Method and apparatus for detecting leakage of sensitive information
First Claim
1. A method for detecting leakage of sensitive information from a computer system comprising:
- identifying data entered into the computer system as sensitive data;
tracking access to the sensitive data within the computer system, in the event the access is associated with a system egress point;
identifying, in response to access associated with the system egress point, at least one condition that compromises the security of the sensitive data, wherein the at least one condition comprises access by an unauthorized process to sensitive data; and
taking an appropriate action to protect the sensitive data in view of the at least one condition, wherein the appropriate action comprises at least one of terminating the application obfuscating the sensitive data, terminating the application that did not have focus of the sensitive data at time of input into the computer system that is processing the sensitive data, terminating the application with a non-visible window that is processing the sensitive data, terminating the hidden process that is processing the sensitive data, or blocking at least one communication port of the computer system.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for preventing leakage of sensitive information from a computer is described. The method includes identifying data entered into the computer system as sensitive data, tainting the sensitive data with at least one taint bit to form a tainted data, tracking the tainted data within the computer system and identifying at least one condition that compromises the security of the tainted data. The system is a computer system including taint analysis software for identifying data entered into the computer system as sensitive data, tainting the sensitive data with at least one taint bit to form a tainted data, tracking the tainted data within the computer system and identifying at least one condition that compromises the security of the tainted data.
-
Citations
21 Claims
-
1. A method for detecting leakage of sensitive information from a computer system comprising:
-
identifying data entered into the computer system as sensitive data; tracking access to the sensitive data within the computer system, in the event the access is associated with a system egress point; identifying, in response to access associated with the system egress point, at least one condition that compromises the security of the sensitive data, wherein the at least one condition comprises access by an unauthorized process to sensitive data; and taking an appropriate action to protect the sensitive data in view of the at least one condition, wherein the appropriate action comprises at least one of terminating the application obfuscating the sensitive data, terminating the application that did not have focus of the sensitive data at time of input into the computer system that is processing the sensitive data, terminating the application with a non-visible window that is processing the sensitive data, terminating the hidden process that is processing the sensitive data, or blocking at least one communication port of the computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 20, 21)
-
-
10. A non-transitory computer-readable medium having stored thereon a plurality of instructions, the plurality of instructions including instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
identifying data entered into the computer system as sensitive data; tracking access to the sensitive data within the computer system, in the event the access is associated with a system egress point; and identifying, in response to access associated with the system egress point, at least one condition that compromises the security of the sensitive data, wherein the at least one condition comprises access by an unauthorized process to sensitive data; and taking an appropriate action to protect the sensitive data in view of the at least one condition, wherein the appropriate action comprises at least one of terminating the application obfuscating the sensitive data, terminating the application that did not have focus of the sensitive data at time of input into the computer system that is processing the sensitive data, terminating the application with a non-visible window that is processing the sensitive data, terminating the hidden process that is processing the sensitive data, or blocking at least one communication port of the computer system. - View Dependent Claims (11, 12, 13)
-
-
14. A system for preventing leakage of sensitive information from a computer system comprising:
-
a processor; a memory storing taint analysis software; and the taint analysis software configured to; identify data entered into the computer system as sensitive data; track access to the sensitive data within the computer system, in the event the access is associated with a system egress point; identify, in response to access associated with the system egress point, at least one condition that compromises the security of the sensitive data, wherein the at least one condition comprises access by an unauthorized process to sensitive data; and perform an appropriate action to protect the sensitive data in view of the at least one condition, wherein the appropriate action comprises at least one of;
terminating the application obfuscating the sensitive data, terminating the application that did not have focus of the sensitive data at time of input into the computer system that is processing the sensitive data, terminating the application with a non-visible window that is processing the sensitive data, terminating the hidden process that is processing the sensitive data, or blocking at least one communication port of the computer system. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification