Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2004-02-17
2008-09-16
Truong, Cam-Y (Department: 2162)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000
Reexamination Certificate
active
07426512
ABSTRACT:
Network based intrusion detection analyzes DB access attempts prior to transport into the host computer system and accordingly, mitigate resource overhead. However, host computer systems often employ local access such as a DBA account. Monitoring access attempts via the network monitor may not encompass such local access attempts. A data security device which intercepts both local and remote access attempts to the database resource monitors all database access attempts for auditing and security analysis. The data security device receives local access transactions via a local agent on the host. The local agent identifies and integrates with an interprocess communication (IPC) mechanism on the host computer system. The local agent implements an IPC interception mechanism to direct local database access attempts to the local agent, which then forwards the intercepted attempts to the data security device for further analysis. The network data security device therefore observes local access attempts via interception and transmission to the data security device, thereby consolidating analysis and logging of the data access attempts via the data security device.
REFERENCES:
patent: 6061797 (2000-05-01), Jade et al.
patent: 6070243 (2000-05-01), See et al.
patent: 6119236 (2000-09-01), Shipley
patent: 6304975 (2001-10-01), Shipley
patent: 6687702 (2004-02-01), Vaitheeswaran et al.
patent: 6941369 (2005-09-01), Krack et al.
patent: 2002/0066038 (2002-05-01), Mattsson et al.
patent: 2002/0154646 (2002-10-01), Dubois et al.
patent: 2002/0157020 (2002-10-01), Royer
patent: 2003/0028624 (2003-02-01), Hasan et al.
patent: 2003/0084320 (2003-05-01), Tarquini et al.
patent: 2003/0084328 (2003-05-01), Tarquini et al.
patent: 2003/0182580 (2003-09-01), Lee
patent: 2004/0111623 (2004-06-01), Miller et al.
patent: 2004/0260947 (2004-12-01), Brady et al.
patent: 2005/0005031 (2005-01-01), Gordy et al.
patent: 2005/0071650 (2005-03-01), Jo et al.
patent: 2005/0086529 (2005-04-01), Buchsbaum
Jones, Katherine, “Secure Internet Access to SAP's R/3: Keeping Dragons Out”, Int. J. Network Mgmt., vol. 8, © 1998, pp. 191-199.
Joshi, James B. D., et al., “Security Models for Web-Based Applications”, Communications of the ACM, vol. 44, No. 2, Feb. 2001, pp. 38-44.
Muller, Nathan J., “Improving Network Operations With Intelligent Agents”, Int. J. Network Mgmt., vol. 7, © 1997, pp. 116-126.
Jaeger, T., et al., “Flexible Access Control Using IPC Redirection”, Proc. of the 7th Workshop on Hot Topics in Operating Systems, Mar. 29-30, 1999, pp. 191-196.
Roscheisen, Martin, et al., “A Communication Agreement Framework for Access/Action Control”, 1996 IEEE Symposium on Security and Privacy, © 1996, pp. 154-163.
Appenzeller, Guido, et al., “User-Friendly Access Control for Public Network Ports”, IEEE 0-7803-5417-6/99, © 1999, pp. 699-707.
Balasubramaniyan, Jai Sundar, et al., “An Architecture for Intrusion Detection Using Autonomous Agents”, 14th Annual Computer Security Applications Conf. Proc., Phoenix, AZ, Dec. 7-11, 1998, pp. 13-24.
Gangadharan, Muralidaran, et al., “Intranet Security with Micro-Firewalls and Mobile Agents for Proactive Intrusion Response”, IEEE Int'l Conf. on Computer Networks and Mobile Computing, Beijing, China, Oct. 16-19, 2001, pp. 325-332.
Miller, Sandra Kay, “The Trusted OS Makes a Comeback”, Computer, vol. 34, Issue 2, Feb. 2001, pp. 16-19.
Microsoft Computer Dictionary, 5th Edition, Microsoft Press, Redmond, WA, © 2002, p. 22.
Chari, Suresh N., et al., “BlueBoX: A Policy-Driven, Host-Based Intrusion Detection System”, ACM Transactions on Information and System Security, vol. 6, No. 2, May 2003, pp. 173-200.
Schepers, Filip, et al., “Network- Versus Host-Based Intrusion Detection”, Information Security Technical Report, vol. 3, Issue 4, © 1998, pp. 32-42.
Levine, John, et al., “The Use of Honeynets to Detect Exploited Systems Across Large Enterprise Networks”, Proc. of the 2003 IEEE Workshop on Information Assurance, West Point, NY, Jun. 18-20, 2003, pp. 92-99.
Kewley, Dorene L., et al., “DARPA Information Assurance Program Dynamic Defense Experiment Summary”, IEEE Transactions on Systems, Man and Cybernetics—Part A: Systems and Humans, vol. 31, No. 4, Jul. 2001, pp. 331-336.
Chapin IP Law LLC
Guardium, Inc.
Stevens Robert
Truong Cam-Y
LandOfFree
System and methods for tracking local database access does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and methods for tracking local database access, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and methods for tracking local database access will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3991193