Identifying and securing sensitive data at its source

US 9,785,795 B2
Filed: 05/06/2015
Issued: 10/10/2017
Est. Priority Date: 05/10/2014
Status: Active Grant

First Claim

Patent Images

1. A method executed by one or more computing devices for discovering and protecting sensitive data within an enterprise, the method comprising:

receiving, by at least one of the one or more computing devices, a record classification rule configured to identify sensitive records having a sensitive data type stored on a plurality of enterprise databases, wherein the record classification rule specifies one or more field types;

identifying, by at least one of the one or more computing devices, sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise databases and the one or more field types specified by the record classification rule;

transmitting, by at least one of the one or more computing devices, a plurality of status indicators corresponding to a plurality of groups of enterprise databases, wherein each group of enterprise databases shares at least one common attribute and wherein each status indicator is based at least in part on identified sensitive data records in each group of enterprise databases;

receiving, by at least one of the one or more computing devices, selection of a status indicator in the plurality of status indicators, the status indicator corresponding to a group of enterprise databases in the plurality of groups of enterprise databases;

receiving, by at least one of the one or more computing devices, a selection of a protection policy, the protection policy configured to apply a data transformation to data associated with any data records that are linked to the protection policy; and

applying, by at least one of the one or more computing devices, the selected protection policy to the identified sensitive data records in the group of enterprise databases corresponding to the selected status indicator to link the identified sensitive data records in the group of enterprise databases with the selected protection policy.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data management service identifies sensitive data stored on enterprise databases according to record classification rules that classify a data record as having a sensitive data type if the data record includes fields matching at least one of the record classification rules. The data management service determines assessment scores for enterprise databases according to sensitive data records and protection policies on the enterprise databases. The data management service provides an interface that groups enterprise databases having common attributes or common sensitive data types and indicates aggregated assessment scores for the groups of enterprise databases. Through the interface with the grouped enterprise databases, an administrator apply protection policies to enterprise databases. To apply the protection policy, the data management service applies the protection policy to a source database from which dependent enterprise databases access the sensitive database.

266 Citations

21 Claims

1. A method executed by one or more computing devices for discovering and protecting sensitive data within an enterprise, the method comprising:
- receiving, by at least one of the one or more computing devices, a record classification rule configured to identify sensitive records having a sensitive data type stored on a plurality of enterprise databases, wherein the record classification rule specifies one or more field types;
  
  identifying, by at least one of the one or more computing devices, sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise databases and the one or more field types specified by the record classification rule;
  
  transmitting, by at least one of the one or more computing devices, a plurality of status indicators corresponding to a plurality of groups of enterprise databases, wherein each group of enterprise databases shares at least one common attribute and wherein each status indicator is based at least in part on identified sensitive data records in each group of enterprise databases;
  
  receiving, by at least one of the one or more computing devices, selection of a status indicator in the plurality of status indicators, the status indicator corresponding to a group of enterprise databases in the plurality of groups of enterprise databases;
  
  receiving, by at least one of the one or more computing devices, a selection of a protection policy, the protection policy configured to apply a data transformation to data associated with any data records that are linked to the protection policy; and
  
  applying, by at least one of the one or more computing devices, the selected protection policy to the identified sensitive data records in the group of enterprise databases corresponding to the selected status indicator to link the identified sensitive data records in the group of enterprise databases with the selected protection policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein applying the data transformation to identified sensitive data records in the group of enterprise databases comprises:
    - identifying a source database in the group of enterprise databases which provides the identified sensitive data records to other enterprise databases in the group of enterprise databases; and
      
      applying the selected protection policy to the identified sensitive data records on the identified source database to link the identified sensitive data records in the identified source database with the selected protection policy.
  - 3. The method of claim 1, wherein each status indicator is based at least in part on at least one assessment score corresponding to at least one enterprise databases in each group of enterprise databases and wherein each assessment score is determined based on one or more of:
    - a number of identified sensitive data records in a corresponding enterprise database, a number of sensitive fields in the identified sensitive data records of the corresponding enterprise database, a number of dependent enterprise databases obtaining the identified sensitive data records from the corresponding enterprise database, a value of the identified sensitive data records of the corresponding enterprise database, whether a transformation corresponding to a protection policy has been applied to the identified sensitive data records of the corresponding enterprise database, or a record cost value corresponding to the sensitive data type of the identified sensitive data records.
  - 4. The method of claim 1, wherein an area of each status indicator corresponds to a a number of identified sensitive data records in the corresponding group of enterprise databases and wherein a color of each status indicator corresponds to an assessment score of the corresponding group of enterprise databases.
  - 5. The method of claim 1, wherein identifying one or more sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise and the one or more field types specified by the record classification rule comprises:
    - identifying one or more field classification rules specifying one or more character patterns corresponding to the one or more field types specified by the record classification rule;
      
      retrieving header data corresponding to one or more data records sampled from an enterprise database;
      
      applying pattern recognition rules to the header data using the character patterns of the one or more field classification rules to identify one or more fields in the one or more data records; and
      
      identifying the one or more data records as having the sensitive type based at least in part on a comparison of the identified one or more fields and the one or more field types specified by the record classification rule.
  - 6. The method of claim 5, wherein the one or more records comprise a plurality of data records, wherein the pattern recognition rules are applied to the header data using the character patterns of the one or more field classification rules to identify one or more fields in the plurality of data records, and wherein identifying the one or more data records as having the sensitive type based at least in part on a comparison of the identified one or more fields and the one or more field types specified by the record classification rule comprises:
    - determining a quantity of data records in the plurality of records having identified fields matching the one or more field types specified by the record classification rule; and
      
      identifying the plurality of data records as having the sensitive type based at least in part on a determination that the quantity of data records exceeds a verification threshold.
  - 7. The method of claim 1, wherein the data transformation comprises one or more of:
    - a persistent masking transformation configured to mask stored data in the identified sensitive data records;
      
      a dynamic masking transformation configured to selectively mask data requested from the identified sensitive data records;
      
      a blocking transformation configured to transform permissions associated with the identified sensitive data records;
      
      an encryption transformation configured to encrypt data associated with the identified sensitive data records;
      
      ora tokenization transformation configured to tokenize data associated with the identified sensitive data records.

8. An apparatus for discovering and protecting sensitive data within an enterprise, the apparatus comprising:
- one or more processors; and
  
  one or more memories operatively coupled to at least one of the one or more processors and having instructions stored thereon that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to;
  
  receive a record classification rule configured to identify sensitive records having a sensitive data type stored on a plurality of enterprise databases, wherein the record classification rule specifies one or more field types;
  
  identify sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise databases and the one or more field types specified by the record classification rule;
  
  transmit a plurality of status indicators corresponding to a plurality of groups of enterprise databases, wherein each group of enterprise databases shares at least one common attribute and wherein each status indicator is based at least in part on identified sensitive data records in each group of enterprise databases;
  
  receive a selection of a status indicator in the plurality of status indicators, the status indicator corresponding to a group of enterprise databases in the plurality of groups of enterprise databases;
  
  receive a selection of a protection policy, the protection policy configured to apply a data transformation to data associated with any data records that are linked to the protection policy; and
  
  apply the selected protection policy to the identified sensitive data records in the group of enterprise databases corresponding to the selected status indicator to link the identified sensitive data records in the group of enterprise databases with the selected protection policy.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the instructions that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to apply the data transformation to identified sensitive data records in the group of enterprise databases further cause at least one of the one or more processors to:
    - identify a source database in the group of enterprise databases which provides the identified sensitive data records to other enterprise databases in the group of enterprise databases; and
      
      apply the selected protection policy to the identified sensitive data records on of the identified source database to link the identified sensitive data records in the identified source database with the selected protection policy.
  - 10. The apparatus of claim 8, wherein each status indicator is based at least in part on at least one assessment score corresponding to at least one enterprise databases in each group of enterprise databases and wherein each assessment score is determined based on one or more of:
    - a number of identified sensitive data records in a corresponding enterprise database, a number of sensitive fields in the identified sensitive data records of the corresponding enterprise database, a number of dependent enterprise databases obtaining the identified sensitive data records from the corresponding enterprise database, a value of the identified sensitive data records of the corresponding enterprise database, whether a transformation corresponding to a protection policy has been applied to the identified sensitive data records of the corresponding enterprise database, or a record cost value corresponding to the sensitive data type of the identified sensitive data records.
  - 11. The apparatus of claim 8, wherein an area of each status indicator corresponds to a a number of identified sensitive data records in the corresponding group of enterprise databases and wherein a color of each status indicator corresponds to an assessment score of the corresponding group of enterprise databases.
  - 12. The apparatus of claim 8, wherein the instructions that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to identify one or more sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise and the one or more field types specified by the record classification rule further cause at least one of the one or more processors to:
    - identify one or more field classification rules specifying one or more character patterns corresponding to the one or more field types specified by the record classification rule;
      
      retrieve header data corresponding to one or more data records sampled from an enterprise database;
      
      apply pattern recognition rules to the header data using the character patterns of the one or more field classification rules to identify one or more fields in the one or more data records; and
      
      identify the one or more data records as having the sensitive type based at least in part on a comparison of the identified one or more fields and the one or more field types specified by the record classification rule.
  - 13. The apparatus of claim 12, wherein the one or more records comprise a plurality of data records, wherein the pattern recognition rules are applied to the header data using the character patterns of the one or more field classification rules to identify one or more fields in the plurality of data records, and wherein the instructions that, when executed by at least one of the one or more processors, cause at least one of the one or more processors to identify the one or more data records as having the sensitive type based at least in part on a comparison of the identified one or more fields and the one or more field types specified by the record classification rule further cause at least one of the one or more processors to:
    - determine a quantity of data records in the plurality of records having identified fields matching the one or more field types specified by the record classification rule; and
      
      identify the plurality of data records as having the sensitive type based at least in part on a determination that the quantity of data records exceeds a verification threshold.
  - 14. The apparatus of claim 8, wherein the data transformation comprises one or more of:
    - a persistent masking transformation configured to mask stored data in the identified sensitive data records;
      
      a dynamic masking transformation configured to selectively mask data requested from the identified sensitive data records;
      
      a blocking transformation configured to transform permissions associated with the identified sensitive data records;
      
      an encryption transformation configured to encrypt data associated with the identified sensitive data records;
      
      ora tokenization transformation configured to tokenize data associated with the identified sensitive data records.

15. At least one non-transitory computer-readable medium storing computer-readable instructions that, when executed by one or more computing devices, cause at least one of the one or more computing devices to:
- receive a record classification rule configured to identify sensitive records having a sensitive data type stored on a plurality of enterprise databases, wherein the record classification rule specifies one or more field types;
  
  identify sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise databases and the one or more field types specified by the record classification rule;
  
  transmit a plurality of status indicators corresponding to a plurality of groups of enterprise databases, wherein each group of enterprise databases shares at least one common attribute and wherein each status indicator is based at least in part on identified sensitive data records in each group of enterprise databases;
  
  receive a selection of a status indicator in the plurality of status indicators, the status indicator corresponding to a group of enterprise databases in the plurality of groups of enterprise databases;
  
  receive a selection of a protection policy, the protection policy configured to apply a data transformation to data associated with any data records that are linked to the protection policy; and
  
  apply the selected protection policy to the identified sensitive data records in the group of enterprise databases corresponding to the selected status indicator to link the identified sensitive data records in the group of enterprise databases with the selected protection policy.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The at least one non-transitory computer-readable medium of claim of claim 15, wherein the instructions that, when executed by at least one of the one or more computing devices, cause at least one of the one or more computing devices to apply the data transformation to identified sensitive data records in the group of enterprise databases further cause at least one of the one or more computing devices to:
    - identify a source database in the group of enterprise databases which provides the identified sensitive data records to other enterprise databases in the group of enterprise databases; and
      
