[go: up one dir, main page]

AU2008203807A1 - Method for securely auditing and managing computers - Google Patents

Method for securely auditing and managing computers Download PDF

Info

Publication number
AU2008203807A1
AU2008203807A1 AU2008203807A AU2008203807A AU2008203807A1 AU 2008203807 A1 AU2008203807 A1 AU 2008203807A1 AU 2008203807 A AU2008203807 A AU 2008203807A AU 2008203807 A AU2008203807 A AU 2008203807A AU 2008203807 A1 AU2008203807 A1 AU 2008203807A1
Authority
AU
Australia
Prior art keywords
computer
flash drive
identifier
email
64bit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
AU2008203807A
Other versions
AU2008203807B2 (en
Inventor
Joe Petralia
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DATA MASTER Pty Ltd
Original Assignee
DATA MASTER Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2007904861A external-priority patent/AU2007904861A0/en
Application filed by DATA MASTER Pty Ltd filed Critical DATA MASTER Pty Ltd
Priority to AU2008203807A priority Critical patent/AU2008203807B2/en
Publication of AU2008203807A1 publication Critical patent/AU2008203807A1/en
Application granted granted Critical
Publication of AU2008203807B2 publication Critical patent/AU2008203807B2/en
Ceased legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Description

00
DESCRIPTION
FIELD OF THE INVENTION 00 t', 00 5 This invention establishes a method for securely auditing and managing a network of local and remote computers using a flash drive manufacturer's permanent 64bit identifier. Cryptography applied to the flash drive's 64bit identifier is used to protect data on the flash drive, on a managed computer and data transmitted across the internet. Auditing is maintained by each computer periodically transmitting its IP address to the user via an email service.
Management is maintained by using the IP address to communicate instructions to each computer via an FTP service.
The permanent manufacturer issued 64bit identifier on each flash drive provides a highly secure key that effectively replaces a task generally performed by a purpose built, proprietary security identifier i.e. controlling who has access to computers under management. Proprietary identifiers commonly only offer a 32bit key, so our 64bit alternative improves on the security afforded whilst also removing the considerable expense in deploying these identifiers and their associated readers for a controlled access application. This invention seeks to replace the function usually provided by a proprietary identifier and its associated reader with an alternative that is both inexpensive and readily available on most computer systems.
The method does not need to employ any internet based server and protects the privacy of the user as no personal or transactional data are recorded 00 Dby a third party. Deployment of a user email account to maintain the audit allows each user to completely control their data.
Management includes the ability to launch bespoke programs, download
O
OO 5 software updates, send and receive messages or any other maintenance tasks. It Salso allows broadcasting a message to any or all audited computers. Management OO may also be used to initiate contact with an audited computer that cannot be Scontacted by any other means, or even to gain access to a lost audited computer that may have been discovered by a third party. Downloadable instructions may be prepared at any time, even after a managed computer is no longer physically accessible and located anywhere in the world.
This invention is of particular use to security organizations using this method to secretly manage computers belonging to multiple organizations and who further need to send or install updates or send messages without prior knowledge of the whereabouts of the computer or the agent to whom it is has been assigned.
00 (3O1 BACKGROUND OF THE INVENTION 00oo 5 This application claims benefit of Australian provisional application No.
rn S2007904861,filed Sept 9, 2007, incorporated herein by reference.
(.i 00 (.i The invention relates to a system and method for securely auditing and managing a network of local and remote computers using a manufacturer's 64bit identifier imbedded permanently in a flash drive. Cryptography applied to the flash drive's 64bit identifier is used to protect data on the flash drive, on a managed computer and data transmitted across the internet. Auditing is maintained by each computer periodically transmitting its IP address to the user via an email service.
Management is maintained by using the IP address to communicate instructions to the computer via an FTP service.
Though there are a number of systems available to discover a computer's location in the event of loss, there were no prior art examples discovered of systems that specifically provided a continuous audit trail as may be useful to a federal investigation bureau, private security organizations or IT maintenance staff in charge of a global network of computers.
Searches have revealed a number of inventions that endeavour to locate computer equipment in the event of loss, and others that attempt to locate flash drives in the event of loss. These inventions do not presently provide a continuous audit to profile the activities of, or provide remote management for a global network of computers. In these discovered inventions, none appear to use the 64bit 00 Didentifier imbedded in the flash drive to provide security so that management can only be initiated from a single unique location i.e. by the holder of the flash drive with the 64bit unique key.
Patents examined consisted of both server based and email based
O
00 solutions.
00 U.S. Pat. No. 6,269,392, No. 6,925,562 and No. 6,950,946 are examples Sof server based solutions. A server based solution is one where a central internet based server exists which centrally manages the details of all the computers being serviced. These solutions are designed to track lost computers and continuous auditing is restricted to a loss event. Continuous auditing is generally not offered as a service option, as such would increase the cost of server bandwidth to a level where providing the service may become uneconomical. The rising cost of internet based infrastructure and widespread scalability limitations has resulted in the recent failure of many large internet based services; the only provider to date with a blemish free record appears to be Google. Our invention circumvents the dependence on a server by offering a distributed email processing model which in turn leverages upon Google's highly dependable mail service infrastructure.
Even if these server based solutions were able to be scaled up to provide full auditing, use of this solution would create a privacy issue for federal investigation bureaus, as the use of a central server would mean that a third party would be privy to, what may be a sensitive auditing or management task.
Furthermore the passing of management requests via third party internet server would necessarily add response delays common when a task is delegated to a third party, especially where that party may be an international overseas company operating in a different time zone. The ability to respond to a global event immediately is usually critical for security endeavours, and immediacy is assured by the method promoted in our invention.
00 i Additionally, clients of these services must pay expensive monthly or yearly fees to assist in maintaining the global infrastructure. Our invention avoids this cost and provides an equivalent service at a fraction of the cost.
Lack of privacy, delays in actioning bespoke requests and high service costs 00 are the main reasons why federal investigation bureaus and security organizations appear to be reluctant to subscribe to these services, as suggested by the 00 frequency of recent newspaper articles citing examples of unrecoverable,
C
C unaudited and misplaced military and government computers.
Email based solutions have different limitations to the server based model, which our invention effectively addresses. Patents using an email model appear to be less common than those using the server model.
Email based U.S. Pat. No. 20030145090 appears initially not to depend on a monitoring system (or server). This patent has restricted application as an auditing tool, because its basis for triggering audit recording is the noting of an IP address outside a fixed list of known addresses. This means that an alarm is raised whenever the computer is used at an unregistered IP address. Such logic is useful where one is monitoring computers that all reside at known locations, but not at all suitable for monitoring mobile computers. Such a system could not be adapted for continuous auditing as its application logic depends on the online "control centre" that manages the valid set of permitted IP's for each computer. Use of the online "control centre" also reveals the existence of a central server, so that the solution inherits privacy issues incumbent in the server based models.
US. Pat No. 20070271348 is an invention used primarily to track lost flash drives and not for auditing or managing networks of computers. Although appearing not to use an internet based server, this invention does deploy, as a backup, a number of private email relay servers to re-transmit emails, if early 00 Sattempts fail. Consequently this solution inherits the privacy issues incumbent in server based models. Furthermore, the patent relies upon the attached computers operating system's ability to respond to an auto-start using "autorun.inf to initiate its emailing process. Unfortunately for the inventor, current incidences of computer viruses using this loophole for infecting computers, has seen the auto- 00 start option either locked or securely vetted by most systems today. Our invention circumvents this limitation by using an internal operating system service to trigger 00 its processes. Our invention also obtains permanent firewall access permissions via the user as part of the installation process. This option is not available to the patent protecting a flash drive memory device using "autorun.inf' as it is likely to be introduced to a great number of computers with varying firewall settings.
Furthermore, patent No. 20070271348 claims that "said email address is an email address that is designated by said electronic device owner" which creates an email send anomaly when the computer is relocated from the user's primary network provider as may occur if the computer is moved to a motel. An email sent from an account subscribing of one internet service provider is generally blocked if an attempt is made to send the same via another internet provider. Even though patent No. 20070271348 seeks to resolve this anomaly by using the multiple email relay servers noted above, our solution provides a marked improvement by sending mail directly via the Google mail service, which can receive mail from virtually any location.
JAPAN Pat No. 2005-215732 is an invention used primarily to track lost devices and not audit or manage computers. Unlike the examples above, this patent's email solution does not appear to use any form of internet based host and consequently maximises user privacy. However the solution lacks our novelty in that it does not use the flash drive's permanent 64bit identifier as a basis for encryption. This patent uses the commonly applied electronic certificate and secret key system which performs PKI (Public Key Infrastructure) method and encryption.
This involves placing a software key on the flash drive, which has the disadvantage 00 (-i of being able to be copied to another flask drive, so that an uncontrolled duplicate key may therefore exist. Our invention protects against this as an internal flash drive 64bit identifier cannot be duplicated. This patent is also not suited to computer maintenance as there is no feature to allow remote maintenance instructions to be performed.
00
O
O
O Other prior art solutions analysed include, U.S. Pat. No. 5,898,391, No.
(-i 00 6,244,758, No. 6,300,863 and No. 6,940,407. These have not been elaborated
O
O upon for, as above, they are not readily adaptable to provide the facilities afforded (-i by our invention, and even if so adapted, do not include within their scope, the highly secure fixed hardware based identifiers essential for maintaining the confidence and trust of federal investigation bureaus, security organizations and IT maintenance staff.
Where prior solutions do provide, or could be adapted to provide auditing, they have the additional task of distributing that audit without subjecting the user to a possible security breach if emails fall into the wrong hands. Our invention prevents such a breach by ensuring only one person has the ability to decrypt the secure data in the email i.e. the holder of the flash drive.
Unlike our solution, email based prior art solutions examined appear to rely on raw email header extraction method to discover IP information. This procedure requires analysis of the source code of each received mail, which generally includes many relay IP addresses, and only one possible correct IP, which incidentally may be correct or may be incorrect, as IP addresses can be cloaked by some networks. Our solution directly accesses the internet and obtains a single verified and properly formatted IP address.
Because the raw extraction method requires complex analysis of the email header, it is not a solution that can be passed on to a user for immediate use. Our 00Z Ssolution creates data that is immediately useful to non-technical staff. Our method provides advancement over existing solutions by using the IP reference site reflection process described herein. IP information is determined, formatted and presented directly to the user via email in a readily auditable form.
00 The procedure used in this method creates a formal highly trusted model from which to conduct secure auditing and management.
(Ni 00 Thus, our method uses known and new technologies in a unique and novel method to overcome the shortcomings in auditing, cost, privacy and speed in existing auditing methods and creates a useful solution for federal investigation bureaus, security organizations and IT maintenance staff managing global networks.
00 9 ;OBJECTS OF THE INVENTION It is an object of the present invention to provide a solution to alleviate one or more of the above disadvantages and provide a user with a useful or 00 5 commercial alternative to existing solutions available to audit and manage a Snetwork of local and remote computers.
00 It is a further object of the present method to provide a highly secure method C to audit and manage these computers.
00 IU BRIEF DESCRIPTION OF THE DRAWINGS 00 M 5 By way of example only, preferred embodiments of the invention will be N described more fully hereinafter with reference to the accompanying figures, wherein: (Ni FIG. 1 is a flow diagram illustrating installation in a computer of the method according to some embodiments of the present invention.
FIG. 2 is a flow diagram illustrating the transfer of data and instructions from each computer, according to some embodiments of the present invention.
FIG. 3 provides examples of identifiers used, according to some embodiments of the present invention.
DETAILED DESCRIPTION OF THE ILLUSTRATIVE EMBODIMENT The present invention relates to a system for auditing and managing computer equipment. The invention can collect specifications concerning major elements within a computer and write them to an encrypted file. Furthermore, the system can inconspicuously send emails including a computer's IP address.
Elements of the invention are illustrated in concise outline form in the drawings, showing only those specific details that are necessary to understanding the embodiments of the present invention, but so as not to clutter the disclosure with excessive detail that will be obvious to those of ordinary skill in the art in light of the present description.
00 1 DIn this patent specification, adjectives such as first and second, left and right, top and bottom, etc., are used solely to define one element or method step from another element or method step without necessarily requiring a specific relative position or sequence that is described by the adjectives. Words such as r- 5 "comprises" or "includes" are not used to define an exclusive set of elements or
O
OO method steps. Rather, such words merely define a minimum set of elements or Smethod steps included in a particular embodiment of the present invention.
00 OOne embodiment of the present invention is described below with reference N to FIGS 1, 2 and 3.
FIG 1 is a flow diagram illustrating installation in a computer of the method according to some embodiments of the present invention. An auditing method 100 uses computer readable medium of a unique memory storage device in the form of a data storage device. The data storage device in this embodiment is a flash drive 120, however any data storage device that includes a permanent unique identifier may be used. The flash drive 120 has an identifier in the form of a manufacturer's permanent 64bit identifier. The manufacturer's 64bit identifier is unique to the drive 120 and cannot be deleted, changed or duplicated on another similar device. The auditing method 100 includes software installed on the drive 120.
The auditing method 100 in this embodiment uses a Microsoft DotNet framework and a "Gmail" web-based email service 219, which framework and service are well known to persons skilled in the art. At block 221, before inserting the flash drive 120 into a computer 110, a user must ensure that a valid "Gmail" account has been set-up. The computer 110 may be a desktop, laptop or any other form factor with a flash drive port. The computer is typically a Personal Computer running a Microsoft Windows Operating System, however almost any computer and almost any operating system may be used. At block 222 if a "Gmail" account has not been established then the user creates one. Similarly if the Microsoft DotNet framework 2.0+ has not been installed on the computer 110, instructions for installation are provided.
00
IL
(31 ~At block 200, the system 100 is configured on the computer 110. At block 201, the user runs a setup program located in a folder on the flash drive 120. The setup program performs an installation process adding necessary files to the computer 110, which files are hidden from the user and any potential unauthorised users.
o00 At block 202, the install process authenticates the flash drive 120 by Schecking that an encrypted data file is able to be read using an algorithm based on 00 the flash drive manufacturer's permanent 64bit identifier. At block 203, if the Sencrypted data and the flash drive manufacturer's permanent 64bit identifier do not match then the installation process is halted. This ensures that the software has not been duplicated onto a different flash drive.
The software is not installed in a traditional manner and cannot be viewed in a conventional list of installed programs on the computer 110, such that the software is effectively not obvious in the operating system. For example, the software is not shown under the add/remove programs listing in the control panel of Microsoft Windows XP.
At block 204, system configuration data in the form of system specifications of the computer 110 are read using the Microsoft DotNet 2.0+ framework Windows Management Instrumentation (WMI). WMI is able to gather the details of installed hardware and installed software of the computer 110. For example, system specifications that may be collected from the computer 110 are:- Computer Name Computer Manufacturer Computer Model Computer Version Computer Serial Number Computer Unique Universal Identification (UUID). A unique 128bit 00 1 Sidentifier Bios Name Bios Serial Number -Bios Release date 00 oO Bios Version Bios Manufacturer oO 00 Operating System Type (Ni Operating System Version Operating System Registered User Operating System Serial Number Operating System Details System Type Physical Memory List of attached Disk Media Windows Folder Name At block 205, fields are provided so that the user may optionally enter general details including his or her name, company name, asset number and other data descriptive of the computer 110. At block 206, the general details and the system specifications are encrypted in the form of encrypted configuration data to a file using the flash drive manufacturer's permanent 64bit identifier 120 and computer manufacturer's permanent 128bit identifier (UUID) 110 and written to a disguised data file in the window's folders. Alternatively, the general details and the system specifications are encrypted to a file using the flash drive manufacturer's permanent 64bit identifier 120 alone, or the general details and the system specifications are encrypted to a file using the computer manufacturer's permanent 128bit identifier (UUID) 110 alone. The encryption algorithm in the form of an 00 14 Sencryption library in this embodiment uses the Advanced Encryption Standard (AES) and is also referred to as Rijndael; however other encryption standards may be used. The general details and system specifications are also written to the flash drive 120 files and folders and contain transactional details for each computer 110, as shown in block 212.
o00 At block 207, the Gmail user name and Gmail password are obtained from Sthe user. At block 208, the "Gmail" user name is encrypted and written to a 0O disguised data file in the windows directory, and the "Gmail" password is encrypted Sand written to another disguised data file in the windows directory.
At block 209, the poling cycle is obtained from the user. This is the length of time between IP address requests from an automated IP service provider in the form of an internet reference site 223, which site returns an IP address of the computer 110. At block 210 the users polling cycle is written to a disguised data file in the windows system folders.
At block 211, the installation process prepares all components needed to install the method onto the computer 110. At block 213 components of the method are installed; installation of a new window's service, IP location software, an application that processes emails, and a facility to pick up instructions from an FTP service. At this point the installation is complete. Live connection to the internet is recommended 214 to allow commencement of auditing. The user is invited to reboot 215 the computer 110. At block 216, the internet is accessed via an initial firewall "grant permanent permission" process 217 and the IP address of the computer 110 obtained from an internet reference website 223, such as those that are commonly known by those having ordinary skill in the art. Also at block 216 the FTP service is accessed so that any prepared maintenance tasks may be automatically performed on the computer 110. At block 218, an email is sent to the user's Google mailbox. During the re-start and each subsequent boot the windows service is activated. The windows service launches applications which read the IP address from the internet reference website 223, picks up and actions any 00 Sauthenticated maintenance instructions 304 from an FTP service 224, and creates and sends an email with an encrypted attachment to the user's Google mail account 220 via the Google mail service 219.
Once the auditing method 100 is setup on the computer 110 the flash drive 120 can be removed.
00 tM' FIG. 2 is a flow diagram illustrating the transfer of data and instructions from cN the auditing method, according to some embodiments of the present invention. At 00 block 300, the software that was installed at block 213, checks if the next cycle c-i should be triggered. When triggered, at block 302 the software checks to see if the computer 110 is connected to the internet. At block 301, if the computer 110 is not connected to the internet the computer 110 cancels any attempt to proceed any further until the next polling event. At block 303, if the computer 110 is connected to the internet, the IP address 510 of the computer 110 is obtained from the internet reference website 223.
At block 304, the software connects to an FTP service 224 to download any instructions. The downloaded instructions from the FTP service 224 may include a popup message, or any other maintenance instruction. At block 305, the downloaded instructions are authenticated by checking that the flash drive manufacturer's permanent 64bit identifier 120 (eg 520) and the computer manufacturer's permanent 128bit identifier (UUID) 110 (eg 530) used to authenticate the FTP download to the computer 110, match the recorded flash drive manufacturer's permanent 64bit identifier and the computer manufacturer's permanent 128bit identifier number of the computer 110 downloading the instructions. At block 306, if the downloaded instructions are authenticated (i.e.
instructions are using the correct 192bit identifier 540 they are applied to the computer 110. At block 307, if the instructions are not authenticated they are neither downloaded nor actioned on the computer 110.
At block 308, an email is prepared. At block 309, the email text is created containing the discovered IP address of the computer 110 and specifications of the 00 computer's 110 current operating environment. At block 310, an encrypted file is attached to the email containing the system specifications collected during the last update or when the auditing method 100 was first set up. At block 311 the email service then activates an email session with the "Gmail" service 219 and sends the email with the encrypted attachment.
0O 0O The email sent in block 311 can be retrieved from any computer with an Sinternet connection. At block 312, the user signs into their "Gmail" account and can oO 0open the email sent in block 311. The IP address and unencrypted system Sspecifications form the body text of the email which may be read on a computer screen. The encrypted attachment may only be opened if the flash drive 120 used to install the software is connected to the computer that is used to read the email.
The installation process can be run on any number of computers 110 and the system specifications relevant to each computer 110 are appended to the file stored on the flash drive. Additionally the data are sent via email to the "Gmail" account entered in the installation process. The encrypted attachment in the email can be viewed on almost any computer as long as the flash drive 120 used for the installation is inserted into a flash drive slot of the computer.
Settings for the auditing method can be changed at any time by executing a file on the flash drive 120. For example, parameters which may be changed include the Polling frequency to the IP address website and the Gmail user name and password. The audit file, computer list 110 and any transactions are added or updated each time the flash drive 120 is used.
FIG. 3 is as example illustrating identifiers used, according to some embodiments of the present invention.
At block 510, is an example of an IP address assigned to a computer connected to the internet (Standard IP v4 Address 4 octets 32 bits).
At block 520, is an example of the permanent identifier found on a typical flash drive (16 hex digits 64 bits) 00 1 b) At block 530, is an example of the permanent identifier found on a typical computer. (32 hex digits 128 bits) At block 540, is an example of the authentication key used to allow an FTP download. Each download is authenticated using the 64bit flash drive identifier concatenated to the computer's 128bit identifier, creating an overall 192bit 0 identifier.
N Advantages of the present invention thus include enabling a secure facility Oto audit and manage computers.
The above description of an embodiment of the present invention is provided for purposes of description to one of ordinary skill in the related art. It is not intended to be exhaustive or to limit the invention to a single disclosed embodiment. As mentioned above, numerous alternatives and variations to the present invention will be apparent to those skilled in the art of the above teaching.
Accordingly, while an embodiment has been discussed specifically, other embodiments will be apparent or relatively easily developed by those of ordinary skill in the art. Accordingly, this patent specification is intended to embrace all alternatives, modifications and variations of the present invention that have been discussed herein, and other embodiments that fall within the spirit and scope of the above described invention.

Claims (10)

1. A method for securely auditing and managing a network of local and remote computers using a flash drive manufacturer's permanent 64bit identifier.' 00 5 Cryptography applied to the flash drive's 64bit identifier is used to protect data on the flash drive, on a managed computer and on data transmitted across the 00 internet. The method comprises the steps of: c A. Using installation software on the flash drive to load a hidden auditing application on each computer. B. The installation software accesses the flash drive's permanent 64bit identifier and uses this identifier to encrypt data files which are subsequently installed on each computer to authenticate future auditing and management requests. C. The installation software scans each computer's operating system for comprehensive specifications and prepares an encrypted file holding this data. Encryption is based on the identifier in 1 B. D. The installation software sets up a disguised windows service on each computer. E. The new service triggers events on each computer such that "on start-up" and periodically thereafter, each computer will perform the sub-steps of reading of the unique permanent identifiers created by the flash drive install software to authenticate the ensuing process. obtaining an internet protocol (IP) address by directly accessing the internet and reading the IP from a nominated IP address provider; noting the time and date when the location was determined; 00 IY S(d) receiving and deploying authenticated maintenance instructions after first logging onto and downloading these from an FTP service. obtaining additional data from the computer in which the method is installed; sending the additional data, the IP address and the encrypted 00 Mq comprehensive specifications prepared in 1C to the user via email. (,i 00 progressive emails received by the user effectively build an audit trial of computers under management. (-i F. The method uses the 64bit identifier in a flash drive to serve as an alternative to a proprietary security identifier and associated reader for enabling secure controlled access to the performance of a management task. G. Emails received may only be read after using de-encryption software located on the flash drive, which accesses and uses the unique 64bit identifier imbedded on that drive. H. The software on each flash drive is individually encoded using the flash drive's unique 64bit identifier, such that it is not possible to deploy the software on another similar flash drive, thus enhancing privacy, thwarting software piracy and formalising distribution and "rights to access" to the facilities contained on the flash drive. I. The flash drive need only be connected to each comp ter once, to install the auditing and management software and record the us r's email address and preferred periodical polling cycle. Once all computer have been installed, the flash drive is only needed to decode the encrypted attachment on emails sent to the users email account. 11 00 (3O1 00 M 00 CA
2. The method of claim 1, wherein said computer has ac( connectable to any network having Internet access.
3. The method of claim 1, wherein said email includes in addresses, hostnames, device identification and an emai 5 confirm the identity of the computer sending the email.
4. The method of claim 1 further includes the step of allowi polling rate to be used by the service. ess to the internet or ormation including IP attachment that will ig the user to set the The method of claim 1, wherein said email attachment is e crypted.
6. The method of claim 1, wherein said device is a comp installed with the said method.
7. The method of claim 1 wherein said method is supported t operating system.
8. The method of claim 1, wherein said method always perf to any person using the computer.
9. The method of claim 1, wherein said email address is ar designated by the method as being suitable for use fron internet. The method recommends a free email service from as Google (which provides an email service named gMail) t receive emails from virtually any location. The user will bi dedicated email account from such a source. The method of claim 1 wherein the IP information formatted and easily recognizable to the user, such that easily forwarded to parties taking part in an investigation.
11. The method of claim 1 wherein the data attachment in decoded by one person, being the holder of the original flasi permanent identifier. iter capable of being y the computer's )rms its tasks invisibly email address that is any location on the a public supplier such acause of its ability to directed to obtain a obtained may be is properly quickly and he email may only be drive with the correct 11
12. The method of claim 1 wherein the flash drive chosen fo an identifier which is greater or less than 64bit as required the task being undertaken. the method may have )y the security level of
AU2008203807A 2007-09-09 2008-08-11 Method for securely auditing and managing computers Ceased AU2008203807B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2008203807A AU2008203807B2 (en) 2007-09-09 2008-08-11 Method for securely auditing and managing computers

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
AU2007904861 2007-09-09
AU2007904861A AU2007904861A0 (en) 2007-09-09 Datamaster KEY
AU2008203807A AU2008203807B2 (en) 2007-09-09 2008-08-11 Method for securely auditing and managing computers

Publications (2)

Publication Number Publication Date
AU2008203807A1 true AU2008203807A1 (en) 2009-03-26
AU2008203807B2 AU2008203807B2 (en) 2011-12-15

Family

ID=40475200

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2008203807A Ceased AU2008203807B2 (en) 2007-09-09 2008-08-11 Method for securely auditing and managing computers

Country Status (1)

Country Link
AU (1) AU2008203807B2 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6269392B1 (en) * 1994-11-15 2001-07-31 Christian Cotichini Method and apparatus to monitor and locate an electronic device using a secured intelligent agent
EP1041483A1 (en) * 1999-03-30 2000-10-04 International Business Machines Corporation Discovering stolen or lost network-attachable computer systems
US6925562B2 (en) * 1999-12-17 2005-08-02 International Business Machines Corporation Scheme for blocking the use of lost or stolen network-connectable computer systems
US20030145090A1 (en) * 2002-01-30 2003-07-31 Ostergaard Bjarne Egon Method for tracing a computer connected to a data network
US20070271348A1 (en) * 2006-05-18 2007-11-22 Sung Yang System and method of fault-tolerant and privacy-safe location tracking via email

Also Published As

Publication number Publication date
AU2008203807B2 (en) 2011-12-15

Similar Documents

Publication Publication Date Title
US9094194B2 (en) Method and system for automating the recovery of a credential store when a user has forgotten their password using a temporary key pair created based on a new password provided by the user
EP3453136B1 (en) Methods and apparatus for device authentication and secure data exchange between a server application and a device
US8204233B2 (en) Administration of data encryption in enterprise computer systems
US20080148046A1 (en) Real-Time Checking of Online Digital Certificates
US20150244684A1 (en) Data security management system
CN105991614B (en) It is a kind of it is open authorization, resource access method and device, server
US9332007B2 (en) Method for secure, entryless login using internet connected device
US10949566B2 (en) Individual data unit and methods and systems for enhancing the security of user data
US20130290717A1 (en) Method and system for providing continued access to authentication and encryption services
US20150121498A1 (en) Remote keychain for mobile devices
CN109510802B (en) Authentication method, device and system
JP2003228519A (en) Method and architecture for providing pervasive security for digital asset
US9686251B2 (en) Devices and techniques for controlling disclosure of sensitive information
JP2022518061A (en) Methods, Computer Program Products, and Equipment for Transferring Ownership of Digital Assets
US20210019451A1 (en) Process and detachable device for using and managing encryption keys
CN113647051A (en) System and method for secure electronic data transfer
CN110807210B (en) Information processing method, platform, system and computer storage medium
KR101858207B1 (en) System for security network
KR102062851B1 (en) Single sign on service authentication method and system using token management demon
JP5678150B2 (en) User terminal, key management system, and program
CN102404363B (en) A kind of access method and device
KR101619928B1 (en) Remote control system of mobile
WO2003034687A1 (en) Method and system for securing computer networks using a dhcp server with firewall technology
JP2003518283A (en) Hardware token self-registration process
AU2008203807B2 (en) Method for securely auditing and managing computers

Legal Events

Date Code Title Description
FGA Letters patent sealed or granted (standard patent)
MK14 Patent ceased section 143(a) (annual fees not paid) or expired