METHOD AND DEVICE FOR AUTOMATICALLY GENERATING SECURITY POLICY OF SECURE OS, AND PROGRAM FOR EXECUTING THE METHOD

摘要

PROBLEM TO BE SOLVED: To automatically generate a security policy for operating an application on a secure OS.;SOLUTION: A first intermediate notation independent from implementation forms of operating system (OS) and forced access control of a target is generated from a source code or a modeling view (steps 202 and 204). In the generation of the first intermediate notation, with respect to a certain access relation, when a plurality of candidates are given for an access authority to be set in the security policy, the access authority of the candidates is presented to a user, whereby the access authority of the access relation is solved (steps 203 and 207). A second intermediate notation dependent from the directory structure of the target is generated from information for the implementation forms of OS and forced access control of the target based on the first intermediate notation (step 205), and the security policy is generated from information for the directory structure of the target based on the second intermediate notation (step 206).;COPYRIGHT: (C)2005,JPO&NCIPI