The invention provides security policy generation methods and devices for generating a security policy that is set up for an information processing apparatus comprises a step of generating an application model having a transmitter and a receiver of a message decided, for each of a plurality of messages that are communicated, a step of storing in advance a plurality of security patterns with a signer of electronic signature appended to the message as an undecided parameter, a step of selecting a security pattern that is a model of security policy to be setup for the transmitter or receiver of the message, corresponding to each of the plurality of messages included in the application model, and a step of substituting the identification information of the transmitter or receiver of each message included in the application model for the undecided parameter of the security pattern selected corresponding to the message.