Personal computing device-based mechanism to detect preselected data

US 8,041,719 B2
Filed: 06/27/2003
Issued: 10/18/2011
Est. Priority Date: 05/06/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method for a client device, comprising:

receiving, by the client device from a server, an abstract data structure derived from data elements of pre-selected data to be protected, the pre-selected data being stored on the server, the abstract data structure containing positional information identifying a position in the pre-selected data for each data element of the pre-selected data, the abstract data structure further containing pre-generated hashes of the data elements of the pre-selected data;

storing the abstract data structure containing the positional information and the pre-generated hashes in memory of the client device;

searching, locally, text contained in a plurality of documents stored on a plurality of data storage media of the client device for an indication that at least a portion of the pre-selected data stored on the server is contained in the text of the plurality of documents, the searching comprising creating hashes of text of at least one document in the plurality of documents, determining whether a sequence of hashes at least partially matches pre-generated hashes of data elements from at least one random row in the pre-selected data using the positional information in the abstract data structure;

detecting locally at least a portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the detection indicating that a user of the client device has caused the portion of the preselected data residing on the server to be stored on the client device, the detecting comprising determining that the sequence of hashes matches the pre-generated hashes of data elements from one or more columns in the pre-selected data using the positional information in the abstract data structure; and

sending, from the client device to the server, a notification of the detection of the portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the client device being a personal computing device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for detecting pre-selected data stored on a personal computing device is described. In one embodiment, contents of data storage media of a personal computing device are searched for pre-selected sensitive data. In one embodiment, if at least a portion of the pre-selected sensitive data is detected, a notification of the detection of the pre-selected data is sent to a system via a network. In another embodiment, if at least a portion of pre-selected sensitive data is detected, the access to this data is blocked.

Citations

31 Claims

1. A method for a client device, comprising:
- receiving, by the client device from a server, an abstract data structure derived from data elements of pre-selected data to be protected, the pre-selected data being stored on the server, the abstract data structure containing positional information identifying a position in the pre-selected data for each data element of the pre-selected data, the abstract data structure further containing pre-generated hashes of the data elements of the pre-selected data;
  
  storing the abstract data structure containing the positional information and the pre-generated hashes in memory of the client device;
  
  searching, locally, text contained in a plurality of documents stored on a plurality of data storage media of the client device for an indication that at least a portion of the pre-selected data stored on the server is contained in the text of the plurality of documents, the searching comprising creating hashes of text of at least one document in the plurality of documents, determining whether a sequence of hashes at least partially matches pre-generated hashes of data elements from at least one random row in the pre-selected data using the positional information in the abstract data structure;
  
  detecting locally at least a portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the detection indicating that a user of the client device has caused the portion of the preselected data residing on the server to be stored on the client device, the detecting comprising determining that the sequence of hashes matches the pre-generated hashes of data elements from one or more columns in the pre-selected data using the positional information in the abstract data structure; and
  
  sending, from the client device to the server, a notification of the detection of the portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the client device being a personal computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 further comprising:
    - upon detecting at least a portion of the pre-selected data, preventing access to the detected data.
  - 3. The method of claim 1 wherein the text contained in the plurality of documents is searched periodically.
  - 4. The method of claim 1 wherein the text contained in the plurality of documents is searched when the client device is disconnected from the network.
  - 5. The method of claim 4 wherein sending a notification comprises:
    - upon detecting the pre-selected data, creating a message containing the notification of the detection of the pre-selected data;
      
      placing the message in a transmission queue; and
      
      transmitting the message to the server after the client device is re-connected to the server.
  - 6. The method of claim 1 further comprising:
    - receiving instructions defining a scope of a search for the client device from the server.
  - 7. The method of claim 1 wherein searching text contained in the plurality of documents further comprises monitoring one or more specific data operations for presence of at least a portion of the pre-selected data.
  - 8. The method of claim 7 wherein at least one of the one or more specific data operations is selected from the group consisting of a file-read, a file-write, a file-update, a read from a removable media device, a write to a removable media device, and access of data stored on any of the plurality of data storage media by a program running on the client device.
  - 9. The method of claim 1 wherein the pre-selected data has a tabular format.
  - 10. The method of claim 1 wherein the pre-selected data is capable of being re-structured into a tabular format based on relationships among elements of the pre-selected data.
  - 11. The method of claim 1 wherein the pre-selected data is maintained by an organization in at least one of a spreadsheet, a flat file, and a database.
  - 12. The method of claim 11 wherein the pre-selected data is associated with an abstract data structure comprising a tuple-storage structure derived from the pre-selected data.
  - 13. The method of claim 12 wherein the abstract data structure comprises a plurality of tuples, each of the plurality of tuples including a row number of a data element in a corresponding cell of a tabular structure of the pre-selected data.
  - 14. The method of claim 13 wherein each of the plurality of tuples additionally includes a column number and optionally a column type of the data element in the corresponding cell.
  - 15. The method of claim 1 wherein the plurality of data storage media is selected from the group consisting of a main memory, a static memory, and a mass storage memory.
  - 16. The method of claim 1 wherein a plurality of data storage media comprises one or more volatile storage devices, and one or more persistent storage devices.
  - 17. The method of claim 16 further comprising detecting use of the pre-selected data by an application running on the client device.
  - 18. The method of claim 17 further comprising:
    - identifying the application using the pre-selected data; and
      
      reporting the identified application.

19. A client device apparatus comprising:
- means for receiving, by the client device from a server, an abstract data structure derived from data elements of pre-selected data to be protected, the pre-selected data being stored on the server, the abstract data structure containing positional information identifying a position in the pre-selected data for each data element of the pre-selected data, the abstract data structure further containing pre-generated hashes of the data elements of the pre-selected data;
  
  means for storing the abstract data structure containing the positional information and the pre-generated hashes in memory of the client device;
  
  means for searching, locally, text contained in a plurality of documents stored on a plurality of data storage media of the client device for an indication that at least a portion of the pre-selected data stored on the server is contained in the text of the plurality of documents, the searching comprising creating hashes of text of at least one document in the plurality of documents, determining whether a sequence of hashes at least partially matches pre-generated hashes of data elements from at least one random row in the pre-selected data using the positional information in the abstract data structure;
  
  means for detecting locally at least a portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the detection indicating that a user of the client device has caused the portion of the preselected data residing on the server to be stored on the client device, the detecting comprising determining that the sequence of hashes matches the pre-generated hashes of data elements from one or more columns in the pre-selected data using the positional information in the abstract data structure; and
  
  means for sending, from the client device to the server, a notification of the detection of the portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the client device being a personal computing device.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 20. The apparatus of claim 19 wherein the text contained in the plurality of documents is searched periodically.
  - 21. The apparatus of claim 19 wherein the text contained in the plurality of documents is searched when the client device is disconnected from the network.
  - 22. The apparatus of claim 19 wherein means for sending a notification comprises:
    - means for creating a message containing the notification of the detection of the pre-selected data upon detecting the pre-selected data;
      
      means for placing the message in a transmission queue; and
      
      means for transmitting the message to the server after the client device is re-connected to the server.
  - 23. The apparatus of claim 19 further comprising:
    - means for receiving instructions defining a scope of a search for the client device from the server.
  - 24. The apparatus of claim 19 wherein means for searching contents of a plurality of data storage media of the client device further comprises means for monitoring one or more specific data operations for presence of at least a portion of the pre-selected data.
  - 25. The apparatus of claim 24 wherein at least one of the one or more specific data operations is selected from the group consisting of a file-read, a file-write, a file-update, a read from a removable media device, a write to a removable media device, and access of data stored on any of the plurality of data storage media by a program running on the client device.
  - 26. The apparatus of claim 19 wherein the plurality of data storage media is selected from the group consisting of a main memory, a static memory, and a mass storage memory.
  - 27. The apparatus of claim 19 wherein a plurality of data storage media comprises one or more volatile storage devices, and one or more persistent storage devices.
  - 28. The apparatus of claim 27 further comprising means for detecting use of the pre-selected data by an application running on the client device.
  - 29. The apparatus of claim 28 further comprising:
    - means for identifying the application using the pre-selected data; and
      
      means for reporting the identified application.

30. A client device comprising:
- a plurality of storage media storing an abstract data structure derived from data elements of pre-selected data to be protected, the pre-selected data being stored on a server, and a plurality of documents containing text for the client device, the client device being a personal computing device, the abstract data structure containing positional information identifying a position in the pre-selected data for each data element of the pre-selected data, the abstract data structure further containing pre-generated hashes of the data elements of the pre-selected data; and
  
  at least one processor coupled to the plurality of storage media, the at least one processor to execute a set of instructions which cause the at least one processor to search locally the text in the plurality of documents stored on a plurality of data storage media of the client device for an indication that at least a portion of the pre-selected data stored on the server is contained in the text of the plurality of documents, the searching comprising creating hashes of text of at least one document in the plurality of documents, determining whether a sequence of hashes at least partially matches pre-generated hashes of data elements from at least one random row in the pre-selected data using the positional information in the abstract data structure, to detect locally at least a portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the detection indicating that a user of the client device has caused the portion of the preselected data residing on the server to be stored on the client device, the detecting comprising determining that the sequence of hashes matches the pre-generated hashes of data elements from one or more columns in the pre-selected data using the positional information in the abstract data structure, and to send, from the client device to the server, a notification of the detection of the portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the client device being a personal computing device.

31. A computer readable medium that provides instructions, which when executed on a processor cause the processor to perform a method for a client device, comprising:
- receiving, by the client device from a server, an abstract data structure derived from data elements of pre-selected data to be protected, the pre-selected data being stored on the server, the abstract data structure containing positional information identifying a position in the pre-selected data for each data element of the pre-selected data, the abstract data structure further containing pre-generated hashes of the data elements of the pre-selected data;
  
  storing the abstract data structure containing the positional information and the pre-generated hashes in memory of the client device;
  
  searching, locally, text contained in a plurality of documents stored on a plurality of data storage media of the client device for an indication that at least a portion of the pre-selected data stored on the server is contained in the text of the plurality of documents, the searching comprising creating hashes of text of at least one document in the plurality of documents, determining whether a sequence of hashes at least partially matches pre-generated hashes of data elements from at least one random row in the pre-selected data using the positional information in the abstract data structure;
  
  detecting locally at least a portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the detection indicating that a user of the client device has caused the portion of the preselected data residing on the server to be stored on the client device, the detecting comprising determining that the sequence of hashes matches the pre-generated hashes of data elements from one or more columns in the pre-selected data using the positional information in the abstract data structure; and
  
  sending, from the client device to the server, a notification of the detection of the portion of the pre-selected data in the text of at least one of the plurality of documents stored on any of the plurality of data storage media of the client device, the client device being a personal computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Gopalakrishnan, Mythili, Fridman, Vitali A., Wolfe, Michael R., Ansanelli, Joseph, Rowney, Kevin T.
Primary Examiner(s)
Leroux; Etienne
Assistant Examiner(s)
DAYE, CHELCIE L

Application Number

US10/607,718
Publication Number

US 20040225645A1
Time in Patent Office

3,035 Days
Field of Search

707/3, 707/5, 707/9, 707/10, 707/694, 707/711, 707/747, 709/225, 709/229, 709/224, 726/11, 715/839
US Class Current

707/747
CPC Class Codes

G06F 16/24568   Data stream processing; Con...

G06F 21/554   involving event detection a...

G06Q 10/107   Computer-aided management o...

Personal computing device-based mechanism to detect preselected data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Personal computing device-based mechanism to detect preselected data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links