TW200905584A - Security event management system with surveillance function - Google Patents

Abstract

This invention discloses a security event management (SEM) system with a surveillance function, and the system includes a security event monitoring unit and at least one monitor and at least one computer connected to the security event monitoring unit. The security event monitoring unit is provided for recording at least one computer screen and an occurred security event such as sending or receiving an e-mail and prohibiting the execution of a specific program, and producing an index for the recorded information, while combining a screen of a computer user using the computer and recorded by at least one of the monitors, and thus the system integrates at least one computer and at least one monitor to achieve a better information security protection effect.

Description

200905584 IX. Description of the invention: [Technical field of the invention] The present invention provides a security control system with monitoring function, in particular, a combination monitoring function and a side recording function to record the occurrence of the security event, and It can synchronously record the surrounding environment when the event occurs, so that the remote controller can simultaneously view the side of the computer and the picture taken by the monitor through the network. [Prior Art] Γ; The common information security devices in the general enterprise include mechanisms such as fire wall and anti-virus software. However, with the advent of the web2. 〇 era, “materials aging protection” has become a key issue for enterprise (4) security maintenance. In the past, poor materials and other protective measures were mostly solved with high-priced, high-complexity software tools. In the case that f-gold and rape manpower cannot be improved, how to effectively protect confidential information within the company, and recent issues of concern to business owners. ... At present, the market security control shirts are only male, and there is no monitoring system. Therefore, it is only possible to check the electricity security problem. Who is using the computer when the security incident occurs?昼面), for the protection of a female event can have a greater effect. ^Pre-market security control website history and program: hegemony (10) need to be.打 The discount on the security protection effectiveness of the company has not been able to meet the needs of the enterprise. The search process often takes 200,905,584 times. In recent years, domestic companies have also hoped to identify functions in the security control. However, because the current real-time identification technology is still normal; the processor has a large amount of computing resources, and the utility cannot be described. People have a sense of the current security control system {• party: stop, strong security protection, so based on years of experience: from the surgery; and with the relevant monitoring functions to improve the above-mentioned shortcomings of the invention [invention] The reference to the current importance of information security, and the current coffee; therefore, on =; === finally · and with the relevant academic, control system." The security incident with monitoring function

L 资安, m for the kind of monitoring function device and - Zi'an event monitoring list - computer, at least - monitoring and taking side _ at least _ two t event monitoring unit is completely stored in the time, there is output, The new state, and can be immediately notified; the second purpose of the present invention, gp throws the way to query the security incident, assists in the use of records, management, data usage and access, with =:= 200905584 female threats Safeguard the company's important intangible assets. [Embodiment] The 'h Yu, Yucha Committee can understand the technical means of the present invention and the knowledge and understanding of the present invention. The details of the silk-embodiment are as follows. A system of "control security incident control system" can be applied to enterprises or computer networks that emphasize information security. The system includes: 至少 at least one computer 10' at least - computer 10 can be a general desktop type PC or laptop, side to perform the computer should be practiced; 岑 machine fTC 11 'This at least - monitor 11 is the network camera = machine IPC total ra), which can be installed in the office, and can Shooting - the computer 10 screen is the preferred installation, _ to record the at least one computer 10 weeks after the environment; there are two if = control unit 12, its function is to control all the Bewen events in the company, the - The Beian event monitoring unit 12 includes: - an encoding module 12G, which is used by the secretary to record the information of the program events (eg, executing EXCEL, MSN, etc. =, universal serial confluence (Universal Series Bus) , '2 in material', 昼 昼 及 及 驻 驻 — — — — — — — — 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄 摄u 摄 摄 摄 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编 编The coding module 120 integrates the index of the information to make an index for easy retrieval, and can decode the information encoded by the thin t and 120 codes. The integrated function includes, and is effective, at least - executed by the computer 1G. Command, prohibit specific program j (such as prohibiting the execution of multimedia video player, etc.), execute the program, 200905584 send and receive mail, etc.), decode the video to the top, and use the universal serial for the at least Confluence 埠 (USB) record, and data backup; X sub·^ 贝# do side 121 面 122, fine to connect (four) integration module Wei 'and at least - computer 10 side recorded written and the at least - monitoring H η video recording is difficult, and ^ Receive - user set this at least - computer 1Q generates a message, such as a specific program to send a notice, remind the manager to note m / 16 grid 'can monitor multiple at the same time The face of the computer; and can control the communication mosquitoes of the mUs computer 10, such as: newsletter service (Short

Message Senace, SMS), P〇P3, s machine newsletter, email, etc. According to the demand monitoring unit, the monitoring unit can be connected to at least one storage unit. The invention has the monitoring function of the security, and the second one has the following characteristics. 1. All the applications in the internal computer of the S-Senior side use the T-breaking output, the internal activities of the screen book that were deposited at the time, and the entry and exit status when the incident occurred. f f 2 pieces of 仏 早 早 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , After the integration of the system function of the network camera 200905584 IP Camera (IP Camera), in addition to the side events that can be recorded when special events occur, it is still possible to cooperate with the activities of the surrounding people at that time, and quickly and completely grasp the capital. Security information. τ Second, the general image recording system usually records the whole process after starting. When the video space is insufficient, the earliest silly iff will be deleted automatically. In addition to the functions required by the general side recording system to follow the video recording and scheduling recording, the present invention adds a new, police, and video function to the system. This function helps to flexibly ^ ^ Γ ^ The use screen of the line file '------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- The results can be made in the system to make the shape of the internal computer executable file - each of the above-mentioned details are for the purpose of the present invention - Τ fmZm ^ w =; two = tilt • 峨: BRIEF DESCRIPTION OF THE DRAWINGS The first figure is an architectural diagram of the present invention. [Main component symbol description] 1〇At least one computer ^At least one monitor 200905584 12 Security incident monitoring unit 120 121 Integrated module 122 123 storage device Encoding module Display and control module

10

Claims (1)

200905584 X. Application for Patent Park: Bu--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- The monitoring unit of the security environment of the computer environment includes: recording the at least the computer program and the less-monitoring video, and t is the signature module to sign the at least - computer 孛; i, record information, and can make the side record information to produce the coded group code t and the group 'is used to receive the integrated module processed by the Bayer's at least one computer side The recorded picture and the video of the age record show 'and can be received' - the user sets the notification condition when the computer has a security incident. The monitoring function mentioned in item 1 of the Hi patent scope is less than that. The monitoring material of the security incident can still be externally connected. a storage device for storing the code of the coded module, which is encoded in the second item of the third section, and the monitoring module of A list of events.仔/主乂电4, : 2nd item 2 of the monitoring function of the security function = 糸, wash 'When the at least one computer uses 10,000 serial port = 埠 (USB) access data, The integration module can back up this data. 5. In the case of the patent application scope 2_, the monitoring security function 200905584 control system, wherein the integration module can store instructions executed by the at least one computer. 6. The security event control system with monitoring function as described in claim 2, wherein the at least one monitor is an IP camera. 7. As described in item 2 of the patent application scope. The security event control system with monitoring function, wherein the coding module includes a computer security code, a side screen capture code and a face code of the monitor record. 8. The security control system with monitoring function as described in item 2 of the patent application, wherein the display and control module displays an image window of 1/4/9/16. 9. The asset security event control system with monitoring function as described in claim 2, wherein the display and control module can control the communication protocol of the at least one computer. 10. The asset security event control system with monitoring function as described in item 9 of the patent application, wherein the communication protocol is a short message service (SMS). 11. The asset security event control system with monitoring function as described in item 9 of the patent application scope, wherein the communication agreement is a POP3 communication protocol. 12. A security control system for monitoring functions as described in item 9 of the patent application scope, wherein the communication protocol is an SMTP communication protocol. 12