SECURITY RISK MANAGEMENT SYSTEM, SERVER, CONTROL METHOD, AND NON-TRANSITORY COMPUTER-READABLE MEDIUM
A security risk management system (305) of the present disclosure includes a server (310) and an agent unit (320) included in a terminal. The server (310) transmits vulnerability information to the agent unit (320) before the release date and time of the vulnerability information. The agent unit (320) investigates the presence or absence of vulnerabilities in the terminal based on information regarding a method for vulnerability investigation contained in the vulnerability information, and transmits vulnerability investigation results containing the investigation results to the server (310) before the release date and time of the vulnerability information. The server (310) presents the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
Latest NEC CORPORATION Patents:
- Machine-to-machine (M2M) terminal, base station, method, and computer readable medium
- Method and apparatus for machine type communication of system information
- Communication apparatus, method, program and recording medium
- Communication control system and communication control method
- Master node, secondary node, and methods therefor
This application is a Continuation of U.S. application Ser. No. 16/084,687 filed on Sep. 13, 2018, which is a National Stage of International Application No. PCT/JP2017/011586 filed Mar. 23, 2017, claiming priority based on Japanese Patent Application No. 2016-061774 filed Mar. 25, 2016, the disclosure of which is incorporated herein in their entirety by reference.
TECHNICAL FIELDThe present disclosure relates to a security risk management system, a server, a control method, and a non-transitory computer-readable medium.
BACKGROUND ARTTerminals used by companies are subject to security risks including vulnerabilities in hardware or software. This raises a need for companies to manage the vulnerabilities of terminals in the companies. In recent years, a security risk management system that supports the management of vulnerabilities has been proposed (e.g., Patent Literature 1).
CITATION LIST Patent LiteraturePatent Literature 1: Japanese Unexamined Patent Application Publication No. 2009-015570
SUMMARY OF INVENTION Technical ProblemA company using a security risk management system generally manages vulnerabilities as follows.
After vulnerability information is released, a security administrator of the company investigates the presence or absence of vulnerabilities in terminals in the company by using the security risk management system.
When a vulnerable terminal is found as a result of the investigation, the security administrator of the company develops and implements countermeasures against the vulnerability by using the security risk management system
However, once vulnerability information is released, there is a risk that a terminal is attacked by a malicious individual or group of individuals, and it is necessary to reduce the time needed to take countermeasures against the vulnerability.
The technique disclosed in the above-mentioned Patent Literature 1 stores, in a database, countermeasures taken against vulnerabilities of a terminal in association with a keyword indicating the type of vulnerabilities. Specifically, the technique disclosed in Patent Literature 1 is a technique that stores, in a database, countermeasures against vulnerabilities which have been actually taken in a terminal, and it is not a technique that reduces the time needed to take countermeasures against vulnerabilities.
An object of the present disclosure is to solve the above-described problem, and to provide a technique capable of reducing the time needed to take countermeasures against vulnerabilities.
Solution to ProblemAccording to one aspect of the present disclosure, a security risk management system includes a server, and an agent unit included in a terminal, wherein the server transmits vulnerability information to the agent unit before a release date and time of the vulnerability information, the agent unit investigates presence or absence of vulnerabilities in the terminal based on information regarding a method for vulnerability investigation contained in the vulnerability information, and transmits vulnerability investigation results containing the investigation results to the server before the release date and time of the vulnerability information, and the server presents the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
According to one aspect of the present disclosure, a server includes a communication unit configured to transmit, to an agent unit included in a terminal, vulnerability information before a release date and time of the vulnerability information, and receives, from the agent unit, vulnerability investigation results containing investigation results regarding presence or absence of vulnerabilities in the terminal investigated by the agent unit based on information regarding a method for vulnerability investigation contained in the vulnerability information before the release date and time of the vulnerability information, and a presentation unit configured to present the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
According to one aspect of the present disclosure, a control method is a control method of a server, including a transmission step of transmitting, to an agent unit included in a terminal, vulnerability information before a release date and time of the vulnerability information, a step of receiving, from the agent unit, vulnerability investigation results containing investigation results regarding presence or absence of vulnerabilities in the terminal investigated by the agent unit based on information regarding a method for vulnerability investigation contained in the vulnerability information before the release date and time of the vulnerability information, and a presentation step of presenting the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
According to one aspect of the present disclosure, a non-transitory computer readable medium is a non-transitory computer readable medium storing a program causing a computer to execute a transmission step of transmitting, to an agent unit included in a terminal, vulnerability information before a release date and time of the vulnerability information, a step of receiving, from the agent unit, vulnerability investigation results containing investigation results regarding presence or absence of vulnerabilities in the terminal investigated by the agent unit based on information regarding a method for vulnerability investigation contained in the vulnerability information before a release date and time of the vulnerability information, and a presentation step of presenting the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
According to one aspect of the present disclosure, a non-transitory computer readable medium is a non-transitory computer readable medium storing a program causing a computer to execute a receiving step of receiving, from a server, vulnerability information before a release date and time of the vulnerability information, an investigation step of investing presence or absence of vulnerabilities in a terminal based on information regarding a method for vulnerability investigation contained in the vulnerability information before a release date and time of the vulnerability information, and a step of transmitting, to the server, vulnerability investigation results containing investigation results in the investigation step before the release date and time of the vulnerability information.
Advantageous Effects of InventionAccording to the exemplary aspects of the present disclosure, it is possible to reduce the time needed to take countermeasures against vulnerabilities.
Embodiments of the present disclosure are described hereinafter with reference to the drawings.
(1) First Embodiment (1-1) Configuration of First Embodiment(1-1-1) Overall Configuration
Referring to
The vulnerability information providing institution 100 is an institution that provides vulnerability information including an overview of vulnerabilities, a method for investigation, a method for countermeasures and the like, and it is CERT (Computer Emergency Response Team), JPCERT (Japan Computer Emergency Response Team), IPA (Information-technology Promotion Agency) or the like, for example. The security risk management system providing company 200 is a company that provides the security risk management system 305. The security risk management system using company 300 is a company that uses the security risk management system 305 provided by the security risk management system providing company 200. The security risk management system using company 300 manages vulnerabilities in terminals 330 of its own company by using the security risk management system 305.
