Abstract: Disclosed is a system and a method for providing network security for online servers by tracking the users' activity on them and preventing the occurrences of unauthorized events. This invention implements a highly efficient security approach which focuses on the Internet and Intranet servers' environment and operates inside it. The preferred embodiment of the present invention functions at the operating system level of the servers, it validates that each process on the servers is in keeping with a set of rules and with the privileges of the users. The system compares between the level and scope of permissions given to the users and the operation done by processes that relate to them on the different servers of the environment. Whenever incompatibilities or inconsistencies are found, the security system filters out the inappropriate processes and updates a security log.

Abstract: Disclosed is a system and a method for providing network security for online servers by tracking the users' activity on them and preventing the occurrences of unauthorized events. This invention implements a highly efficient security approach which focuses on the Internet and Intranet servers' environment and operates inside it. The preferred embodiment of the present invention functions at the operating system level of the servers, it validates that each process on the servers is in keeping with a set of rules and with the privileges of the users. The system compares between the level and scope of permissions given to the users and the operation done by processes that relate to them on the different servers of the environment. Whenever incompatibilities or inconsistencies are found, the security system filters out the inappropriate processes and updates a security log.

Abstract: A method and system for capturing and characterizing data displayed on a workstation screen, and user manipulation, to support auditing and data mining of user information access. Capture and characterization are independent of application and network connectivity, so data from different applications can be captured, characterized, and analyzed and correlated in a uniform manner. Screen data is captured as machine-readable text-string words associated with meta-data attributes detailing circumstances and characteristics of screen data presentation, and user control of software applications and windows. Characteristics include: workstation identifier; application; date and time of display; coordinates of screen data; window opening, closing, and scrolling; searching, copying, printing, and saving. The invention can be used to determine patterns of normal operation, to investigate information access misuse, and as a watchdog for alerts to potentially abusive information access practices.