WO2004066082A3 - Digital asset usage accountability via event journaling - Google Patents

Digital asset usage accountability via event journaling Download PDF

Info

Publication number
WO2004066082A3
WO2004066082A3 PCT/US2004/001454 US2004001454W WO2004066082A3 WO 2004066082 A3 WO2004066082 A3 WO 2004066082A3 US 2004001454 W US2004001454 W US 2004001454W WO 2004066082 A3 WO2004066082 A3 WO 2004066082A3
Authority
WO
WIPO (PCT)
Prior art keywords
access
files
events
accountability
low level
Prior art date
Application number
PCT/US2004/001454
Other languages
French (fr)
Other versions
WO2004066082A2 (en
Inventor
Nicholas Stamos
Seth N Birnbaum
Tomas Revesz Jr
Donato Buccella
Keith A Macdonald
Dwayne A Carson
William E Fletcher
Original Assignee
Verdasys Inc
Nicholas Stamos
Seth N Birnbaum
Tomas Revesz Jr
Donato Buccella
Keith A Macdonald
Dwayne A Carson
William E Fletcher
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Verdasys Inc, Nicholas Stamos, Seth N Birnbaum, Tomas Revesz Jr, Donato Buccella, Keith A Macdonald, Dwayne A Carson, William E Fletcher filed Critical Verdasys Inc
Priority to JP2006501056A priority Critical patent/JP4667359B2/en
Priority to CA2553429A priority patent/CA2553429C/en
Priority to EP04704027A priority patent/EP1590735A4/en
Publication of WO2004066082A2 publication Critical patent/WO2004066082A2/en
Publication of WO2004066082A3 publication Critical patent/WO2004066082A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting

Abstract

A technique for establishing a perimeter of accountability for usage of digital assets such as data files. The accountability model not only tracks authorized users' access to files, but monitors passage of such files to uncontrollable removable storage media or through network connections and the like which may indicate possible abuse of access. In accordance with a preferred embodiment, an autonomous independent agent process running at a point of use, such as in the background of a client operating system kernel, interrupts requests for access to resources. The agent process ( figure 2 , 300) senses low level system events, filters, aggregates them, and makes reports to a journaling server. The journaling server (figure 2 , 104-2) analyzes sequences of low level events to detect when aggregate events (figure 2, 310) of interest occur, such as 'FileEdit', network file transfers and the like. Reports can be generated to provide an understanding of how digital assets have been accessed, used or communicated by individuals in an enterprise.
PCT/US2004/001454 2003-01-23 2004-01-21 Digital asset usage accountability via event journaling WO2004066082A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP2006501056A JP4667359B2 (en) 2003-01-23 2004-01-21 Digital asset usage accountability by journalizing events
CA2553429A CA2553429C (en) 2003-01-23 2004-01-21 Digital asset usage accountability via event journaling
EP04704027A EP1590735A4 (en) 2003-01-23 2004-01-21 Digital asset usage accountability via event journaling

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US44246403P 2003-01-23 2003-01-23
US60/442,464 2003-01-23
US65557303A 2003-09-04 2003-09-04
US10/655,573 2003-09-04
US10/716,336 US7472272B2 (en) 2003-01-23 2003-11-18 Digital asset usage accountability via event journaling
US10/716,336 2003-11-18

Publications (2)

Publication Number Publication Date
WO2004066082A2 WO2004066082A2 (en) 2004-08-05
WO2004066082A3 true WO2004066082A3 (en) 2005-03-10

Family

ID=32777025

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/001454 WO2004066082A2 (en) 2003-01-23 2004-01-21 Digital asset usage accountability via event journaling

Country Status (5)

Country Link
US (2) US7472272B2 (en)
EP (1) EP1590735A4 (en)
JP (1) JP4667359B2 (en)
CA (1) CA2553429C (en)
WO (1) WO2004066082A2 (en)

