摘要 |
PURPOSE: A system for preventing the illicit use of internal information and a method thereof are provided to prevent illicit use by calculating a degree of risk according to using actions or users in an environment having a business server existing between a database server and a user computer and performing prevention according to the risk information. CONSTITUTION: A prevention managing server(400) generates and provides prevention information by analyzing log information of a database server(300). A prevention filter(500) is installed in a business server(200) to prevent illicit use. The prevention filter includes a prevention determining unit obtaining manipulation information of the business server and determining prevention according to the prevention information, a prevention control unit generating a prevention command, and a prevention unit preventing information according to the prevention command and transmitting prevention record information to a user. [Reference numerals] (210) Application class; (230) OS regulation; (310) Log generator; (410) Log analyzer; (420) Hazard predictor; (430) Storage information; (440) Log analyzer; (510) Prevention filter; (520) Prevention control unit; (600) Manager computer; (AA) DB inquiry(generation SQL transmission); (BB) DP processing result value transmission; (CC) Log; (DD) User input value processing(SQL generation); (EE) Result value processing(screen generation); (FF) WAS/WEB server layer; (GG) Prevention instruction command; (HH) User work execution(all kinds of inputs generation); (II) Result value(generated result screen transmission) |