Illegal access preventing program, apparatus, and method

US 20060064598A1
Filed: 06/07/2005
Published: 03/23/2006
Est. Priority Date: 06/09/2004
Status: Abandoned Application

First Claim

Patent Images

1. A computer-readable medium having an illegal access preventing program stored therein for controlling a computer having an operation describing file storing an operation sequence corresponding to normal operations of a plurality of business applications to execute operations, comprising:

implementing a container function as an execution base of the plurality of business applications;

providing an inspection log function in the container function to acquire operation logs of the business applications; and

implementing an application supervising function executing a process in accordance with a comparison resulting from comparing an operation sequence of the business applications in the container function with the operation sequence during the normal operations stored in the operation describing file with reference to the operation logs recorded in the inspection log function.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An unauthorized or illegal access preventing system implementing security procedures to an application layer without having to rely on business applications of an application server having a web container. The illegal or unauthorized access supervising system includes an operation describing file storing operation sequence of a normal operation of a business application, a web container as the execution base of a plurality of business applications, an inspection log function provided to the web container to acquire an operation log of the business applications, and an application supervising function executing an operation in accordance with a comparison result by comparing, with reference to the log stored in the inspection log function, the operation sequence of the business applications of the web container with the operation sequence of the normal operation stored in the operation describing file.

Citations

20 Claims

1. A computer-readable medium having an illegal access preventing program stored therein for controlling a computer having an operation describing file storing an operation sequence corresponding to normal operations of a plurality of business applications to execute operations, comprising:
- implementing a container function as an execution base of the plurality of business applications;
  
  providing an inspection log function in the container function to acquire operation logs of the business applications; and
  
  implementing an application supervising function executing a process in accordance with a comparison resulting from comparing an operation sequence of the business applications in the container function with the operation sequence during the normal operations stored in the operation describing file with reference to the operation logs recorded in the inspection log function.
- View Dependent Claims (2, 3, 6, 7, 8, 11)
- - 2. The illegal access preventing program according to claim 1, wherein the application supervising function controls the container function to execute a predetermined operation when the comparison indicates an irregular sequence.
  - 3. The illegal access preventing program according to claim 1, wherein an additional inspection log function recording input/output information for the container function is provided, and the application supervising function executes the process by comparing the operation sequence of the business applications in the container function with the operation sequence during the normal operation stored in the operation describing file with reference to logs in each inspection log that is integrated in a time series.
  - 6. The illegal access preventing program according to claim 1, wherein the inspection log function acquires a log of output timing information, and the comparison includes comparing the log of output timing information with the normal operations stored in the operation describing file.
  - 7. The illegal access preventing program according to claim 1, wherein the application supervising function sequentially integrates the operation logs of the business applications for the comparison.
  - 8. The illegal access preventing program according to claim 1, wherein the acquired operation logs include transmission source and destination address information related to operations of the business applications.
  - 11. The illegal access preventing program according to claim 3, further comprising:
    - recording input and output logs of an HTTP server, where the comparison includes comparing the recorded input and output logs of the HTTP server with the normal operations stored in the operation describing file.

4. An illegal access preventing program for controlling a computer having a rule file storing an irregular operation sequence of input and output operations to execute operations, comprising:
- implementing a container function as an execution base of a plurality of business applications;
  
  providing an inspection log function acquiring logs of input to and output from the container function; and
  
  implementing an input/output supervising function executing a process in accordance with a comparison resulting from comparing an input and output operation sequence of the container function with the irregular operation sequence stored in the rule file with reference to the logs of input and output stored in the inspection log function.
- View Dependent Claims (5, 9, 10)
- - 5. The illegal access preventing program according to claim 4, wherein the input/output supervising function controls the container function to execute a predetermined operation when the comparison indicates an irregular sequence.
  - 9. The illegal access preventing program according to claim 4, wherein the inspection log function records information indicative of a log recording time, an event conducted, and an identifier of the logs of the input to and output from the container function.
  - 10. The illegal access preventing program according to claim 4, wherein the input/output supervising function sequentially integrates the logs of the input and output of the container function for the comparison.

12. An apparatus for preventing an illegal access having an operation describing file storing an operation sequence corresponding to normal operations of a plurality of business applications to execute operations, comprising:
- a container unit provided as an execution base of the plurality of business applications;
  
  an inspection log unit provided to the container unit to acquire operation logs of the business applications; and
  
  an application supervising unit executing a process in accordance with a comparison resulting from comparing an operation sequence of the business applications in the container function with the operation sequence during the normal operations stored in the operation describing file with reference to the operation logs recorded in the inspection log function.

13. A method of controlling access to an application server having a plurality of business applications, comprising:
- storing operation sequences of normal operations of the business applications; and
  
  enabling an access to the application server upon determining that an operation log of at least one of the business applications matches one of the stored operation sequences.
- View Dependent Claims (14, 15)
- - 14. The method of controlling access according to claim 13, wherein the application server exchanges information using a hyper text transfer protocol and/or a hyper text transfer protocol security.
  - 15. The method of controlling access according to claim 13, further comprising:
    - executing a predetermined operation when the operation log of the at least one of the business applications does not match the stored operation sequences.

16. A method of authorizing an access to an application server storing business applications and connected with a network, comprising:
- determining whether an input field of an HTTP request corresponds to predetermined data in a rule file; and
  
  authorizing an access to the application server when the input field of the HTTP request matches the predetermined data in the rule file.
- View Dependent Claims (17)
- - 17. The method of authorizing an access according to 16, wherein a notification is transmitted to an administrator of the application server when the input field of the HTTP request does not match with the predetermined data in the rule file.

18. A system for detecting an unauthorized access to an application server having multiple business applications, comprising:
- a storage unit storing an operation describing file having respective operation sequences of normal operations of the multiple business applications; and
  
  an application supervising unit determining whether an operation sequence in an operation log of any one of the business applications matches a respective operation sequence in the operation describing file to detect the unauthorized access.
- View Dependent Claims (19)
- - 19. The system for detecting an unauthorized access according to claim 18, wherein the application server includes an HTTP server that monitors information exchanged via the application server.

20. An apparatus for detecting an unauthorized access to an application server having multiple business applications, comprising:
- means for storing an operation describing file having respective operation sequences of normal operations of the multiple business applications; and
  
  means for determining whether an operation sequence in an operation log of any one of the business applications matches a respective operation sequence in the operation describing file to detect the unauthorized access.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Kurita, Takayoshi, Higashikado, Yoshiki

Application Number

US11/146,152
Publication Number

US 20060064598A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

H04L 63/0263 Rule management

Illegal access preventing program, apparatus, and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Illegal access preventing program, apparatus, and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links