Computer-readable recording medium storing security management program, security management system, and method of security management

Abstract

A computer-readable recording medium storing a security management program which is capable of quickly coping with a security hole in a library when it is found, a security management system, and a method of security management. When a request for executing jobs, including a job program is input, a service library-determining section analyzes the job program and determines link libraries called by the job program. Then, a job submission section transmits the job program to submission destination nodes, and instructs the submission destination nodes to execute the jobs according to the request. After that, when identification information for identifying a vulnerable library having a security defect is input, a submission destination-determining section obtains identification information for identifying the job program corresponding to the identification information for identifying the vulnerable library, and identification information for identifying the submission destination nodes corresponding to the obtained identification information for identifying the job program. Subsequently, a forcible job stop section instructs the submission destination nodes to stop processes for executing the job program.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram showing the concept of embodiments of the invention.

FIG. 2 is a diagram showing an example of a system configuration of a first embodiment of the invention.

FIG. 3 is a diagram showing an example of a hardware configuration of a gateway used in the first embodiment.

FIG. 4 is a block diagram showing the processing functions of the gateway and nodes according to the first embodiment.

FIG. 5 is a diagram showing an example of a data structure of a security database.

FIG. 6 is a diagram showing an example of a data structure of a service library management database.

FIG. 7 is a diagram showing an example of a data structure of a job submission destination management database.

FIG. 8 is a conceptual diagram showing a process carried out when a job is input.

FIG. 9 is a sequence diagram showing a job executing process for executing the job.

FIG. 10 is a conceptual diagram showing a process carried out when a security defect is detected in a library.

FIG. 11 is a sequence diagram showing the process carried out when a security defect is detected.

FIG. 12 is a diagram showing an example of a system configuration of a second embodiment of the invention.

FIG. 13 is a block diagram showing the processing functions of a gateway and nodes according to the second embodiment.

FIG. 14 is a sequence diagram showing a process for updating a library, which is carried out when a security defect is detected in a library.

Claims

1. A computer-readable recording medium storing a security management program for performing security management of a job submitted via a network, wherein a computer is caused to function as:a service library management database for storing associations between a job program describing processes of the job, and link libraries called by the job program;a job submission destination management database for storing associations between the job program, and job submission destination nodes to which the job has been submitted;job execution request-obtaining means for receiving input of a job execution request including the job program;service library-determining means for analyzing the job program obtained by said job execution request-obtaining means, determining the link libraries to be called by the job program, and registering associations between identification information for identifying the job program and identification information for identifying the link libraries in said service library management database;job submission means for determining submission destination nodes which are to be caused to execute the job program obtained by said job execution request-obtaining means, registering identification information for identifying the submission destination nodes and the identification information for identifying the job program in association with each other in said job submission destination management database, and transmitting the job program to the submission destination nodes for causing the submission destination nodes to execute the job program;submission destination-determining means operable when identification information for identifying a vulnerable library having a security defect is input, to refer to said service library management database to thereby obtain the identification information for identifying the job program corresponding to the identification information for identifying the vulnerable library, and refer to said job submission destination management database to thereby obtain the identification information for identifying the submission destination nodes corresponding to the obtained identification information for identifying the job program; andforcible job stop means for instructing the submission destination nodes to stop processes for executing the job program, based on the identification information for identifying the job program and the identification information for identifying the submission destination nodes, which are obtained by said submission destination-determining means.

2. The computer-readable recording medium according to claim 1, wherein the computer is caused to further function as vulnerable library information-obtaining means for periodically searching a security database in which is registered identification information for identifying a vulnerable library whenever a security defect is found in a library, to thereby obtain the identification information for identifying the vulnerable library, and outputting the obtained information to said submission destination-determining means.

3. The computer-readable recording medium according to claim 2, wherein degrees of risk indicative of levels of hazard to be caused by vulnerable libraries are set in the security database, and wherein said vulnerable library information-obtaining means outputs only identification information for identifying a vulnerable library having a higher degree of risk than a predetermined degree of risk to said submission destination-determining means.

4. The computer-readable recording medium according to claim 2, wherein said vulnerable library information-obtaining means periodically searches the security database in which is registered identification information for identifying a vulnerable library according to a request for obtaining information on a vulnerable library, the request being issued from said service library-determining means, to thereby obtain the identification information for identifying the vulnerable library, and passes the information to said service library-determining means, wherein after determining the link libraries, said service library-determining means issues the request for obtaining information on a vulnerable library to said vulnerable library information-obtaining means, receives the identification information for identifying the vulnerable library from said vulnerable library information-obtaining means, and determines whether or not there exists a link library whose identification information matches the identification information for identifying the vulnerable library, andwherein said job submission means causes the submission destination nodes to execute the job program only when said service library-determining means has determined that there is no link library whose identification information matches the identification information for identifying vulnerable libraries.

5. The computer-readable recording medium according to claim 4, wherein degrees of risk indicative of levels of hazard to be caused by vulnerable libraries are set in the security database, and wherein said vulnerable library information-obtaining means outputs only identification information for identifying a vulnerable library set to have a higher degree of risk than a first predetermined degree of risk, to said submission destination-determining means, and passes only identification information for identifying a vulnerable library set to have a higher degree of risk than a second predetermined degree of risk lower than the first predetermined degree of risk, to said service library-determining means.

6. The computer-readable recording medium according to claim 1, wherein the computer is caused to further function as library update-instructing means for transmitting a library update instruction for updating the vulnerable library to a latest version thereof, to the submission destination nodes

7. The computer-readable recording medium according to claim 6, wherein said forcible job stop means causes the submission destination nodes to start the job program after the vulnerable library in the submission destination nodes has been updated.

8. The computer-readable recording medium according to claim 1, wherein said service library-determining means extracts a description for calling a library prepared as another file and a description for calling a library incorporated in the job program, from the job program, and sets the libraries called by the respective descriptions to the link libraries.

9. The computer-readable recording medium according to claim 1, wherein said service library-determining means registers library names and versions of the link libraries as the identification information for identifying link libraries, in said service library management database, and wherein said submission destination-determining means receives a library name and a version of the vulnerable library as the identification information for identifying the vulnerable library.

10. A security management system for carrying out security management of a job submitted via a network, comprising: a service library management database for storing associations between a job program describing processes of the job, and link libraries called by the job program;a job submission destination management database for storing associations between the job program, and job submission destination nodes to which the job has been submitted;job execution request-obtaining means for receiving input of a job execution request including the job program;service library-determining means for analyzing the job program obtained by said job execution request-obtaining means, determining the link libraries to be called by the job program, and registering associations between identification information for identifying the job program and identification information for identifying the link libraries in said service library management database;job submission means for determining submission destination nodes which are to be caused to execute the job program obtained by said job execution request-obtaining means, registering identification information for identifying the submission destination nodes and the identification information for identifying the job program in association with each other in said job submission destination management database, and transmitting the job program to the submission destination nodes for causing the submission destination nodes to execute the job program;submission destination-determining means operable when identification information for identifying a vulnerable library having a security defect is input, to refer to said service library management database to thereby obtain the identification information for identifying the job program corresponding to the identification information for identifying the vulnerable library, and refer to said job submission destination management database to thereby obtain the identification information for identifying the submission destination nodes corresponding to the obtained identification information for identifying the job program; andforcible job stop means for instructing the submission destination nodes to stop processes for executing the job program, based on the identification information for identifying the job program and the identification information for identifying the submission destination nodes, which are obtained by said submission destination-determining means.

11. A method of security management, for carrying out security management of a job submitted via a network by a computer, comprising: a job execution request-obtaining step of receiving input of a job execution request including a job program;a service library-determining step of analyzing the job program obtained in said job execution request-obtaining step, determining the link libraries to be called by the job program, and registering associations between identification information for identifying the job program and identification information for identifying the link libraries in a service library management database;a job submission step of determining submission destination nodes which are to be caused to execute the job program obtained in said job execution request-obtaining step, registering identification information for identifying the submission destination nodes and the identification information for identifying the job program in association with each other in a job submission destination management database, and transmitting the job program to the submission destination nodes for causing the submission destination nodes to execute the job program;a submission destination-determining step of referring, when identification information for identifying a vulnerable library having a security defect is input, to the service library management database to thereby obtain the identification information for identifying the job program corresponding to the identification information for identifying the vulnerable library, and referring to the job submission destination management database to thereby obtain the identification information for identifying the submission destination nodes corresponding to the obtained identification information for identifying the job program; anda forcible job stop step of instructing the submission destination nodes to stop processes for executing the job program, based on the identification information for identifying the job program and the identification information for identifying the submission destination nodes, which are obtained in said submission destination-determining step.