Method and system for collecting and organizing data corresponding to an event
First Claim
Patent Images
1. A method of organizing and presenting data gathered in response to an event, the method being performed by one or more computers coupled to a network and comprising the steps of:
- (a) authenticating a plurality of memory sources by verifying whether a certificate presented by each of the plurality of memory sources is valid within a trust domain, each of the certificates indicating whether a respective one of the plurality of memory sources and all stored data of the respective one of the plurality of memory sources can be trusted;
(b) in response to a successful authentication of the plurality of memory sources, importing the stored data from the authenticated plurality of memory sources into a first memory coupled to the network;
(c) converting the stored data into a specified format to produce uniform data, the specified format being one of general purpose markup language and plain text format, the stored data providing a relational comparison between sets of the stored data;
(d) providing an interface to a user through which the user requests a search of the uniform data; and
(e) presenting one or more subsets of the uniform data to the user in response to the request from the user,wherein,the event is one of (i) a request for production of documents, and (ii) a data security breach.
8 Assignments
0 Petitions
Accused Products
Abstract
A system and method for analyzing data from a plurality of computer environments. The computer environments are authenticated and data is imported to a memory location. The data is converted into a uniform format to enable expedited searching by one or more authenticated users. The data may be marked so that a user may determine which computer environment provided the data. The system may also create one or more indexes of the data to assist one or more users in searching the data.
173 Citations
33 Claims
-
1. A method of organizing and presenting data gathered in response to an event, the method being performed by one or more computers coupled to a network and comprising the steps of:
-
(a) authenticating a plurality of memory sources by verifying whether a certificate presented by each of the plurality of memory sources is valid within a trust domain, each of the certificates indicating whether a respective one of the plurality of memory sources and all stored data of the respective one of the plurality of memory sources can be trusted; (b) in response to a successful authentication of the plurality of memory sources, importing the stored data from the authenticated plurality of memory sources into a first memory coupled to the network; (c) converting the stored data into a specified format to produce uniform data, the specified format being one of general purpose markup language and plain text format, the stored data providing a relational comparison between sets of the stored data; (d) providing an interface to a user through which the user requests a search of the uniform data; and (e) presenting one or more subsets of the uniform data to the user in response to the request from the user, wherein, the event is one of (i) a request for production of documents, and (ii) a data security breach. - View Dependent Claims (2, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
3. The method of claim wherein the plurality of memory sources are servers.
-
5. The method of claim wherein the stored data comprises both content and metadata.
-
17. A method of organizing and presenting data gathered in response to an event, the method being performed by one or more computers coupled to a network and comprising the steps of:
-
(a) installing an agent on at least one of a plurality of memory sources; (b) presenting a certificate from the at least one of the plurality of memory sources via the agent; (c) authenticating the at least one of the plurality of memory sources by verifying whether the certificate presented by the at least one of the plurality of memory sources is valid within a trust domain, the certificate indicating whether stored data of the at least one of the plurality of memory sources can be trusted; (d) in response to a successful authentication of the at least one of the plurality of memory sources, importing the stored data from the at least one of the plurality of memory sources into a first memory coupled to the network; (e) converting the stored data into a specified format to produce uniform data; (f) providing, via a computer coupled to the network, an interface to a user through which the user requests a search of the uniform data; and (g) presenting one or more subsets of the uniform data to the user in response to the request from the user, wherein, the event is one of (i) a request for production of documents, and (ii) a data security breach. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification