Systems and methods for aggregating information-asset classifications

US 10,095,768 B2
Filed: 11/14/2014
Issued: 10/09/2018
Est. Priority Date: 11/14/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for aggregating information-asset classifications, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:

identifying a file system folder that includes a plurality of files;

identifying a classification for each of two or more of the files within the file system folder;

deriving, based at least in part on the classifications of the two or more of the files, an aggregate classification for the file system folder that contains the plurality of files;

assigning the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder;

enforcing, by a system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder, and in accordance with a security policy, course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed computer-implemented method for aggregating information-asset classifications may include (1) identifying a data collection that includes two or more information assets, (2) identifying a classification for each of the information assets, (3) deriving, based at least in part on the classifications of the information assets, an aggregate classification for the data collection, and (4) associating the aggregate classification with the data collection to enable a data management system to enforce a data management policy based on the aggregate classification. Various other methods, systems, and computer-readable media are also disclosed.

28 Citations

View as Search Results

20 Claims

1. A computer-implemented method for aggregating information-asset classifications, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying a file system folder that includes a plurality of files;
  
  identifying a classification for each of two or more of the files within the file system folder;
  
  deriving, based at least in part on the classifications of the two or more of the files, an aggregate classification for the file system folder that contains the plurality of files;
  
  assigning the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder;
  
  enforcing, by a system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder, and in accordance with a security policy, course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer-implemented method of claim 1, wherein:
    - deriving the aggregate classification comprises compiling a union of the classifications of the two or more of the files;
      
      the aggregate classification comprises the union of the classifications of the two or more of the files.
  - 3. The computer-implemented method of claim 1, wherein:
    - deriving the aggregate classification comprises identifying a maximum value of the classifications of the two or more of the files;
      
      the aggregate classification comprises the maximum value of the two or more of the files.
  - 4. The computer-implemented method of claim 1, wherein:
    - deriving the aggregate classification comprises calculating an average value of the classifications of the two or more of the files;
      
      the aggregate classification comprises the average value of the classifications of the two or more of the files.
  - 5. The computer-implemented method of claim 1, wherein:
    - deriving the aggregate classification comprises identifying a minimum value of the classifications of the two or more of the files;
      
      the aggregate classification comprises the minimum value of the classifications of the two or more of the files.
  - 6. The computer-implemented method of claim 1, further comprising:
    - receiving a notification of a change to the file system folder, wherein the change comprises at least one of;
      
      a change to the classification of one of the files included in the file system folder;
      
      deletion of one of the files included in the file system folder;
      
      inclusion of an additional file to the file system folder;
      
      modifying the aggregate classification of the file system folder based on the change to the file system folder.
  - 7. The computer-implemented method of claim 1, further comprising:
    - receiving a request for the aggregate classification for the file system folder;
      
      in response to receiving the request for the aggregate classification, providing the aggregate classification for the file system folder.
  - 8. The computer-implemented method of claim 1, wherein the file system folder comprises a container of the plurality of files.
  - 9. The computer-implemented method of claim 1, wherein at least one of the files comprises a file capable of containing at least one additional file.
  - 10. The computer-implemented method of claim 1, wherein deriving the aggregate classification for the file system folder is based at least in part on a classification of at least one subordinate file system folder contained in the file system folder.
  - 11. The computer-implemented method of claim 1, wherein deriving the aggregate classification for the file system folder is based at least in part on a classification of at least one file contained in a subordinate file system folder contained in the file system folder.
  - 12. The computer-implemented method of claim 1, wherein the classifications for the two or more of the files are received from two separate and distinct data management systems.

13. A system for aggregating information-asset classifications and endpoint security, the system comprising:
- an identification module, stored in memory, that identifies a file system folder that includes a plurality of files;
  
  a classification module, stored in memory, that identifies a classification for each of two or more of the files within the file system folder;
  
  an aggregation module, stored in memory, that derives, based at least in part on the classifications of the two or more of the files, an aggregate classification for the file system folder that contains the plurality of files;
  
  an association module, stored in memory, that assigns the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder;
  
  a policy module, stored in memory, that enforces, as part of the system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder and in accordance with a security policy, course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access;
  
  at least one physical processor configured to execute the identification module, the classification module, the aggregation module, the association module, and the policy module.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The system of claim 13, wherein:
    - the aggregation module derives the aggregate classification by compiling a union of the classifications of the two or more of the files;
      
      the aggregate classification comprises the union of the classifications of the two or more of the files.
  - 15. The system of claim 13, wherein the aggregation module derives the aggregate classification by identifying a maximum value of the classifications of the files included in the file system folder.
  - 16. The system of claim 13, wherein the aggregation module derives the aggregate classification by calculating an average value of the classifications of the files included in the file system folder.
  - 17. The system of claim 13, wherein the aggregation module derives the aggregate classification by identifying a minimum value of the classifications of the files included in the file system folder.
  - 18. The system of claim 13, wherein:
    - the classification module further receives a notification of a change to the file system folder, wherein the change comprises at least one of;
      
      a change to the classification of one of the files included in the file system folder;
      
      deletion of one of the files included in the file system folder;
      
      inclusion of an additional file to the file system folder;
      
      the aggregation module further modifies the aggregate classification of the file system folder based on the change to the file system folder.
  - 19. The system of claim 13, wherein the association module further:
    - receives a request for the aggregate classification for the file system folder;
      
      provides the aggregate classification for the file system folder in response to receiving the request for the aggregate classification.

20. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
- identify a file system folder that includes a plurality of files;
  
  identify a classification for each of two or more of the files within the file system folder;
  
  derive, based at least in part on the classifications of the two or more of the files an aggregate classification for the file system folder that contains the plurality of files;
  
  assign the aggregate classification to the file system folder to enable a data management system to enforce a collection-level data management policy based on the aggregate classification for the file system folder;
  
  enforce, by a system for endpoint security, the collection-level data management policy by taking, after the aggregate classification is assigned to the file system folder, and in accordance with a security policy, a course of action based at least in part on the aggregate classification of the file system folder to protect an endpoint computing device from unauthorized access.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Veritas Technologies, LLC (Whitehouse Group Ltd.)
Original Assignee
Veritas Technologies, LLC (Whitehouse Group Ltd.)
Inventors
Koeten, Robert
Primary Examiner(s)
Stevens, Robert

Application Number

US14/542,165
Publication Number

US 20160140207A1
Time in Patent Office

1,425 Days
Field of Search

707737
US Class Current
CPC Class Codes

G06F 16/122 using management policies b...

G06F 16/285 Clustering or classification

Systems and methods for aggregating information-asset classifications

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for aggregating information-asset classifications

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links