Security management device, security management manner, and security manager administrative program

摘要

P To provide a security management device and a security management method and a security management PROGRAM for performing proper risk evaluation by considering a time elapsed from the detection of a security risk which is inherent in a computer system until the security risk is addressed. PSOLUTION: This security management device 3 is provided with: a security management DB35 which stores history information related to security management; a fragility testing part 31 which tests the fragility of a computer 1; a work flow managing part 32 which manages a work flow related to the test of fragility; a risk level calculating part 34 which calculates a risk level value for each computer 1 from the history information related to the fragility and illegal access stored in the security management DB 35; and an access control part 13 which controls a fire wall 3 ON the basis of the calculated risk level value of the computer 1. PCOPYRIGHT: (C)2005 and JPO& NCIPI