In order to ensure security of a machine such as physical servers and virtual servers, access control is set in both the machine and a communication control device. Therefore, in order to ensure high security, whenever a machine is added to or deleted from a communication network, an operator changes settings of access control of the communication control device.
However, in a machine operation under a cloud environment where addition and deletion of machines occur particularly frequently, the operator may poorly respond because the number of changes in the access control settings is large, and it may be impossible to fully ensure security.
If security is not ensured, it may result in a risk that an access may be made to a machine to which an access is to be prohibited.
There is a related technique to enable the safe use of computer resources in a terminal with low computing performance from a non-safe user terminal through a non-safe network. In this related technique, a license issuing device confirms a user password inputted by a user, generates a communication key and a license, and transmits them with a date/time and an expiration of the communication key to a user terminal. The user terminal encrypts the license, a user identifier, and the date/time with the communication key, and transmits the result to a server. The server decodes the license received from the user terminal with a server password, examines the expiration of the communication key on the basis of the decoded result, decodes the received encrypted user identifier and date/time when the communication key does not expire, and transmits the date/time encrypted with the communication key to the user terminal.
A related technique is disclosed in, for example, Japanese Laid-open Patent Publication No. 2005-004412.
In the above-described related technique, in order to check the validity of communication between the terminal and the server, the license allocated by the license issuing device is used.
However, in the related technique, security is not sufficiently secured over an illegal access that is made immediately after deployment of a machine.