Detecting personal threat data in documents stored in the cloud

US 10,726,154 B2
Filed: 11/08/2017
Issued: 07/28/2020
Est. Priority Date: 11/08/2017
Status: Active Grant

First Claim

Patent Images

1. A method for detecting and presenting personal threat data in documents stored by third-party cloud-based storage services, comprising:

enabling, via a user interface, a user to request to have documents associated with the user that are stored on one or more third-party cloud-based storage services to be scanned for personal threat data,for each of the one or more third-party cloud-based storage services,requesting access to the documents associated with the user of the cloud-based storage service that are stored on the cloud-based storage service;

receiving content corresponding to the documents from the third-party cloud-based storage service as one or more streams;

for each of the one or more streams,scanning the content within the stream to detect one or more types of personal threat data; and

presenting the personal threat data that are detected in a redacted form via the user interface, wherein the detecting of the personal threat data within the stream and the presenting of the detected personal threat data in redacted form are performed without storing any of the documents in their entirety in memory or non-volatile storage.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and software for identifying threat data in documents stored in cloud-based storage services. A service is provided that enables users who store documents on cloud-based storage services to have their documents scanned for threat data comprising personal and/or confidential data such as social security numbers, credit card numbers, e-mail addresses, and phone numbers. The documents are streamed from the storage services and scanned to detect one or more types of personal threat data. The detected personal threat data are then presented to users in redacted form. Detecting and presentation of personal threat data is performed in a manner under which threat data is never stored in non-volatile storage in an un-redacted form. A Web service seamlessly enables users to request their documents to be scanned for personal threat data, view detected personal threat data in redacted forms, and access documents identified as containing personal threat data.

Citations

21 Claims

1. A method for detecting and presenting personal threat data in documents stored by third-party cloud-based storage services, comprising:
- enabling, via a user interface, a user to request to have documents associated with the user that are stored on one or more third-party cloud-based storage services to be scanned for personal threat data,for each of the one or more third-party cloud-based storage services,requesting access to the documents associated with the user of the cloud-based storage service that are stored on the cloud-based storage service;
  
  receiving content corresponding to the documents from the third-party cloud-based storage service as one or more streams;
  
  for each of the one or more streams,scanning the content within the stream to detect one or more types of personal threat data; and
  
  presenting the personal threat data that are detected in a redacted form via the user interface, wherein the detecting of the personal threat data within the stream and the presenting of the detected personal threat data in redacted form are performed without storing any of the documents in their entirety in memory or non-volatile storage.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the one or more types of personal threat data are detected and presented without storing any detected threat in an un-redacted form in non-volatile storage.
  - 3. The method of claim 1, wherein the method is implemented using a Web service, further comprising:
    - enabling, via one or more Web pages, a user to select one or more third-party cloud-based storage services used by the user to store documents to be scanned; and
      
      presenting the personal threat data in redacted form via one or more Web pages.
  - 4. The method of claim 3, further comprising:
    - presenting a threat scan result Web page listing a plurality of documents for which one or more instances of personal threat data have been detected; and
      
      enabling a user, via a user input to the threat scan result Web page, to view, in redacted form, instances of personal threat data detected for individual documents among the plurality of documents.
  - 5. The method of claim 1, wherein the one or more streams comprise one or more Bytestreams, further comprising:
    - for each Bytestream,scanning content within the Bytestream using one or more scanners, the scanners configured to detect instances of personal threat data by matching the content with one or more predefined patterns;
      
      for each instance of personal threat data that is detected,generating a redacted form of the personal threat data; and
      
      storing the redacted form of the personal threat data.
  - 6. The method of claim 5, further comprising:
    - for each Bytestream,breaking the Bytestream into a plurality of work units; and
      
      for each work unit,parsing textual content in the work unit using one or more means for pattern matching configured to detect textual content matching one or more predefined patterns.
  - 7. The method of claim 6, wherein the means for pattern matching include one or more regexes, further comprising:
    - detecting a match for a given regex; and
      
      validating the match.
  - 8. The method of claim 1, whether the redacted form of personal threat data includes a snippet of text surrounding a threat fragment.
  - 9. The method of claim 1, further comprising enabling the user, via the user interface, to access a document containing one or more instances of personal threat data, wherein the document is accessed from the third-party cloud-based storage service used to store the document.
  - 10. The method of claim 1, further comprising:
    - presenting a first set of threat scan results comprising a first list of documents for which one or more instances of personal threat data are detected based on an initial set of inputs selected by the user;
      
      enabling the user to filter the first set of threat scan results using a filter set of inputs; and
      
      presenting a filtered set of threat scan results comprising a second list of documents for which one or more instances of personal threat data are detected based on the filter set of inputs.
  - 11. The method of claim 1, wherein the one or more types of personal threat data include one or more of the group consisting of social security numbers, credit card numbers, e-mail addresses, and phone numbers.

