Systems and methods for monitoring information shared via communication services

US 8,887,289 B1
Filed: 03/08/2011
Issued: 11/11/2014
Est. Priority Date: 03/08/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for monitoring information shared via communication services, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:

providing, by the computing device, a security service capable of monitoring information shared via a plurality of communication services, wherein the security service is independent of the plurality of communication services;

identifying, by the computing device, a user of the plurality of communication services that has registered for the security service;

maintaining, by the computing device, a database that identifies potentially sensitive information associated with the user by;

retrieving information that identifies an association between the user and an additional user;

enabling the user to identify information that is considered potentially sensitive with respect to the additional user across the plurality of communication services such that the user is unable to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;

storing the information that is considered potentially sensitive with respect to the additional user in the database to facilitate determining whether the user is attempting to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;

monitoring, by the computing device, information shared by the user via at least one of the plurality of communication services by;

identifying a profile of the user provided by the at least one of the plurality of communication services;

detecting an attempt by the additional user to access the user'"'"'s profile via the at least one of the plurality of communication services;

comparing information shared by the user via the user'"'"'s profile with the potentially sensitive information identified in the database;

determining, based on the comparison, that at least a portion of the information shared by the user via the user'"'"'s profile is considered potentially sensitive with respect to the additional user;

preventing, by the computing device, the additional user from accessing the portion of information that is considered potentially sensitive with respect to the additional user via the user'"'"'s profile.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method may include providing a security service capable of monitoring information shared by users of at least one communication service. The computer-implemented method may also include identifying a user of the communication service that has registered for the security service and maintaining a database that identifies potentially sensitive information. The computer-implemented method may further include determining, while monitoring information shared by the user via the communication service, that the user is attempting to share information that is potentially sensitive. In addition, the computer-implemented method may notify the user of the user'"'"'s attempt to share potentially sensitive information via the communication service. Various other methods, systems, and computer-readable media are also disclosed.

39 Citations

View as Search Results

16 Claims

1. A computer-implemented method for monitoring information shared via communication services, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- providing, by the computing device, a security service capable of monitoring information shared via a plurality of communication services, wherein the security service is independent of the plurality of communication services;
  
  identifying, by the computing device, a user of the plurality of communication services that has registered for the security service;
  
  maintaining, by the computing device, a database that identifies potentially sensitive information associated with the user by;
  
  retrieving information that identifies an association between the user and an additional user;
  
  enabling the user to identify information that is considered potentially sensitive with respect to the additional user across the plurality of communication services such that the user is unable to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;
  
  storing the information that is considered potentially sensitive with respect to the additional user in the database to facilitate determining whether the user is attempting to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;
  
  monitoring, by the computing device, information shared by the user via at least one of the plurality of communication services by;
  
  identifying a profile of the user provided by the at least one of the plurality of communication services;
  
  detecting an attempt by the additional user to access the user'"'"'s profile via the at least one of the plurality of communication services;
  
  comparing information shared by the user via the user'"'"'s profile with the potentially sensitive information identified in the database;
  
  determining, based on the comparison, that at least a portion of the information shared by the user via the user'"'"'s profile is considered potentially sensitive with respect to the additional user;
  
  preventing, by the computing device, the additional user from accessing the portion of information that is considered potentially sensitive with respect to the additional user via the user'"'"'s profile.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer-implemented method of claim 1, wherein providing the security service comprises providing a security service capable of monitoring information shared via at least one of:
    - a social networking website;
      
      an email service;
      
      a blog service;
      
      a chat service;
      
      an instant messaging service;
      
      a text messaging service;
      
      a multimedia messaging service;
      
      a phone service;
      
      an in-person conversation.
  - 3. The computer-implemented method of claim 1, wherein identifying the user that has registered for the security service comprises at least one of:
    - enabling the user to register for the security service via the at least one of the plurality of communication services;
      
      automatically registering the user for the security service as the user registers for the at least one of the plurality of communication services.
  - 4. The computer-implemented method of claim 1, wherein maintaining the database that identifies the potentially sensitive information comprises maintaining a database that identifies information that has been classified as potentially sensitive by the user of the plurality of communication services.
  - 5. The computer-implemented method of claim 1, wherein maintaining the database that identifies the potentially sensitive information comprises maintaining a database that identifies one or more types of information generally considered to be potentially sensitive.
  - 6. The computer-implemented method of claim 1, further comprising:
    - notifying the user of the additional user'"'"'s attempt to access the user'"'"'s profile via the at least one of the plurality of communication services.
  - 7. The computer-implemented method of claim 1, wherein enabling the user to identify the information that is considered potentially sensitive with respect to the additional user comprises enabling the user to assign the additional user to a particular level of access that defines which information is considered potentially sensitive with respect to the additional user.
  - 8. The computer-implemented method of claim 7, wherein determining that the portion of the information shared by the user via the user'"'"'s profile is considered potentially sensitive with respect to the additional user comprises:
    - determining, based on the particular level of access assigned to the additional user, which information shared by the user via the user'"'"'s profile is considered potentially sensitive with respect to the additional user.
  - 9. The computer-implemented method of claim 1, wherein monitoring the information shared by the user via the at least one of the plurality of communication services comprises:
    - generating audience statistics that identify information related to the additional user'"'"'s attempt to access the user'"'"'s profile via the at least one of the plurality of communication services;
      