When software has a vulnerability, the vulnerability information providing institution 100 provides a software vendor that has created this software with vulnerability information regarding the vulnerability before its release date and time for the purpose of investigation in some cases. The vulnerability information provided from the vulnerability information providing institution 100 to the software vendor can be used by the security risk management system providing company 200. However, when it is before the release date and time of the vulnerability information, use of the vulnerability information is limited to one's own use in the security risk management system providing company 200. In this manner, the security risk management system providing company 200 is allowed to use, only in its own company, the vulnerability information provided from the vulnerability information providing institution 100 before the release date and time.
The first embodiment focuses attention on the fact that the security risk management system using company 300 can use vulnerability information before the release date and time provided by the vulnerability information providing institution 100, and completes the investigation regarding the presence or absence of vulnerabilities in the terminals 330 by using the vulnerability information before the release date and time.
(1-1-2) Configuration of Vulnerability Information Transmission System 110
The vulnerability information transmission system 110 transmits vulnerability information to the vulnerability information distribution system 210. Note that the vulnerability information transmission system 110 only needs to have the function of transmitting vulnerability information to the vulnerability information distribution system 210, and this function can be implemented by a known technique, and therefore the description of its detailed block configuration is omitted.
(1-1-3) Configuration of Vulnerability Information Distribution System 210
The vulnerability information distribution system 210 includes a vulnerability information receiving unit 211, a vulnerability information data creation unit 212, a vulnerability information data encryption unit 213, a common key storage unit 214, a vulnerability information data storage unit 215, and a vulnerability information data transmitting unit 216.
The vulnerability information receiving unit 211 receives vulnerability information from the vulnerability information transmission system 110. The vulnerability information data creation unit 212 creates vulnerability information data in accordance with an operation performed by a vulnerability information data creator based on the vulnerability information received by the vulnerability information receiving unit 211. The vulnerability information data encryption unit 213 encrypts the vulnerability information data created by the vulnerability information data creation unit 212 by using a common key. The common key storage unit 214 stores the common key to be used when the vulnerability information data encryption unit 213 encrypts the vulnerability information data. The vulnerability information data storage unit 215 stores the vulnerability information data created by the vulnerability information data creation unit 212. The vulnerability information data transmitting unit 216 reads the vulnerability information data from the vulnerability information data storage unit 215, and transmits the read vulnerability information data to a server 310.
(1-1-4) Configuration of Security Risk Management System 305
The security risk management system 305 includes a server 310 and an agent unit 320. The agent unit 320 is software which is also called agent software or agent. The agent unit 320 corresponds to the terminal 330 whose vulnerabilities are managed by the security risk management system using company 300, and it is installed into the corresponding terminal 330. In
The server 310 receives vulnerability information data from the vulnerability information distribution system 210, transmits the received vulnerability information data to the agent unit 320, and gives an instruction to conduct vulnerability investigation before the release date and time of vulnerability information. Further, the server 310 receives vulnerability investigation results from the agent unit 320, and displays the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information. On the other hand, the agent unit 320 receives vulnerability information data from the server 310, investigates the presence or absence of vulnerabilities in the corresponding terminal 330, and transmits vulnerability investigation results to the server 310 before the release date and time of vulnerability information. Further, the agent unit 320 displays the vulnerability information on or after the release date and time of the vulnerability information.
(1-1-5) Configuration of Server 310
The server 310 includes a vulnerability information data receiving unit 311, a vulnerability information data storage unit 312, a vulnerability information data distribution unit 313, a vulnerability investigation result receiving unit 314, a vulnerability investigation result storage unit 315, a vulnerability release date and time checking unit 316, a vulnerability information data decryption unit 317, a common key storage unit 318, and a vulnerability information and investigation result display unit 319. Note that the vulnerability information data distribution unit 313 and the vulnerability investigation result receiving unit 314 are an example of elements of a communication unit. The vulnerability information and investigation result display unit 319 is an example of a presentation unit. The vulnerability information data storage unit 312 is an example of a vulnerability information storage unit. The vulnerability release date and time checking unit 316 is an example of a release date and time checking unit. The vulnerability investigation result storage unit 315 is an example of a vulnerability investigation result storage unit.
The vulnerability information data receiving unit 311 receives vulnerability information data from the vulnerability information distribution system 210. The vulnerability information data storage unit 312 stores the vulnerability information data received by the vulnerability information data receiving unit 311. The vulnerability information data distribution unit 313 reads the vulnerability information data from the vulnerability information data storage unit 312, and transmits the read vulnerability information data to the agent unit 320. The vulnerability investigation result receiving unit 314 receives vulnerability investigation results from the agent unit 320. The vulnerability investigation result storage unit 315 stores the vulnerability investigation results received by the vulnerability investigation result receiving unit 314. The vulnerability release date and time checking unit 316 reads the vulnerability information data from the vulnerability information data storage unit 312 on a regular basis, checks the release date and time, makes the vulnerability information data decryption unit 317 decrypt the vulnerability information data whose release date and time has passed, and writes the decrypted vulnerability information data back into the vulnerability information data storage unit 312. The vulnerability information data decryption unit 317 receives the vulnerability information data from the vulnerability release date and time checking unit 316, and decrypts the vulnerability information data by using a common key. The common key storage unit 318 stores the common key to be used when the vulnerability information data decryption unit 317 decrypts the vulnerability information data. The vulnerability information and investigation result display unit 319 reads the vulnerability information data whose release date and time has passed from the vulnerability information data storage unit 312, reads the corresponding vulnerability investigation results from the vulnerability investigation result storage unit 315 based on the read vulnerability information data, and presents the vulnerability information and the vulnerability investigation results based on the read vulnerability investigation results. It is assumed hereinafter that the presentation is to display the information and the results on a screen of the server 310.
(1-1-6) Configuration of Agent Unit 320
The agent unit 320 includes a vulnerability information data receiving unit 321, a vulnerability information data storage unit 322, a vulnerability investigation unit 323, a vulnerability information data decryption unit 324, a common key storage unit 325, a vulnerability investigation result storage unit 326, a vulnerability investigation result transmitting unit 327, a vulnerability release date and time checking unit 328, and a vulnerability information display unit 329. Note that the vulnerability information data receiving unit 321 and the vulnerability investigation result transmitting unit 327 are an example of components of a communication unit. The vulnerability information display unit 329 is an example of a presentation unit. The vulnerability information data storage unit 322 is an example of a vulnerability information storage unit. The vulnerability release date and time checking unit 328 is an example of a release date and time checking unit. The vulnerability investigation result storage unit 326 is an example of a vulnerability investigation result storage unit.
The vulnerability information data receiving unit 321 receives vulnerability information data from the server 310. The vulnerability information data storage unit 322 stores the vulnerability information data received by the vulnerability information data receiving unit 321. The vulnerability investigation unit 323 reads the vulnerability information data from the vulnerability information data storage unit 322, makes the vulnerability information data decryption unit 324 decrypt the read vulnerability information data, investigates the presence or absence of vulnerabilities in the corresponding terminal 330 based on a method for investigation contained in the decrypted vulnerability information data, and stores vulnerability investigation results containing results of the investigation into the vulnerability investigation result storage unit 326. The vulnerability information data decryption unit 324 receives the vulnerability information data from the vulnerability investigation unit 323 and the vulnerability release date and time checking unit 328, and decrypts the vulnerability information data by using a common key. The common key storage unit 325 stores the common key to be used when the vulnerability information data decryption unit 324 decrypts the vulnerability information data. The vulnerability investigation result storage unit 326 stores the vulnerability investigation results containing the investigation results investigated by the vulnerability investigation unit 323. The vulnerability investigation result transmitting unit 327 reads the vulnerability investigation results from the vulnerability investigation result storage unit 326, and transmits the read vulnerability investigation results to the server 310. The vulnerability release date and time checking unit 328 reads the vulnerability information data from the vulnerability information data storage unit 322 on a regular basis, checks the release date and time, makes the vulnerability information data decryption unit 324 decrypt the vulnerability information data whose release date and time has passed, and writes the decrypted vulnerability information data back into the vulnerability information data storage unit 322. The vulnerability information display unit 329 reads the vulnerability information data whose release date and time has passed from the vulnerability information data storage unit 322, reads the corresponding vulnerability investigation results from the vulnerability investigation result storage unit 326 based on the read vulnerability information data, and presents the vulnerability information based on the read vulnerability investigation results. It is assumed hereinafter that the presentation is to display the information on a screen of the corresponding terminal 330.
Note that the common key storage unit 214 in the vulnerability information distribution system 210, the common key storage unit 318 in the server 310, and the common key storage unit 325 in the agent unit 320 share a common key, and store the shared common key.
(1-1-7) Hardware Configuration
The processor 401 is a processing unit such as CPU (Central Processing Unit) or GPU (Graphics Processing Unit). The memory 402 is a memory such as RAM (Random Access Memory) or ROM (Read Only Memory). The storage 403 is a storage device such as HDD (Hard Disk Drive), SSD (Solid State Drive) or memory card. Alternatively, the storage 403 may be a memory such as RAM or ROM.
The storage 403 stores a program for implementing the function of each processing unit (the vulnerability information receiving unit 211, the vulnerability information data creation unit 212, the vulnerability information data encryption unit 213, the vulnerability information data transmitting unit 216 etc.) included in the vulnerability information distribution system 210. The processor 401 executes each program and thereby implements the function of each processing unit. The processor 401 may execute each program after reading the program onto the memory 402, or may execute each program without reading it onto the memory 402. Further, the memory 402 and the storage 403 serve also as the common key storage unit 214 and the vulnerability information data storage unit 215.
The above-described program can be stored and provided to the computer (which includes computer 400) using any type of non-transitory computer readable medium. The non-transitory computer readable medium includes any type of tangible storage medium. Examples of the non-transitory computer readable medium include magnetic storage media (such as floppy disks, magnetic tapes, hard disk drives, etc.), optical magnetic storage media (e.g. magneto-optical disks), CD-ROM (Compact Disc-Read Only Memory), CD-R (CD-Recordable), CD-R/W (CD-ReWritable), and semiconductor memories (such as mask ROM, PROM (Programmable ROM), EPROM (Erasable PROM), flash ROM, RAM (Random Access Memory), etc.). The program may be provided to a computer using any type of transitory computer readable medium. Examples of the transitory computer readable medium include electric signals, optical signals, and electromagnetic waves. The transitory computer readable medium can provide the program to a computer via a wired communication line such as an electric wire or optical fiber or a wireless communication line.
The input/output interface 404 is connected with a display device 4041, an input device 4042 and the like. The display device 4041 is a device that displays a screen corresponding to drawing data processed by the processor 401, such as LCD (Liquid Crystal Display) or CRT (Cathode Ray Tube) display. The input device 4042 is a device that receives an operation input by an operator, such as a keyboard, a mouse or a touch sensor, for example. The display device 4041 and the input device 4042 may be integrated and implemented as a touch panel.
The communication interface 405 transmits and receives data to and from an external device. For example, the communication interface 405 communicates with an external device through a wired or wireless network.
Note that the server 310 and the terminal 330 can be implemented by the computer 400 shown in
For example, in the case where the server 310 is implemented by the computer 400, the storage 403 stores a program for implementing the function of each processing unit (the vulnerability information data receiving unit 311, the vulnerability information data distribution unit 313, the vulnerability investigation result receiving unit 314, the vulnerability release date and time checking unit 316, the vulnerability information data decryption unit 317, the vulnerability information and investigation result display unit 319 etc.) included in the server 310. Further, the memory 402 and the storage 403 serve also as the vulnerability information data storage unit 312, the vulnerability investigation result storage unit 315 and the common key storage unit 318.
In the case where the terminal 330 is implemented by the computer 400, the storage 403 stores a program for implementing the function of each processing unit (the vulnerability information data receiving unit 321, the vulnerability investigation unit 323, the vulnerability information data decryption unit 324, the vulnerability investigation result transmitting unit 327, the vulnerability release date and time checking unit 328, the vulnerability information display unit 329 etc.) included in the agent unit 320. Further, the memory 402 and the storage 403 serve also as the vulnerability information data storage unit 322, the common key storage unit 325 and the vulnerability investigation result storage unit 326.
(1-2) Operation of First EmbodimentThe operation of the security system according to the first embodiment is described hereinafter in detail.
(1-2-1) First, the operation of the vulnerability information distribution system 210 that receives vulnerability information from the vulnerability information transmission system 110, creates vulnerability information data and transmits it to the server 310 is described with reference to
Referring to
As shown in
When 0, which indicates “unreleased”, is set to the release flag of the vulnerability information data (Yes in S103), the vulnerability information data creation unit 212 transmits the vulnerability information data to the vulnerability information data encryption unit 213. The vulnerability information data encryption unit 213 reads a common key from the common key storage unit 214, encrypts information about an overview, a method for investigation and a method for countermeasures in the vulnerability information data by using the read common key (S104), and sends the encrypted vulnerability information data back to the vulnerability information data creation unit 212. The vulnerability information data creation unit 212 stores the vulnerability information data encrypted by the vulnerability information data encryption unit 213 into the vulnerability information data storage unit 215 (S105). On the other hand, when 1, which indicates “released”, is set to the vulnerability information data (No in S103), the vulnerability information data creation unit 212 stores the vulnerability information data into the vulnerability information data storage unit 215 without encrypting it (S105). The vulnerability information data transmitting unit 216 reads the vulnerability information data from the vulnerability information data storage unit 215 (S106), and transmits the read vulnerability information data to the server 310 (S107).
(1-2-2) Next, the operation of the server 310 that receives vulnerability information data from the vulnerability information distribution system 210 and transmits vulnerability information data to the agent unit 320 is described with reference to
Referring to
In the case where there are a plurality of agent units 320, the server 310 transmits the vulnerability information data to each of the plurality of agent units 320.
(1-2-3) The operation of the agent unit 320 that receives vulnerability information data from the server 310, investigates the presence or absence of vulnerabilities in the corresponding terminal 330, and transmits vulnerability investigation results indicating results of the investigation to the server 310 is described with reference to
Referring to
The vulnerability investigation results have a format that contains a vulnerability information ID, a terminal ID, information about an investigation date and time, information about investigation results as shown in
The vulnerability investigation unit 323 stores the created vulnerability investigation results into the vulnerability investigation result storage unit 326 (S308). The vulnerability investigation result transmitting unit 327 reads the vulnerability investigation results from the vulnerability investigation result storage unit 326 (S309) and transmits the read vulnerability investigation results to the server 310 (S310).
In the case where there are a plurality of agent units 320, each of the plurality of agent units 320 performs the operation of
(1-2-4) The operation of the server 310 that receives vulnerability investigation results from the agent unit 320 and stores the vulnerability investigation results into the vulnerability investigation result storage unit 315 is described with reference to
Referring to
In the case where there are a plurality of agent units 320, the server 310 stores the vulnerability investigation results received from each of the plurality of agent units 320 into the vulnerability investigation result storage unit 315.
(1-2-5) The operation of the server 310 that regularly checks the vulnerability information data in the vulnerability information data storage unit 312, decrypts the vulnerability information data whose release date and time is before the current date and time, and stores the decrypted vulnerability information data again into the vulnerability information data storage unit 312 is described with reference to
Referring to
(1-2-6) The operation of the server 310 that displays the vulnerability information and the vulnerability investigation results is described with reference to
Referring to
Note that the timing to start the operation of
(1-2-7) The operation of the agent unit 320 that regularly checks the vulnerability information data in the vulnerability information data storage unit 322, decrypts the vulnerability information data whose release date and time is before the current date and time, and stores the decrypted vulnerability information data again into the vulnerability information data storage unit 322 is described with reference to
Referring to
In the case where there are a plurality of agent units 320, each of the plurality of agent units 320 performs the operation of
(1-2-8) The operation of the agent unit 320 that displays the vulnerability information is described with reference to
Referring to
Note that the timing to start the operation of
In the case where there are a plurality of agent units 320, each of the plurality of agent units 320 performs the operation of
As described above, according to the first embodiment, the server 310 transmits encrypted vulnerability information to the agent unit 320 so that the investigation regarding the presence or absence of vulnerabilities in the terminal 330 is completed before a release date and time, and then displays vulnerability investigation results on or after the release date and time.
Therefore, a security administrator of the security risk management system using company 300 can know investigation results regarding the presence or absence of vulnerabilities in the terminals 330 of its own company on the release date and time of the vulnerability information, and immediately take the next step of developing countermeasures against vulnerabilities. It is thereby possible to reduce the time needed to take countermeasures against vulnerabilities.
It should be noted that, according to the first embodiment, the vulnerability information is decrypted for vulnerability investigation before a release date and time of the vulnerability information in the security risk management system 305. However, the decrypted vulnerability information is displayed on or after the release date and time. Thus, a security administrator and employees of the security risk management system using company 300 are not able to see the vulnerability information before the release date and time, and therefore the secrecy of the vulnerability information is ensured.
(2) Second EmbodimentA second embodiment corresponds to one embodiment where the dominant conception of the above-described first embodiment is extracted.
Referring to
The server 310 includes a communication unit 3101 and a presentation unit 3102. The communication unit 3101 corresponds to an element that combines the vulnerability information data distribution unit 313 and the vulnerability investigation result receiving unit 314 according to the first embodiment described above. The presentation unit 3102 corresponds to the vulnerability information and investigation result display unit 319 according to the first embodiment described above.
The agent unit 320 includes a communication unit 3201 and an investigation unit 3202. The communication unit 3201 corresponds to an element that combines the vulnerability information data receiving unit 321 and the vulnerability investigation result transmitting unit 327 according to the first embodiment described above. The investigation unit 3202 corresponds to the vulnerability investigation unit 323 according to the first embodiment described above.
