CA2342196A1 - System and method for auditing in network applications - Google Patents

System and method for auditing in network applications Download PDF

Info

Publication number
CA2342196A1
CA2342196A1 CA002342196A CA2342196A CA2342196A1 CA 2342196 A1 CA2342196 A1 CA 2342196A1 CA 002342196 A CA002342196 A CA 002342196A CA 2342196 A CA2342196 A CA 2342196A CA 2342196 A1 CA2342196 A1 CA 2342196A1
Authority
CA
Canada
Prior art keywords
audit
client
server
user session
responses
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002342196A
Other languages
French (fr)
Other versions
CA2342196C (en
Inventor
Robert Wenig
Igor Tsyganskiy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SAP SE
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2342196A1 publication Critical patent/CA2342196A1/en
Application granted granted Critical
Publication of CA2342196C publication Critical patent/CA2342196C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Abstract

A system and a method for auditing network applications captures data transmissions between a client (110) and a server (140) during a user session (130). An audit data capture filter captures each request from the client (110) and each response to each request by the server (140). An audit encryption module (1410) encrypts the captured requests and the captured responses using an encryption key and stores them in an audit memory (160). The audit encryption module (1410) additionally outputs parts of the encryption key to the client (110) and to the server (140). An audit decryption module (1520) captures the parts of the encryption key from the client (110) and from the server (140) and decrypts the encrypted requests and the encrypted responses. An audit analysis device can then use the decrypted requests and the decrypted responses to restore the user session (130) so that it is then possible to analyze what has happened during the user session (130). In addition, the audit analysis device can also verify that a particular event has occurred during the user session (130).
CA002342196A 1998-08-28 1999-08-23 System and method for auditing in network applications Expired - Lifetime CA2342196C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/143,537 US6286098B1 (en) 1998-08-28 1998-08-28 System and method for encrypting audit information in network applications
US09/143,537 1998-08-28
PCT/EP1999/006143 WO2000013371A1 (en) 1998-08-28 1999-08-23 System and method for controlling the operational sequence in network applications

Publications (2)

Publication Number Publication Date
CA2342196A1 true CA2342196A1 (en) 2000-03-09
CA2342196C CA2342196C (en) 2005-11-15

Family

ID=22504501

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002342196A Expired - Lifetime CA2342196C (en) 1998-08-28 1999-08-23 System and method for auditing in network applications

Country Status (8)

Country Link
US (1) US6286098B1 (en)
EP (1) EP1108308B1 (en)
AT (1) ATE308840T1 (en)
AU (1) AU5970299A (en)
CA (1) CA2342196C (en)
DE (1) DE59912743D1 (en)
DK (1) DK1108308T3 (en)
WO (1) WO2000013371A1 (en)

Families Citing this family (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6286030B1 (en) 1998-07-10 2001-09-04 Sap Aktiengesellschaft Systems and methods for recording and visually recreating sessions in a client-server environment
US6286098B1 (en) 1998-08-28 2001-09-04 Sap Aktiengesellschaft System and method for encrypting audit information in network applications
US6496931B1 (en) * 1998-12-31 2002-12-17 Lucent Technologies Inc. Anonymous web site user information communication method
CA2301435C (en) * 1999-04-16 2006-10-10 At&T Corp. Method for reducing congestion in packet-switched networks
US7149726B1 (en) 1999-06-01 2006-12-12 Stamps.Com Online value bearing item printing
US20020023057A1 (en) * 1999-06-01 2002-02-21 Goodwin Johnathan David Web-enabled value bearing item printing
US7216110B1 (en) 1999-10-18 2007-05-08 Stamps.Com Cryptographic module for secure processing of value-bearing items
US6868406B1 (en) * 1999-10-18 2005-03-15 Stamps.Com Auditing method and system for an on-line value-bearing item printing system
US7236956B1 (en) 1999-10-18 2007-06-26 Stamps.Com Role assignments in a cryptographic module for secure processing of value-bearing items
US7233929B1 (en) 1999-10-18 2007-06-19 Stamps.Com Postal system intranet and commerce processing for on-line value bearing system
US7240037B1 (en) 1999-10-18 2007-07-03 Stamps.Com Method and apparatus for digitally signing an advertisement area next to a value-bearing item
WO2001029775A1 (en) 1999-10-18 2001-04-26 Stamps.Com Cryptographic module for secure processing of value-bearing items
AU1966801A (en) 1999-10-18 2001-04-30 Stamps.Com Secure and recoverable database for on-line value-bearing item system
WO2001061652A2 (en) 2000-02-16 2001-08-23 Stamps.Com Secure on-line ticketing
US7249369B2 (en) 2000-07-10 2007-07-24 Oracle International Corporation Post data processing
US7464162B2 (en) 2000-07-10 2008-12-09 Oracle International Corporation Systems and methods for testing whether access to a resource is authorized based on access information
US7194764B2 (en) 2000-07-10 2007-03-20 Oracle International Corporation User authentication
US7134137B2 (en) * 2000-07-10 2006-11-07 Oracle International Corporation Providing data to applications from an access system
US7080077B2 (en) * 2000-07-10 2006-07-18 Oracle International Corporation Localized access
US7124203B2 (en) 2000-07-10 2006-10-17 Oracle International Corporation Selective cache flushing in identity and access management systems
US20040073512A1 (en) * 2001-02-23 2004-04-15 David Maung Unique session storage design
US7185364B2 (en) * 2001-03-21 2007-02-27 Oracle International Corporation Access system interface
US7231661B1 (en) 2001-06-21 2007-06-12 Oracle International Corporation Authorization services with external authentication
US7051046B2 (en) * 2001-08-01 2006-05-23 Roy F. Weston, Inc. System for managing environmental audit information
US20070197664A1 (en) * 2001-11-29 2007-08-23 Steiner Mitchell S Prevention and treatment of androgen-deprivation induced osteoporosis
US7225256B2 (en) 2001-11-30 2007-05-29 Oracle International Corporation Impersonation in an access system
US20030126159A1 (en) * 2001-12-28 2003-07-03 Nwafor John I. Method and system for rollback of software system upgrade
US20060112011A1 (en) * 2002-09-16 2006-05-25 Al-Ali Abdulhadi M Electronic banking system
US7359935B1 (en) * 2002-12-20 2008-04-15 Versata Development Group, Inc. Generating contextual user network session history in a dynamic content environment
US8683016B1 (en) 2002-12-20 2014-03-25 Versata Development Group, Inc. Data recording components and processes for acquiring selected web site data
US7272228B2 (en) * 2003-06-12 2007-09-18 International Business Machines Corporation System and method for securing code and ensuring proper execution using state-based encryption
US20040107363A1 (en) * 2003-08-22 2004-06-03 Emergency 24, Inc. System and method for anticipating the trustworthiness of an internet site
US7882132B2 (en) 2003-10-09 2011-02-01 Oracle International Corporation Support for RDBMS in LDAP system
US7904487B2 (en) 2003-10-09 2011-03-08 Oracle International Corporation Translating data access requests
EP1723741B1 (en) * 2004-03-09 2013-07-10 Thomson Licensing Secure data transmission via multichannel entitlement management and control
US7899189B2 (en) * 2004-12-09 2011-03-01 International Business Machines Corporation Apparatus, system, and method for transparent end-to-end security of storage data in a client-server environment
US7703144B2 (en) * 2005-04-12 2010-04-20 International Business Machines Corporation Method, apparatus, and program to post process applications encrypting sensitive objects that are logged
US8688813B2 (en) 2006-01-11 2014-04-01 Oracle International Corporation Using identity/resource profile and directory enablers to support identity management
US8583772B2 (en) * 2008-08-14 2013-11-12 International Business Machines Corporation Dynamically configurable session agent
US8868533B2 (en) 2006-06-30 2014-10-21 International Business Machines Corporation Method and apparatus for intelligent capture of document object model events
US8949406B2 (en) 2008-08-14 2015-02-03 International Business Machines Corporation Method and system for communication between a client system and a server system
US8127000B2 (en) 2006-06-30 2012-02-28 Tealeaf Technology, Inc. Method and apparatus for monitoring and synchronizing user interface events with network data
US20080047003A1 (en) * 2006-08-02 2008-02-21 Oracle International Corporation Audit system
US8510233B1 (en) 2006-12-27 2013-08-13 Stamps.Com Inc. Postage printer
US9779556B1 (en) 2006-12-27 2017-10-03 Stamps.Com Inc. System and method for identifying and preventing on-line fraud
CA2623331C (en) * 2007-03-01 2015-11-24 Accenture Global Services Gmbh Sales transaction hub
JP2008219454A (en) * 2007-03-05 2008-09-18 Hitachi Ltd Communication content audit supporting system
US8042055B2 (en) 2007-08-31 2011-10-18 Tealeaf Technology, Inc. Replaying captured network interactions
US20100131752A1 (en) * 2008-11-26 2010-05-27 Ulrich Flegel Method and system for invalidation of cryptographic shares in computer systems
US9934320B2 (en) 2009-03-31 2018-04-03 International Business Machines Corporation Method and apparatus for using proxy objects on webpage overlays to provide alternative webpage actions
US8930818B2 (en) 2009-03-31 2015-01-06 International Business Machines Corporation Visualization of website analytics
US8533532B2 (en) 2010-06-23 2013-09-10 International Business Machines Corporation System identifying and inferring web session events
US8565422B2 (en) * 2010-12-03 2013-10-22 Salesforce.Com, Inc. Method and system for enryption key versioning and key rotation in a multi-tenant environment
EP2668745A4 (en) * 2011-01-28 2016-02-17 Royal Canadian Mint Monnaie Royale Canadienne Electronic transaction risk management
DE112012000944B4 (en) 2011-02-22 2017-02-09 International Business Machines Corporation Web-based editing and web content sharing in real time
US20130054462A1 (en) * 2011-08-24 2013-02-28 Volusion, Inc. Ecommerce system with payment data division
US9680763B2 (en) 2012-02-14 2017-06-13 Airwatch, Llc Controlling distribution of resources in a network
US10404615B2 (en) 2012-02-14 2019-09-03 Airwatch, Llc Controlling distribution of resources on a network
US9635094B2 (en) 2012-10-15 2017-04-25 International Business Machines Corporation Capturing and replaying application sessions using resource files
US9536108B2 (en) 2012-10-23 2017-01-03 International Business Machines Corporation Method and apparatus for generating privacy profiles
US9535720B2 (en) 2012-11-13 2017-01-03 International Business Machines Corporation System for capturing and replaying screen gestures
US10474735B2 (en) 2012-11-19 2019-11-12 Acoustic, L.P. Dynamic zooming of content with overlays
US20140280955A1 (en) * 2013-03-14 2014-09-18 Sky Socket, Llc Controlling Electronically Communicated Resources
US11665145B1 (en) * 2014-05-02 2023-05-30 Navroop Mitter Method of providing end to end encryption with auditability
WO2015175854A2 (en) * 2014-05-15 2015-11-19 Cryptyk, Inc. (Trading As Bitsavr Inc.) System and method for digital currency storage, payment and credit
US10032134B2 (en) 2014-10-02 2018-07-24 Sap Se Automated decision making
KR102460096B1 (en) * 2015-05-27 2022-10-27 삼성에스디에스 주식회사 Method and apparatus for managing encryption keys for cloud service
MX2018010050A (en) 2016-02-23 2019-01-21 Nchain Holdings Ltd Agent-based turing complete transactions integrating feedback within a blockchain system.
JP6995762B2 (en) 2016-02-23 2022-01-17 エヌチェーン ホールディングス リミテッド Cryptographic methods and systems for the secure extraction of data from the blockchain
JP6515246B2 (en) 2016-02-23 2019-05-15 エヌチェーン ホールディングス リミテッドNchain Holdings Limited Determination of common secrets for the secure exchange of information and hierarchical and deterministic encryption keys
BR112018016822A2 (en) 2016-02-23 2018-12-26 Nchain Holdings Ltd computer-implemented method for performing an entity exchange between a first user and a second user, processor, and computer readable medium
US11606219B2 (en) 2016-02-23 2023-03-14 Nchain Licensing Ag System and method for controlling asset-related actions via a block chain
SG11201805542TA (en) * 2016-02-23 2018-09-27 Nchain Holdings Ltd Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system
US11050568B2 (en) * 2017-08-07 2021-06-29 Eliahu Antopolsky System for encryption and decryption films of personal meetings
US11443310B2 (en) * 2017-12-19 2022-09-13 Paypal, Inc. Encryption based shared architecture for content classification
US20230082233A1 (en) * 2021-09-11 2023-03-16 Meir Dahan Device for recording encrypting and saving videos on external data storage device

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB843449A (en) 1956-09-21 1960-08-04 Fairbanks Morse & Co Improvements in weighing scale arrangements
CA2038244A1 (en) 1990-04-19 1991-10-20 Arthur D. Markowitz Hand held computer terminal
US5825880A (en) * 1994-01-13 1998-10-20 Sudia; Frank W. Multi-step digital signature method and system
KR19990022451A (en) * 1995-06-05 1999-03-25 피터 씨. 프레운드 Multilevel digital signature method and system
WO1996041289A2 (en) * 1995-06-07 1996-12-19 Electronic Data Systems Corporation System and method for electronically auditing point-of-sale transactions
US5848396A (en) 1996-04-26 1998-12-08 Freedom Of Information, Inc. Method and apparatus for determining behavioral profile of a computer user
US5889860A (en) * 1996-11-08 1999-03-30 Sunhawk Corporation, Inc. Encryption system with transaction coded decryption key
US5969632A (en) 1996-11-22 1999-10-19 Diamant; Erez Information security method and apparatus
US5903652A (en) * 1996-11-25 1999-05-11 Microsoft Corporation System and apparatus for monitoring secure information in a computer network
WO1998036520A1 (en) 1997-02-13 1998-08-20 Secure Transaction Solutions, Llc Cryptographic key split combiner
US6286098B1 (en) 1998-08-28 2001-09-04 Sap Aktiengesellschaft System and method for encrypting audit information in network applications

