Method and apparatus to define the scope of a search for information from a tabular data source

US 8,566,305 B2
Filed: 12/07/2009
Issued: 10/22/2013
Est. Priority Date: 09/18/2002
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a computer system, user input identifying tabular source data, the tabular source data representing data that has a tabular structure;

receiving, by the computer system, user input specifying one or more columns in the tabular source data to define parameters of a search, wherein the one or more columns comprises data that is to be protected from being transmitted via a network;

searching, by the computer system, a plurality of messages for presence of data that matches data in at least one of the specified columns within the tabular source data; and

preventing, by the computer system, an unauthorized transmission of the data in at least one of the plurality of messages that matches the data in at least one of the specified columns, wherein preventing comprises at least one of blocking the unauthorized transmission of the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns, rerouting the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns to a destination other than an intended recipient, or intercepting the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns to a recipient.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for defining the scope of a search is described. In one embodiment, user input is received, and the scope is defined, based on the user input, for a search of free-form text for information from any random rows within a tabular structure of source data. In one embodiment, the search is intended for finding, in the free-form text, a sub-set of data fragments that matches information from any single row within the tabular structure of the source data.

161 Citations

17 Claims

1. A method comprising:
- receiving, by a computer system, user input identifying tabular source data, the tabular source data representing data that has a tabular structure;
  
  receiving, by the computer system, user input specifying one or more columns in the tabular source data to define parameters of a search, wherein the one or more columns comprises data that is to be protected from being transmitted via a network;
  
  searching, by the computer system, a plurality of messages for presence of data that matches data in at least one of the specified columns within the tabular source data; and
  
  preventing, by the computer system, an unauthorized transmission of the data in at least one of the plurality of messages that matches the data in at least one of the specified columns, wherein preventing comprises at least one of blocking the unauthorized transmission of the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns, rerouting the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns to a destination other than an intended recipient, or intercepting the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns to a recipient.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - reporting the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns.
  - 3. The method of claim 1, further comprising:
    - applying a set of detection conditions to the at least one of the plurality of messages containing data that matches the data in at least one of the specified columns.
  - 4. The method of claim 3, wherein applying the set of detection conditions comprises:
    - determining whether a sender of the at least one of the plurality of messages has a history of prior violations.
  - 5. The method of claim 4, wherein the history of prior violations indicates at least one of a number of prior violations of the sender or a frequency of prior violations of the sender over a time period.
  - 6. The method of claim 3, wherein applying the set of detection conditions comprises:
    - determining at least one of a sender of the message or the recipient of the message.
  - 7. The method of claim 3 wherein the set of detection conditions identifies groups of individuals and operations not allowed to be performed by the groups.
  - 8. The method of claim 3, wherein the set of detection conditions pertains to at least one of an expression pattern, a message attachment type, a message size, a transmission time, or an origin of the at least one of the plurality of messages.

9. A system comprising:
- a memory;
  
  a processor, coupled to the memory; and
  
  a data monitoring system, executed from the memory by the processor, to;
  
  receive user input identifying tabular source data, the tabular source data representing data that has a tabular structure,receive user input specifying one or more columns in the tabular source data, wherein the one or more columns comprises data that is to be protected;
  
  search a plurality of messages for presence of data that matches data in at least one of the specified columns within the tabular source data; and
  
  prevent an unauthorized transmission of the data in at least one of the plurality of messages that matches the data in at least one of the specified columns, wherein to prevent the unauthorized transmission comprises at least one of blocking the unauthorzied transmission of the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns, rerouting the at least one of the plurality of messages containing data that matches the data in at least one of the specified columns to a destination other than an intended recipient, or intercepting the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns to a recipient.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The system of claim 9, wherein the data monitoring system is further to:
    - report the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns.
  - 11. The system of claim 9, wherein the data monitoring system is further to apply a set of detection conditions to the at least one of the plurality of messages containing data that matches the data in at least one of the specified columns.
  - 12. The system of claim 11 wherein the set of detection conditions pertains to at least one of:
    - a sender of the at least one of the plurality of messages, the recipient of the at least one of the plurality of messages, a history of prior violations of the sender, an expression pattern, a message attachment type, a message size, a transmission time, or an origin of the at least one of the plurality of messages.
  - 13. The system of claim 11 wherein the set of detection conditions identifies groups of individuals and operations not allowed to be performed by the groups.

14. A non-transitory computer readable storage medium that provides instructions, which when executed on a processing system cause the processing system to perform a method comprising:
- receiving user input identifying tabular source data, the tabular source data representing data that has a tabular structure;
  
  receiving, by the processing system, user input specifying one or more columns in the tabular source data to define parameters of a search, wherein the one or more columns comprises data that is to be protected from being transmitted via a network;
  
  searching a plurality of messages for presence of data that matches the data in at least one of the specified columns within the tabular source data; and
  
  preventing an unauthorized transmission of the data in at least one of the plurality of messages that matches the data in at least one of the specified columns, wherein preventing comprises at least one of blocking the unauthorized transmission of the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns, rerouting the at least one of the plurality of messages containing the data that matches the data in at least one of the specified columns to a destination other than an intended recipient, or intercepting the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns to a recipient.
- View Dependent Claims (15, 16, 17)
- - 15. The non-transitory computer readable storage medium of claim 14, the method further comprisingreporting the unauthorized transmission of the data in the at least one of the plurality of messages that matches the data in at least one of the specified columns.
  - 16. The non-transitory computer readable storage medium of claim 15 wherein the method further comprises:
    - applying a set of detection conditions to the at least one of the plurality of messages containing data that matches the data in at least one of the specified columns.
  - 17. The non-transitory computer readable storage medium of claim 16 wherein the set of detection conditions pertains to at least one of:
    - a sender of the at least one of the plurality of messages, the recipient of the at least one of the plurality of messages, a history of prior violations of the sender, an expression pattern, a message attachment type, a message size, a transmission time, an origin of the at least one of the plurality of messages, or operations not allowed to be performed by groups of individuals.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Rowney, Kevin T., Wolfe, Michael R., Jones, Chris, Kessler, Dirk, Chen, Hai, Bothwell, Eric
Primary Examiner(s)
Hwa, Shyue Jiunn

Application Number

US12/632,620
Publication Number

US 20100083377A1
Time in Patent Office

1,415 Days
Field of Search

None
US Class Current

707/713
CPC Class Codes

G06F 16/334 Query execution G06F16/335 ...

Y10S 707/99933 Query processing, i.e. sear...

Method and apparatus to define the scope of a search for information from a tabular data source

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

161 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus to define the scope of a search for information from a tabular data source

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

161 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links