TECHNIQUES FOR DETECTING AND PREVENTING UNINTENTIONAL DISCLOSURES OF SENSITIVE DATA
8 Assignments
0 Petitions
Accused Products
Abstract
Protection is provided to prevent a computer user from unintentionally giving away sensitive data (e.g., security credentials, credit card number, PINs, personal data, or bank account number) to an illegitimate or unintended entity by means of a client application capable of communicating the sensitive data across a network to other computer users. To provide the protection, user input is monitored to detect a user entry of the sensitive data into the client application for communication to other users. When such an entry occurs, action is taken to reduce the likelihood of an unintentional giveaway of the sensitive data or to reduce the effects of an unintentional giveaway.
15 Citations
42 Claims
-
1-22. -22. (canceled)
-
23. A computer-implemented method of protecting against an unintentional release of sensitive data to an illegitimate or unintended entity, the method comprising:
-
monitoring data entered by a user into a client application, wherein the monitoring comprises at least one of; determining whether an intended recipient of the data provided to the client application is globally trusted; and determining whether the intended recipient of the data provided to the client application is personally trusted; accessing a set of pattern generating functions; generating a set of string matching patterns by applying the set of pattern generating functions to sensitive data; determining, with a processor, that the data being entered into the client application matches one or more of the string matching patterns in the set of string matching patterns; and in response to determining that the data being entered into the client application matches one or more of the string matching patterns in the set of string matching patterns, performing at least one of;
requesting that the user confirm a communication of the data;
warning the user that communicating the data might result in an unintentional release of sensitive data to an illegitimate or unintended entity;
preventing the client application from communicating the data; and
logging a communication of the data by the client application. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A non-transitory computer-usable medium storing a computer program for protecting against an unintentional release of sensitive data to an illegitimate or unintended entity, the computer program comprising instructions for causing at least one processor to:
-
monitor data being entered by a user into a client application, wherein the monitoring comprises at least one of; determining whether an intended recipient of the data provided to the client application is globally trusted; and determining whether the intended recipient of the data provided to the client application is personally trusted; access a set of pattern generating functions; generate a set of string matching patterns by applying the set of pattern generating functions to sensitive data; determine that the data being entered into the client application matches one or more of the string matching patterns in the set of string matching patterns; in response to determining that the data being entered into the client application matches one or more of the string matching patterns in the set of string matching patterns, perform at least one of;
requesting that the user confirm a communication of the data;
warning the user that communicating the data might result in an unintentional release of sensitive data to an illegitimate or unintended entity;
preventing the client application from communicating the data;
or logging a communication of the data by the client application.
-
-
42. A computer-implemented method of protecting against an unintentional release of sensitive data to an illegitimate or unintended entity, the method comprising:
-
monitoring data being entered by a user into a client application, wherein the monitoring comprises at least one of; determining whether an intended recipient of the data provided to the client application is globally trusted; and determining whether the intended recipient of the data provided to the client application is personally trusted; accessing a set of pattern generating functions; generating a set of string matching patterns by applying the set of pattern generating functions to sensitive data; determining, with a processor, that the data being entered into the client application matches one or more of the string matching patterns in the set of string matching patterns; in response to determining that the data being entered into the client application matches one or more of the string matching patterns in the set of string matching patterns, performing at least one of;
requesting that the user confirm a communication of the data;
warning the user that communicating the data might result in an unintentional giveaway of sensitive data to an illegitimate or unintended entity;
preventing the client application from communicating the data;
or logging a communication of the data by the client application.
-
Specification