Method, Apparatus, and System for Data Protection
First Claim
1. A proxy server, comprising:
- a receiving unit configured to receive outgoing data from a user terminal, wherein the outgoing data carries an identifier of a user;
an acquiring unit configured to acquire a user grade and a credit value of the user from a credit server according to the identifier received by the receiving unit, wherein the credit value is a violation percentage of historical outgoing data of the user;
a sending unit configured to send the outgoing data received by the receiving unit as well as the user grade and the credit value that are acquired by the acquiring unit to a data loss prevention (DLP) server such that the DLP server inspects security of the outgoing data according to the user grade and the credit value and such that the DLP server generates a message comprising an inspection result, wherein the inspection result comprises Pass the security inspection and Fail the security inspection, wherein the receiving unit is further configured to receive, from the DLP server, the message comprising the inspection result; and
a processing unit configured to use a policy corresponding to the inspection result to process the outgoing data according to the inspection result received by the receiving unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, an apparatus, and a system for data protection. A specific solution is: a proxy server receives outgoing data from a user terminal, where the outgoing data carries an identifier of a user; acquires a user grade and a credit value of the user from a credit server according to the identifier, where the credit value is a violation percentage of historical outgoing data of the user; sends the outgoing data, the user grade, and the credit value to a DLP server so that the DLP server inspects security of the outgoing data according to the user grade and the credit value, and further generates a message including an inspection result; and receives, from the DLP server, the message including the inspection result and uses a policy corresponding to the inspection result to process the outgoing data. The present invention is used during a protection process of outgoing data.
41 Citations
18 Claims
-
1. A proxy server, comprising:
-
a receiving unit configured to receive outgoing data from a user terminal, wherein the outgoing data carries an identifier of a user; an acquiring unit configured to acquire a user grade and a credit value of the user from a credit server according to the identifier received by the receiving unit, wherein the credit value is a violation percentage of historical outgoing data of the user; a sending unit configured to send the outgoing data received by the receiving unit as well as the user grade and the credit value that are acquired by the acquiring unit to a data loss prevention (DLP) server such that the DLP server inspects security of the outgoing data according to the user grade and the credit value and such that the DLP server generates a message comprising an inspection result, wherein the inspection result comprises Pass the security inspection and Fail the security inspection, wherein the receiving unit is further configured to receive, from the DLP server, the message comprising the inspection result; and a processing unit configured to use a policy corresponding to the inspection result to process the outgoing data according to the inspection result received by the receiving unit. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A data loss prevention (DLP) server, comprising:
-
a receiving unit configured to receive outgoing data, a user grade, and a credit value sent by a proxy server, wherein the outgoing data carries an identifier of a user, wherein the user grade and the credit value are acquired by the proxy server from a credit server according to the identifier, and wherein the credit value is a violation percentage of historical outgoing data of the user; an inspecting unit configured to inspect security of the outgoing data according to the user grade and the credit value that are received by the receiving unit and generate a message comprising an inspection result, wherein the inspection result comprises Pass the security inspection and Fail the security inspection; and a sending unit configured to send, to the proxy server, the message comprising the inspection result, which is generated by the inspecting unit such that the proxy server uses a policy corresponding to the inspection result to process the outgoing data according to the inspection result. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A data protection system, comprising:
-
a data loss prevention (DLP) server; a credit server; and a proxy server configured to; receive outgoing data from a user terminal, wherein the outgoing data carries an identifier of a user; acquire a user grade and a credit value of the user from a credit server according to the identifier, wherein the credit value is a violation percentage of historical outgoing data of the user; send the outgoing data, the user grade, and the credit value to a DLP server such that the DLP server inspects security of the outgoing data according to the user grade and the credit value and such that the DLP server generates a message comprising an inspection result, wherein the inspection result comprises Pass the security inspection and Fail the security inspection; and receive, from the DLP server, the message comprising the inspection result and use a policy corresponding to the inspection result to process the outgoing data according to the inspection result, wherein the DLP server is configured to; receive the outgoing data, the user grade, and the credit value sent by the proxy server, wherein the outgoing data carries the identifier of the user, wherein the user grade and the credit value are acquired by the proxy server from the credit server according to the identifier, wherein the credit value is the violation percentage of historical outgoing data of the user;
inspect security of the outgoing data according to the user grade and the credit value and generate the message comprising the inspection result, and wherein the inspection result comprises Pass the security inspection and Fail the security inspection; andsend the message comprising the inspection result to the proxy server such that the proxy server uses the policy corresponding to the inspection result to process the outgoing data according to the inspection result, and wherein the credit server is configured to; receive the identifier of the user from the proxy server; query the user grade and the credit value of the user according to the identifier, wherein the credit value is the violation percentage of outgoing data of the user; and send the user grade and the credit value to the proxy server. - View Dependent Claims (16, 17, 18)
-
Specification