Multi-pronged file anomaly detection based on violation counts
First Claim
Patent Images
1. A system for protecting sensitive data, the system comprising:
- one or more processors; and
a memory storing instructions that, when executed by the one or more processors, cause the system to perform;
obtaining file classification information for a set of files, the file classification information defining (1) a number of classified files within the set of files, (2) a number of classification categories associated with the classified files, (3) a number of unauthorized classified files that do not match an access privilege of a user, and (4) a number of unauthorized classification categories associated with the unauthorized classified files; and
determining a violation of an access control policy based on the file classification information.
3 Assignments
0 Petitions
Accused Products
Abstract
File classification information for a set of files are obtained. The file classification information defines (1) a number of classified files within the set of files, (2) a number of classification categories associated with the classified files, (3) a number of unauthorized classified files that do not match an access privilege of a user, and (4) a number of unauthorized classification categories associated with the unauthorized classified files. A violation of an access control policy is determined based on the file classification information.
-
Citations
20 Claims
-
1. A system for protecting sensitive data, the system comprising:
-
one or more processors; and a memory storing instructions that, when executed by the one or more processors, cause the system to perform; obtaining file classification information for a set of files, the file classification information defining (1) a number of classified files within the set of files, (2) a number of classification categories associated with the classified files, (3) a number of unauthorized classified files that do not match an access privilege of a user, and (4) a number of unauthorized classification categories associated with the unauthorized classified files; and determining a violation of an access control policy based on the file classification information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for protecting sensitive data, the method comprising:
-
obtaining file classification information for a set of files, the file classification information defining (1) a number of classified files within the set of files, (2) a number of classification categories associated with the classified files, (3) a number of unauthorized classified files that do not match an access privilege of a user, and (4) a number of unauthorized classification categories associated with the unauthorized classified files; and determining a violation of an access control policy based on the file classification information. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium for protecting sensitive data, the non-transitory computer-readable medium comprising instructions that, when executed, cause one or more processors to perform:
-
obtaining file classification information for a set of files, the file classification information defining (1) a number of classified files within the set of files, (2) a number of classification categories associated with the classified files, (3) a number of unauthorized classified files that do not match an access privilege of a user, and (4) a number of unauthorized classification categories associated with the unauthorized classified files; and determining a violation of an access control policy based on the file classification information. - View Dependent Claims (18, 19, 20)
-
Specification