| 摘要 |
<p>The present invention updates access control in real time when the connection state of an apparatus or a user changes frequently. The present invention is provided with: an authentication device that authenticates a user who is using a host connected to a forwarding node; and a policy management device that holds an access control policy that, using an identifier of the user or the forwarding node, specifies a host that is the subject of access control, and the policy management device ties together the identifier of the host that is the subject of access control and the identifier of the user using the host or the forwarding node to which the host is connected. The forwarding node transmits to the policy management device the set of the identifiers of the selfsame forwarding node and the host connected to the selfsame forwarding node, the authentication device transmits to the policy management device the set of the identifiers of the user and the host connected to the forwarding node, when the host connected to the forwarding node is the subject of access control, the policy management device notifies a control device of the contents of access control, and the control device generates a processing rule in accordance with the notification and sets the processing rule to the forwarding node.</p> |
| 申请人 |
NEC CORPORATION;MORITA, YOICHIRO;NAKAE, MASAYUKI;YAMAGATA, MASAYA;SASAKI, TAKAYUKI;SHIMONISHI, HIDEYUKI;SONODA, KENTARO;HATANO, YOICHI |
发明人 |
MORITA, YOICHIRO;NAKAE, MASAYUKI;YAMAGATA, MASAYA;SASAKI, TAKAYUKI;SHIMONISHI, HIDEYUKI;SONODA, KENTARO;HATANO, YOICHI |
