Data security system and method
DCFirst Claim
1. A method of securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels, said server operatively coupled to at least one client computer and said extract data stores over a communications network comprising:
- accepting data input which includes security sensitive content via said client computer;
extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data;
storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said client computer and server computer; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
The method for securing data in a server-client computer system for security sensitive content includes extracting sensitive content and separating the security sensitive content from remainder data. The security sensitive content is grouped into security levels, each with a security clearance. The extracted data, for each security level, is remotely stored in extract stores. A map of storage sites may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Full or partial reconstruction of the data is permitted only in the presence of predetermined security clearances. The extraction and storage can be done on the input client computer or the web-based server. A computer readable medium containing programming instructions and an information processing system is encompassed.
-
Citations
145 Claims
-
1. A method of securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels, said server operatively coupled to at least one client computer and said extract data stores over a communications network comprising:
-
accepting data input which includes security sensitive content via said client computer; extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data; storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said client computer and server computer; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method of securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels, said server operatively coupled to at least one client computer and said extract data stores over a communications network comprising:
-
from input data, extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data; separately storing said extracted data, for each corresponding security level, in the respective extract store, apart from said remainder data stored in one or both of said client computer and server computer; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A method of securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels and a remainder data store, said server operatively coupled to at least one client computer and said extract data stores over a communications network comprising:
-
extracting security sensitive content from a data input via said server computer to obtain extracted data for each corresponding security level and remainder data; storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in said remainder data store; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78)
-
-
79. A method of securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels and a remainder data store, said server operatively coupled to at least one client computer and said extract data stores over a communications network comprising:
-
facilitating the extraction of security sensitive content from a data input to obtain extracted data for each corresponding security level and remainder data; at said server computer, storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in said remainder data store; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105)
-
-
106. A computer readable storage medium containing programming instructions for securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels, said server operatively coupled to at least one client computer and said extract data stores over a communications network, the programming instructions comprising:
-
accepting data input which includes security sensitive content via said client computer; extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data; storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said client computer and server computer; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132)
-
-
133. An information processing system for securing data having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, information processing system deployed in a client-server computer system with at least one server computer and a plurality of extract data stores for respective ones of said plurality of security levels, said server operatively coupled to at least one client computer and said extract data stores over a communications network comprising:
-
a filter adapted to receive a data input from said communications network and to separate, from said data input, said security sensitive content as extracted data for each corresponding security level, leaving remainder data; means for storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said client computer and server computer; an access controller for permitting access to said respective extract stores for corresponding security levels with said associated security clearances; and
,a compiler, coupled to said access controller, for permitting full or partial reconstruction of said data via said respective extract stores and remainder data based upon said corresponding security levels and associated security clearances. - View Dependent Claims (134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145)
-
Specification