Also Published As

Publication number Publication date
ATE308840T1 (en) 2005-11-15
DE59912743D1 (en) 2005-12-08
CA2342196C (en) 2005-11-15
EP1108308B1 (en) 2005-11-02
DK1108308T3 (en) 2006-03-20
WO2000013371A1 (en) 2000-03-09
AU5970299A (en) 2000-03-21
US6286098B1 (en) 2001-09-04
EP1108308A1 (en) 2001-06-20

Similar Documents

Publication Publication Date Title
CA2342196A1 (en) System and method for auditing in network applications
CN101222509B (en) Data protection transmission method of P2P network
CA2335125A1 (en) System and method for auditing network applications
DE112005003281B4 (en) Electronic signature security system
CN107124281B (en) Data security method and related system
WO2000072500A3 (en) Information encryption system and method
US20030188171A1 (en) Method and apparatus for anonymously tracking TV and internet usage
US20060191009A1 (en) Data encryption/decryption method and monitoring system
RU2004137285A (en) SYSTEMS AND METHODS FOR PROTECTED BIOMETRIC AUTHENTICATION
WO2001089195A3 (en) System and method for secure delivery of rich media
KR20010041400A (en) Transmitting reviews with digital signatures
EP1802025A1 (en) Regular content check method, content transmission/reception system, transmitter, and receiver
CN107577729B (en) Webpage data evidence obtaining method and system based on two channels
RU2005105579A (en) HIGHLY RELIABLE BIOMETRIC DEVICE
WO2007067839A3 (en) Method and system for managing secure access to data in a network
TWI256226B (en) Data processing system, method and device, computer-readable program recording medium having recorded thereon a data processing program, and recording medium in a data processing system
WO2005057352A3 (en) Secure digital content trading systems and methods
CN103237011B (en) Digital content encryption transmission method and server end
CN101539977A (en) Method for protecting computer software
GB2478554A (en) A digital forensic evidence data capture tool for a cloud computing system
CN116545706A (en) Data security transmission control system, method and device and electronic equipment
JP3674772B2 (en) Multiple server login cooperation system, client device, login management device, server device, and storage medium
CN111935087B (en) Authentication verification method and system for gateway receiving large data volume through industrial internet
CN1633067A (en) A method of network data transmission
US7890751B1 (en) Method and system for increasing data access in a secure socket layer network environment

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20190823