摘要 |
A system and method for auditing and controlling the use of a computer. An operating system and selected programs and data , referred to as approved applications and approved data , are stored on a protected media which cannot be modified by any ordinary user or application program, regardless of operating system privilege. The protected media can be modified by the operating system, as well as by an administrator using a trusted path mechanism. The trusted path mechanism establishes a reliable communication channel between the administrator and the computer system. The present invention may be configured to collect user audit data concerning user activity and system status and to write the audit data to the protected media. Also, the present invention may be configured to limit execution of application programs to the approved applications. |
申请人 |
TRUSTED INFORMATION SYSTEMS, INC. |
发明人 |
TAJALLI, HOMAYOON;BADGER, MARK, LEE;DALVA, DAVID, I.;WALKER, STEPHEN, T. |