SECURITY POLICY MANAGEMENT SYSTEM AND SECURITY POLICY MANAGEMENT SYSTEM WITH SECURITY RISK MANAGEMENT DEVICE

摘要

PROBLEM TO BE SOLVED: To perform operations such as setting of ACLs, change of security policies, analysis of unauthorized access, and the like of respective authentication systems by a common interface.;SOLUTION: When there are new addition/change/deletion of security policies of authentication systems 2a-2e, access control setting of corresponding authentication systems is performed on a display part 11a of a department-classified policy setting unit 11. A policy master generation unit 12 updates the security policies based on a setting state of access control, converts the security policies into ACLs of the respective management systems 2a-2e according to a conversion rule of an authentication system-classified conversion rule DB17 based on the updated security policies, and automatically distributes the ACLs to the respective authentication systems 2a-2e. A security risk management device 20 determines logs to be output from the management systems 2a-2e according to a risk analysis rule, and when there is a log matched to a security policy violation determination condition, performs alarm display on a security risk display part 22a.;COPYRIGHT: (C)2013,JPO&INPIT