摘要 |
A system 100 stores policy information in which role identification information, resource group identification information and action information are associated with each other (101), stores user identification information and role identification information in association with each other (102), receives an access request including user identification information for identifying a user of a client device (103), generates access control information based on the policy information and transmits the generated access control information to an access target device (104), acquires address information of a transmission source of the access request (105), and generates communication filter information representing permission for communication relating to an address represented by the acquired address information and transmits the generated communication filter information to a communication filter device specified based on the policy information (106). |