MANAGEMENT SYSTEM, MANAGEMENT METHOD, AND NON-TRANSITORY STORAGE MEDIUM
First Claim
1. A management system, comprising:
- a transmission information acquisition unit that acquires transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center;
an extraction unit that extracts a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information acquisition unit acquires the transmission information;
an acquisition unit that acquires security information, which indicates a security function realizable in the external data center, from the external data center when the transmission information acquisition unit acquires the transmission information; and
a determination unit that determines whether or not the first security policy is realizable in the external data center based on the security information.
1 Assignment
0 Petitions
Accused Products
Abstract
There is provided a management system (10) including a transmission information acquisition unit (11) that acquires transmission information indicating that resources held in a resource holding unit (31) are to be transmitted to an external data center, an extraction unit (12) that extracts a first security policy, which is a security policy applied to an application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit (32) that holds the security policy applied to the application when the transmission information acquisition unit (11) acquires the transmission information, an acquisition unit (14) that acquires security information, which indicates a security function realizable in the external data center, from the external data center when the transmission information acquisition unit (11) acquires the transmission information, and a determination unit (13) that determines whether or not the first security policy is realizable in the external data center based on the security information.
27 Citations
18 Claims
-
1. A management system, comprising:
-
a transmission information acquisition unit that acquires transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center; an extraction unit that extracts a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information acquisition unit acquires the transmission information; an acquisition unit that acquires security information, which indicates a security function realizable in the external data center, from the external data center when the transmission information acquisition unit acquires the transmission information; and a determination unit that determines whether or not the first security policy is realizable in the external data center based on the security information. - View Dependent Claims (2, 5, 6, 7, 8)
-
-
3. A management system, comprising:
-
a transmission information acquisition unit that acquires transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center; an extraction unit that extracts a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information acquisition unit acquires the transmission information; and an inquiry unit that inquires of the external data center whether or not the first security policy is realizable in the external data center and acquires a reply from the external data center. - View Dependent Claims (4)
-
-
9. A management system that receives resources to realize an application from an external data center, comprising:
-
a security information holding unit that holds security information indicating a security function realizable in a data center of a receiving destination; a transmission request receiving unit that receives a request for transmission of the security information from the external data center; and a security information transmission unit that takes out the security information from the security information holding unit and transmits the security information to the external data center when the transmission request receiving unit receives the request for transmission.
-
-
10. A management system that receives resources to realize an application from an external data center, comprising:
-
a security information holding unit that holds security information indicating a security function realizable in a data center of a receiving destination; an inquiry receiving unit that receives, from the external data center, an inquiry regarding whether or not a predetermined security policy is realizable in the data center of the receiving destination; a checking unit that determines whether or not the predetermined security policy is realizable in the data center of the receiving destination based on the security information when the inquiry receiving unit receives the inquiry; and a reply transmission unit that transmits a determination result of the checking unit to the external data center.
-
-
11. A non-transitory storage medium storing a program causing a computer to function as:
-
a transmission information acquisition unit that acquires transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center; an extraction unit that extracts a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information acquisition unit acquires the transmission information; an acquisition unit that acquires security information, which indicates a security function realizable in the external data center, from the external data center when the transmission information acquisition unit acquires the transmission information; and a determination unit that determines whether or not the first security policy is realizable in the external data center based on the security information.
-
-
12. A non-transitory storage medium storing a program causing a computer to function as:
-
a transmission information acquisition unit that acquires transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center; an extraction unit that extracts a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information acquisition unit acquires the transmission information; and an inquiry unit that inquires of the external data center whether or not the first security policy is realizable in the external data center and acquires a reply from the external data center.
-
-
13. A non-transitory storage medium storing a program for receiving resources to realize an application from an external data center, the program causing a computer to function as:
-
a security information holding unit that holds security information indicating a security function realizable in a data center of a receiving destination; a transmission request receiving unit that receives a request for transmission of the security information from the external data center; and a security information transmission unit that takes out the security information from the security information holding unit and transmits the security information to the external data center when the transmission request receiving unit receives the request for transmission.
-
-
14. A non-transitory storage medium storing a program for receiving resources to realize an application from an external data center, the program causing a computer to function as:
-
a security information holding unit that holds security information indicating a security function realizable in a data center of a receiving destination; an inquiry receiving unit that receives, from the external data center, an inquiry regarding whether or not a predetermined security policy is realizable in the data center of the receiving destination; a checking unit that determines whether or not the predetermined security policy is realizable in the data center of the receiving destination based on the security information when the inquiry receiving unit receives the inquiry; and a reply transmission unit that transmits a determination result of the checking unit to the external data center.
-
-
15. A management method causing a computer to execute:
-
a transmission information acquisition step of acquiring transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center; an extraction step of extracting a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information is acquired in the transmission information acquisition step; an acquisition step of acquiring security information, which indicates a security function realizable in the external data center, from the external data center when the transmission information is acquired in the transmission information acquisition step; and a determination step of determining whether or not the first security policy is realizable in the external data center based on the security information.
-
-
16. A management method causing a computer to execute:
-
a transmission information acquisition step of acquiring transmission information indicating that resources to realize an application held in a resource holding unit are to be transmitted to an external data center; an extraction step of extracting a first security policy, which is a security policy applied to the application to be transmitted and is a security policy to be realized in the external data center, from a security policy holding unit that holds the security policy applied to the application when the transmission information is acquired in the transmission information acquisition step; and an inquiry step of inquiring of the external data center whether or not the first security policy is realizable in the external data center and acquiring a reply from the external data center.
-
-
17. A management method for receiving resources to realize an application from an external data center, the method causing a computer to execute:
-
a transmission request receiving step of receiving a request for transmission of security information from the external data center; and a security information transmission step of taking out the security information from a security information holding unit, which holds security information indicating a security function realizable in a data center of a receiving destination, and transmitting the security information to the external data center when the request for transmission is received in the transmission request receiving step.
-
-
18. A management method for receiving resources to realize an application from an external data center, the method causing a computer to execute:
-
an inquiry receiving step of receiving, from the external data center, an inquiry regarding whether or not a predetermined security policy is realizable in a data center of the receiving destination; a checking step of determining whether or not the predetermined security policy is realizable in the data center of the receiving destination based on security information, which indicates a security function realizable in the data center of the receiving destination and is held in a security information holding unit, when the inquiry is received in the inquiry receiving step; and a reply transmission step of transmitting a determination result in the checking step to the external data center.
-
Specification