Auditing access to data based on resource properties

A resource and data technology, applied in the field of audit strategy, can solve problems such as flooding system logs and reducing overall system performance

Inactive Publication Date: 2011-09-28
MICROSOFT TECH LICENSING LLC
View PDF5 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the drawback of this approach is that it generates a lot of noise, floods the syslog and reduces overall system performance
As such, this method is only recommended for diagnosing access-denied problems when the source of such errors is not very visible from the user application

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Auditing access to data based on resource properties
  • Auditing access to data based on resource properties
  • Auditing access to data based on resource properties

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] Aspects of the techniques described herein generally configure per-object audit policies for object-based metadata whereby audit triggers are affected by changes to object metadata. Also described allows the definition of audit rules using conditional expressions involving object (resource) attributes, such as sensitivity, creator, project, etc. of a file. When processing a rule, conditional expressions are evaluated against the properties of the object (and possibly based on environmental properties or other state data such as where the access request originates from). An audit event is fired if the expression evaluates to true; object access can also be granted or denied. This allows objects to be audited based on their characteristics independent of their physical location in the system.

[0016] It should be understood that any examples herein are non-limiting. In fact, for purposes of illustration, this article generally describes access to objects / resources in t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an auditing access to data based on resource properties. Described is a technology, such as implemented in an operating system security system, by which a resource's metadata (e.g., including data properties) is evaluated against an audit rule or audit rules associated with that resource (e.g., object). The audit rule may be associated with all such resources corresponding to a resource manager, and / or by a resource-specific audit rule. When a resource is accessed, each audit rule is processed against the metadata to determine whether to generate an audit event for that rule. The audit rule may be in the form of one or more conditional expressions. Audit events may be maintained and queried to obtain audit information for various usage scenarios.

Description

technical field [0001] The invention relates to the security mechanism of the operating system, in particular to the audit policy. Background technique [0002] Auditing access to objects is a valuable part of the operating system's security mechanisms. Security audit events show the history of object access (typically who accessed what and when), helping to diagnose data access. This has practical implications for situations such as forensic investigations of data security breaches in organizations. [0003] To improve system performance and eliminate noise, audit rules are exposed by the operating system. This allows system administrators to specify criteria by which security audit events are triggered. For example, administrators can set audit rules on object access events for specific object types (such as file objects), specific principals (users / groups), access decisions (permit or deny), or specific permissions. [0004] Audit Policies also allows administrators t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00
CPCG06F21/552
Inventor R・P・佩鲁马尔N・本-兹维A・沙缪尔荪J・B・汉姆比林R・卡拉赫Z・李M・H・沃尔尼克C・劳
Owner MICROSOFT TECH LICENSING LLC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap