Secure data corridors
First Claim
1. A computing device configured to provide a secure data corridor between a source and at least one secure data container, the computing device comprising:
- a processor;
a network interface communicatively coupled to the processor and configured to enable communications with a mobile traffic network;
a storage device for content and programming;
a security application stored in the storage device, wherein execution of the security application by the processor configures the computing device to perform acts comprising;
receiving a request from a subject for a data feed comprising at least one data element included in the at least one secure data container;
identifying a use-case for the data feed;
determining a data sensitivity rating of the data feed;
determining a security level of each data element of the data feed;
determining, for each data element of the data feed, one or more security controls that are mapped to the data element;
assigning a security label to the use-case;
comparing a clearance of the subject to the security label of the use-case;
upon determining that a clearance of the subject is at or above the security label of the use-case, allowing the subject privilege to the data feed via the secure data corridor;
upon determining that the clearance of the subject is below the security label of the use-case, denying the subject privilege to the data feed via the secure data corridor; and
associating an additional data sensitivity rating to the secure data corridor based on one or more incoming data feeds transmitted from the source into the at least one secure data container.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method of providing a secure data corridor are provided. A request is received from a subject for a data feed comprising one or more data elements. A use-case is identified and a security level is determined for the data feed. For each data element of the data feed, a security level and one or more security controls that are mapped to the corresponding data element, are determined. A data sensitivity rating is assigned to the use-case. Upon determining that a clearance of the subject is at or above the data sensitivity rating of the use-case, the subject is granted privilege to the data feed via the secure data corridor.
52 Citations
14 Claims
-
1. A computing device configured to provide a secure data corridor between a source and at least one secure data container, the computing device comprising:
-
a processor; a network interface communicatively coupled to the processor and configured to enable communications with a mobile traffic network; a storage device for content and programming; a security application stored in the storage device, wherein execution of the security application by the processor configures the computing device to perform acts comprising; receiving a request from a subject for a data feed comprising at least one data element included in the at least one secure data container; identifying a use-case for the data feed; determining a data sensitivity rating of the data feed; determining a security level of each data element of the data feed; determining, for each data element of the data feed, one or more security controls that are mapped to the data element; assigning a security label to the use-case; comparing a clearance of the subject to the security label of the use-case; upon determining that a clearance of the subject is at or above the security label of the use-case, allowing the subject privilege to the data feed via the secure data corridor; upon determining that the clearance of the subject is below the security label of the use-case, denying the subject privilege to the data feed via the secure data corridor; and associating an additional data sensitivity rating to the secure data corridor based on one or more incoming data feeds transmitted from the source into the at least one secure data container. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium having stored thereon a plurality of sequences of instructions which, when executed by a processor, cause the processor to perform acts of providing a secure data corridor between a source and at least one secure data container, the acts comprising:
-
receiving a request from the subject for a data feed comprising at least one data element included in the at least one secure data container; identifying a use-case for the data feed; determining a data sensitivity rating of the data feed; determining a security level of a data element of the data feed; determining, for the data element of the data feed, one or more security controls that are mapped to the data element; assigning a security label to the use-case; comparing a clearance of the subject to the security label of the use-case; upon determining that a clearance of the subject is at or above the security label of the use-case, allowing the subject privilege to the data feed via the secure data corridor; upon determining that the clearance of the subject is below the security label of the use-case, denying the subject privilege to the data feed via the secure data corridor; and associating an additional data sensitivity rating to the secure data corridor based on one or more incoming data feeds transmitted from the source into the at least one secure data container. - View Dependent Claims (10, 11, 12, 13, 14)
-
Specification