Systems and methods for enterprise-wide data identification, sharing and management in a commercial context
First Claim
Patent Images
1. An extrusion detection system, comprising:
- a plurality of analysis modules and a traffic rule engine, wherein the traffic rule engine is coupled to said plurality of analysis modules and comprises preset rules, the traffic rule engine being configured to select, based on said preset rules, an incoming data packet for extrusion analysis by at least one of the plurality of analysis modules;
wherein each said analysis module is configured to extract information from said incoming data packet in accordance with one of a plurality of protocols; and
an identification module including one or more identification components comprising a header, a search markup language program, and a data features section containing features of data, wherein the identification components are configured to identify suspect data and to allow sharing of said suspect data among a first entity and at least a second entity in a manner that enables utilization of the suspect data by the second entity while not revealing the actual content of sensitive data to the second entity;
wherein said identification module is configured to output a report based on at least said suspect data.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for digital liability management, digital rights management and extrusion detection. The system includes identification components that identify particular data transiting a network.
-
Citations
19 Claims
-
1. An extrusion detection system, comprising:
-
a plurality of analysis modules and a traffic rule engine, wherein the traffic rule engine is coupled to said plurality of analysis modules and comprises preset rules, the traffic rule engine being configured to select, based on said preset rules, an incoming data packet for extrusion analysis by at least one of the plurality of analysis modules;
wherein each said analysis module is configured to extract information from said incoming data packet in accordance with one of a plurality of protocols; and
an identification module including one or more identification components comprising a header, a search markup language program, and a data features section containing features of data, wherein the identification components are configured to identify suspect data and to allow sharing of said suspect data among a first entity and at least a second entity in a manner that enables utilization of the suspect data by the second entity while not revealing the actual content of sensitive data to the second entity;
wherein said identification module is configured to output a report based on at least said suspect data. - View Dependent Claims (2, 3)
-
-
4. An extrusion detection method, comprising:
-
intercepting network traffic including digital data received from a local computer;
rerouting the intercepted network traffic to a traffic rule engine;
inspecting the rerouted traffic using preset roles to determine a part of the rerouted traffic to be analyzed;
extracting, using a particular protocol, the determined part of the rerouted traffic to be analyzed from the network traffic and reconstructing the outgoing message;
identifying suspect files transiting on the network by comparing the extracted traffic with one or more search packs to determine if a suspect file is transiting on the network, wherein said one or more search packs comprise a header, a search markup language program, and an asset data features section; and
outputting an activity report. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A digital liability management and brand protection method, comprising:
-
intercepting internal network traffic and outgoing network traffic;
rerouting the intercepted network traffic to a traffic rule engine;
inspecting the rerouted traffic using preset rules to determine a part of the rerouted traffic to be analyzed;
extracting, using a particular protocol, the determined part of the rerouted traffic to be analyzed from the network traffic and reconstructing the outgoing message;
identifying suspect files transiting on the network by comparing the extracted traffic with one or more search packs to determine if a suspect file is transiting on the network, wherein said one or more search packs comprise a header, a search markup language program, and a protected asset data features section; and
outputting a report including a global map showing the locations of protected assets. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A digital liability and brand protection management system, comprising:
-
a plurality of analysis modules and a traffic rule engine, wherein the traffic rule engine is coupled to said plurality of analysis modules and comprises preset rules, the traffic rule engine being configured to select, based on said preset rules, an incoming data packet for liability analysis by at least one of the plurality of analysis modules;
wherein each said analysis module is configured to extract information from said incoming data packet in accordance with one of a plurality of protocols; and
an identification module including one or more identification components comprising a header, a search markup language program, and a protected asset data features section, wherein the identification components are configured to identify suspect data and to allow sharing of said suspect data among a first entity and at least a second entity in a manner that enables utilization of the suspect data by the second entity while not revealing the actual content of sensitive data to the second entity;
wherein said identification module is configured to output a report including a global map showing the locations of protected assets. - View Dependent Claims (17, 18, 19)
-
Specification