1. Field of the Invention
The present invention relates to a software module management device and its program for updating safely the software module such as the operating system or application program.
2. Description of the Related Art
At present, many computing devices are composed of an operating system for operating the device, and various updatable software modules. Applications of software modules are varied. An exclusive software module is developed for an individual application, and various software modules are combined and used. The software modules are updated when it becomes necessary to upgrade a function or improve the performance, or when it becomes necessary to correct weaknesses.
Such computing devices are threatened by attacks by non-users intending to use the software modules unjustly. For example, an implementing weakness correcting method is disclosed in the authentication method called “AES-XCBC-MAC” (see “announce-jp”: 1319”, <http://home.jp.freebsd.org/cgi-bin/showmail/announce-jp/1319>). By unjust use of this published information and analysis of change position of a correction module, it is known what kind of weakness is caused by which input, and a computer of which a weakness is not corrected yet may be used unjustly.
Conventionally, if a weakness is reported to a reliable organization or a developer, the software module for correcting the weakness is developed, and, generally, the correction software module is distributed, and the weakness is laid open. However, if the weakness is unveiled before distribution of the correction software module, the threat to the computers is increased.
However, too hectic for remedy, if the correction software module cannot be inspected sufficiently, or other weaknesses may be induced, and correction of weakness may become insufficient.
To reduce such threat, new systems are widely proposed, such as a system of checking for presence or absence of distribution of a correction program periodically or by external instruction, and updating the correction program automatically if not distributed yet, or a system of informing the users to urge updating by a correction program.
However, the attackers are similarly provided with the same updating notice information, and are provided with opportunities of analyzing the correction software module and specifying the causative factor of weakness, and the development of attack programs by unjust use of weakness may be encouraged. As a result, the computing devices not corrected yet by the correction software module are exposed to a threat.
On the other hand, from the viewpoint of reducing the damage expansion risk by using common components, when the software module capable of realizing the same function by mutually different procedures is supplied from plural developers or providers (collectively called vendors), the absolute number of software modules, which are targets of attack, can be decreased, but the attacks cannot be prevented. Or, while the correction software module is not applied, the vulnerable software module may be utilized.
In computing devices, various software modules are used. Among them, even software modules provided by other vendors may be exchanged in function. For example, encryption and decryption modules, encoding and decoding modules, communication protocol stacks, and XML (extensible markup language) parsers are exchangeable in most parts except for the core portion of the operating system, depending on the design of computing device.
In the prior art, from the viewpoint of preventing attacks to weakness software modules, the use of an application or software module may be stopped. In this method, there is an advantage that an attack to the software module can be prevented, but the software module cannot be used. To avoid this demerit, while recognizing the threat, without stopping the use of the weakness software module, it may be resultingly attacked, or the weakness may be specified on the basis of the updating urging notice, and it may be attacked.