The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Oct. 29, 2013
Filed:
Nov. 18, 2010
Valerio Graziani, Roma, IT;
Attilio Mattiocco, Cassino, IT;
Gaetano Ruggiero, Salerno, IT;
International Business Machines Corporation, Armonk, NY (US);
Abstract
A method and system for managing integrity of system log file data. The system comprises a first component which, using a hook in a kernel of an operating system, allows interception of a write operation by a file system on at least one log file; then the first component detects a change in the security context in which the record is written in the log file. At each change detected, the first component adds information in the log file including the context information. The system further comprises a second component which reads the log file and, using the information added by the first component, detects if the change of context is due to a malicious writing operation in the log file for instance done by an unauthorized user or process.