Time and space efficient method and system for detecting structured data in free text
First Claim
Patent Images
1. A computer-implemented method, comprising:
- identifying structured data for protection;
creating, by a server computer system, an index of the structured data, the index comprising a set of Bloom filters and a list of token type patterns, wherein the set of Bloom filters comprises a plurality of Bloom filters;
generating a data loss prevention (DLP) policy comprising the index and a DLP response rule; and
distributing the DLP policy comprising the index and the DLP response rule to an endpoint device, wherein the set of Bloom filters and the list of token type patterns in the index are to be used together for detection of structured data in free text data associated with the endpoint device, and the DLP response rule is to trigger an action to protect the structured data responsive to the detection of the structured data in the free text data.
2 Assignments
0 Petitions
Accused Products
Abstract
A server system identifies structured data for protection and creates an index of the structured data, the index comprising a set of Bloom filters. The server system distributes the index to an endpoint device to enable the endpoint device to monitor for structured data occurring in free text data associated with the endpoint device. The endpoint device may load, from the index file, a set of Bloom filters into memory and identify free text data for monitoring. The endpoint device may then determine whether the free text data contains at least a portion of the structured data using the set of Bloom filters.
65 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
identifying structured data for protection; creating, by a server computer system, an index of the structured data, the index comprising a set of Bloom filters and a list of token type patterns, wherein the set of Bloom filters comprises a plurality of Bloom filters; generating a data loss prevention (DLP) policy comprising the index and a DLP response rule; and distributing the DLP policy comprising the index and the DLP response rule to an endpoint device, wherein the set of Bloom filters and the list of token type patterns in the index are to be used together for detection of structured data in free text data associated with the endpoint device, and the DLP response rule is to trigger an action to protect the structured data responsive to the detection of the structured data in the free text data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An endpoint device, comprising:
-
a memory; and a processing device coupled with the memory to; receive a data loss prevention (DLP) policy comprising an index file pertaining to structured data to be protected and a DLP response rule; load, from the index file, a set of Bloom filters into memory, wherein the set of Bloom filters comprises a plurality of Bloom filters; load, from the index file, a list of token type patterns into memory; identify free text data for monitoring; determine whether the free text data contains at least a portion of the structured data using the set of Bloom filters and the list of token type patterns; and perform an action designated by the DLP response rule responsive to detection of the structured data in the free text data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium including instructions that, when executed by a processor, cause the processor to:
-
identify structured data for protection; create, by the processor, an index of the structured data, the index comprising a set of Bloom filters and a list of token type patterns, wherein the set of Bloom filters comprises a plurality of Bloom filters; generate a data loss prevention (DLP) policy comprising the index and a DLP response rule; and distribute the DLP policy comprising the index and the DLP response rule to an endpoint device, wherein the set of Bloom filters and the list of token type patterns in the index are to be used together for detection of structured data in free text data associated with the endpoint device, and the DLP response rule is to trigger an action to protect the structured data responsive to the detection of the structured data in the free text data. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification