GB2361081A - Apparatus and method for storing log files on a once only recordable medium - Google Patents
Apparatus and method for storing log files on a once only recordable medium Download PDFInfo
- Publication number
- GB2361081A GB2361081A GB0022319A GB0022319A GB2361081A GB 2361081 A GB2361081 A GB 2361081A GB 0022319 A GB0022319 A GB 0022319A GB 0022319 A GB0022319 A GB 0022319A GB 2361081 A GB2361081 A GB 2361081A
- Authority
- GB
- United Kingdom
- Prior art keywords
- log data
- log
- access
- user
- storing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Debugging And Monitoring (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
Abstract
An apparatus 30 for storing log data of an user in a communications network comprises a control means 31, a data transmission means and a once only recording medium 34,35. In use the control means 31 creates log data and transmits it via the data transmission means to the recording means 34,35 . Preferably the control means 31 operates a switching mechanism 33 to select the recording medium according to available capacity. Preferably the recording medium is a CD-R or DVD-R. A method of recording log files is also proposed. A log file is created on a storage device S30 and set as an old log file S45 . Log data pertaining to an accessing user is recorded in the storage device S50 and the resultant file set as a new log file S55. If the content of the two files differs then the data is recorded into an additional log file S130 and written to the recording medium S140, preferably in either real time or at a predetermined interval.
Description
2361081 APPARATUS FOR AND METHOD OF STORING LOG DATA IN COMMUNICATION
NETWORK
BACKGROUND OF THE INVENTION
Field of the Invention
The present invention relates to an apparatus for and a method of storing log data in a communication network, and more particularly to an apparatus for and a method of storing log data in a communication network which are capable of preventing the log data from being modified or deleted by a user having no authority to have access to the server.
Description of the Related Art
Typically, servers, which are always accessible via a data communication network such as the Internet, implement an access restriction made by an operating system as well as a firewall in order to prevent an unauthorized user, having access to the server via the data communication network, from accessing important information internally stored in the server and from accessing computers of other users connected to the server.
In addition, log data is stored in an auxiliary memory device such as a hard disk drive. The log data may include information about respective access paths of all users accessing the server via the data communication network, respective access times of those users (including access starting time, access ending time, and total access time), respective identifications (lDs) of the users, and respective activities of the users made after the access to the server.
Where an unauthorized user such as a hacker has access to the server without any approval after invalidating an access restriction command generated by the 1 operating system and the firewall, the access path of the unauthorized user can be reversely traced and the system, possibly modified or damaged, can be easily restored, based on the log data stored in the auxiliary memory device.
However, there is a problem even in the case in which the server implements an access restriction made by the operating system, a firewall, and storage of log data, as mentioned above. For instance, where an unauthorized user such as a hacker has access to the log data stored in the auxiliary memory device after invalidating the access restriction command generated by the operating system and the firewall, and then optionally modifies or deletes the log data, it is difficult to trace the access path of the unauthorized user and to restore the modified or damaged system.
SUMMARY OF THE INVENTION
Therefore, the present invention has been made in view of the above mentioned problems involved in the related art, and an object of the invention is to provide an apparatus for and a method of storing log data in a communication network which are capable of allowing the writing of log data only once while preventing the rewriting of log data and the deletion of the written log data, thereby preventing the written log data from being modified or deleted by an unauthorized user having access to the log data.
In accordance with one aspect, the present invention provides an apparatus for storing log data of a user having access to a network system via a communication network comprising: control means for creating log data about an access history of the user; data transmission means for transmitting the log data created in the control means; and storage means for receiving the log data via the data transmission means, and storing the received log data in a recording medium allowing data to be only once recorded therein.
In accordance with another aspect, the present invention provides a method for 2 1 storing log data of a user having access to a network system via a communication network, wherein: the log data of the user is stored in a recording medium allowing data to be only once recorded therein.
Preferably, the method comprises the steps of: (a) creating a log file adapted to record log data therein, and storing the created log file in the memory device; (b) setting the log file stored in the memory device, as an old log file; (c) recording log data of an accessing user in the log file stored in the memory device; (d) setting the resultant log file stored in the memory device, as a new log file; and (e) if there is a difference in content between the old and new log files, then recording the log data of the accessing user in an additional log file, storing the additional log file in a recording medium allowing data to be only once recorded therein, and subsequently returning to the step (b).
