×

Classification of security sensitive information and application of customizable security policies

  • US 8,561,127 B1
  • Filed: 03/01/2006
  • Issued: 10/15/2013
  • Est. Priority Date: 03/01/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • performing, by one or more computers;

    classifying information as security sensitive at an application level of an application, the security sensitive information being associated with a security sensitive category, wherein the security sensitive information is either user-specified as security sensitive or system-specified as security sensitive;

    in response to an attempt to send data over a network to a domain via the application, determining at the application level whether the data includes any information classified as security sensitive information;

    in response to determining that the data includes security sensitive information, determining at the application level a security policy for the security sensitive information;

    applying the security policy at the application level to the security sensitive information, wherein applying the security policy comprises;

    determining, at the application level, whether the security sensitive information is to be sent over a secure transport layer and whether the domain is trusted; and

    in response to determining that the security sensitive information is not to be sent over the secure transport layer, encrypting the security sensitive information at the application level; and

    in response to determining at the application level that the domain is trusted, sending the encrypted security sensitive information to that domain, wherein the encrypted security sensitive information is not sent to the domain if the domain is not determined at the application level to be trusted.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×