System and Method for Real Time Data Awareness
First Claim
1. A system comprising:
- a sensor configured to;
passively read data in packets as the packets are in motion on a network; and
a processor cooperatively operable with the sensor, the processor being a hardware processor, and configured to;
receive the read data from the sensor;
originate map profiles of files and file data, both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts; and
the destinations;
infer a user role for a user based on the file and the file data being used by the user and how the user is transferring or accessing the file and the file data; and
detect when the user is performing an inappropriate usage from the user role and the read data from the sensor to control access to particular files.
0 Assignments
0 Petitions
Accused Products
Abstract
A system includes a sensor and a processor. The sensor is configured to passively read data in packets as the packets are in motion on a network. The processor is cooperatively operable with the sensor. The processor is configured to receive the read data from the sensor; and originate map profiles of files and file data, both from the read data from the sensor, as the passively read packets are in motion on the network. The processor is also configured to infer a user role for a user who is using the file and the file data and how the user is transferring or accessing the file and the file data. Inappropriate usage being performed by the user can then be detected from the user role and the read data to control access to particular files.
7 Citations
26 Claims
-
1. A system comprising:
-
a sensor configured to; passively read data in packets as the packets are in motion on a network; and a processor cooperatively operable with the sensor, the processor being a hardware processor, and configured to; receive the read data from the sensor; originate map profiles of files and file data, both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts; and
the destinations;infer a user role for a user based on the file and the file data being used by the user and how the user is transferring or accessing the file and the file data; and detect when the user is performing an inappropriate usage from the user role and the read data from the sensor to control access to particular files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
in a sensor, passively reading data in packets as the packets are in motion on a network; in a processor, the processor being a hardware processor; receiving the read data from the sensor; originating map profiles of files and file data both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts and the destinations;inferring a user role for a user from who is using the file and the file data and how the user is transferring or accessing the file and the file data; and detecting when the user is performing an inappropriate usage from the user role and the read data from the sensor to control access to particular files. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A non-transitory computer-readable storage medium comprising computer-executable instructions for performing the steps of:
-
passively reading, from a sensor, data in packets as the packets are in motion on a network; receiving, in a processor, the read data from the sensor; originating map profiles of files and file data, both from the read data from the sensor, as the packets are in motion on the network, wherein the map profile is a topographical map of locations of the files on the network, and wherein the map profile further designates users who have accessed the files and at least one of;
hosts which contain the files;
destinations to where the files were transferred; and
file directories of the files on the hosts and the destinations;inferring a user role for a user from who is using the file and the file data and how the user is transferring or accessing the file and the file data; and detecting when the user is performing an inappropriate usage from the user role and the read data from the sensor to control access to particular files. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification