TREA

Computer-readable recording medium recording a security management program, computer-readable recording medium recording a job submission management program, and security management method

Follow

Information

  • Patent Application
  • 20070195358
  • Publication Number
    20070195358
  • Date Filed
    August 01, 2006
    18 years ago
  • Date Published
    August 23, 2007
    17 years ago
Information
Abstract
A computer-readable recording medium recording a security management program which enables nodes for executing jobs to omit virus check while maintaining the security of a system. When a job execution request including a program is input, a sender decision unit compares the identification of the job sender with reliable device information, to determine whether or not the program has been transmitted from a reliable device. Subsequently, a job manager outputs a start request specifying the program. If the program is judged to have been transmitted from a device other than the reliable devices, a safety decision unit outputs a virus check request, whereupon a virus checker executes code check on the program.
Description

BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 schematically illustrates the present invention.



FIG. 2 shows an exemplary system configuration of the invention.



FIG. 3 shows an exemplary hardware configuration of a gateway used in the invention.



FIG. 4 is a conceptual diagram illustrating a process according to a first embodiment.



FIG. 5 is a block diagram illustrating the processing function of the gateway and of a node according to the first embodiment.



FIG. 6 shows an exemplary data structure of a safe program list.



FIG. 7 is a sequence diagram illustrating a job execution procedure according to the first embodiment.



FIG. 8 is a flowchart illustrating a job execution process executed by the node.



FIG. 9 is a conceptual diagram illustrating a process according to a second embodiment.



FIG. 10 is a block diagram illustrating the processing functions of the gateway and the node according to the second embodiment.



FIG. 11 is a sequence diagram illustrating a job execution procedure according to the second embodiment.



FIG. 12 is a conceptual diagram illustrating a process according to a third embodiment.



FIG. 13 is a block diagram illustrating the processing functions of the gateway and the node according to the third embodiment.



FIG. 14 shows an exemplary data structure of a client safety management table.



FIG. 15 shows an exemplary data structure of a program safety management table.



FIG. 16 shows an exemplary data structure of a real-time monitoring process list.



FIG. 17 is a sequence diagram illustrating a job execution procedure according to the third embodiment.



FIG. 18 is a flowchart illustrating a job execution process executed by the node.


Claims
  • 1. A computer-readable recording medium recording a security management program for managing security of jobs submitted via a network, wherein the security management program causes a computer to function as:sender decision means holding in advance reliable device information indicating identifications of reliable devices, the sender decision means being responsive to a request to execute a job including a program, input via the network, for comparing an identification of a sender of the job with those of the reliable device information to determine whether or not the program has been transmitted from a reliable device;job manager means for storing the input program in a storage device and outputting a start request specifying the program;safety decision means for causing an operating system to execute the start request if it is judged by the sender decision means that the program specified by the start request output from the job manager means has been transmitted from a reliable device, and outputting a virus check request if it is judged by the sender decision means that the program specified by the start request has been transmitted from a device other than the reliable devices; andvirus checker means, responsive to the virus check request output from the safety decision means, for reading out the program specified by the start request from the storage device, executing a code check process for ascertaining that the program does not contain a code sequence included in a known virus, and, if the code sequence is not contained, causing the operating system to execute the start request.
  • 2. The computer-readable recording medium according to claim 1, wherein, when the virus check request is output from the safety decision means, the virus checker means executes a real-time monitoring process in which a process executing the program is monitored and, when a request is output from the process to the operating system, the output request is checked to ascertain that the request is not a request demanding an improper process.
  • 3. The computer-readable recording medium according to claim 1, wherein the sender decision means registers, in a safe program list, a program name of the program which is judged to have been transmitted from a reliable device, and the safety decision means looks up the safe program list to determine whether or not it is judged by the sender decision means that the program specified by the start request output from the job manager means has been transmitted from a reliable device.
  • 4. The computer-readable recording medium according to claim 1, wherein the program is affixed with safety information indicative of safety of the program, the sender decision means acquires the safety information, andwhen it is judged by the sender decision means that the program specified by the start request output from the job manager means has been transmitted from a reliable device, the safety decision means causes the operating system to execute the start request if the safety information acquired by the sender decision means shows that the program is safe, and outputs the virus check request if the safety information acquired by the sender decision means does not show that the program is safe.
  • 5. The computer-readable recording medium according to claim 4, wherein the safety information indicates safety of the program by means of three levels of reliability, the sender decision means registers, in a program safety management table, a filename and reliability level of the program in a manner associated with each other,the safety decision means causes the operating system to execute the start request output from the job manager means if the reliability level of the program specified by the start request is highest, outputs a virus check request designating a code check if the reliability level is second highest, and outputs a virus check request designating the code check as well as real-time monitoring if the reliability level is third highest, andwhen the code check is designated in the virus check request output from the safety decision means, the virus checker means executes the code check process and, if the code sequence is not contained in the program, causes the operating system to execute the start request; and when the real-time monitoring is designated in the virus check request, the virus checker means executes a real-time monitoring process in which a process executing the program is monitored and, each time a request is output from the process to the operating system, the output request is checked to ascertain that the request is not a request demanding an improper process.
  • 6. A computer-readable recording medium recording a job submission management program for allocating a job requested from a client to a plurality of computers to be executed by distributed processing, wherein the job submission management program causes a computer to function as:certificate verifier means, responsive to input of a job submission request including a certificate and a program, for checking the certificate for authenticity;safety information setting means for affixing safety information indicative of safety of the program if authenticity of the certificate is verified by the certificate verifier means; andjob allocator means for selecting a node to which execution of a job is requested, and transmitting, to the selected node, a job execution request including the program to which the safety information has been affixed by the safety information setting means.
  • 7. The computer-readable recording medium according to claim 6, wherein the safety information setting means looks up a client safety management table in which the client and safety of the program input from the client are registered in association with each other and in which the safety of the program is indicated by means of three levels of reliability, and sets, as the safety information, a reliability level corresponding to the client from which the job submission request including the program has been received.
  • 8. A security management method for managing security of jobs submitted via a network, comprising: the step, executed in response to input of a job submission request including a certificate and a program, of causing certificate verifier means of a job management device to check the certificate for authenticity;the step, executed if authenticity of the certificate is verified by the certificate verifier means, of causing job allocator means of the job management device to select a job execution device to which execution of a job is requested, and to transmit, to the selected job execution device, a request to execute a job including the program;the step, executed in response to input of the job execution request with the program via the network, of causing sender decision means of the job execution device holding in advance reliable device information indicating identifications of reliable devices, to compare an identification of a sender of the job with those of the reliable device information to determine whether or not the program has been transmitted from a reliable device;the step of causing job manager means of the job execution device to store the input program in a storage device and to output a start request specifying the program;the step of causing safety decision means of the job execution device to have an operating system execute the start request if it is judged by the sender decision means that the program specified by the start request output from the job manager means has been transmitted from a reliable device, and to output a virus check request if it is judged by the sender decision means that the program specified by the start request has been transmitted from a device other than the reliable devices; andthe step, executed in response to the virus check request output from the safety decision means, of causing virus checker means of the job execution device to read out the program specified by the start request from the storage device, to execute a code check process for ascertaining that the program does not contain a code sequence included in a known virus, and, if the code sequence is not contained, to cause the operating system to execute the start request.
  • 9. The security management method according to claim 8, wherein, when the virus check request is output from the safety decision means, the virus checker means executes a real-time monitoring process in which a process executing the program is monitored and, when a request is output from the process to the operating system, the output request is checked to ascertain that the request is not a request demanding an improper process.
  • 10. The security management method according to claim 8, wherein, if authenticity of the certificate is verified by the certificate verifier means of the job management device, safety information setting means of the job management device affixes safety information indicating that the program is safe, if the program is affixed with the safety information indicative of safety of the program, the sender decision means of the job execution device acquires the safety information, andwhen it is judged by the sender decision means that the program specified by the start request output from the job manager means has been transmitted from a reliable device, the safety decision means of the job execution device causes the operating system to execute the start request if the safety information acquired by the sender decision means shows that the program is safe, and outputs the virus check request if the safety information acquired by the sender decision means does not show that the program is safe.
  • 11. The security management method according to claim 10, wherein the safety information setting means of the job management device looks up a client safety management table in which the client and safety of the program input from the client are registered in association with each other and in which the safety of the program is indicated by means of three levels of reliability, and sets, as the safety information, a reliability level corresponding to the client from which the job submission request including the program has been received, the sender decision means of the job execution device registers, in a program safety management table, a filename and reliability level of the program in a manner associated with each other,the safety decision means of the job execution device causes the operating system to execute the start request output from the job manager means if the reliability level of the program specified by the start request is highest, outputs a virus check request designating a code check if the reliability level is second highest, and outputs a virus check request designating the code check as well as real-time monitoring if the reliability level is third highest, andwhen the code check is designated in the virus check request output from the safety decision means, the virus checker means of the job execution device executes the code check process and, if the code sequence is not contained in the program, causes the operating system to execute the start request; and when the real-time monitoring is designated in the virus check request, the virus checker means executes a real-time monitoring process in which a process executing the program is monitored and, each time a request is output from the process to the operating system, the output request is checked to ascertain that the request is not a request demanding an improper process.
  • 12. The security management method according to claim 8, wherein virus pre-checker means of the job management device is operative in response to input of the job submission request including the certificate and the program, to execute a code check process for checking the program to ascertain that the program does not contain the code sequence included in the known virus, and if authenticity of the certificate is verified by the certificate verifier means and also if no problem is detected as a result of the code check process by the virus pre-checker means, the job allocator means of the job management device selects a job execution device to which execution of the job is requested, and transmits the job execution request including the program to the selected job execution device.
Priority Claims (1)
Number Date Country Kind
JP 2006-042512 Feb 2006 JP national