More specific examples of computer-readable storage media include floppy (registered trademark) disks, diskettes, hard disks, random access memory (RAM), read-only memory (ROM), and erasable programmable read-only memory (EPROM or flash memory).
  • EEPROM Electrically Erasable Programmable Read Only Memory
  • SRAM Static Random Access Memory
  • CD-ROM Compact Disc Read Only Memory
  • DVD Digital Versatile Disc
  • Blu-ray® Disc Memory Stick
  • Integrated circuit card etc.
  • Computer-readable instructions include assembler instructions, instruction set architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, state setting data, or Smalltalk®, JAVA®, C ++, etc.
  • ISA instruction set architecture
  • Object-oriented programming languages and either source code or object code written in any combination of one or more programming languages, including traditional procedural programming languages such as the "C" programming language or similar programming languages. May include.
  • Computer-readable instructions are used to generate means for a general-purpose computer, a special-purpose computer, or the processor of another programmable data processing device, or a programmable circuit, to perform an operation specified in a flowchart or block diagram.
  • 10 network 100 generator, 102 information collection unit, 104 information storage unit, 110 level identification unit, 112 countermeasure level acquisition unit, 114 asset value acquisition unit, 116 occurrence frequency acquisition unit, 120 display data generation unit, 122 display data output Department, 200 companies, 202 personnel, 210 communication devices, 300 basic shapes, 310 internal areas, 320 Internet areas, 330 external areas, 340 icon legend areas, 350 line legend areas, 400 hazard maps, 402 high security areas, 404 dedicated PC, 410 business system, 412 management system, 414 WEB server, 416 database, 420 customer, 422 mobile terminal, 424 PC, 432, 434 FW, 442 HP input, 452 browsing, 454 operation, 456 development and maintenance, 502, 504 , 506 tag object, 512 blowout object, 514 internal fraudulent object, 600 countermeasure level determination table, 1200 computer, 1210 host controller, 1212 CPU, 1214 RAM, 1216 graphic controller, 1218 display device, 1220 input / output controller, 1222 communication interface, 1224 storage device, 1226

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Tourism & Hospitality (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • General Health & Medical Sciences (AREA)
  • Human Resources & Organizations (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

Provided is a generating device provided with: a level identifying unit which identifies a security risk level, for a target company, of communication via the internet between an internal communication source and an external communication destination; and a display data generating unit which generates display data for displaying, in association with a communication object representing the communication, a risk object corresponding to the security risk level identified by the level identifying unit.

Description

生成装置、プログラム、及び生成方法Generator, program, and generation method
 本発明は、生成装置、プログラム、及び生成方法に関する。 The present invention relates to a generator, a program, and a generation method.
 セキュリティ診断情報を用いてセキュリティハザードマップを生成する技術が知られていた。(例えば、特許文献1参照)。
 [先行技術文献]
 [特許文献]
 [特許文献1]特開2004-234401号公報 A technique for generating a security hazard map using security diagnostic information has been known. (See, for example, Patent Document 1).
[Prior art literature]
[Patent Document]
[Patent Document 1] Japanese Unexamined Patent Publication No. 2004-234401
解決しようとする課題The problem to be solved
 複数の会社のそれぞれが抱えるセキュリティリスクを把握しやすいセキュリティハザードマップを生成することが望ましい。 It is desirable to generate a security hazard map that makes it easy to understand the security risks that each of multiple companies has.
一般的開示General disclosure
 本発明の第1の態様によれば、生成装置が提供される。生成装置は、対象の会社におけるインターネットを介した社内の通信元と社外の通信先との通信のセキュリティリスクレベルを特定するレベル特定部を備えてよい。生成装置は、通信を表す通信オブジェクトに、レベル特定部によって特定されたセキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成する表示データ生成部を備えてよい。 According to the first aspect of the present invention, a generator is provided. The generator may include a level identification unit that specifies the security risk level of communication between an internal communication source and an external communication destination via the Internet in the target company. The generation device may include a display data generation unit that generates display data for displaying a communication object representing communication in association with a risk object corresponding to a security risk level specified by the level identification unit.
 上記レベル特定部は、上記対象の会社におけるインターネットを介した複数の社内の通信元と複数の社外の通信先とのそれぞれの通信の上記セキュリティリスクレベルを特定してよく、上記表示データ生成部は、複数の上記通信のそれぞれを表す複数の上記通信オブジェクトに、上記レベル特定部によって特定された上記セキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成してよい。上記表示データ生成部は、上記セキュリティリスクレベルが予め定められたレベルよりも高い上記通信を表す上記通信オブジェクトに、上記リスクオブジェクトを対応付けて表示する上記表示データを生成してよい。上記表示データ生成部は、上記セキュリティリスクレベルがより高い上記通信を示す上記通信オブジェクトに対して、より強調度の高い上記リスクオブジェクトを対応付けて表示する上記表示データを生成してよい。上記表示データ生成部は、リスクの内容を示す文字列を含む吹き出しオブジェクトを上記リスクオブジェクトとして、上記通信オブジェクトに対応付けて表示する表示データを生成してよい。 The level specifying unit may specify the security risk level of each communication between a plurality of internal communication sources and a plurality of external communication destinations via the Internet in the target company, and the display data generation unit may specify the security risk level. , Display data may be generated in which the risk objects corresponding to the security risk levels specified by the level specifying unit are associated with the plurality of communication objects representing each of the plurality of communications. The display data generation unit may generate the display data for displaying the risk object in association with the communication object representing the communication whose security risk level is higher than a predetermined level. The display data generation unit may generate the display data for displaying the risk object having a higher emphasis in association with the communication object indicating the communication having a higher security risk level. The display data generation unit may generate display data to be displayed in association with the communication object by using a balloon object including a character string indicating the content of the risk as the risk object.
 上記レベル特定部は、上記通信のセキュリティリスクレベルとして、上記通信元から上記通信先に送信するデータに対するセキュリティリスクレベルを特定してよく、上記表示データ生成部は、上記通信元を表す通信元オブジェクトに、上記通信元から上記通信先に送信するデータに対する上記セキュリティリスクレベルに応じた上記リスクオブジェクトを対応付けて表示する上記表示データを生成してよい。上記レベル特定部は、上記通信のセキュリティリスクレベルとして、上記通信先から上記通信元に送信するデータに対するセキュリティリスクレベルを特定してよく、上記表示データ生成部は、上記通信先を表す通信先オブジェクトに、上記通信先から上記通信元に送信するデータに対する上記セキュリティリスクレベルに応じた上記リスクオブジェクトを対応付けて表示する上記表示データを生成してよい。上記表示データ生成部は、上記通信オブジェクトに、上記リスクオブジェクトと、上記通信オブジェクトが示す上記通信におけるリスクの内容に対応するリスク内容オブジェクトとを対応付けて表示する上記表示データを生成してよい。 The level specifying unit may specify the security risk level for the data transmitted from the communication source to the communication destination as the security risk level of the communication, and the display data generation unit may specify the communication source object representing the communication source. In addition, the display data may be generated in which the risk objects corresponding to the security risk level are associated with the data transmitted from the communication source to the communication destination and displayed. The level specifying unit may specify the security risk level for the data transmitted from the communication destination to the communication source as the security risk level of the communication, and the display data generation unit may specify the communication destination object representing the communication destination. In addition, the display data that displays the risk objects corresponding to the security risk level with respect to the data transmitted from the communication destination to the communication source may be generated. The display data generation unit may generate the display data for displaying the risk object and the risk content object corresponding to the risk content in the communication indicated by the communication object in association with the communication object.
 上記レベル特定部は、上記対象の会社のセキュリティ対策レベルと、上記通信において扱われるデータの資産価値と、上記通信において扱われるデータのセキュリティ事故の発生頻度とに基づいて、上記通信の上記セキュリティリスクレベルを特定してよい。上記レベル特定部は、上記通信の上記セキュリティリスクレベルとして、上記セキュリティ対策レベルが高いほど高い値となる上記セキュリティ対策レベルを示す数値と、上記資産価値が高いほど高い値となる上記資産価値を示す数値と、上記発生頻度を示す数値とを乗算した値を特定してよい。上記レベル特定部は、上記対象の会社の会社名、設立からの経過年、及び事業内容の少なくともいずれかに基づいて、上記セキュリティ対策レベルを決定してよい。上記レベル特定部は、上記対象の会社が取り扱うデータが通信の秘密の対象となるか否かにさらに基づいて、上記セキュリティ対策レベルを決定してよい。上記レベル特定部は、上記対象の会社が取り扱うデータの数にさらに基づいて、上記セキュリティ対策レベルを決定してよい。上記レベル特定部は、上記対象の会社が取り扱うデータにクレジットカード情報が含まれるか否かにさらに基づいて、上記セキュリティ対策レベルを決定してよい。上記レベル特定部は、上記対象の会社が取り扱うデータにマイナンバー情報が含まれるか否かにさらに基づいて、上記セキュリティ対策レベルを決定してよい。上記レベル特定部は、上記対象の会社が取り扱うデータの漏洩の発生状況にさらに基づいて、上記セキュリティ対策レベルを決定してよい。 The level identification unit is based on the security measure level of the target company, the asset value of the data handled in the communication, and the frequency of security accidents of the data handled in the communication, and the security risk of the communication. You may specify the level. As the security risk level of the communication, the level specifying unit indicates a numerical value indicating the security measure level, which is higher as the security measure level is higher, and an asset value, which is higher as the asset value is higher. A value obtained by multiplying a numerical value by a numerical value indicating the frequency of occurrence may be specified. The level specifying department may determine the security measure level based on at least one of the company name of the target company, the years elapsed since its establishment, and the business content. The level specifying unit may determine the security measure level based on whether or not the data handled by the target company is subject to confidentiality of communication. The level specifying unit may determine the security measure level based on the number of data handled by the target company. The level specifying unit may determine the security measure level based on whether or not the data handled by the target company includes credit card information. The level specifying unit may determine the security measure level based on whether or not the data handled by the target company includes My Number information. The level specifying unit may determine the security measure level based on the occurrence status of data leakage handled by the target company.
 本発明の第2の態様によれば、コンピュータを上記生成装置として機能させるためのプログラムが提供される。 According to the second aspect of the present invention, a program for making a computer function as the generator is provided.
 本発明の第3の態様によれば、生成方法が提供される。生成方法は、対象の会社におけるインターネットを介した社内の通信元と社外の通信先との通信のセキュリティリスクレベルを特定するレベル特定段階を備えてよい。生成方法は、通信を表す通信オブジェクトに、レベル特定段階において特定されたセキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成する表示データ生成段階を備えてよい。 According to the third aspect of the present invention, a production method is provided. The generation method may include a level specifying stage for specifying the security risk level of communication between the internal communication source and the external communication destination via the Internet in the target company. The generation method may include a display data generation stage for generating display data in which a communication object representing communication is associated with a risk object corresponding to the security risk level specified in the level specifying stage.
 なお、上記の発明の概要は、本発明の必要な特徴の全てを列挙したものではない。また、これらの特徴群のサブコンビネーションもまた、発明となりうる。 The outline of the above invention does not list all the necessary features of the present invention. Sub-combinations of these feature groups can also be inventions.
生成装置100の通信環境の一例を概略的に示す。An example of the communication environment of the generator 100 is shown schematically. 生成装置100による処理の流れの一例を概略的に示す。An example of the processing flow by the generator 100 is shown schematically. ハザードマップの基本形状300の一例を概略的に示す。An example of the basic shape 300 of the hazard map is shown schematically. ハザードマップ400の一例を概略的に示す。An example of the hazard map 400 is shown schematically. ハザードマップ400の一例を概略的に示す。An example of the hazard map 400 is shown schematically. 生成装置100の機能構成の一例を概略的に示す。An example of the functional configuration of the generator 100 is shown schematically. 対策レベル取得部112による会社200の分類処理の一例を概略的に示す。An example of the classification process of the company 200 by the countermeasure level acquisition unit 112 is shown schematically. 対策レベル決定表600の一例を概略的に示す。An example of the countermeasure level determination table 600 is shown schematically. 生成装置100として機能するコンピュータ1200のハードウェア構成の一例を概略的に示す。An example of the hardware configuration of the computer 1200 that functions as the generator 100 is shown schematically.
 以下、発明の実施の形態を通じて本発明を説明するが、以下の実施形態は請求の範囲にかかる発明を限定するものではない。また、実施形態の中で説明されている特徴の組み合わせの全てが発明の解決手段に必須であるとは限らない。 Hereinafter, the present invention will be described through embodiments of the invention, but the following embodiments do not limit the inventions claimed. Also, not all combinations of features described in the embodiments are essential to the means of solving the invention.
 図1は、生成装置100の通信環境の一例を概略的に示す。本実施形態に係る生成装置100は、複数の会社200のそれぞれについて、社内と社外との通信の状況と、通信のセキュリティリスクレベルとに基づく表示データを生成する。このような表示データをセキュリティハザードマップと記載する場合がある。 FIG. 1 schematically shows an example of the communication environment of the generator 100. The generation device 100 according to the present embodiment generates display data for each of the plurality of companies 200 based on the communication status between the inside and outside of the company and the security risk level of the communication. Such display data may be described as a security hazard map.
 セキュリティリスクレベルとは、セキュリティに関するリスクのレベルを示す。セキュリティリスクレベルは、例えば、注意、警告、重要、及び緊急の4つのレベルを含む。セキュリティリスクレベルの各レベルは、これに限らず任意に定められてよい。また、セキュリティリスクレベルのレベル数は、4つに限らず任意の数であってよい。 The security risk level indicates the level of security-related risk. Security risk levels include, for example, four levels of caution, warning, critical, and urgent. Each level of security risk level is not limited to this and may be arbitrarily set. Further, the number of security risk levels is not limited to four and may be any number.
 生成装置100は、例えば、会社200の通信装置210から、会社200に関する情報を受信する。会社200に関する情報は、例えば、会社200における担当者202によって入力される。生成装置100は、例えば、会社200に関する情報を入力するための入力シートを通信装置210に送信して、担当者202によって入力シートに入力された情報を受信する。入力シートは、各項目に対する入力欄を含んでよく、また、質問形式で各種情報を入力する入力欄を含んでもよい。 The generation device 100 receives information about the company 200 from, for example, the communication device 210 of the company 200. Information about the company 200 is entered, for example, by the person in charge 202 at the company 200. For example, the generation device 100 transmits an input sheet for inputting information about the company 200 to the communication device 210, and receives the information input to the input sheet by the person in charge 202. The input sheet may include an input field for each item, or may include an input field for inputting various information in the form of a question.
 会社200に関する情報は、会社名、設立年度、及び事業内容等を含む。また、会社200が個人情報を取り扱う場合、会社200に関する情報は、取り扱う個人情報の数を含んでよい。また、会社200に関する情報は、会社200の通信に関する情報を含む。 Information about company 200 includes company name, year of establishment, business content, etc. When the company 200 handles personal information, the information about the company 200 may include the number of personal information handled. Further, the information about the company 200 includes the information about the communication of the company 200.
 通信に関する情報は、社内外通信に関する情報を含む。社内外通信とは、インターネットを介した社内と社外との通信を示してよい。社内外通信に関する情報は、社内の通信元、社外の通信先、送受信されるデータの情報を含む。 Information related to communication includes information related to internal and external communication. Internal / external communication may mean communication between the inside and outside of the company via the Internet. Information on internal and external communication includes information on internal communication sources, external communication destinations, and data sent and received.
 通信に関する情報は、社内通信に関する情報を含んでよい。社内通信とは、社内間の通信を示してよい。社内通信に関する情報は、社内の通信元、社内の通信先、送受信されるデータの情報を含む。 Information related to communication may include information related to internal communication. Internal communication may mean communication between internals. Information about internal communication includes information on internal communication sources, internal communication destinations, and data sent and received.
 通信に関する情報は、社外通信に関する情報を含んでよい。社外通信とは、会社200に関連する社外間の通信を示してよい。社外通信に関する情報は、社外の通信元、社外の通信先、送受信されるデータの情報を含む。 Information related to communication may include information related to external communication. The external communication may refer to communication between external parties related to the company 200. Information on external communication includes information on external communication sources, external communication destinations, and data sent and received.
 通信に関する情報は、送受信されるデータに関する情報を含んでよい。通信に関する情報は、データの数に関する情報を含んでよい。例えば、送受信されるデータが個人情報を含む場合に、通信に関する情報は、何人分の個人情報が送受信されるかを示す。 Information related to communication may include information related to data sent and received. Information about communication may include information about the number of data. For example, when the data to be transmitted / received includes personal information, the information regarding communication indicates how many personal information is transmitted / received.
 通信に関する情報は、データの種類に関する情報を含んでよい。通信に関する情報は、データがクレジットカード情報を含むか否かの情報を含んでよい。通信に関する情報は、データがマイナンバー情報を含むか否かの情報を含んでよい。通信に関する情報は、データが個人情報を含むか否かの情報を含んでよい。通信に関する情報は、データが通信の秘密の対象となるか否かの情報を含んでよい。通信の秘密とは、例えば、憲法において定められている「通信の秘密」であってよい。また、通信の秘密とは、例えば、電気通信事業法において定められている「通信の秘密」であってもよい。 Information on communication may include information on the type of data. The information regarding communication may include information on whether or not the data includes credit card information. The information regarding communication may include information as to whether or not the data includes My Number information. The information regarding communication may include information on whether or not the data includes personal information. The information regarding communication may include information on whether or not the data is subject to confidentiality of communication. The secrecy of communications may be, for example, the "secret of communications" stipulated in the Constitution. Further, the secrecy of communication may be, for example, the "secret of communication" defined in the Telecommunications Business Law.
 通信に関する情報は、データの資産価値に関する情報を含んでよい。データの資産価値に関する情報は、データの資産価値がどの程度の高さであるかを示し得る。例えば、データの資産価値は、データが極秘情報を含む場合に最も高く、データが個人情報を含む場合、データが機密情報を含む場合、データが社外秘情報を含む場合、データがこれらのいずれの情報も含まない場合で段階的に低くなる。なお、データの資産価値は、これら以外の基準によって定められてもよい。 Information on communication may include information on the asset value of data. Information about the asset value of the data can indicate how high the asset value of the data is. For example, the asset value of data is highest when the data contains confidential information, when the data contains personal information, when the data contains confidential information, when the data contains confidential information, and when the data contains any of these information. If it does not include, it will gradually decrease. The asset value of the data may be determined by criteria other than these.
 通信に関する情報は、データの管理レベルに関する情報を含んでよい。通信に関する情報は、データの管理方法に関する情報を含んでよい。通信に関する情報は、データの管理ルールに関する情報を含んでよい。通信に関する情報は、データの取扱方法に関する情報を含んでよい。通信に関する情報は、データの取扱ルールに関する情報を含んでよい。 Information on communication may include information on the level of data management. Information about communication may include information about how to manage data. The information regarding communication may include information regarding data management rules. The information regarding communication may include information regarding how to handle data. The information regarding communication may include information regarding rules for handling data.
 通信に関する情報は、データのセキュリティ事故の発生頻度に関する情報を含んでよい。データのセキュリティ事故は、例えば、データの漏洩事故である。 Information on communication may include information on the frequency of data security incidents. A data security accident is, for example, a data leakage accident.
 生成装置100は、ネットワーク10を介して通信装置210と通信してよい。ネットワーク10は、任意のネットワークであってよい。ネットワーク10は、例えば、インターネット、LAN、及びクラウドネットワーク等を含む。 The generation device 100 may communicate with the communication device 210 via the network 10. The network 10 may be any network. The network 10 includes, for example, the Internet, a LAN, a cloud network, and the like.
 生成装置100は、例えば、通信に関する情報に基づいて、社内の通信元と社外の通信先との通信のセキュリティリスクレベルを特定し、通信を表す通信オブジェクトに、当該通信のセキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示するセキュリティハザードマップを生成する。このようなセキュリティハザードマップによって、社内外の複数の通信のそれぞれのセキュリティリスクレベルを容易に把握可能にできる。 The generator 100 specifies, for example, the security risk level of communication between an internal communication source and an external communication destination based on information on communication, and sets a communication object representing communication according to the security risk level of the communication. Generate a security hazard map that displays risk objects in association with each other. With such a security hazard map, it is possible to easily grasp the security risk level of each of a plurality of internal and external communications.
 図2は、生成装置100による処理の流れの一例を概略的に示す。ここでは、生成装置100が、ある会社200のセキュリティハザードマップを生成する処理の流れを示す。 FIG. 2 schematically shows an example of the processing flow by the generation device 100. Here, the flow of processing in which the generation device 100 generates a security hazard map of a certain company 200 is shown.
 ステップ(ステップをSと省略して記載する場合がある。)102において、生成装置100は、対象の会社200に関する情報を取得する。S104において、生成装置100は、会社200に関する情報から、社内外通信、社内通信、及び社外通信を抽出する。 In step 102 (the step may be abbreviated as S) 102, the generator 100 acquires information about the target company 200. In S104, the generator 100 extracts internal / external communication, internal communication, and external communication from the information about the company 200.
 S106において、生成装置100は、抽出した複数の通信のうちの1つについて、セキュリティリスクレベルを特定する。S108において、生成装置100は、抽出した全通信に対してセキュリティリスクレベルを特定したか否かを判定する。完了していないと判定した場合、S106に戻り、完了したと判定した場合、S110に進む。 In S106, the generation device 100 specifies the security risk level for one of the extracted plurality of communications. In S108, the generation device 100 determines whether or not the security risk level has been specified for all the extracted communications. If it is determined that the process is not completed, the process returns to S106, and if it is determined that the process is completed, the process proceeds to S110.
 S110において、生成装置100は、S104において抽出した複数の通信をそれぞれ表す複数の通信オブジェクトと、複数の通信のそれぞれのセキュリティリスクレベルに応じたリスクオブジェクトとを含むセキュリティハザードマップを生成する。生成装置100は、例えば、複数の通信オブジェクトのうち、通信のセキュリティリスクレベルが予め定められたレベルよりも高い通信オブジェクトに対してのみ、リスクオブジェクトを対応付ける。 In S110, the generation device 100 generates a security hazard map including a plurality of communication objects representing each of the plurality of communications extracted in S104 and a risk object corresponding to each security risk level of the plurality of communications. For example, the generation device 100 associates a risk object only with a communication object whose communication security risk level is higher than a predetermined level among a plurality of communication objects.
 S112において、生成装置100は、S110において生成したセキュリティハザードマップを表示させる。生成装置100は、生成装置100が備えるディスプレイにセキュリティハザードマップを表示させてよい。また、生成装置100は、通信装置210に対してセキュリティハザードマップを送信して、通信装置210が備えるディスプレイにセキュリティハザードマップを表示させてもよい。 In S112, the generation device 100 displays the security hazard map generated in S110. The generation device 100 may display the security hazard map on the display included in the generation device 100. Further, the generation device 100 may transmit the security hazard map to the communication device 210 and display the security hazard map on the display included in the communication device 210.
 図3は、セキュリティハザードマップの基本形状300の一例を概略的に示す。基本形状300は、社内領域310、インターネット領域320、社外領域330、アイコン凡例領域340、及び回線凡例領域350を含む。 FIG. 3 schematically shows an example of the basic shape 300 of the security hazard map. The basic shape 300 includes an internal area 310, an Internet area 320, an external area 330, an icon legend area 340, and a line legend area 350.
 社内領域310には、例えば、社内外通信における社内の通信元や、社内通信における通信元及び通信先が配置される。社外領域330には、例えば、社内外通信における社外の通信先や、社外通信における通信元及び通信先が配置される。 In the internal area 310, for example, an internal communication source for internal / external communication, and a communication source and communication destination for internal communication are arranged. In the external area 330, for example, an external communication destination in internal / external communication, and a communication source and communication destination in external communication are arranged.
 社内外通信を表す通信オブジェクトは、社内の通信元を表すオブジェクトと、社外の通信先を表すオブジェクトと、通信を表すオブジェクトとを含む。当該通信を表すオブジェクトは、インターネット領域320を横切ることになる。 The communication object representing internal / external communication includes an object representing an internal communication source, an object representing an external communication destination, and an object representing communication. The object representing the communication will cross the Internet area 320.
 社内通信を表す通信オブジェクトは、社内の通信元を表すオブジェクトと、社内の通信先を表すオブジェクトと、通信を表すオブジェクトとを含む。社外通信を表す通信オブジェクトは、社外の通信元を表すオブジェクトと、社外の通信先を表すオブジェクトと、通信を表すオブジェクトとを含む。 The communication object representing internal communication includes an object representing an internal communication source, an object representing an internal communication destination, and an object representing communication. The communication object representing external communication includes an object representing an external communication source, an object representing an external communication destination, and an object representing communication.
 アイコン凡例領域340には、通信元及び通信先等を表すオブジェクトに相当するアイコンの凡例が配置される。回線凡例領域350には、通信を表すオブジェクトに相当する回線オブジェクトの凡例が配置される。 In the icon legend area 340, an icon legend corresponding to an object representing a communication source, a communication destination, etc. is arranged. In the line legend area 350, a legend of a line object corresponding to an object representing communication is arranged.
 図4及び図5は、セキュリティハザードマップ400の一例を概略的に示す。図4は、リスクオブジェクトの配置前の状態を示し、図5は、リスクオブジェクトの配置後の状態を示す。 4 and 5 schematically show an example of the security hazard map 400. FIG. 4 shows the state before the placement of the risk object, and FIG. 5 shows the state after the placement of the risk object.
 本例においては、社内領域310に高セキュリティエリア402が配置され、高セキュリティエリア402の中に専用PC(Personal Computer)404が配置されている。また、社外領域330に事業系システム410及び顧客420が配置され、事業系システム410の中に管理システム412、WEBサーバ414、及びデータベース416が配置され、顧客420の中にモバイル端末422及びPC424が配置されている。また、社内領域310とインターネット領域320との間にファイヤーウォールを表すFW432が配置され、インターネット領域320と社外領域330との間にFW434が配置されている。 In this example, the high security area 402 is arranged in the in-house area 310, and the dedicated PC (Personal Computer) 404 is arranged in the high security area 402. Further, the business system 410 and the customer 420 are arranged in the external area 330, the management system 412, the WEB server 414, and the database 416 are arranged in the business system 410, and the mobile terminal 422 and the PC 424 are arranged in the customer 420. Have been placed. Further, a FW432 representing a firewall is arranged between the in-house area 310 and the Internet area 320, and a FW434 is arranged between the Internet area 320 and the outside area 330.
 HP(HomePage)入力442は、モバイル端末422とPC424とが、WEBサーバ414によるホームページを介して、入力データを管理システム412に送信する通信を表す。閲覧452は、専用PC404から、管理システム412が管理するデータを閲覧する通信を表す。運用454及び開発保守456は、運用、開発、保守のために、専用PC404からデータベース416にアクセスする通信を表す。 The HP (Home Page) input 442 represents a communication in which the mobile terminal 422 and the PC 424 transmit the input data to the management system 412 via the home page by the WEB server 414. Browsing 452 represents communication for browsing data managed by the management system 412 from the dedicated PC 404. Operation 454 and development / maintenance 456 represent communication for accessing the database 416 from the dedicated PC 404 for operation, development, and maintenance.
 タグオブジェクト502、タグオブジェクト504、及びタグオブジェクト506は、リスクオブジェクトの一例である。タグオブジェクト502は、管理システム412が管理するデータに専用PC404を用いてアクセスすることができるアクセス権者への教育・訓練が十分でないことから、セキュリティリスクが比較的高いことを示す。タグオブジェクト504は、外部記憶媒体の取扱ルールが十分でないことから、セキュリティリスクが比較的高いことを示す。タグオブジェクト506は、管理システム412について、ログ取得が十分でないことから、セキュリティリスクが比較的高いことを示す。 The tag object 502, the tag object 504, and the tag object 506 are examples of risk objects. The tag object 502 indicates that the security risk is relatively high because the access right holder who can access the data managed by the management system 412 by using the dedicated PC 404 is not sufficiently educated and trained. The tag object 504 indicates that the security risk is relatively high because the handling rules of the external storage medium are not sufficient. The tag object 506 indicates that the security risk of the management system 412 is relatively high because the log acquisition is not sufficient.
 生成装置100は、タグオブジェクト502、タグオブジェクト504、及びタグオブジェクト506のそれぞれを、セキュリティリスクレベルの高さに応じて強調してもよい。例えば、生成装置100は、セキュリティリスクレベルが高いほど強調した配色をタグオブジェクト502、タグオブジェクト504、及びタグオブジェクト506に適用する。また、例えば、生成装置100は、セキュリティリスクレベルが高いほど、タグオブジェクト502、タグオブジェクト504、及びタグオブジェクト506のサイズを大きくする。このように、セキュリティリスクレベルの高さに応じた強調を行うことによって、セキュリティリスクレベルの差を直感的に把握可能にできる。 The generation device 100 may emphasize each of the tag object 502, the tag object 504, and the tag object 506 according to the height of the security risk level. For example, the generation device 100 applies the color scheme emphasized as the security risk level is higher to the tag object 502, the tag object 504, and the tag object 506. Further, for example, the generation device 100 increases the size of the tag object 502, the tag object 504, and the tag object 506 as the security risk level increases. In this way, by emphasizing according to the level of security risk, it is possible to intuitively grasp the difference in security risk level.
 吹き出しオブジェクト512も、リスクオブジェクトの一例であってよい。吹き出しオブジェクト512は、専用PC404による通信に対するリスクの内容を示す文字列を含む。図5に示す例において、吹き出しオブジェクト512は、専用PC404による通信に対して、内部不正による情報漏洩と、誤操作によるデータ破壊のリスクがあることを示す。吹き出しオブジェクト512に含まれる文字列は、例えば、生成装置100の管理者等によって登録され得る。生成装置100は、通信オブジェクトに、吹き出しオブジェクト512と、通信オブジェクトが示す通信におけるリスクの内容に対応するリスク内容オブジェクトとを対応付けて表示させてもよい。図5に示す例においては、内部不正に対応する内部不正オブジェクト514が表示されている。タグオブジェクト502及びタグオブジェクト504によって、専用PC404による通信にセキュリティリスクが存在することを把握可能にし、吹き出しオブジェクト512及び内部不正オブジェクト514によって、具体的にどのようなリスクが存在するかを把握可能にすることができる。 The balloon object 512 may also be an example of a risk object. The balloon object 512 includes a character string indicating the content of the risk for communication by the dedicated PC 404. In the example shown in FIG. 5, the balloon object 512 shows that there is a risk of information leakage due to internal improprieties and data destruction due to erroneous operation with respect to communication by the dedicated PC 404. The character string included in the balloon object 512 can be registered, for example, by the administrator of the generation device 100 or the like. The generation device 100 may display the balloon object 512 and the risk content object corresponding to the risk content in the communication indicated by the communication object in association with each other on the communication object. In the example shown in FIG. 5, the internal fraud object 514 corresponding to the internal fraud is displayed. The tag object 502 and the tag object 504 make it possible to grasp that there is a security risk in the communication by the dedicated PC 404, and the balloon object 512 and the internal malicious object 514 make it possible to grasp what kind of risk actually exists. can do.
 図6は、生成装置100の機能構成の一例を概略的に示す。生成装置100は、情報収集部102、情報格納部104、レベル特定部110、表示データ生成部120、及び表示データ出力部122を備える。 FIG. 6 schematically shows an example of the functional configuration of the generator 100. The generation device 100 includes an information collection unit 102, an information storage unit 104, a level identification unit 110, a display data generation unit 120, and a display data output unit 122.
 情報収集部102は、複数の会社200のそれぞれについて、会社200に関する情報を収集する。情報収集部102は、複数の会社200のそれぞれから、会社200に関する情報を受信する。情報収集部102は、収集した情報を情報格納部104に格納する。 The information collection unit 102 collects information about the company 200 for each of the plurality of companies 200. The information collecting unit 102 receives information about the company 200 from each of the plurality of companies 200. The information collecting unit 102 stores the collected information in the information storage unit 104.
 レベル特定部110は、表示データを生成する対象となる会社200の情報を情報格納部104から取得して、会社200における複数の通信のそれぞれのセキュリティリスクレベルを特定する。レベル特定部110は、例えば、会社200におけるインターネットを介した社内の通信元と社外の通信先との通信のセキュリティリスクレベルを特定する。レベル特定部110は、会社200における社内の通信元と社内の通信先との通信のセキュリティリスクレベルを特定してもよい。レベル特定部110は、社外の通信元と社外の通信先との通信のセキュリティリスクレベルを特定してもよい。また、レベル特定部110は、例えば、通信元から通信先に送信するデータに対するセキュリティリスクレベルを特定する。また、レベル特定部110は、例えば、通信先から通信元に送信するデータに対するセキュリティリスクレベルを特定する。 The level specifying unit 110 acquires the information of the company 200 for which the display data is generated from the information storage unit 104, and specifies the security risk level of each of the plurality of communications in the company 200. The level specifying unit 110 specifies, for example, the security risk level of communication between an internal communication source and an external communication destination via the Internet in the company 200. The level specifying unit 110 may specify the security risk level of communication between the internal communication source and the internal communication destination in the company 200. The level specifying unit 110 may specify the security risk level of communication between an external communication source and an external communication destination. Further, the level specifying unit 110 specifies, for example, the security risk level for the data transmitted from the communication source to the communication destination. Further, the level specifying unit 110 specifies, for example, the security risk level for the data transmitted from the communication destination to the communication source.
 レベル特定部110は、対策レベル取得部112、資産価値取得部114、及び発生頻度取得部116を有する。対策レベル取得部112は、会社200のセキュリティ対策レベルを取得する。会社200のセキュリティ対策レベルは、会社200に求められるセキュリティ対策のレベルであってよい。会社200のセキュリティ対策レベルは、例えば、生成装置100の管理者等によって登録されて、情報格納部104に格納される。この場合、対策レベル取得部112は、対象となる会社200のセキュリティ対策レベルを情報格納部104から取得する。 The level specifying unit 110 has a countermeasure level acquisition unit 112, an asset value acquisition unit 114, and an occurrence frequency acquisition unit 116. The countermeasure level acquisition unit 112 acquires the security countermeasure level of the company 200. The security measure level of the company 200 may be the level of the security measure required for the company 200. The security measure level of the company 200 is registered by, for example, the administrator of the generation device 100, and is stored in the information storage unit 104. In this case, the countermeasure level acquisition unit 112 acquires the security countermeasure level of the target company 200 from the information storage unit 104.
 対策レベル取得部112は、情報格納部104に格納されている会社200に関する情報に基づいて、会社200のセキュリティ対策レベルを決定してもよい。対策レベル取得部112は、例えば、会社200の会社名、設立からの経過年、及び事業の内容に基づいて、会社200のセキュリティ対策レベルを決定する。対策レベル取得部112は、会社200が取り扱うデータが通信の秘密の対象となるか否かにさらに基づいてセキュリティ対策レベルを決定してもよい。また、対策レベル取得部112は、会社200が取り扱うデータの数にさらに基づいてセキュリティ対策レベルを決定してもよい。対策レベル取得部112は、会社200が取り扱うデータにクレジットカード情報が含まれるか否かにさらに基づいてセキュリティ対策レベルを決定してもよい。対策レベル取得部112は、会社200が取り扱うデータにマイナンバー情報が含まれるか否かにさらに基づいてセキュリティ対策レベルを決定してもよい。対策レベル取得部112は、会社200が取り扱うデータの漏洩の発生状況にさらに基づいてセキュリティ対策レベルを決定してもよい。セキュリティ対策レベルの決定方法の詳細については後述する。 The countermeasure level acquisition unit 112 may determine the security countermeasure level of the company 200 based on the information about the company 200 stored in the information storage unit 104. The countermeasure level acquisition unit 112 determines the security countermeasure level of the company 200 based on, for example, the company name of the company 200, the elapsed years since its establishment, and the content of the business. The countermeasure level acquisition unit 112 may further determine the security countermeasure level based on whether or not the data handled by the company 200 is subject to confidentiality of communication. Further, the countermeasure level acquisition unit 112 may further determine the security countermeasure level based on the number of data handled by the company 200. The countermeasure level acquisition unit 112 may further determine the security countermeasure level based on whether or not the data handled by the company 200 includes credit card information. The countermeasure level acquisition unit 112 may further determine the security countermeasure level based on whether or not the data handled by the company 200 includes the My Number information. The countermeasure level acquisition unit 112 may determine the security countermeasure level based on the occurrence status of data leakage handled by the company 200. Details of the method for determining the security measure level will be described later.
 資産価値取得部114は、複数の通信のそれぞれについて、通信において扱われるデータの資産価値を取得する。資産価値取得部114は、情報格納部104に格納されている通信に関する情報を参照することによって、通信において扱われるデータの資産価値を取得してよい。 The asset value acquisition unit 114 acquires the asset value of the data handled in the communication for each of the plurality of communications. The asset value acquisition unit 114 may acquire the asset value of the data handled in the communication by referring to the information related to the communication stored in the information storage unit 104.
 発生頻度取得部116は、複数の通信のそれぞれについて、通信において扱われるデータのセキュリティ事故の発生頻度を取得する。発生頻度取得部116は、情報格納部104に格納されている通信に関する情報を参照することによって、通信において扱われるデータのセキュリティ事故の発生頻度を取得してよい。 Occurrence frequency acquisition unit 116 acquires the frequency of occurrence of security accidents of data handled in communication for each of a plurality of communications. The occurrence frequency acquisition unit 116 may acquire the occurrence frequency of a security accident of the data handled in the communication by referring to the information related to the communication stored in the information storage unit 104.
 レベル特定部110は、通信において扱われるデータのセキュリティ対策レベル、資産価値、及びセキュリティ事故の発生頻度に基づいて、通信のセキュリティリスクレベルを特定してよい。レベル特定部110は、例えば、通信のセキュリティリスクレベルとして、セキュリティ対策レベルが高いほど高い値となるセキュリティ対策レベルを示す数値と、資産価値が高いほど高い値となる資産価値を示す数値と、セキュリティ事故の発生頻度が高いほど高い値となるセキュリティ事故の発生頻度を示す数値とを乗算した値を特定する。レベル特定部110は、セキュリティリスクレベルに含まれる複数のレベル毎に、対応する値の範囲を登録した登録データを予め格納しておき、当該登録データを参照することによって、セキュリティリスクレベルを特定してもよい。上述した特定方法を用いることによって、通信において扱われるデータに必要なセキュリティ対策レベルが高いほど、高いセキュリティリスクレベルを特定することができる。また、通信において扱われるデータの資産価値が高いほど高いセキュリティリスクレベルを特定することができる。また、通信において扱われるデータのセキュリティ事故の発生頻度が高いほど高いセキュリティリスクレベルを特定することができる。 The level specifying unit 110 may specify the security risk level of communication based on the security measure level of the data handled in communication, the asset value, and the frequency of occurrence of security accidents. For example, the level identification unit 110 has a numerical value indicating a security measure level that becomes higher as the security measure level is higher, a numerical value indicating an asset value that becomes higher as the asset value is higher, and security as a communication security risk level. The higher the frequency of accidents, the higher the value. Specify a value obtained by multiplying the value indicating the frequency of security accidents. The level identification unit 110 specifies the security risk level by storing the registration data in which the range of the corresponding value is registered for each of the plurality of levels included in the security risk level in advance and referring to the registration data. You may. By using the above-mentioned identification method, the higher the security measure level required for the data handled in communication, the higher the security risk level can be specified. In addition, the higher the asset value of the data handled in communication, the higher the security risk level can be identified. In addition, the higher the frequency of security accidents of data handled in communication, the higher the security risk level can be identified.
 表示データ生成部120は、情報格納部104に格納されている情報と、レベル特定部110によって特定されたセキュリティリスクレベルとに基づいて表示データを生成する。表示データ生成部120は、対象の会社200の複数の通信のそれぞれを表す通信オブジェクトを含む表示データを生成する。表示データ生成部120は、通信オブジェクトに、当該通信オブジェクトが示す通信のセキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成する。 The display data generation unit 120 generates display data based on the information stored in the information storage unit 104 and the security risk level specified by the level identification unit 110. The display data generation unit 120 generates display data including a communication object representing each of a plurality of communications of the target company 200. The display data generation unit 120 generates display data for displaying the communication object in association with the risk object corresponding to the security risk level of the communication indicated by the communication object.
 表示データ生成部120は、例えば、セキュリティリスクレベルが予め定められたレベルよりも高い通信を表す通信オブジェクトに、リスクオブジェクトを対応付けて表示する表示データを生成する。表示データ生成部120は、複数の通信オブジェクトのうち、セキュリティリスクレベルが予め定められたレベルよりも高い通信を表す通信オブジェクトのみに、リスクオブジェクトを対応付けて表示する表示データを生成してよい。また、表示データ生成部120は、例えば、セキュリティリスクレベルが高い順に予め定められた数の通信オブジェクトを特定し、特定した通信オブジェクトにリスクオブジェクトを対応付けて表示する表示データを生成する。 The display data generation unit 120 generates display data for displaying a risk object in association with a communication object representing a communication whose security risk level is higher than a predetermined level, for example. The display data generation unit 120 may generate display data in which the risk objects are associated with and displayed only on the communication objects representing the communication in which the security risk level is higher than the predetermined level among the plurality of communication objects. Further, the display data generation unit 120 specifies, for example, a predetermined number of communication objects in descending order of security risk level, and generates display data for displaying the identified communication objects in association with the risk objects.
 表示データ生成部120は、セキュリティリスクレベルがより高い通信を示す通信オブジェクトに対して、より強調度の高いリスクオブジェクトを対応付けて表示する表示データを生成してもよい。より強調度の高いリスクオブジェクトとは、配色の強調度がより高いリスクオブジェクトであってよい。また、より強調度の高いリスクオブジェクトとは、サイズがより大きいリスクオブジェクトであってもよい。また、より強調度の高いリスクオブジェクトとは、形状の強調度がより高いリスクオブジェクトであってもよい。 The display data generation unit 120 may generate display data in which a risk object having a higher emphasis is associated with a communication object indicating a communication having a higher security risk level. The risk object with a higher degree of emphasis may be a risk object with a higher degree of emphasis on the color scheme. Further, the risk object with higher emphasis may be a risk object having a larger size. Further, the risk object having a higher degree of emphasis may be a risk object having a higher degree of emphasis on the shape.
 表示データ生成部120は、リスクの内容を示す文字列を含む吹き出しオブジェクトをリスクオブジェクトとして、通信オブジェクトに対応付けて表示する表示データを生成してもよい。表示データ生成部120は、通信オブジェクトに、吹き出しオブジェクトと、通信オブジェクトが示す通知におけるリスクの内容に対応するリスク内容オブジェクトとを対応付けて表示する表示データを生成してもよい。表示データ生成部120は、例えば、吹き出しオブジェクトに、リスク内容オブジェクトを対応付けて表示する表示データを生成する。 The display data generation unit 120 may generate display data to be displayed in association with a communication object, using a balloon object including a character string indicating the content of the risk as a risk object. The display data generation unit 120 may generate display data for displaying the balloon object and the risk content object corresponding to the risk content in the notification indicated by the communication object in association with each other. The display data generation unit 120 generates display data for displaying the balloon object in association with the risk content object, for example.
 表示データ生成部120は、通信元を表す通信元オブジェクトに、通信元から通信先に送信するデータに対するセキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成してもよい。表示データ生成部120は、通信先を表す通信先オブジェクトに、通信先が通信元に送信するデータに対するセキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成してもよい。 The display data generation unit 120 may generate display data in which a communication source object representing a communication source is associated with a risk object corresponding to a security risk level for data transmitted from the communication source to the communication destination. The display data generation unit 120 may generate display data in which a communication destination object representing the communication destination is associated with a risk object corresponding to the security risk level for the data transmitted by the communication destination to the communication source.
 表示データ出力部122は、表示データ生成部120によって生成された表示データを出力する。表示データ出力部122は、例えば、表示データを生成装置100が備えるディスプレイに表示させる。また、表示データ出力部122は、例えば、通信装置210に対して表示データを送信して、通信装置210が備えるディスプレイに表示させる。 The display data output unit 122 outputs the display data generated by the display data generation unit 120. The display data output unit 122 displays, for example, display data on a display included in the generation device 100. Further, the display data output unit 122 transmits display data to the communication device 210, for example, and displays the display data on the display provided in the communication device 210.
 図7は、対策レベル取得部112による会社200の分類処理の一例を概略的に示す。対策レベル取得部112は、会社200のセキュリティ対策レベルを決定する場合に、まず、図7に示す分類処理を実行することによって会社200を分類し得る。 FIG. 7 schematically shows an example of the classification process of the company 200 by the countermeasure level acquisition unit 112. When determining the security countermeasure level of the company 200, the countermeasure level acquisition unit 112 can first classify the company 200 by executing the classification process shown in FIG. 7.
 S202において、対策レベル取得部112は、会社名に予め登録された文字列が含まれるか否かを判定する。当該文字列としては、例えば、会社名に含むことによって特に海外からの攻撃の対象となりやすい文字列が登録される。当該文字列の例としては、「バンク」等が挙げられる。含む場合、S204に進み、含まない場合、S210に進む。 In S202, the countermeasure level acquisition unit 112 determines whether or not the company name includes a character string registered in advance. As the character string, for example, a character string that is particularly likely to be the target of an attack from overseas is registered by including it in the company name. An example of the character string is "bank" or the like. If it is included, the process proceeds to S204, and if it is not included, the process proceeds to S210.
 S204において、対策レベル取得部112は、会社設立から3年未満であるか否かを判定する。3年未満であると判定した場合、S206に進み、3年未満でないと判定した場合、S208に進む。 In S204, the countermeasure level acquisition unit 112 determines whether or not it has been less than three years since the company was established. If it is determined that it is less than 3 years, the process proceeds to S206, and if it is determined that it is not less than 3 years, the process proceeds to S208.
 S206において、対策レベル取得部112は、会社200の事業が許認可事業に該当するか否かを判定する。対策レベル取得部112は、該当すると判定した場合、会社200を分類Cとし、該当しないと判定した場合、会社200を分類Bとする。 In S206, the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 corresponds to the licensed business. If the countermeasure level acquisition unit 112 determines that it is applicable, the company 200 is classified as classification C, and if it is determined that it is not applicable, the company 200 is classified as classification B.
 S208において、対策レベル取得部112は、会社200の事業が許認可事業に該当するか否かを判定する。対策レベル取得部112は、該当すると判定した場合、会社200を分類Cとし、該当しないと判定した場合、会社200を分類Bとする。 In S208, the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 falls under the licensed business. If the countermeasure level acquisition unit 112 determines that it is applicable, the company 200 is classified as classification C, and if it is determined that it is not applicable, the company 200 is classified as classification B.
 S210において、対策レベル取得部112は、会社設立から3年未満であるか否かを判定する。3年未満であると判定した場合、S212に進み、3年未満でないと判定した場合、S214に進む。 In S210, the countermeasure level acquisition unit 112 determines whether or not it has been less than three years since the company was established. If it is determined that it is less than 3 years, the process proceeds to S212, and if it is determined that it is not less than 3 years, the process proceeds to S214.
 S212において、対策レベル取得部112は、会社200の事業が許認可事業に該当するか否かを判定する。対策レベル取得部112は、該当すると判定した場合、会社200を分類Cとし、該当しないと判定した場合、会社200を分類Aとする。 In S212, the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 falls under the licensed business. If it is determined that the countermeasure level acquisition unit 112 is applicable, the company 200 is classified as classification C, and if it is determined that the countermeasure level acquisition unit 112 is not applicable, the company 200 is classified as classification A.
 S214において、対策レベル取得部112は、会社200の事業が許認可事業に該当するか否かを判定する。対策レベル取得部112は、該当すると判定した場合、会社200を分類Cとし、該当しないと判定した場合、会社200を分類Dとする。 In S214, the countermeasure level acquisition unit 112 determines whether or not the business of the company 200 falls under the licensed business. If it is determined that the countermeasure level acquisition unit 112 is applicable, the company 200 is classified as classification C, and if it is determined that the countermeasure level acquisition unit 112 is not applicable, the company 200 is classified as classification D.
 図8は、対策レベル決定表600の一例を概略的に示す。対策レベル取得部112は、会社200の分類と、対策レベル決定表600とを用いて、会社200のセキュリティ対策レベルを決定する。ここでは、セキュリティ対策レベルが、MAX、MID、及びMINからなる場合を例に挙げて説明する。なお、セキュリティ対策レベルのレベル数は3つに限らず、任意の数であってよい。 FIG. 8 schematically shows an example of the countermeasure level determination table 600. The countermeasure level acquisition unit 112 determines the security countermeasure level of the company 200 by using the classification of the company 200 and the countermeasure level determination table 600. Here, a case where the security measure level consists of MAX, MID, and MIN will be described as an example. The number of security measure levels is not limited to three, and may be any number.
 対策レベル取得部112は、会社200の分類が分類Aである場合、会社200のセキュリティ対策レベルを、取り扱う個人情報が100万件以上である場合にはMAX、1万件~100万件である場合にはMID、1万件未満である場合にはMINに仮決めする。また、対策レベル取得部112は、会社200のセキュリティ対策レベルを、会社200の分類が分類Bである場合にはMID、分類Cである場合にはMAX、分類Dである場合にはMINに仮決めする。 The countermeasure level acquisition unit 112 determines the security countermeasure level of the company 200 when the classification of the company 200 is classification A, and MAX 10,000 to 1 million when the personal information handled is 1 million or more. In that case, MID is tentatively decided in case of less than 10,000 cases. Further, the countermeasure level acquisition unit 112 provisionally sets the security countermeasure level of the company 200 to MID when the classification of the company 200 is classification B, MAX when the classification is C, and MIN when the classification is D. Decide.
 対策レベル取得部112は、会社200が通信の秘密の対象となる情報を保有しているか否か、取り扱う個人情報の数、クレジットカード情報及びマイナンバー情報の少なくともいずれかを保有しているか否か、5年以内に情報漏洩事故が発生したか否か、及び、起業中で個人情報をまだ保持していない状況か否か、に基づいて、対策レベル決定表600に従って、セキュリティ対策レベルを調整する。例えば、対策レベル取得部112は、会社200が通信の秘密の対象となる情報を保有している場合、セキュリティ対策レベルをMAXとする。 The countermeasure level acquisition unit 112 determines whether or not the company 200 possesses information that is subject to confidential communication, whether or not it possesses at least one of the number of personal information to be handled, credit card information, and my number information. Adjust the security measure level according to the measure level determination table 600 based on whether an information leakage accident occurred within 5 years and whether the situation is such that personal information is not yet retained while starting a business. .. For example, the countermeasure level acquisition unit 112 sets the security countermeasure level to MAX when the company 200 holds information that is the target of confidentiality of communication.
 図9は、生成装置100として機能するコンピュータ1200のハードウェア構成の一例を概略的に示す。コンピュータ1200にインストールされたプログラムは、コンピュータ1200を、本実施形態に係る装置の1又は複数の「部」として機能させ、又はコンピュータ1200に、本実施形態に係る装置に関連付けられるオペレーション又は当該1又は複数の「部」を実行させることができ、及び/又はコンピュータ1200に、本実施形態に係るプロセス又は当該プロセスの段階を実行させることができる。そのようなプログラムは、コンピュータ1200に、本明細書に記載のフローチャート及びブロック図のブロックのうちのいくつか又はすべてに関連付けられた特定のオペレーションを実行させるべく、CPU1212によって実行されてよい。 FIG. 9 schematically shows an example of the hardware configuration of the computer 1200 that functions as the generator 100. A program installed on the computer 1200 causes the computer 1200 to function as one or more "parts" of the device according to the present embodiment, or causes the computer 1200 to perform an operation associated with the device according to the present embodiment or the one or more. A plurality of "parts" can be executed and / or a computer 1200 can be made to execute a process according to the present embodiment or a stage of the process. Such a program may be run by the CPU 1212 to cause the computer 1200 to perform certain operations associated with some or all of the blocks of the flowcharts and block diagrams described herein.
 本実施形態によるコンピュータ1200は、CPU1212、RAM1214、及びグラフィックコントローラ1216を含み、それらはホストコントローラ1210によって相互に接続されている。コンピュータ1200はまた、通信インタフェース1222、記憶装置1224、DVDドライブ1226、及びICカードドライブのような入出力ユニットを含み、それらは入出力コントローラ1220を介してホストコントローラ1210に接続されている。DVDドライブ1226は、DVD-ROMドライブ及びDVD-RAMドライブ等であってよい。記憶装置1224は、ハードディスクドライブ及びソリッドステートドライブ等であってよい。コンピュータ1200はまた、ROM1230及びキーボードのようなレガシの入出力ユニットを含み、それらは入出力チップ1240を介して入出力コントローラ1220に接続されている。 The computer 1200 according to this embodiment includes a CPU 1212, a RAM 1214, and a graphic controller 1216, which are connected to each other by a host controller 1210. The computer 1200 also includes input / output units such as a communication interface 1222, a storage device 1224, a DVD drive 1226, and an IC card drive, which are connected to the host controller 1210 via an input / output controller 1220. The DVD drive 1226 may be a DVD-ROM drive, a DVD-RAM drive, or the like. The storage device 1224 may be a hard disk drive, a solid state drive, or the like. The computer 1200 also includes a legacy I / O unit such as a ROM 1230 and a keyboard, which are connected to the I / O controller 1220 via an I / O chip 1240.
 CPU1212は、ROM1230及びRAM1214内に格納されたプログラムに従い動作し、それにより各ユニットを制御する。グラフィックコントローラ1216は、RAM1214内に提供されるフレームバッファ等又はそれ自体の中に、CPU1212によって生成されるイメージデータを取得し、イメージデータがディスプレイデバイス1218上に表示されるようにする。 The CPU 1212 operates according to the programs stored in the ROM 1230 and the RAM 1214, thereby controlling each unit. The graphic controller 1216 acquires the image data generated by the CPU 1212 in a frame buffer or the like provided in the RAM 1214 or itself so that the image data is displayed on the display device 1218.
 通信インタフェース1222は、ネットワークを介して他の電子デバイスと通信する。記憶装置1224は、コンピュータ1200内のCPU1212によって使用されるプログラム及びデータを格納する。DVDドライブ1226は、プログラム又はデータをDVD-ROM1227等から読み取り、記憶装置1224に提供する。ICカードドライブは、プログラム及びデータをICカードから読み取り、及び/又はプログラム及びデータをICカードに書き込む。 The communication interface 1222 communicates with other electronic devices via the network. The storage device 1224 stores programs and data used by the CPU 1212 in the computer 1200. The DVD drive 1226 reads a program or data from a DVD-ROM 1227 or the like and provides it to the storage device 1224. The IC card drive reads the program and data from the IC card and / or writes the program and data to the IC card.
