SYSTEM AND METHOD FOR DATA LEAKAGE PREVENTION

US 20110083190A1
Filed: 10/07/2009
Published: 04/07/2011
Est. Priority Date: 10/07/2009
Status: Active Grant

First Claim

Patent Images

1. A method for securing information, comprising:

detecting an access to sensitive data;

determining user information associated with the access to sensitive data;

determining a unique user identifier associated with the user information;

comparing the access to sensitive data to a policy utilizing the unique user identifier;

determining that the access to sensitive data violates the policy in response to comparing the access to the policy; and

recording an entry in response to determining that the access to sensitive data violates the policy.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment, a method for securing information includes detecting an access to sensitive data and determining user information associated with the access to sensitive data. The method also includes determining a unique user identifier associated with the user information. In addition, the method includes comparing the access to sensitive data to a policy utilizing the unique user identifier. Further, the method includes determining that the access to sensitive data violates the policy in response to comparing the access to the policy. The method also includes recording an entry in response to determining that the access to sensitive data violates the policy.

67 Citations

View as Search Results

21 Claims

1. A method for securing information, comprising:
- detecting an access to sensitive data;
  
  determining user information associated with the access to sensitive data;
  
  determining a unique user identifier associated with the user information;
  
  comparing the access to sensitive data to a policy utilizing the unique user identifier;
  
  determining that the access to sensitive data violates the policy in response to comparing the access to the policy; and
  
  recording an entry in response to determining that the access to sensitive data violates the policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein determining a unique user identifier comprises:
    - sending the user information to a server; and
      
      receiving the unique user identifier in response to sending the user information to the server.
  - 3. The method of claim 1, wherein comparing the access to sensitive data to the policy comprises utilizing a strength value of the association between the unique user identifier and the user information.
  - 4. The method of claim 1, wherein determining the unique user identifier associated with the user information comprises:
    - determining if a stored version of a unique user identifier that corresponds to the user information exists;
      
      if the stored version does exist, retrieving the stored version of the unique user identifier; and
      
      if the stored version does not exist, requesting the unique user identifier from a server, wherein the request comprises the user information.
  - 5. The method of claim 1, wherein the user information comprises an e-mail address.
  - 6. The method of claim 1, further comprising denying access to the sensitive data in response to determining that the access violates the policy.
  - 7. The method of claim 1, wherein the access to sensitive data comprises the presence of the sensitive data in a message.

8. One or more tangible, computer-readable storage media comprising instructions that, when executed by at least one processor, are operable to:
- detect an access to sensitive data;
  
  determine user information associated with the access to sensitive data;
  
  determine a unique user identifier associated with the user information;
  
  compare the access to sensitive data to a policy utilizing the unique user identifier;
  
  determine that the access violates the policy in response to comparing the access to the policy; and
  
  record an entry in response to determining that the access violates the policy.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The media of claim 8, wherein determining a unique user identifier comprises:
    - sending the user information to a server; and
      
      receiving the unique user identifier in response to sending the user information to the server.
  - 10. The media of claim 8, wherein comparing the access to sensitive data to the policy comprises utilizing a strength value of the association between the unique user identifier and the user information.
  - 11. The media of claim 8, wherein determining the unique user identifier associated with the user information comprises:
    - determining if a stored version of a unique user identifier that corresponds to the user information exists;
      
      if the stored version does exist, retrieving the stored version of the unique user identifier; and
      
      if the stored version does not exist, requesting the unique user identifier from a server, wherein the request comprises the user information.
  - 12. The media of claim 8, wherein the user information comprises an e-mail address.
  - 13. The media of claim 8, wherein the instructions are further operable to deny access to the sensitive data in response to determining that the access violates the policy.
  - 14. The media of claim 8, wherein the access to sensitive data comprises the presence of the sensitive data in a message.

15. A system for data leakage prevention, comprising:
- an agent operable to;
  
  detect an access to sensitive data; and
  
  determine user information associated with the access to sensitive data; and
  
  a subsystem operable to;
  
  determine a unique user identifier associated with the user information;
  
  compare the access to sensitive data to a policy utilizing the unique user identifier;
  
  determine that the access violates the policy in response to comparing the access to the policy; and
  
  record an entry in response to determining that the access violates the policy.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15, wherein the subsystem determining a unique user identifier comprises the subsystem:
    - sending the user information to a server; and
      
      receiving the unique user identifier in response to sending the user information to the server.
  - 17. The system of claim 15, wherein the subsystem comparing the access to sensitive data to the policy comprises the subsystem utilizing a strength value of the association between the unique user identifier and the user information.
  - 18. The system of claim 15, wherein the subsystem determining the unique user identifier associated with the user information comprises the subsystem:
    - determining if a stored version of a unique user identifier that corresponds to the user information exists;
      
      if the stored version does exist, retrieving the stored version of the unique user identifier; and
      
      if the stored version does not exist, requesting the unique user identifier from a server, wherein the request comprises the user information.
  - 19. The system of claim 15, wherein the user information comprises an e-mail address.
  - 20. The system of claim 15, wherein the subsystem is further operable to deny access to the sensitive data in response to determining that the access violates the policy.
  - 21. The system of claim 15, wherein the access to sensitive data comprises the presence of the sensitive data in a message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Computer Associates Think Inc. (Broadcom, Inc.)
Inventors
Brown, Timothy G., Mann, Bilhar S.

Granted Patent

US 8,578,504 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/6209 to a single file or object,...

SYSTEM AND METHOD FOR DATA LEAKAGE PREVENTION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

67 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR DATA LEAKAGE PREVENTION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links