Families Citing this family (58)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7472272B2 (en) * 2003-01-23 2008-12-30 Verdasys, Inc. Digital asset usage accountability via event journaling
US7814021B2 (en) * 2003-01-23 2010-10-12 Verdasys, Inc. Managed distribution of digital assets
US7100047B2 (en) * 2003-01-23 2006-08-29 Verdasys, Inc. Adaptive transparent encryption
US20040243920A1 (en) * 2003-05-29 2004-12-02 Kabushiki Kaisha Toshiba Document input/output journal management system and method
WO2004108180A1 (en) * 2003-06-04 2004-12-16 Inion Ltd Biodegradable implant and method for manufacturing one
CN1922622A (en) * 2004-02-26 2007-02-28 西门子医疗健康服务公司 System and method for processing audit records
US7765558B2 (en) * 2004-07-06 2010-07-27 Authentium, Inc. System and method for handling an event in a computer system
US8341649B2 (en) * 2004-07-06 2012-12-25 Wontok, Inc. System and method for handling an event in a computer system
US7552179B2 (en) * 2004-09-20 2009-06-23 Microsoft Corporation Envelope e-mail journaling with best effort recipient updates
US7496575B2 (en) * 2004-11-22 2009-02-24 Verdasys, Inc. Application instrumentation and monitoring
US7657624B2 (en) * 2005-06-22 2010-02-02 Hewlett-Packard Development Company, L.P. Network usage management system and method
US20070168349A1 (en) * 2005-09-30 2007-07-19 Microsoft Corporation Schema for template based management system
US7899903B2 (en) 2005-09-30 2011-03-01 Microsoft Corporation Template based management system
US8312552B1 (en) 2005-12-15 2012-11-13 Emc Corporation Method and system for rendering watermarked content
US8526666B1 (en) * 2005-12-15 2013-09-03 Emc Corporation Method and system for rendering watermarked content using a watermark window
US20070162417A1 (en) * 2006-01-10 2007-07-12 Kabushiki Kaisha Toshiba System and method for selective access to restricted electronic documents
JP2007241513A (en) * 2006-03-07 2007-09-20 Japan Lucida Co Ltd Equipment monitoring device
JP5003131B2 (en) * 2006-12-04 2012-08-15 富士ゼロックス株式会社 Document providing system and information providing program
US7743140B2 (en) * 2006-12-08 2010-06-22 International Business Machines Corporation Binding processes in a non-uniform memory access system
US8051204B2 (en) 2007-04-05 2011-11-01 Hitachi, Ltd. Information asset management system, log analysis server, log analysis program, and portable medium
JP4857199B2 (en) * 2007-04-05 2012-01-18 株式会社日立製作所 Information asset management system, log analysis device, and log analysis program
US7610459B2 (en) 2007-04-11 2009-10-27 International Business Machines Corporation Maintain owning application information of data for a data storage system
US7613888B2 (en) 2007-04-11 2009-11-03 International Bsuiness Machines Corporation Maintain owning application information of data for a data storage system
JP2009042856A (en) * 2007-08-07 2009-02-26 Fuji Xerox Co Ltd Document management device, document management system, and program
US8032497B2 (en) 2007-09-26 2011-10-04 International Business Machines Corporation Method and system providing extended and end-to-end data integrity through database and other system layers
US8959624B2 (en) * 2007-10-31 2015-02-17 Bank Of America Corporation Executable download tracking system
KR100985076B1 (en) * 2008-04-16 2010-10-04 주식회사 안철수연구소 Apparatus and method for protecting data in usb devices
WO2009151888A2 (en) * 2008-05-19 2009-12-17 Authentium, Inc. Secure virtualization system software
US9256899B2 (en) * 2010-01-15 2016-02-09 Dell Products, L.P. System and method for separation of software purchase from fulfillment
