Event Data Structure to Store Event Data
US-2016063255-A1 · Mar 3, 2016 · US
Event log tamper detection
US9864878B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9864878-B2 |
| Application number | US-201514809464-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 27, 2015 |
| Priority date | Jul 27, 2015 |
| Publication date | Jan 9, 2018 |
| Grant date | Jan 9, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A computer implemented method includes generating, by a processor, a first event record in response to an event being performed by a computer; and generating, by the processor, a second event record in response to the first event record being generated, wherein the second event record comprises a signature corresponding to the first event record.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer implemented method, comprising: securing, by a processor, a log of one or more events being performed a computer by adding tamper detection to the log, the securing comprising: generating, by the processor, a first event record in response to an event being performed by the computer; generating, by the processor, a second event record in response to the first event record being generated, wherein the second event record comprises: a signature corresponding to the first event record; and a spatial reference of the first event record, the spatial reference identifying a memory location of the first event record; generating, by the processor, a third event record of the same type as a type of the first event record; adding to the second event record, in response to the third event record being of the same type as the first event record, a signature corresponding to the third event record, and a spatial reference of the third event record; and in response to a request to detect tampering of the first event record, validating the first event record based on the signature in the second event record. 2. The computer implemented method of claim 1 , wherein the signature identifies contents of the first event record. 3. The computer implemented method of claim 2 , wherein the second event record further comprises an identifier of a type of the first event record. 4. The computer implemented method of claim 2 , further comprising: receiving, by the processor, a request to copy the first event record; and copying, by the processor, the first event record and the second event record, which includes the spatial reference of the first event, in response to the request to copy the first event record. 5. The computer implemented method of claim 2 , further comprising: receiving, by the processor, a request to detect tampering of the first event record; and in response to the request, validating, by the processor, the first event record by comparing the first event record with the signature in the second event record. 6. The computer implemented method of claim 1 , further comprising: receiving, by the processor, a request to copy the first event record; making, by the processor, a copy of the first event record and a copy of the second event record in response to the request to copy the first event record; and storing, by the processor, the copy of the second event record at the same spatial distance from the copy of the first event record as a spatial distance between the first event record and the second event record. 7. The computer implemented method of claim 1 , further comprising: receiving, by the processor, a request to copy event records of the type of the first event record; and copying, by the processor, the first event record, the third event record, and the second event record in response to the request to copy the first event record.
Assignees
Inventors
Classifications
Secure or tamper-resistant housings · CPC title
Auditing as a secondary aspect · CPC title
- G06F21/64Primary
Protecting data integrity, e.g. using checksums, certificates or signatures · CPC title
Detecting or preventing theft or loss · CPC title
Event detection, e.g. attack signature detection · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9864878B2 cover?
- A computer implemented method includes generating, by a processor, a first event record in response to an event being performed by a computer; and generating, by the processor, a second event record in response to the first event record being generated, wherein the second event record comprises a signature corresponding to the first event record.
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/64. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 09 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).