MY175074A - A system and method for secure transaction log for server logging - Google Patents

A system and method for secure transaction log for server logging

Info

Publication number
MY175074A
MY175074A MYPI2013004236A MYPI2013004236A MY175074A MY 175074 A MY175074 A MY 175074A MY PI2013004236 A MYPI2013004236 A MY PI2013004236A MY PI2013004236 A MYPI2013004236 A MY PI2013004236A MY 175074 A MY175074 A MY 175074A
Authority
MY
Malaysia
Prior art keywords
logging
log
client
server
information
Prior art date
Application number
MYPI2013004236A
Inventor
Chong Seak Sea
Izyani Daud Nor
Rashidah Binti Haron Galoh
Kang Siong Ng
Maniam DHARMADHARSHNI
Hon Loon WONG
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Priority to MYPI2013004236A priority Critical patent/MY175074A/en
Priority to PCT/MY2014/000111 priority patent/WO2015076658A1/en
Publication of MY175074A publication Critical patent/MY175074A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

Secure transaction log is used as an audit trail mechanism as said secure logging system is a centralized system that logs all application transactions from different servers wherein it provides an authentication method for client to login to the logging system and an authorization method to verify that only registered servers are able to record and view data to or from the storage. The system comprising at least one client platform (102); at least one application platform (104) and at least one storage device (106) having capacity for storing information. The at least one client platform (102) further comprising at least one user token (102a) for identifying user credentials; and at least one physical machine (102c) for processing client transaction while the at least one application platform (104) further comprising log information which at least comprises a set of data containing user credentials, server identity, IP address, server distinguish name and timestamp; and at least one secure transaction web service (104a, 104b) for validating client transaction and processing log data. To enable secure transaction log for server logging, the general methodology of the present invention comprising steps of obtaining user credentials to authenticate client for server logging (202); logging into server for transaction log (204); and enabling viewing of logging information of authorized users to record and view information to or from at least one storage. Further, storage information is protected and secured by using hash function (716) wherein hash function is used for authorization of user (718) to ensure that only validated user is able to log in or retrieve log information to and from said storage.
MYPI2013004236A 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging MY175074A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
MYPI2013004236A MY175074A (en) 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging
PCT/MY2014/000111 WO2015076658A1 (en) 2013-11-25 2014-05-23 A system and method for secure transaction log for server logging

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
MYPI2013004236A MY175074A (en) 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging

Publications (1)

Publication Number Publication Date
MY175074A true MY175074A (en) 2020-06-04

Family

ID=51541228

Family Applications (1)

Application Number Title Priority Date Filing Date
MYPI2013004236A MY175074A (en) 2013-11-25 2013-11-25 A system and method for secure transaction log for server logging

Country Status (2)

Country Link
MY (1) MY175074A (en)
WO (1) WO2015076658A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105391724B (en) * 2015-11-25 2019-04-16 用友网络科技股份有限公司 Authorization management method and empowerment management device for information system
CN107332911A (en) * 2017-07-03 2017-11-07 珠海金山网络游戏科技有限公司 It is a kind of based on client release number distribute can game server method and apparatus
CN110110516A (en) * 2019-01-04 2019-08-09 北京车和家信息技术有限公司 Log recording method, apparatus and system
CN114629929B (en) * 2022-03-16 2024-03-08 北京奇艺世纪科技有限公司 Log recording method, device and system
CN116155707A (en) * 2023-01-03 2023-05-23 杭州萤石软件有限公司 Behavior query system, method and device of networking equipment and electronic equipment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006012589A2 (en) 2004-07-23 2006-02-02 Privit, Inc. Privacy compliant consent and data access management system and method
EP2575316A1 (en) 2011-09-30 2013-04-03 British Telecommunications Public Limited Company Controlled access

Also Published As

Publication number Publication date
WO2015076658A1 (en) 2015-05-28

Similar Documents

Publication Publication Date Title
Mishra et al. A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards
US11451558B2 (en) Information system end user location detection technique
Alaca et al. Device fingerprinting for augmenting web authentication: classification and analysis of methods
TWI640890B (en) Method and device for detecting weak password
JP6703539B2 (en) Device verification method and device
Lang et al. Security keys: Practical cryptographic second factors for the modern web
US8239927B2 (en) Authentication ticket validation
US20180212956A1 (en) Anonymous token authentication
JP2017107343A5 (en)
US8438384B2 (en) System and method for performing mutual authentication
JP2015521766A5 (en)
US9038159B2 (en) Authentication system
CN104378376A (en) SOA-based single-point login method, authentication server and browser
MY175074A (en) A system and method for secure transaction log for server logging
JP2014512589A5 (en)
MX355189B (en) User authentication.
CN105430014B (en) A kind of single-point logging method and its system
MY166564A (en) A system and method for privacy management for internet of things services
TW201405459A (en) Login verification method, client, server and system
CN112492028A (en) Cloud desktop login method and device, electronic equipment and storage medium
WO2008099402A3 (en) A method and system for dynamic security using authentication server
KR20130107188A (en) Server and method for authentication using sound code
WO2016155220A1 (en) Single sign-on method, system and terminal
CN105516066B (en) A method and device for identifying the existence of a middleman
CN107483407B (en) A method and system for anti-leech