KR101745948B1 - Apparatus for collecting history of data in cloud environment, method thereof and computer recordable medium storing the method - Google Patents
Apparatus for collecting history of data in cloud environment, method thereof and computer recordable medium storing the method Download PDFInfo
- Publication number
- KR101745948B1 KR101745948B1 KR1020150158806A KR20150158806A KR101745948B1 KR 101745948 B1 KR101745948 B1 KR 101745948B1 KR 1020150158806 A KR1020150158806 A KR 1020150158806A KR 20150158806 A KR20150158806 A KR 20150158806A KR 101745948 B1 KR101745948 B1 KR 101745948B1
- Authority
- KR
- South Korea
- Prior art keywords
- file
- log
- secret key
- history
- user terminal
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
-
- G06F17/30091—
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
Abstract
The present invention relates to an apparatus and method for collecting data history of a cloud environment capable of safely providing a log file, which is a history of execution activities using user data, and a computer readable recording medium on which the method is recorded. The present invention relates to a data history collecting apparatus in a cloud environment capable of uploading or downloading a file to a cloud server that is connected to the cloud server by using the connection information input from the user terminal. A log creating unit for creating a file-by-file log record of the execution activity of the user terminal for each file during the session connection; A log storage unit for storing log history of each file; A secret key storage unit for storing a secret key corresponding to the file log history; And a secret key input window in response to a request to browse the log history of each file from the administrator terminal, and the secret key input through the secret key input window corresponds to the file log history stored in the secret key storage And an interface controller for displaying the log history of each file in accordance with the secret key.
Description
The present invention relates to an apparatus and method for collecting data history in a cloud environment and a computer readable recording medium on which the method is recorded. More particularly, the present invention relates to a cloud environment capable of safely providing a log file, And a computer-readable recording medium on which the method is recorded.
Cloud Computing is a computer environment in which information is permanently stored on servers on the Internet and is temporarily stored on clients such as desktop devices, notebook computers, netbooks, and smartphones. That is, all the information of the user is stored on the server on the Internet, and the information can be used anytime and anywhere through various IT devices.
In other words, it is a computing service in which computing resources such as hardware and software existing in an intangible form such as a cloud are borrowed as much as they need and a usage fee is paid for the computing resources, Technology that integrates and virtualizes resources. Cloud Computing, an innovative computing technology that provides IT-related services such as data storage, processing, network, and content usage on a server on the Internet that is expressed in the cloud, is defined as 'on-demand outsourcing service of IT resources using the Internet'. With cloud computing, businesses or individuals can reduce the cost of maintaining, maintaining and managing computer systems, the cost of purchasing and installing servers, updating costs, purchasing software, etc., and saving time and manpower. You can contribute. In addition, when data is stored on a PC, data may be lost due to a hard disk failure or the like. However, since data is stored in an external server in a cloud computing environment, the data can be safely stored and the storage space can be overcome. You can view and modify documents you have worked on anywhere.
However, there are many security problems related to the use of cloud computing. To solve this problem, a log is recorded in which a user performs activities in a cloud computing environment, and a method of investigating the hacker as evidence is used have.
However, as described above, the investigation method using the log is not only vulnerable to attacks modifying the log data itself, but also has a problem that it becomes difficult for the investigator to collect forensic evidence data if the log data is damaged.
An object of the present invention is to solve the problems of the prior art described above by providing a method of encrypting log data to input a secret key when reading log data and separately storing a copy of the read log data to help the forensic investigator collect evidence A method and a computer-readable recording medium on which the method is recorded.
According to an aspect of the present invention, there is provided a device for collecting data history of a cloud environment, the device comprising: a data history collection device for collecting and storing data in a cloud environment capable of uploading or downloading a file to or from a cloud server provided by a cloud service provider; A connection unit for logging in to the cloud server using the connection information and maintaining session connection; A log creating unit for creating a file-by-file log record of the execution activity of the user terminal for each file during the session connection; A log storage unit for storing log history of each file; A secret key storage unit for storing a secret key corresponding to the file log history; And a secret key input window in response to a request to browse the log history of each file from the administrator terminal, and the secret key input through the secret key input window corresponds to the file log history stored in the secret key storage And an interface controller for displaying the log history of each file in accordance with the secret key.
According to another aspect of the present invention, there is provided an apparatus for collecting data history of a cloud environment, comprising: a time slice generating unit for generating a time slice when the session connection is started; And a telephone number storage unit for storing a telephone number designated for each user, wherein, when the connection information is inputted from another user terminal within the time interval of the time slice through the connection unit, The special key is transmitted, the special key input window is activated, and the session connection is terminated when the special key is not input within a predetermined time after the transmission.
Here, the log storage unit is an encrypted storage unit, and can be decrypted according to input of a preset password from the administrator terminal.
According to another aspect of the present invention, there is provided a data log collection apparatus for a cloud environment, the log collection system including a first log copy storage unit disposed in the user terminal and storing a copy of log history of each file.
According to another aspect of the present invention, there is provided a device for collecting data history of a cloud environment, the device including a second log copy storage unit disposed in the administrator terminal and storing a copy of log history of each file.
According to another aspect of the present invention, there is provided a data history collection method of a cloud environment capable of uploading or downloading a file to a cloud server provided by a cloud service provider, Logging in to the cloud server using the connection information and maintaining session connection; Creating a file-by-file log history of the activity of the user terminal for each file during the session connection; Storing the per-file log history; Activating a secret key input window upon receiving a request to browse the log history of each file from an administrator terminal; And displaying the log history of each file in accordance with the secret key input through the secret key input window coinciding with the secret key corresponding to the file log history stored in advance.
According to another aspect of the present invention, there is provided a computer-readable recording medium storing a program for executing a method for collecting data history of a cloud environment.
The present invention encrypts log data and stores a copy of log data in a terminal of a visitor when logging log data, thereby enhancing the security of the log data itself and allowing the forensic investigator to use the copy as evidence even in the event of log data corruption The forensic evidence used in the investigation can be easily reconstructed.
In addition, by performing a time-slice-based redundancy check when connecting to the cloud, redundant logins can be reduced and excessive log data generation can be reduced. As a result, forensic investigators can reduce the amount of log data to be examined, .
1 is a diagram illustrating a system including a device for collecting data history in a cloud environment according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating an apparatus for collecting data history in a cloud environment according to an embodiment of the present invention.
FIG. 3 is a view showing log histories collected by the data history collection device of the cloud environment of FIG. 2. FIG.
4A to 4C are diagrams showing screens provided by the interface control unit in the data history collection apparatus of the cloud environment of FIG.
5 is a diagram illustrating a data history collection method in a cloud environment according to an embodiment of the present invention.
The description of the disclosed technique is merely an example for structural or functional explanation and the scope of the disclosed technology should not be construed as being limited by the embodiments described in the text. That is, the embodiments are to be construed as being variously embodied and having various forms, so that the scope of the disclosed technology should be understood to include equivalents capable of realizing technical ideas.
Meanwhile, the meaning of the terms described in the present application should be understood as follows.
The terms " first ", " second ", and the like are used to distinguish one element from another and should not be limited by these terms. For example, the first component may be referred to as a second component, and similarly, the second component may also be referred to as a first component.
It is to be understood that when an element is referred to as being "connected" to another element, it may be directly connected to the other element, but there may be other elements in between. On the other hand, when an element is referred to as being "directly connected" to another element, it should be understood that there are no other elements in between. On the other hand, other expressions that describe the relationship between components, such as "between" and "between" or "neighboring to" and "directly adjacent to" should be interpreted as well.
It is to be understood that the singular " include " or "have" are to be construed as including the stated feature, number, step, operation, It is to be understood that the combination is intended to specify that it is present and not to preclude the presence or addition of one or more other features, numbers, steps, operations, components, parts or combinations thereof.
Each step may take place differently from the stated order unless explicitly stated in a specific order in the context. That is, each step may occur in the same order as described, may be performed substantially concurrently, or may be performed in reverse order.
All terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the disclosed technology belongs, unless otherwise defined. Terms defined in commonly used dictionaries should be interpreted to be consistent with meaning in the context of the relevant art and can not be construed as having ideal or overly formal meaning unless expressly defined in the present application.
