System and method for real time data awareness
First Claim
1. A system comprising:
- a sensor configured to;
passively read data in packets as the packets are in motion on a network; and
a processor cooperatively operable with the sensor, the processor being a hardware processor, and configured to;
receive the read data from the sensor;
originate map profiles of files and file data, both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files, changes made to content of the files, and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts and the destinations;
infer a user role for a user based on the files and the file data being used by the user and how the user is transferring or accessing the files and the file data;
detect when the user is performing an inappropriate usage from the user role and the read data from the sensor; and
control access to particular files based on the detecting and the changes made to the files.
0 Assignments
0 Petitions
Accused Products
Abstract
A system includes a sensor and a processor. The sensor is configured to passively read data in packets as the packets are in motion on a network. The processor is cooperatively operable with the sensor. The processor is configured to receive the read data from the sensor; and originate map profiles of files and file data, both from the read data from the sensor, as the passively read packets are in motion on the network. The processor is also configured to infer a user role for a user who is using the file and the file data and how the user is transferring or accessing the file and the file data. Inappropriate usage being performed by the user can then be detected from the user role and the read data to control access to particular files.
266 Citations
25 Claims
-
1. A system comprising:
-
a sensor configured to; passively read data in packets as the packets are in motion on a network; and a processor cooperatively operable with the sensor, the processor being a hardware processor, and configured to; receive the read data from the sensor; originate map profiles of files and file data, both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files, changes made to content of the files, and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts and the destinations;infer a user role for a user based on the files and the file data being used by the user and how the user is transferring or accessing the files and the file data; detect when the user is performing an inappropriate usage from the user role and the read data from the sensor; and control access to particular files based on the detecting and the changes made to the files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
in a sensor, passively reading data in packets as the packets are in motion on a network; in a processor, the processor being a hardware processor; receiving the read data from the sensor; originating map profiles of files and file data both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files, changes made to content of the files, and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts and the destinations;inferring a user role for a user from who is using the files and the file data and how the user is transferring or accessing the file and the file data; detecting when the user is performing an inappropriate usage from the user role and the read data from the sensor; and controlling access to particular files based on the detecting and the changes made to the files. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A non-transitory computer-readable storage medium comprising computer-executable instructions for performing the steps of:
-
passively reading, from a sensor, data in packets as the packets are in motion on a network; receiving, in a processor, the read data from the sensor; originating map profiles of files and file data, both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files, changes made to content of the files, and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts and the destinations;inferring a user role for a user from who is using the files and the file data and how the user is transferring or accessing the file and the file data; detecting when the user is performing an inappropriate usage from the user role and the read data from the sensor; and controlling access to particular files based on the detecting and the changes made to the files. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification