Data security system and method associated with data mining
DCFirst Claim
1. A method of securing data based upon a plurality of security levels, each with a predetermined security clearance, in a computer system having a plurality of computers therein and a plurality of memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels operatively coupled over a communications network, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements or icons, comprising:
- extracting said security sensitive content from said data to obtain (a) subsets of extracted data and (b) remainder data;
storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
The data security method, system and associated data mining enables multiple users, each having a respective security clearance level to access security sensitive words, data objects, characters or icons. The method extracts security sensitive words, data objects, characters or icons from plaintext or other source documents to obtain (a) subsets of extracted data and (b) remainder data. The extracted data is, in one embodiment, stored in a multilevel security system (MLS) which separates extract data of different security levels with MLS guards. Some or all of the original data is reconstructed via one or more of the subsets of extracted data and remainder data only in the presence of a predetermined security level. In this manner, an inquiring party, with the proper security clearance, can data mine the data in the MLS secured storage.
282 Citations
90 Claims
-
1. A method of securing data based upon a plurality of security levels, each with a predetermined security clearance, in a computer system having a plurality of computers therein and a plurality of memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels operatively coupled over a communications network, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements or icons, comprising:
-
extracting said security sensitive content from said data to obtain (a) subsets of extracted data and (b) remainder data; storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computerized method of securing data based upon a plurality of security levels, each with a predetermined security clearance, in memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements or icons, comprising:
-
extracting said security sensitive content from said data to obtain subsets of extracted data and remainder data; storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A computer readable storage medium containing programming instructions for securing data based upon a plurality of security levels, each with a predetermined security clearance, in a computer system having a plurality of computers therein and a plurality of memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels operatively coupled over a communications network, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements, or icons, the programming instructions comprising:
-
extracting said security sensitive content from said data to obtain (a) subsets of extracted data and (b) remainder data; storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A computer readable storage medium containing programming instructions for securing data based upon a plurality of security levels, each with a predetermined security clearance, in a plurality of memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements or icons, comprising:
-
extracting said security sensitive content from said data to obtain (a) subsets of extracted data and (b) remainder data; storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores. - View Dependent Claims (48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
-
-
65. An information processing system for securing data based upon a plurality of security levels, each with a predetermined security clearance, in a computer system having a plurality of computers therein and a plurality of memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels operatively coupled over a communications network, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements or icons, comprising:
-
means for extracting said security sensitive content from said data to obtain (a) subsets of extracted data and (b) remainder data; means for storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,means for permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores. - View Dependent Claims (66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78)
-
-
79. An information processing system for securing data based upon a plurality of security levels, each with a predetermined security clearance, in a plurality of memories designated as a remainder store and a plurality of extract stores for respective ones of said plurality of security levels, said data having security sensitive content represented by one or more security sensitive words, data objects, characters, images, data elements or icons, comprising:
-
means for extracting said security sensitive content to obtain (a) subsets of extracted data and (b) remainder data; means for storing said extracted data and said remainder data in respective extract stores, corresponding to the respective security level of the extracted data, and said remainder store, respectively; and
,means for permitting reconstruction of some or all of said data via one or more of said subsets of extracted data from respective extract stores and remainder data only in the presence of predetermined security clearance for said respective security level corresponding to said respective extract stores. - View Dependent Claims (80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90)
-
Specification