Confidential content search engine method

US 7,926,102 B2
Filed: 01/20/2006
Issued: 04/12/2011
Est. Priority Date: 01/20/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method, in a data processing system, for searching a client computing device to identify items of information containing confidential information, comprising:

retrieving one or more security search rules setting forth one or more security criteria for identifying items of information that contain confidential information;

performing a security search on one or more client computing devices to identify at least one item of information stored on a given client computing device within the one or more client computing devices meeting the one or more security criteria;

retrieving search results of the security search, wherein the search results of the security search contain the at least one item of information that meets the one or more security criteria;

analyzing the search results by applying security policy compliance requirements to the at least one item of information to determine if the at least one item of information meets the security policy compliance requirements; and

generating a report based on results of the analysis of the search results, wherein the security policy compliance requirements identify requirements for maintaining items of information that contain confidential information in a confidential state, wherein generating the report based on results of the analysis of the search results comprises providing a notification to the given client computing device indicating a violation of the security policy compliance requirements and a solution for placing the at least one item of information in compliance with the security policy compliance requirements.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A confidential content search engine method is provided. With the method, a security compliance search engine is provided for searching one or more client computing devices for items of information that meet a security criteria identifying items of information containing confidential content. Results of the search are provided to an analysis engine for determining if the items of information identified by the search are being maintained in accordance with a security policy for ensuring the confidentiality of the confidential content. Results of the analysis may be used to generate a report or log and to generate a notification to the client computing device identifying any violations of the security policy and possible solutions for bringing the item of information into compliance with the security policy. In addition, an administrator may be notified of any violations so that corrective action may be taken.

34 Citations

View as Search Results

20 Claims

1. A method, in a data processing system, for searching a client computing device to identify items of information containing confidential information, comprising:
- retrieving one or more security search rules setting forth one or more security criteria for identifying items of information that contain confidential information;
  
  performing a security search on one or more client computing devices to identify at least one item of information stored on a given client computing device within the one or more client computing devices meeting the one or more security criteria;
  
  retrieving search results of the security search, wherein the search results of the security search contain the at least one item of information that meets the one or more security criteria;
  
  analyzing the search results by applying security policy compliance requirements to the at least one item of information to determine if the at least one item of information meets the security policy compliance requirements; and
  
  generating a report based on results of the analysis of the search results, wherein the security policy compliance requirements identify requirements for maintaining items of information that contain confidential information in a confidential state, wherein generating the report based on results of the analysis of the search results comprises providing a notification to the given client computing device indicating a violation of the security policy compliance requirements and a solution for placing the at least one item of information in compliance with the security policy compliance requirements.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the one or more security criteria comprise at least one of particular character strings indicative of confidential information, data flags indicative of confidential information, particular parameters associated with items of information indicative of confidential information, file system settings associated with items of information indicative of confidential information, file usage patterns indicative of confidential information, or file name patterns indicative of confidential information.
  - 3. The method of claim 1, wherein the at least one item of information comprises at least one of an electronic mail, an electronic file, an electronic object in an object oriented environment, an electronic document, or an electronic image.
  - 4. The method of claim 1, wherein the data processing system is a server computing device, and wherein the security search is performed on a plurality of client computing devices associated with the server computing device.
  - 5. The method of claim 4, further comprising:
    - retrieving information from a client computing device database identifying the plurality of client computing devices on which to perform the security search.
  - 6. The method of claim 1, wherein the data processing system is the given client computing device.
  - 7. The method of claim 1, wherein performing the security search of the one or more client computing devices comprises;
    - installing a client agent on the given client computing device; and
      
      executing the client agent on the given client computing device, wherein the client agent uses the retrieved one or more security rules to perform the security search of the given client computing device.
  - 8. The method of claim 1, wherein retrieving search results of the security search comprises gathering characteristic information associated with the at least one item of information, wherein the characteristic information comprises at least one of an identity of the at least one item of information, the search criteria met by the at least one item of information, or information identifying a protection mechanism currently applied to the at least one item of information.
  - 9. The method of claim 8, wherein analyzing the search results comprises:
    - identifying one or more security policies in a security policy database that are to be applied to the at least one item of information based on the characteristic information gathered for the at least one item of information.

10. A computer program product comprising a computer recordable medium having a computer readable program recorded thereon, wherein the computer readable program, when executed on a data processing system, causes the data processing system to:
- retrieve one or more security search rules setting forth one or more security criteria for identifying items of information that contain confidential information;
  
  perform a security search on one or more client computing devices to identify at least one item of information stored on a given client computing device within the one or more client computing devices meeting the one or more security criteria;
  
  retrieve search results of the security search, wherein the search results of the security search contain the at least one item of information that meets the one or more security criteria;
  
  analyze the search results by applying security policy compliance requirements to the at least one item of information to determine whether the at least one item of information meets the security policy compliance requirements; and
  
  generate a report based on results of the analysis of the search results, wherein the security policy compliance requirements identify requirements for maintaining items of information that contain confidential information in a confidential state, wherein the computer readable program causes the data processing system to generate the report based on results of the analysis of the search results by providing a notification to the given client computing device indicating a violation of the security policy compliance requirements and a solution for placing the at least one item of information in compliance with the security policy compliance requirements.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The computer program product of claim 10, wherein the one or more security criteria comprise at least one of particular character strings indicative of confidential information, data flags indicative of confidential information, particular parameters associated with items of information indicative of confidential information, file system settings associated with items of information indicative of confidential information, file usage patterns indicative of confidential information, or file name patterns indicative of confidential information.
  - 12. The computer program product of claim 10, wherein the at least one item of information comprises at least one of an electronic mail, an electronic file, an electronic object in an object oriented environment, an electronic document, or an electronic image.
  - 13. The computer program product of claim 10, wherein the computer readable program causes the data processing system to perform the security search of the one or more client computing devices by:
    - installing a client agent on the given client computing device; and
      
      executing the client agent on the given client computing device, wherein the client agent uses the retrieved one or more security rules to perform the security search of the given client computing device.
  - 14. The computer program product of claim 10, wherein the computer readable program causes the data processing system to retrieve search results of the security search by gathering characteristic information associated with the at least one item of information, wherein the characteristic information comprises at least one of an identity of the at least one item of information, the search criteria met by the at least one item of information, or information identifying a protection mechanism currently applied to the at least one item of information.
  - 15. The computer program product of claim 14, wherein the computer readable program causes the data processing system to analyze the search results to determine if the at least one item of information meets security policy compliance requirements by:
    - identifying one or more security policies in a security policy database that are to be applied to the at least one item of information based on the characteristic information gathered for the at least one item of information.

16. A system for searching a client computing device to identify items of information containing confidential information, comprising:
- a processor;
  
  a memory coupled to the processor; and
  
  a storage device coupled to the processor, wherein the memory comprises computer executable instructions which, when executed by the processor, causes the processor to;
  
  retrieve, from the storage device, one or more security search rules setting forth one or more security criteria for identifying items of information that contain confidential information;
  
  perform a security search on one or more client computing devices to identify at least one item of information stored on a given client computing device within the one or more client computing devices meeting the one or more security criteria;
  
  retrieve search results of the security search, wherein the search results of the security search contain the at least one item of information that meets the one or more security criteria;
  
  analyze the search results by applying security policy compliance requirements to the at least one item of information to determine if the at least one item of information meets the security policy compliance requirements; and
  
  generate a report based on results of the analysis of the search results, wherein the security policy compliance requirements identify requirements for maintaining items of information that contain confidential information in a confidential state, wherein the instructions cause the processor to generate the report based on results of the analysis of the search results by providing a notification to the given client computing device indicating a violation of the security policy compliance requirements and a solution for placing the at least one item of information in compliance with the security policy compliance requirements.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, wherein the one or more security criteria comprise at least one of particular character strings indicative of confidential information, data flags indicative of confidential information, particular parameters associated with items of information indicative of confidential information, file system settings associated with items of information indicative of confidential information, file usage patterns indicative of confidential information, or file name patterns indicative of confidential information.
  - 18. The system of claim 16, wherein the at least one item of information comprises at least one of an electronic mail, an electronic file, an electronic object in an object oriented environment, an electronic document, or an electronic image.
  - 19. The system of claim 16, wherein the processor performs a security search of the one or more client computing devices by:
    - installing a client agent on the given client computing device; and
      
      executing the client agent on the given client computing device, wherein the client agent uses the retrieved one or more security rules to perform the security search of the given client computing device.
  - 20. The system of claim 16, wherein the processor:
    - retrieves search results of the security search by gathering characteristic information associated with the at least one item of information, wherein the characteristic information includes at least one of an identity of the at least one item of information, the search criteria met by the at least one item of information, or information identifying a protection mechanism currently applied to the at least one item of information, andidentifies one or more security policies in a security policy database that are to be applied to the at least one item of information based on the characteristic information gathered for the at least one item of information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Kwong, Tony C. Jr., Broussard, Scott J., Spring, Eduardo N., Wrobel, Anthony W. Jr.
Primary Examiner(s)
Hoffman; Brandon S
Assistant Examiner(s)
Woldemariam; Nega

Application Number

US11/336,224
Publication Number

US 20070180258A1
Time in Patent Office

1,908 Days
Field of Search

713/153, 713/163, 713/183, 713/193, 713/340, 713/164, 713/150, 713/100, 713/182, 713/189, 714/38, 714/49, 714/48, 714/35, 714/37, 714/100, 714/7, 714/9, 714/10, 726/22, 726/14, 726/13, 726/11, 726/34, 726/25, 726/26, 726/27, 726/28, 726/29, 726/30, 380/42, 380/55, 380/58, 380/46, 380/270, 380/255, 380/247, 382/225, 382/581, 375/340, 345/581, 345/55, 719/315, 719/330, 719/313, 719/314, 709/217, 709/203, 709/223, 709/237, 709/225, 709/229, 709/227, 709/201, 709/212, 709/213, 709/220, 709/200
US Class Current

726/20
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 2221/2101   Auditing as a secondary aspect

G06Q 10/00   Administration; Management

Confidential content search engine method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Confidential content search engine method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links