摘要 |
PROBLEM TO BE SOLVED: To easily unify managed authority even when authorization management is performed by different organization structures in networks. SOLUTION: The relation of permission to access a resource in one network from organization data in another network is generated by an authorization correspondence relation editing means 31 and held in an authorization correspondence relation maintaining means 32. Here, if a user in a network 1 makes a request to access a resource in a network 2, an authorization corresponding relation retrieving means 33 retrieves whether or not the user as the access request source or the group that the user belongs to corresponds to organization data in the network 2 at a request from an authorization management service part 21 and rejects the access when not; when the user or group corresponds to the data, an authorization management service part 21 judges whether or not the organization data has the right to access the target resource in the network 2.
|