BRIEF DESCRIPTION OF THE DRAWINGS
Other objects and aspects of the invention will become apparent from the following descriptions of embodiments with reference to the accompanying drawings in which:
Fig. 1 is a schematic view illustrating a communication server access system including an apparatus for storing log data in a communication network in accordance with an embodiment of the present invention; Fig. 2 is a schematic view illustrating a communication server access system including an apparatus for storing log data in.a communication network in accordance with another embodiment of the present invention; Fig. 3 is a block diagram illustrating a server computer included in the system of Fig. 1 or 2; Fig. 4 is a block diagram illustrating a log data storage means according to an embodiment of the present invention; and Fig. 5 is a flow chart illustrating a method for storing log data in a 3 communication network in accordance with the present invention.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
Preferred embodiments of the present invention will now be described in conjunction with the annexed drawings.
Fig. 1 is a schematic view illustrating a communication server access system including an apparatus for storing log data in a communication network in accordance with an embodiment of the present invention. Referring to Fig. 1, the communication server access system includes a server computer 10, a user computer 20 capable of having access to the server computer 10 via a communication network N, and a log data storing means 30 having access to the server computer 10.
Although the log data storing means 30 is illustrated as being of an exterior type installed outside the server computer 10, in Fig. 1, it may be internally installed in the server computer 10, as shown in Fig. 2.
The server computer 10 is always connected to the communication network N to exhibit a web page to users accessing the server computer 10 via the communication network N, to provide diverse contents, or to conduct transmission and reception of mail or data. The server computer 10 also generates log data associated with connection histories of users connected to the server computer 10 via the communication network N, and outputs the generated log data to the log data storing means 30.
As shown in Fig. 3, the server computer 10 includes a main processor 11 for conducting a variety of control computations, a memory 12 serving as a temporal storage space for data required for the main processor 11 to execute the control computations, an auxiliary memory device 13, for example, a hard disk drive, provided with an operating system and diverse applications and adapted to store log files written 4 with log data, a communication network accessing unit 14 adapted to access the communication network N for transmission and reception of data, and a log data storage means accessing unit 15 adapted to transmit log data to the log data storage means 30 under the control of the main processor 11.
In addition to the above-mentioned configuration, the server computer 10 may also include constituting elements such as a display means and a user manipulation command input means. Since these elements are well known in the technical field, no description thereof will be made.
The main processor 11, memory 12, auxiliary memory device 13, communication network accessing unit 14, and log data storage means accessing unit 15 included in the server computer 10 are configured to exchange data with one another via a system bus or data bus 16.
For the log data storage means accessing unit 15, any optional device may be used in so far as it has a function of transmitting log data to the log data storage means 30 under the control of the main processor 11. Where the log data storage means 30 is installed outside the server computer 10, the log data storage means accessing unit 15 may comprise a well-known external data input/output device, such as a parallel port or SCSI adaptor, or a universal serial bus port, used in general computer systems. On the other hand, where the log data storage means 30 is internally installed in the server computer 10, the log data storage means accessing unit 15 may comprise a well-known internal data input/output device, such as an EADE input/output device or an SCSI input/output device, used in general computer systems.
The user computer 20 is typically a personal computer of a netizen who can surf the Web via the communication network N. For the user computer 20, however, a communication terminal of any type may be used in accordance with the present invention in so far as it can have access to the communication network N to which both the server computer 10 and the user computer 20 can have access. For example, a personal digital assistant unit or an Internet accessible television may be used.
The user computer 20 can have access to the communication network N using diverse devices such as modems or channel service units (CSUs) and diverse methods, as well known in the technical field. Accordingly, no further description will be made.
The communication network N may comprise any network in so far as it is accessible by both the server computer 10 and the user computer 20 and allows those server computer 10 and user computer 20 to conduct data communications therebetween. For example, the communication network N may be the Internet.
The log data storage means 30 serves to store, in real-time, log data outputted from the server computer 10 in a recording medium that is configured to write data only once.
