CHAIN OF CUSTODY FOR ENTERPRISE DOCUMENTS
First Claim
Patent Images
1. A system comprising:
- a plurality of endpoints storing a plurality of documents;
an enterprise network interconnecting the plurality of endpoints; and
a server coupled in a communicating relationship with the enterprise network, the server storing a ledger with a chain of custody for each of the plurality of documents, the chain of custody for each one of the plurality of documents including one or more fuzzy hashes, each associated with a user of the one of the plurality of documents and contents of the one of the plurality of documents, the server configured to respond to an information request containing a first fuzzy hash, by matching the first fuzzy hash to one or more of the fuzzy hashes stored in the ledger and providing chain of custody information to a requestor for at least one of the plurality of documents corresponding to the one or more of the fuzzy hashes, the server further configured to respond to an update request containing a second fuzzy hash by matching the second fuzzy hash to a matching one of the plurality of documents and adding the second fuzzy hash and related information to the chain of custody in the ledger for the matching one of the plurality of documents.
4 Assignments
0 Petitions
Accused Products
Abstract
A ledger stores chain of custody information for files throughout an enterprise network. By identifying files with a homologous identifier such as a fuzzy hash that permits piecewise evaluation of similarity, the ledger can be used to track a chain of custody over a sequence of changes in content, ownership, and file properties. The ledger can be used, e.g., to evaluate trustworthiness of a file the first time it is encountered by an endpoint, or to apply enterprise policies based on trust.
-
Citations
20 Claims
-
1. A system comprising:
-
a plurality of endpoints storing a plurality of documents; an enterprise network interconnecting the plurality of endpoints; and a server coupled in a communicating relationship with the enterprise network, the server storing a ledger with a chain of custody for each of the plurality of documents, the chain of custody for each one of the plurality of documents including one or more fuzzy hashes, each associated with a user of the one of the plurality of documents and contents of the one of the plurality of documents, the server configured to respond to an information request containing a first fuzzy hash, by matching the first fuzzy hash to one or more of the fuzzy hashes stored in the ledger and providing chain of custody information to a requestor for at least one of the plurality of documents corresponding to the one or more of the fuzzy hashes, the server further configured to respond to an update request containing a second fuzzy hash by matching the second fuzzy hash to a matching one of the plurality of documents and adding the second fuzzy hash and related information to the chain of custody in the ledger for the matching one of the plurality of documents.
-
-
2. A method comprising:
-
generating a first fuzzy hash for a file; requesting chain of custody information for the file from a ledger for an enterprise network based on the first fuzzy hash; receiving a modification to the file; generating a second fuzzy hash for the file; and transmitting the second fuzzy hash to the ledger for inclusion in a chain of custody for the file. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
generating a homologous file identifier for a file; requesting chain of custody information for the file from a ledger for an enterprise network based on the homologous file identifier; evaluating a trustworthiness of the file based on the chain of custody information; and applying an enterprise policy to the file based on the trustworthiness. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification