Privacy protection during insider threat monitoring
First Claim
1. A computer-implementable method for performing a privacy operation, comprising:
- monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device, the Input/output collector capturing the user/device interactions through the use of at least one of an electronic device, a computer system comprising a hardware processor and a software application executing on the hardware processor of the computer system;
determining whether the user/device interactions include sensitive personal information;
obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information;
storing sensitive personal information that has been obfuscated within an obfuscated sensitive personal information repository, the sensitive personal information being stored via a one-way function, the one-way function preventing access to the sensitive personal information unless access to the sensitive personal information is authorized; and
,allowing access to the sensitive personal information stored within the obfuscated sensitive personal information repository only when a security administrator is authorized to access the sensitive personal information, the allowing access only when the security administrator is authorized providing conditional sensitive personal information access, authorization to access the sensitive personal information being provided via a superior of the administrator, access to the sensitive personal information being via a security analytics system.
8 Assignments
0 Petitions
Accused Products
Abstract
A method, system and computer-usable medium are disclosed for performing a privacy operation, comprising: monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; storing obfuscated sensitive personal information within an obfuscated sensitive personal information repository; and, allowing access to the obfuscated sensitive personal information stored within the obfuscated sensitive personal information repository only when an administrator is authorized to access the obfuscated sensitive personal information so as to provide conditional sensitive personal information access.
75 Citations
17 Claims
-
1. A computer-implementable method for performing a privacy operation, comprising:
-
monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device, the Input/output collector capturing the user/device interactions through the use of at least one of an electronic device, a computer system comprising a hardware processor and a software application executing on the hardware processor of the computer system; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; storing sensitive personal information that has been obfuscated within an obfuscated sensitive personal information repository, the sensitive personal information being stored via a one-way function, the one-way function preventing access to the sensitive personal information unless access to the sensitive personal information is authorized; and
,allowing access to the sensitive personal information stored within the obfuscated sensitive personal information repository only when a security administrator is authorized to access the sensitive personal information, the allowing access only when the security administrator is authorized providing conditional sensitive personal information access, authorization to access the sensitive personal information being provided via a superior of the administrator, access to the sensitive personal information being via a security analytics system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a processor; a data bus coupled to the processor; and a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for; monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device, the Input/output collector capturing the user/device interactions through the use of at least one of an electronic device, a computer system comprising a hardware processor and a software application executing on the hardware processor of the computer system; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; storing sensitive personal information that has been obfuscated within an obfuscated sensitive personal information repository, the sensitive personal information being stored via a one-way function, the one-way function preventing access to the sensitive personal information unless access to the sensitive personal information is authorized; and
,allowing access to the sensitive personal information stored within the obfuscated sensitive personal information repository only when a security administrator is authorized to access the sensitive personal information, the allowing access only when the security administrator is authorized providing conditional sensitive personal information access, authorization to access the sensitive personal information being provided via a superior of the administrator, access to the sensitive personal information being via a security analytics system. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
-
monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device, the Input/output collector capturing the user/device interactions through the use of at least one of an electronic device, a computer system comprising a hardware processor and a software application executing on the hardware processor of the computer system; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; storing sensitive personal information that has been obfuscated within an obfuscated sensitive personal information repository, the sensitive personal information being stored via a one-way function, the one-way function preventing access to the sensitive personal information unless access to the sensitive personal information is authorized; and
,allowing access to the sensitive personal information stored within the obfuscated sensitive personal information repository only when a security administrator is authorized to access the sensitive personal information, the allowing access only when the security administrator is authorized providing conditional sensitive personal information access, authorization to access the sensitive personal information being provided via a superior of the administrator, access to the sensitive personal information being via a security analytics system. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification