System and method for using policies to support session recording for user account management in a computing environment
First Claim
1. A method for supporting privileged account management in a computing environment comprising a privileged account manager server and a target system wherein a plurality of users share access to a privileged account on the target system, the method comprising:
- providing a privileged account manager operating on the privileged account manager server;
providing a recording agent operating on the target system;
configuring one or more recording policies, using the privileged account manager, wherein said one or more recording policies operates to define detailed information on how user activities on the target system should be recorded;
wherein configuring said one or more recording policies is performed using behavior analytics information that indicates when a suspicious command is input based on past user activities;
receiving at the privileged account manager a request to access said privileged account on the target system from a particular user of the plurality of users which share access to a privileged account on the target system;
providing said particular user with one-time access to a privileged account session for said privileged account on the target system in response to said request wherein said one-time access is terminated when said privileged account session is ended;
detecting establishment of said privileged account session for said privileged account on the target system with the recording agent;
providing said one or more recording policies from the privileged account manager to the recording agent on the target system in response to detecting establishment of said privileged account session;
capturing with the recording agent a plurality of user session screens associated with said privileged account session to create a visual session record of activities of the particular user during the privileged account session on the target system in accordance with said one or more recording policies; and
transmitting the visual session record from the recording agent to the privileged account manager.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method can support user account management in a computing environment. A user account manager can configure one or more recording policies, wherein said one or more recording policies operates to define detailed information on how user activities on a target system should be recorded. Furthermore, the user account manager can provide said one or more recording policies to one or more visual session recording processes associated with the target system. Then, the user account manager can use said one or more visual session recording processes to record activities in a user session on the target system based on said one or more recording policies.
38 Citations
26 Claims
-
1. A method for supporting privileged account management in a computing environment comprising a privileged account manager server and a target system wherein a plurality of users share access to a privileged account on the target system, the method comprising:
-
providing a privileged account manager operating on the privileged account manager server; providing a recording agent operating on the target system; configuring one or more recording policies, using the privileged account manager, wherein said one or more recording policies operates to define detailed information on how user activities on the target system should be recorded; wherein configuring said one or more recording policies is performed using behavior analytics information that indicates when a suspicious command is input based on past user activities; receiving at the privileged account manager a request to access said privileged account on the target system from a particular user of the plurality of users which share access to a privileged account on the target system; providing said particular user with one-time access to a privileged account session for said privileged account on the target system in response to said request wherein said one-time access is terminated when said privileged account session is ended; detecting establishment of said privileged account session for said privileged account on the target system with the recording agent; providing said one or more recording policies from the privileged account manager to the recording agent on the target system in response to detecting establishment of said privileged account session; capturing with the recording agent a plurality of user session screens associated with said privileged account session to create a visual session record of activities of the particular user during the privileged account session on the target system in accordance with said one or more recording policies; and transmitting the visual session record from the recording agent to the privileged account manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for supporting privileged account management in a computing environment, the system comprising:
-
a privileged account manager server comprising one or more microprocessors; a target system comprising one or more microprocessors; a privileged account on the target system wherein the privileged account is shared by a plurality of users; a recording agent associated with the target system; a privileged account manager, running on said privileged account manager server, wherein said privileged account manager is configured to configure one or more recording policies, wherein said one or more recording policies define detailed information on how user activities on the target system should be recorded, and wherein said one or more policies are configured using behavior analytics information that indicates when a suspicious command is input based on past user activities, receive a request to access said privileged account on the target system from a particular user of the plurality of users which share access to a privileged account on the target system, provide said particular user with one-time access to a privileged account session for said privileged account on the target system in response to said request wherein said one-time access is terminated when said privileged account session is ended, and provide said one or more recording policies to said recording agent associated with the target system; and wherein said recording agent is configured to detect establishment of said privileged account session for said privileged account on the target system, receive said one or more recording policies from the privileged account manager in response to detecting establishment of said privileged account session, capture a plurality of user session screens associated with said privileged account session to create a visual session record of activities of the particular user during the privileged account session on the target system in accordance with said one or more recording policies, and transmit the visual session record from the recording agent to the privileged account manager. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A non-transitory machine readable storage medium having instructions stored thereon for supporting privileged account management in a computing environment comprising a privileged account manager server and a target system wherein a plurality of users share access to a privileged account on the target system, which instructions, when executed cause the computing environment to perform steps comprising:
-
providing a privileged account manager operating on the privileged account manager server; providing a recording agent operating on the target system; configuring one or more recording policies, using the privileged account manager, wherein said one or more recording policies operates to define detailed information on how user activities on the target system should be recorded; wherein configuring said one or more recording policies is performed using behavior analytics information that indicates when a suspicious command is input based on past user activities; receiving at the privileged account manager a request to access said privileged account on the target system from a particular user of the plurality of users which share access to a privileged account on the target system; providing said particular user with one-time access to a privileged account session for said privileged account on the target system in response to said request wherein said one-time access is terminated when said privileged account session is ended; detecting establishment of said privileged account session for said privileged account on the target system with the recording agent; providing said one or more recording policies from the privileged account manager to the recording agent on the target system in response to detecting establishment of said privileged account session; capturing with the recording agent a plurality of user session screens associated with said privileged account session to create a visual session record of activities of the particular user during the privileged account session on the target system in accordance with said one or more recording policies; and transmitting the visual session record from the recording agent to the privileged account manager.
-
-
25. A method for supporting privileged account management in a computing environment comprising a privileged account manager server and a target system wherein a plurality of users share access to a privileged account on the target system, the method comprising:
-
providing a privileged account manager operating on the privileged account manager server; providing a recording agent associated with the target system; configuring one or more recording policies, using the privileged account manager, wherein said one or more recording policies operates to define detailed information on how user activities on the target system should be recorded; wherein configuring said one or more recording policies is performed using behavior analytics information that indicates when a suspicious command is input based on past user activities; receiving at the privileged account manager a request to access said privileged account on the target system from a particular user of the plurality of users which share access to a privileged account on the target system; providing said particular user with one-time access to a privileged account session for said privileged account on the target system in response to said request wherein said one-time access is terminated when said privileged account session is ended; detecting establishment of said privileged account session for said privileged account on the target system with the recording agent; providing said one or more recording policies from the privileged account manager to the recording agent on the target system in response to detecting establishment of said privileged account session; capturing with the recording agent a plurality of user session screens associated with said privileged account session to create a visual session record of activities of the particular user during the privileged account session on the target system in accordance with said one or more recording policies; encoding the plurality of recorded user session screens into a video associated with a searchable metadata; and storing the video in a database associated with the privileged account manager server. - View Dependent Claims (26)
-
Specification