The recording medium configured to write data only once may comprise a compact disk-recorder medium (CD-R) or a digital versatile disk-recorder medium (DVIDIR). For the log data storage means 30, any media may be used in so far as they are configured to prevent data re-writing, modification, and deletion once data is stored.
An embodiment of the log data storage means 30 is illustrated in Fig. 4. As shown in Fig. 4, the log data storage means 30 includes a control unit 31, a buffer unit 32, a signal-switching unit 33, and a plurality of medium drives 34 and 35.
The control unit 31 serves to drive the signal-switching unit 33 in order to selectively drive a desired one of the medium drives 34 and 35 in response to log data received from the server computer 10. The control unit 31 also accesses the selected 6 medium drive and stores, in real-time, the received log data in a recording medium which is configured to write data only once.
The buffer unit 32 temporarily stores the log data transmitted from the server computer 10, and subsequently transmits the stored log data to the selected medium drive 34 or 35 via the signal -switching unit 33. The buffer unit 32 is installed to buffer the data transmission rate difference between the server computer 10 and the log data storage means 30.
The signal -switching unit 33 transmits log data, sequentially transmitted from the buffer unit 32, to a selected one of the medium drives 34 and 35 under the control of the control unit 31. Each of the medium drives 34 and 35 records log data, transmitted thereto via the signal -switching unit 33, on a recording medium which is configured to write data only once.
Now, the operation of the log data storing apparatus having the above mentioned configuration according to the present invention would be described in conjunction with Figs. 1 to 5.
When power is applied to the server computer 10, all constituting parts of the server computer 10 including the main processor 11 are initialized. The main processor 11, which is initialized, searches the auxiliary memory device 13 (Step S10), thereby determining whether or not there is a log file containing log data (Step S20).
Where it is determined at step S20 that there is no log file, previously created, in the auxiliary memory device 13, the main processor 11 creates a log file for recording log data in the auxiliary memory device 13 (Step S30). After the creation of the log file, time counting is begun in order to subsequently check an elapsing time T from the creation of the log file (Step S40). Simultaneously, the log file currently stored in the auxiliary memory device 13 is set as an old log file Fo (Step S45). For instance, information about the old log file Fo may be temporarily stored in the 7 memory 12 or stored in a certain directory of the auxiliary memory device 13 titled, for example, "temporary".
Next, the main processor 11 creates respective log data of users accessing the communication network accessing unit 14 via the communication network N, and writes respective log data of those users in the log file Fo, stored in the auxiliary memory device 13 in a sequential fashion (Step S50). The log data may include information about respective access paths of all accessing users, respective access times of those users, and respective activities of the users made after the access.
For reference, examples of log data recorded in the log file of the auxiliary memory device 13 are as follows:
Security Violations Nov 2 13:50:23 nemesis su 'su'failed for crowland on /dev/ttyp6 Nov 2 13:50:35 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM localhost, crowland Nov 2 13:50:43 nemesis login: LOGIN FAILURE ON dev/ttyp5 FROM localhost, adm Nov 2 13:50:46 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM localhost, uucp Nov 2 13:50:48 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM localhost, root Nov 2 13:56:44 nemesis host=b last. ps ion ic.com/ 206.16 1.70.238 Unusual System E-vents netacl [25785]: deny Nov 2 13:50:23 nemesis su 'su'failed for crowland on /dev/ttyp6 Nov 2 13:50:35 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM 8 localhost, crowland Nov 2 13:50:43 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM localhost, adm Nov 2 13:50:46 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM localhost, uucp Nov 2 13:50:48 nemesis login: LOGIN FAILURE ON /dev/ttyp5 FROM localhost, root Nov 2 13:52:34 nemesis sshd[25715]: log: Connectionfrom 206.161.70.238 port 4839 Nov 2 13:52:39 nemesis sshd[25715]: fatal: Connection closed by remote host Nov 2 13:52:40 nemesis sshd[25717]: log: Connection form 206.161.70.238 port 4840 Nov 2 13:52:44 nemesis sshd[25717]: log: password authentication for crowland accept Nov 2 13:52:48 nemesis sshd[25717]: log: closing connection to 206.161.70.238 Nov 2 13:56:44 nemesis host=b last. p s ion ic.com/206.161.70.238 netac1[25785]:
deny Thereafter, the main processor 11 sets the log file currently stored in the auxiliary memory device 13 as a new log file Fri (Step S55). For instance, information about the new log file Fri may be temporarily stored in the memory 12 or stored in a certain directory of the auxiliary memory device 13 titled, for example, "temporary".
