Information Management System

US 20080301297A1
Filed: 12/17/2007
Published: 12/04/2008
Est. Priority Date: 11/08/2000
Status: Abandoned Application

First Claim

Patent Images

1. An information management system comprising:

one or more workstations connected to a computer network, each workstation having a memory;

an application stored in said memory of each workstation for transmitting outbound data to said network and receiving inbound data from said network;

policy data containing rules for determining one or more particulars of the outbound data, and for controlling the transmission of said outbound data in dependence on those particulars; and

an analyser, said analyser determining, in conjunction with said policy data, one or more particulars of the outbound data and controlling the transmission of said data according to said policy data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information management system is described comprising one or more workstations running applications which allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or has just received from the network, and which determines an appropriate action to take regarding that data. The analyzer may consult policy data containing a supervisor-defined policy to govern the workstations in order to determine what action to take. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage and record keeping; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission is valid; determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made; and controlling the transmission of messages, such as e-mails according to a policy.

43 Citations

View as Search Results

60 Claims

1. An information management system comprising:
- one or more workstations connected to a computer network, each workstation having a memory;
  
  an application stored in said memory of each workstation for transmitting outbound data to said network and receiving inbound data from said network;
  
  policy data containing rules for determining one or more particulars of the outbound data, and for controlling the transmission of said outbound data in dependence on those particulars; and
  
  an analyser, said analyser determining, in conjunction with said policy data, one or more particulars of the outbound data and controlling the transmission of said data according to said policy data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system of claim 1, wherein the analyser blocks transmission of the outbound data.
  - 3. The system of claim 1, wherein said analyser is located on each of said one or more workstations.
  - 4. The system of claim 1, wherein the analyser prevents outbound data from being transmitted to a web site on the Internet, if it determines that the web site is in a pre-determined list of prohibited web sites, and if it is determined that the outbound data contains one or more pre-determined keywords, or combinations of keywords.
  - 5. The system of claim 1, wherein said application is a web browser.
  - 6. The system of claim 5, wherein said analyser is a plug-in module of said web browser.
  - 7. The system of claim 6, wherein said web browser is Microsoft'"'"'s Internet Explorer and said analyser is a Browser Helper Object.
  - 8. The system of claim 1, wherein said application is an e-mail client.
  - 9. The system of claim 8, wherein said analyser is a plug-in module of said e-mail client.
  - 10. The system of claim 9, wherein said e-mail client is Microsoft'"'"'s Outlook e-mail client and said analyser is a Microsoft Exchange client extension.
  - 11. The system of claim 1, wherein said application is an Instant messaging application.
  - 12. The system of claim 11, wherein said analyser is a plug-in module of said Instant messaging application.
  - 13. The system of claim 1, wherein said application is a Voice Messaging application.
  - 14. The system of claim 13, wherein said analyser is a plug-in module of said Voice messaging application.
  - 15. The system of claim 1, wherein said computer network comprises a server, and said analyser is located at a point on the network intermediate said one or more workstations and said server.

16. An information management system comprising:
- one or more workstations connected to a computer network, each workstation having a memory;
  
  application means stored in said memory of each workstation for transmitting outbound data to said network and receiving inbound data from said network;
  
  policy storage means containing rules for determining one or more particulars of the outbound data, and for controlling the transmission of said outbound data in dependence on those particulars; and
  
  analysing means for determining, in conjunction with said policy means, one or more particulars of the outbound data and controlling the transmission of said data according to said policy data.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The system of claim 16, wherein the analysing means blocks transmission of the outbound data.
  - 18. The system of claim 16, wherein the analysing means is located on each of said one or more workstations.
  - 19. The system of claim 16, wherein the analysing means prevents outbound data being transmitted to a web site on the Internet, if it determines that the web site is in a pre-determined list of prohibited web sites, and if it is determined that the outbound data contains one or more pre-determined keywords, or combinations of keywords.
  - 20. The system of claim 16, wherein said application means is a web browser.
  - 21. The system of claim 20, wherein said analysing means is a plug-in module of said web browser.
  - 22. The system of claim 21, wherein said web browser is Microsoft'"'"'s Internet Explorer and said analysing means is a Browser Helper Object.
  - 23. The system of claim 16, wherein said application means is an e-mail client.
  - 24. The system of claim 23, wherein said analysing means is a plug-in module of said e-mail client.
  - 25. The system of claim 24, wherein said e-mail client is Microsoft'"'"'s Outlook e-mail client and said analysing means is a Microsoft Exchange client extension.
  - 26. The system of claim 16, wherein said application means is an Instant messaging application.
  - 27. The system of claim 26, wherein said analysing means is a plug-in module of said Instant messaging application.
  - 28. The system of claim 16, wherein said application means is a Voice Messaging application.
  - 29. The system of claim 28, wherein said analysing means is a plug-in module of said Voice messaging application.
  - 30. The system of claim 16, wherein said computer network comprises a server, and said analysing means is located at a point on the network intermediate said one or more workstations and said server.

31. A method of managing information comprising the steps of:
- providing one or more workstations connected to a computer network, each workstation having a memory;
  
  providing an application stored in said memory of each workstation for transmitting outbound data to said network and receiving inbound data from said network;
  
  providing policy data containing rules for determining one or more particulars of the outbound data, and for controlling the transmission of said outbound data in dependence on those particulars;
  
  analysing, in conjunction with said policy data, said outbound data to determine one or more particulars of the outbound message; and
  
  controlling the transmission of said data according to said policy data, and said one or more particulars.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 32. The method of claim 31, wherein the controlling step includes blocking the transmission of the data.
  - 33. The system of claim 31, wherein the analysing step is performed at each of said one or more workstations.
  - 34. The method of claim 31, comprising preventing outbound data being transmitted to a web site on the Internet, if it is determined in the analysing step that the web site is in a pre-determined list of prohibited web sites, and if it is determined that the outbound data contains one or more pre-determined keywords, or combinations of keywords.
  - 35. The method of claim 31, wherein said application is a web browser.
  - 36. The method of claim 35, wherein the analysing step is performed by a plug-in module of said web browser.
  - 37. The method of claim 36, wherein said web browser is Microsoft'"'"'s Internet Explorer and the analysing step is performed by a Browser Helper Object.
  - 38. The method of claim 31, wherein said application is an e-mail client.
  - 39. The method of claim 38, wherein said analysing step is performed by a plug-in module of said e-mail client.
  - 40. The method of claim 39, wherein said e-mail client is Microsoft'"'"'s Outlook e-mail client and said analysing step is performed by a Microsoft Exchange client extension.
  - 41. The method of claim 31, wherein said application is an Instant messaging application.
  - 42. The method of claim 41, wherein the analysing step is performed by a plug-in module of said Instant messaging application.
  - 43. The method of claim 31, wherein said application is a Voice Messaging application.
  - 44. The method of claim 43, wherein said analysing step is a plug-in module of said Voice messaging application.
  - 45. The method of claim 31, wherein said computer network comprises a server, and said analysing step is performed at a point on the network intermediate said one or more workstations and said server.

46. A computer software product, for controlling a computer to manage information, said computer being connected to a network and having access to policy data containing rules for controlling transmission of outbound data to the network, comprising a recording medium readable by the computer, having program code recorded thereon which when executed on said computer configures the computer to:
- analyse, in conjunction with an application that is running on the computer and that transmits outbound data to said network and receives inbound data from said network, said outbound data to determine in conjunction with said rules of said policy data one or more particulars of said outbound data; and
  
  control the transmission of said data according to said policy data and said one or more particulars of said outbound message.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
- - 47. The computer program product of claim 46, wherein controlling the transmission of the outbound data, includes blocking the transmission of the data.
  - 48. The computer program product of claim 46, wherein the analysing step is performed at each of said one or more workstations.
  - 49. The computer software product of claim 46, wherein the program code is operable to prevent outbound data from being transmitted to a web site on the Internet, if it determines that the web site is in a pre-determined list of prohibited web sites, and if it is determined that the outbound data contains one or more pre-determined keywords, or combinations of keywords.
  - 50. The computer program product of claim 46, wherein said application is a web browser.
  - 51. The computer program product of claim 50, wherein the analysing step is performed by a plug-in module of said web browser.
  - 52. The computer program product of claim 51, wherein said web browser is Microsoft'"'"'s Internet Explorer and the analysing step is performed by a Browser Helper Object.
  - 53. The computer program product of claim 46, wherein said application is an e-mail client.
  - 54. The computer program product of claim 53, wherein the analysing step is performed by a plug-in module of said e-mail client.
  - 55. The computer program product of claim 54, wherein said e-mail client is Microsoft'"'"'s Outlook e-mail client and the analysing step is performed by a Microsoft Exchange client extension.
  - 56. The computer program product of claim 46, wherein said application is an Instant messaging application.
  - 57. The computer program product of claim 56, wherein the analysing step is performed by a plug-in module of said Instant messaging application.
  - 58. The computer program product of claim 46, wherein the analysing step is performed by a Voice Messaging application.
  - 59. The computer program product of claim 58, wherein the analysing step is performed by a plug-in module of said Voice messaging application.
  - 60. The computer program product of claim 46, wherein said computer network comprises a server, and the analysing step is performed at a point on the network intermediate said one or more workstations and said server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Original Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Inventors
Malcolm, Peter Bryan, Stickler, Andrew Mark, Beadle, Paul James Owen, Napier, John Anthony, Crocker, Jason Paul, Tamblin, Nathan John

Application Number

US11/958,270
Publication Number

US 20080301297A1
Time in Patent Office

Days
Field of Search
US Class Current

709/225
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/6218   to a system of files or obj...

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 10/06   Resources, workflows, human...

G06Q 10/063   Operations research, analys...

G06Q 10/10   Office automation; Time man...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/401   Transaction verification

G06Q 20/4012   Verifying personal identifi...

G06Q 30/06   Buying, selling or leasing ...

H04L 51/212   using filtering or selectiv...

H04L 51/214   using selective forwarding

H04L 63/20   for managing network securi...

Information Management System

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

43 Citations

60 Claims

Specification

Solutions

Use Cases

Quick Links

Information Management System

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

60 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links