DATA NETWORK AND METHOD FOR CHECKING NODES OF A DATA NETWORK
First Claim
1. A data network comprising:
- a set of nodes connected to each other by a data transmission path, at least one node comprising a storage medium for storing information,an automatically searchable mark located at a node and associated with one or both of;
the stored information and the node, the searchable mark corresponding to a privacy policy for controlling storage of, transfer of, or access to the stored information or controlling access to the node;
said automatically searchable mark further defining one or more of;
a permissible storage place where the marked information is permissibly stored, a permissible data transmission path for accessing the marked information or the marked node or, a permissible data transmission path for transferring the marked information, said searchable mark enabling a priori determination where in said data network a data may reside;
a searching engine for traversing said data network to detect and analyze a searchable mark in said data network, said searching engine detecting a place on which the marked information is stored and detecting one or more possible data transmission paths within said data network for accessing the marked information or the marked node or a possible data transmission path or data transmission paths for transferring the marked information in said data network,wherein the searching engine compares the detected storage place of the information with the permissible storage place that is defined by the searchable mark of the information and checks whether the privacy policy is maintained, and further compares the detected possible paths for transferring the information or for accessing the information or the marked node with the data transmission paths that are defined by the searchable mark of the information or by the searchable mark of the node, and determines whether the privacy policy is maintained, and upon determining a privacy policy violation, said searching engine generates an alarm.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a data network, systems and methods for checking nodes of a data network that are used for detecting whether a privacy policy concerning an information is maintained. The information comprises a mark corresponding to the privacy policy. The mark defines the storage place or the accessing paths or the transferring paths of the information. The mark is automatically searchable. The mark is searched, analyzed and checked as to whether the privacy policy is maintained. The advantage of the system is that vulnerabilities of systems for protecting confidential information may be detected a long time before an attack on the confidential information occurs.
-
Citations
7 Claims
-
1. A data network comprising:
-
a set of nodes connected to each other by a data transmission path, at least one node comprising a storage medium for storing information, an automatically searchable mark located at a node and associated with one or both of;
the stored information and the node, the searchable mark corresponding to a privacy policy for controlling storage of, transfer of, or access to the stored information or controlling access to the node;
said automatically searchable mark further defining one or more of;
a permissible storage place where the marked information is permissibly stored, a permissible data transmission path for accessing the marked information or the marked node or, a permissible data transmission path for transferring the marked information, said searchable mark enabling a priori determination where in said data network a data may reside;a searching engine for traversing said data network to detect and analyze a searchable mark in said data network, said searching engine detecting a place on which the marked information is stored and detecting one or more possible data transmission paths within said data network for accessing the marked information or the marked node or a possible data transmission path or data transmission paths for transferring the marked information in said data network, wherein the searching engine compares the detected storage place of the information with the permissible storage place that is defined by the searchable mark of the information and checks whether the privacy policy is maintained, and further compares the detected possible paths for transferring the information or for accessing the information or the marked node with the data transmission paths that are defined by the searchable mark of the information or by the searchable mark of the node, and determines whether the privacy policy is maintained, and upon determining a privacy policy violation, said searching engine generates an alarm. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for checking nodes or information stored at nodes of a data network, said nodes being connected with data transmission paths, said method steps comprising:
-
providing an automatically searchable mark located at a node for association with one or both of;
the information and the node, the automatically searchable mark corresponding to a privacy policy for controlling storage of, transfer of, or access to the stored information or, controlling access to the node;
said automatically searchable mark further defining one or more of;
a permissible storage place where the marked information is permissibly stored, a permissible data transmission path for accessing the marked information or the marked node or, a permissible data transmission path in which the marked information could be permissibly transferred, said automatically searchable mark enabling a priori determination where in a network a data may reside; and
,traversing, by a search engine, said data network to detect and analyze a mark in said data network for detecting the places on which the marked information is stored in said data network and detecting possible data transmission paths for accessing the marked information or the marked node or, detecting a possible data transmission path for transferring the marked information in said data network; comparing, by the search engine, the detected storage place of the information with the permissible storage place that is defined by the mark of the information and checking whether the privacy policy is maintained, and comparing the detected possible data transmission paths for transferring the information or for accessing the information or the marked node with the data transmission paths that are defined by the automatically searchable mark of the information or by the automatically searchable mark of the node, and determining whether the privacy policy is maintained, and generating, by the search engine, an alarm upon determining a privacy policy violation.
-
Specification