 ROM1230はその中に、アクティブ化時にコンピュータ1200によって実行されるブートプログラム等、及び/又はコンピュータ1200のハードウェアに依存するプログラムを格納する。入出力チップ1240はまた、様々な入出力ユニットをUSBポート、パラレルポート、シリアルポート、キーボードポート、マウスポート等を介して、入出力コントローラ1220に接続してよい。 The ROM 1230 stores a boot program or the like executed by the computer 1200 at the time of activation and / or a program depending on the hardware of the computer 1200. The input / output chip 1240 may also connect various input / output units to the input / output controller 1220 via a USB port, a parallel port, a serial port, a keyboard port, a mouse port, and the like.
 プログラムは、DVD-ROM1227又はICカードのようなコンピュータ可読記憶媒体によって提供される。プログラムは、コンピュータ可読記憶媒体から読み取られ、コンピュータ可読記憶媒体の例でもある記憶装置1224、RAM1214、又はROM1230にインストールされ、CPU1212によって実行される。これらのプログラム内に記述される情報処理は、コンピュータ1200に読み取られ、プログラムと、上記様々なタイプのハードウェアリソースとの間の連携をもたらす。装置又は方法が、コンピュータ1200の使用に従い情報のオペレーション又は処理を実現することによって構成されてよい。 The program is provided by a computer-readable storage medium such as a DVD-ROM 1227 or an IC card. The program is read from a computer-readable storage medium, installed in a storage device 1224, RAM 1214, or ROM 1230, which is also an example of a computer-readable storage medium, and executed by the CPU 1212. The information processing described in these programs is read by the computer 1200 and provides a link between the program and the various types of hardware resources described above. The device or method may be configured to implement the operation or processing of information in accordance with the use of the computer 1200.
 例えば、通信がコンピュータ1200及び外部デバイス間で実行される場合、CPU1212は、RAM1214にロードされた通信プログラムを実行し、通信プログラムに記述された処理に基づいて、通信インタフェース1222に対し、通信処理を命令してよい。通信インタフェース1222は、CPU1212の制御の下、RAM1214、記憶装置1224、DVD-ROM1227、又はICカードのような記録媒体内に提供される送信バッファ領域に格納された送信データを読み取り、読み取られた送信データをネットワークに送信し、又はネットワークから受信した受信データを記録媒体上に提供される受信バッファ領域等に書き込む。 For example, when communication is executed between the computer 1200 and an external device, the CPU 1212 executes a communication program loaded in the RAM 1214, and performs communication processing on the communication interface 1222 based on the processing described in the communication program. You may order. Under the control of the CPU 1212, the communication interface 1222 reads and reads transmission data stored in a transmission buffer area provided in a recording medium such as a RAM 1214, a storage device 1224, a DVD-ROM 1227, or an IC card. The data is transmitted to the network, or the received data received from the network is written to the reception buffer area or the like provided on the recording medium.
 また、CPU1212は、記憶装置1224、DVDドライブ1226(DVD-ROM1227)、ICカード等のような外部記録媒体に格納されたファイル又はデータベースの全部又は必要な部分がRAM1214に読み取られるようにし、RAM1214上のデータに対し様々なタイプの処理を実行してよい。CPU1212は次に、処理されたデータを外部記録媒体にライトバックしてよい。 Further, the CPU 1212 makes the RAM 1214 read all or necessary parts of a file or a database stored in an external recording medium such as a storage device 1224, a DVD drive 1226 (DVD-ROM1227), an IC card, etc. Various types of processing may be performed on the data of. The CPU 1212 may then write back the processed data to an external recording medium.
 様々なタイプのプログラム、データ、テーブル、及びデータベースのような様々なタイプの情報が記録媒体に格納され、情報処理を受けてよい。CPU1212は、RAM1214から読み取られたデータに対し、本開示の随所に記載され、プログラムの命令シーケンスによって指定される様々なタイプのオペレーション、情報処理、条件判断、条件分岐、無条件分岐、情報の検索/置換等を含む、様々なタイプの処理を実行してよく、結果をRAM1214に対しライトバックする。また、CPU1212は、記録媒体内のファイル、データベース等における情報を検索してよい。例えば、各々が第2の属性の属性値に関連付けられた第1の属性の属性値を有する複数のエントリが記録媒体内に格納される場合、CPU1212は、当該複数のエントリの中から、第1の属性の属性値が指定されている条件に一致するエントリを検索し、当該エントリ内に格納された第2の属性の属性値を読み取り、それにより予め定められた条件を満たす第1の属性に関連付けられた第2の属性の属性値を取得してよい。 Various types of information such as various types of programs, data, tables, and databases may be stored in recording media and processed. The CPU 1212 describes various types of operations, information processing, conditional judgment, conditional branching, unconditional branching, and information retrieval described in various parts of the present disclosure with respect to the data read from the RAM 1214. Various types of processing may be performed, including / replacement, etc., and the results are written back to the RAM 1214. Further, the CPU 1212 may search for information in a file, a database, or the like in the recording medium. For example, when a plurality of entries each having an attribute value of the first attribute associated with the attribute value of the second attribute are stored in the recording medium, the CPU 1212 is the first of the plurality of entries. The attribute value of the attribute of is searched for the entry that matches the specified condition, the attribute value of the second attribute stored in the entry is read, and the first attribute that satisfies the predetermined condition is selected. You may get the attribute value of the associated second attribute.
 上で説明したプログラム又はソフトウエアモジュールは、コンピュータ1200上又はコンピュータ1200近傍のコンピュータ可読記憶媒体に格納されてよい。また、専用通信ネットワーク又はインターネットに接続されたサーバシステム内に提供されるハードディスク又はRAMのような記録媒体が、コンピュータ可読記憶媒体として使用可能であり、それによりプログラムを、ネットワークを介してコンピュータ1200に提供する。 The program or software module described above may be stored on a computer 1200 or in a computer-readable storage medium near the computer 1200. In addition, a recording medium such as a hard disk or RAM provided in a dedicated communication network or a server system connected to the Internet can be used as a computer-readable storage medium, whereby the program can be transferred to the computer 1200 via the network. provide.
 本実施形態におけるフローチャート及びブロック図におけるブロックは、オペレーションが実行されるプロセスの段階又はオペレーションを実行する役割を持つ装置の「部」を表わしてよい。特定の段階及び「部」が、専用回路、コンピュータ可読記憶媒体上に格納されるコンピュータ可読命令と共に供給されるプログラマブル回路、及び/又はコンピュータ可読記憶媒体上に格納されるコンピュータ可読命令と共に供給されるプロセッサによって実装されてよい。専用回路は、デジタル及び/又はアナログハードウェア回路を含んでよく、集積回路(IC)及び/又はディスクリート回路を含んでよい。プログラマブル回路は、例えば、フィールドプログラマブルゲートアレイ(FPGA)、及びプログラマブルロジックアレイ(PLA)等のような、論理積、論理和、排他的論理和、否定論理積、否定論理和、及び他の論理演算、フリップフロップ、レジスタ、並びにメモリエレメントを含む、再構成可能なハードウェア回路を含んでよい。 The blocks in the flowchart and the block diagram in the present embodiment may represent the stage of the process in which the operation is executed or the "part" of the device having a role of executing the operation. Specific stages and "parts" are supplied with dedicated circuits, programmable circuits supplied with computer-readable instructions stored on computer-readable storage media, and / or with computer-readable instructions stored on computer-readable storage media. It may be implemented by the processor. Dedicated circuits may include digital and / or analog hardware circuits, and may include integrated circuits (ICs) and / or discrete circuits. Programmable circuits include, for example, field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), etc., such as logical products, logical sums, exclusive logical sums, negative logical products, negative logical sums, and other logical operations. , Flip-flops, registers, and reconfigurable hardware circuits, including memory elements.
 コンピュータ可読記憶媒体は、適切なデバイスによって実行される命令を格納可能な任意の有形なデバイスを含んでよく、その結果、そこに格納される命令を有するコンピュータ可読記憶媒体は、フローチャート又はブロック図で指定されたオペレーションを実行するための手段を作成すべく実行され得る命令を含む、製品を備えることになる。コンピュータ可読記憶媒体の例としては、電子記憶媒体、磁気記憶媒体、光記憶媒体、電磁記憶媒体、半導体記憶媒体等が含まれてよい。コンピュータ可読記憶媒体のより具体的な例としては、フロッピー(登録商標)ディスク、ディスケット、ハードディスク、ランダムアクセスメモリ(RAM)、リードオンリメモリ(ROM)、消去可能プログラマブルリードオンリメモリ(EPROM又はフラッシュメモリ)、電気的消去可能プログラマブルリードオンリメモリ(EEPROM)、静的ランダムアクセスメモリ(SRAM)、コンパクトディスクリードオンリメモリ(CD-ROM)、デジタル多用途ディスク(DVD)、ブルーレイ(登録商標)ディスク、メモリスティック、集積回路カード等が含まれてよい。 The computer-readable storage medium may include any tangible device capable of storing instructions executed by the appropriate device, so that the computer-readable storage medium having the instructions stored therein is in a flow chart or block diagram. It will include a product that contains instructions that can be executed to create means for performing the specified operation. Examples of the computer-readable storage medium may include an electronic storage medium, a magnetic storage medium, an optical storage medium, an electromagnetic storage medium, a semiconductor storage medium, and the like. More specific examples of computer-readable storage media include floppy (registered trademark) disks, diskettes, hard disks, random access memory (RAM), read-only memory (ROM), and erasable programmable read-only memory (EPROM or flash memory). , Electrically Erasable Programmable Read Only Memory (EEPROM), Static Random Access Memory (SRAM), Compact Disc Read Only Memory (CD-ROM), Digital Versatile Disc (DVD), Blu-ray® Disc, Memory Stick , Integrated circuit card, etc. may be included.
 コンピュータ可読命令は、アセンブラ命令、命令セットアーキテクチャ(ISA)命令、マシン命令、マシン依存命令、マイクロコード、ファームウェア命令、状態設定データ、又はSmalltalk(登録商標)、JAVA(登録商標)、C++等のようなオブジェクト指向プログラミング言語、及び「C」プログラミング言語又は同様のプログラミング言語のような従来の手続型プログラミング言語を含む、1又は複数のプログラミング言語の任意の組み合わせで記述されたソースコード又はオブジェクトコードのいずれかを含んでよい。 Computer-readable instructions include assembler instructions, instruction set architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, state setting data, or Smalltalk®, JAVA®, C ++, etc. Object-oriented programming languages, and either source code or object code written in any combination of one or more programming languages, including traditional procedural programming languages such as the "C" programming language or similar programming languages. May include.
 コンピュータ可読命令は、汎用コンピュータ、特殊目的のコンピュータ、若しくは他のプログラム可能なデータ処理装置のプロセッサ、又はプログラマブル回路が、フローチャート又はブロック図で指定されたオペレーションを実行するための手段を生成するために当該コンピュータ可読命令を実行すべく、ローカルに又はローカルエリアネットワーク(LAN)、インターネット等のようなワイドエリアネットワーク(WAN)を介して、汎用コンピュータ、特殊目的のコンピュータ、若しくは他のプログラム可能なデータ処理装置のプロセッサ、又はプログラマブル回路に提供されてよい。プロセッサの例としては、コンピュータプロセッサ、処理ユニット、マイクロプロセッサ、デジタル信号プロセッサ、コントローラ、マイクロコントローラ等を含む。 Computer-readable instructions are used to generate means for a general-purpose computer, a special-purpose computer, or the processor of another programmable data processing device, or a programmable circuit, to perform an operation specified in a flowchart or block diagram. General purpose computers, special purpose computers, or other programmable data processing locally or via a local area network (LAN), a wide area network (WAN) such as the Internet, etc. to execute the computer readable instructions. It may be provided in the processor of the device or in a programmable circuit. Examples of processors include computer processors, processing units, microprocessors, digital signal processors, controllers, microcontrollers and the like.
 以上、本発明を実施の形態を用いて説明したが、本発明の技術的範囲は上記実施の形態に記載の範囲には限定されない。上記実施の形態に、多様な変更又は改良を加えることが可能であることが当業者に明らかである。その様な変更又は改良を加えた形態も本発明の技術的範囲に含まれ得ることが、請求の範囲の記載から明らかである。 Although the present invention has been described above using the embodiments, the technical scope of the present invention is not limited to the scope described in the above embodiments. It will be apparent to those skilled in the art that various changes or improvements can be made to the above embodiments. It is clear from the claims that the form with such modifications or improvements may also be included in the technical scope of the invention.
 請求の範囲、明細書、及び図面中において示した装置、システム、プログラム、及び方法における動作、手順、ステップ、及び段階などの各処理の実行順序は、特段「より前に」、「先立って」などと明示しておらず、また、前の処理の出力を後の処理で用いるのでない限り、任意の順序で実現しうることに留意すべきである。請求の範囲、明細書、及び図面中の動作フローに関して、便宜上「まず、」、「次に、」などを用いて説明したとしても、この順で実施することが必須であることを意味するものではない。 The order of execution of each process such as operation, procedure, step, and step in the device, system, program, and method shown in the claims, specifications, and drawings is particularly "before" and "prior to". It should be noted that it can be realized in any order unless the output of the previous process is used in the subsequent process. Even if the claims, the specification, and the operation flow in the drawings are explained using "first", "next", etc. for convenience, it means that it is essential to carry out in this order. is not it.
10 ネットワーク、100 生成装置、102 情報収集部、104 情報格納部、110 レベル特定部、112 対策レベル取得部、114 資産価値取得部、116 発生頻度取得部、120 表示データ生成部、122 表示データ出力部、200 会社、202 担当者、210 通信装置、300 基本形状、310 社内領域、320 インターネット領域、330 社外領域、340 アイコン凡例領域、350 回線凡例領域、400 ハザードマップ、402 高セキュリティエリア、404 専用PC、410 事業系システム、412 管理システム、414 WEBサーバ、416 データベース、420 顧客、422 モバイル端末、424 PC、432、434 FW、442 HP入力、452 閲覧、454 運用、456 開発保守、502、504、506 タグオブジェクト、512 吹き出しオブジェクト、514 内部不正オブジェクト、600 対策レベル決定表、1200 コンピュータ、1210 ホストコントローラ、1212 CPU、1214 RAM、1216 グラフィックコントローラ、1218 ディスプレイデバイス、1220 入出力コントローラ、1222 通信インタフェース、1224 記憶装置、1226 DVDドライブ、1227 DVD-ROM、1230 ROM、1240 入出力チップ 10 network, 100 generator, 102 information collection unit, 104 information storage unit, 110 level identification unit, 112 countermeasure level acquisition unit, 114 asset value acquisition unit, 116 occurrence frequency acquisition unit, 120 display data generation unit, 122 display data output Department, 200 companies, 202 personnel, 210 communication devices, 300 basic shapes, 310 internal areas, 320 Internet areas, 330 external areas, 340 icon legend areas, 350 line legend areas, 400 hazard maps, 402 high security areas, 404 dedicated PC, 410 business system, 412 management system, 414 WEB server, 416 database, 420 customer, 422 mobile terminal, 424 PC, 432, 434 FW, 442 HP input, 452 browsing, 454 operation, 456 development and maintenance, 502, 504 , 506 tag object, 512 blowout object, 514 internal fraudulent object, 600 countermeasure level determination table, 1200 computer, 1210 host controller, 1212 CPU, 1214 RAM, 1216 graphic controller, 1218 display device, 1220 input / output controller, 1222 communication interface, 1224 storage device, 1226 DVD drive, 1227 DVD-ROM, 1230 ROM, 1240 input / output chip

