A business information system supporting operations of companies, public facilities and the like, which is generally referred to as an enterprise system, has now become a basis of organizations in all sizes. The business information system supports a complex organizational management by outputting higher value-added information after aggregating, accumulating, analyzing, and processing data obtained from a node terminal and a database.
Such a business information system needs various types of maintenance work, such as access rule monitoring, failure handling, function extending, and function changing after the system starts operating. Normally, a client company which introduces a business information system entrusts an outside management company with maintenance work. A system engineer (SE) of the outside management company mainly remotely logins to the business information system and performs the maintenance work.
Incidentally, in recent years, the Sarbanes-Oxley (SOX) act enacted in the United States has strongly demanded to guarantee the validity of information disclosure from business managers and accounting auditors. Following the act, Japanese SOX is introduced in Japan and it is imperative to establish a system to deal with the Japanese SOX.
In consideration of the social background, various techniques to enhance information security of a business information system are proposed as described in Patent Literatures 1 to 5.