摘要 |
A user requests approval from an application server for accessing a program in a managed server. If the access is approved, the application server issues authentication information which includes at least a public key and a private key. The managed server receives command from the user to execute by the program. An original authentication value is computed from the command. The original authentication value is encrypted with the public key. The encrypted original authentication value is stored in association with the command in a log storage. Alteration of the command can be detected by computing a new authentication value from the stored command. The stored encrypted original authentication value is decrypted with the private key to obtain the original authentication value, which is compared with the new authentication value. An alarm is set if the comparison is not satisfied.
|