The operation of the security risk management system 305 according to the second embodiment is described hereinafter with reference to
Referring to
In the agent unit 320, the communication unit 3201 receives vulnerability information transmitted from the server 310 before the release date and time of the vulnerability information (S902). The investigation unit 3202 investigates the presence or absence of vulnerabilities in the corresponding terminal 330 based on the method for investigation contained in the vulnerability information before the release date and time of the vulnerability information (S903). Further, the investigation unit 3202 transmits vulnerability investigation results containing investigation results regarding the presence or absence of vulnerabilities in the terminal 330 to the server 310 before the release date and time of the vulnerability information (S904). In the case where there are a plurality of agent units 320, each of the plurality of agent units 320 performs the operations of S902 to S904 described above.
In the server 310, the communication unit 3101 receives the vulnerability investigation results transmitted from the agent unit 320 before the release date and time of the vulnerability information (S905). The presentation unit 3102 presents the vulnerability information and the vulnerability investigation results (for example, displays them on a screen of the server 310) on or after the release date and time of the vulnerability information (S906).
As described above, according to the second embodiment, the server 310 transmits vulnerability information to the agent unit 320 so that the investigation regarding the presence or absence of vulnerabilities in the terminal 330 is completed before a release date and time, and then presents vulnerability investigation results on or after the release date and time.
Therefore, a security administrator can know investigation results regarding the presence or absence of vulnerabilities in the terminals 330 on the release date and time of the vulnerability information, and immediately take the next step of developing countermeasures against vulnerabilities. It is thereby possible to reduce the time needed to take countermeasures against vulnerabilities.
Note that, although the operations of the elements of the server 310 and the agent unit 320 according to the second embodiment are briefly described above, the elements of the server 310 and the agent unit 320 according to the second embodiment may perform the same operations as the corresponding elements in the first embodiment described above. Further, the server 310 and the agent unit 320 according to the second embodiment may further include another element included in the server 310 and the agent unit 320 according to the first embodiment described above.
While the present disclosure has been particularly shown and described with reference to embodiments thereof, the present disclosure is not limited to these embodiments. It will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present disclosure as defined by the claims.
For example, although the agent unit investigates the presence or absence of vulnerabilities in a terminal in the above-described embodiments, the server may investigate the presence or absence of vulnerabilities in a terminal. In this case, the agent unit may collect only information necessary for investigation from the terminal, and transmits the collected information to the server. The server investigates the presence or absence of vulnerabilities in each terminal based on the information collected from each agent unit.
Further, although vulnerability information data whose release flag indicates “released” is read, and then vulnerability investigation results are read based on the read vulnerability information data as shown in
Furthermore, although a plurality of steps (processing steps) are sequentially described in the plurality of flowcharts used in the description above, the order of performing the steps to be performed in the above-described embodiments is not limited to the sequence described above. In the above-described embodiments, the sequence of steps shown in the figures may be changed as appropriate.
Further, the whole or part of the embodiments disclosed above can be described as, but not limited to, the following supplementary notes.
(Supplementary Note 1)A security risk management system comprising:
a server; and
an agent unit included in a terminal, wherein
the server transmits vulnerability information to the agent unit before a release date and time of the vulnerability information,
the agent unit investigates presence or absence of vulnerabilities in the terminal based on information regarding a method for vulnerability investigation contained in the vulnerability information, and transmits vulnerability investigation results containing the investigation results to the server before the release date and time of the vulnerability information, and
the server presents the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
(Supplementary Note 2)The security risk management system according to Supplementary Note 1, wherein
the server transmits the vulnerability information to the agent unit before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding a method for vulnerability investigation, and
the agent unit decrypts the information regarding a method for vulnerability investigation contained in the vulnerability information, and investigates presence or absence of vulnerabilities in the terminal based on the decrypted information regarding a method for vulnerability investigation before the release date and time of the vulnerability information.
(Supplementary Note 3)The security risk management system according to Supplementary Note 1 or 2, wherein the server stores the vulnerability information before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures, and transmits the vulnerability information to the agent unit before the release date and time of the vulnerability information, the vulnerability information containing the encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures, and
the agent unit stores the vulnerability information before the release date and time of the vulnerability information, the vulnerability information containing the encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures.
(Supplementary Note 4)The security risk management system according to Supplementary Note 3, wherein
a release flag to which a value indicating whether the vulnerability information is unreleased or released is set is added to the vulnerability information,
the server reads the vulnerability information to which the release flag to which a value indicating “unreleased” is set is added from among the stored vulnerability information, and
when a release date and time contained in the read vulnerability information is before a current date and time, the server decrypts the information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures contained in the read vulnerability information, sets a value indicating “released” to the release flag added to the read vulnerability information, and stores the read vulnerability information again.
(Supplementary Note 5)The security risk management system according to Supplementary Note 4, wherein
a vulnerability information ID for identifying the vulnerability information is further added to the vulnerability information,
the vulnerability investigation results contain a vulnerability information ID for identifying the vulnerability information related to investigated vulnerabilities, a terminal ID for identifying the terminal, and investigation results indicating presence or absence of vulnerabilities in the terminal,
the server stores the vulnerability investigation results, reads the vulnerability information to which the release flag to which a value indicating “released” is set is added from among the stored vulnerability information, reads the vulnerability investigation results containing the vulnerability information ID matching with the read vulnerability information and containing investigation results indicating presence of vulnerabilities in the terminal from among the stored vulnerability investigation results, and presents an overview and a method for countermeasures contained in the read vulnerability information and presents the terminal ID contained in the read vulnerability investigation results.
(Supplementary Note 6)The security risk management system according to Supplementary Note 3, wherein
a release flag to which a value indicating whether the vulnerability information is unreleased or released is set is added to the vulnerability information,
the agent unit reads the vulnerability information to which the release flag to which a value indicating “unreleased” is set is added from among the stored vulnerability information, and
when a release date and time contained in the read vulnerability information is before a current date and time, the agent unit decrypts the information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures contained in the read vulnerability information, sets a value indicating “released” to the release flag added to the read vulnerability information, and stores the read vulnerability information again.
