MY175074A - A system and method for secure transaction log for server logging - Google Patents

A system and method for secure transaction log for server logging

Info

Publication number
MY175074A
MY175074A MYPI2013004236A MYPI2013004236A MY175074A MY 175074 A MY175074 A MY 175074A MY PI2013004236 A MYPI2013004236 A MY PI2013004236A MY PI2013004236 A MYPI2013004236 A MY PI2013004236A MY 175074 A MY175074 A MY 175074A
Authority
MY
Malaysia
Prior art keywords
logging
log
client
server
information
Prior art date
Application number
MYPI2013004236A
Inventor
Chong Seak Sea
Izyani Daud Nor
Rashidah Binti Haron Galoh
Kang Siong Ng
Maniam DHARMADHARSHNI
Hon Loon WONG
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Priority to MYPI2013004236A priority Critical patent/MY175074A/en
Priority to PCT/MY2014/000111 priority patent/WO2015076658A1/en
Publication of MY175074A publication Critical patent/MY175074A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

Secure transaction log is used as an audit trail mechanism as said secure logging system is a centralized system that logs all application transactions from different servers wherein it provides an authentication method for client to login to the logging system and an authorization method to verify that only registered servers are able to record and view data to or from the storage. The system comprising at least one client platform (102); at least one application platform (104) and at least one storage device (106) having capacity for storing information. The at least one client platform (102) further comprising at least one user token (102a) for identifying user credentials; and at least one physical machine (102c) for processing client transaction while the at least one application platform (104) further comprising log information which at least comprises a set of data containing user credentials, server identity, IP address, server distinguish name and timestamp; and at least one secure transaction web service (104a, 104b) for validating client transaction and processing log data. To enable secure transaction log for server logging, the general methodology of the present invention comprising steps of obtaining user credentials to authenticate client for server logging (202); logging into server for transaction log (204); and enabling viewing of logging information of authorized users to record and view information to or from at least one storage. Further, storage information is protected and secured by using hash function (716) wherein hash function is used for authorization of user (718) to ensure that only validated user is able to log in or retrieve log information to and from said storage.
MYPI2013004236A 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging MY175074A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
MYPI2013004236A MY175074A (en) 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging
PCT/MY2014/000111 WO2015076658A1 (en) 2013-11-25 2014-05-23 A system and method for secure transaction log for server logging

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
MYPI2013004236A MY175074A (en) 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging

Publications (1)

Publication Number Publication Date
MY175074A true MY175074A (en) 2020-06-04

Family

ID=51541228

Family Applications (1)

Application Number Title Priority Date Filing Date
MYPI2013004236A MY175074A (en) 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging

Country Status (2)

Country Link
MY (1) MY175074A (en)
WO (1) WO2015076658A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105391724B (en) * 2015-11-25 2019-04-16 用友网络科技股份有限公司 Authorization management method and empowerment management device for information system
CN107332911A (en) * 2017-07-03 2017-11-07 珠海金山网络游戏科技有限公司 It is a kind of based on client release number distribute can game server method and apparatus
CN110110516A (en) * 2019-01-04 2019-08-09 北京车和家信息技术有限公司 Log recording method, apparatus and system
CN114629929B (en) * 2022-03-16 2024-03-08 北京奇艺世纪科技有限公司 Log recording method, device and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2005266922A1 (en) 2004-07-23 2006-02-02 Privit, Inc. Privacy compliant consent and data access management system and method
EP2575316A1 (en) 2011-09-30 2013-04-03 British Telecommunications Public Limited Company Controlled access

Also Published As

Publication number Publication date
WO2015076658A1 (en) 2015-05-28

Similar Documents

Publication Publication Date Title
KR102088553B1 (en) Method and apparatus of detecting weak password
Alaca et al. Device fingerprinting for augmenting web authentication: classification and analysis of methods
JP6703539B2 (en) Device verification method and device
CN104378376B (en) Single-point logging method, certificate server and browser based on SOA
TWI587672B (en) Login authentication method, client, server and system
US8239927B2 (en) Authentication ticket validation
US20180212956A1 (en) Anonymous token authentication
JP2017107343A5 (en)
US11451558B2 (en) Information system end user location detection technique
US8438384B2 (en) System and method for performing mutual authentication
JP2013508854A5 (en)
JP2015521766A5 (en)
MY166564A (en) A system and method for privacy management for internet of things services
CN105430014B (en) A kind of single-point logging method and its system
MX2015015140A (en) User authentication.
WO2008099402A3 (en) A method and system for dynamic security using authentication server
US9038159B2 (en) Authentication system
US9954852B2 (en) Service-to-service digital path tracing
KR20130107188A (en) Server and method for authentication using sound code
WO2016155220A1 (en) Single sign-on method, system and terminal
MY175074A (en) A system and method for secure transaction log for server logging
CN102368765A (en) Website login authentication method
US9278289B2 (en) Validation of user entitlement to game play
CN107276966B (en) Control method and login system of distributed system
CN107276967A (en) A kind of distributed system and its login validation method