FIG. 1 is a diagram illustrating a system including a data history collection apparatus in a cloud environment according to an embodiment of the present invention. FIG. 2 is a diagram illustrating a data history collection apparatus in a cloud environment according to an embodiment of the present invention, The
The system supporting the apparatus of the present invention may include a
First, the
The
Meanwhile, when the
The
On the other hand, the
That is, if a user hacks the system and manipulates the log history, additional copies of the log history can be stored in a separate Java archive file (JAR) that is encrypted using an internal mechanism provided by Java and is not easily accessible Furthermore, since the drives that make up the logs are secured by BitLocker, the entire drive is secured, which can help cloud service providers to rebuild the system after a malicious attack.
The secret
The
4A through 4C are diagrams illustrating screens provided by the
When a screen as shown in FIG. 4A is displayed on the
In addition, the
Here, when the administrator selects the
On the other hand, the time
The phone
At this time, if the connection information is input from another user terminal (not shown) within the time slice time interval through the
That is, by providing a time slice-based virtual machine access method, it is possible to reduce the number of redundant logins, reduce the generation of excessive logs, and reduce the time required to examine the log when necessary.
Also, the
FIG. 5 is a diagram illustrating a data history collection method in a cloud environment according to an embodiment of the present invention. The data history collection method in the cloud environment of the present invention will be described below.
The user logs in the
Next, a file-by-file log record for the performance of the
Thereafter, the created log history for each file is stored (S300). Here, it is preferable that the log history of each file is stored in the storage where the lock is set by bit locker drive encryption or the like, and a copy thereof is stored in the
Next, upon receiving a request to view the log history of each file from the
After that, the secret key input through the secret key input window coincides with the secret key corresponding to the log history of each file stored in advance, thereby displaying log history per file (S500). That is, the log history as shown in FIG. 3 can be displayed through the display unit of the
The method of collecting data history of the cloud environment according to the present invention can be implemented by a program and stored in a computer-readable recording medium (CD-ROM, RAM, ROM, floppy disk, hard disk, magneto-optical disk, etc.).
Although the disclosed method and apparatus have been described with reference to the embodiments shown in the drawings for illustrative purposes, those skilled in the art will appreciate that various modifications and equivalent embodiments are possible without departing from the scope of the present invention. I will understand that. Accordingly, the true scope of protection of the disclosed technology should be determined by the appended claims.
100: User terminal
200: Data history collection device
300: Cloud server
400: administrator terminal
Claims (7)
A connection unit for logging in to the cloud server using the connection information input from the user terminal and maintaining session connection;
A log creating unit for creating a file-by-file log record of the execution activity of the user terminal for each file during the session connection;
A log storage unit for storing log history of each file;
A secret key storage unit for storing a secret key corresponding to the file log history;
A secret key input window is activated upon receipt of a request to browse the log history of each file from the administrator terminal, and a secret key input through the secret key input window is displayed in a secret corresponding to the file log history stored in the secret key storage An interface control unit for displaying the log history of each file in accordance with the key;
A time slice generating unit for generating a time slice when the session connection is started; And
And a telephone number storage unit for storing a telephone number designated for each user,
Wherein the interface control unit comprises:
When the access information is input from a terminal other than the user terminal within a time interval of the time slice through the connection unit, a special key is transmitted to a telephone number designated for each user of the user terminal, a special key input window is activated, And terminates the session connection when the special key is not input within a predetermined time after transmission.
Wherein the log storage unit is an encrypted storage unit and decrypted when a password set in advance is input from the administrator terminal.
And a first log copy storage unit disposed in the user terminal for storing a copy of log history of each file.
And a second log copy storage unit disposed in the administrator terminal and storing a copy of the log history of each file.
The method comprising the steps of: logging in to the cloud server using the connection information input from the user terminal and maintaining a session connection; generating a time slice when a session connection is started; A special key is transmitted to a telephone number designated for each user of the user terminal, a special key input window is activated, and the session connection is terminated when the special key is not input within a predetermined time after the message is transmitted ;
Creating a file-by-file log history of the activity of the user terminal for each file during the session connection;
Storing the per-file log history;
Activating a secret key input window upon receiving a request to browse the log history of each file from an administrator terminal; And
And displaying the per-file log history according to the secret key input through the secret key input window coinciding with the secret key corresponding to the per-file log history stored in advance. Way.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150158806A KR101745948B1 (en) | 2015-11-12 | 2015-11-12 | Apparatus for collecting history of data in cloud environment, method thereof and computer recordable medium storing the method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150158806A KR101745948B1 (en) | 2015-11-12 | 2015-11-12 | Apparatus for collecting history of data in cloud environment, method thereof and computer recordable medium storing the method |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170055714A KR20170055714A (en) | 2017-05-22 |
KR101745948B1 true KR101745948B1 (en) | 2017-06-12 |
Family
ID=59050057
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150158806A KR101745948B1 (en) | 2015-11-12 | 2015-11-12 | Apparatus for collecting history of data in cloud environment, method thereof and computer recordable medium storing the method |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101745948B1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108153463B (en) * | 2017-12-27 | 2021-04-27 | Oppo广东移动通信有限公司 | Application interface display control method and device, storage medium and mobile terminal |
CN111290910B (en) * | 2020-01-20 | 2023-06-23 | Oppo(重庆)智能科技有限公司 | Log processing method, device, server and storage medium |
CN114500497A (en) * | 2021-12-28 | 2022-05-13 | 盘石软件(上海)有限公司 | Method and system for obtaining evidence of cloud mobile phone |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101475462B1 (en) | 2013-08-14 | 2014-12-23 | 브레인즈스퀘어(주) | System for synchronizing cloud storage and files encrypted with an encryption key of the user |
-
2015
- 2015-11-12 KR KR1020150158806A patent/KR101745948B1/en active IP Right Grant
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101475462B1 (en) | 2013-08-14 | 2014-12-23 | 브레인즈스퀘어(주) | System for synchronizing cloud storage and files encrypted with an encryption key of the user |
Non-Patent Citations (2)
Title |
---|
김태형 외 2인, '클라우드 환경에서 SLA 적용을 위한 데이터 로그 분석기 설계', 한국인터넷정보학회 2010년도 학술발표대회, 2010.06, pp.251-255 |
김홍기 외 2인, ‘클라우드 기반의 로그저장 시스템’, 한국통신학회, 한국통신학회 학술대회논문집 , 2015.06, pp.828-829 |
Also Published As
Publication number | Publication date |
---|---|
KR20170055714A (en) | 2017-05-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Ab Rahman et al. | Cloud incident handling and forensic‐by‐design: cloud storage as a case study | |
Quick et al. | Cloud storage forensics | |
EP3451575B1 (en) | Methods, systems and computer program product for providing encryption on a plurality of devices | |
US10452857B2 (en) | Systems and methods for providing file level security | |
US8171108B2 (en) | System and method for providing remote forensics capability | |
US9070112B2 (en) | Method and system for securing documents on a remote shared storage resource | |
CN102469080B (en) | Method for pass user to realize safety login application client and system thereof | |
US9069869B1 (en) | Storing on a client device data provided by a user to an online application | |
US20180294980A1 (en) | Management of secret data items used for server authentication | |
WO2017156160A1 (en) | Management of workflows | |
US11295379B2 (en) | Virtual storage system and method of sharing electronic documents within the virtual storage system | |
CN108667835A (en) | A kind of control remote equipment carries out method, system and the storage medium of network forensics | |
US8850563B2 (en) | Portable computer accounts | |
KR101745948B1 (en) | Apparatus for collecting history of data in cloud environment, method thereof and computer recordable medium storing the method | |
US9331987B2 (en) | Virtual storage system and file encryption methods | |
Shaaban et al. | Practical windows forensics | |
Dargahi et al. | Investigating storage as a service cloud platform: pCloud as a case study | |
US10990688B2 (en) | Virtual storage system and method of sharing electronic documents within the virtual storage system | |
JP2007060581A (en) | Information management system and method | |
Hur et al. | A study on cloud data access through browser credential migration in Windows environment | |
US11301577B2 (en) | System and method for protecting information from unauthorized access | |
Clark | Secure Integration of Information Systems in Radiology | |
Makris | Cloud Storage. A remote acquisition method using open-source software and a free credit storage infrastructure. | |
US20180285581A1 (en) | System and Method for Protecting Information from Unauthorized Access | |
Sundaresan et al. | Different Perspectives of Cloud Security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E701 | Decision to grant or registration of patent right | ||
GRNT | Written decision to grant |