CA2342196A1 - System and method for auditing in network applications - Google Patents

System and method for auditing in network applications Download PDF

Info

Publication number
CA2342196A1
CA2342196A1 CA002342196A CA2342196A CA2342196A1 CA 2342196 A1 CA2342196 A1 CA 2342196A1 CA 002342196 A CA002342196 A CA 002342196A CA 2342196 A CA2342196 A CA 2342196A CA 2342196 A1 CA2342196 A1 CA 2342196A1
Authority
CA
Canada
Prior art keywords
audit
client
server
user session
responses
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002342196A
Other languages
French (fr)
Other versions
CA2342196C (en
Inventor
Robert Wenig
Igor Tsyganskiy
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SAP SE
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2342196A1 publication Critical patent/CA2342196A1/en
Application granted granted Critical
Publication of CA2342196C publication Critical patent/CA2342196C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Abstract

A system and a method for auditing network applications captures data transmissions between a client (110) and a server (140) during a user session (130). An audit data capture filter captures each request from the client (110) and each response to each request by the server (140). An audit encryption module (1410) encrypts the captured requests and the captured responses using an encryption key and stores them in an audit memory (160). The audit encryption module (1410) additionally outputs parts of the encryption key to the client (110) and to the server (140). An audit decryption module (1520) captures the parts of the encryption key from the client (110) and from the server (140) and decrypts the encrypted requests and the encrypted responses. An audit analysis device can then use the decrypted requests and the decrypted responses to restore the user session (130) so that it is then possible to analyze what has happened during the user session (130). In addition, the audit analysis device can also verify that a particular event has occurred during the user session (130).
CA002342196A 1998-08-28 1999-08-23 System and method for auditing in network applications Expired - Lifetime CA2342196C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09/143,537 1998-08-28
US09/143,537 US6286098B1 (en) 1998-08-28 1998-08-28 System and method for encrypting audit information in network applications
PCT/EP1999/006143 WO2000013371A1 (en) 1998-08-28 1999-08-23 System and method for controlling the operational sequence in network applications

Publications (2)

Publication Number Publication Date
CA2342196A1 true CA2342196A1 (en) 2000-03-09
CA2342196C CA2342196C (en) 2005-11-15

Family

ID=22504501

Family Applications (1)

Application Number Title Priority Date Filing Date
CA002342196A Expired - Lifetime CA2342196C (en) 1998-08-28 1999-08-23 System and method for auditing in network applications

Country Status (8)

Country Link
US (1) US6286098B1 (en)
EP (1) EP1108308B1 (en)
AT (1) ATE308840T1 (en)
AU (1) AU5970299A (en)
CA (1) CA2342196C (en)
DE (1) DE59912743D1 (en)
DK (1) DK1108308T3 (en)
WO (1) WO2000013371A1 (en)

Families Citing this family (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6286030B1 (en) 1998-07-10 2001-09-04 Sap Aktiengesellschaft Systems and methods for recording and visually recreating sessions in a client-server environment
US6286098B1 (en) 1998-08-28 2001-09-04 Sap Aktiengesellschaft System and method for encrypting audit information in network applications
US6496931B1 (en) * 1998-12-31 2002-12-17 Lucent Technologies Inc. Anonymous web site user information communication method
CA2301435C (en) * 1999-04-16 2006-10-10 At&T Corp. Method for reducing congestion in packet-switched networks
US20020023057A1 (en) * 1999-06-01 2002-02-21 Goodwin Johnathan David Web-enabled value bearing item printing
US7149726B1 (en) 1999-06-01 2006-12-12 Stamps.Com Online value bearing item printing
US7233929B1 (en) 1999-10-18 2007-06-19 Stamps.Com Postal system intranet and commerce processing for on-line value bearing system
AU1966801A (en) 1999-10-18 2001-04-30 Stamps.Com Secure and recoverable database for on-line value-bearing item system
US7216110B1 (en) 1999-10-18 2007-05-08 Stamps.Com Cryptographic module for secure processing of value-bearing items
US7236956B1 (en) 1999-10-18 2007-06-26 Stamps.Com Role assignments in a cryptographic module for secure processing of value-bearing items
US6868406B1 (en) * 1999-10-18 2005-03-15 Stamps.Com Auditing method and system for an on-line value-bearing item printing system
US7752141B1 (en) 1999-10-18 2010-07-06 Stamps.Com Cryptographic module for secure processing of value-bearing items
US7240037B1 (en) 1999-10-18 2007-07-03 Stamps.Com Method and apparatus for digitally signing an advertisement area next to a value-bearing item
US7257542B2 (en) 2000-02-16 2007-08-14 Stamps.Com Secure on-line ticketing
US7080077B2 (en) * 2000-07-10 2006-07-18 Oracle International Corporation Localized access
US7124203B2 (en) 2000-07-10 2006-10-17 Oracle International Corporation Selective cache flushing in identity and access management systems
US7134137B2 (en) * 2000-07-10 2006-11-07 Oracle International Corporation Providing data to applications from an access system
US7194764B2 (en) * 2000-07-10 2007-03-20 Oracle International Corporation User authentication
US7249369B2 (en) 2000-07-10 2007-07-24 Oracle International Corporation Post data processing
US7464162B2 (en) 2000-07-10 2008-12-09 Oracle International Corporation Systems and methods for testing whether access to a resource is authorized based on access information
US20040073512A1 (en) * 2001-02-23 2004-04-15 David Maung Unique session storage design
US7185364B2 (en) * 2001-03-21 2007-02-27 Oracle International Corporation Access system interface
US7231661B1 (en) 2001-06-21 2007-06-12 Oracle International Corporation Authorization services with external authentication
US7051046B2 (en) * 2001-08-01 2006-05-23 Roy F. Weston, Inc. System for managing environmental audit information
US20070197664A1 (en) * 2001-11-29 2007-08-23 Steiner Mitchell S Prevention and treatment of androgen-deprivation induced osteoporosis
US7225256B2 (en) 2001-11-30 2007-05-29 Oracle International Corporation Impersonation in an access system
US20030126159A1 (en) * 2001-12-28 2003-07-03 Nwafor John I. Method and system for rollback of software system upgrade
EP1546960A4 (en) * 2002-09-16 2006-04-05 Saudi Arabian Oil Co Electronic banking system
US7359935B1 (en) * 2002-12-20 2008-04-15 Versata Development Group, Inc. Generating contextual user network session history in a dynamic content environment
US8683016B1 (en) 2002-12-20 2014-03-25 Versata Development Group, Inc. Data recording components and processes for acquiring selected web site data
US7272228B2 (en) * 2003-06-12 2007-09-18 International Business Machines Corporation System and method for securing code and ensuring proper execution using state-based encryption
US20040107363A1 (en) * 2003-08-22 2004-06-03 Emergency 24, Inc. System and method for anticipating the trustworthiness of an internet site
US7904487B2 (en) 2003-10-09 2011-03-08 Oracle International Corporation Translating data access requests
US7882132B2 (en) 2003-10-09 2011-02-01 Oracle International Corporation Support for RDBMS in LDAP system
US7929697B2 (en) * 2004-03-09 2011-04-19 Thomson Licensing Secure data transmission via multichannel entitlement management and control
US7899189B2 (en) * 2004-12-09 2011-03-01 International Business Machines Corporation Apparatus, system, and method for transparent end-to-end security of storage data in a client-server environment
US7703144B2 (en) * 2005-04-12 2010-04-20 International Business Machines Corporation Method, apparatus, and program to post process applications encrypting sensitive objects that are logged
US8688813B2 (en) 2006-01-11 2014-04-01 Oracle International Corporation Using identity/resource profile and directory enablers to support identity management
US8583772B2 (en) 2008-08-14 2013-11-12 International Business Machines Corporation Dynamically configurable session agent
US8868533B2 (en) 2006-06-30 2014-10-21 International Business Machines Corporation Method and apparatus for intelligent capture of document object model events
US8127000B2 (en) 2006-06-30 2012-02-28 Tealeaf Technology, Inc. Method and apparatus for monitoring and synchronizing user interface events with network data
US8949406B2 (en) 2008-08-14 2015-02-03 International Business Machines Corporation Method and system for communication between a client system and a server system
US20080047003A1 (en) * 2006-08-02 2008-02-21 Oracle International Corporation Audit system
US9779556B1 (en) 2006-12-27 2017-10-03 Stamps.Com Inc. System and method for identifying and preventing on-line fraud
US8510233B1 (en) 2006-12-27 2013-08-13 Stamps.Com Inc. Postage printer
EP1965346A1 (en) * 2007-03-01 2008-09-03 Accenture Global Services GmbH Sales transaction hub
JP2008219454A (en) * 2007-03-05 2008-09-18 Hitachi Ltd Communication content audit supporting system
US8042055B2 (en) 2007-08-31 2011-10-18 Tealeaf Technology, Inc. Replaying captured network interactions
US20100131752A1 (en) * 2008-11-26 2010-05-27 Ulrich Flegel Method and system for invalidation of cryptographic shares in computer systems
US9934320B2 (en) 2009-03-31 2018-04-03 International Business Machines Corporation Method and apparatus for using proxy objects on webpage overlays to provide alternative webpage actions
US8930818B2 (en) 2009-03-31 2015-01-06 International Business Machines Corporation Visualization of website analytics
US8533532B2 (en) 2010-06-23 2013-09-10 International Business Machines Corporation System identifying and inferring web session events
US8565422B2 (en) * 2010-12-03 2013-10-22 Salesforce.Com, Inc. Method and system for enryption key versioning and key rotation in a multi-tenant environment
CA2824685A1 (en) * 2011-01-28 2012-08-02 Royal Canadian Mint/Monnaie Royale Canadienne Electronic transaction risk management
GB2503595A (en) 2011-02-22 2014-01-01 Ibm On-page manipulation and real-time replacement of content
US20130054462A1 (en) * 2011-08-24 2013-02-28 Volusion, Inc. Ecommerce system with payment data division
US10404615B2 (en) 2012-02-14 2019-09-03 Airwatch, Llc Controlling distribution of resources on a network
US9680763B2 (en) 2012-02-14 2017-06-13 Airwatch, Llc Controlling distribution of resources in a network
US9635094B2 (en) 2012-10-15 2017-04-25 International Business Machines Corporation Capturing and replaying application sessions using resource files
US9536108B2 (en) 2012-10-23 2017-01-03 International Business Machines Corporation Method and apparatus for generating privacy profiles
US9535720B2 (en) 2012-11-13 2017-01-03 International Business Machines Corporation System for capturing and replaying screen gestures
US10474735B2 (en) 2012-11-19 2019-11-12 Acoustic, L.P. Dynamic zooming of content with overlays
US20140280955A1 (en) * 2013-03-14 2014-09-18 Sky Socket, Llc Controlling Electronically Communicated Resources
US11665145B1 (en) * 2014-05-02 2023-05-30 Navroop Mitter Method of providing end to end encryption with auditability
WO2015175854A2 (en) * 2014-05-15 2015-11-19 Cryptyk, Inc. (Trading As Bitsavr Inc.) System and method for digital currency storage, payment and credit
US10032134B2 (en) 2014-10-02 2018-07-24 Sap Se Automated decision making
KR102460096B1 (en) * 2015-05-27 2022-10-27 삼성에스디에스 주식회사 Method and apparatus for managing encryption keys for cloud service
EP3420675B1 (en) 2016-02-23 2020-03-11 Nchain Holdings Limited Blockchain implemented counting system and method for use in secure voting and distribution
JP6925346B2 (en) 2016-02-23 2021-08-25 エヌチェーン ホールディングス リミテッドNchain Holdings Limited Exchange using blockchain-based tokenization
CN108292402B (en) 2016-02-23 2022-10-04 恩链控股有限公司 Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CA3014752A1 (en) 2016-02-23 2017-08-31 nChain Holdings Limited System and method for controlling asset-related actions via a blockchain
CN109314636B (en) 2016-02-23 2022-01-11 区块链控股有限公司 Cryptographic method and system for secure extraction of data from blockchains
BR112018016234A2 (en) * 2016-02-23 2019-01-02 Nchain Holdings Ltd computer-implemented method for controlling access to a resource, computer-based systems and method for controlling access to a digital wallet
US11050568B2 (en) * 2017-08-07 2021-06-29 Eliahu Antopolsky System for encryption and decryption films of personal meetings
US11443310B2 (en) * 2017-12-19 2022-09-13 Paypal, Inc. Encryption based shared architecture for content classification
US20230082233A1 (en) * 2021-09-11 2023-03-16 Meir Dahan Device for recording encrypting and saving videos on external data storage device

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB843449A (en) 1956-09-21 1960-08-04 Fairbanks Morse & Co Improvements in weighing scale arrangements
CA2038244A1 (en) 1990-04-19 1991-10-20 Arthur D. Markowitz Hand held computer terminal
US5825880A (en) * 1994-01-13 1998-10-20 Sudia; Frank W. Multi-step digital signature method and system
JP4083218B2 (en) * 1995-06-05 2008-04-30 サートコ・インコーポレーテッド Multi-step digital signature method and system
WO1996041289A2 (en) * 1995-06-07 1996-12-19 Electronic Data Systems Corporation System and method for electronically auditing point-of-sale transactions
US5848396A (en) 1996-04-26 1998-12-08 Freedom Of Information, Inc. Method and apparatus for determining behavioral profile of a computer user
US5889860A (en) * 1996-11-08 1999-03-30 Sunhawk Corporation, Inc. Encryption system with transaction coded decryption key
US5969632A (en) 1996-11-22 1999-10-19 Diamant; Erez Information security method and apparatus
US5903652A (en) * 1996-11-25 1999-05-11 Microsoft Corporation System and apparatus for monitoring secure information in a computer network
WO1998036520A1 (en) 1997-02-13 1998-08-20 Secure Transaction Solutions, Llc Cryptographic key split combiner
US6286098B1 (en) 1998-08-28 2001-09-04 Sap Aktiengesellschaft System and method for encrypting audit information in network applications

Also Published As

Publication number Publication date
EP1108308A1 (en) 2001-06-20
US6286098B1 (en) 2001-09-04
DE59912743D1 (en) 2005-12-08
ATE308840T1 (en) 2005-11-15
EP1108308B1 (en) 2005-11-02
WO2000013371A1 (en) 2000-03-09
CA2342196C (en) 2005-11-15
AU5970299A (en) 2000-03-21
DK1108308T3 (en) 2006-03-20

Similar Documents

Publication Publication Date Title
CA2342196A1 (en) System and method for auditing in network applications
CN101222509B (en) Data protection transmission method of P2P network
CA2335125A1 (en) System and method for auditing network applications
DE112005003281B4 (en) Electronic signature security system
CN107124281B (en) Data security method and related system
WO2000072500A3 (en) Information encryption system and method
KR960016234A (en) Method and apparatus for free preliminary survey of communication network services
US20030188171A1 (en) Method and apparatus for anonymously tracking TV and internet usage
US20060191009A1 (en) Data encryption/decryption method and monitoring system
RU2004137285A (en) SYSTEMS AND METHODS FOR PROTECTED BIOMETRIC AUTHENTICATION
WO2001089195A3 (en) System and method for secure delivery of rich media
KR20010041400A (en) Transmitting reviews with digital signatures
EP1802025A1 (en) Regular content check method, content transmission/reception system, transmitter, and receiver
CN107577729B (en) Webpage data evidence obtaining method and system based on two channels
CN101977190A (en) Digital content encryption transmission method and server side
CN103237010B (en) The server end of digital content is cryptographically provided
WO2007067839A3 (en) Method and system for managing secure access to data in a network
TWI256226B (en) Data processing system, method and device, computer-readable program recording medium having recorded thereon a data processing program, and recording medium in a data processing system
WO2005057352A3 (en) Secure digital content trading systems and methods
CN103237011B (en) Digital content encryption transmission method and server end
CN101539977A (en) Method for protecting computer software
GB2478554A (en) A digital forensic evidence data capture tool for a cloud computing system
CN116545706B (en) Data security transmission control system, method and device and electronic equipment
JP3674772B2 (en) Multiple server login cooperation system, client device, login management device, server device, and storage medium
CN111935087B (en) Authentication verification method and system for gateway receiving large data volume through industrial internet

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20190823