US10387927B2 (en) 2010-01-15 2019-08-20 Dell Products L.P. System and method for entitling digital assets
US9235399B2 (en) * 2010-01-15 2016-01-12 Dell Products L.P. System and method for manufacturing and personalizing computing devices
US8793789B2 (en) * 2010-07-22 2014-07-29 Bank Of America Corporation Insider threat correlation tool
US8800034B2 (en) 2010-01-26 2014-08-05 Bank Of America Corporation Insider threat correlation tool
US8782209B2 (en) 2010-01-26 2014-07-15 Bank Of America Corporation Insider threat correlation tool
US9038187B2 (en) * 2010-01-26 2015-05-19 Bank Of America Corporation Insider threat correlation tool
US8170783B2 (en) 2010-03-16 2012-05-01 Dell Products L.P. System and method for handling software activation in entitlement
US8782794B2 (en) 2010-04-16 2014-07-15 Bank Of America Corporation Detecting secure or encrypted tunneling in a computer network
US8544100B2 (en) 2010-04-16 2013-09-24 Bank Of America Corporation Detecting secure or encrypted tunneling in a computer network
US8805847B2 (en) 2010-05-06 2014-08-12 Ca, Inc. Journal event consolidation
US8099596B1 (en) * 2011-06-30 2012-01-17 Kaspersky Lab Zao System and method for malware protection using virtualization
US9552201B2 (en) * 2011-08-31 2017-01-24 Avaya Inc. System and method for incremental software installation
US8452901B1 (en) * 2011-12-30 2013-05-28 Emc Corporation Ordered kernel queue for multipathing events
EP3416071B1 (en) * 2012-01-24 2021-11-03 Varonis Systems, Inc. A method and apparatus for authentication of file read events
US10152492B1 (en) * 2012-03-30 2018-12-11 EMC IP Holding Company LLC Extended recycle bin for versioning
US20130282775A1 (en) * 2012-04-23 2013-10-24 Abb Technology Ag. Data manager centralized storage for multiple service applications
US9736121B2 (en) 2012-07-16 2017-08-15 Owl Cyber Defense Solutions, Llc File manifest filter for unidirectional transfer of files
US9779219B2 (en) 2012-08-09 2017-10-03 Dell Products L.P. Method and system for late binding of option features associated with a device using at least in part license and unique ID information
US8776254B1 (en) 2013-01-23 2014-07-08 Owl Computing Technologies, Inc. System and method for the secure unidirectional transfer of software and software updates
US10218586B2 (en) 2013-01-23 2019-02-26 Owl Cyber Defense Solutions, Llc System and method for enabling the capture and securing of dynamically selected digital information
US9306953B2 (en) 2013-02-19 2016-04-05 Owl Computing Technologies, Inc. System and method for secure unidirectional transfer of commands to control equipment
US9779237B2 (en) * 2013-03-15 2017-10-03 Netiq Corporation Detection of non-volatile changes to a resource
CN103414698B (en) * 2013-07-22 2016-08-10 北京星网锐捷网络技术有限公司 Session stream aging method and device
US9311329B2 (en) 2014-06-05 2016-04-12 Owl Computing Technologies, Inc. System and method for modular and continuous data assurance
JP6415353B2 (en) * 2015-03-02 2018-10-31 キヤノン株式会社 Information processing apparatus, information processing apparatus control method, and computer program
US10318364B2 (en) * 2017-02-23 2019-06-11 Visual Process Limited Methods and systems for problem-alert aggregation
US10764315B1 (en) * 2019-05-08 2020-09-01 Capital One Services, Llc Virtual private cloud flow log event fingerprinting and aggregation
US11379421B1 (en) * 2019-06-25 2022-07-05 Amazon Technologies, Inc. Generating readable, compressed event trace logs from raw event trace logs
US20230300112A1 (en) * 2022-03-21 2023-09-21 Sophos Limited Aggregating security events

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020178271A1 (en) * 2000-11-20 2002-11-28 Graham Todd D. Dynamic file access control and management

Family Cites Families (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US178271A (en) * 1876-06-06 Improvement in steam fire-escapes
US5032979A (en) * 1990-06-22 1991-07-16 International Business Machines Corporation Distributed security auditing subsystem for an operating system
US5666411A (en) 1994-01-13 1997-09-09 Mccarty; Johnnie C. System for computer software protection
JP3453842B2 (en) 1994-04-26 2003-10-06 三菱電機株式会社 Secure system
DE69637733D1 (en) 1995-02-13 2008-12-11 Intertrust Tech Corp SYSTEMS AND METHOD FOR SAFE TRANSMISSION
US7165174B1 (en) * 1995-02-13 2007-01-16 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US5897635A (en) * 1995-06-07 1999-04-27 International Business Machines Corp. Single access to common user/application information
US5692124A (en) 1996-08-30 1997-11-25 Itt Industries, Inc. Support of limited write downs through trustworthy predictions in multilevel security of computer network communications
JPH1117915A (en) * 1997-06-27 1999-01-22 Fuji Xerox Co Ltd Image processor
US7092914B1 (en) * 1997-11-06 2006-08-15 Intertrust Technologies Corporation Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
US6513155B1 (en) * 1997-12-12 2003-01-28 International Business Machines Corporation Method and system for merging event-based data and sampled data into postprocessed trace output
US6192403B1 (en) * 1997-12-23 2001-02-20 At&T Corp Method and apparatus for adaptive monitor and support system
JP4763866B2 (en) 1998-10-15 2011-08-31 インターシア ソフトウェア エルエルシー Method and apparatus for protecting digital data by double re-encryption
GB2342734A (en) * 1998-10-17 2000-04-19 Ibm Managing timer objects in an event-driven system
US6118862A (en) * 1998-10-23 2000-09-12 Toshiba America Information Systems, Inc. Computer telephony system and method
US6510513B1 (en) * 1999-01-13 2003-01-21 Microsoft Corporation Security services and policy enforcement for electronic data
US6340977B1 (en) * 1999-05-07 2002-01-22 Philip Lui System and method for dynamic assistance in software applications using behavior and host application models
US7472349B1 (en) * 1999-06-01 2008-12-30 Oracle International Corporation Dynamic services infrastructure for allowing programmatic access to internet and other resources
JP3546787B2 (en) * 1999-12-16 2004-07-28 インターナショナル・ビジネス・マシーンズ・コーポレーション Access control system, access control method, and storage medium
US20020002609A1 (en) * 1999-12-29 2002-01-03 Chung David W. Telecommunications operating system
JP4177957B2 (en) * 2000-03-22 2008-11-05 日立オムロンターミナルソリューションズ株式会社 Access control system
IL152502A0 (en) * 2000-04-28 2003-05-29 Internet Security Systems Inc Method and system for managing computer security information
US6438575B1 (en) * 2000-06-07 2002-08-20 Clickmarks, Inc. System, method, and article of manufacture for wireless enablement of the world wide web using a wireless gateway
US6990513B2 (en) * 2000-06-22 2006-01-24 Microsoft Corporation Distributed computing services platform
US6678883B1 (en) * 2000-07-10 2004-01-13 International Business Machines Corporation Apparatus and method for creating a trace file for a trace of a computer program based on loaded module information
US20020052981A1 (en) * 2000-08-31 2002-05-02 Fujitsu Limited Method for suppressing a menu, method for controlling copying and moving of data and computer-readable recording medium recorded with program code for controlling a menu
GB0024919D0 (en) * 2000-10-11 2000-11-22 Sealedmedia Ltd Method of further securing an operating system
JP2002175210A (en) 2000-12-07 2002-06-21 Toyo Commun Equip Co Ltd Method of transferring and copying, and enciphering and deciphering data
US20030051026A1 (en) 2001-01-19 2003-03-13 Carter Ernst B. Network surveillance and security system
GB0102515D0 (en) * 2001-01-31 2001-03-21 Hewlett Packard Co Network adapter management
JP4089171B2 (en) * 2001-04-24 2008-05-28 株式会社日立製作所 Computer system
US7231378B2 (en) * 2001-04-26 2007-06-12 General Electric Company System and method for managing user profiles
US6839896B2 (en) * 2001-06-29 2005-01-04 International Business Machines Corporation System and method for providing dialog management and arbitration in a multi-modal environment
US7281020B2 (en) 2001-12-12 2007-10-09 Naomi Fine Proprietary information identification, management and protection
US7398389B2 (en) * 2001-12-20 2008-07-08 Coretrace Corporation Kernel-based network security infrastructure
US20030169306A1 (en) * 2002-03-07 2003-09-11 Nokia Corporation Creating a screen saver from downloadable applications on mobile devices
US8463617B2 (en) * 2002-06-03 2013-06-11 Hewlett-Packard Development Company, L.P. Network subscriber usage recording system
US7281011B1 (en) * 2002-07-31 2007-10-09 At&T Bls Intellectual Property, Inc. Computer-readable medium and data structure for defining and communicating a standard operating environment
AU2003265811A1 (en) * 2002-08-26 2004-03-11 Guardednet, Inc. Determining threat level associated with network activity
JP2004126634A (en) * 2002-09-30 2004-04-22 Nec Software Chubu Ltd File protection system
US7472272B2 (en) 2003-01-23 2008-12-30 Verdasys, Inc. Digital asset usage accountability via event journaling
US7100047B2 (en) * 2003-01-23 2006-08-29 Verdasys, Inc. Adaptive transparent encryption
US7814021B2 (en) 2003-01-23 2010-10-12 Verdasys, Inc. Managed distribution of digital assets
US7350186B2 (en) * 2003-03-10 2008-03-25 International Business Machines Corporation Methods and apparatus for managing computing deployment in presence of variable workload
US7974937B2 (en) * 2007-05-17 2011-07-05 Rockwell Automation Technologies, Inc. Adaptive embedded historians with aggregator component

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020178271A1 (en) * 2000-11-20 2002-11-28 Graham Todd D. Dynamic file access control and management

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1590735A4 *

Also Published As

Publication number Publication date
EP1590735A4 (en) 2011-04-20
JP2006518893A (en) 2006-08-17
JP4667359B2 (en) 2011-04-13
US7472272B2 (en) 2008-12-30
US20040255160A1 (en) 2004-12-16
US7934091B2 (en) 2011-04-26
CA2553429C (en) 2017-01-03
EP1590735A2 (en) 2005-11-02
CA2553429A1 (en) 2004-08-05
US20090198765A1 (en) 2009-08-06
WO2004066082A2 (en) 2004-08-05

Similar Documents

Publication Publication Date Title
WO2004066082A3 (en) Digital asset usage accountability via event journaling
WO2004066085A3 (en) Managed distribution of digital assets
WO2004066541A3 (en) Adaptive transparent encryption
GB2360107A (en) Maintaining security in a distributed computer network
WO2006012318A3 (en) Methods and systems for indexing files and adding associated metadata to index and metadata databases
WO2002098200A2 (en) Method and apparatus for assigning conditional or consequential rights to documents and documents having such rights
WO2003071394A3 (en) Electronic document tracking
WO2005015436A3 (en) Self describing business objects
WO2004109443A3 (en) Managing data objects in dynamic, distributed and collaborative contexts
WO2002019712A1 (en) Content distribution method, reservation management device, and program storage medium
WO2006069394A3 (en) Managing digital media rights through missing masters lists
WO2005008425A3 (en) Systems and methods for managing projects
EP1589446A4 (en) Information processing system, information processing device, information processing method, program, and recording medium
GB2381153B (en) Policy server
WO2004042522A3 (en) Digital-rights management
WO2007027488A3 (en) System, methods, and program product to trace content genealogy
WO2008144530A3 (en) Methods, media, and systems for tracking, encrypting, and determining content usage, and identifying large content files
ATE300819T1 (en) METHOD AND DEVICE FOR GENERATING DATA FOR CHARGING A USER FOR ACCESS THROUGH A COMMUNICATIONS NETWORK CONNECTION
WO2004111746A3 (en) System and method for monitoring network appliances using well-formatted data files
Kapler Avalanche! snowy FX for XXX
WO2005026889A3 (en) System, method, and computer program product for managing interoperable data processing system services
CN1423205A (en) System of apparatus for counting network transaction to digital content works
WO2007056305A3 (en) System and method for generating consumer relational marketing information in a system for the distribution of digital content
WO2003060800A3 (en) Systems and methods for monitoring the availability of assets within a system and enforcing policies governing assets
Wells Government use of free software

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2006501056

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2004704027

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2004704027

Country of ref document: EP

DPEN Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2553429

Country of ref document: CA