摘要 |
<P>PROBLEM TO BE SOLVED: To generate a check rule for ensuring the security of a system. <P>SOLUTION: This communication information monitoring device 201 comprises a pseudo client 501, a monitoring part 502, and an integrating part 503. The pseudo client 501 transmits a request message including a trace value as a parameter to a web application and also analyzes a response message returned from the web application. The monitoring part 502 monitors whether the pseudo client 501 uses the transmitted trace value at various places in the system. The integrating part 503 generates a check rule on the basis of processing results of the pseudo client 501 and the monitoring part 502 and a preregistered check policy 510. Parameter usage and correspondence of check processing are registered in the check policy 510. <P>COPYRIGHT: (C)2007,JPO&INPIT |