Method and apparatus for data security analysis of data flows
First Claim
Patent Images
1. A method comprising:
- establishing communication with a plurality of monitoring systems, wherein each of the monitoring systems is disparate from one another;
aggregating alerts from the plurality of monitoring systems, wherein the alerts relate to use, storage, transmission, deletion or processing of data from the plurality of monitoring systems;
determining one or more uniform data flow steps by standardizing the aggregated alerts; and
storing the one or more uniform data flow steps in a central database that is external to the plurality of monitoring systems.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus useful for data risk monitoring and management includes configuration and analysis of data flows to identify and assess risk and compliance to various regulatory standards and business practices. The evaluation of monitored data flows are then further used to identify potential security risks based on deviation from expected flows or compliant handling methods.
12 Citations
20 Claims
-
1. A method comprising:
-
establishing communication with a plurality of monitoring systems, wherein each of the monitoring systems is disparate from one another; aggregating alerts from the plurality of monitoring systems, wherein the alerts relate to use, storage, transmission, deletion or processing of data from the plurality of monitoring systems; determining one or more uniform data flow steps by standardizing the aggregated alerts; and storing the one or more uniform data flow steps in a central database that is external to the plurality of monitoring systems. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
at least one processor; and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following, establish communication with a plurality of monitoring systems, wherein each of the monitoring systems is disparate from one another; aggregate alerts from the plurality of monitoring systems, wherein the alerts relate to use, storage, transmission, deletion or processing of data from the plurality of monitoring systems; determine one or more uniform data flow steps by standardizing the aggregated alerts; and store the one or more uniform data flow steps in a central database that is external to the plurality of monitoring systems. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
assigning a policy to a data element associated with a data flow, wherein the data flow includes one or more data flow steps specifying usage of the data element, the policy being associated with a classification level for the data element; determining a data flow configuration according to the classification level involving how the data element is processed by a plurality of processing nodes; determining an expected sequence of the processing nodes that will interact with the data element according to the data flow configuration; monitoring an observed sequence of the processing nodes based on detected processing of the data element; and comparing the observed sequence with the expected sequence to identify a potential security issue. - View Dependent Claims (18, 19, 20)
-
Specification