Data network and method for checking nodes of a data network
First Claim
1. A system for checking nodes or information stored at nodes of a data network, said system comprising:
- a set of nodes connected to each other by a data transmission path, at least one node comprising a storage medium and a processor device operatively coupled to said storage medium and configured to perform a method comprising;
storing an automatically searchable mark in said storage medium of said at least one node and associated with one or both of;
the at least one node and information stored therein;
the automatically searchable mark corresponding to a privacy policy for controlling storage of, transfer of, or access to the marked information or controlling access to the marked node;
said automatically searchable mark further defining one or more of;
a permissible storage place where the marked information is permissibly stored, a permissible data transmission path for accessing the marked information or the marked node, or a permissible data transmission path for transferring the marked information;
said automatically searchable mark enabling a prior determination where in said data network a data may reside;
a searching engine including a further processor device operatively coupled to said data network and configured to perform a method comprising;
traversing said data network to detect and analyze the automatically searchable mark stored at said marked node in said data network, said further processor device detecting a place on which the marked information is stored and detecting one or more possible data transmission paths within said data network for accessing the marked information or the marked node or a possible data transmission path or data transmission paths for transferring the marked information in said data network, andcomparing the detected storage place of the marked information with the permissible storage place that is defined by the automatically searchable mark of the marked information and checking whether the privacy policy is maintained, and further comparing the detected possible data transmission paths for transferring the marked information or for accessing the marked information or the marked node with the permissible data transmission paths that are defined by the automatically searchable mark of the marked information or by the automatically searchable mark of the marked node, and determining whether the privacy policy is maintained, andupon determining a privacy policy violation, generating an alarm.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a data network, systems and methods for checking nodes of a data network that are used for detecting whether a privacy policy concerning an information is maintained. The information comprises a mark corresponding to the privacy policy. The mark defines the storage place or the accessing paths or the transferring paths of the information. The mark is automatically searchable. The mark is searched, analyzed and checked as to whether the privacy policy is maintained. The advantage of the system is that vulnerabilities of systems for protecting confidential information may be detected a long time before an attack on the confidential information occurs.
-
Citations
7 Claims
-
1. A system for checking nodes or information stored at nodes of a data network, said system comprising:
-
a set of nodes connected to each other by a data transmission path, at least one node comprising a storage medium and a processor device operatively coupled to said storage medium and configured to perform a method comprising; storing an automatically searchable mark in said storage medium of said at least one node and associated with one or both of;
the at least one node and information stored therein;
the automatically searchable mark corresponding to a privacy policy for controlling storage of, transfer of, or access to the marked information or controlling access to the marked node;
said automatically searchable mark further defining one or more of;
a permissible storage place where the marked information is permissibly stored, a permissible data transmission path for accessing the marked information or the marked node, or a permissible data transmission path for transferring the marked information;
said automatically searchable mark enabling a prior determination where in said data network a data may reside;a searching engine including a further processor device operatively coupled to said data network and configured to perform a method comprising; traversing said data network to detect and analyze the automatically searchable mark stored at said marked node in said data network, said further processor device detecting a place on which the marked information is stored and detecting one or more possible data transmission paths within said data network for accessing the marked information or the marked node or a possible data transmission path or data transmission paths for transferring the marked information in said data network, and comparing the detected storage place of the marked information with the permissible storage place that is defined by the automatically searchable mark of the marked information and checking whether the privacy policy is maintained, and further comparing the detected possible data transmission paths for transferring the marked information or for accessing the marked information or the marked node with the permissible data transmission paths that are defined by the automatically searchable mark of the marked information or by the automatically searchable mark of the marked node, and determining whether the privacy policy is maintained, and upon determining a privacy policy violation, generating an alarm. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A tangible storage medium readable by a processing circuit and storing computer-readable instructions for execution by the processing circuit to perform method steps for checking nodes or information stored at nodes of a data network, said nodes being connected with data transmission paths, said method steps comprising:
-
providing an automatically searchable mark located on at least one node for association with one or both of;
the at least one node and information stored therein;
the automatically searchable mark corresponding to a privacy policy for controlling storage of, transfer of, or access to the marked information or, controlling access to the marked node;
said automatically searchable mark further defining one or more of;
a permissible storage place where the marked information is permissibly stored, a permissible data transmission path for accessing the marked information or the marked node, or a permissible data transmission path in which the marked information could be permissibly transferred;
said automatically searchable mark enabling a prior determination where in said data network a data may reside; andtraversing, by a search engine, said data network to detect and analyze the automatically searchable mark stored at said marked node in said data network for detecting the places on which the marked information is stored in said data network and detecting possible data transmission paths for accessing the marked information or the marked node or, detecting a possible data transmission path for transferring the marked information in said data network; comparing, by the search engine, the detected storage place of the marked information with the permissible storage place that is defined by the automatically searchable mark of the marked information and checking whether the privacy policy is maintained, and comparing the detected possible data transmission paths for transferring the marked information or for accessing the marked information or the marked node with the permissible data transmission paths that are defined by the automatically searchable mark of the marked information or by the automatically searchable mark of the marked node, and determining whether the privacy policy is maintained, and generating, by the search engine, an alarm upon determining a privacy policy violation.
-
Specification