1. Field of the Invention
The present invention relates to a technology for developing a computer-executable program and verifying a program list.
2. Description of the Related Art
In recent years, awareness of computer security has been rising with the popularization of information devices such as a personal computer (PC). For example, when data that should be protected is present within a computer, the data can be prevented from being needlessly read through division of areas accessible by a user based on privileged mode and ordinary mode of an operating system (OS). A technology is disclosed in JP-A 2004-240536 (KOKAI) that provides an ordinary, writable memory space and a secure memory space (protected memory area) from which reading is prohibited. Data and instructions stored in the protected memory area are prevented from being read out to an external destination. As a method of actualizing the protected memory area, a technology that combines an encryption feature and in-chip memory access control is disclosed in Hashimoto, et al., “Multi-vendor Secure Processor under a Hostile Operating System”, Transactions of Information Processing Society of Japan, Vol. 45, No. SIG03. When protection is actualized in this way through a combination of the encryption feature and the access control, one of protection of confidentiality to protect secrets and protection of integrity to prevent alterations, or both can conceptually be provided.
Askarov, et al., “Cryptographically-masked Flows”, 2006 discloses a technology that, when pieces of data and program portions having different security levels are present within a program referred to as Information Flow Analysis, prevents pieces of information in pieces of data having a high security level from leaking to a low security level section. The technology also achieves compatibility in data exchange between the program portions having different security levels by using type-verification when a piece of data is moved between different security levels. Moreover, when the security level of a piece of data with a high security level is dropped to a low security level, a programmer is explicitly forced to perform a specific operation, or an encryption operation is performed.
However, in the above-described conventional technologies, although a protected memory area actualizing one of the protection of confidentiality and the protection of integrity or both can be provided as hardware, when, for example, an erroneous processing content is written in a program itself used to perform data processing, a piece of data that should be protected may not be stored in the protected memory area. In this case, the piece of data may be exposed to attacks, such as leakage and alterations.