Mechanism to search information content for preselected data
First Claim
Patent Images
1. A method comprising:
- storing, at a computer system executing a monitor that lacks access to confidential data having a tabular structure, an index derived from the confidential data, wherein the index defines the tabular structure of the confidential data;
receiving, by the monitor, information content;
detecting, by the monitor, in the information content, a sequence of content fragments that is indicative of containing a portion of the confidential data without using the index and without accessing the confidential data having the tabular structure;
in response to detecting the sequence of content fragments that is indicative of containing a portion of the confidential data, determining by the monitor whether a subset of content fragments within the sequence matches any sub-set of the confidential data using the index derived from the confidential data without accessing the confidential data having the tabular structure; and
performing a data loss prevention action based on results of determining whether a subset of content fragments within the sequence matches any sub-set of the confidential data.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for detecting preselected data embedded in information content is described. In one embodiment, the method comprises receiving information content and detecting in the information content a sequence of content fragments that may contain a portion of preselected data. The method further comprises determining whether a sub-set of these content fragments matches any sub-set of the preselected data using an abstract data structure that defines a tabular structure of the preselected data.
161 Citations
24 Claims
-
1. A method comprising:
-
storing, at a computer system executing a monitor that lacks access to confidential data having a tabular structure, an index derived from the confidential data, wherein the index defines the tabular structure of the confidential data; receiving, by the monitor, information content; detecting, by the monitor, in the information content, a sequence of content fragments that is indicative of containing a portion of the confidential data without using the index and without accessing the confidential data having the tabular structure; in response to detecting the sequence of content fragments that is indicative of containing a portion of the confidential data, determining by the monitor whether a subset of content fragments within the sequence matches any sub-set of the confidential data using the index derived from the confidential data without accessing the confidential data having the tabular structure; and performing a data loss prevention action based on results of determining whether a subset of content fragments within the sequence matches any sub-set of the confidential data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 20)
-
-
18. An apparatus comprising:
-
at least one memory containing an index derived from confidential data having a tabular structure, wherein the index defines the tabular structure of the confidential data, the at least one memory further containing instructions for a monitor that lacks access to the confidential data; and at least one processor, coupled to the at least one memory, to execute the instructions for the monitor, wherein the instructions cause the at least one processor to; receive information content, detect, in the information content, a sequence of content fragments that is indicative of containing a portion of the confidential data without using the index and without accessing the confidential data having the tabular structure, in response to detecting the sequence of content fragments that is indicative of containing a portion of the confidential data, determine whether a subset of content fragments within the sequence matches any sub-set of the confidential data using the index without accessing the confidential data having the tabular structure, and perform a data loss prevention action based on results of determining whether a subset of content fragments within the sequence matches any sub-set of the confidential data.
-
-
19. A non-transitory computer readable storage medium that stores instructions for a monitor, which when executed on a processor cause the processor to perform a method comprising:
-
receiving, by the processor executing the instructions for the monitor, an index derived from confidential data having a tabular structure, wherein the index defines the tabular structure of the confidential data, and wherein the monitor lacks access to the confidential data; receiving information content; detecting, by the monitor, in the information content, a sequence of content fragments that is indicative of containing a portion of the confidential data without using the index and without accessing the confidential data having the tabular structure; in response to detecting the sequence of content fragments that is indicative of containing a portion of the confidential data, determining, by the monitor, whether a subset of content fragments within the sequence matches any sub-set of the confidential data using the index derived from the confidential data without accessing the confidential data having the tabular structure; and performing a data loss prevention action based on results of determining whether a subset of content fragments within the sequence matches any sub-set of the confidential data. - View Dependent Claims (21, 22, 23, 24)
-
Specification