Method for auditing safely system log

A system log and security audit technology, applied in the computer field, can solve the problem of unable to prevent adding its own log, unable to prevent attackers from deleting the log, etc., to achieve the effect of improving credibility, eliminating dependencies, and ensuring confidentiality and integrity

Inactive Publication Date: 2007-09-19
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF0 Cites 43 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

We cannot prevent an attacker who has compromised the system from adding his own logs to the logging system in the future, nor can we prevent an attacker from deleting logs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for auditing safely system log
  • Method for auditing safely system log
  • Method for auditing safely system log

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0059] As shown in FIG. 1 : it is a structural diagram of a security audit log in the most simplified mode. In the figure, the security audit daemon module (SLD) and the trusted log service module are located on a virtual platform, which may be Microsoft's next-generation operating system Vista or a system platform based on a microkernel, such as Nizza. The security audit guard module runs on a traditional operating system, such as the windows system. The security audit guard module is responsible for generating log information and interacting with the trusted log service module to ensure that the generated log information is tamper-proof. The security audit guard module stores a pair of public and private key pairs generated by the TPM. The trusted log service module runs in the trusted mode. The trusted log service module stores a pair of public-private key pairs generated by the TPM for signing and authentication of messages. The log service can be verified by the remote ce...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention belonging to computer technology field relates to a security auditing method of system log, which is created and accessed on the virtual platform based on trusted computing. With the help of the trusted platform module, which is a hardware trust root, the system log is created locally and credibly. The trust to server can be transferred to the trusted platform, and the credibility of the trusted platform log storage can be improved by the remote proof and packaging storage property which is provided by the trusted platform. Without relying on a credible third party server, the machine platform can complete high credible security audit. The invention can be widely used in the security audit of computer system.

Description

technical field [0001] The invention belongs to the technical field of computers, relates to computer system security auditing, in particular to a system log security auditing method. Background technique [0002] System logs provide a means of analyzing the past and present state of complex systems, and almost every large system will have a logging mechanism. For attackers, the log is the main attack target, because the log contains some confidential data, such as login and modification records of e-government information websites, bank transaction records, intrusion evidence of attackers, and so on. In most cases, logs are often stored in text files, and the log records are protected by the operating system's access control mechanisms. However, the log protected by this mechanism cannot guarantee the authenticity and integrity of log records, and there are many problems in the backup mechanism, so it is necessary to provide the flexibility of the log system itself and rel...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L12/24
Inventor 冯登国陈小峰张立武
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap