Cascading security architecture
First Claim
Patent Images
1. A method for managing a target document, the method comprising:
- identifying an operation to be performed on the target document;
identifying a behavior applied to the target document based on the identified operation, previous operations performed upon the target document, and activity-to-behavior patterns;
determining whether the target document contains sensitive information by;
determining whether a record of the target document exists in a list of records, responsive to there being no record of the target document in the list, conducting a matching to the target document, and responsive to the result of the matching, determining whether the target document contains the sensitive information; and
responsive to the target document containing the sensitive information, processing the target document based on security policies corresponding to the identified behavior.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and a method are disclosed for sensitive document management. The system includes one or more agents, a behavior analysis engine, a local policy engine, and a local matching service. The method identifies whether a document is sensitive, identifies behaviors applied to the document, determines whether the document contains sensitive information and determines whether to allow the identified behavior to continue based on security policies.
-
Citations
20 Claims
-
1. A method for managing a target document, the method comprising:
-
identifying an operation to be performed on the target document;
identifying a behavior applied to the target document based on the identified operation, previous operations performed upon the target document, and activity-to-behavior patterns;
determining whether the target document contains sensitive information by;
determining whether a record of the target document exists in a list of records, responsive to there being no record of the target document in the list, conducting a matching to the target document, and responsive to the result of the matching, determining whether the target document contains the sensitive information; and
responsive to the target document containing the sensitive information, processing the target document based on security policies corresponding to the identified behavior. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for managing documents with sensitive information in a network, the method comprising:
-
identifying a document being processed by an endpoint of the network;
identifying an operation to be performed on the document;
identifying a behavior applied to the document based on the identified operation, previous operations performed upon the document, and activity-to-behavior patterns;
determining whether the document contains sensitive information by;
determining whether a record of the document exists in a list of records, responsive to there being no record of the document in the list, conducting a matching to the document, and responsive to the result of the matching, determining whether the document contains the sensitive information; and
responsive to the document containing the sensitive information, processing the document based on security policies applicable to the identified behavior. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer readable medium structured to store instructions executable by a processor, the instructions when executed causing a processor to:
-
identify an operation to be performed on the target document;
identify a behavior applied to the target document based on the identified operation, previous operations performed upon the target document, and activity-to-behavior patterns;
determine whether the target document contains sensitive information by;
determine whether a record of the target document exists in a list of records, responsive to there being no record of the target document in the list, conduct a matching to the target document, and responsive to the result of the matching, determine whether the target document contains the sensitive information; and
responsive to the target document containing the sensitive information, process the target document based on security policies corresponding to the identified behavior. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer readable medium structured to store instructions executable by a processor, the instructions when executed causing a processor to:
-
identify a document being processed by an endpoint of the network;
identify an operation to be performed on the document;
identify a behavior applied to the document based on the identified operation, previous operations performed upon the document, and activity-to-behavior patterns;
determine whether the document contains sensitive information by;
determine whether a record of the document exists in a list of records, responsive to there being no record of the document in the list, conduct a matching to the document, and responsive to the result of the matching, determine whether the document contains the sensitive information; and
responsive to the document containing the sensitive information, process the document based on security policies applicable to the identified behavior. - View Dependent Claims (17, 18, 19, 20)
-
Specification