Method and arrangement for monitoring computer manipulations

US 5,475,625 A
Filed: 11/17/1994
Issued: 12/12/1995
Est. Priority Date: 01/16/1991
Status: Expired due to Term

First Claim

Patent Images

1. A method of monitoring manipulations on user computers which are connected via a network comprising the steps of:

making a plurality of inquires at different respective time intervals, during operation of the user computers, and comparing attributes of databases of the user computers with protectedly stored reference values of the attributes and, in the event of non-correspondence, triggering an alarm; and

carrying out the plurality of inquires, the comparison and the alarm triggering by a monitoring device, which is physically not accessible to intruders and which is isolated from the network to the extent that an intruder on the network cannot access the monitoring device from a user computer, the monitoring device being connected to the user computers, the databases of the user computer being not interrogatable other than by the monitoring device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and arrangement for monitoring manipulations on computers (3) which are connected via a network (2), in the method attributes being inquired automatically from databases of the computers (3) and compared with protectedly stored reference values of the attributes, and an alarm being triggered in the event of non-correspondence. The inquiry, the comparison and the alarm triggering are carried out by a monitoring device (1) which is physically not accessible to intruders, is connected to the computers (3) and the databases of which, containing the reference values, cannot be interrogated.

216 Citations

18 Claims

1. A method of monitoring manipulations on user computers which are connected via a network comprising the steps of:
- making a plurality of inquires at different respective time intervals, during operation of the user computers, and comparing attributes of databases of the user computers with protectedly stored reference values of the attributes and, in the event of non-correspondence, triggering an alarm; and
  
  carrying out the plurality of inquires, the comparison and the alarm triggering by a monitoring device, which is physically not accessible to intruders and which is isolated from the network to the extent that an intruder on the network cannot access the monitoring device from a user computer, the monitoring device being connected to the user computers, the databases of the user computer being not interrogatable other than by the monitoring device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method as claimed in claim 1, wherein the monitoring device inquires database attributes of the databases of a plurality of user computers in a time-interleaved manner, wherein at least two different inquiries are made before responses thereto are received, and compares the database attributes with the protectedly stored reference values.
  - 3. The method as claimed in claim 1, wherein the monitoring device carries out the inquiring of the database attributes of the databases of the user computers at regular time intervals.
  - 4. The method as claimed in claim 3, wherein each of the user computers has stored only a loading program, which can load a service program, and wherein the service program is stored in the monitoring device, which is a monitoring computer and wherein the method further comprises the step of sending the service program, before the inquiry of the database attributes, via the network to the loading program in a respective user computer.
  - 5. The method as claimed in claim 4, wherein the method further comprises the steps of subjecting the service program in the monitoring computer to a customary or cryptographic checksum before sending to the respective user computer, and extracting by means of the loading program the checksum and sending the checksum back to the monitoring computer for checking.
  - 6. The method as claimed in claim 1, wherein the monitoring device is a monitoring computer, which has at least one testing program and at least one file for storing names of databases to be checked and of protectedly stored reference values of the attributes of respective databases, wherein each of the user computers has at least one service program, which calculates attributes of databases of a respective computer and outputs the calculated attributes via the network, wherein inquiring of an attribute is performed by the at least one testing program issuing a job to a corresponding service program and comparing the calculated attribute arriving via the network with a stored reference value of the attribute, and wherein databases of the monitoring computer, which has no service program, cannot be interrogated by the user computers.
  - 7. The method as claimed in claim 6, wherein the method further comprises the step of encoding communication between the testing program and the at least one service.
  - 8. The method as claimed in claim 7, wherein the communication is encoded with changing codes produced according to a Diffie-Hellmann method.
  - 9. The method as claimed in claim 6, wherein the method further comprises the step of running, before the inquiring of database attributes of the databases, an authentication method, which ensures that the inquired attributes originate from the at least one service program.
  - 10. The method as claimed in claim 1, wherein the method further comprises the step of issuing, upon triggering an alarm, a message to a system administrator.
  - 11. The method as claimed in claim 1, wherein the monitoring device is a monitoring computer.
  - 12. The method as claimed in claim 1, wherein the step of inquiring takes place via the network.
  - 13. The method as claimed in claim 1, wherein the method further comprises a step of separating, upon triggering an alarm, a user computer associated with the alarm from the network.

14. An arrangement for monitoring manipulations on user computers which are connected via a network, comprising:
- an interrogation means for automatic interrogation of the databases of the user computers at different respective time intervals, during operation of the user computers, a means for comparing attributes of the databases of the user computers to rated values stored in protected fashion, and an alarm triggering means that triggers an alarm given non-coincidence of the attributes of the databases and the rated values, said alarm triggering means being responsive to said means for comparing that utilizes the attributes of the databases that are determined by the interrogation means;
  
  a central monitoring device, which is physically not accessible to intruders and which is isolated from the network to the extent that an intruder on the network cannot access the monitoring device from a user computer, connected to the user computers, means for providing that the monitoring device can access the user computers without the user computers being able to access the monitoring device, the monitoring device connected to the user computers via the network and containing the interrogation means, the means for comparing and the alarm triggering means.
- View Dependent Claims (15)
- - 15. The arrangement as claimed in claim 14, wherein the monitoring device is a monitoring computer.

16. A method of monitoring manipulations on a plurality of user computers which are connected via a network in a client-server architecture, comprising the steps of:
- providing a monitoring device having a plurality of reference values stored therein and being configured such that no service programs in the client-server architecture are active or are activatable on the monitoring device;
  
  connecting the monitoring device to a respective user computer of said plurality of user computers such that the monitoring device initiates communication at different points in time with said respective user computer, and receives only answers from said respective user computer, a connection being established between the monitoring device and the respective user computer such that an intruder on the network cannot access the monitoring device from the respective user computer;
  
  sending a request from the monitoring device to the respective user computer, the respective user computer calculating an attribute of a database stored therein and sending said attribute to the monitoring device;
  
  comparing, in the monitoring device, the calculated attribute to at least one of the reference values in the monitoring device;
  
  and, in the event of non-correspondence between the calculated attribute and the at least one of the reference values, triggering an alarm.
- View Dependent Claims (17, 18)
- - 17. The method as claimed in claim 16, wherein the monitoring device initiates execution of a process in the respective user computer, wherein the respective user computer cannot initiate execution of a process in the monitoring device, wherein an attribute received by the monitoring device from the respective user computer is only compared with said reference values, and wherein said method further comprises preventing the reference values stored in the monitoring device from being changed by any messages received from the respective user computer.
  - 18. The method as claimed in claim 17, wherein the monitoring device sends requests to the user computers at random points in time relative to the user computers of the plurality of user computers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wincor Nixdorf International GmbH (Diebold Nixdorf, Incorporated)
Original Assignee
Siemens Nixdorf Informationssysteme AG (Siemens AG)
Inventors
Glaschick, Rainer
Primary Examiner(s)
Voeltz, Emanuel T.
Assistant Examiner(s)
WACHSMAN, HAL D

Application Number

US08/340,808
Time in Patent Office

390 Days
Field of Search

364/550, 364/579, 364/580, 364/514, 371/19, 395/325, 395/575, 380/3, 380/4, 380/20, 380/49, 380/50, 380/23, 380/24, 380/25, 380/30, 340/825.29, 340/3, 340/31
US Class Current

709/224
CPC Class Codes

G06F 11/327   Alarm or error message display

G06F 21/565   by checking file integrity

H04L 43/00   Arrangements for monitoring...

H04L 63/1408   by monitoring network traff...

Method and arrangement for monitoring computer manipulations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

216 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Method and arrangement for monitoring computer manipulations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

216 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others