×

System and method for blocking the transmission of sensitive data using dynamic data tainting

  • US 9,489,515 B2
  • Filed: 06/09/2011
  • Issued: 11/08/2016
  • Est. Priority Date: 06/11/2010
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method comprising:

  • in response to determining that a data structure object is a first type, tainting the data structure object by modifying a taint bit of a property field of the data structure object, the data structure object included in first data;

    tracking, at a gateway device, execution of computer code received from a non-trusted entity via a network, the computer code received by the gateway when sent by the non-trusted entity to a client device in response to a request from the client device, the tracking including identifying that the computer code performs an operation on the tainted first data;

    when the operation on the tainted first data results in second data, tainting the second data;

    detecting that the computer code attempts a network transmission to the non-trusted entity; and

    when the attempted network transmission includes at least one of the tainted first data or the tainted second data, blocking transmission of the at least one of the tainted first data or the tainted second data.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×