Secure and scalable detection of preselected data embedded in electronically transmitted messages
DCFirst Claim
Patent Images
1. A method comprising:
- identifying, by a message monitoring system (MMS), an abstract data structure derived from preselected data to be protected from traveling across a network, the abstract data structure not revealing data elements of the preselected data to be protected;
performing, by the MMS, content searches on a plurality of messages electronically transmitted to reach a respective destination over the network, the content searches to be performed to determine whether one or more of the plurality of searched messages contain at least a portion of the preselected data to be protected using the abstract data structure that does not reveal the data elements of the preselected data; and
causing a searched message of the plurality of searched messages to be prevented from reaching the respective destination in response to a determination that the searched message contains at least a portion of the preselected data to be protected.
3 Assignments
Litigations
1 Petition
Accused Products
Abstract
A method and apparatus for detecting preselected data embedded in electronically transmitted messages is described. In one embodiment, the method comprises monitoring messages electronically transmitted over a network for embedded preselected data and performing content searches on the messages to detect the presence of the embedded preselected data using an abstract data structure derived from the preselected data.
-
Citations
39 Claims
-
1. A method comprising:
-
identifying, by a message monitoring system (MMS), an abstract data structure derived from preselected data to be protected from traveling across a network, the abstract data structure not revealing data elements of the preselected data to be protected; performing, by the MMS, content searches on a plurality of messages electronically transmitted to reach a respective destination over the network, the content searches to be performed to determine whether one or more of the plurality of searched messages contain at least a portion of the preselected data to be protected using the abstract data structure that does not reveal the data elements of the preselected data; and causing a searched message of the plurality of searched messages to be prevented from reaching the respective destination in response to a determination that the searched message contains at least a portion of the preselected data to be protected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A preselected data protection system comprising:
-
a policy management computer system to set a policy identifying preselected data to be protected from traveling across a network and to derive an abstract data structure from the preselected data to be protected, the abstract data structure not revealing data elements of the preselected data to be protected; and a message monitoring computer system to implement the policy by performing content searches on a plurality of messages electronically transmitted to reach a respective destination over the network, the content searches to be performed to determine whether one or more of the plurality of searched messages contain at least a portion of the preselected data to be protected using the abstract data structure that does not reveal the data elements of the preselected data; and preventing a searched message of the plurality of searched messages from reaching the respective destination in response to a determination that the searched message contains at least a portion of the preselected data to be protected. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A non-transitory computer-readable storage medium that provides instructions, which when executed on a processor causes the processor to perform a method comprising:
-
identifying an abstract data structure derived from preselected data to be protected from traveling across a network, the abstract data structure not revealing data elements of the preselected data to be protected; performing content searches on a plurality of messages electronically transmitted to reach a respective destination over the network, the content searches to be performed to determine whether one or more of the plurality of searched messages contain at least a portion of the preselected data to be protected using the abstract data structure that does not reveal the data elements of the preselected data; and causing a searched message of the plurality of searched messages to be prevented from reaching the respective destination in response to a determination that the searched message contains at least a portion of the preselected data to be protected.
-
Specification