Methods and systems for exact data match filtering
First Claim
1. A method for preventing unauthorized disclosure of secure information, the method comprising:
- receiving, by a protect agent installed at a first egress point, digital information including a first text, the first text including a plurality of words;
identifying, by the protect agent, a first candidate entity, the first candidate entity corresponding to a particular word of the plurality of words;
comparing, by the protect agent, the first candidate entity against a plurality of compressed registered entities stored in a lightweight entity database (LWED) stored locally to the protect agent;
upon determining, by the protect agent, that the first candidate entity matches against a first registered entity in the LWED, transmitting the first candidate entity to a remote server that can access a global entity database (GED), wherein the GED includes the plurality of registered entities in an uncompressed form, and wherein the remote server automatically generates a confirmation on whether the first candidate entity matches against a second registered entity in the GED;
receiving from the remote server, by the protect agent, the confirmation; and
performing, by the protect agent, a security action when the first candidate entity matches against a particular registered entity of the registered entities in the GED, wherein the security action is performed on the first text before the first text is disclosed through the first egress point.
5 Assignments
0 Petitions
Accused Products
Abstract
A technique for efficiently preventing exact data words (“entities”) from unauthorized disclosure is disclosed. Protect agents installed at various egress points identify candidate entities from digital information desired to be disclosed by a user. The candidate entities are compared against registered entities stored in a lightweight entity database (LWED). If a candidate entity matches against a registered entity in the LWED, the protect agent initiates a security action. Alternately, the protect agent transmits the matching candidate entity to a global entity database (GED) server to receive additional confirmation on whether the candidate entity matches a registered entity. In some instances, the protect agent also receives (from the GED server) metadata information associated with the matching candidate entity. The protect agent utilizes the metadata information to initiate suitable security actions.
-
Citations
46 Claims
-
1. A method for preventing unauthorized disclosure of secure information, the method comprising:
-
receiving, by a protect agent installed at a first egress point, digital information including a first text, the first text including a plurality of words; identifying, by the protect agent, a first candidate entity, the first candidate entity corresponding to a particular word of the plurality of words; comparing, by the protect agent, the first candidate entity against a plurality of compressed registered entities stored in a lightweight entity database (LWED) stored locally to the protect agent; upon determining, by the protect agent, that the first candidate entity matches against a first registered entity in the LWED, transmitting the first candidate entity to a remote server that can access a global entity database (GED), wherein the GED includes the plurality of registered entities in an uncompressed form, and wherein the remote server automatically generates a confirmation on whether the first candidate entity matches against a second registered entity in the GED; receiving from the remote server, by the protect agent, the confirmation; and performing, by the protect agent, a security action when the first candidate entity matches against a particular registered entity of the registered entities in the GED, wherein the security action is performed on the first text before the first text is disclosed through the first egress point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for preventing unauthorized disclosure of secure information, the method comprising:
-
receiving, by a protect agent installed at a first egress point, digital information including a first text, the first text including a plurality of words; identifying, by the protect agent, a plurality of candidate entities, each of the plurality of candidate entities corresponding to a particular word of the plurality of words; identifying, by the protect agent, one or more matching candidate entities from the plurality of candidate entities that match against one of a plurality of lightweight entities stored in a lightweight entity database (LWED); upon determining one or more matching candidate entities, transmitting, by the protect agent, the one or more matching candidate entities to a remote server that can access a global entity database (GED), the GED including a plurality of registered entities identified to be secured against unauthorized disclosure, wherein the remote server performs a comparison of the one or more matching candidates entities with the plurality of registered entities in the GED to reduce a possibility that the identified one or more matching candidate entities are false positives, and wherein the remote server automatically generates acknowledgement whether each of the one or more matching candidate entities matches against one of the plurality of registered entities included in the GED; receiving, from the remote server, the acknowledgement; and performing, by the protect agent, a security action, when at least one of the one or more matching entities matches against one of the plurality of registered entities included in the GED, wherein the security action is performed on the first text before the first text is disclosed through the first egress point. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for preventing unauthorized disclosure of secure information, the system having a processor and comprising:
-
a receiving module to receive digital information including a first text, the first text including a plurality of words; a candidate ID module to identify a first candidate entity, the first candidate entity corresponding to a particular word of the plurality of words; a comparison module to compare the first candidate entity against a plurality of compressed registered entities stored in a lightweight entity database (LWED) stored locally; a communication module to transmit the first candidate entity to a remote server that can access a global entity database (GED), wherein the GED includes the plurality of registered entities in an uncompressed form, and wherein the remote server automatically generates a confirmation on whether the first candidate entity matches against a second registered entity in the GED; the communication module to receive from the remote server the confirmation; and a security action module to perform a security action when the first candidate entity matches against a particular registered entity of the registered entities in the GED, wherein the security action is performed on the first text before the first text is disclosed through the system. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A system for preventing unauthorized disclosure of secure information, the system comprising:
-
a processor; a network interface through which to communicate with one or more remote servers over a network; a memory storing code which, when executed by the processor, causes the processor to perform a plurality of operations, including; receiving, by a protect agent installed at a first egress point, digital information including a first text, the first text including a plurality of words; identifying, by the protect agent, a plurality of candidate entities, each of the plurality of candidate entities corresponding to a particular word of the plurality of words; identifying, by the protect agent, one or more matching candidate entities from the plurality of candidate entities that match against one of a plurality of lightweight entities stored in a lightweight entity database (LWED); upon determining one or more matching candidate entities, transmitting, by the protect agent, the one or more matching candidate entities to a remote server that can access a global entity database (GED), the GED including a plurality of registered entities identified to be secured against unauthorized disclosure, wherein the remote server performs a comparison of the one or more matching candidates entities with the plurality of registered entities in the GED to reduce a possibility that the identified one or more matching candidate entities are false positives, and wherein the remote server automatically generates acknowledgement whether each of the one or more matching candidate entities matches against one of the plurality of registered entities included in the GED; receiving, from the remote server, the acknowledgement; and performing, by the protect agent, a security action, when at least one of the one or more matching entities matches against one or the plurality of registered entities included in the GED, wherein the security action is performed on the first text before the first text is disclosed through the first egress point. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46)
-
Specification