In an information communication terminal apparatus such as mobile phone, a program of a basic process to embody basic functions of the terminal apparatus is typically installed together with an operating system in advance. The basic process is a process by a function such as call processing function, browser function for Internet access, electronic mail function and screen control function. In the meantime, a program to execute a further process different from the basic process is downloaded to the terminal apparatus from the outside through a network, a recording medium and the like and then installed into the terminal apparatus by a user's operation and the like. However, if a computer virus is introduced when the program for the further process is downloaded to the terminal apparatus, the operating system or basic process may be attacked by the computer virus when the terminal apparatus executes the further process.
A structure of the information communication terminal apparatus will be described. FIG. 1A is a block diagram showing an example of a structure of a related information communication terminal apparatus.
In FIG. 1A, a structure of a well known typical apparatus is schematically shown. To the information communication terminal apparatus has been downloaded a program for a further process. In the followings, it is assumed that a further process is an application program or device driver (which is a software to execute an access request to a device and an interrupt process from the device and is also referred to as “I/O driver”) provided with native codes (which are binary codes compiled or assembled by a provider).
The information communication terminal apparatus shown in FIG. 1A is an information processing apparatus of a multi-CPU structure having a plurality of CPUs (Central Processing Units). The information communication terminal apparatus has a semiconductor integrated circuit, memory 31 and input/output apparatus (I/O) 51. The semiconductor integrated circuit has a plurality of CPUs 10010A and 10010B, a group including a program of a basic process and OS 10021A, a group including a program of a further process and OS 10021B and access control means 10030.
One or more CPUs 10010A are connected to memory 31 and I/O 51, respectively. One or more CPUs 10010B are connected to memory 31 and I/O 51 through access control means 10030.
In the information communication terminal apparatus shown in FIG. 1A, the CPUs are divided into a plurality of groups in accordance with reliability of a program or process to be executed. In the followings, the group is called as a domain. Here, the CPUs are divided into domain 10020A including the program of the basic process and OS 10021A and domain 10020B including the program of the further process and OS 10021B. In addition, security of domain 10020A is set to be higher than that of domain 10020B. The CPU of the low security/domain side, which has a separate hardware structure from the high security/domain, executes the program of the further process to secure the stability of the high security/domain.
The process having high reliability is to execute a process for data in which there is a low possibility that a computer virus will be included therein. The data having a low possibility that a computer virus will be included therein is data for a basic process that is installed in a computer main body in advance and also comprises data having security maintained by authentication as long as it is downloaded through the network.
As described above, one or more CPUs correspond to each domain. When accessing memory 31 and I/O 51 to execute the high security process of domain 10020A, CPU 10010B to execute the low security process of domain 10020B transmits an access request from CPU 10010B to access control means 10030. When access control means 10030 receives the access request from CPU 10010B, it determines permission/non-permission of the access. Then, only the access permitted by access control means 10030 is executed. By doing so, it is possible to establish a security system having very high reliability, based on the hardware control.
The international publication No. WO2006/022161 (Patent Document 1) discloses an information processing apparatus using a technology similar to the above. Patent Document 1 discloses a structure same as the access control means shown in FIG. 1A.
Next, an example of a method of controlling setting information between routers will be described.
FIG. 1B is a block diagram showing an example of an apparatus of controlling setting information between routers. As shown in FIG. 1B, router 10100A is connected to adjacent router 10100B.
In the structure shown in FIG. 1B, router 10100A transmits temporary stop information to router 10100B when temporarily stopping setting of router 10100B. Router 10100B having received the temporary stop information locks a change of setting information of its own apparatus. Thereby, router 10100A can control the setting information of the adjacent router without having an influence on the entire network.
A method using a technology similar to the above is disclosed in a Japanese Unexamined Patent Publication No. 2003-18199 (hereinafter, referred to as Patent Document 2). The Patent Document 2 discloses a method of controlling path information of an adjacent router, which is same as the method described in FIG. 1B.