(Supplementary Note 7)The security risk management system according to Supplementary Note 6, wherein
a vulnerability information ID for identifying the vulnerability information is further added to the vulnerability information,
the vulnerability investigation results contain a vulnerability information ID for identifying the vulnerability information related to investigated vulnerabilities, a terminal ID for identifying the terminal, and investigation results indicating presence or absence of vulnerabilities in the terminal,
the agent unit stores the vulnerability investigation results, reads the vulnerability information to which the release flag to which a value indicating “released” is set is added from among the stored vulnerability information, and when the vulnerability investigation results containing the vulnerability information ID matching with the read vulnerability information and containing investigation results indicating presence of vulnerabilities in the terminal are included in the stored vulnerability investigation results, presents an overview and a method for countermeasures contained in the read vulnerability information.
(Supplementary Note 8)A server comprising:
a communication unit configured to transmit, to an agent unit included in a terminal, vulnerability information before a release date and time of the vulnerability information, and receives, from the agent unit, vulnerability investigation results containing investigation results regarding presence or absence of vulnerabilities in the terminal investigated by the agent unit based on information regarding a method for vulnerability investigation contained in the vulnerability information before the release date and time of the vulnerability information, and
a presentation unit configured to present the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
(Supplementary Note 9)The server according to Supplementary Note 8, wherein the communication unit transmits the vulnerability information to the agent unit before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding a method for vulnerability investigation.
(Supplementary Note 10)The server according to Supplementary Note 8 or 9, further comprising:
a vulnerability information storage unit configured to store the vulnerability information before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures, wherein
the communication unit transmits the vulnerability information to the agent unit before the release date and time of the vulnerability information, the vulnerability information containing the encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures.
(Supplementary Note 11)The server according to Supplementary Note 10, further comprising:
a release date and time checking unit, wherein
a release flag to which a value indicating whether the vulnerability information is unreleased or released is set is added to the vulnerability information,
the release date and time checking unit reads the vulnerability information to which the release flag to which a value indicating “unreleased” is set is added from among the vulnerability information stored in the vulnerability information storage unit, and
when a release date and time contained in the read vulnerability information is before a current date and time, the release date and time checking unit decrypts the information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures contained in the read vulnerability information, sets a value indicating “released” to the release flag added to the read vulnerability information, and stores the read vulnerability information again into the vulnerability information storage unit.
(Supplementary Note 12)The server according to Supplementary Note 11, further comprising:
a vulnerability investigation result storage unit configured to store the vulnerability investigation results, wherein
a vulnerability information ID for identifying the vulnerability information is further added to the vulnerability information,
the vulnerability investigation results contain a vulnerability information ID for identifying the vulnerability information related to investigated vulnerabilities, a terminal ID for identifying the terminal, and investigation results indicating presence or absence of vulnerabilities in the terminal,
the presentation unit reads the vulnerability information to which the release flag to which a value indicating “released” is set is added from among the vulnerability information stored in the vulnerability information storage unit, reads the vulnerability investigation results containing the vulnerability information ID matching with the read vulnerability information and containing investigation results indicating presence of vulnerabilities in the terminal from among the vulnerability investigation results stored in the vulnerability investigation result storage unit, and presents an overview and a method for countermeasures contained in the read vulnerability information and presents the terminal ID contained in the read vulnerability investigation results.
(Supplementary Note 13)A control method of a server, comprising:
a transmission step of transmitting, to an agent unit included in a terminal, vulnerability information before a release date and time of the vulnerability information;
a step of receiving, from the agent unit, vulnerability investigation results containing investigation results regarding presence or absence of vulnerabilities in the terminal investigated by the agent unit based on information regarding a method for vulnerability investigation contained in the vulnerability information before the release date and time of the vulnerability information; and
a presentation step of presenting the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
(Supplementary Note 14)The control method according to Supplementary Note 13, wherein the transmission step transmits the vulnerability information to the agent unit before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding a method for vulnerability investigation.
(Supplementary Note 15)The control method according to Supplementary Note 13 or 14, further comprising:
a step of storing, into a vulnerability information storage unit, the vulnerability information before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures, wherein
the transmission step transmits the vulnerability information to the agent unit before the release date and time of the vulnerability information, the vulnerability information containing the encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures.
(Supplementary Note 16)The control method according to Supplementary Note 15, wherein
a release flag to which a value indicating whether the vulnerability information is unreleased or released is set is added to the vulnerability information, and
the control method further comprises:
a step of reading the vulnerability information to which the release flag to which a value indicating “unreleased” is set is added from among the vulnerability information stored in the vulnerability information storage unit, and
a step of, when a release date and time contained in the read vulnerability information is before a current date and time, decrypting the information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures contained in the read vulnerability information, setting a value indicating “released” to the release flag added to the read vulnerability information, and storing the read vulnerability information again into the vulnerability information storage unit.
(Supplementary Note 17)The control method according to Supplementary Note 16, wherein
a vulnerability information ID for identifying the vulnerability information is further added to the vulnerability information,
the vulnerability investigation results contain a vulnerability information ID for identifying the vulnerability information related to investigated vulnerabilities, a terminal ID for identifying the terminal, and investigation results indicating presence or absence of vulnerabilities in the terminal,
the control method further comprises:
a step of storing the vulnerability investigation results into a vulnerability investigation result storage unit,
a step of reading the vulnerability information to which the release flag to which a value indicating “released” is set is added from among the vulnerability information stored in the vulnerability information storage unit,
a step of reading the vulnerability investigation results containing the vulnerability information ID matching with the read vulnerability information and containing investigation results indicating presence of vulnerabilities in the terminal from among the vulnerability investigation results stored in the vulnerability investigation result storage unit, and
the presentation step presents an overview and a method for countermeasures contained in the read vulnerability information, and presents the terminal ID contained in the read vulnerability investigation results.
(Supplementary Note 18)A non-transitory computer readable medium storing a program causing a computer to execute:
a transmission step of transmitting, to an agent unit included in a terminal, vulnerability information before a release date and time of the vulnerability information;
a step of receiving, from the agent unit, vulnerability investigation results containing investigation results regarding presence or absence of vulnerabilities in the terminal investigated by the agent unit based on information regarding a method for vulnerability investigation contained in the vulnerability information before a release date and time of the vulnerability information; and
a presentation step of presenting the vulnerability information and the vulnerability investigation results on or after the release date and time of the vulnerability information.
(Supplementary Note 19)The non-transitory computer readable medium according to Supplementary Note 18, wherein the transmission step transmits the vulnerability information to the agent unit before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding a method for vulnerability investigation.
(Supplementary Note 20)The non-transitory computer readable medium according to Supplementary Note 18 or 19, wherein the program causes the computer to further execute:
a step of storing, into a vulnerability information storage unit, the vulnerability information before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures, wherein
the transmission step transmits the vulnerability information to the agent unit before the release date and time of the vulnerability information, the vulnerability information containing the encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures.
(Supplementary Note 21)The non-transitory computer readable medium according to Supplementary Note 20, wherein
a release flag to which a value indicating whether the vulnerability information is unreleased or released is set is added to the vulnerability information, and
the program causes the computer to further execute:
a step of reading the vulnerability information to which the release flag to which a value indicating “unreleased” is set is added from among the vulnerability information stored in the vulnerability information storage unit, and
a step of, when a release date and time contained in the read vulnerability information is before a current date and time, decrypting the information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures contained in the read vulnerability information, setting a value indicating “released” to the release flag added to the read vulnerability information, and storing the read vulnerability information again into the vulnerability information storage unit.
(Supplementary Note 22)The non-transitory computer readable medium according to Supplementary Note 21, wherein
a vulnerability information ID for identifying the vulnerability information is further added to the vulnerability information,
the vulnerability investigation results contain a vulnerability information ID for identifying the vulnerability information related to investigated vulnerabilities, a terminal ID for identifying the terminal, and investigation results indicating presence or absence of vulnerabilities in the terminal,
the program causes the computer to further execute:
a step of storing the vulnerability investigation results into a vulnerability investigation result storage unit,
a step of reading the vulnerability information to which the release flag to which a value indicating “released” is set is added from among the vulnerability information stored in the vulnerability information storage unit,
a step of reading the vulnerability investigation results containing the vulnerability information ID matching with the read vulnerability information and containing investigation results indicating presence of vulnerabilities in the terminal from among the vulnerability investigation results stored in the vulnerability investigation result storage unit, and
the presentation step presents an overview and a method for countermeasures contained in the read vulnerability information, and presents the terminal ID contained in the read vulnerability investigation results.
(Supplementary Note 23)A non-transitory computer readable medium storing a program causing a computer to execute:
a receiving step of receiving, from a server, vulnerability information before a release date and time of the vulnerability information;
an investigation step of investing presence or absence of vulnerabilities in a terminal based on information regarding a method for vulnerability investigation contained in the vulnerability information before a release date and time of the vulnerability information; and
a step of transmitting, to the server, vulnerability investigation results containing investigation results in the investigation step before the release date and time of the vulnerability information.
(Supplementary Note 24)The non-transitory computer readable medium according to Supplementary Note 23, wherein
the receiving step receives, from the server, the vulnerability information before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding a method for vulnerability investigation, and
the investigation step decrypts the information regarding a method for vulnerability investigation contained in the vulnerability information, and investigates presence or absence of vulnerabilities in the terminal based on the decrypted information regarding a method for vulnerability investigation before the release date and time of the vulnerability information.
(Supplementary Note 25)The non-transitory computer readable medium according to Supplementary Note 23 or 24, wherein
the receiving step receives, from the server, the vulnerability information before a release date and time of the vulnerability information, the vulnerability information containing encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures, and
the program causes the computer to further execute:
a step of storing the vulnerability information into a vulnerability information storage unit before the release date and time of the vulnerability information, the vulnerability information containing the encrypted information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures.
(Supplementary Note 26)The non-transitory computer readable medium according to Supplementary Note 25, wherein
a release flag to which a value indicating whether the vulnerability information is unreleased or released is set is added to the vulnerability information,
the program causes the computer to further execute:
a step of reading the vulnerability information to which the release flag to which a value indicating “unreleased” is set is added from among the vulnerability information stored in the vulnerability information storage unit, and
a step of, when a release date and time contained in the read vulnerability information is before a current date and time, decrypting the information regarding an overview of vulnerabilities, a method for investigation and a method for countermeasures contained in the read vulnerability information, setting a value indicating “released” to the release flag added to the read vulnerability information, and storing the read vulnerability information again into the vulnerability information storage unit.
(Supplementary Note 27)The non-transitory computer readable medium according to Supplementary Note 26, wherein
a vulnerability information ID for identifying the vulnerability information is further added to the vulnerability information,
the vulnerability investigation results contain a vulnerability information ID for identifying the vulnerability information related to investigated vulnerabilities, a terminal ID for identifying the terminal, and investigation results indicating presence or absence of vulnerabilities in the terminal,
the program causes the computer to further execute:
a step of storing the vulnerability investigation results into a vulnerability investigation result storage unit,
a step of reading the vulnerability information to which the release flag to which a value indicating “released” is set is added from among the vulnerability information stored in the vulnerability information storage unit, and
a step of, when the vulnerability investigation results containing the vulnerability information ID matching with the read vulnerability information and containing investigation results indicating presence of vulnerabilities in the terminal are included in the vulnerability investigation results stored in the vulnerability investigation result storage unit, presenting an overview and a method for countermeasures contained in the read vulnerability information.
REFERENCE SIGNS LIST
- 100 VULNERABILITY INFORMATION PROVIDING INSTITUTION
- 110 VULNERABILITY INFORMATION TRANSMISSION SYSTEM
- 200 SECURITY RISK MANAGEMENT SYSTEM PROVIDING COMPANY
- 210 VULNERABILITY INFORMATION DISTRIBUTION SYSTEM
- 211 VULNERABILITY INFORMATION RECEIVING UNIT
- 212 VULNERABILITY INFORMATION DATA CREATION UNIT
- 213 VULNERABILITY INFORMATION DATA ENCRYPTION UNIT
- 214 COMMON KEY STORAGE UNIT
- 215 VULNERABILITY INFORMATION DATA STORAGE UNIT
- 216 VULNERABILITY INFORMATION DATA TRANSMITTING UNIT
- 300 SECURITY RISK MANAGEMENT SYSTEM USING COMPANY
- 305 SECURITY RISK MANAGEMENT SYSTEM
- 310 SERVER
- 311 VULNERABILITY INFORMATION DATA RECEIVING UNIT
- 312 VULNERABILITY INFORMATION DATA STORAGE UNIT
- 313 VULNERABILITY INFORMATION DATA DISTRIBUTION UNIT
- 314 VULNERABILITY INVESTIGATION RESULT RECEIVING UNIT
- 315 VULNERABILITY INVESTIGATION RESULT STORAGE UNIT
- 316 VULNERABILITY RELEASE DATE AND TIME CHECKING UNIT 316
- 317 VULNERABILITY INFORMATION DATA DECRYPTION UNIT
- 318 COMMON KEY STORAGE UNIT
- 319 VULNERABILITY INFORMATION AND INVESTIGATION RESULT DISPLAY UNIT
- 3101 COMMUNICATION UNIT
- 3102 PRESENTATION UNIT
- 320 AGENT UNIT
- 321 VULNERABILITY INFORMATION DATA RECEIVING UNIT
- 322 VULNERABILITY INFORMATION DATA STORAGE UNIT
- 323 VULNERABILITY INVESTIGATION UNIT
- 324 VULNERABILITY INFORMATION DATA DECRYPTION UNIT
- 325 COMMON KEY STORAGE UNIT
- 326 VULNERABILITY INVESTIGATION RESULT STORAGE UNIT
- 327 VULNERABILITY INVESTIGATION RESULT TRANSMITTING UNIT
- 328 VULNERABILITY RELEASE DATE AND TIME CHECKING UNIT
- 329 VULNERABILITY INFORMATION DISPLAY UNIT
- 3201 COMMUNICATION UNIT
- 3202 INVESTIGATION UNIT
- 330 TERMINAL
- 400 COMPUTER
- 401 PROCESSOR
- 402 MEMORY
- 403 STORAGE
- 404 INPUT/OUTPUT INTERFACE
- 4041 DISPLAY DEVICE
- 4042 INPUT DEVICE
- 405 COMMUNICATION INTERFACE
Claims
1-15. (canceled)
16. A method performed by a terminal, the method comprising:
- receiving, from a server, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation, before the release date and time, wherein the vulnerability information is received by the server from a vulnerability information distribution system; and
- investigating the terminal using the method for investigation.
17. The method according to claim 16, wherein
- the investigating is performed before the release date and time.
18. The method according to claim 16, further comprising:
- sending a result of the investigating to the server.
19. The method according to claim 16, wherein the vulnerability information is encrypted, and the method further comprising:
- decrypting the encrypted vulnerability information before the investigating is performed.
20. A method comprising:
- receiving, from a vulnerability information distribution system, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation;
- transmitting the vulnerability information to a terminal before the release date and time; and
- receiving, from the terminal, a result of investigation performed in the terminal using the method for investigation.
21. The method according to claim 20, further comprising:
- displaying the result before the release date and time.
22. A method for a system including a server and a terminal comprising:
- receiving, by the server from a vulnerability information distribution system, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation;
- transmitting, by the server, the vulnerability information to the terminal before the release date and time;
- investigating the terminal using the method for investigation; and
- receiving, from the terminal, a result of the investigating.
23. A terminal comprising:
- one or more processors; and
- one or more memories storing executable instructions that, when executed by the one or more processors, causes the one or more processors to perform:
- receiving, from a server, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation, before the release date and time, wherein the vulnerability information is received by the server from a vulnerability information distribution system; and
- investigating the terminal using the method for investigation.
24. The terminal according to claim 23, wherein
- the investigating is performed before the release date and time.
25. The terminal according to claim 23, wherein the one or more processors further perform sending a result of the investigating to the server.
26. The terminal according to claim 23, wherein the vulnerability information is encrypted, and
- the one or more processors further perform decrypting the encrypted vulnerability information before the investigating is performed.
27. A server comprising:
- one or more processors; and
- one or more memories storing executable instructions that, when executed by the one or more processors, causes the one or more processors to perform:
- receiving, from a vulnerability information distribution system, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation;
- transmitting the vulnerability information to a terminal before the release date and time; and
- receiving, from the terminal, a result of investigation performed in the terminal using the method for investigation.
28. The server according to claim 20, wherein the one or more processors further perform:
- displaying the result before the release date and time.
29. A system comprising:
- a terminal;
- a server;
- one or more processors; and
- one or more memories storing executable instructions that, when executed by the one or more processors, causes the one or more processors to perform:
- receiving, by the server from a vulnerability information distribution system, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation;
- transmitting, by the server, the vulnerability information to a terminal before the release date and time;
- investigating the terminal using the method for investigation; and
- receiving, from the terminal, a result of the investigating.
30. A non-transitory computer readable information recording medium storing a program, that when executed by a processor, causes the processor to execute:
- receiving, from a server, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation, before the release date and time, wherein the vulnerability information is received by the server from a vulnerability information distribution system; and
- investigating the terminal using the method for investigation.
31. A non-transitory computer readable information recording medium storing a program, that when executed by a processor, causes the processor to execute:
- receiving, from a vulnerability information distribution system, vulnerability information concerning vulnerability, including a release date and time, and a method for investigation;
- transmitting the vulnerability information to a terminal before the release date and time; and
- receiving, from the terminal, a result of investigation performed in the terminal using the method for investigation.
Type: Application
Filed: Nov 20, 2020
Publication Date: Jun 3, 2021
Applicant: NEC CORPORATION (Tokyo)
Inventor: Toshimitsu USUBA (Tokyo)
Application Number: 16/953,940
