Data Security System and Method
First Claim
1. A method of securing data in a distributed computer system having security sensitive:
- content represented by one or more security sensitive words, characters, images, data elements or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, said distributed computer system having a plurality of computers therein and a plurality of extract data stores for respective ones of said plurality of security levels operatively coupled over a communications network comprising;
granularly extracting said security sensitive content from a data input to obtain extracted data for each corresponding security level and remainder data;
storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in said distributed computer system;
controlling release of corresponding extracted data from said respective extract stores with said associated security clearances for corresponding security levels; and
, fully or partially reconstructing all or part of said data input with said corresponding extracted data and remainder data after the controlling release thereof.
2 Assignments
0 Petitions
Accused Products
Abstract
The method for securing data in a distributed computer system for security sensitive content includes granularly extracting sensitive content, per security level, from remainder data. The security sensitive content is classified into security levels, each having a security clearance. The extracted data is remotely stored in extract stores. The controlled release of extracted data occurs with the appropriate security clearances. Maps of storage sites and filters for repetitive extraction may be employed, stored and then sometimes destroyed. The data input, extracted data and remainder data may be deleted from the originating source. Encryption, unique to each security level, enhances security (preferably during transfers, storage and retrieval). Full or partial reconstruction of the data is permitted with security clearances. An information processing system is encompassed.
-
Citations
45 Claims
-
1. A method of securing data in a distributed computer system having security sensitive:
- content represented by one or more security sensitive words, characters, images, data elements or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, said distributed computer system having a plurality of computers therein and a plurality of extract data stores for respective ones of said plurality of security levels operatively coupled over a communications network comprising;
granularly extracting said security sensitive content from a data input to obtain extracted data for each corresponding security level and remainder data;
storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in said distributed computer system;
controlling release of corresponding extracted data from said respective extract stores with said associated security clearances for corresponding security levels; and
,fully or partially reconstructing all or part of said data input with said corresponding extracted data and remainder data after the controlling release thereof. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- content represented by one or more security sensitive words, characters, images, data elements or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, said distributed computer system having a plurality of computers therein and a plurality of extract data stores for respective ones of said plurality of security levels operatively coupled over a communications network comprising;
-
36. An information processing system for securing data in a data input having security sensitive content represented by one or more security sensitive words, characters, images, data elements or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the information processing system for securing data deployed in a distributed computer system with a plurality of computers and a plurality of extract data stores for respective ones of said plurality of security levels operatively coupled over a communications network comprising:
-
a granular filter processing said data input and separating therefrom said security sensitive content as extracted data for each corresponding security level, leaving remainder data;
means for storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in said distributed computer system;
an access controller for permitting controlled release of said respective extract data from said corresponding extract stores for respective security levels with said associated security clearances; and
,a compiler, coupled to said access controller, for permitting full or partial reconstruction of said data via said respective extract stores and remainder data. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45)
-
Specification