      presenting the audience statistics to the user.
  - 10. The computer-implemented method of claim 9, wherein the audience statistics comprise at least one of:
    - information that identifies the additional user that attempted to access the user'"'"'s profile;
      
      information that identifies at least one particular portion of the user'"'"'s profile that the additional user attempted to access;
      
      information that identifies the number of times that the additional user has attempted to access the user'"'"'s profile;
      
      information that identifies at least one risk associated with the additional user'"'"'s attempt to access the user'"'"'s profile;
      
      information that identifies a particular level of access to which the additional user that attempted to access the user'"'"'s profile has been assigned;
      
      information that identifies a class or group to which the additional user that attempted to access the user'"'"'s profile belongs.
  - 11. The computer-implemented method of claim 1, further comprising:
    - identifying, in the database that identifies potentially sensitive information, potentially sensitive information that is related to the user;
      
      identifying at least one website that is unrelated to the at least one of the plurality of communication services;
      
      determining that the website is attempting to illegitimately distribute the potentially sensitive information related to the user;
      
      notifying the user of the website'"'"'s attempt to illegitimately distribute the potentially sensitive information related to the user.
  - 12. The computer-implemented method of claim 1, wherein enabling the user to identify the information that is considered potentially sensitive with respect to the additional user comprises enabling the user to assign the additional user to a particular level of access that defines which types of information are considered potentially sensitive with respect to the additional user such that the user is notified upon attempting to share information of the types considered potentially sensitive with the additional user via any of the plurality of communication services.

13. A system for monitoring information shared via communication services, the system comprising:
- at least one processor;
  
  a provisioning module programmed to direct the processor to;
  
  provide a security service capable of monitoring information shared via a plurality of communication services, wherein the security service is independent of the plurality of communication services;
  
  identify a user of the plurality of communication services that has registered for the security service;
  
  maintain a database that identifies potentially sensitive information associated with the user by;
  
  retrieving information that identifies an association between the user and an additional user;
  
  enabling the user to identify information that is considered potentially sensitive with respect to the additional user across the plurality of communication services such that the user is unable to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;
  
  storing the information that is considered potentially sensitive with respect to the additional user in the database to facilitate determining whether the user is attempting to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;
  
  a monitoring module programmed to direct the processor to;
  
  monitor information shared by the user via at least one of the plurality of communication services by;
  
  identifying a profile of the user provided by the at least one of the plurality of communication services;
  
  detecting an attempt by the additional user to access the user'"'"'s profile via the at least one of the plurality of communication services;
  
  comparing information shared by the user via the user'"'"'s profile with the potentially sensitive information identified in the database;
  
  determining, based on the comparison, that at least a portion of the information shared by the user via the user'"'"'s profile is considered potentially sensitive with respect to the additional user;
  
  prevent the additional user from accessing the portion of information that is considered potentially sensitive with respect to the additional user via the user'"'"'s profile.
- View Dependent Claims (14, 15)
- - 14. The system of claim 13, wherein the provisioning module is programmed to direct the processor to maintain a database that identifies information that has been classified as potentially sensitive by the user of the at least one of the plurality of communication services.
  - 15. The system of claim 13, wherein the provisioning module is programmed to direct the processor to maintain a database that identifies one or more types of information capable of being used in a social engineering attack or a phishing attack.

16. A non-transitory computer-readable-storage medium comprising computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
- provide a security service capable of monitoring information shared via a plurality of communication services, wherein the security service is independent of the plurality of communication services;
  
  identify a user of the plurality of communication services that has registered for the security service;
  
  maintain a database that identifies potentially sensitive information associated with the user by;
  
  retrieving information that identifies an association between the user and an additional user;
  
  enabling the user to identify information that is considered potentially sensitive with respect to the additional user across the plurality of communication services such that the user is unable to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;
  
  storing the information that is considered potentially sensitive with respect to the additional user in the database to facilitate determining whether the user is attempting to share the information that is considered potentially sensitive with the additional user via any of the plurality of communication services;
  
  monitor information shared by the user via at least one of the plurality of communication services by;
  
  identifying a profile of the user provided by the at least one of the plurality of communication services;
  
  detecting an attempt by the additional user to access the user'"'"'s profile via the at least one of the plurality of communication services;
  
  comparing information shared by the user via the user'"'"'s profile with the potentially sensitive information identified in the database;
  
  determining, based on the comparison, that at least a portion of the information shared by the user via the user'"'"'s profile is considered potentially sensitive with respect to the additional user;
  
  prevent the additional user from accessing the portion of information that is potentially sensitive with respect to the additional user via the user'"'"'s profile.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Hullale, Sandip
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
AMORIN, CARLOS E

Application Number

US13/043,439
Time in Patent Office

1,344 Days
Field of Search

None
US Class Current

726/26
CPC Class Codes

G06F 21/6263   during internet communicati...

G06F 2221/2115   Third party

H04L 63/10   for controlling access to d...

H04W 12/02   Protecting privacy or anony...

Systems and methods for monitoring information shared via communication services

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for monitoring information shared via communication services

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others