Systems and methods for data loss prevention while preserving privacy
First Claim
1. A computer-implemented method of detecting data leakage, the method comprising:
- receiving, at a host external to a firewall of an enterprise, a data communication originating from an online account of a user device associated with the enterprise;
the host performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication;
the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise;
in response to receiving the host-encrypted data communication, and by using a common encryption key, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication;
providing the software agent-encrypted database of enterprise information and the re-encrypted data communication to the host;
the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication;
performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication;
the host configured to report the match to the software agent, and the software agent configured to take a first action, when the match is determined to exist; and
the host configured to take a second action when the match is determined to not exist.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for data loss prevention while preserving privacy are described, including receiving a data communication originating from an online account of a user device associated with the enterprise; performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication; encrypting the data communication, and providing the host-encrypted data communication to a software agent at the enterprise; receiving a software agent-encrypted database of enterprise communication and the host-encrypted data communication, re-encrypted by the software agent; decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication; if the match exists, reporting the match to the software agent; and if the match does not exist, the host taking an action.
25 Citations
20 Claims
-
1. A computer-implemented method of detecting data leakage, the method comprising:
-
receiving, at a host external to a firewall of an enterprise, a data communication originating from an online account of a user device associated with the enterprise; the host performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, and by using a common encryption key, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication; providing the software agent-encrypted database of enterprise information and the re-encrypted data communication to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication; the host configured to report the match to the software agent, and the software agent configured to take a first action, when the match is determined to exist; and the host configured to take a second action when the match is determined to not exist. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method of detecting data leakage at a host external to a firewall of an enterprise, the method comprising:
-
receiving, a data communication originating from an online account of a user device associated with the enterprise; performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication; encrypting the data communication, and providing the host-encrypted data communication to a software agent at the enterprise; receiving a software agent-encrypted database of enterprise information and the host-encrypted data communication, re-encrypted by the software agent; decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication; reporting the match to the software agent when the match is determined to exist; and the host configured to take an action when the match is determined to not exist. - View Dependent Claims (11, 12, 13)
-
-
14. A computer-implemented method of detecting data leakage from an enterprise having a software agent, the method comprising:
-
receiving, from a host external to a firewall of the enterprise, a host-encrypted data communication that originated from an online account of a user device associated with the enterprise; using a common encryption key, encrypting a database of enterprise information and re-encrypting the host-encrypted data communication; providing the encrypted database of enterprise information and the re-encrypted data communication to the host; receiving a report from the host indicative of a match existing between the encrypted database of information and the re-encrypted data communication; and taking a first action when the match is determined to exist between the encrypted database of information and the re-encrypted data communication. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A system for detecting data leakage at a host external to a firewall of an enterprise, the system comprising:
-
the host external to the firewall of the enterprise including a hardware processor and having executable instructions stored on a computer-readable medium, the instructions at the host comprising, receiving, a data communication originating from an online account of a user device associated with the enterprise; performing an analysis to determine that the data communication is a candidate data leakage, based on a context of the data communication; encrypting the data communication, and providing the host-encrypted data communication to a software agent at the enterprise; receiving a software agent-encrypted database of enterprise information and the host-encrypted data communication, re-encrypted by the software agent; decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; performing a matching operation to determine whether a match exists between the encrypted database of information and the software agent-encrypted data communication; the match is capable of being reported to the software agent when the match is determined to exist; and the software agent is configured to take a first action when the match is determined to exist; and the enterprise including a hardware processor and having executable instructions stored on a computer-readable medium receiving, from the host external to a firewall of the enterprise, the host-encrypted data communication; using a common encryption key, encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the software agent-encrypted database and the re-encrypted data communication to the host; receiving a report from the host indicative of the match existing between the encrypted database of information and the software agent-encrypted data communication; and taking a second action. - View Dependent Claims (20)
-
Specification