In recent years, it is common that an information processing apparatus such as a server apparatus is communicated with another information processing apparatus connected via a network.
The following documents are considered herein:    [Patent Document 1] Published Unexamined Patent Application No. 2002-1008818    [Patent Document 2] Published Unexamined Patent Application No. 2001-101135    [Patent Document 3] Published Unexamined Patent Application No. 2003-196476    [Non-Patent Document 1] A. Nadalin, “Web Services Security Policy (WS-SecurityPolicy)”, 2002. HomepageURL “http://www-106.ibm.com/developerworks/webservices/library/ws-secpol”    [Non-Patent Document 2] E. Christensen, F. Curbera, G. Meredith, and S. Weerawarana, “Web Services Description Language (WSDL) 1.1”, W3C Note, 2001. HomepageURL “http://www.w3.org/TR/wsdl”
Along with the spread of the network such as the Internet, an unfair practice of using altered or falsified data has become a problem. On the contrary, a technique has been conventionally offered in which a security policy defining the restriction on data access, encryption, or electronic signature is generated and set up in the information processing apparatus (refer to patent documents 1 to 3).
According to patent document 1, a relatively complex security policy is simply created by preparing the models of security policy. Also, according to patent document 2, a technique has been offered in which a security policy is selected by the user from among the candidates of security policy settable in an apparatus of setting object. Also, according to patent document 3, a technique has been offered in which a security policy having a specific keyword is selected from among a plurality of security policies represented as a text file that are prepared. With these techniques, the user can be relieved of the trouble taken to select the security policy. Techniques to be mentioned in an embodiment of the invention, referring to non-patent documents 1 and 2, are also described.
The problems to be solved by the invention include the following. In recent years, a plurality of information processing apparatuses having a different administrator from each other typically cooperate with each other to provide the services such as a web service. For example, in the case of an online shopping system by use of credit cards, a purchaser terminal, seller server and card transaction system operate in a coordinated manner. To set up a security policy appropriate to each information processing apparatus in such a system, it is necessary to properly understand the contents or modes, etc. of communications performed between the information processing apparatuses and then perform the setting according to the contents or modes, etc. of the communications.
However, the techniques disclosed in the above described patent documents 1 to 3 aim to support the setting of a security policy with respect to a single information processing apparatus. Accordingly, with any of these techniques, a security policy can not be set up based on the contents, etc. of communications performed between the information processing apparatuses. On the contrary, a problem to be solved by the invention is to set up a suitable security policy for each information processing apparatus according to the whole business process implemented by a plurality of information processing apparatuses having a different administrator from each other.