The main processor 11 then compares the log data of the old log file Fo set at step S45 with the log data of the new log file Fri set at step S55, thereby determining whether or not there is a difference between the compared log files in terms of log data (Step S60). Where there is no difference between the old log file Fo and the new log file Fn, the time T counted until now is checked (Step S70), and then compared with a 9 predetermined time Ts of, for example, 5 seconds (Step S80).
When it is determined at step S80 that the counted time T is not more than the predetermined time Ts, the control procedure of the main processor 11 proceeds to step S100. On the other hand, when the counted time T is more than the predetermined time Ts, the counted time T is reset (Step S90). After the time reset, the main processor 11 checks whether or not the manager desires to turn off the server computer 10 (Step 100). Where it is determined, as a result of the checking, that the server computer 10 is not selected turn off, the control procedure returns to step S40 for counting the time T.
Where it is determined at step S60 that there is a difference between the old log file Fo and the new log file Fn in terms of log data, the main processor 11 checks the time T counted until now (Step S 110), and then compares the checked time T with the predetermined time Ts (Step S120).
When it is determined at step S 120 that the counted time T is not more than the predetermined time Ts, the control procedure of the main processor 11 proceeds to step S100. On the other hand, when the counted time T is more than the predetermined time Ts, the main processor 11 creates a log file Fm to be stored in a recording medium that allows recording of data therein through the log data storage means 30 only once (Step S130).
Where there is a difference between the old log file and the new log file, a log file containing both the previously recorded log data and the log data varied from the previous log data is newly created which is written over the old log file. The resultant log file is stored in the auxiliary memory device 13. On the other hand, the log file Fm stored in the oncewritable recording medium is recorded with only the varied logdata.
The auxiliary memory device 13 is configured to allow re-recording of data, that is, repetitive data deletion and re-writing. In other words, the auxiliary memory device 13 is configured to write a new log file over the old log file. Accordingly, there is no great increase in the capacity of the auxiliary memory device 13 for recording log data. However, in the case of the once- writable recording medium, if a log file is created every time there is a variation in log data, and all log files created are recorded in the once-writable recording medium, then there is a problem in that the recording capacity of the recording medium should be undesirably increased. In order to solve this problem, the log file Fm stored in the recording medium allowing the writing of data only once is recorded with only the varied log data, as mentioned above.
For instance, where the old log data contains data created during a period of time from a certain point of time to 13:20:00, May 9, 2000 whereas the newly varied log data contains data created during a period of time from 13:20:05, May 9, 2000 to 13:20:50, May 9, 2000, all log data created from the certain point of time to 13:20:50, May 9, 2000 are stored in one log file of the auxiliary memory device 13. In this case, however, only the newly varied log data, which is created every time there is a variation in log data during a period of time from 13:20:05, May 9, 2000 to 13:20:50, May 9, 2000, is stored in the once-writable recording medium.
Therefore, the auxiliary memory device 13 has only one log file whereas the once-writable recording medium has a plurality of log files Fm each made every time there is a variation in log data. In order to distinguish the log files Fm from one another, serial numbers are allocated for those log files, respectively.
For instance, points of time, when respective log data are recorded, are added, as respective serial numbers, to respective file names of the log files Fm stored in the once-writable recording medium, in the form of, for example, 1og-nov2-12.50- 231xt 1og-nov2-13.52.1 11xt "log-nov2-13-53-15.txt and 1og-nov2-14-01 55.txt"By virtue of such serial numbers, it is possible not only to achieve an easy identification of each log file Fm, but also to easily recognize the point of time when each log data is recorded.
11 Thereafter, the main processor 11 transmits log files 17m, created at step S130, to the log data storage means 30 via the log data storage means accessing unit 15. The log file Fm transmitted from the log data storage means accessing unit 15 to the log data storage means 30 is stored in the once-writable recording medium by the log data storage means 30 (Step S140).
In other words, in accordance with the illustrated embodiment of the present invention, all log data, each of which is created every time there is a variation in log data, is recorded in the once-writable medium at intervals of the predetermined time Ts, respectively. The reason why the recording of log data in the once- writable medium is carried out at intervals of a desired time is to prevent execution of frequent writing operations, thereby achieving a reduction in the load of the main processor 11.
The control procedure of the main processor 11 then proceeds to step S90 at which the currently counted time is reset. After the time reset, the control procedure of the main processor 11 proceeds to step 100. At step 100, the main processor 11 checks whether or not the manager desires to turn off the server computer 10, as mentioned above. Where it is determined, as a result of the checking, that the server computer 10 is not selected turn off, the control procedure returns to step S40 for counting the time T. On the other hand, where it is determined at step S100 that the server computer 10 is selected turn off, the main processor 11 creates a log file Fm to be stored in the once-writable medium (Step S150).
Subsequently, the main processor 11 transmits the log file Fm, created at step S150, to the log data storage means 30 via the log data storage means accessing unit 15. The log file Fm transmitted from the log data storage means accessing unit 15 to the log data storage means 30 is stored in the once- writable medium by the log data storage means 30 (Step S160).
Thereafter, the main processor 11 completes the control procedure.
12 Simultaneously, the server computer 10 is turned off.
Although it is typical for the server computer 10 to be always in its "ON" state for the whole period of 24 hours, there may be, an occasion to turn off the server computer 10 for a checking of the system required by the manager or a necessary temporal shut-down of the system. In such a case, the system is turned off after the latest log data is stored in the once-writable medium by the log data storage means 30.
The procedure of storing log data in the log data storage means 30 configured as shown in Fig. 4 in accordance with the illustrated embodiment of the 10 present invention will now be described.
When a log file Fm written with log data is transmitted from the server computer 10 to the log data storage means 30, the control unit 31 of the log data storage means 30 generates a control signal, thereby driving a selected one of the medium drives 34 and 35. The control unit 31 also controls the signal -switch i ng 15 unit 33 in order to allow the log file Fm to be transmitted to the driven medium drive.
The log file Fm, which is transmitted from the server computer 10 to the log data storage means 30, is temporarily stored in the buffer unit 32, and then transmitted to the currently operating one of the medium drives 34 and 35.
The log data transmitted from the buffer unit 32 is then stored in the once20 writable medium included in the currently operating medium drive.
In this case, the control unit 31 continuously checks the amount of log data transmitted to the medium drive. When a log file currently outputted from the buffer unit 32 has an amount of log data exceeding the remaining capacity of the once. writable medium of the medium drive, the control unit 31 drives the remaining 25 medium drive, and controls the signal switching unit 33 to allow the current log file to 13 be transmitted to the remaining medium drive.
At this time, the control unit 31 informs the manager of the excess of the storage capacity of the current medium drive using a buzzer or a display means not shown, in order to allow the manager to replace the capacity-exceeded medium drive by another one.
As apparent from the above description, in accordance with the present invention, respective log data of users having access to the server computer via the communication network are stored, by the log data storage means, in the recording medium allowing data to be only once recorded. Accordingly, even in the case in which an unauthorized user such as a hacker has access to the server computer without any approval after invalidating an access restriction command generated by the operating system and the firewall, he cannot modify or delete log data because the log data is stored in the once- writable medium by the log data storage means.
In accordance with the present invention, therefore, it is possible to easily trace the access path of the unauthorized user and to restore the modified or damaged system.
Although the present invention has been described in conjunction with the embodiment in which initial log data is stored in the auxiliary memory device, and log data subsequently created in response to a variation in log data is stored in the once- writable medium every time the log data variation is made, it is not limited to that embodiment. It should be noted that log data might be stored in the once-writable medium in a real-time fashion without passing through the auxiliary memory device in accordance with another embodiment of the present invention. In the latter case, respective varied log data are continuously stored in a real-time fashion in the once- writable medium without any creation of additional log files.
In addition, although the connecting record storage means for storing the 14 connecting records such as log data and so on has been described as being applied only to the server computer, the present invention is not limited thereto. In accordance with the present invention, the connecting record storage means may be easily applied to all kinds of network equipment.
As apparent from the above description, the present invention provides an apparatus for and a method of storing log data in a communication network which are capable of allowing the writing of log data only once while preventing the re-writing of log data and the deletion of the written log data, thereby preventing the written log data from being modified or deleted by an unauthorized user having access to the log data.
is
Claims (23)
1. An apparatus for storing log data of a user having access to a network system via a communication network comprising: control means for creating log data about an access history of the user; data transmission means for transmitting the log data created in the control means; and storage means for receiving the log data via the data transmission means, and storing the received log data in a recording medium allowing data to be only once recorded therein.
2. The apparatus according to claim 1, wherein the storage means comprises a plurality of recording media, from which the recording medium is selected, a buffer unit, and a signal -switching unit, whereby when one of the recording media is insufficient to store additional log data therein, the additional log data is switched to and stored in another one of the recording media.
3. The apparatus according to claim 1 or 2, wherein the recording medium or each recording medium of the storage means is a compact disk-recorder medium.
4. The apparatus according to claim 1 or 2, wherein the recording medium or each recording medium of the storage means is a digital versatile diskrecorder medium.
5. A method for storing log data of a user having access to a network system via a 20 communication network, comprising the steps of:
(a) creating a log file adapted to record log data therein, and storing the created log file in a storage device; (b) setting the log file stored in the storage device, as an old log file; (c) recording log data of an accessing user in the log file stored in the storage 25 device; (d) setting the resultant log file stored in the storage device, as a new log file; 16 and (e) if there is a difference in content between the old and new log files, then recording the log data of the accessing user in an additional log file, storing the additional log file in a recording medium allowing data to be only once recorded 5 therein, and subsequently returning to the step (b).
6. The method according to claim 5, wherein the storing of the additional log file in the once-writable medium at the step (e) is carried out at intervals of a desired time.
7. The method according to claim 5 or 6, wherein the additional log file is recorded with only a different content between the old and new log files at the step (e).
8. The method according to claim 7, wherein the additional log file is allocated with a serial number, added to a file name thereof, for identification thereof.
9. The method according to claim 5, wherein log data of accessing users increasing with the lapse of time are recorded in the once-writable medium in a real-time fashion.
10. The method according to claims 5, 6 or 9, wherein the recording medium is a 15 compact disk-recorder medium.
11. The method according to claims 5, 6 or 9, wherein the recording medium is a digital versatile disk-recorder medium.
12. An apparatus for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 1 of the accompanying drawings.
13. An apparatus for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 2 of the accompanying drawings.
17
14. An apparatus for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 1 and Figure 3 of the accompanying drawings.
15. An apparatus for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 2 and Figure 3 of the accompanying drawings.
16. An apparatus for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 4 of the accompanying drawings.
17. A method for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 1 of the accompanying drawings.
18. A method for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 2 of the accompanying drawings.
19. A method for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 1 and Figure 3 of the accompanying drawings.
20. A method for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 2 and Figure 3 of the accompanying drawings.
21. A method for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 4 of the accompanying drawings.
18
22. A method for storing log data of a user having access to a network system via a communication network substantially as hereinbefore described, with reference to Figure 5 of the accompanying drawings.
23. A method for storing log data of a user having access to a network system via a communication network according to Claim 5 and substantially as hereinbefore described.