      apply the selected protection policy to the identified sensitive data records on ef the identified source database to link the identified sensitive data records in the identified source database with the selected protection policy.
  - 17. The at least one non-transitory computer-readable medium of claim of claim 15, wherein each status indicator is based at least in part on at least one assessment score corresponding to at least one enterprise databases in each group of enterprise databases and wherein each assessment score is determined based on one or more of:
    - a number of identified sensitive data records in a corresponding enterprise database, a number of sensitive fields in the identified sensitive data records of the corresponding enterprise database, a number of dependent enterprise databases obtaining the identified sensitive data records from the corresponding enterprise database, a value of the identified sensitive data records of the corresponding enterprise database, whether a transformation corresponding to a protection policy has been applied to the identified sensitive data records of the corresponding enterprise database, or a record cost value corresponding to the sensitive data type of the identified sensitive data records.
  - 18. The at least one non-transitory computer-readable medium of claim of claim 15, wherein an area of each status indicator corresponds to a a number of identified sensitive data records in the corresponding group of enterprise databases and wherein a color of each status indicator corresponds to an assessment score of the corresponding group of enterprise databases.
  - 19. The at least one non-transitory computer-readable medium of claim of claim 15, wherein the instructions that, when executed by at least one of the one or more computing devices, cause at least one of the one or more computing devices to identify one or more sensitive data records having the sensitive data type based at least in part on header data corresponding to a plurality of data records stored on the plurality of enterprise and the one or more field types specified by the record classification rule further cause at least one of the one or more computing devices to:
    - identify one or more field classification rules specifying one or more character patterns corresponding to the one or more field types specified by the record classification rule;
      
      retrieve header data corresponding to one or more data records sampled from an enterprise database;
      
      apply pattern recognition rules to the header data using the character patterns of the one or more field classification rules to identify one or more fields in the one or more data records; and
      
      identify the one or more data records as having the sensitive type based at least in part on a comparison of the identified one or more fields and the one or more field types specified by the record classification rule.
  - 20. The at least one non-transitory computer-readable medium of claim of claim 19, wherein the one or more records comprise a plurality of data records, wherein the pattern recognition rules are applied to the header data using the character patterns of the one or more field classification rules to identify one or more fields in the plurality of data records, and wherein the instructions that, when executed by at least one of the one or more computing devices, cause at least one of the one or more computing devices to identify the one or more data records as having the sensitive type based at least in part on a comparison of the identified one or more fields and the one or more field types specified by the record classification rule further cause at least one of the one or more computing devices to:
    - determine a quantity of data records in the plurality of records having identified fields matching the one or more field types specified by the record classification rule; and
      
      identify the plurality of data records as having the sensitive type based at least in part on a determination that the quantity of data records exceeds a verification threshold.
  - 21. The at least one non-transitory computer-readable medium of claim of claim 15, wherein the data transformation comprises one or more of:
    - a persistent masking transformation configured to mask stored data in the identified sensitive data records;
      
      a dynamic masking transformation configured to selectively mask data requested from the identified sensitive data records;
      
      a blocking transformation configured to transform permissions associated with the identified sensitive data records;
      
      an encryption transformation configured to encrypt data associated with the identified sensitive data records;
      
      ora tokenization transformation configured to tokenize data associated with the identified sensitive data records.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Informatica LLC (Informatica, Inc. (California))
Original Assignee
Informatica LLC (Informatica, Inc. (California))
Inventors
Grondin, Richard, Gupta, Rahul
Primary Examiner(s)
To, Baotran N
Assistant Examiner(s)
Shirazi, Sayed Beheshti

Application Number

US14/705,718
Publication Number

US 20150324606A1
Time in Patent Office

888 Days
Field of Search

726 1, 726 25, 726 26, 726 27
US Class Current
CPC Class Codes

G06F 16/285   Clustering or classification

G06F 16/955   using information identifie...

G06F 21/6227   where protection concerns t...

G06F 21/6245   Protecting personal data, e...

G06F 3/0482   Interaction with lists of s...

G06F 3/04842   Selection of displayed obje...

H04L 63/205   involving negotiation or de...

Identifying and securing sensitive data at its source

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

266 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Identifying and securing sensitive data at its source

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

266 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others