Data security system and method
DCFirst Claim
1. A method of securing data on a personal computer having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a distributed computer system with a plurality of other computers and a plurality of extract data stores for respective ones of said plurality of security levels, said personal computer, said other computers and said extract data stores operatively connected together over a communications network comprising:
- accepting data input which includes security sensitive content via said personal computer;
extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data;
storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said personal computer and other computers; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances.
3 Assignments
Litigations
1 Petition
Accused Products
Abstract
The method for securing data on a personal computer having security sensitive content grouped into security levels, each with a clearance code, includes filtering and extracting sensitive content by security level and separately storing the security content in remote extract stores. Remainder data is stored locally or remotely. A map for selected extract stores may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Reconstruction of the data is permitted only in the presence of a predetermined security clearance. Full or partial reconstruction is possible, based upon the security clearances. A computer readable medium containing programming instructions and an information processing system is encompassed.
85 Citations
54 Claims
-
1. A method of securing data on a personal computer having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a distributed computer system with a plurality of other computers and a plurality of extract data stores for respective ones of said plurality of security levels, said personal computer, said other computers and said extract data stores operatively connected together over a communications network comprising:
-
accepting data input which includes security sensitive content via said personal computer; extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data; storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said personal computer and other computers; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer readable storage medium containing programming instructions for securing data on a personal computer having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a distributed computer system with a plurality of other computers and a plurality of extract data stores for respective ones of said plurality of security levels, said personal computer, said other computers and said extract data stores operatively connected together over a communications network, the programming instructions comprising:
-
accepting data input which includes security sensitive content via said personal computer; extracting said security sensitive content to obtain extracted data for each corresponding security level and remainder data; storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said personal computer and other computers; and
,permitting full or partial reconstruction of said data with corresponding extracted data and remainder data after accessing said respective extract stores for corresponding security levels with said associated security clearances. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. An information processing system for securing data on a personal computer having security sensitive content represented by one or more security sensitive words, characters, images or data objects therein, said security sensitive content having a plurality of security levels, each security level having an associated security clearance, the method of securing data deployed in a distributed computer system with a plurality of other computers and a plurality of extract data stores for respective ones of said plurality of security levels, said personal computer, said plurality of other computers and said extract data stores operatively coupled to a communications network comprising:
-
a filter adapted to receive said data input and to separate said security sensitive content as extracted data for each corresponding security level, leaving remainder data; means for storing said extracted data for each corresponding security level in the respective extract store and storing said remainder data in at least one of said personal computer and other computers; an access controller for permitting access to said respective extract stores for corresponding security levels with said associated security clearances; and
,a compiler, coupled to said means for storing and said access controller, for permitting full or partial reconstruction of said data via said respective extract stores and remainder data based upon said corresponding security levels and associated security clearances. - View Dependent Claims (52, 53, 54)
-
Specification