Inferring document and content sensitivity from public account accessibility
First Claim
1. A method comprising:
- classifying a document as a first class if the document is accessible to a classification agent, and classifying the document as a second class otherwise;
associating content of the document according to the document classification;
subsequent to the classifying, monitoring network traffic;
determining if at least a portion of content of the monitored network traffic corresponds to a portion of the document content, and if so, then classifying a portion of the monitored network traffic according to the classification of the corresponding portion of the document content; and
performing a first action if the portion of the monitored network traffic is classified as the first class, and performing a second action otherwise.
15 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, documents accessible via a designated public account are classified as public. In another embodiment, documents accessible according to a designated public access control list are classified as public. In some embodiments, all documents not classified as public are classified as private. Content in the public documents is linguistically analyzed, resulting in a set of keys for use in subsequent full and partial content matching. The keys and associated file names are stored in a public-content identification repository. Similarly, content in the private documents is linguistically analyzed, and the results are stored in a private-content identification repository. Subsequently, full and partial content matching is performed on monitored content according to information in the public and private repositories. In a related aspect, monitored content found to correspond to private content is selectively flagged during electronic transmission or optionally prevented from distribution according to a set of defined monitoring policies.
-
Citations
59 Claims
-
1. A method comprising:
-
classifying a document as a first class if the document is accessible to a classification agent, and classifying the document as a second class otherwise; associating content of the document according to the document classification; subsequent to the classifying, monitoring network traffic; determining if at least a portion of content of the monitored network traffic corresponds to a portion of the document content, and if so, then classifying a portion of the monitored network traffic according to the classification of the corresponding portion of the document content; and performing a first action if the portion of the monitored network traffic is classified as the first class, and performing a second action otherwise. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method comprising:
-
designating a plurality of file hierarchies; for files in the file hierarchies, classifying each file as a first class if it is accessible to a classification agent, and as a second class otherwise, and associating content of each file according to the file classification; subsequent to the classifying, monitoring network traffic; determining if at least a portion of content of the monitored network traffic corresponds to a portion of the content of the files, and if so, then classifying a portion of the monitored network traffic according to the classification of the corresponding portion of the content of the files; and performing a first action if the portion of the monitored network traffic is classified as the first class, and performing a second action otherwise. - View Dependent Claims (27, 28, 29)
-
-
30. A system including:
-
a classification computer executing software including functions enabling classifying a document as a first class if the document is accessible, and classifying the document as a second class otherwise, and associating content of the document according to the document classification; a content appliance coupled to the classification computer to receive results from the software; and wherein the content appliance is adapted to monitor traffic and to determine if at least a portion of content of the monitored traffic corresponds to a portion of the document content, and if so, to classify a portion of the monitored traffic according to the classification of the corresponding portion of the document content, and to perform a first action if the portion of monitored traffic is classified as the first class, and to perform a second action otherwise. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
-
-
50. A system including:
-
a software execution vehicle executing software including functions enabling cataloging index information as a first type if the index information is readable, and as a second type otherwise, and correlating meaning of the index information according to the index information type; an information analysis unit coupled to the software execution vehicle to receive results from the software, and adapted to collect information, the information analysis unit cataloging a portion of the collected information according to the type of a corresponding portion, if any, of the index information meaning; and wherein a first action is performed if the portion of collected information is of the first type, and a second action is performed otherwise. - View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58, 59)
-
Specification