Patent Application Titled “Dynamic Monitoring Of Movement Of Data” Published Online (USPTO 20220043927): Patent Application
2022 FEB 25 (NewsRx) -- By a
No assignee for this patent application has been made.
Reporters obtained the following quote from the background information supplied by the inventors: “Protecting sensitive data is critical for data protection and for meeting regulation requirements (e.g. general data protection regulation (GDPR), the
“The data protection and monitoring system may typically capture or sniff data accesses to a database (e.g., requests and responses) in real-time and analyze the data according to policy rules to identify sensitive data. The data protection and monitoring system may include a data activity monitor (DAM) and/or file activity monitor (FAM). The requests and responses sniffed by the data protection and monitoring system may include data packets that may include a data access command, also referred to as query, e.g., a structured query language (SQL) statements, or a response, and associated header information. The header may include parameters such as machine information, network information, user information, client information, etc.
“The data protection and monitoring system may rely on policies to determine what data access to track, alert on and even block. Such policies may use predetermined lists of repositories (e.g., data sources) and objects (e.g., collections and tables) that are categorized as including sensitive data and therefore need protection, e.g., special handling. However, in prior art systems, when sensitive data is copied or moved from monitored repositories or objects to unknown, un-monitored repositories, the copied data is no longer marked as sensitive and the measures that are normally taken to protect sensitive data are not performed.”
In addition to obtaining background information on this patent application, NewsRx editors also obtained the inventors’ summary information for this patent application: “According to embodiments of the invention, a system and method for monitoring of movement of data in a computer network may include: parsing a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the message; examining at least one of the template, metadata and data of the message to identify messages related to movement of data that is classified as sensitive; and generating a flow graph indicative of new locations of the sensitive data.
“Embodiments of the invention may further include applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“Embodiments of the invention may further include using the flow graph to detect a data leak through multiple movements of the data.
“According to embodiments of the invention, examining the metadata may include identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data.
“According to embodiments of the invention, examining the data and metadata may include: checking if the message includes known types or categories of sensitive data.
“According to embodiments of the invention, examining the template, data and metadata may include performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing.
“Embodiments of the invention may further include maintaining a dictionary of data, metadata and templates associated with sensitive data, wherein examining the template, metadata and data of the message may include matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary.
“Embodiments of the invention may further include ordering the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associating an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; and removing from the dictionary templates, data and metadata and with importance level below a threshold.
“According to embodiments of the invention, examining the data access command may include identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data.
“According to embodiments of the invention, a system and method for monitoring movement of data in a computer database, may include: parsing data access commands sent to the computer database and responses to a data access commands, to extract a template, metadata and data: examining the template, metadata and data to identify data access commands and responses related to movement of sensitive data; and applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“Embodiments of the invention may further include generating a flow graph indicative of new locations of the sensitive data.
“It will be appreciated that for simplicity and clarity of illustration, elements shown in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity. Further, where considered appropriate, reference numerals may be repeated among the figures to indicate corresponding or analogous elements.”
The claims supplied by the inventors are:
“1. A method for monitoring of movement of data in a computer network, the method comprising: parsing a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the message; examining at least one of the template, metadata and data of the message to identify messages related to movement of data that is classified as sensitive; and generating a flow graph indicative of new locations of the sensitive data.
“2. The method of claim 1, comprising: applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“3. The method of claim 1, comprising: using the flow graph to detect a data leak through multiple movements of the data.
“4. The method of claim 1, wherein examining the metadata comprises identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data.
“5. The method of claim 1, wherein examining the data and metadata comprises: checking if the message includes known types or categories of sensitive data.
“6. The method of claim 1, wherein examining the template, data and metadata comprises performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing.
“7. The method of claim 1, comprising: maintaining a dictionary of data, metadata and templates associated with sensitive data, wherein examining the template, metadata and data of the message comprises matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary.
“8. The method of claim 7, comprising: ordering the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associating an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; and removing from the dictionary templates, data and metadata and with importance level below a threshold.
“9. The method of claim 1, wherein examining the data access command comprises identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data.
“10. A system for monitoring of movement of data in a computer network, the system comprising: a memory; and a processor configured to: parse a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the data access command; examine at least one of the template, metadata and data of the message to identify messages related to movement of data that is classified as sensitive; and generate a flow graph indicative of new locations of the sensitive data.
“11. The system of claim 10, wherein the processor is configured to: apply policy rules to the new locations of the sensitive data to monitor access to the new location.
“12. The system of claim 10, wherein the processor is configured to: use the flow graph to detect a data leak through multiple movements of the data.
“13. The system of claim 10, wherein the processor is configured to examine the metadata by identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data.
“14. The system of claim 10, wherein the processor is configured to examine the data and metadata by checking if the message includes known types or categories of sensitive data.
“15. The system of claim 14, wherein the processor is configured to examine the template, data and metadata by performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing.
“16. The system of claim 10, wherein the processor is configured to: maintain a dictionary of data, metadata and templates associated with sensitive data, wherein the processor is configured to examine the template, metadata and data of the message by matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary.
“17. The system of claim 16, wherein the processor is configured to: order the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associate an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; and remove from the dictionary templates, data and metadata and with importance level below a threshold.
“18. The system of claim 10, wherein the processor is configured to examine the data access command by identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data.
“19. A method for monitoring movement of data in a computer database, the method comprising: parsing data access commands sent to the computer database and responses to a data access commands, to extract a template, metadata and data; examining the template, metadata and data to identify data access commands and responses related to movement of sensitive data; and applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“20. The method of claim 19, comprising: generating a flow graph indicative of new locations of the sensitive data.”
For more information, see this patent application: GALIL, Guy; Sofer, Oded. Dynamic Monitoring Of Movement Of Data. Filed
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Application Titled “Utilizing Machine Learning Models, Predictive Analytics, And Data Mining To Identify A Vehicle Insurance Fraud Ring” Published Online (USPTO 20220044256): Patent Application
Patent Application Titled “Systems, Devices, And Methods For Software Coding” Published Online (USPTO 20220043638): Massachusetts Mutual Life Insurance Company
Advisor News
- EDITORIAL: Home insurance, tax increases harm county’s housing options
- Nationwide Financial Services President John Carter to retire at year end
- FINRA, FBI warn about generative AI and finances
- Prudential study: Babies born today will likely need nearly $2M to retire
- Economy performing better than expected, Morningstar says
More Advisor NewsAnnuity News
- Perspectives: Should I trust my retirement to an insurance company?
- Prudential Financial to Reinsure $7B Japanese Whole Life Block with Prismic Life
- Nationwide Financial Services President John Carter to retire at year end
- Pension Rights Center: PRT deals could lead to ‘nationwide catastrophe’ regulated
- Allianz Life Retirement Solutions Now Available Through Morgan Stanley
More Annuity NewsHealth/Employee Benefits News
- Rule tweak disruptive to mental health care
Providers say change at federal level puts vulnerable at risk
Nebraska mental health providers say federal change puts vulnerable at risk
- New administration puts Medicaid on chopping block
- UnitedHealthcare names new CEO after Brian Thompson's killing
- Reform or ban? Prior authorization for health insurance is under negotiation in NC
- State says agreement reached in contract dispute between Anthem, St. Joseph Hospital
More Health/Employee Benefits NewsLife Insurance News
- 9th Circuit: proof of harm required in California life insurance lapse lawsuit
- Legals for January, 24 2025
- U-Haul Holding Company Schedules Third Quarter Fiscal 2025 Financial Results Release and Investor Webcast
- BetterLife, CSA merger brings organizations with Czech-Slovak roots together
- AM Best Affirms Credit Ratings of Nippon Life Insurance Company and Its Subsidiary
More Life Insurance News