Abstract: A security measure invalidation prevention device includes an acquisition unit that acquires invalidated security point information about an invalidated security point among security points each having a measure function performing a security measure on a node connected to a network. The invalidated security point has a measure function to be invalidated. The device also includes a determination unit that determines whether a security event to be addressed with the measure function of the invalidated security point is present on the basis of the invalidated security point information acquired by the acquisition unit. The device further includes an extraction unit that extracts a security point to which the measure function of the invalidated security point can be shifted when the determination unit determines that the security event is present.

Abstract: A specifying device receives detection information from a security device that detects hacking into a network or an activity of a terminal related to infection, and specifies a state of the terminal from information of the terminal and content of activity of the terminal included in the detection information. The specifying device specifies, when specifying that the terminal is in the state of being infected with malware, a terminal that may be infected before performing the content of the activity of the terminal included in the detection information based on connection information stored in a configuration information storage device, and specifies a terminal located on a route, along which the infected terminal is likely to be used for hacking or for infection of the terminal in the future, as a candidate for an infected terminal likely to be infected.

Abstract: An optimization apparatus collects cyber attack information that is information related to a cyber attack, and system information that is information related to an entire system including a device that has received the cyber attack. Based on the collected cyber attack information and system information, the optimization apparatus identifies an attack route of the cyber attack, and extracts, as dealing point candidates, devices that are on the attack route and have an effective dealing function against the cyber attack. Subsequently, the optimization apparatus selects a dealing point from the extracted dealing point candidates by using optimization logic that has been set.

Abstract: A specifying device receives detection information from a security device that detects hacking into a network or an activity of a terminal related to infection, and specifies a state of the terminal from information of the terminal and content of activity of the terminal included in the detection information. The specifying device specifies, when specifying that the terminal is in the state of being infected with malware, a terminal that may be infected before performing the content of the activity of the terminal included in the detection information based on connection information stored in a configuration information storage device, and specifies a terminal located on a route, along which the infected terminal is likely to be used for hacking or for infection of the terminal in the future, as a candidate for an infected terminal likely to be infected.

Abstract: A cloud controller performs, when an attack on a VM in any of data centers in a system is detected, setting of NAT of a private IP address of a VM(A), for a boundary router of each data center other than a data center that the VM(A) belongs to, the VM(A) being a victim. Next, the cloud controller performs setting for a redirecting device in the same data center as the VM(A), such that the redirecting device redirects access from a user terminal to a host under a boundary router of any of the respective data centers other than the data center. Thereafter, the cloud controller changes a private IP address of the VM(A) in a NAT setting of a boundary router of the data center to a private IP address of the redirecting device.

Abstract: A security measure invalidation prevention device includes an acquisition unit that acquires invalidated security point information about an invalidated security point among security points each having a measure function performing a security measure on a node connected to a network. The invalidated security point has a measure function to be invalidated. The device also includes a determination unit that determines whether a security event to be addressed with the measure function of the invalidated security point is present on the basis of the invalidated security point information acquired by the acquisition unit. The device further includes an extraction unit that extracts a security point to which the measure function of the invalidated security point can be shifted when the determination unit determines that the security event is present.

Abstract: An optimization apparatus collects cyber attack information that is information related to a cyber attack, and system information that is information related to an entire system including a device that has received the cyber attack. Based on the collected cyber attack information and system information, the optimization apparatus identifies an attack route of the cyber attack, and extracts, as dealing point candidates, devices that are on the attack route and have an effective dealing function against the cyber attack. Subsequently, the optimization apparatus selects a dealing point from the extracted dealing point candidates by using optimization logic that has been set.

Abstract: A cloud controller performs, when an attack on a VM in any of data centers in a system is detected, setting of NAT of a private IP address of a VM(A), for a boundary router of each data center other than a data center that the VM(A) belongs to, the VM(A) being a victim. Next, the cloud controller performs setting for a redirecting device in the same data center as the VM(A), such that the redirecting device redirects access from a user terminal to a host under a boundary router of any of the respective data centers other than the data center. Thereafter, the cloud controller changes a private IP address of the VM(A) in a NAT setting of a boundary router of the data center to a private IP address of the redirecting device.

Abstract: It is an object of the invention to provide a cement admixture that can form concrete having a sufficient self-healing capability and satisfactorily maintaining its self-healing capability for prolonged periods. The cement admixture of the invention contains an expanding material and an alumina-silicate with swelling properties. The cement admixture is combined with cement to form a cement composition. The cement composition is mixed with water and an aggregate to provide concrete with an excellent self-healing capability.

Abstract: It is an object of the invention to provide a cement admixture that can form concrete having a sufficient self-healing capability and satisfactorily maintaining its self-healing capability for prolonged periods. The cement admixture of the invention contains an expanding material and an alumina-silicate with swelling properties. The cement admixture is combined with cement to form a cement composition. The cement composition is mixed with water and an aggregate to provide concrete with an excellent self-healing capability.