+

WO2010059747A2 - Procédés et systèmes de filtrage par correspondance exacte de données - Google Patents

Procédés et systèmes de filtrage par correspondance exacte de données Download PDF

Info

Publication number
WO2010059747A2
WO2010059747A2 PCT/US2009/065019 US2009065019W WO2010059747A2 WO 2010059747 A2 WO2010059747 A2 WO 2010059747A2 US 2009065019 W US2009065019 W US 2009065019W WO 2010059747 A2 WO2010059747 A2 WO 2010059747A2
Authority
WO
WIPO (PCT)
Prior art keywords
entity
entities
registered
candidate
ged
Prior art date
Application number
PCT/US2009/065019
Other languages
English (en)
Other versions
WO2010059747A3 (fr
Inventor
Scott More
Ilya Beyer
Original Assignee
Workshare Technology, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Workshare Technology, Inc. filed Critical Workshare Technology, Inc.
Publication of WO2010059747A2 publication Critical patent/WO2010059747A2/fr
Publication of WO2010059747A3 publication Critical patent/WO2010059747A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/212Monitoring or handling of messages using filtering or selective blocking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Definitions

  • the present invention relates to information security and more specifically relates to systems and methods for detecting and preventing unauthorized disclosure of secure information. Furthermore, the present invention pertains to methods and systems for exact data match filtering for structured data.
  • the organizations face the challenge of categorizing and maintaining the large corpus of digital information across potentially thousands of data stores, content management systems, end-user desktops, etc. It is therefore important to the organization to be able to store concise and lightweight versions of fingerprints corresponding to the vast amounts of image data. Furthermore, the organizations face the challenge of categorizing and maintaining the large corpus of digital information across potentially thousands of data stores, content management systems, end-user desktops, etc.
  • One solution to this challenge is to generate fingerprints from all of the digital information that the organization seeks to protect. These fingerprints tersely and securely represent the organization's secure data, and can be maintained in a database for later verification against the information that a user desires to disclose.
  • fingerprints are generated for the user's information, and these fingerprints are compared against the fingerprints stored in the fingerprint database. If the fingerprints of the user's information matches with fingerprints contained in the fingerprint server, suitable security actions are performed.
  • the user has at his disposal myriad options to disclose the information outside of the organization's protected environment.
  • the user could copy the digital information from his computer to a removable storage medium (e.g., a floppy drive, a USB storage device, etc.), or the user could email the information from his computer through the organization's email server, or the user could print out the information by sending a print request through the organization's print server, etc.
  • a removable storage medium e.g., a floppy drive, a USB storage device, etc.
  • the exact data match problem can be thought of as a massive, multi-keyword search problem.
  • Methods for exact keyword match include Wu- Manber and Aho-Corasick. However, these methods are disadvantageous because they do not scale beyond several thousand keywords in space or time.
  • Full blown databases can be employed for exact data matches, but they do not scale down to Agents residing on Laptops. There are also security concerns with duplicating all the confidential cell data within an organization directly.
  • an organization's digital information is scanned to retrieve "sensitive" candidate entities.
  • These sensitive entities correspond to structured data words (e.g., social security numbers, patient IDs, etc.) that the organization desires to protect from unauthorized disclosure.
  • the candidate entities are identified on the basis of word-patterns and/or heuristic rules.
  • the identified candidate entities are optionally converted to a canonical format to enable the data match inspection engine to be impervious to changes in character encoding, digital format, etc.
  • the candidate entities are then stored as registered entities in an entity database.
  • the entity database is a lightweight entity database (LWED) that supports a compressed version of the registered entities.
  • LWED lightweight entity database
  • the database compression can be achieved by storing the candidate entities in a data structure that supports membership query while introducing a small error of false positives in the membership query (e.g., a Bloom filter).
  • the entity database is a global entity database (GED) that is stored in association with a remote server.
  • the GED includes an uncompressed version of the registered entities (or corresponding hash-values of the entities), and also includes metadata information associated with each of the registered entities.
  • Protect agents are installed across several egress points (laptop, mail server, etc.) to monitor information being disclosed by a user. The protect agents receive digital information (e.g., textual information) that a user wishes to disclose using the egress point, and identifies candidate entities from the textual information.
  • the protect agent looks up the candidate entities against registered entities stored in the LWED. If the protect agent detects any matching candidate entities, the protect agent initiates an appropriate security action. In some embodiments, the protect agent communicates with a remote GED server (containing the GED). In such embodiments, the protect agent transmits the matching candidate entities to the GED server, where the candidate entities are again matched against the registered entities in the GED. The results of the GED comparison eliminate or reduce any false positives that may have resulted from the comparison of the candidate entities against the LWED. In some instances, the GED also supplies the protect agent with metadata associated with the matching candidate entities. The metadata information is useful in initiating various types of security actions.
  • FIG. 1 A illustrates an example of an overall setup to implement protect agents for exact data match filtering.
  • Fig. 1 B is a high-level block diagram showing an example of the architecture of an egress point or an entity server.
  • Fig. 2 is a flow diagram depicting a process for registering the entities for the digital information maintained by an organization.
  • Figure 3A is a block diagram illustrating an exemplary architecture of an egress point configured to operate a protect agent.
  • Figure 3B is a flow diagram illustrating an exemplary inspection process performed by the protect agent
  • Fig. 4 is a flow diagram illustrating various mechanisms used by the registration process and the inspection process to identify a candidate entity.
  • Figure 5 is a flow diagram depicting an exemplary process 500 for comparison of the received candidate entities.
  • Fig. 1 A illustrates an example of an overall setup to implement protect agents for exact data match filtering.
  • One of the means by which a user can disclose digital information outside of the organization's perimeter is by disclosing the information through his computer system 110.
  • Examples of such a computer system include a desktop computer, a laptop, a PDA or any such device that allows a user to access the organization's information.
  • the computing system 110 is connected to a network 125.
  • the computing system 110 comprises the desktop/laptop computer 111 through which the user accesses the organization's secure information. The user would be able to transfer information outside of the organization by transferring the information to any medium connected to the computer.
  • Such points i.e., computer hardware
  • egress points Such points (i.e., computer hardware) through which information can be transferred outside of the organization's protected environment are called egress points.
  • Examples of transferring data at egress points include copying the information from the computer to a CD disk 112 or any other optical storage medium, copying the information to a floppy drive 113 or any other tape medium, copying the information to a USB key 114 or other flash based storage medium, transferring the information by printing the information using a printer 115, copying information to the clipboard 115a of the local operating system, etc.
  • all the information that is transmitted through the computer 111 needs to be monitored to ensure that secure or sensitive information does not get transferred.
  • the information to be monitored may include digital textual data, image data, multimedia data etc.
  • digital information can be monitored by using, for example, fingerprinting technology to be enable registration and inspection of a large corpus of data. Examples of such fingerprinting technology are described in detail in related applications U.S. Application no. 12/177,043, entitled “METHODS AND SYSTEMS TO FINGERPRINT TEXTUAL INFORMATION USING WORD RUNS,” filed July 21 , 2008, and U.S. Application no. 12/209,082, entitled “METHODS AND SYSTEMS FOR PROTECT AGENTS USING DISTRIBUTED LIGHTWEIGHT FINGERPRINTS,” filed September 11 , 2008, both of which are incorporated by reference in their entireties herein.
  • the fingerprinting technology described in the above applications uses various techniques to protect the large corpus an organization's confidential information.
  • the fingerprinting technology detects sentences, or even paragraphs, in original or derivative forms, and prevents such textual information from being disclosed.
  • fingerprinting technology may not be an effective tool for protection of "exact data words.”
  • An "exact data word,” as described herein, refers to any combination of characters (e.g., alphabets, numbers, symbols, etc.) that form a structured word.
  • exact data words may exist, for example, in the form of patient IDs in a hospital database, social-security numbers, or employees' date-of-birth information, phone numbers, etc.
  • such exact data words have a well-structured format or pattern (e.g., social security numbers have a pattern that includes seven numerical characters and two "-" symbols separating groups of the numerical characters). These exact data words may be spread across various documents that constitute the organization's digital information (e.g., in textual data, embedded in images, etc.). When such exact data words are confidential they need to be protected from unauthorized disclosure. To achieve this, the following sections describe techniques for identifying such exact data words, and preventing the exact data words from unauthorized disclosure through any of the egress points. [0026] Returning to Fig. 1 A, the various egress points of the computer 111 are monitored to detect any activity that purports to disclose information through the egress points.
  • a software agent called the protect agent 116, is run on the computer 111 to monitor activity at the egress points (112, 113, 114, 115, 115a) associated with the computer 111. If the organization supports more than one computer system, each of these computer systems (110, 116, 117, 118) have protect agents installed on them to ensure that the activity on each of the computer systems is monitored.
  • the protect agent 116 is a set of computer instructions or a computer implemented program available on a memory location (e.g., on a magnetic tape drive, a flash memory drive, etc.) at the site of the protect agent 116.
  • the protect agent can be implemented by using programmable circuitry programmed by software and/or firmware, or by using special-purpose hardwired circuitry, or by using a combination of such embodiments.
  • the protect agents are also installed on other vulnerable egress points across the organization.
  • a vulnerable egress point includes one or more email server systems 118 connected to the network.
  • the email server 119 handles and routes the emails sent out and received by the organization.
  • the protect agent 120 installed on the email server 119 monitors the emails desired to be sent out of the organization through the email server.
  • Another example of a vulnerable egress point could be a print server 121 connected to the organization's network.
  • a protect agent 123 connected to the print server 122 monitors print jobs sent by the users to the printers connected to the network.
  • Additional examples of vulnerable egress points include network appliance systems 126.
  • a protect agent 128 is installed in each network appliance 127 to ensure that information disclosed through a particular network appliance 127 is monitored.
  • Examples of using network appliances 126 to transfer data include sharing of data over a network share medium, data transferred at the socket or TCP layer of the network, etc. It is understood that in addition to these examples, the egress points also include other porous environments through which information can be disclosed by the user beyond the secure environment of the organization.
  • a lightweight entity database (LWED) 118 is provided locally at the site at which each of the protect agents is installed (e.g., the user's desktop/laptop computer, one of the network appliances, etc.).
  • the LWED is a compressed database that includes registered entities.
  • An entity as described herein, refers to an exact data word.
  • a registration process scans the organization's digital information to extract entities (i.e., exact data words that need to be protected against unauthorized disclosure) and registers them in a database.
  • the entities registered into such a database are referred to as "registered entities.”
  • the database may be a global database (GED), or an LWED (which is, for example, a compressed version of the GED).
  • At least one redundant copy of the LWED is stored locally at the site of each protect agent 116 such that the protect agent can access or communicate with the LWED even when the protect agent is not connected to any network.
  • a protect agent 116 implemented on a user's laptop computer monitors the activity at all egress points of the user's laptop computer (e.g., 112, 113, 114, etc.) and prevents unauthorized disclosure of information from the laptop computer through the egress points, even if the laptop computer is not connected to any network (e.g., the organization's local network, the public internet, etc.).
  • the computer systems and all other systems representing egress points are centrally connected to a network 125.
  • the network includes a local network. This includes a network that is managed and maintained locally by the organization.
  • the network could also be the internet.
  • each of the egress point systems could be directly and individually connected to the internet, or could be connected to a local network or a cluster of local networks, with each of the local networks communicating with each other through the internet.
  • Other combinations of the egress point systems within the local network and the internet are possible and such combinations will be apparent to a person of skill in the art.
  • one or more entity servers are connected to the network.
  • the entity server e.g., 131
  • the entity server is coupled to the GED (that holds the uncompressed version of the registered entities).
  • each of the entity servers is connected directly to the network.
  • each of the entity servers is connected to a entity server router 130.
  • the functions of the entity server router 130 may include, for example, routing requests from a protect agent 116 to the least busy entity server, collecting performance statistics of the entity servers (131 , 132, 133, 134, 135) to determine the load on each entity server (such that a request from a protect agent can be routed to the least busy entity server, synchronization and version control of the GED at each entity server, etc.).
  • the entity servers (131 , 132, 133, 134, 135) could be located at different geographical locations (not shown in Fig. 1A) and connect to the entity server router 130 through the network.
  • the entity server router is not imperative to maintaining a distributed entity server array. Any other means known in the art through which a distributed network can be achieved can be employed in the place of the entity server router 130.
  • the entity servers e.g., 131
  • a hosted entity server is publicly accessible over the internet.
  • Some small organizations may not even have infrastructure to maintain a network and host an entity server, but may still require their secure information to be protected. In such cases, the support and manageability of the entity server can be done by even a third party provider that provides the service of a hosted entity server.
  • a provider offering a hosted registered entity service can also support multi-tenancy services, whereby the provider shares the hosted entity server's resources across different organizations. In one embodiment, this would allow GEDs for multiple organizations to reside on the same server.
  • the network 125 and entity servers 140 depicted in Fig. 1A are for illustrative purposes only, and that a network 125 or a entity server setup 140 is not essential for a protect agent 116 to perform an entity lookup. For example, the protect agent 116 may purely rely on the LWED 118 to perform the entity lookup.
  • FIG. 1B is a high-level block diagram showing an example of the architecture of an egress point (e.g., 111) or an entity server (e.g., 131).
  • the egress ping (e.g., 111) or the entity server (e.g., 131) includes one or more processors 1201 and memory 1202 coupled to an interconnect 1203.
  • the interconnect 1203 shown in Fig. 1 B is an abstraction that represents any one or more separate physical buses, point to point connections, or both, connected by appropriate bridges, adapters, or controllers.
  • the interconnect 1203, may include, for example, a system bus, a Peripheral Component Interconnect (PCI) bus or PCI-Express bus, a HyperTransport or industry standard architecture (ISA) bus, a small computer system interface (SCSI) bus, a universal serial bus (USB), MC (I2C) bus, or an Institute of Electrical and Electronics Engineers (IEEE) standard 1394 bus, also called "Firewire”.
  • PCI Peripheral Component Interconnect
  • ISA HyperTransport or industry standard architecture
  • SCSI small computer system interface
  • USB universal serial bus
  • MC I2C
  • IEEE Institute of Electrical and Electronics Engineers
  • the processor(s) 1201 is/are the central processing unit (CPU) of egress point (e.g., 111 ) or the entity server (e.g., 131 ) and, thus, control the overall operation of the egress point (e.g., 111 ) or the entity server (e.g., 131 ). In certain embodiments, the processor(s) 1201 accomplish this by executing software or firmware stored in memory 1202.
  • CPU central processing unit
  • the processor(s) 1201 may be, or may include, one or more programmable general-purpose or special-purpose microprocessors, digital signal processors (DSPs), programmable controllers, application specific integrated circuits (ASICs), programmable logic devices (PLDs), trusted platform modules (TPMs), or the like, or a combination of such devices.
  • DSPs digital signal processors
  • ASICs application specific integrated circuits
  • PLDs programmable logic devices
  • TPMs trusted platform modules
  • the memory 1202 is or includes the main memory of the egress point (e.g., 111 ) or the entity server (e.g., 131).
  • the memory 1202 represents any form of random access memory (RAM), read-only memory (ROM), flash memory, or the like, or a combination of such devices.
  • the memory 1202 may contain, among other things, code 1207 embodying the the protect agent 116.
  • the 1203 are a network adapter 1204 and a storage adapter 1205.
  • the network adapter 1204 provides the egress point (e.g., 111) or the entity server (e.g., 131) with the ability to communicate with remote devices over the interconnect 1203 and may be, for example, an Ethernet adapter or Fiber Channel adapter.
  • Figure 2 is a flow diagram depicting a process 200 for registering the entities for the digital information maintained by an organization.
  • the process 200 receives digital information (e.g., textual information, image information, etc.).
  • the process 200 then parses the received information to identify any potential entities (i.e., candidate entities).
  • image conversion techniques e.g., optical character recognition, etc. may be used to retrieve the text information from such data.
  • the process 200 may use one of several techniques (e.g., pattern recognition, regular expression matching, etc.) to identify the entities. These techniques are described in detail with reference to Fig. 4 below.
  • the candidate entities are optionally normalized to a canonical format. This can be done by converting the candidate entities into one of several raw text formats (e.g., UTF-16 format). By doing this, the protect agent (at a later inspection stage) will be impervious to differences in character encodings, data formats, case folding, etc. in the candidate entities identified during the inspection stage.
  • the process 200 then proceeds to register the candidate entities within the LWED and/or the GED.
  • the process 200 registers the candidate entities into the LWED. Since the LWED is stored at each egress point, the overall size of the database is controlled using one or more techniques.
  • the candidate entities are converted to hash values before being registered into the LWED.
  • One example of generating a value hash is to compute a hash based function over every character of a word and generating an integer value corresponding to that word.
  • the candidate entities are compressed by storing them in a data structure that supports membership query while introducing a small probability of false positives in the membership query.
  • An example of such a data structure is a Bloom filter, where a large bit vector and multiple hash functions are used to determine whether a candidate entity being inspected may potentially be present in the LWED.
  • the Bloom filter is implemented using a sequence of software instructions as indicated by an algorithm, and such software is physically stored at a physical memory location at the site of the protect agent.
  • the implementation of the Bloom filter itself is widely known in the art and a person of ordinary skill in the art would be able to reproduce the functions of a Bloom filter to generate the LWED as indicated in this embodiment.
  • the process 200 also optionally includes the generation of a GED which may be stored, for example, in a remote server (e.g., 131 of Fig. 1A).
  • the process 200 stores the candidate entities within the GED.
  • the process 200 may convert the candidate entities to hash values before registering the candidate entities.
  • the process 200 may also incorporate metadata information along with the candidate entities while registering the candidate entities. Such metadata information is valuable for auditing and self- remediation purposes. Examples of the uses of metadata information include, for example, identifying the source document associated with the candidate entity, categorizing the entities according to entity type (e.g., patient ID numbers, social security numbers, etc.), associating the entity with a particular risk level, etc.
  • entity type e.g., patient ID numbers, social security numbers, etc.
  • Figure 3A is a block diagram illustrating an exemplary architecture of an egress point 110 configured to operate a protect agent 116 to inspect data being disclosed through the egress point 110.
  • the protect agent 116 includes a receiving module 302, candidate ID module 304, comparison module 306, a communication module 308, and a security action module 310.
  • the protect agent 116 can be implemented by using programmable circuitry programmed by software and/or firmware, or by using special-purpose hardwired circuitry, or by using a combination of such embodiments.
  • the protect agent 116 is implemented as a unit in the processor 1201 of the egress point 110.
  • the receiving module 302 is configured to receive the data a user desires to disclose through the egress point 110.
  • This data includes, for example, digital text information.
  • the candidate ID module 304 of the protect agent 116 receives the digital information, and identifies candidate entities from the digital information. Detailed information on identifying candidate entities is provided with reference to Figure 4 below.
  • the candidate entities may be every word identified in the digital information, or may be words that match a particular format (as, for example, identified by a regular expression matcher).
  • the candidate ID module 304 may optionally convert the candidate entities to a canonical format, to ensure that the candidate entities are impervious to digital format, character encoding, case-folding, etc.
  • the candidate ID module 304 may also optionally convert the candidate entities to equivalent hash values (e.g., with the same hashing algorithm used during the registration of the organization's candidate entities).
  • the candidate ID module 304 may optionally detect and record an entity type (e.g., social security number type, patient ID type, etc.) of the candidate entity based on the format of the candidate entity [0049]
  • the comparison module 306 receives the candidate entities from the candidate ID module 304 and compares the candidate entities with registered entities stored in an entity database.
  • the entity database is the LWED stored locally at the site of the egress point 110.
  • the comparison module 206 detects the presence of candidate entities that match any of the registered entities.
  • the comparison module 306 directly supplies the list of matching entities to the security action module 310 for further action.
  • the comparison module 306 may communicate with a remote server (containing the GED) using a communication module 308 to compare the matching entities (received from the comparison against the LWED) against the registered entities stored in the GED. In this manner, the comparison module 306 can eliminate or at least reduce any false positives that may result from the comparison against the LWED. Additionally, by sending only those candidate entities identified as matching entities to the GED, the server holding the GED has to process only a limited number of candidate entities (as opposed to processing all the candidate entities identified in a textual information). This results in reduced latency time in receiving the final matching results from the GED server.
  • the GED supplies the comparison module 306 with metadata information associated with the matching entities for further processing.
  • the comparison module 306 may directly communicate with the remote server (i.e., the GED) in lieu of comparing the candidate entities with the LWED.
  • the comparison module 306 may utilize the entity type recorded by the candidate ID module 304 to compare the candidate entity only against a subset of registered entities (instead of the entire database of registered entities) that are tagged (e.g., according to their metadata information in the GED) under a similar entity type. This comparison, according to entity type of the candidate entity, further helps in reducing latency/processing time of the comparison process.
  • the results of the comparison are provided to the security action module 310, which proceeds to initiate an appropriate security action.
  • the security action module 310 utilizes metadata retrieved from, for example, the GED, to initiate various types of security actions. Examples of such security actions include preventing the information from being transmitted out through the associated egress point, sending out a security alert to a system administrator, revoking the user's access to the particular information, alerting the user of the security violation, etc.
