DECRYPTING FILES FOR DATA LEAKAGE PROTECTION IN AN ENTERPRISE NETWORK

US 20180018467A1
Filed: 07/24/2017
Published: 01/18/2018
Est. Priority Date: 12/28/2012
Status: Active Grant

First Claim

Patent Images

1. A method for providing data leak protection (DLP), comprising:

determining that an application executing at a terminal is in the process of transmitting an encrypted file from the terminal; and

in response to determining that the encrypted file is being transmitted from the terminal, identifying a password entered by users for a file encryption procedure performed with the application that decrypts the encrypted file;

decrypting the encrypted file to generated a decrypted file;

determining that the decrypted file is a file subject to DLP; and

in response to determining that the decrypted file is a file subject to DLP, preventing the transmitting of the file from the terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are provided for decrypting an encrypted file within an enterprise network. The techniques include identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.

Citations

20 Claims

1. A method for providing data leak protection (DLP), comprising:
- determining that an application executing at a terminal is in the process of transmitting an encrypted file from the terminal; and
  
  in response to determining that the encrypted file is being transmitted from the terminal, identifying a password entered by users for a file encryption procedure performed with the application that decrypts the encrypted file;
  
  decrypting the encrypted file to generated a decrypted file;
  
  determining that the decrypted file is a file subject to DLP; and
  
  in response to determining that the decrypted file is a file subject to DLP, preventing the transmitting of the file from the terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the identifying the password further comprises identifying meta data associated with the password.
  - 3. The method of claim 1, further comprising generating a list of passwords associated with the application, wherein the identifying the password comprises selecting the password from the list of passwords.
  - 4. The method of claim 3, further comprising storing in conjunction with the list a number of times each password on the list has been employed, wherein the selecting the password from the list is based upon the number of times each password has been employed.
  - 5. The method of claim 1, further comprising storing a first password entered during a first file encryption procedure performed at the terminal, wherein the identifying the password comprises selecting the first password.
  - 6. The method of claim 1, further comprising identifying meta data of the encrypted file, wherein the decrypting further comprises selecting the password by determining that meta data of the encrypted file matches at least a portion of meta data of the password.
  - 7. The method of claim 6, further comprising identifying meta data of the encrypted file, wherein the decrypting further comprises determining a degree of match between meta data of the encrypted file and meta data of the multiple passwords obtained by executing the method of claim 2 several times, so as to determine priority given to a decryption performed with each password.

8. An apparatus for providing data leak protection (DLP), comprising:
- a processor;
  
  a non-transitory, computer-readable medium coupled to the processor; and
  
  logic, stored on the computer-readable medium and executed on the processor, for;
  
  determining that an application executing at a terminal is in the process of transmitting an encrypted file from the terminal; and
  
  in response to determining that the encrypted file is being transmitted from the terminal, identifying a password entered by users for a file encryption procedure performed with the application that decrypts the encrypted file;
  
  decrypting the encrypted file to generated a decrypted file;
  
  determining that the decrypted file is a file subject to DLP; and
  
  in response to determining that the decrypted file is a file subject to DLP, preventing the transmitting of the file from the terminal.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the logic for identifying the password further comprises logic for identifying meta data associated with the password.
  - 10. The apparatus of claim 8, the logic further comprising logic for generating a list of passwords associated with the application, wherein the identifying the password comprises selecting the password from the list of passwords.
  - 11. The apparatus of claim 10, the logic further comprising logic for storing in conjunction with the list a number of times each password on the list has been employed, wherein the selecting the password from the list is based upon the number of times each password has been employed.
  - 12. The apparatus of claim 8, the logic further comprising logic for storing a first password entered during a first file encryption procedure performed at the terminal, wherein the identifying the password comprises selecting the first password.
  - 13. The apparatus of claim 8, the logic further comprising logic for identifying meta data of the encrypted file, wherein the decrypting further comprises selecting the password by determining that meta data of the encrypted file matches at least a portion of meta data of the password.
  - 14. The apparatus of claim 13, the logic further comprising logic for identifying meta data of the encrypted file, wherein the decrypting further comprises determining a degree of match between meta data of the encrypted file and meta data of the multiple passwords obtained by executing the logic of claim 9 several times, so as to determine priority given to a decryption performed with each password.

15. A computer programming product for providing data leak protection (DLP), comprising:
- a non-transitory, computer-readable medium; and
  
  logic, stored on the computer-readable medium for execution on a processor, for;
  
  determining that an application executing at a terminal is in the process of transmitting an encrypted file from the terminal; and
  
  ,in response to determining that the encrypted file is being transmitted from the terminal, identifying a password entered by users for a file encryption procedure performed with the application that decrypts the encrypted file;
  
  decrypting the encrypted file to generated a decrypted file;
  
  determining that the decrypted file is a file subject to DLP; and
  
  in response to determining that the decrypted file is a file subject to DLP, preventing the transmitting of the file from the terminal.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer programming product of claim 15, wherein the logic for identifying the password further comprises logic for identifying meta data associated with the password.
  - 17. The computer programming product of claim 15, the logic further comprising logic for generating a list of passwords associated with the application, wherein the identifying the password comprises selecting the password from the list of passwords.
  - 18. The computer programming product of claim 17, the logic further comprising logic for storing in conjunction with the list a number of times each password on the list has been employed, wherein the selecting the password from the list is based upon the number of times each password has been employed.
  - 19. The computer programming product of claim 15, the logic further comprising logic for storing a first password entered during a first file encryption procedure performed at the terminal, wherein the identifying the password comprises selecting the first password.
  - 20. The computer programming product of claim 15, the logic further comprising logic for identifying meta data of the encrypted file, wherein the decrypting further comprises selecting the password by determining that meta data of the encrypted file matches at least a portion of meta data of the password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Tsai, Ya Hsuan, Yu, Ying-Hung, Mahadevan, Hariharan

Granted Patent

US 10,607,016 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/1458   Management of the backup or...

G06F 16/137   Hash-based content-based in...

G06F 16/162   Delete operations erasing i...

G06F 16/1756   based on delta files

G06F 16/182   Distributed file systems

G06F 16/1873   Versioning file systems, te...

G06F 16/20   of structured data, e.g. re...

G06F 21/10   Protecting distributed prog...

G06F 21/50   Monitoring users, programs ...

G06F 21/60   Protecting data

G06F 21/606   by securing the transmissio...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0428   wherein the data content is...

H04L 63/1408   by monitoring network traff...

DECRYPTING FILES FOR DATA LEAKAGE PROTECTION IN AN ENTERPRISE NETWORK

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DECRYPTING FILES FOR DATA LEAKAGE PROTECTION IN AN ENTERPRISE NETWORK

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links