Method, a system, and an apparatus for content security in computer networks
First Claim
Patent Images
1. A system for controlling data transfers in a network comprising:
- a protective device for controlling data transfers in the network comprising;
a first importing device coupled to said network and that is configured for identifying protected data residing in computer operating system files;
a second importing device coupled to said network for identifying excluded data and wherein excluded data is excluded from the protected data;
an outgoing transmission inspection/comparing device coupled to said network to read and inspect all content of a data transmission out of said network, including protected and excluded content, said outgoing transmission inspection/comparing device for comparing all content anywhere in a data stream to be transmitted out of said network with said protected data, said outgoing transmission inspection/comparing device detecting the presence of protected data in said content in said outgoing transmission, said outgoing transmission inspection/comparing device indicating a security breach when at least a threshold amount of said detected protected data of said content to be transmitted matches data of said protected data, wherein the outgoing transmission is interrupted when the threshold amount of protected data is found, and the outgoing transmission that is not a part of the threshold amount of protected data is transmitted out of the network;
an administrator interface for defining on which data streams said inspection device will perform certain pre-defined actions;
said administrator interface defining data streams by setting one or more attributes, including presence of encryption.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method, a system, and an apparatus for protecting data in a computer network. A device is placed on a network edge in such a way, that all outgoing data has to pass through it. Separately, a set of protected files that are not allowed to leave the network is defined. The device checks the passing data for the presence of the data from the defined set (protected data). If a threshold amount of the protected data is present, the device interrupts the connection or takes another appropriate action.
56 Citations
20 Claims
-
1. A system for controlling data transfers in a network comprising:
-
a protective device for controlling data transfers in the network comprising; a first importing device coupled to said network and that is configured for identifying protected data residing in computer operating system files; a second importing device coupled to said network for identifying excluded data and wherein excluded data is excluded from the protected data; an outgoing transmission inspection/comparing device coupled to said network to read and inspect all content of a data transmission out of said network, including protected and excluded content, said outgoing transmission inspection/comparing device for comparing all content anywhere in a data stream to be transmitted out of said network with said protected data, said outgoing transmission inspection/comparing device detecting the presence of protected data in said content in said outgoing transmission, said outgoing transmission inspection/comparing device indicating a security breach when at least a threshold amount of said detected protected data of said content to be transmitted matches data of said protected data, wherein the outgoing transmission is interrupted when the threshold amount of protected data is found, and the outgoing transmission that is not a part of the threshold amount of protected data is transmitted out of the network; an administrator interface for defining on which data streams said inspection device will perform certain pre-defined actions; said administrator interface defining data streams by setting one or more attributes, including presence of encryption.
-
-
2. A system for controlling data transfers in a network comprising:
-
a protective device for controlling data transfers in the network comprising; a storage device configured for storing an automatically generated search index of protected data residing in computer operating system files; an outgoing transmission inspection device coupled to the network to read and inspect all content transmissions out of the network, the inspection device for comparing said content of said data to be transmitted out of the network with the search index stored in the storage device the outgoing transmission inspection device detecting the presence of any part of the protected data in said content of said outgoing transmission, the outgoing transmission inspection device outputting a signal indicating a security breach when at least a threshold amount of the detected protected data to be transmitted matches protected data with the index in the storage device, wherein the outgoing transmission is interrupted when the threshold amount of protected data is found, and the outgoing transmission that is not a part of the threshold amount of protected data is transmitted out of the network. - View Dependent Claims (3, 4, 5)
-
-
6. A system for controlling data transfers in a network comprising:
-
a protective device for controlling data transfers in the network comprising; a storage device configured for storing automatically generated digital digests of protected data residing in computer operating system files; means for initializing a relational database query to select the protected data before fingerprinting it; an outgoing transmission inspection device coupled to the network to read and inspect all content transmissions out of the network, the inspection device computing digital digests on the content of the data to be transmitted out of the network, the outgoing transmission inspection device comparing digital digests on the content of the data to be transmitted out of the network with the digital digests, stored in the storage device, the outgoing transmission inspection device detecting the presence of digital digests of any part of the protected data in the content of said outgoing transmission, the outgoing transmission inspection device outputting a signal indicating a security breach when at least a threshold amount of the detected digital digests on the content of the data to be transmitted matches digital digests in the storage device, wherein the outgoing transmission is interrupted when the threshold amount of protected data is found, and the outgoing transmission that is not a part of the threshold amount of protected data is transmitted out of the network. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of controlling data transfer in a network comprising:
-
in a protection device; controlling data transfers in the network by; identifying certain data in the network as protected data; automatically computing a search index on the protected data residing in computer operating system files; storing the search index in a permanent storage; read and inspect all content of the data in an attempt to transmit outgoing data out of the network; searching for the protected data in the content of the data to be transmitted out of the network; detecting any part of the text of the protected data in the content of the outgoing data; outputting a signal indicating a security breach when at least a threshold level of the detected protected data to be transmitted matches content in the data in the protected data, wherein the outgoing data is interrupted when the threshold level of protected data is found, and wherein the outgoing data that is not a part of the threshold level of protected data is transmitted out of the network. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification