System and method for maintaining server data integrity
First Claim
1. A system comprising:
- a repository interface operative to make a copy of an original object and to store the object copy in a safe object storage, wherein the original object resides on a first server and the safe object storage resides a second server remote from the first server;
a monitor agent interface operative to monitor the original object to detect a change in real time and send a notification to the repository interface when the change is detected; and
wherein said repository interface is further operative to receive the notification from the monitor agent interface, determine that the change to the original object was unauthorized, and restore the original object on the first server using the object copy from the safe object storage in response to the change;
wherein the repository interface is further operative to retain a copy of the changed object that can be reviewed after the object copy is restored from the safe object storage.
1 Assignment
0 Petitions
Accused Products
Abstract
The System Integrity Guardian can protect any type of object and repairs and restores the system back to its original state of integrity. The Client component is the user interface for administering the System Integrity Guardian environment. An administrator can determine which servers to protect, which objects to protect, and what actions will be taken when an event that breaches integrity occurs. The Monitor Agent component is the watchdog of the System Integrity Guardian that captures and addresses any event that occurs on any object being protected. The Server component includes the server and the Protected Object Central Repository. The authoritative copies are maintained, digital signatures are created and stored, objects are validated, and communication between the three units is performed.
19 Citations
34 Claims
-
1. A system comprising:
-
a repository interface operative to make a copy of an original object and to store the object copy in a safe object storage, wherein the original object resides on a first server and the safe object storage resides a second server remote from the first server; a monitor agent interface operative to monitor the original object to detect a change in real time and send a notification to the repository interface when the change is detected; and wherein said repository interface is further operative to receive the notification from the monitor agent interface, determine that the change to the original object was unauthorized, and restore the original object on the first server using the object copy from the safe object storage in response to the change; wherein the repository interface is further operative to retain a copy of the changed object that can be reviewed after the object copy is restored from the safe object storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
receiving a selection of at least one object to be protected; generating a baseline copy of the object and storing the baseline copy in a safe object storage, wherein the at least one object resides on a first server and the safe object storage resides a second server remote from the first server; monitoring the object in real time; detecting an unauthorized modification to the object in real time; in response to detecting the unauthorized modification, retrieving the baseline copy of the object from the safe object storage; and replacing the modified object on the first server with the baseline copy of the object. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method comprising:
-
storing remotely in a safe object storage a copy of a plurality of objects from at least one directory to be protected, wherein the directory resides on a first server and the safe object storage resides a second server remote from the first server; detecting a modification to the directory in real time; determining, in real time, if the modification was made to one of the objects from the directory and for which a copy is stored in the safe object storage, and if so, restoring the modified object on the first server using the copy of the corresponding object from the safe object storage; and determining, in real time, if the modification included adding a new file to the directory that is not stored in the safe object storage, and if so, deleting the added file from the directory. - View Dependent Claims (31, 32, 33, 34)
-
Specification