19
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR20000018152 | 2000-04-07 | ||
| KR10-2000-0026975A KR100369535B1 (en) | 2000-04-07 | 2000-05-19 | Apparatus for memorizing log data through tele-communication and method there of |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| GB0022319D0 GB0022319D0 (en) | 2000-10-25 |
| GB2361081A true GB2361081A (en) | 2001-10-10 |
Family
ID=26637767
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB0022319A Withdrawn GB2361081A (en) | 2000-04-07 | 2000-09-12 | Apparatus and method for storing log files on a once only recordable medium |
Country Status (6)
| Country | Link |
|---|---|
| JP (1) | JP3673159B2 (en) |
| CN (1) | CN1318982C (en) |
| DE (1) | DE10047337A1 (en) |
| FR (1) | FR2807532A1 (en) |
| GB (1) | GB2361081A (en) |
| IL (1) | IL138408A0 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7392292B2 (en) | 2001-12-11 | 2008-06-24 | Samsung Electronics Co., Ltd. | Method for managing CRM data, CRM server and recording medium thereof |
| US7676140B2 (en) | 2005-04-12 | 2010-03-09 | Sony Corporation | Recording apparatus |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4387087B2 (en) * | 2002-07-25 | 2009-12-16 | 三洋電機株式会社 | Data storage device |
| CN1536788B (en) * | 2003-04-11 | 2010-04-28 | 华为技术有限公司 | Log retention system and method |
| US20040225689A1 (en) * | 2003-05-08 | 2004-11-11 | International Business Machines Corporation | Autonomic logging support |
| CN100375047C (en) * | 2004-03-17 | 2008-03-12 | 联想(北京)有限公司 | Management method for computer log |
| US7171511B2 (en) * | 2004-03-24 | 2007-01-30 | Hitachi, Ltd. | WORM proving storage system |
| CN100518078C (en) * | 2004-04-02 | 2009-07-22 | 鸿富锦精密工业(深圳)有限公司 | Network daily-record data management system and method |
| CN100438431C (en) * | 2005-04-28 | 2008-11-26 | 华为技术有限公司 | How to Upload Multi-NE Log Files |
| CN101446915B (en) * | 2007-11-27 | 2012-01-11 | 中国长城计算机深圳股份有限公司 | Method and device for recording BIOS level logs |
| KR20120005364A (en) * | 2010-07-08 | 2012-01-16 | 정보통신산업진흥원 | Electronic address, and electronic document distribution system |
| JP2012027570A (en) * | 2010-07-21 | 2012-02-09 | Keet Seisakusho:Kk | Data storage system for field equipment |
| JP5672491B2 (en) * | 2011-03-29 | 2015-02-18 | ソニー株式会社 | Information processing apparatus and method, and log collection system |
| FR2974921B1 (en) * | 2011-05-05 | 2015-07-17 | Renault Sas | METHOD FOR PROCESSING A SIGNAL THAT QUANTIFIES THE CHARGING CONDITION OF AN ELECTRIC BATTERY OF A MOTOR VEHICLE ACCORDING TO TIME |
| US9049589B2 (en) | 2012-01-27 | 2015-06-02 | Microsoft Technology Licensing, Llc | Dynamically adjusting a data usage plan based on data usage statistics |
| JP2016122431A (en) * | 2014-12-25 | 2016-07-07 | 正仁 櫨田 | Method for dealing with unauthorized access to communication line by hardware |
| FI127335B (en) * | 2016-05-27 | 2018-04-13 | Cysec Ice Wall Oy | Logging of data traffic in a computer network |
| CN119025382B (en) * | 2024-08-21 | 2025-09-16 | 重庆赛力斯凤凰智创科技有限公司 | Log extraction method of vehicle-mounted communication terminal, vehicle-mounted communication terminal and storage medium |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2045799C (en) * | 1990-07-11 | 1999-03-23 | Kenneth L. Thompson | File system with read/write and read only storage |
| JPH052517A (en) * | 1991-06-26 | 1993-01-08 | Nec Corp | Data base journal control system |
| JPH0612307A (en) * | 1992-06-29 | 1994-01-21 | Nec Software Ltd | Storage system for history after data base update |
| JP3140906B2 (en) * | 1994-04-12 | 2001-03-05 | 株式会社エヌ・ティ・ティ・データ | How to update and restore system files |
| JPH07319738A (en) * | 1994-05-23 | 1995-12-08 | Nec Commun Syst Ltd | Differential recording method |
| US5892917A (en) * | 1995-09-27 | 1999-04-06 | Microsoft Corporation | System for log record and log expansion with inserted log records representing object request for specified object corresponding to cached object copies |
| JP3608887B2 (en) * | 1996-10-30 | 2005-01-12 | パイオニア株式会社 | Information recording / reproducing apparatus and information recording / reproducing method |
