Personal computing device-based mechanism to detect preselected data
First Claim
Patent Images
1. A method comprising:
- identifying, by a client device, an index of database data to be protected, the database data comprising sensitive data elements and the index comprising positional information identifying relative placement of the sensitive data elements of the database data in relation to other sensitive data elements of the database data, wherein the index does not reveal the sensitive data elements of the database data, and wherein one or more entries in the index comprise a row number of a cell in the database data and a pre-generated hash or encryption of a sensitive data element in the cell in the database data;
determining, by the client device, whether at least a portion of the database data is possibly contained within information content; and
in response to determining that a portion of the database data is possibly contained within the information content, performing, by the client device, a search of the information content for at least a portion of the database data using the index, wherein performing the search of the information content comprises;
searching the index to identify entries in the index that comprise pre-generated hashes or encryptions of the sensitive data elements that correspond to hashes or encryptions of content fragments from the information content;
determining one or more groups of content fragments, wherein at least one group comprises content fragments associated with hashes or encryptions that correspond to pre-generated hashes or encryptions of entries in the index comprising a same row number; and
determining that the received information content contains at least a portion of the database data if any group satisfies at least one criterion.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for detecting pre-selected data stored on a personal computing device is described. In one embodiment, contents of data storage media of a personal computing device are searched for pre-selected sensitive data. In one embodiment, if at least a portion of the pre-selected sensitive data is detected, a notification of the detection of the pre-selected data is sent to a system via a network. In another embodiment, if at least a portion of pre-selected sensitive data is detected, the access to this data is blocked.
-
Citations
16 Claims
-
1. A method comprising:
-
identifying, by a client device, an index of database data to be protected, the database data comprising sensitive data elements and the index comprising positional information identifying relative placement of the sensitive data elements of the database data in relation to other sensitive data elements of the database data, wherein the index does not reveal the sensitive data elements of the database data, and wherein one or more entries in the index comprise a row number of a cell in the database data and a pre-generated hash or encryption of a sensitive data element in the cell in the database data; determining, by the client device, whether at least a portion of the database data is possibly contained within information content; and in response to determining that a portion of the database data is possibly contained within the information content, performing, by the client device, a search of the information content for at least a portion of the database data using the index, wherein performing the search of the information content comprises; searching the index to identify entries in the index that comprise pre-generated hashes or encryptions of the sensitive data elements that correspond to hashes or encryptions of content fragments from the information content; determining one or more groups of content fragments, wherein at least one group comprises content fragments associated with hashes or encryptions that correspond to pre-generated hashes or encryptions of entries in the index comprising a same row number; and determining that the received information content contains at least a portion of the database data if any group satisfies at least one criterion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory computer readable storage medium including instructions that, when executed by a processing device, cause the processing device to perform operations comprising:
-
identifying, by the processing device, an index of database data to be protected, the database data comprising sensitive data elements, the index comprising positional information identifying relative placement of the sensitive data elements of the database data in relation to other sensitive data elements of the database data, wherein the index does not reveal the sensitive data elements of the database data, and wherein one or more entries in the index comprise a row number of a cell of the database data and a pre-generated hash or encryption of a sensitive data element in the cell of the database data; determining, by the processing device, whether at least a portion of the database data is possibly contained within information content; and in response to determining that a portion of the database data is possibly contained within the information content, performing, by the processing device, a search of the information content for at least a portion of the database data using the index, wherein performing the search of the information content comprises; searching the index to identify entries in the index that comprise pre-generated hashes or encryptions of the sensitive data elements that correspond to hashes or encryptions of content fragments from the information content; determining one or more groups of content fragments, wherein at least one group comprises content fragments associated with hashes or encryptions that correspond to pre-generated hashes or encryptions of entries in the index comprising a same row number; and determining that the received information content contains at least a portion of the database data if any group satisfies at least one criterion. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computing device comprising:
-
a memory to store instructions for protecting database data; and a processing device, coupled to the memory, to execute the instructions, wherein the processing device is to; identify an index of database data, the database data comprising sensitive data elements, the index comprising positional information identifying relative placement of the sensitive data elements of the database data in relation to other sensitive data elements of the database data, wherein the index does not reveal the sensitive data elements of the database data, and wherein one or more entries in the index comprise a row number of a cell in the database data and a pre-generated hash or encryption of a sensitive data element in the cell; determine whether at least a portion of the database data is possibly contained within information content; and in response to determining that a portion of the database data is possibly contained within the information content, perform a search of the information content for at least a portion of the database data using the index, wherein performing the search of the information content comprises; searching the index to identify entries in the index that comprise pre-generated hashes or encryptions of the sensitive data elements that correspond to hashes or encryptions of content fragments from the information content; determining one or more groups of content fragments, wherein at least one group comprises content fragments associated with hashes or encryptions that correspond to pre-generated hashes or encryptions of entries in the index comprising a same row number; and determining that the received information content contains at least a portion of the database data if any group satisfies at least one criterion.
-
Specification