Unlock instant, AI-driven research and patent intelligence for your innovation.

Credible security log management system in communication network based on process management and control

A communication network and process management technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as lack of security measures, non-compliance with security procedures or system configuration, and achieve the effect of ensuring security and privacy

Pending Publication Date: 2022-05-31
NANJING LIANCHENG TECH DEV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

During an unscheduled security audit, for example as a response to a security incident, log files are analyzed to discover the cause of the incident, such as lack of security measures, non-compliance with security procedures or system configuration, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Credible security log management system in communication network based on process management and control
  • Credible security log management system in communication network based on process management and control
  • Credible security log management system in communication network based on process management and control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Below is further detailed description of the present invention according to accompanying drawing and example:

[0026] Existing threat models do not consider insider attacks and collusion attacks between log generators and log servers. The threat model of the present application integrates and extends existing threat models to protect log files from cyber-attacks in the environment of public communication network operators. For example, one possible threat is that a log generator intentionally sends modified log messages, or, with the active involvement of a log server administrator, intentionally modifies stored logs after they are stored to the log server.

[0027] The threat model of this application assumes that all entities involved in the logging process are semi-trusted, including log generators and log servers that store log files. As long as the attacker does not have access to the keys used, the chances of an attacker decrypting a message or forging a signatu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a trusted security log management system in a communication network based on process management and control, which is characterized in that trusted security log management of communication of the communication network is realized by adopting a log reference model, and the trusted security log management is realized at the moment from a reconnaissance stage to a malicious code permission improvement stage. A log tamper-proof scheme independent of special safety hardware or a distributed system is adopted, two different storage devices including alpha and beta are used, alpha is a log server, an HMAC (key, msg) algorithm is adopted, the output of the HMAC algorithm is written into the tail of a log in an additional mode and stored in the log server alpha, beta is an external storage device, and the output of the HMAC algorithm is written into the tail of the log and stored in the log server alpha. The invention discloses a log verification system, which is physically disconnected from the system, is stored in a safe place and is used for verifying a log in the future, and the system also comprises an acquisition server, a log server, a signature server, a network node and beta equipment. According to the invention, the security privacy of a communication network of an operator can be ensured.

Description

technical field [0001] The present invention relates to the technical fields of network security, SOC (Security operation center), process control, encryption, forward integrity (forward integrity), and trusted log generator, and in particular relates to a process control-based communication network. A system for security log management. Background technique [0002] Communication privacy is considered a valuable asset by communication network operators such as Internet operators, fixed and mobile operators. In fact, breaches of user privacy can have serious repercussions, with commercial and legal consequences. In addition, security incidents in communication networks may also lead to service abuse and financial losses for service operators. For these reasons, communication network operators typically perform security audits through technical and procedural measures to verify and maintain an acceptable level of security in order to protect the security and privacy of citi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L9/32H04L41/0213
CPCH04L63/1416H04L63/08H04L9/3236H04L9/3247H04L41/0213
Inventor 林薇
Owner NANJING LIANCHENG TECH DEV