| 摘要 |
The restriction regarding a description order in an access control list can be released. A permission rule and a prohibition rule are previously stored. A rule is read from a received access control list, and whether the read rule is contained in the previously stored permission rule or the prohibition rule is judged. In the case that the read rule is not contained and the read rule is a permission rule, the rule is recorded in a temporary storage unit. In the case that the read rule is not contained and the read rule is a prohibition rule, whether or not the prohibition rule contradicts the permission rule stored in the temporary storage unit is judged. If they are not contradictory to each other, the prohibition rule is stored in the temporary storage unit. If they are contradictory to each other, the prohibition rule is converted and stored so that the access target resources described in the permission rule is excluded from the access target resources described in the prohibition rule, on the basis of the resource information. |
