METHODS AND SYSTEMS FOR PROTECT AGENTS USING DISTRIBUTED LIGHTWEIGHT FINGERPRINTS
First Claim
1. A computer implemented method for protecting an organization'"'"'s secure information from unauthorized disclosure, the computer implemented method comprising:
- implementing a first protect agent at a first egress point, wherein the first protect agent receives input information that a user desires to transmit outside of a given organization, and wherein the first egress point represents means by which the input information is transmitted outside of the given organization; and
comparing a first set of client fingerprints associated with the input information received by the first protect agent against a database of registered fingerprints, wherein the database of registered fingerprints includes registered fingerprints generated from the organization'"'"'s secure information.
5 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides methods and systems to protect an organization'"'"'s secure information from unauthorized disclosure. The present system uses protect agents installed across various egress points (e.g., email server, user'"'"'s computer, etc.) to monitor information disclosed by a user. The present system also provides the use of lightweight fingerprint databases (LFD) to maintain a database of fingerprints associated with the organization'"'"'s secure data. In one embodiment, the LFD is stored locally at the site of each protect agent such that the organization'"'"'s secure information can be protected even when a protect agent is disconnected from the network. Methods and systems to compress fingerprints to achieve the lightweight fingerprint databases are also provided. In one embodiment, a combined approach, utilizing both the local lightweight fingerprint database and a remote fingerprint server comprising registered fingerprints is used to achieve overall protection of the organization'"'"'s secure information.
-
Citations
58 Claims
-
1. A computer implemented method for protecting an organization'"'"'s secure information from unauthorized disclosure, the computer implemented method comprising:
-
implementing a first protect agent at a first egress point, wherein the first protect agent receives input information that a user desires to transmit outside of a given organization, and wherein the first egress point represents means by which the input information is transmitted outside of the given organization; and comparing a first set of client fingerprints associated with the input information received by the first protect agent against a database of registered fingerprints, wherein the database of registered fingerprints includes registered fingerprints generated from the organization'"'"'s secure information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer implemented method for protecting an organization'"'"'s secure information from unauthorized disclosure, the computer implemented method comprising:
-
implementing a first protect agent at a first egress point, wherein the first protect agent receives input information that a user desires to transmit outside of a given organization, and wherein the first egress point represents means by which the input information is transmitted outside of the given organization; generating a first set of client fingerprints from the input information; maintaining a database of registered fingerprints locally at the site of the first protect agent, wherein the database of registered fingerprints includes registered fingerprints generated from the organization'"'"'s secure information; and comparing the first set of client fingerprints against the database of registered fingerprints. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A computer implemented system for protecting an organization'"'"'s secure information from unauthorized disclosure, the computer implemented system comprising:
-
means for implementing a first protect agent at a first egress point, wherein the first protect agent receives input information that a user desires to transmit outside of a given organization, and wherein the first egress point represents means by which the input information is transmitted outside of the given organization; and means for comparing a first set of client fingerprints associated with the input information received by the first protect agent against a database of registered fingerprints, wherein the database of registered fingerprints includes registered fingerprints generated from the organization'"'"'s secure information. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47)
-
-
48. A computer implemented system for protecting an organization'"'"'s secure information from unauthorized disclosure, the computer implemented system comprising:
-
means for implementing a first protect agent at a first egress point, wherein the first protect agent receives input information that a user desires to transmit outside of a given organization, and wherein the first egress point represents means by which the input information is transmitted outside of the given organization; means for generating a first set of client fingerprints from the input information; means for maintaining a database of registered fingerprints locally at the site of the first protect agent, wherein the database of registered fingerprints includes registered fingerprints generated from the organization'"'"'s secure information; and means for comparing the first set of client fingerprints against the database of registered fingerprints. - View Dependent Claims (49, 50, 51, 52)
-
-
53. A computer implemented system for protecting an organization'"'"'s secure information from unauthorized disclosure, the computer implemented system comprising:
-
a computer implemented first protect agent at a first egress point, wherein the first protect agent receives input information that a user desires to transmit outside of a given organization, and wherein the first egress point represents means by which the input information is transmitted outside of the given organization; a database of registered fingerprints stored in a computer readable medium, wherein the database of registered fingerprints includes registered fingerprints generated from the organization'"'"'s secure information; and a computer implemented comparator for comparing a first set of client fingerprints associated with the input information received by the first protect agent against the database of registered fingerprints. - View Dependent Claims (54, 55, 56, 57, 58)
-
Specification