Abstract: Provided is an information leakage prevention technique which does not require a dedicated device for access management on a network, and which offers excellent security policy flexibility. An information leakage prevention system comprises: a client terminal including a client processing unit which performs network control in accordance with an acquired security policy; and a management server including a user database in which information concerning a user of the client terminal is stored, a security policy database in which a security policy defining a network control content for each attribute of the user is stored, and a server processing unit which selects the security policy on the basis of the attribute of the user and a time of delivery of the security policy, and which transmits the selected security policy to the corresponding client terminal.

Abstract: Provided is an information leakage prevention technique which does not require a dedicated device for access management on a network, and which offers excellent security policy flexibility. An information leakage prevention system comprises: a client terminal including a client processing unit which performs network control in accordance with an acquired security policy; and a management server including a user database in which information concerning a user of the client terminal is stored, a security policy database in which a security policy defining a network control content for each attribute of the user is stored, and a server processing unit which selects the security policy on the basis of the attribute of the user and a time of delivery of the security policy, and which transmits the selected security policy to the corresponding client terminal.

Abstract: A malware analysis method for analyzing malware using a virtual computer includes acquiring a request from the malware to the guest OS. If the request from the malware includes a request pertaining to a virtual environment, an analysis unit issues a spoofed response to the malware in response to the request.

Abstract: A data loss prevention system holds: a first file, which is one of an unencrypted file and a file that is automatically decryptable by the processor; a second file, which is not automatically decryptable; and process information indicating an allowed process that is allowed to access a file held by the storage device. The data loss prevention system receives a file access request by the process, judges whether or not the process is the allowed process by referring to the process information, executes judgment processing for judging whether or not network communication by the process is to be prohibited, and prohibits the network communication by the process when it is judged in the judgment processing that the process is the allowed process and that a file to be accessed in the file access request is the first file.

Abstract: A cipher processing system for allowing file access while maintaining the integrity without a user being aware of the difference between files when the user accesses a file in a folder containing both a ciphertext file and a plaintext file. If a folder stores both a ciphertext file and a plaintext file, the ciphertext file is attached with identification information (preferably, footer information) indicating that the file is a ciphertext file, so that a plaintext file and a ciphertext file can be differentiated from each other when the files are read. A deciphered file gained by removing identification information from a ciphertext file and deciphering the file is delivered to an upper-level application. If the read file is a plaintext file, decipher processing is not executed on the plaintext file but the plaintext file is passed to the upper-level application program.

Abstract: A cipher processing system is provided for allowing file access while maintaining the integrity without a user being conscious of the difference between files when the user accesses a file in a folder containing both a ciphertext file and a plaintext file. Thus, according to the present invention, if a folder stores both a ciphertext file and a plaintext file, the ciphertext file is attached with identification information (preferably, footer information) indicating that the file is a ciphertext file, so that the plaintext file and the ciphertext file can be differentiated from each other when the files are read. A deciphered file gained by removing identification information from a ciphertext file and deciphering the file is delivered to an upper-level application. If the read file is a plaintext file, decipher processing is not executed on the plaintext file but the plaintext file is passed to the upper-level application program.

Abstract: A confidential file protecting method for a security measure application is provided that can restrain degradation in the performance of a security measure application, and surely protect a confidential file.