Browse Prior Art Database

Handling Potential DCE Security Violation Attempts

IP.com Disclosure Number: IPCOM000014631D
Original Publication Date: 1999-Dec-01
Included in the Prior Art Database: 2003-Jun-20
Document File: 1 page(s) / 39K

Publishing Venue

IBM

Related People

Woodrow Arkeketa: AUTHOR [+3]

Abstract

DCE has defined several DCE Serviceability events that could be construed as potential security violation attempts. These events can easily get lost in among all the other events that might appear at the Tivoli Event Console (TEC). This disclosure provides a way for these events to become more visible by generating another event, the DCEPotentialSecViolationAttempt event, and handling it instead. Each of the DCE Serviceability events which apply would cause the DCEPotentialSecViolationAttempt event to be generated. Each DCEPotentialSecViolationAttempt event has a dup_id_msg slot which is an array of stings. The dup_id_msg slot for this event contains the message identifier and message text of the DCE Serviceability event that caused it. It appears as one string (: ). The date_last_svc_event slot contain the date slot from the DCE Serviceability event. The DCEPotentialSecViolationAttempt event is handled as follows: Handling duplicates The duplicate's dup_id_msg slot is appended to the original's dup_id_msg slot. This is a kind of audit trail of the DCE Serviceability events that caused this event to be generated. The duplicate's date_last_svc_event slot replaces the original's. The date_last_svc_event slot always has the date/time stamp of the last duplicate event and the date slot contains the initial date/time stamp. This defines the time interval over which the event spans. Once these updates have been made, the event's repeat count is incremented by one and the duplicate event is discarded.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 63% of the total text.

Page 1 of 1

Handling Potential DCE Security Violation Attempts

DCE has defined several DCE Serviceability events that could be construed as potential security violation attempts. These events can easily get lost in among all the other events that might appear at the * Tivoli Event Console (TEC). This disclosure provides a way for these events to become more visible by generating another event, the DCEPotentialSecViolationAttempt event, and handling it instead.

Each of the DCE Serviceability events which apply would cause the DCEPotentialSecViolationAttempt event to be generated. Each DCEPotentialSecViolationAttempt event has a dup_id_msg slot which is an array of stings. The dup_id_msg slot for this event contains the message identifier and message text of the DCE Serviceability event that caused it. It appears as one string (<msgID>: <msg_text>). The date_last_svc_event slot contain the date slot from the DCE Serviceability event. The DCEPotentialSecViolationAttempt event is handled as follows:

Handling duplicates

The duplicate's dup_id_msg slot is appended to the original's dup_id_msg slot. This is a kind of audit trail of the DCE Serviceability events that caused this event to be generated. The duplicate's date_last_svc_event slot replaces the original's. The date_last_svc_event slot always has the date/time stamp of the last duplicate event and the date slot contains the initial date/time stamp. This defines the time interval over which the event spans. Once these update...