| JP2000099401A (en) * | 1998-09-22 | 2000-04-07 | Sony Corp | Recording medium, recording method and recording device |
| JP3583945B2 (en) * | 1999-04-15 | 2004-11-04 | 日本電信電話株式会社 | Audio coding method |
-
2000
- 2000-09-12 GB GB0022319A patent/GB2361081A/en not_active Withdrawn
- 2000-09-12 IL IL13840800A patent/IL138408A0/en unknown
- 2000-09-25 DE DE10047337A patent/DE10047337A1/en not_active Ceased
- 2000-09-28 CN CNB00128889XA patent/CN1318982C/en not_active Expired - Fee Related
- 2000-09-29 JP JP2000298500A patent/JP3673159B2/en not_active Expired - Fee Related
- 2000-09-29 FR FR0012425A patent/FR2807532A1/en active Pending
Non-Patent Citations (2)
| Title |
|---|
| PIONEER - Press Release 01/02/200 - Pioneer achieves Milestones in DVD technology for new Millennium * |
| SMARTSTOR INFINET - COPYRIGHT 2000 - Infinet Data Accessibility Solutions for Windows NT. * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7392292B2 (en) | 2001-12-11 | 2008-06-24 | Samsung Electronics Co., Ltd. | Method for managing CRM data, CRM server and recording medium thereof |
| US7676140B2 (en) | 2005-04-12 | 2010-03-09 | Sony Corporation | Recording apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| JP2001306368A (en) | 2001-11-02 |
| CN1317745A (en) | 2001-10-17 |
| GB0022319D0 (en) | 2000-10-25 |
| FR2807532A1 (en) | 2001-10-12 |
| IL138408A0 (en) | 2001-10-31 |
| CN1318982C (en) | 2007-05-30 |
| DE10047337A1 (en) | 2001-10-18 |
| JP3673159B2 (en) | 2005-07-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| GB2361081A (en) | Apparatus and method for storing log files on a once only recordable medium | |
| US6311213B2 (en) | System and method for server-to-server data storage in a network environment | |
| JP4578119B2 (en) | Information processing apparatus and security ensuring method in information processing apparatus | |
| US6446209B2 (en) | Storage controller conditioning host access to stored data according to security key stored in host-inaccessible metadata | |
| US7831687B2 (en) | Storage system managing data through a wide area network | |
| EP2017767A1 (en) | File management system and method, and mobile terminal | |
| US20020095547A1 (en) | Virtual volume storage | |
| US6119144A (en) | Apparatus and method for information transfer between a video server and a general purpose computer or the like | |
| US8051300B2 (en) | System and method for reducing latency on remotely-booted information handling systems | |
| US20080229041A1 (en) | Electrical Transmission System in Secret Environment Between Virtual Disks and Electrical Transmission Method Thereof | |
| KR20030017532A (en) | Data storage system and process | |
| US7266659B2 (en) | Memory device system, storage device, and log recording method | |
| US7814338B2 (en) | System and method for virtual tape management with creation and management options | |
| JP2005222383A (en) | Storage control device and storage control device control method | |
| US20040107357A1 (en) | Apparatus and method for protecting data on computer hard disk and computer readable recording medium having computer readable programs stored therein | |
| KR100369535B1 (en) | Apparatus for memorizing log data through tele-communication and method there of | |
| US8117312B2 (en) | Network attached storage device and method using same | |
| JP5214135B2 (en) | Work content recording system and method, and program thereof | |
| WO2008006695A1 (en) | Management and storage of information and meta data | |
| EP1259877A2 (en) | Method for providing services on network-based storage sites | |
| TW502514B (en) | Apparatus for and method of storing log data in communication network | |
| KR200200507Y1 (en) | Apparatus for memorizing log data through tele-communication | |
| JP2005038124A (en) | File access control method and control system | |
| US9626425B2 (en) | Storage system, cloud storage system, and computer program product | |
| KR100740547B1 (en) | Security log information storage / management system and its operation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |