RECORDING REMOTE ACCESS ACTIONS IN VIDEO FILES

US 20190319984A1
Filed: 04/16/2018
Published: 10/17/2019
Est. Priority Date: 04/16/2018
Status: Active Grant

First Claim

Patent Images

1. A method of remote access action recording in a video file of a remote session, comprising:

during said remote session directing said remote access actions of a user including a first action to be applied to a destination device located within at least one industrial control system (ICS) through a terminal server including a memory and a remote access recording component (RARC) and a security center that is coupled by a communication server through a network connection to said ICS, wherein said terminal server is coupled to a streaming server having a recorded session repository database, and wherein said terminal server limits said user to only specifically allowed said remote access actions and directing said first action if said specifically allowed that enables said user selecting said destination device from a menu that then provides a connection to said destination device for said first action to be begun;

said RARC during each sampling interval of said remote session;

recording streams of video of display window content as well as text representing said first action;

combining said text and said display window content to generate a single combined video comprising output file, andstoring said combined video comprising output file in said recorded session repository database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of remote access action includes directing user actions including a first action to a destination device in an industrial control system (ICS) through a terminal server including a memory, a remote access recording component (RARC), and a security center coupled by a communication server through a network connection to the ICS. The terminal server is coupled to a streaming server having a recorded session repository database. The terminal server limits the user to specifically allowed actions and directs actions if allowed enabling user selecting the destination device from a menu that then provides a connection for the first action to be begun. The RARC during the remote session records streams of video of display window content and text representing the first action, combines the text and display window content to generate a combined video output file and stores the file in the session repository database.

1 Citation

18 Claims

1. A method of remote access action recording in a video file of a remote session, comprising:
- during said remote session directing said remote access actions of a user including a first action to be applied to a destination device located within at least one industrial control system (ICS) through a terminal server including a memory and a remote access recording component (RARC) and a security center that is coupled by a communication server through a network connection to said ICS, wherein said terminal server is coupled to a streaming server having a recorded session repository database, and wherein said terminal server limits said user to only specifically allowed said remote access actions and directing said first action if said specifically allowed that enables said user selecting said destination device from a menu that then provides a connection to said destination device for said first action to be begun;
  
  said RARC during each sampling interval of said remote session;
  
  recording streams of video of display window content as well as text representing said first action;
  
  combining said text and said display window content to generate a single combined video comprising output file, andstoring said combined video comprising output file in said recorded session repository database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein said remote access actions comprise keystrokes by said user entered on a workstation computer coupled to said terminal server.
  - 3. The method of claim 1, wherein said remote access actions comprise voice commands.
  - 4. The method of claim 1, wherein said network connection comprises an Internet connection, a virtual private network (VPN), or wide area network (WAN).
  - 5. The method of claim 1, wherein said network connection comprises said Internet connection.
  - 6. The method of claim 1, wherein said user comprises a contractor or engineer allowed by a manager of said ICS to perform work at said ICS.
  - 7. The method of claim 1, wherein said destination device comprises a process controller, field device, or processing equipment, and wherein said first action comprises changing a setting of said process controller, field device, or changing a threshold value or a login permission.
  - 8. The method of claim 1, wherein said RARC comprises firmware in said memory 130a.
  - 9. The method of claim 1, wherein said text of said remote access actions are added as a caption in said display window content.
  - 10. The method of claim 1, further comprising an auditor connected to said security center auditing said remote session comprising streaming said combined video comprising output files to identify malicious activity.
  - 11. The method of claim 1, wherein said terminal server performs said limiting said user to only specifically allowed said remote access actions and directing said first action by accessing a website hosting said security center through which said user opens a browser to said Security Center to select said destination device.

12. A security management system for at least one industrial control system (ICS), comprising:
- a terminal server including a memory and a remote access recording component (RARC) coupled to a security center that is coupled by a communication server through a network connection to said ICS, wherein said terminal server is coupled to a streaming server having a recorded session repository database and wherein said terminal server is for limiting a user to only specifically allowed remote access actions and directing a first action if said specifically allowed that enables said user selecting a destination device in said ICS during a remote session from a menu that then provides a connection to said destination device for said first action to be begun;
  
  said RARC during each sampling interval of said remote session;
  
  recording streams of video of display window content as well as text representing said first action;
  
  combining said text and said display window content to generate a single combined video comprising output file, andstoring said combined video comprising output file in said recorded session repository database.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The system of claim 12, wherein said remote access actions comprise keystrokes by said user entered on a workstation computer coupled to said terminal server.
  - 14. The system of claim 12, wherein said wherein said network connection comprises an Internet connection, a virtual private network (VPN), or wide area network (WAN).
  - 15. The system of claim 14, wherein said network connection comprises said Internet connection.
  - 16. The system of claim 12, wherein said destination device comprises a process controller, field device, or processing equipment, and wherein said first action comprises changing a setting of said process controller, field device, or changing a threshold value or a login permission.
  - 17. The system of claim 12, wherein said RARC comprises firmware in said memory.
  - 18. The system of claim 12, wherein said text of said remote access actions are added as a caption in said display window content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Abramson, Eli

Granted Patent

US 10,567,436 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/02   for separating internal fro...

H04L 63/0272   Virtual private networks

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/20   for managing network securi...

H04L 67/12   specially adapted for propr...

H04N 5/76   Television signal recording

H04N 5/765   Interface circuits between ...

RECORDING REMOTE ACCESS ACTIONS IN VIDEO FILES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

1 Citation

18 Claims

Specification

Solutions

Use Cases

Quick Links

RECORDING REMOTE ACCESS ACTIONS IN VIDEO FILES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

1 Citation

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links