12. A system for detecting and presenting personal threat data in documents stored by third-party cloud-based storage services, comprising:
- one or more frontend servers, operatively coupled to one or more third-party cloud-based storage services;
  
  one or more application servers, communicatively-coupled to the one or more third-party cloud-based storage services and the one or more frontend servers; and
  
  one or more scanners, operatively coupled to the one or more third-party cloud-based storage serviceswherein the system is configured to;
  
  enable, via one or more Web pages served by the one or more frontend servers, a user to request to have documents associated with the user that are stored on the one or more third-party cloud-based storage services to be scanned for personal threat data,for each of the one or more third-party cloud-based storage services identified in the request,request access to the documents associated with the user that are stored on the cloud-based storage service;
  
  receive, at one or more scanners, content corresponding to the documents from the third-party cloud-based storage service as one or more streams;
  
  for each of the one or more streams,scan, via the one or more scanners, the content within the stream to detect one or more types of personal threat data; and
  
  enable, via one or more Web pages served by a frontend server, the user to view the personal threat data that are detected in redacted forms, wherein the system detects and presents personal threat data in documents accessed from the cloud-based storage service without storing any of the documents in their entirety in memory or non-volatile storage on any of the one or more front-end servers, the one or more application servers, and the one or more scanners.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system of claim 12, further comprising:
    - a database,wherein the system is further configured to store personal threat data that are detected in redacted forms in the database.
  - 14. The system of claim 12, wherein the system includes one or more non-volatile storage devices, and wherein the system is configured to never store a detected threat in an un-redacted form in any of the non-volatile storage devices.
  - 15. The system of claim 12, further configured to:
    - serve a threat scan report Web page listing a plurality of documents for which one or more instances of personal threat data have been detected; and
      
      enable a user, via a user input to the threat scan report Web page, to view, in redacted form, instances of personal threat data detected for individual documents among the plurality of documents.
  - 16. The system of claim 12, further configured to:
    - serve a threat scan result Web page listing a plurality of documents for which one or more instances of personal threat data have been detected, wherein at least a portion of the plurality of documents in the list include links that enable the user, upon selection of a link for a given document, to access the given document, wherein the document is accessed from the third-party cloud-based storage service used to store the document.
  - 17. The system of claim 12, wherein the one or more streams comprise one or more Bytestreams, the system further configured to:
    - for each Bytestream,scan content within the Bytestream using one or more scanners, the scanners configured to detect personal threat data by matching the content with one or more predefined patterns;
      
      for each threat that is detected,generate a redacted form of the threat.
  - 18. The system of claim 17, wherein a scanner is further configured to:
    - break a Bytestream into a plurality of work units; and
      
      for each work unit,parse textual content in the work unit using one or more regexes configured to detect textual content matching one or more predefined patterns.
  - 19. The system of claim 18, wherein the scanner is further configured to:
    - detect a match for a given regex; and
      
      validate the match.
  - 20. The system of claim 12, whether the redacted form of an instance of personal threat data includes a snippet of text surrounding a threat fragment.
  - 21. The system of claim 12, further configured to:
    - serve a first Web page configured to cause a browser to display an initial set of personal threat data scan results comprising a first list of documents for which one or more instances of personal threat data are detected based on an initial set of inputs selected by the user;
      
      enable the user, via either the first Web page or a second Web page, to filter the first set of personal threat data scan results using a filter set of inputs; and
      
      serve a third Web page configured to cause the browser to display a filtered set of personal threat data scan results comprising a second list of documents for which one or more instances of personal threat data are detected based on the filter set of inputs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Onehub, Inc.
Original Assignee
Onehub, Inc.
Inventors
Anderson, Matthew, McCracken, Michael, Wilt, Phillip, Caplan, Brandon, Graham, Ryan, Mount, Charles
Primary Examiner(s)
King, John B

Application Number

US15/806,641
Publication Number

US 20190138747A1
Time in Patent Office

993 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6254   by anonymising data, e.g. d...

H04L 63/0245   Filtering by information in...

H04L 63/083   using passwords cryptograph...

H04L 63/1433   Vulnerability analysis

H04L 67/1097   for distributed storage of ...

H04L 67/53   using third party service p...

Detecting personal threat data in documents stored in the cloud

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Detecting personal threat data in documents stored in the cloud

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links