Patent Issued for Dynamic monitoring of movement of data (USPTO 11416631): International Business Machines Corporation
2022 SEP 02 (NewsRx) -- By a
The patent’s inventors are Galil, Guy (
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “Protecting sensitive data is critical for data protection and for meeting regulation requirements (e.g. general data protection regulation (GDPR), the
“The data protection and monitoring system may typically capture or sniff data accesses to a database (e.g., requests and responses) in real-time and analyze the data according to policy rules to identify sensitive data. The data protection and monitoring system may include a data activity monitor (DAM) and/or file activity monitor (FAM). The requests and responses sniffed by the data protection and monitoring system may include data packets that may include a data access command, also referred to as query, e.g., a structured query language (SQL) statements, or a response, and associated header information. The header may include parameters such as machine information, network information, user information, client information, etc.
“The data protection and monitoring system may rely on policies to determine what data access to track, alert on and even block. Such policies may use predetermined lists of repositories (e.g., data sources) and objects (e.g., collections and tables) that are categorized as including sensitive data and therefore need protection, e.g., special handling. However, in prior art systems, when sensitive data is copied or moved from monitored repositories or objects to unknown, un-monitored repositories, the copied data is no longer marked as sensitive and the measures that are normally taken to protect sensitive data are not performed.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “According to embodiments of the invention, a system and method for monitoring of movement of data in a computer network may include: parsing a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the message; examining at least one of the template, metadata and data of the message to identify messages related to movement of data that is classified as sensitive; and generating a flow graph indicative of new locations of the sensitive data.
“Embodiments of the invention may further include applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“Embodiments of the invention may further include using the flow graph to detect a data leak through multiple movements of the data.
“According to embodiments of the invention, examining the metadata may include identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data.
“According to embodiments of the invention, examining the data and metadata may include: checking if the message includes known types or categories of sensitive data.”
The claims supplied by the inventors are:
“1. A method for monitoring of movement of data in a computer network, the method comprising: maintaining a dictionary of data, metadata and templates associated with sensitive data; ordering the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associating an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; removing from the dictionary templates, data and metadata with importance level below a threshold; parsing a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the message; examining at least one of the template, metadata and data of the to identify messages related to movement of data that is classified as sensitive message by matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary; and generating a flow graph indicative of new locations of the sensitive data.
“2. The method of claim 1, comprising: applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“3. The method of claim 1, comprising: using the flow graph to detect a data leak through multiple movements of the data.
“4. The method of claim 1, wherein examining the metadata comprises identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data.
“5. The method of claim 1, wherein examining the data and metadata comprises: checking if the message includes known types or categories of sensitive data.
“6. The method of claim 1, wherein examining the template, data and metadata comprises performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing.
“7. The method of claim 1, wherein examining the data access command comprises identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data.
“8. A system for monitoring of movement of data in a computer network, the system comprising: a memory; and a processor configured to: maintain a dictionary of data, metadata and templates associated with sensitive data; order the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associate an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; and remove from the dictionary templates, data and metadata with importance level below a threshold; parse a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the data access command; examine at least one of the template, metadata and data of the message to identify messages related to movement of data that is classified as sensitive by matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary; and generate a flow graph indicative of new locations of the sensitive data.
“9. The system of claim 8, wherein the processor is configured to: apply policy rules to the new locations of the sensitive data to monitor access to the new location.
“10. The system of claim 8, wherein the processor is configured to: use the flow graph to detect a data leak through multiple movements of the data.
“11. The system of claim 8, wherein the processor is configured to examine the metadata by identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data.
“12. The system of claim 8, wherein the processor is configured to examine the data and metadata by checking if the message includes known types or categories of sensitive data.
“13. The system of claim 12, wherein the processor is configured to examine the template, data and metadata by performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing.
“14. The system of claim 8, wherein the processor is configured to examine the data access command by identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data.
“15. A method for monitoring movement of data in a computer database, the method comprising: maintaining a dictionary of data, metadata and templates associated with sensitive data; ordering the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associating an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; removing from the dictionary templates, data and metadata with importance level below a threshold; parsing data access commands sent to the computer database and responses to a data access commands, to extract a template, metadata and data of the data access commands; examining the template, metadata and data to identify data access commands and responses related to movement of sensitive data by matching the templates, data and metadata in the data access commands to the templates, data and metadata in the dictionary; and applying policy rules to the new locations of the sensitive data to monitor access to the new location.
“16. The method of claim 15, comprising: generating a flow graph indicative of new locations of the sensitive data.”
For the URL and additional information on this patent, see: Galil, Guy. Dynamic monitoring of movement of data.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Application Titled “Data Processing Systems For Assessing Readiness For Responding To Privacy-Related Incidents” Published Online (USPTO 20220261717): OneTrust LLC
Flight Delay Insurance Market to Witness Huge Growth by 2028 : AIG, Allianz, PICC: Flight Delay Insurance Market 2022-2028
Advisor News
- Women say their advisors respect them, but talk down to them
- How PEPs compare with traditional 401(k)s
- Allianz studies why 42% of Americans retire sooner than expected
- Why advisors should be talking about life settlements
- Millennials are ready to bring their advisor to the family table
More Advisor NewsAnnuity News
- NAIC regulators continue pushing for annuity illustration updates
- Wink: Flat first-quarter annuity sales fall just short of $100B
- 26North Re Agrees to Acquire 100% of Independent Insurance Group
- Matthew Michelini named Athene president, with an eye on annuity growth
- Lincoln Financial Announces Executive Leadership Transitions
More Annuity NewsHealth/Employee Benefits News
- Cigna, UC Health in contract dispute with July 1 deadline on patient coverage
- Tom Campbell: Our healthcare system is spiraling out of control
- After Iowa Medicaid goes private, abuse rises, wait for services soars
- NEW YORK SENATE VOTES TO MODERNIZE PAID MEDICAL LEAVE BENEFITS FOR WORKERS FACING CANCER AND SERIOUS ILLNESS, ACS CAN CALLS ON ASSEMBLY TO DELIVER FOR PATIENTS AND PASS BILL
- Cuts coming to Kentucky Medicaid program, social services and more
More Health/Employee Benefits NewsLife Insurance News
- AM Best Affirms Credit Ratings of CVS Health Corporation’s Aetna Inc. Subsidiaries
- AM Best Assigns Issue Credit Ratings to The Northwestern Mutual Life Insurance Company’s New Surplus Notes
- Prudential announces more layoffs as insurer continues to restructure
- Pradip Patiath Joins Securian Financial Board of Directors
- Over $107 million in life insurance benefits located for Tennesseans in 2025
More Life Insurance News