Unlock instant, AI-driven research and patent intelligence for your innovation.

Design method and device for protecting system logs

A technology of protection system and design method, applied in the direction of computer security device, file system, digital data protection, etc., can solve the problem of server system security threat, and achieve the effect of ensuring security

Inactive Publication Date: 2020-12-08
INSPUR SUZHOU INTELLIGENT TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Most of the system logs of the server are stored in the hard disk, and the hard disk is an important part of hacker attacks. Once the hard disk is hacked, the log files stored in it will be exposed, or after the hacker logs in to the system, the hacker’s actions recorded in the log will be deleted. The operating behavior of the system, etc., will pose a serious threat to the security of the server system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Design method and device for protecting system logs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0018] A 10M log storage space is reserved in a non-volatile dual in-line memory module (NVDIMM, non-volatile dual in-line memory module) for storing system logs.

[0019] The log storage is divided into 3 parts, and these three parts are numbered, and the respective numbers are stored in the non-volatile storage of the encryption chip. When a system log is generated, the content of the system log is randomly stored in a certain part of any log space, and at the same time, the number of the log storage space where the part is located is written into the non-volatile storage of the encryption chip.

[0020] The system encrypts and stores the log content, and the encryption algorithm can use RSA or other internationally recognized security encryption algorithms. If the encryption algorithm uses an asymmetric key, the decryption key is placed in the non-volatile storage of the encryption chip.

[0021] Set a daemon for this log space, and set a set of security attributes for tha...

Embodiment 2

[0025] A design method for protecting system logs, the specific steps of which include:

[0026] S1. The server is powered on.

[0027] S2. Create a 10M log space in NVDIMM.

[0028] S3. The log space is randomly divided into three parts, and the number of each part is stored in the non-volatile storage of the encryption chip.

[0029] S4. When a system log is generated, randomly store the log content in a certain part of the log space, and write the number of the part of the space into the non-volatile storage of the encryption chip.

[0030] S5. Use the RSA encryption algorithm or other internationally recognized security encryption algorithms to encrypt the log file, and store the decryption key in the non-volatile storage of the encryption chip.

[0031] S6. The daemon process copies the log file to the system hard disk every 30 minutes or when the log size reaches 10M.

[0032] S7. When the user accesses the daemon process, the operating system kernel enforces authoriz...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a design method and device for protecting a system log. The method comprises the steps: storing a system log in a memory, wherein a log storage space is reserved in a nonvolatile double in-line memory module, and the log storage space comprises a plurality of storage units with respective numbers; and encrypting and storing the generated system log in one random storage unit, and storing the serial number of the storage unit in a nonvolatile storage unit of an encryption chip, wherein the log storage space is provided with a daemon process, both the daemon process and auser accessing the daemon process are provided with security attributes, the system forcibly implements security attribute matching check on the daemon process and the user, and the daemon process monitors the file size of the system log in real time and calculates a hash value to detect the change of the system log. According to the scheme, malicious software or a hacker can be prevented from attacking a hard disk where the log is located, and obtaining and tampering the important information in the log.

Description

technical field [0001] The invention relates to the technical field of safe storage of computer programs, in particular to a design method and device for protecting system logs. Background technique [0002] In order to ensure failure recovery, the communication equipment will include a log storage system, which is used to generate log files for storage according to specific operations during the operation of the communication equipment, so that when the communication equipment fails, it can be realized according to the recorded log files Recovery. [0003] A traditional log storage system includes a disk system and a file operating system. The file operating system can operate the disk system to store or update or delete log files, and at the same time a log file can only be processed by one process in the file operating system. Processing, that is, when a processing process is processing a log file, the log file needs to be locked to prevent other processing processes fro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60G06F21/62G06F21/64G06F16/18
CPCG06F21/602G06F21/6218G06F21/64G06F16/1815
Inventor 刘平
Owner INSPUR SUZHOU INTELLIGENT TECH CO LTD