System and method for ensuring privacy while tagging information in a network environment

US 8,166,161 B1
Filed: 09/30/2009
Issued: 04/24/2012
Est. Priority Date: 09/30/2009
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving data propagating in a network environment;

verifying whether the data is associated with a first end user represented in a registered user list;

verifying a ratification of a policy by the first end user that authorizes monitoring of e-mail traffic generated by the first end user;

identifying selected words within the data based on a whitelist, wherein the whitelist includes a plurality of designated words to be tagged; and

generating a resultant composite of the selected words that are tagged.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided in one example and includes receiving data propagating in a network environment and verifying whether the data is associated with a first end user represented in a registered user list. The method also includes verifying a ratification of a policy associated with data monitoring related to the first end user. Selected words can be identified within the data based on a whitelist, where the whitelist includes a plurality of designated words to be tagged. A resultant composite of the selected words that are tagged is generated. In more specific embodiments, the method can include verifying whether the data is associated with a business email domain. In still other embodiments, the method can include verifying whether the data is associated with a business uniform resource locator (URL) domain.

42 Citations

View as Search Results

20 Claims

1. A method, comprising:
- receiving data propagating in a network environment;
  
  verifying whether the data is associated with a first end user represented in a registered user list;
  
  verifying a ratification of a policy by the first end user that authorizes monitoring of e-mail traffic generated by the first end user;
  
  identifying selected words within the data based on a whitelist, wherein the whitelist includes a plurality of designated words to be tagged; and
  
  generating a resultant composite of the selected words that are tagged.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - verifying whether the data is associated with a business email domain, wherein if the data is associated with the business email domain, one or more words in the data are tagged.
  - 3. The method of claim 1, further comprising:
    - verifying whether the data is associated with a business uniform resource locator (URL) domain, wherein if the data is associated with the business URL domain, one or more words in the data are tagged.
  - 4. The method of claim 1, further comprising:
    - determining whether the data includes one or more terms of a restricted term list, wherein if the data includes any terms in the restricted term list, one or more words in the data are not tagged.
  - 5. The method of claim 1, further comprising:
    - determining whether the data includes one or more HTTP objects;
      
      consulting a privacy policy for a selected end user to verify if monitoring of HTTP objects is prohibited; and
      
      discarding the data.
  - 6. The method of claim 1, further comprising:
    - determining whether the data is encrypted; and
      
      discarding the data if the data is encrypted.
  - 7. The method of claim 1, further comprising:
    - determining whether the data is password protected; and
      
      discarding the data if the data is password protected.

8. Logic encoded in one or more non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
- receiving data propagating in a network environment;
  
  verifying whether the data is associated with a first end user represented in a registered user list;
  
  verifying a ratification of a policy by the first end user that authorizes monitoring of e-mail traffic generated by the first end user;
  
  identifying selected words within the data based on a whitelist, wherein the whitelist includes a plurality of designated words to be tagged; and
  
  generating a resultant composite of the selected words that are tagged.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The logic of claim 8, the processor being further operable to perform operations comprising:
    - verifying whether the data is associated with a business email domain, wherein if the data is associated with the business email domain, one or more words in the data are tagged.
  - 10. The logic of claim 8, the processor being further operable to perform operations comprising:
    - verifying whether the data is associated with a business uniform resource locator (URL) domain, wherein if the data is associated with the business URL domain, one or more words in the data are tagged.
  - 11. The logic of claim 8, the processor being further operable to perform operations comprising:
    - determining whether the data includes one or more terms of a restricted term list, wherein if the data includes any terms in the restricted term list, one or more words in the data are not tagged.
  - 12. The logic of claim 8, the processor being further operable to perform operations comprising:
    - determining whether the data includes one or more HTTP objects;
      
      consulting a privacy policy for a selected end user to verify if monitoring of HTTP objects is prohibited; and
      
      discarding the data.
  - 13. The logic of claim 8, the processor being further operable to perform operations comprising:
    - determining whether the data is encrypted; and
      
      discarding the data if the data is encrypted.
  - 14. The logic of claim 8, the processor being further operable to perform operations comprising:
    - determining whether the data is password protected; and
      
      discarding the data if the data is password protected.

15. An apparatus, comprising:
- a memory element configured to store data;
  
  a processor operable to execute instructions associated with the data; and
  
  a policy acceptance module configured to interface with the memory element and the processor, the policy acceptance module being configured to;
  
  receive data propagating in a network environment;
  
  verify whether the data is associated with a first end user represented in a registered user list;
  
  verify a ratification of a policy by the first end user that authorizes monitoring of e-mail traffic generated by the first end user; and
  
  a user traffic processing module configured to;
  
  identify selected words within the data based on a whitelist, wherein the whitelist includes a plurality of designated words to be tagged; and
  
  generate a resultant composite of the selected words that are tagged.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The apparatus of claim 15, wherein the user traffic processing module is configured to:
    - verify whether the data is associated with a business email domain, wherein if the data is associated with the business email domain, one or more words in the data are tagged.
  - 17. The apparatus of claim 15, further comprising:
    - a database configured to store the resultant data in a hashed format.
  - 18. The apparatus of claim 17, wherein the database is configured to partition the resultant composite amongst a plurality of individuals associated with the data propagating in the network environment.
  - 19. The apparatus of claim 15, wherein the user traffic processing module is configured to:
    - determine whether the data includes one or more HTTP objects;
      
      consult a privacy policy for a selected end user to verify if monitoring of HTTP objects is prohibited; and
      
      discard the data.
  - 20. The apparatus of claim 15, wherein the user traffic processing module is configured to:
    - determine whether the data is encrypted; and
      
      discard the data if the data is encrypted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Gannu, Satish K., Jagannath, Jayashree, Patil, Deepti
Primary Examiner(s)
Maung, Zarni

Application Number

US12/571,421
Time in Patent Office

937 Days
Field of Search

709206-207, 709225-229, 709/250
US Class Current

709/224
CPC Class Codes

G06F 21/6263 during internet communicati...

H04L 63/0245 Filtering by information in...

System and method for ensuring privacy while tagging information in a network environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for ensuring privacy while tagging information in a network environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links