SYSTEM AND METHOD FOR PROVIDING IDENTITY THEFT SECURITY

US 20100024037A1
Filed: 11/09/2007
Published: 01/28/2010
Est. Priority Date: 11/09/2006
Status: Active Grant

First Claim

Patent Images

1. A method of minimizing the risk of theft or disclosure of personally identifiable or sensitive information comprising the steps of:

identifying data that may contain sensitive information; and

using an information retrieval tool from the group consisting of Vector Space Models, Latent Semantic Analysis, Latent Dirichlet Allocation and Bayesian Networks to compare attributes of said data to attributes of similar concept data files.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of providing identity theft security is provided. The system and method utilizes a computer program that identifies, locates, secures, and/or removes from computers, computer systems and/or computer networks personally identifying and/or other sensitive information in different data formats. The computer program utilizes a multi-tiered escalation model of searching/identifying sensitive information. The computer program of the instant invention utilizes a self-learning process for fine-tuning a level of scrutiny for identifying potentially sensitive information.

125 Citations

20 Claims

1. A method of minimizing the risk of theft or disclosure of personally identifiable or sensitive information comprising the steps of:
- identifying data that may contain sensitive information; and
  
  using an information retrieval tool from the group consisting of Vector Space Models, Latent Semantic Analysis, Latent Dirichlet Allocation and Bayesian Networks to compare attributes of said data to attributes of similar concept data files.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method as claimed in claim 1 wherein said information retrieval tool is Vector Space Models.
  - 3. The method as claimed in claim 2 where said step of using Vector Space Models comprises the step of voting by said similar concept data files to determine a classification for said data file.
  - 4. The method as claimed in claim 3 wherein said concept data files include clean data file and target data file classifications.
  - 5. The method as claimed in claim 4 wherein said voting step further comprises the steps of:
    - determining the N closest concept data files to said data;
      
      calculating a value representative of how close each of said N closest concept data files is relative to said data;
      
      summing separately values calculated for clean data files and for target data files; and
      
      classifying said data as clean or target based upon the relative values of clean data files and target data files obtained in said summing step.
  - 6. The method as claimed in claim 1 wherein said concept data file attributes relate to personally identifiable information.
  - 7. The method as claimed in claim 1 wherein said concept data file attributes relate to custom information.
  - 8. The method as claimed in claim 1 wherein said identifying step identifies data that is located in a file, document or other data file stored on a data storage medium.
  - 9. The method as claimed in claim 1 wherein said identifying step identifies data during a transmission.
  - 10. The method as claimed in claim 1 wherein said identifying step identifies data prior to said data being stored on a data storage medium.
  - 11. The method as claimed in claim 2 said step of using Vector Space Models comprises the steps of:
    - obtaining a corpus of concept data files that have been identified as possibly containing sensitive information;
      
      creating a matrix of attributes for clean concept data files within said corpus; and
      
      creating a matrix of attributes for target concept data files within said corpus.

12. A system for minimizing the risk of theft or disclosure of personally identifiable or sensitive information on a computer network comprising:
- a scanning engine located on a computer or work station on the network to identify personally identifiable or sensitive information on said computer or work station;
  
  a user control console in communication with said scanning engine; and
  
  a report engine in communication with said control console.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The system as claimed in claim 12 further comprising a remediation engine to take action with respect to said personally identifiable or sensitive information.
  - 14. The system as claimed in claim 13 wherein the action taken by said remediation engine is selected from the group consisting of acquitting, researching, masking, achieving/masking, wiping, achieving/wiping, and restoring.
  - 15. The system as claimed in claim 12 wherein said scanning engine utilizes Vector Space Models to compare attributes of scanned data to attributes of similar concept data files stored in a configuration profile for said scanning engine.
  - 16. The system as claimed in claim 15 wherein said scanning engine receives said concept data files from said user control console.

17. A method of self-learning for a system for minimizing the risk of theft or disclosure of personally identifiable or sensitive information, said method comprising the steps of:
- setting the system to a relatively high level of scrutiny to identify data files that may contain sensitive information, wherein certain of said files are falsely identified as containing sensitive information;
  
  obtaining a corpus of concept data files that have been identified by the system as containing sensitive information;
  
  determining files that are falsely identified as containing sensitive information;
  
  creating a matrix of attributes for clean concept data files within said corpus based upon said falsely identified files; and
  
  creating a matrix of attributes for target concept data files within said corpus based upon files that have not been falsely identified.

18. A method of minimizing the risk of theft or disclosure of personally identifiable or sensitive information comprising the steps of:
- identifying data that may contain sensitive information;
  
  placing said data in a data log wherein the potentially sensitive information is separated from said data; and
  
  including contextual information for said potentially sensitive information in said data log, wherein said contextual information is separated from said data.
- View Dependent Claims (19)
- - 19. The method as claimed in claim 18 wherein said contextual data includes data directly preceding and data directly following said potentially sensitive information.

20. A method of minimizing the risk of theft or disclosure of personally identifiable or sensitive information comprising the steps of:
- utilizing pattern matching via regular expressions to identify possible personally identifiable or sensitive information in a first stage; and
  
  escalating said possible personally identifiable or sensitive information to at least a second more sensitive stage for additional analysis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Touchnet Info Sys Incorporated (Global Payments Incorporated)
Original Assignee
Touchnet Info Sys Incorporated (Global Payments Incorporated)
Inventors
GRZYMALA-BUSSE, WITOLD J., TOUGHEY, DANIEL J., VERMEIRE, DEAN R.

Granted Patent

US 8,256,006 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/6245 Protecting personal data, e...

G06F 2221/2143 Clearing memory, e.g. to pr...

SYSTEM AND METHOD FOR PROVIDING IDENTITY THEFT SECURITY

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

125 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR PROVIDING IDENTITY THEFT SECURITY

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

125 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links