专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明专利

JP2006331383A Tool, method, and program for supporting system security design/evaluation 有权
标题翻译：用于支持系统安全设计/评估的工具，方法和程序
公开(公告)号：JP2006331383A
公开(公告)日：2006-12-07
申请号：JP2005320511
申请日：2005-11-04
申请人： Hitachi Ltd , 株式会社日立製作所
发明人： YASUHOSO KOSUKE , ARAI MASATO , NAGAI YASUHIKO , MATSUMOTO HITAKA
IPC分类号： G06F21/00 , G06Q10/00 , G06Q10/06 , G06Q50/00
CPC分类号： G06F21/577 , G06F2221/2101
摘要： PROBLEM TO BE SOLVED: To derive an appropriate assurance level corresponding to the degree of a risk of each component that composes an object system. SOLUTION: A tool for supporting system security design/evaluation 100 comprises a table link use unit 110 for identifying linkages between a threat-to-component correspondence table 125, a risk-value table 126, a component contribution rate table 127, and a risk-to-assurance level correspondence table 128, based on their respective duplicate items, and a component assurance level deriving unit 111 for deriving the assurance level of each of components that conforms to a risk value of a threat that a security function, which the components provides, counters by weighting the risk value of the threat by a component contribution rate based on the linkages of the respective tables. COPYRIGHT: (C)2007,JPO&INPIT
摘要翻译：要解决的问题：导出与组成对象系统的每个组件的风险程度相对应的适当的保证级别。解决方案：用于支持系统安全设计/评估的工具100包括用于识别威胁组件对应表125，风险值表126，组件贡献率表127之间的连接的表链接使用单元110，以及基于它们各自的重复项的风险确认级别对应表128和用于导出符合安全功能的威胁的风险值的每个组件的保证级别的组件保证级别导出单元111，组件提供的计数器，通过基于各个表的联系，以组件贡献率加权威胁的风险值。版权所有（C）2007，JPO＆INPIT

2. 发明专利

JP2008283413A Access control system 有权
标题翻译：访问控制系统
公开(公告)号：JP2008283413A
公开(公告)日：2008-11-20
申请号：JP2007125156
申请日：2007-05-10
申请人： Hitachi Ltd , 株式会社日立製作所
发明人： AOSHIMA HIROKAZU , FUJISHIRO TAKAHIRO , KAJI TADASHI , MATSUMOTO HITAKA
IPC分类号： H04L9/08 , G06F21/20
摘要： PROBLEM TO BE SOLVED: To control an encryption communication path according to the user of an application. SOLUTION: A management server selects a key for encryption communication and setting information corresponding to the user of a communication origin terminal and the application of a communication destination terminal and distributes them to the communication origin terminal and the communication destination terminal, and the encryption communication path is established on the basis of the key and the setting information. The management server also notifies the application of the communication destination terminal of the user of the communication origin terminal. COPYRIGHT: (C)2009,JPO&INPIT
摘要翻译：要解决的问题：根据应用的用户来控制加密通信路径。解决方案：管理服务器选择用于加密通信的密钥和对应于通信原始终端的用户的设置信息和通信目的地终端的应用，并将其分发到通信源终端和通信目的地终端，并且基于密钥和设置信息建立加密通信路径。管理服务器还通知通信源终端的用户的通信目的地终端的应用。版权所有（C）2009，JPO＆INPIT