Claims (18)

  1.  対象の会社におけるインターネットを介した社内の通信元と社外の通信先との通信のセキュリティリスクレベルを特定するレベル特定部と、
     前記通信を表す通信オブジェクトに、前記レベル特定部によって特定された前記セキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成する表示データ生成部と
     を備える生成装置。     A level identification department that identifies the security risk level of communication between internal communication sources and external communication destinations via the Internet at the target company,
    A generation device including a display data generation unit that generates display data for displaying a communication object representing the communication in association with a risk object corresponding to the security risk level specified by the level specifying unit.
  2.  前記レベル特定部は、前記対象の会社におけるインターネットを介した複数の社内の通信元と複数の社外の通信先とのそれぞれの通信の前記セキュリティリスクレベルを特定し、
     前記表示データ生成部は、複数の前記通信のそれぞれを表す複数の前記通信オブジェクトに、前記レベル特定部によって特定された前記セキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成する、請求項1に記載の生成装置。     The level specifying unit identifies the security risk level of each communication between a plurality of internal communication sources and a plurality of external communication destinations via the Internet in the target company.
    The display data generation unit generates display data for displaying a plurality of communication objects representing each of the communication in association with a risk object corresponding to the security risk level specified by the level specifying unit. , The generator according to claim 1.
  3.  前記表示データ生成部は、前記セキュリティリスクレベルが予め定められたレベルよりも高い前記通信を表す前記通信オブジェクトに、前記リスクオブジェクトを対応付けて表示する前記表示データを生成する、請求項1又は2に記載の生成装置。 The display data generation unit generates the display data for displaying the risk object in association with the communication object representing the communication whose security risk level is higher than a predetermined level, claim 1 or 2. The generator described in.
  4.  前記表示データ生成部は、前記セキュリティリスクレベルがより高い前記通信を示す前記通信オブジェクトに対して、より強調度の高い前記リスクオブジェクトを対応付けて表示する前記表示データを生成する、請求項1から3のいずれか一項に記載の生成装置。 From claim 1, the display data generation unit generates the display data for displaying the risk object having a higher emphasis in association with the communication object indicating the communication having a higher security risk level. The generator according to any one of 3.
  5.  前記表示データ生成部は、リスクの内容を示す文字列を含む吹き出しオブジェクトを前記リスクオブジェクトとして、前記通信オブジェクトに対応付けて表示する表示データを生成する、請求項1から4のいずれか一項に記載の生成装置。 According to any one of claims 1 to 4, the display data generation unit generates display data to be displayed in association with the communication object, using a blowout object including a character string indicating the content of the risk as the risk object. The generator described.
  6.  前記レベル特定部は、前記通信のセキュリティリスクレベルとして、前記通信元から前記通信先に送信するデータに対するセキュリティリスクレベルを特定し、
     前記表示データ生成部は、前記通信元を表す通信元オブジェクトに、前記通信元から前記通信先に送信するデータに対する前記セキュリティリスクレベルに応じた前記リスクオブジェクトを対応付けて表示する前記表示データを生成する、請求項1から5のいずれか一項に記載の生成装置。     The level specifying unit specifies the security risk level for the data transmitted from the communication source to the communication destination as the security risk level of the communication.
    The display data generation unit generates the display data for displaying the communication source object representing the communication source in association with the risk object corresponding to the security risk level for the data transmitted from the communication source to the communication destination. The generator according to any one of claims 1 to 5.
  7.  前記レベル特定部は、前記通信のセキュリティリスクレベルとして、前記通信先から前記通信元に送信するデータに対するセキュリティリスクレベルを特定し、
     前記表示データ生成部は、前記通信先を表す通信先オブジェクトに、前記通信先から前記通信元に送信するデータに対する前記セキュリティリスクレベルに応じた前記リスクオブジェクトを対応付けて表示する前記表示データを生成する、請求項1から6のいずれか一項に記載の生成装置。     The level specifying unit specifies the security risk level for the data transmitted from the communication destination to the communication source as the security risk level of the communication.
    The display data generation unit generates the display data for displaying the communication destination object representing the communication destination in association with the risk object corresponding to the security risk level for the data transmitted from the communication destination to the communication source. The generator according to any one of claims 1 to 6.
  8.  前記表示データ生成部は、前記通信オブジェクトに、前記リスクオブジェクトと、前記通信オブジェクトが示す前記通信におけるリスクの内容に対応するリスク内容オブジェクトとを対応付けて表示する前記表示データを生成する、請求項1から7のいずれか一項に記載の生成装置。 The display data generation unit generates the display data for displaying the communication object in association with the risk object and the risk content object corresponding to the risk content in the communication indicated by the communication object. The generator according to any one of 1 to 7.
  9.  前記レベル特定部は、前記対象の会社のセキュリティ対策レベルと、前記通信において扱われるデータの資産価値と、前記通信において扱われるデータのセキュリティ事故の発生頻度とに基づいて、前記通信の前記セキュリティリスクレベルを特定する、請求項1から8のいずれか一項に記載の生成装置。 The level specifying unit determines the security risk of the communication based on the security measure level of the target company, the asset value of the data handled in the communication, and the frequency of occurrence of security accidents of the data handled in the communication. The generator according to any one of claims 1 to 8, which specifies a level.
  10.  前記レベル特定部は、前記通信の前記セキュリティリスクレベルとして、前記セキュリティ対策レベルが高いほど高い値となる前記セキュリティ対策レベルを示す数値と、前記資産価値が高いほど高い値となる前記資産価値を示す数値と、前記発生頻度を示す数値とを乗算した値を特定する、請求項9に記載の生成装置。 The level specifying unit indicates, as the security risk level of the communication, a numerical value indicating the security measure level that becomes higher as the security measure level is higher, and the asset value that becomes higher as the asset value is higher. The generator according to claim 9, wherein a value obtained by multiplying a numerical value by a numerical value indicating the frequency of occurrence is specified.
  11.  前記レベル特定部は、前記対象の会社の会社名、設立からの経過年、及び事業内容の少なくともいずれかに基づいて、前記セキュリティ対策レベルを決定する、請求項9又は10に記載の生成装置。 The generator according to claim 9 or 10, wherein the level specifying unit determines the security measure level based on at least one of the company name of the target company, the years elapsed since its establishment, and the business content.
  12.  前記レベル特定部は、前記対象の会社が取り扱うデータが通信の秘密の対象となるか否かにさらに基づいて、前記セキュリティ対策レベルを決定する、請求項11に記載の生成装置。 The generator according to claim 11, wherein the level specifying unit further determines the security measure level based on whether or not the data handled by the target company is subject to confidentiality of communication.
  13.  前記レベル特定部は、前記対象の会社が取り扱うデータの数にさらに基づいて、前記セキュリティ対策レベルを決定する、請求項11又は12に記載の生成装置。 The generator according to claim 11 or 12, wherein the level specifying unit further determines the security measure level based on the number of data handled by the target company.
  14.  前記レベル特定部は、前記対象の会社が取り扱うデータにクレジットカード情報が含まれるか否かにさらに基づいて、前記セキュリティ対策レベルを決定する、請求項11から13のいずれか一項に記載の生成装置。 The generation according to any one of claims 11 to 13, wherein the level specifying unit determines the security measure level based on whether or not the data handled by the target company includes credit card information. apparatus.
  15.  前記レベル特定部は、前記対象の会社が取り扱うデータにマイナンバー情報が含まれるか否かにさらに基づいて、前記セキュリティ対策レベルを決定する、請求項11から14のいずれか一項に記載の生成装置。 The generation according to any one of claims 11 to 14, wherein the level specifying unit determines the security measure level based on whether or not the data handled by the target company includes My Number information. apparatus.
  16.  前記レベル特定部は、前記対象の会社が取り扱うデータの漏洩の発生状況にさらに基づいて、前記セキュリティ対策レベルを決定する、請求項11から15のいずれか一項に記載の生成装置。 The generator according to any one of claims 11 to 15, wherein the level specifying unit determines the security measure level based on the occurrence status of data leakage handled by the target company.
  17.  コンピュータを、請求項1から16のいずれか一項に記載の生成装置として機能させるためのプログラム。 A program for causing a computer to function as the generator according to any one of claims 1 to 16.
  18.  対象の会社におけるインターネットを介した社内の通信元と社外の通信先との通信のセキュリティリスクレベルを特定するレベル特定段階と、
     複数の前記通信のそれぞれを表す複数の通信オブジェクトに、前記レベル特定段階において特定された前記セキュリティリスクレベルに応じたリスクオブジェクトを対応付けて表示する表示データを生成する表示データ生成段階と
     を備える生成方法。     Level identification stage to identify the security risk level of communication between the internal communication source and the external communication destination via the Internet in the target company, and
    Generation including a display data generation stage for generating display data for displaying a plurality of communication objects representing each of the plurality of communications in association with a risk object corresponding to the security risk level specified in the level specifying stage. Method.
PCT/JP2020/039196 2019-10-18 2020-10-16 Generating device, program, and generating method WO2021075577A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2019191206A JP6952090B2 (en) 2019-10-18 2019-10-18 Generator, program, and generation method
JP2019-191206 2019-10-18

Publications (1)

Publication Number Publication Date
WO2021075577A1 true WO2021075577A1 (en) 2021-04-22

Family

ID=75538283

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/039196 WO2021075577A1 (en) 2019-10-18 2020-10-16 Generating device, program, and generating method

Country Status (2)

Country Link
JP (1) JP6952090B2 (en)
WO (1) WO2021075577A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007156816A (en) * 2005-12-05 2007-06-21 Nec Corp Risk analyzing device, risk analyzing method and risk analyzing program
WO2013035181A1 (en) * 2011-09-08 2013-03-14 株式会社日立製作所 Vulnerability countermeasure device, and vulnerability countermeasure method
WO2018163274A1 (en) * 2017-03-07 2018-09-13 三菱電機株式会社 Risk analysis device, risk analysis method and risk analysis program
JP2019070912A (en) * 2017-10-06 2019-05-09 株式会社野村総合研究所 Security evaluation system and method for the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007156816A (en) * 2005-12-05 2007-06-21 Nec Corp Risk analyzing device, risk analyzing method and risk analyzing program
WO2013035181A1 (en) * 2011-09-08 2013-03-14 株式会社日立製作所 Vulnerability countermeasure device, and vulnerability countermeasure method
WO2018163274A1 (en) * 2017-03-07 2018-09-13 三菱電機株式会社 Risk analysis device, risk analysis method and risk analysis program
JP2019070912A (en) * 2017-10-06 2019-05-09 株式会社野村総合研究所 Security evaluation system and method for the same

Also Published As

Publication number Publication date
JP6952090B2 (en) 2021-10-20
JP2021068031A (en) 2021-04-30

Similar Documents

Publication Publication Date Title
CN109582861B (en) Data privacy information detection system
US20200272741A1 (en) Advanced Rule Analyzer to Identify Similarities in Security Rules, Deduplicate Rules, and Generate New Rules
US20190258648A1 (en) Generating asset level classifications using machine learning
CN104956376A (en) Method and technique for application and device control in a virtualized environment
Tsukerman Machine Learning for Cybersecurity Cookbook: Over 80 recipes on how to implement machine learning algorithms for building security systems using Python
US9342697B1 (en) Scalable security policy architecture for data leakage prevention
JPWO2014208427A1 (en) Security information management system, security information management method, and security information management program
CN110674360B (en) Tracing method and system for data
CN103336927A (en) Data classification based data leakage prevention method and system
WO2020246905A1 (en) System for intelligent management of cyber threats
CN109067587B (en) Method and device for determining key information infrastructure
WO2021075577A1 (en) Generating device, program, and generating method
US20230017839A1 (en) Risk analysis result display apparatus, method, and computer readable media
CN116881979A (en) Method, device and equipment for detecting data safety compliance
WO2019142469A1 (en) Security design apparatus, security design method, and security design program
CN116389148A (en) Network security situation prediction system based on artificial intelligence
US20230367884A1 (en) Cyber attack scenario generation method and device
JP6274090B2 (en) Threat analysis apparatus and threat analysis method
US11765022B2 (en) Information distribution system, monitoring device, sharing device and information distribution method
CN113434365B (en) Data characteristic monitoring method and device, electronic equipment and storage medium
Mundt et al. Enhancing Incident Management by an Improved Understanding of Data Exfiltration: Definition, Evaluation, Review
US20230273993A1 (en) Log generation apparatus, log generation method, and non-transitory computer readable medium
WO2023175954A1 (en) Information processing device, information processing method, and computer-readable recording medium
US9602542B2 (en) Security-function-design support device, security-function-design support method, and program storage medium
JP7408530B2 (en) Security management system and security management method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20876304

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20876304

Country of ref document: EP

Kind code of ref document: A1