Method and apparatus for handling messages containing pre-selected data
First Claim
Patent Images
1. A method comprising:
- monitoring, by a computer system, messages transmitted via a network for presence of pre-selected data, the pre-selected data from a source having a tabular structure;
upon determining, by the computer system, that a header of an original message transmitted by a sender via the network indicates that the original message is to be searched for pre-selected data, searching, by the computer system, the original message for data fragments that match elements of the pre-selected data from at least one random row within the tabular structure of the source, the pre-selected data including security-sensitive information to be protected from being transmitted via the network, and preventing, by the computer system, an unauthorized transmission of the original message that includes the pre-selected data to a recipient to prevent loss of the security-sensitive information; and
upon determining, by the computer system, that the header of the original message transmitted by the sender indicates that the original message is not to be searched, facilitating an authorized transmission of the original message to the recipient without searching the original message transmitted by the sender for the pre-selected data and regardless of the presence of the pre-selected data in the original message transmitted by the sender.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for blocking messages containing pre-selected data is described. In one embodiment, the method includes determining that a message transmitted to a recipient via a network includes pre-selected data. The pre-selected data contains information from at least one random row within the tabular structure of source data. The method further includes preventing an unauthorized transmission of the pre-selected data to the recipient.
-
Citations
21 Claims
-
1. A method comprising:
-
monitoring, by a computer system, messages transmitted via a network for presence of pre-selected data, the pre-selected data from a source having a tabular structure; upon determining, by the computer system, that a header of an original message transmitted by a sender via the network indicates that the original message is to be searched for pre-selected data, searching, by the computer system, the original message for data fragments that match elements of the pre-selected data from at least one random row within the tabular structure of the source, the pre-selected data including security-sensitive information to be protected from being transmitted via the network, and preventing, by the computer system, an unauthorized transmission of the original message that includes the pre-selected data to a recipient to prevent loss of the security-sensitive information; and upon determining, by the computer system, that the header of the original message transmitted by the sender indicates that the original message is not to be searched, facilitating an authorized transmission of the original message to the recipient without searching the original message transmitted by the sender for the pre-selected data and regardless of the presence of the pre-selected data in the original message transmitted by the sender. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method comprising:
-
monitoring, by a computer system, messages transmitted via a network for presence of pre-selected data, the pre-selected data from a source having a tabular structure; determining, by the computer system, that a header of a message for transmission to a recipient via the network indicates that the message is to be searched for pre-selected data; searching, by the computer system, the message for data fragments that match elements of the pre-selected data from at least one random row within the tabular structure of the source, the pre-selected data including security-sensitive information to be protected from being transmitted via the network; and applying at least one action to the message according to a message action policy that specifies the at least one action to be applied to the message if one or more rules of the message action policy are satisfied, wherein the message action policy comprises an exception clause identifying an exception to the one or more rules and the exception clause requires that a message contain a header identifying the message as marketing material to be sent to the recipient without being searched for the pre-selected data.
-
-
19. An apparatus comprising:
-
means for monitoring messages transmitted via a network for presence of pre-selected data, the pre-selected data from a source having a tabular structure; means for determining whether a header of an original message transmitted by a sender via the network indicates that the original message is to be searched for pre-selected data; means for searching the original message for data fragments that match elements of the pre-selected data, the pre-selected data being from at least one random row within the tabular structure of the source, the pre-selected data including security-sensitive information to be protected from being transmitted via the network, upon determining that the header of the original message transmitted by the sender indicates that the original message is to be searched, and means for preventing an unauthorized transmission of the original message that includes the pre-selected data to a recipient to prevent loss of the security-sensitive information; and means for facilitating an authorized transmission of the original message to the recipient without searching the original message for the pre-selected data and regardless of the presence of the pre-selected data in the original message transmitted by the sender upon determining that the header of the original message transmitted by the sender indicates that the original message is not to be searched.
-
-
20. A system comprising:
-
a memory to store information pertaining to pre-selected data and instructions for data loss prevention; and a processor, coupled to the memory, to execute the instructions, wherein the instructions cause the processor to monitor messages transmitted via a network for presence of pre-selected data, upon a determination that a header of a monitored message for transmission to a recipient via the network indicates that the monitored message is to be searched for pre-selected data, to search the monitored message for data fragments that match elements of the pre-selected data, the pre-selected data being from at least one random row within a tabular structure of a source, the pre-selected data including security-sensitive information to be protected from being transmitted via the network, and to block the monitored message for preventing an unauthorized transmission of the pre-selected data to the recipient to prevent loss of the security-sensitive information, and upon a determination that the header of the monitored message identifies the message as marketing material, to facilitate an authorized transmission of the monitored message to the recipient without searching the monitored message for the pre-selected data.
-
-
21. A non-transitory computer readable storage medium that provides instructions, which when executed on a processing system cause the processing system to perform a method comprising:
-
monitoring messages transmitted via a network for presence of pre-selected data, the pre-selected data from a source having a tabular structure; upon determining that a header of an original message transmitted by a sender via the network indicates that the original message is to be searched for pre-selected data, searching the original message for data fragments that match elements of the pre-selected data, the pre-selected data being from at least one random row within the tabular structure of the source, the pre-selected data including security-sensitive information to be protected from being transmitted via the network, and preventing an unauthorized transmission of the original message that includes the pre-selected data to a recipient to prevent loss of the security-sensitive information; and upon determining that the header of the original message transmitted by the sender indicates that the original message is not to be searched, facilitating an authorized transmission of the original message to the recipient without searching the original message transmitted by the sender for the pre-selected data and regardless of the presence of the pre-selected data in the original message transmitted by the sender.
-
Specification