Trusted computer activity monitoring and recording system and method

US 20060041760A1
Filed: 06/26/2002
Published: 02/23/2006
Est. Priority Date: 06/26/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of recording activities at a computer having a digital certificate comprising a plurality of policies, said method comprising:

A. verifying said digital certificate;

B. performing a plurality of actions comprising recording activities at said computer, wherein said plurality of actions are specified in said plurality of policies.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A trusted computer activity monitoring and recording system and method provides trust between the computer or the computer user which activities are being recorded and the supervisor who governs the monitoring and recording system by using a digital certificate comprising a plurality of policies and the public key of the supervisor. Computer activities are recorded and actions are performed according to the policies comprised in the certificate, and recorded data are encrypted using the public key comprised in the certificate. Recorded data may be further signed by digital signatures created with the private key of the computer or the computer user.

126 Citations

28 Claims

1. A method of recording activities at a computer having a digital certificate comprising a plurality of policies, said method comprising:
- A. verifying said digital certificate;
  
  B. performing a plurality of actions comprising recording activities at said computer, wherein said plurality of actions are specified in said plurality of policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein said digital certificate comprises a public key, said method further comprising:
    - C. generating a plurality of recorded data blocks comprising said activities;
      
      D. encrypting said plurality of recorded data blocks into a data stream comprising a plurality of encrypted data blocks using said public key, wherein said plurality of encrypted data blocks are decrypted at another computer using a private key paired with said public key.
  - 3. The method of claim 2, wherein said digital certificate comprises a serial number and said data stream comprises said serial number, said serial number being used at said another computer to identify said private key for decryption.
  - 4. The method of claim 2, wherein each of said plurality of recorded data blocks comprises a sequential number, said sequential number being used to detect missing of any of said plurality of recorded data blocks at said another computer.
  - 5. The method of claim 2, wherein said data stream is sent to said another computer in any of a plurality of means comprising:
    - 1) sending over a computer network;
      
      2) sending over a communication network;
      
      3) sending over a storage medium.
  - 6. The method of claim 2, wherein said computer has a private key of a user, said method further comprising:
    - E. generating a plurality of digital signatures for said plurality of encrypted data blocks using said private key, wherein said plurality of digital signatures and said plurality of encrypted data blocks are verified at said another computer using a public key of said user paired with said private key.
  - 7. The method of claim 1, wherein said computer has a private key of a user, said method further comprising:
    - B. generating a plurality of recorded data blocks comprising said activities;
      
      C. generating a plurality of digital signatures for said plurality of recorded data blocks using said private key, wherein said plurality of digital signatures and said plurality of recorded data blocks are verified at another computer using a public key of said user paired with said private key.
  - 8. The method of claim 7, wherein said public key is comprised in a digital user certificate, wherein said digital user certificate further comprises identity of said user.
  - 9. The method of claim 1, wherein said digital certificate comprises a digital signature and said verifying a digital certificate in step A further comprises verifying said digital signature.
  - 10. The method of claim 1, further comprising:
    - C. checking with a user or a database for acceptance or rejection of said digital certificate.
  - 11. The method of claim 1, wherein said plurality of actions are chosen from a group comprising:
    - 1) recording key strokes;
      
      2) recording mouse clicks and movements;
      
      3) recording files access;
      
      4) recording database access;
      
      5) recording program active durations;
      
      6) recording network communications;
      
      7) recording telephone communications;
      
      8) recording sound input and output;
      
      9) recording video input and output;
      
      10) recording web sites visited;
      
      11) recording messages;
      
      12) recording emails;
      
      13) recording images;
      
      14) recording screen snapshots;
      
      15) recording computer resource usage;
      
      16) recording program attributes;
      
      17) setting program attributes;
      
      18) setting program configurations;
      
      19) setting system registry;
      
      20) opening files;
      
      21) sending messages;
      
      22) receiving messages;
      
      23) displaying messages.
  - 12. The method of claim 1, wherein said plurality of policies comprise a plurality of computer executable codes to perform at least one of said plurality of actions, wherein said performing in step B comprises executing said plurality of computer executable codes, wherein said plurality of computer executable codes are written with any of program languages comprising:
    - 1) Java language;
      
      2) Pearl language;
      
      3) Tcl language;
      
      4) Visual basic language;
      
      5) ActiveX control language;
      
      6) COM language;
      
      7) NET language;
      
      8) C# language;
      
      9) C/C++ language;
      
      10) any machine executable scripting language.
  - 13. The method of claim 1, wherein said computer is any of a group of computing devices comprising:
    - 1) personal computer;
      
      2) server;
      
      3) gateway;
      
      4) network router;
      
      5) network switch;
      
      6) personal digital assistant;
      
      7) communication device;
      
      8) client terminal.
  - 14. The method of claim 1, wherein said digital certificate comprises a plurality of identities of controlled entities and said controlled entities comprises a plurality of computers and a plurality of users, said method further comprising:
    - C. checking identity of said computer and identity of user of said computer;
      
      D. rejecting said digital certificate if said identity of said computer and said identity of said user are not comprised in said plurality of identities of controlled entities.
  - 15. The method of claim 1, wherein said digital certificate comprises a valid time period, said method further comprising:
    - C. checking current time with said valid time;
      
      D. rejecting said digital certificate if said valid time period has expired.
  - 16. The method of claim 1, wherein said plurality of actions in step B comprise a plurality of operations in response to a plurality of user requests at said computer, said plurality of operations are chosen from a group comprising:
    - 1) pausing said recording activities in step B;
      
      2) resuming said recording activities in step B;
      
      3) displaying portions of said activities recorded in step B;
      
      4) modifying portions of said plurality of policies used in said recording activities in step B.

17. A computer activity recording system having a recording program running at a computer and a processing program running at another computer, said system comprising:
- A. said recording program having a digital certificate comprising a plurality of policies, said recording program comprising;
  
  1) a certificate verification module, configured to verify and accept or reject said digital certificate;
  
  2) a recording module, configured to perform a plurality of actions comprising recording activities and to generate a plurality of recorded data blocks comprising said activities, said plurality of actions being specified in said plurality of policies;
  
  B. said processing program comprising;
  
  1) a processing module, configured to process said activities comprised in said plurality of recorded data blocks.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 18. The system of claim 17, wherein said digital certificate comprises a public key, said recording program further comprising:
    - 3) an encryption module, configured to encrypt said plurality of recorded data blocks into a data stream comprising a plurality of encrypted data blocks using said public key; and
      
      said processing program further comprising;
      
      2) a decryption module, configured to decrypt said plurality of encrypted data blocks using a private key paired with said public key to recover said plurality of recorded data blocks.
  - 19. The system of claim 18, wherein said plurality of policies comprised in said digital certificate is null, wherein said plurality of actions are specified in a preloaded set of policies comprised in said recording module.
  - 20. The system of claim 18, wherein said data stream is sent to said processing program in any of a plurality of means comprising:
    - i. sending over a computer network;
      
      ii. sending over a communication network;
      
      iii. sending over a storage medium.
  - 21. The system of claim 17, wherein said digital certificate comprises a digital signature and said certificate verification module comprises:
    - i. a signature verification module, configured to verify said digital signature.
  - 22. The system of claim 17, said recording program further comprising:
    - 3) a certificate acceptance module, configured to check with a user or database for acceptance or rejection of said digital certificate.
  - 23. The system of claim 17, wherein said plurality of actions are chosen from a group comprising:
    - 1) recording key strokes;
      
      2) recording mouse clicks and movements;
      
      3) recording files access;
      
      4) recording database access;
      
      5) recording program active durations;
      
      6) recording network communications;
      
      7) recording telephone communications;
      
      8) recording sound input and output;
      
      9) recording video input and output;
      
      10) recording web sites visited;
      
      11) recording messages;
      
      12) recording emails;
      
      13) recording images;
      
      14) recording screen snapshots;
      
      15) recording computer resource usage;
      
      16) recording program attributes;
      
      17) setting program attributes;
      
      18) setting program configurations;
      
      19) setting system registry;
      
      20) opening files;
      
      21) sending messages;
      
      22) receiving messages;
      
      23) displaying messages.
  - 24. The system of claim 17, wherein said plurality of policies comprise a plurality of computer executable codes to perform at least one of said plurality of actions, said recording program further comprising:
    - 3) a code executing module, configured to execute said plurality of computer executable codes, said plurality of computer executable codes being written with any of program languages comprising;
      
      i. Java language;
      
      ii. Pearl language;
      
      iii. Tcl language;
      
      iv. Visual basic language;
      
      v. ActiveX control language;
      
      vi. COM language;
      
      vii. NET language;
      
      viii. C# language;
      
      ix. C/C++ language;
      
      x. any machine executable scripting language.
  - 25. The system of claim 17, wherein said computer and said another computer are any of a group of computing devices comprising:
    - 1) personal computer;
      
      2) server;
      
      3) gateway;
      
      4) network router;
      
      5) network switch;
      
      6) personal digital assistant;
      
      7) communication device;
      
      8) client terminal.
  - 26. The system of claim 17, wherein said digital certificate comprises a plurality of identities of controlled entities and said controlled entities comprise a plurality of computers and a plurality of users, wherein said certificate verification module comprises:
    - i. an identity verification module, configured to check identity of said computer and identity of user of said computer and reject said digital certificate if said identity of said computer and said identity of said user are not comprised in said plurality of identities of controlled entities.
  - 27. The system of claim 17, wherein said computer has a private key of a user, said recording program further comprising:
    - 3) a user signature generation module, configured to generate a plurality of digital signatures for said plurality of recorded data blocks using said private key; and
      
      said processing program further comprising;
      
      2) a user signature verification module, configured to verify said plurality of digital signatures and said plurality of recorded data blocks using a public key of said user paired with said private key.
  - 28. The system of claim 17, wherein said plurality of actions comprise a plurality of operations in response to a plurality of user requests at said computer, said recording program further comprising:
    - 3) a user action module, configured to accept said plurality of user requests to perform said plurality of operations, said plurality of operations comprising;
      
      i. pausing said recording module;
      
      ii. resuming said recording module;
      
      iii. displaying portions of said plurality of recorded data blocks generated by said recording module;
      
      iv. modifying portions of said plurality of policies used in said recording module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zezhen Huang
Original Assignee
Zezhen Huang
Inventors
Huang, Zezhen

Application Number

US10/180,705
Publication Number

US 20060041760A1
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/552 involving long-term monitor...

Trusted computer activity monitoring and recording system and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

126 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted computer activity monitoring and recording system and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

126 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links