Methods and systems for active data security enforcement during protected mode use of a system
First Claim
1. A method for enforcing data security, comprising:
- receiving user identification information from a screen of a device that is connectable to a database of secure information, the database being stored on a non-transitory computer readable medium;
receiving captured image data of a user associated with the user identification information;
authenticating the user initially based on the received identification information and the received captured image data;
providing access to the database, during a session, of secure information upon authenticating the user, and re-authenticating the user while the access is provided during the session, the re-authenticating occurring one or more times during the session and being based on analysis of captured image data received after the initial authentication and during the session; and
recording data of user interactive input, viewed images displayed on the screen, and captured image data corresponding to the user interactive input and viewed images while the access is provided;
monitoring the user interactive input and viewed images displayed to identify activities of the user for accessing the database while the access is provided; and
disabling the access to the database of secure information when the monitoring identifies a predefined security enforcement violation associated with an activity by the user during access to the database, wherein rules are assigned to the user to enable detection of the predefined security enforcement violation for the activities of the user, wherein the re-authenticating occurring one or more times during the session includes periodically performing the re-authentication or continuously performing the re-authentication during the session and the method being executed by a processor.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and method are provided for enforcing data security. One example method includes receiving user identification information from a screen of a device that is connectable to a database of secure information. The method includes authenticating the user identification information. The authenticating includes capturing image data of a user associated with the user identification information. The method provides access to the database of secure information upon authenticating the user identification information, such that while the access is provided the capturing of the image data of the user is maintained. The method includes recording data of user interactive input and viewed images displayed on the screen while the access provided. The method disables the access to the database of secure information upon detecting a predefined security enforcement violation associated with an activity by the user during access to the database. The method being executed by a processor.
51 Citations
19 Claims
-
1. A method for enforcing data security, comprising:
-
receiving user identification information from a screen of a device that is connectable to a database of secure information, the database being stored on a non-transitory computer readable medium; receiving captured image data of a user associated with the user identification information; authenticating the user initially based on the received identification information and the received captured image data; providing access to the database, during a session, of secure information upon authenticating the user, and re-authenticating the user while the access is provided during the session, the re-authenticating occurring one or more times during the session and being based on analysis of captured image data received after the initial authentication and during the session; and recording data of user interactive input, viewed images displayed on the screen, and captured image data corresponding to the user interactive input and viewed images while the access is provided; monitoring the user interactive input and viewed images displayed to identify activities of the user for accessing the database while the access is provided; and disabling the access to the database of secure information when the monitoring identifies a predefined security enforcement violation associated with an activity by the user during access to the database, wherein rules are assigned to the user to enable detection of the predefined security enforcement violation for the activities of the user, wherein the re-authenticating occurring one or more times during the session includes periodically performing the re-authentication or continuously performing the re-authentication during the session and the method being executed by a processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for enforcing data security, comprising:
-
a memory; and a processor configured to receive, from a camera, captured image data of a user while accessing a screen, wherein the processor is configured to connect to a database of secure information stored on a tangible computer readable medium; wherein the processor transmits, to an authentication server, user identification information and the captured image data, wherein the processor initially receives an authentication of the user from the authentication server, the authentication being based on the user identification information and the captured image data, wherein the processor continues to transmit the captured image data while the access to the database, during a session, is provided; wherein the processor re-authenticates the user while the access is provided during the session, the re-authenticating occurring one or more times during the session and being based on analysis of captured image data received after the initial authentication and during the session; wherein the processor disables the access to the database of secure information when the authentication server identifies a predefined security enforcement violation associated with an activity by the user during access to the database, the activity by the user being based on an analysis of user interactive input and viewed images displayed on the screen while the access is provided, wherein rules are assigned to the user to enable detection of the predefined security enforcement violation for the activities of the user, wherein the re-authenticating occurring one or more times during the session includes periodically performing the re-authentication or continuously performing the re-authentication during the session.
-
-
19. A non-transitory computer-readable storage medium storing a computer program for enforcing data security, the computer-readable storage medium comprising:
-
program instructions for receiving user identification information from a screen of a device that is connectable to a database of secure information, the database being stored on a non-transitory computer readable medium; program instructions for receiving captured image data of a user associated with the user identification information; program instructions for authenticating the user initially based on the received identification information and the received captured image data; program instructions for providing access to the database, during a session, of secure information upon authenticating the user, and re-authenticating the user while the access is provided during the session, the re-authenticating occurring one or more times during the session and being based on analysis of captured image data received after the initial authentication and during the session; and program instructions for recording data of user interactive input, viewed images displayed on the screen, and captured image data corresponding to the user interactive input and viewed images while the access is provided; program instructions for monitoring the user interactive input and viewed images displayed to identify activities of the user for accessing the database while the access is provided; and program instructions for disabling the access to the database of secure information when the monitoring identifies a predefined security enforcement violation associated with an activity by the user during access to the database, wherein rules are assigned to the user to enable detection of the predefined security enforcement violation for the activities of the user wherein the re-authenticating occurring one or more times during the session includes periodically performing the re-authentication or continuously performing the re-authentication during the session.
-
Specification