Systems and methods to secure restricted information

US 20050262575A1
Filed: 09/28/2004
Published: 11/24/2005
Est. Priority Date: 03/09/2004
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus to secure information, comprising:

a processor; and

a storage device in communication with said processor and storing instructions adapted to be executed by said processor to;

verifying a user request based on (i) user information, (ii) a unique address associated with a workstation, and (iii) a request authentication procedure, if the user request is verified, arrange for an application to be executed at a secure application server within a secure network and for information to be exchanged between the secure application server and the workstation through a firewall associated with the secure network, wherein the workstation is outside the secure network, determine whether the user is allowed to access a file stored at a secure file server within the secure network based at least in part on access information associated with the file, and if the user is allowed to access the file, arrange for information associated with the file to be provided to the application executing at the secure application server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided to secure restricted information, such as restricted financial information. According to some embodiments, a user'"'"'s request to execute an application on a secure application server is verified based on a user name, a user password, a unique identifier associated with a workstation, and a request authentication procedure. Moreover, according to some embodiments a file having restricted information cannot be attached to an email message. In still other embodiments, one display unit displays non-restricted information while another display unit displays restricted information.

Citations

28 Claims

1. An apparatus to secure information, comprising:
- a processor; and
  
  a storage device in communication with said processor and storing instructions adapted to be executed by said processor to;
  
  verifying a user request based on (i) user information, (ii) a unique address associated with a workstation, and (iii) a request authentication procedure, if the user request is verified, arrange for an application to be executed at a secure application server within a secure network and for information to be exchanged between the secure application server and the workstation through a firewall associated with the secure network, wherein the workstation is outside the secure network, determine whether the user is allowed to access a file stored at a secure file server within the secure network based at least in part on access information associated with the file, and if the user is allowed to access the file, arrange for information associated with the file to be provided to the application executing at the secure application server.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The apparatus of claim 1, wherein the storage device further stores at least one of:
    - (i) a user database, (ii) share information, or (iii) an activity log.
  - 3. The apparatus of claim 1, wherein the user information includes a user name and a user password.
  - 4. The apparatus of claim 1, wherein the unique identifier associated with the workstation comprises one of:
    - (i) an Internet Protocol address, or (ii) a media access control address.
  - 5. The apparatus of claim 1, wherein the access information is further associated with a folder containing with the file.

6. A method to secure information, comprising:
- determining that a user is attempting to attach information to an email message;
  
  automatically determining if the information includes restricted information; and
  
  if the information includes restricted information, arranging to insert into the email message a link to the restricted information without attaching the restricted information to the email message.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 7. The method of claim 6, wherein the restricted information comprises at least one of:
    - (i) financial information, (ii) material non-public information, (iii) client confidential information, (iv) confidential information, (v) internal information, (vi) trade secret information, (vii) technical information, or (viii) firm confidential information.
  - 8. The method of claim 6, wherein the method is associated with at least one of:
    - (i) an email application plug-in, (ii) an email application object, or (iii) an email application script.
  - 9. The method of claim 6, wherein the determination that the user is attempting to attach information to an email message is based on at least one of:
    - (i) a file name, (ii) a file path, (iii) directory share information, and (iv) distributed file system information.
  - 10. The method of claim 6, wherein the restricted information is stored at a secure file server on a secure network.
  - 11. The method of claim 6, wherein said arranging includes:
    - receiving from the user an indication as to whether or not the link should be inserted into the email message.
  - 12. The method of claim 6, further comprising:
    - determining if the destination of the email message is internal to an enterprise, wherein the link to the restricted information is only inserted into the email message if the destination is internal to the enterprise.
  - 13. The method of claim 12, further comprising:
    - if the destination of the email message is not internal to the enterprise, arranging to insert into the email message a link to a web portal.
  - 14. The method of claim 13, further comprising:
    - arranging for the web portal to provide the restricted information to a party that is not internal to the enterprise via a secure web interface.
  - 15. The method of claim 14, wherein the restricted information is provided to the party via the secure sockets layer protocol and the method further comprises:
    - removing the restricted information from the web portal after the information is provided to the party.

16. A medium storing instructions adapted to be executed by a processor to perform a method to secure information, said method comprising:
- determining that a user is attempting to attach information to an email message, automatically determining if the information includes restricted information, and if the information includes restricted information, arranging to insert into the email message a link to the restricted information without attaching the restricted information to the email message.

17. A method to secure information, comprising:
- verifying a user request based on (i) user information, (ii) a unique identifier associated with a workstation, and (iii) a request authentication procedure;
  
  if the user request is verified, arranging for an application to be executed at a secure application server within a secure network and for information to be exchanged between the secure application server and the workstation through a firewall associated with the secure network, wherein the workstation is outside the secure network;
  
  determining whether the user is allowed to access a file stored at a secure file server within the secure network based at least in part on access information associated with the file; and
  
  if the user is allowed to access the file, arranging for information associated with the file to be provided to the application executing at the secure application server.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method of claim 17, wherein the user information includes at least one of:
    - (i) a user name, (ii) a user password, or (iii) biometric information.
  - 19. The method of claim 17, wherein the unique identifier associated with the workstation comprises one of:
    - (i) an Internet Protocol address, or (ii) a media access control address.
  - 20. The method of claim 17, wherein the file is associated with at least one of:
    - (i) restricted financial information, (ii) material non-public information, (iii) client confidential information, (iv) confidential information, (v) internal information, (vi) trade secret information, (vii) restricted technical information, or (viii) firm confidential information.
  - 21. The method of claim 20, wherein the access information is based on at least one of:
    - (i) the user'"'"'s role, (ii) deal information, or (iii) company information.
  - 22. The method of claim 17, wherein the access information is further associated with a folder containing with the file.

23. A method to secure information, comprising:
- arranging for non-restricted information to be displayed on a first display unit associated with a workstation; and
  
  arranging for restricted information to be displayed on a second display unit associated with the workstation.
- View Dependent Claims (24, 25, 26)
- - 24. The method of claim 23, wherein the restricted information comprises at least one of:
    - (i) financial information, (ii) material non-public information, (iii) client confidential information, (iv) confidential information, (v) internal information, (vi) trade secret information, (vii) technical information, or (viii) firm confidential information.
  - 25. The method of claim 23, where a graphical user interface is prevented from moving an item from the second display unit to the first display unit.
  - 26. The method of claim 23, wherein different color schemes are associated with the first and second display units.

27. An apparatus, comprising:
- a workstation;
  
  a first display unit associated with the workstation; and
  
  a second display unit associated with the workstation, wherein the first display unit is to display non-restricted information and the second display unit is to display restricted information.

28. A method to secure information, comprising:
- receiving a request to send restricted financial information from a secure file server within a secure network to a printer outside the secure network; and
  
  if the printer is authorized to output the restricted financial information, transmitting the restricted financial information to the printer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Goldman Sachs & Co. LLC (Goldman Sachs Group Incorporated)
Original Assignee
Goldman Sachs & Co. LLC (Goldman Sachs Group Incorporated)
Inventors
Patel, Bhavesh R., Byron, Mary D., Dweck, Jay S.

Application Number

US10/952,333
Publication Number

US 20050262575A1
Time in Patent Office

Days
Field of Search
US Class Current

726/28
CPC Class Codes

H04L 51/00   User-to-user messaging in p...

H04L 51/08   Annexed information, e.g. a...

H04L 51/216   Handling conversation histo...

H04L 51/56   Unified messaging, e.g. int...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

Systems and methods to secure restricted information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods to secure restricted information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links