3. 发明专利

JP2006330864A Control method for server computer system 审中-公开
标题翻译：服务器计算机系统的控制方法
公开(公告)号：JP2006330864A
公开(公告)日：2006-12-07
申请号：JP2005150327
申请日：2005-05-24
申请人： Hitachi Ltd , 株式会社日立製作所
发明人： SAKURABA TATSUTOSHI , DOMYO SEIICHI , MATSUMOTO HITAKA
IPC分类号： G06F11/28 , G06F11/30 , G06F21/22
摘要： PROBLEM TO BE SOLVED: To reduce the error detection rate of the illegal behavior of a program, and to reduce the oversight thereof. SOLUTION: This server computer system is provided with a means for dividing an AP to be monitored into a processing phase, an elapsed time and the other temporal elements in a server computer system, and for preparing an allowable set for each processing phase (time segment). In this way, each of those allowable sets is made small. According as the processing phase of the monitor object program fluctuates, an OS monitors the execution of the string of a system call by using the allowable set prepared for each phase. That is, the execution of the AP to be monitored is monitored while the plurality of allowable sets are exchanged. More concretely, the OS is notified(synchronized) that the processing phase of the AP to be monitored fluctuates by a specific system call due to the monitor object program. Any illegal program is detected and determined by using the set(allowable set) of the plurality of system calls several times so that it is possible to attain much more highly precise monitoring without increasing the error detection of the illegal program while reducing the oversight thereof. COPYRIGHT: (C)2007,JPO&INPIT
摘要翻译：要解决的问题：减少程序的非法行为的错误检测率，并减少其监督。解决方案：该服务器计算机系统具有用于将待监控的AP划分为服务器计算机系统中的处理阶段，经过时间和其他时间元素的装置，并且为每个处理阶段准备可允许的集合（时间段）。以这种方式，使这些允许集合中的每一个都变小。根据监视对象程序的处理阶段波动，OS通过使用为每个阶段准备的可允许集来监视系统调用串的执行。也就是说，在多个可允许集合被交换的同时监视被监视的AP的执行。更具体地，由于监视对象程序，OS被通知（同步）被监视的AP的处理阶段由特定系统调用波动。通过多次使用多个系统呼叫的设定（允许的集合）来检测和确定任何非法程序，使得可以在不增加非法程序的错误检测的同时减少其监视的情况下获得更高精度的监视。版权所有（C）2007，JPO＆INPIT

4. 发明专利

JP2001337864A ACCESS CONTROL SYSTEM 失效
公开(公告)号：JP2001337864A
公开(公告)日：2001-12-07
申请号：JP2000300561
申请日：2000-09-28
申请人： HITACHI LTD
发明人： ARAI MASATO , MATSUMOTO HITAKA , KAJIURA TOSHINORI
IPC分类号： G06F12/14 , G06F1/00 , G06F12/00 , G06F15/00 , G06F21/20 , G06F21/22 , G06F21/24
摘要： PROBLEM TO BE SOLVED: To provide an access control system and the method of the same by which illegal access can be inhibited, even if any intruder from a network attempts illegal readout or writing on files by abusing a user's authority. SOLUTION: A policy is employed, that access to specific files is permitted only when a specific user uses a specific program. And further, the access control is performed based on the policy by registering the policy in a policy file 200, and passing access informtaion hooked by a file I/O hooking program 106 to an access control program 110 on a OS for security 104 through a communication process division between OSs 108.

5. 发明专利

JP2003242266A SECURITY DESIGN SUPPORT TOOL, SECURITY DESIGN SUPPORT DEVICE PROVIDED WITH TOOL AND SECURITY DESIGN SUPPORT SYSTEM PROVIDED WITH DEVICE 审中-公开
公开(公告)号：JP2003242266A
公开(公告)日：2003-08-29
申请号：JP2002037423
申请日：2002-02-14
申请人： HITACHI LTD
发明人： MATSUMOTO HITAKA , ARAI MASATO , NAGAI YASUHIKO , FUJIYAMA TATSUYA
IPC分类号： G06Q10/00 , G06Q50/00 , G06Q50/10 , G06F17/60
摘要： PROBLEM TO BE SOLVED: To enhance efficiency of security design plan (ST) preparation by using existing security required specifications (PP). SOLUTION: The security design support system is provided with a characteristic information data base 132 storing pieces of characteristic information of a plurality of PPs, a PP description contents data base 133 storing description contents of the plurality of PPs, a program file 131 storing a criterion 134 for selecting an available PP, a PP selection process control part 121 receiving designation of characteristic information regarding an object product/system of the ST, collating it with the pieces of characteristic information of the plurality of PPs stored in the characteristic information data base 132 and selecting a PP available for the ST preparation in accordance with the criterion 134, and a data base management control part 123 reading description contents of the selected PP from the PP description contents data base 133 and outputting them to an output device 116. COPYRIGHT: (C)2003,JPO

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式