Abstract: An evaluation model generation device is provided to generate an evaluation model which evaluates the function or non-function of an IT system based on a system model including a process model which describes processing between processes on the IT system, a server model which describes a physical system configuration of the IT system, and allocations which represent correspondence relations between the elements in the process model and those in the server model. The evaluation model generation device includes: path enumeration means 110 which extracts a process path between processes in the process model, and a server path corresponding to the process path and located on the server model; allocation estimation means 120 which estimates the allocation based on the process path and the server path; and model conversion means 130 which converts the system model into the evaluation model using the process paths, the server paths, and the estimated allocations.

Abstract: A data dependence analyzer includes: inter-process communication detection means which, on the basis of a processing content of inter-process communication performed for transferring data to be copied between resources, detects the inter-process communication; access detection means which successively detects an access event to the data in the resource due to the process; recording means which, for each of the access events detected by the access detection means, records the access target data in the access event; and analysis means which, among the access target data recorded by the recording means, searches data respectively corresponding to the copy source and the copy destination of the data transferred through the inter-process communication detected by the inter-process communication detection means and imparts a dependence relationship between the searched data.

Abstract: An evaluation model generation device is provided to generate an evaluation model which evaluates the function or non-function of an IT system based on a system model including a process model which describes processing between processes on the IT system, a server model which describes a physical system configuration of the IT system, and allocations which represent correspondence relations between the elements in the process model and those in the server model. The evaluation model generation device includes: path enumeration means 110 which extracts a process path between processes in the process model, and a server path corresponding to the process path and located on the server model; allocation estimation means 120 which estimates the allocation based on the process path and the server path; and model conversion means 130 which converts the system model into the evaluation model using the process paths, the server paths, and the estimated allocations.

Abstract: [Problem] To provide a configuration management device which derives a combination of a plurality of types of devices having two indices where the total of a first index (P1) is equal to or greater than a specified value and the total of a second index (P2) becomes the minimum. [Solution] A configuration management device comprises: a device storage means for storing a P1 and a P2 for each of a plurality (J) of types of the devices; a configuration update means for inputting a required value N and acquiring a minimum set (N, i) while increasing i to J, where, a) if a total of P2s of a new set which is acquired by replacing at least a part of a minimum set (N, i?1) with a device of i-th type, the minimum set (N, i) is the new set, and b) if the total of P2s of each new set is not smaller than the minimum total (N, i?1), the minimum set (N, i) is the minimum set (N, i?1); and an output means for outputting a minimum set (N, J).

Abstract: Provided is a security management system for managing the security of a managed system including during operation of the managed system, the security management system comprising: state changing means for determining a state that satisfies a state rule, which defines a desired state of the managed system, as a target state if the state of the managed system does not satisfy the state rule; and action determining means for determining a predetermined process, which is for changing the difference between the state of the managed system when the target state is determined and the target state, as a countermeasure that needs to be carried out in the state of the managed system when the target state is determined.

Abstract: The present invention provides a system model management and support system that is capable of facilitating the management of a system model by identifying any difference between the system model and a real system. Conversion means 6 converts configuration information indicative of the configuration and settings of the real system into a model having the same expression form as the system model. The real system is actually operated as a system. The system model is used as a model representing the real system during the development of the real system. Difference extraction means 7 extracts any difference between the system model and the model converted from the configuration information by comparing the system model with the model converted from the configuration information.

Abstract: A dynamic data flow tracking apparatus, a dynamic data flow tracking method, and a dynamic data flow tracking program are provided which can raise the dynamic data flow analysis speed for a program linked to plural shared libraries. A specification of data passing between functions included in a shared library is defined in a signature, which is stored in a storage unit (108). At least a part of the propagation of a tag between the functions in a call destination is skipped by referring to the signature stored in the storage unit (108) at the time of giving a call to a function defined in the signature from a program.

Abstract: A data dependence analyzer includes: inter-process communication detection means which, on the basis of a processing content of inter-process communication performed for transferring data to be copied between resources, detects the inter-process communication; access detection means which successively detects an access event to the data in the resource due to the process; recording means which, for each of the access events detected by the access detection means, records the access target data in the access event; and analysis means which, among the access target data recorded by the recording means, searches data respectively corresponding to the copy source and the copy destination of the data transferred through the inter-process communication detected by the inter-process communication detection means and imparts a dependence relationship between the searched data.

Abstract: Provided is a security management system for managing the security of a managed system including during operation of the managed system, the security management system comprising: state changing means for determining a state that satisfies a state rule, which defines a desired state of the managed system, as a target state if the state of the managed system does not satisfy the state rule; and action determining means for determining a predetermined process, which is for changing the difference between the state of the managed system when the target state is determined and the target state, as a countermeasure that needs to be carried out in the state of the managed system when the target state is determined.

Abstract: There is disclosed a method for switching access folders in accordance with a confidential mode. In this method, a confidential root directory is located below a normal root directory. A directory structure constituted by the at least one confidential folder other than a confidential root directory is the same as that constituted by at least one normal folder other than a normal root directory. A file access request from an application program to a disk device is received. If the application program is operating as a process in a confidential mode, file access to the confidential file in the confidential folder is executed through a kernel, by rewriting a specified file path name with a file path name corresponding to the confidential folder below the confidential root directory. If the application program is operating as a process in the normal mode, file access to the confidential file in the confidential folder is not permitted.

Abstract: There is disclosed a method for switching access folders in accordance with a confidential mode. In this method, a confidential root directory is located below a normal root directory. A directory structure constituted by the at least one confidential folder other than a confidential root directory is the same as that constituted by at least one normal folder other than a normal root directory. A file access request from an application program to a disk device is received. If the application program is operating as a process in a confidential mode, file access to the confidential file in the confidential folder is executed through a kernel, by rewriting a specified file path name with a file path name corresponding to the confidential folder below the confidential root directory. If the application program is operating as a process in the normal mode, file access to the confidential file in the confidential folder is not permitted.