  • the security actions may also include integration with third party software to offer security solutions (e.g., integration with Microsoft Windows® RMS to apply rights management to the information being disclosed).
  • FIG. 3B is a flow diagram illustrating an exemplary inspection process 300 performed by the protect agent 116.
  • the process 300 receives digital information (e.g., textual data).
  • the process 300 identifies one or more candidate entities from the received textual information.
  • the process 300 may optionally record the entity type of the candidate entities, and may also convert the candidate entities to a canonical format and/or hash values. If the process 300 does not identify any candidate entities at step 314, the process 300 returns and may repeat the process of receiving textual information for inspection.
  • the process 300 looks up the candidate entities against registered entities in an entity database.
  • the entity database may be an LWED and/or the GED.
  • the process 300 determines whether the candidate entities match against one of the registered entities in the entity database. If the process 300 determines that at least one of the candidate entities matches against the registered entities, the process 300 proceeds to step 320 to perform a security action. As discussed above, the process 300 may use metadata information retrieved from the entity database to initiate appropriate security actions.
  • Figure 4 is a flow diagram illustrating various mechanisms used by the registration process (e.g., step 205 of Figure 2) and the inspection process (e.g., step 314 of Figure 3B) to identify a candidate entity.
  • the process receives textual information at step 402, and proceeds to identify candidate entities at step 404.
  • the candidate entity may be chosen according to one or more of the following identification schemes.
  • Step 406 represents identification scheme 1 , where the process employs an entity format checker to identify word- patterns or word-formats.
  • a regular expression matcher may be used to identify regular expressions (e.g., a social security number expression structured according to a particular pattern) in the received textual information.
  • the process records any entity in the textual data that satisfies the particular word-pattern or word-format targeted by the entity format checker.
  • Step 408 represents identification scheme 2, where the process employs one or more heuristic rules to exclude or skip over non-entity words.
  • the heuristic rule may define stop words that can be skipped over. Examples of stop words include words that commonly occur in the language (e.g., prepositions, etc.), common words considered non-confidential by the organization (e.g., address information, disclaimer language included by default in patient admittance forms, etc.).
  • the heuristic rule may require any words shorter than the shortest word in the entity database (or longer than the longest word in the entity database) to be excluded from consideration as a candidate entity.
  • Step 410 represents identification scheme 3, where every word (e.g., every set of characters demarcated by one or more spaces) in the received textual information is treated as a candidate entity. It is understood that a person of ordinary skill in the art may combine one or more of these identification schemes, or add other identification schemes that are readily apparent to such a person, to improve the efficiency of the candidate entity identification process.
  • Figure 5 is a flow diagram depicting an exemplary process 500 for comparison of the received candidate entities.
  • the process identifies the candidate entities that need to be compared against the registered entities in the entity database.
  • the process 500 matches the candidate entities against registered entities in an LWED located at the site of the egress point. Using this lookup, the process 500 generates a list of candidate entities that match against any of the registered entities. In some instances, the process 500 directly communicates this information to a security action module to initiate appropriate security action. In other instances, as indicated in step 506, the process 500 determines whether the egress point is connected to the network. If the egress point is not connected to the network, the process 500 proceeds to step 512, where the process 500 initiates an appropriate security action.
  • the process 500 transmits the matching candidate entities to the remote server holding the GED.
  • the GED server compares the received candidate entities against the registered entities in the GED. This allows the process 500 to eliminate or reduce the number of false positives that may have been identified by the comparison against LWED. Additionally, by sending only those candidate entities identified as matching entities to the GED, the GED server has to process only a limited number of candidate entities (as opposed to processing all the candidate entities identified in a textual information). This results in reduced latency time in receiving the final matching results from the GED server. Additionally, the GED server may also return metadata information associated with the matching candidate entities. The process 500 then proceeds to step 512 to initiate one or more security actions.
  • the process 500 may operate by matching the candidate entities exclusively against the LWED (i.e., by initiating the security action subsequent to comparison of the candidate entities against the registered entities in the LWED). In other embodiments, the process 500 may operate by matching the candidate entities exclusively against the GED (i.e., by directly comparing the candidate entities against the GED instead of the LWED).
  • the techniques introduced above can be implemented by programmable circuitry programmed or configured by software and/or firmware, or entirely by special-purpose circuitry, or in a combination of such forms.
  • special-purpose circuitry if any
  • ASICs application-specific integrated circuits
  • PLDs programmable logic devices
  • FPGAs field-programmable gate arrays
  • Software or firmware for implementing the techniques introduced here may be stored on a machine-readable storage medium and may be executed by one or more general-purpose or special-purpose programmable microprocessors.
  • a "machine-readable medium”, as the term is used herein, includes any mechanism that can store information in a form accessible by a machine (a machine may be, for example, a computer, network device, cellular phone, personal digital assistant (PDA), manufacturing tool, any device with one or more processors, etc.).
  • a machine-accessible medium includes recordable/non-recordable media (e.g., read-only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; etc.), etc.
  • logic can include, for example, special- purpose hardwired circuitry, software and/or firmware in conjunction with programmable circuitry, or a combination thereof.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

On décrit une technique destinée à empêcher efficacement la divulgation non autorisée de mots de données exacts ("entités"). Des agents de protection installés en divers points de sortie identifient des entités candidates à partir d’informations numériques qu’un utilisateur souhaite révéler. Les entités candidates sont comparées à des entités enregistrées stockées dans une base de données légère d’entités (lightweight entity database, LWED). Si une entité candidate correspond à une entité enregistrée de la LWED, l’agent de protection lance une action de sécurité. En variante, l’agent de protection envoie l’entité candidate correspondante à un serveur de base de données globale d’entités (global entity database, GED) afin de recevoir une confirmation supplémentaire de la correspondance de l’entité candidate avec une entité enregistrée. Dans certains cas, l’agent de protection reçoit également (du serveur de GED) des informations de métadonnées associées à l’entité candidate correspondante. L’agent de protection utilise les informations de métadonnées pour lancer des actions de sécurité appropriées.
PCT/US2009/065019 2008-11-18 2009-11-18 Procédés et systèmes de filtrage par correspondance exacte de données WO2010059747A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11563308P 2008-11-18 2008-11-18
US61/115,633 2008-11-18

Publications (2)

Publication Number Publication Date
WO2010059747A2 true WO2010059747A2 (fr) 2010-05-27
WO2010059747A3 WO2010059747A3 (fr) 2010-08-05

Family

ID=42198791

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2009/065019 WO2010059747A2 (fr) 2008-11-18 2009-11-18 Procédés et systèmes de filtrage par correspondance exacte de données

Country Status (2)

Country Link
US (3) US9092636B2 (fr)
WO (1) WO2010059747A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107577751A (zh) * 2017-08-30 2018-01-12 安徽天达网络科技有限公司 一种用于信息传输的文字过滤系统

Families Citing this family (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8286171B2 (en) 2008-07-21 2012-10-09 Workshare Technology, Inc. Methods and systems to fingerprint textual information using word runs
US8555080B2 (en) * 2008-09-11 2013-10-08 Workshare Technology, Inc. Methods and systems for protect agents using distributed lightweight fingerprints
WO2010059747A2 (fr) 2008-11-18 2010-05-27 Workshare Technology, Inc. Procédés et systèmes de filtrage par correspondance exacte de données
US8406456B2 (en) 2008-11-20 2013-03-26 Workshare Technology, Inc. Methods and systems for image fingerprinting
US8473847B2 (en) 2009-07-27 2013-06-25 Workshare Technology, Inc. Methods and systems for comparing presentation slide decks
US11410129B2 (en) 2010-05-01 2022-08-09 Monday.com Ltd. Digital processing systems and methods for two-way syncing with third party applications in collaborative work systems
WO2021144656A1 (fr) 2020-01-15 2021-07-22 Monday.Com Systèmes et procédés de traitement numérique pour des jauges de tables dynamiques graphiques dans des systèmes de travail collaboratifs
WO2021161104A1 (fr) 2020-02-12 2021-08-19 Monday.Com Caractéristiques d'affichage améliorées dans des systèmes de réseaux collaboratifs, procédés et dispositifs
US8478934B2 (en) * 2010-07-19 2013-07-02 Lsi Corporation Managing extended RAID caches using counting bloom filters
US10783326B2 (en) 2013-03-14 2020-09-22 Workshare, Ltd. System for tracking changes in a collaborative document editing environment
US20120136862A1 (en) 2010-11-29 2012-05-31 Workshare Technology, Inc. System and method for presenting comparisons of electronic documents
US11030163B2 (en) 2011-11-29 2021-06-08 Workshare, Ltd. System for tracking and displaying changes in a set of related electronic documents
US9369433B1 (en) 2011-03-18 2016-06-14 Zscaler, Inc. Cloud based social networking policy and compliance systems and methods
US9613340B2 (en) 2011-06-14 2017-04-04 Workshare Ltd. Method and system for shared document approval
US9948676B2 (en) 2013-07-25 2018-04-17 Workshare, Ltd. System and method for securing documents prior to transmission
US10963584B2 (en) 2011-06-08 2021-03-30 Workshare Ltd. Method and system for collaborative editing of a remotely stored document
US9170990B2 (en) 2013-03-14 2015-10-27 Workshare Limited Method and system for document retrieval with selective document comparison
US10574729B2 (en) 2011-06-08 2020-02-25 Workshare Ltd. System and method for cross platform document sharing
US10880359B2 (en) 2011-12-21 2020-12-29 Workshare, Ltd. System and method for cross platform document sharing
WO2013109330A2 (fr) 2011-10-31 2013-07-25 The Florida State University Research Foundation, Inc. Système et procédés d'analyse et de modification de mots de passe
US8448260B1 (en) * 2012-05-25 2013-05-21 Robert Hansen Electronic clipboard protection
US11567907B2 (en) 2013-03-14 2023-01-31 Workshare, Ltd. Method and system for comparing document versions encoded in a hierarchical representation
US10911492B2 (en) 2013-07-25 2021-02-02 Workshare Ltd. System and method for securing documents prior to transmission
US10133723B2 (en) 2014-12-29 2018-11-20 Workshare Ltd. System and method for determining document version geneology
US11182551B2 (en) 2014-12-29 2021-11-23 Workshare Ltd. System and method for determining document version geneology
US11763013B2 (en) 2015-08-07 2023-09-19 Workshare, Ltd. Transaction document management system and method
US11297058B2 (en) 2016-03-28 2022-04-05 Zscaler, Inc. Systems and methods using a cloud proxy for mobile device management and policy
US10257197B2 (en) * 2016-07-14 2019-04-09 Sap Se Private data access controls in mobile applications
US10708052B2 (en) * 2017-02-28 2020-07-07 Blackberry Limited Inadvertent password entry detection
US10601938B2 (en) 2017-04-12 2020-03-24 Microsoft Technology Licensing, Llc Organizationally programmable intranet push notifications
GB201708767D0 (en) * 2017-06-01 2017-07-19 Microsoft Technology Licensing Llc Managing electronic documents
US10938855B1 (en) * 2017-06-23 2021-03-02 Digi International Inc. Systems and methods for automatically and securely provisioning remote computer network infrastructure
US20190095448A1 (en) * 2017-09-22 2019-03-28 Microsoft Technology Licensing, Llc System of mobile notification delivery utilizing bloom filters
US11652776B2 (en) * 2017-09-25 2023-05-16 Microsoft Technology Licensing, Llc System of mobile notification delivery utilizing bloom filters
US11436359B2 (en) 2018-07-04 2022-09-06 Monday.com Ltd. System and method for managing permissions of users for a single data type column-oriented data structure
US11698890B2 (en) 2018-07-04 2023-07-11 Monday.com Ltd. System and method for generating a column-oriented data structure repository for columns of single data types
US11196892B2 (en) 2019-05-30 2021-12-07 Microsoft Technology Licensing, Llc Use of client compute for document processing
US11341271B2 (en) 2019-05-30 2022-05-24 Microsoft Technology Licensing, Llc Information barriers for sensitive information
EP4062313A1 (fr) 2019-11-18 2022-09-28 Monday.com Ltd. Systèmes, procédés et dispositifs de réseautage collaboratif
US20210150454A1 (en) 2019-11-18 2021-05-20 Monday.Com Digital processing systems and methods for aggregate task timers in collaborative work systems
US20240184989A1 (en) 2020-05-01 2024-06-06 Monday.com Ltd. Digital processing systems and methods for virtualfile-based electronic white board in collaborative work systems systems
US11501255B2 (en) 2020-05-01 2022-11-15 Monday.com Ltd. Digital processing systems and methods for virtual file-based electronic white board in collaborative work systems
US11277361B2 (en) 2020-05-03 2022-03-15 Monday.com Ltd. Digital processing systems and methods for variable hang-time for social layer messages in collaborative work systems
US11057464B1 (en) * 2020-06-04 2021-07-06 Citrix Systems, Inc. Synchronization of data between local and remote computing environment buffers
US12073000B2 (en) 2021-01-14 2024-08-27 Capital One Services, Llc Automated data masking with false positive detection and avoidance
US11782582B2 (en) 2021-01-14 2023-10-10 Monday.com Ltd. Digital processing systems and methods for detectable codes in presentation enabling targeted feedback in collaborative work systems
US12056664B2 (en) 2021-08-17 2024-08-06 Monday.com Ltd. Digital processing systems and methods for external events trigger automatic text-based document alterations in collaborative work systems
US12105948B2 (en) 2021-10-29 2024-10-01 Monday.com Ltd. Digital processing systems and methods for display navigation mini maps
KR20230166462A (ko) * 2022-05-31 2023-12-07 삼성에스디에스 주식회사 문서의 페이지별 잠금처리 및 공유 방법 및 시스템
US11741071B1 (en) 2022-12-28 2023-08-29 Monday.com Ltd. Digital processing systems and methods for navigating and viewing displayed content
US11886683B1 (en) 2022-12-30 2024-01-30 Monday.com Ltd Digital processing systems and methods for presenting board graphics
US11893381B1 (en) 2023-02-21 2024-02-06 Monday.com Ltd Digital processing systems and methods for reducing file bundle sizes
US12175240B1 (en) 2023-11-28 2024-12-24 Monday.com Ltd. Digital processing systems and methods for facilitating the development and implementation of applications in conjunction with a serverless environment
US12197560B1 (en) 2023-11-28 2025-01-14 Monday.com Ltd. Digital processing systems and methods for managing workflows

Family Cites Families (364)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4479195A (en) 1982-09-07 1984-10-23 At&T Bell Laboratories Data conference system
USRE35861E (en) 1986-03-12 1998-07-28 Advanced Software, Inc. Apparatus and method for comparing data groups
US5072412A (en) 1987-03-25 1991-12-10 Xerox Corporation User interface with multiple workspaces for sharing display system objects
US5220657A (en) 1987-12-02 1993-06-15 Xerox Corporation Updating local copy of shared data in a collaborative system
US5008853A (en) 1987-12-02 1991-04-16 Xerox Corporation Representation of collaborative multi-user activities relative to shared structured data objects in a networked workstation environment
US4949300A (en) 1988-01-07 1990-08-14 International Business Machines Corporation Sharing word-processing functions among multiple processors
US5245553A (en) 1989-12-14 1993-09-14 Options Unlimited Research Full-duplex video communication and document generation system
JP2793308B2 (ja) 1989-12-21 1998-09-03 株式会社日立製作所 対話システム
JP3161725B2 (ja) 1990-11-21 2001-04-25 株式会社日立製作所 ワークステーションおよび共同情報処理システム
US5293619A (en) 1991-05-30 1994-03-08 Sandia Corporation Method and apparatus for collaborative use of application program
US5671428A (en) 1991-08-28 1997-09-23 Kabushiki Kaisha Toshiba Collaborative document processing system with version and comment management
US5446842A (en) 1993-02-26 1995-08-29 Taligent, Inc. Object-oriented collaboration system
US5787444A (en) 1993-03-15 1998-07-28 International Business Machines Corp. Method and apparatus for maintaining revision contol of a set of objects within a data processing system
US5608872A (en) 1993-03-19 1997-03-04 Ncr Corporation System for allowing all remote computers to perform annotation on an image and replicating the annotated image on the respective displays of other comuters
US5544352A (en) 1993-06-14 1996-08-06 Libertech, Inc. Method and apparatus for indexing, searching and displaying data
US5689641A (en) 1993-10-01 1997-11-18 Vicor, Inc. Multimedia collaboration system arrangement for routing compressed AV signal through a participant site without decompressing the AV signal
JP2906949B2 (ja) 1993-10-27 1999-06-21 富士ゼロックス株式会社 ハイパーテキスト装置
US7113615B2 (en) 1993-11-18 2006-09-26 Digimarc Corporation Watermark embedder and reader
US6122403A (en) 1995-07-27 2000-09-19 Digimarc Corporation Computer system linked by using information in data objects
JP3287679B2 (ja) 1993-12-28 2002-06-04 キヤノン株式会社 文書処理装置及び方法
US5806078A (en) 1994-06-09 1998-09-08 Softool Corporation Version management system
US5801702A (en) 1995-03-09 1998-09-01 Terrabyte Technology System and method for adding network links in a displayed hierarchy
US5757669A (en) 1995-05-31 1998-05-26 Netscape Communications Corporation Method and apparatus for workgroup information replication
US5619649A (en) 1995-06-12 1997-04-08 Xerox Corporation Network printing system for programming a print job by selecting a job ticket identifier associated with remotely stored predefined document processing control instructions
US5699427A (en) 1995-06-23 1997-12-16 International Business Machines Corporation Method to deter document and intellectual property piracy through individualization
US5787175A (en) 1995-10-23 1998-07-28 Novell, Inc. Method and apparatus for collaborative document control
US6029175A (en) 1995-10-26 2000-02-22 Teknowledge Corporation Automatic retrieval of changed files by a network software agent
US6366933B1 (en) 1995-10-27 2002-04-02 At&T Corp. Method and apparatus for tracking and viewing changes on the web
US5727197A (en) 1995-11-01 1998-03-10 Filetek, Inc. Method and apparatus for segmenting a database
US5855020A (en) 1996-02-21 1998-12-29 Infoseek Corporation Web scan process
US5890177A (en) 1996-04-24 1999-03-30 International Business Machines Corporation Method and apparatus for consolidating edits made by multiple editors working on multiple document copies
DE69719858T2 (de) 1996-05-13 2003-12-24 Oki Electric Industry Co., Ltd. Dokumentanzeigesystem und elektronisches Wörterbuch
US5897636A (en) 1996-07-11 1999-04-27 Tandem Corporation Incorporated Distributed object computer system with hierarchical name space versioning
US6189019B1 (en) 1996-08-14 2001-02-13 Microsoft Corporation Computer system and computer-implemented process for presenting document connectivity
FR2753279B1 (fr) * 1996-09-09 1998-11-13 Smv Int Procede de traitement des impulsions delivrees par une gamma camera et gamma camera mettant en oeuvre ce procede
JPH10105550A (ja) 1996-10-02 1998-04-24 Matsushita Electric Ind Co Ltd ハイパーテキスト文書作成装置
US5832529A (en) 1996-10-11 1998-11-03 Sun Microsystems, Inc. Methods, apparatus, and product for distributed garbage collection
US6038561A (en) * 1996-10-15 2000-03-14 Manning & Napier Information Services Management and analysis of document information text
US20060129627A1 (en) 1996-11-22 2006-06-15 Mangosoft Corp. Internet-based shared file service with native PC client access and semantics and distributed version control
JP2815045B2 (ja) 1996-12-16 1998-10-27 日本電気株式会社 画像特徴抽出装置,画像特徴解析装置,および画像照合システム
US6003060A (en) 1996-12-20 1999-12-14 International Business Machines Corporation Method and apparatus to share resources while processing multiple priority data flows
CA2275574C (fr) 1996-12-20 2003-07-29 Financial Services Technology Consortium Procede et systeme de traitement de documents electroniques
US6285999B1 (en) 1997-01-10 2001-09-04 The Board Of Trustees Of The Leland Stanford Junior University Method for node ranking in a linked database
US5898836A (en) 1997-01-14 1999-04-27 Netmind Services, Inc. Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy-check(CRC) signatures
US6012087A (en) 1997-01-14 2000-01-04 Netmind Technologies, Inc. Unique-change detection of dynamic web pages using history tables of signatures
US5877766A (en) 1997-08-15 1999-03-02 International Business Machines Corporation Multi-node user interface component and method thereof for use in accessing a plurality of linked records
US6832202B1 (en) 1997-08-29 2004-12-14 Electronic Data Systems Corporation Method and system of routing requests for authorized approval
US6327611B1 (en) 1997-11-12 2001-12-04 Netscape Communications Corporation Electronic document routing system
US6067551A (en) 1997-11-14 2000-05-23 Microsoft Corporation Computer implemented method for simultaneous multi-user editing of a document
US6243091B1 (en) 1997-11-21 2001-06-05 International Business Machines Corporation Global history view
US6088702A (en) 1998-02-25 2000-07-11 Plantz; Scott H. Group publishing system
US6424966B1 (en) 1998-06-30 2002-07-23 Microsoft Corporation Synchronizing crawler with notification source
US6594662B1 (en) 1998-07-01 2003-07-15 Netshadow, Inc. Method and system for gathering information resident on global computer networks
US6275850B1 (en) 1998-07-24 2001-08-14 Siemens Information And Communication Networks, Inc. Method and system for management of message attachments
US6658626B1 (en) 1998-07-31 2003-12-02 The Regents Of The University Of California User interface for displaying document comparison information
GB2341249A (en) 1998-08-17 2000-03-08 Connected Place Limited A method of generating a difference file defining differences between an updated file and a base file
EP1116132A2 (fr) 1998-09-22 2001-07-18 Science Applications International Corporation Environnements a collaboration dynamique definis par l'utilisateur
US6145084A (en) 1998-10-08 2000-11-07 Net I Trust Adaptive communication system enabling dissimilar devices to exchange information over a network
US6918082B1 (en) 1998-12-17 2005-07-12 Jeffrey M. Gross Electronic document proofing system
US6418433B1 (en) 1999-01-28 2002-07-09 International Business Machines Corporation System and method for focussed web crawling
US6301368B1 (en) 1999-01-29 2001-10-09 International Business Machines Corporation System and method for data hiding in compressed fingerprint images
US6584466B1 (en) 1999-04-07 2003-06-24 Critical Path, Inc. Internet document management system and methods
US6317777B1 (en) 1999-04-26 2001-11-13 Intel Corporation Method for web based storage and retrieval of documents
US6212534B1 (en) 1999-05-13 2001-04-03 X-Collaboration Software Corp. System and method for facilitating collaboration in connection with generating documents among a plurality of operators using networked computer systems
US7857201B2 (en) 1999-05-25 2010-12-28 Silverbrook Research Pty Ltd Method and system for selection
US6405219B2 (en) 1999-06-22 2002-06-11 F5 Networks, Inc. Method and system for automatically updating the version of a set of files stored on content servers
US6547829B1 (en) 1999-06-30 2003-04-15 Microsoft Corporation Method and system for detecting duplicate documents in web crawls
US6356937B1 (en) 1999-07-06 2002-03-12 David Montville Interoperable full-featured web-based and client-side e-mail system
US6591289B1 (en) 1999-07-27 2003-07-08 The Standard Register Company Method of delivering formatted documents over a communications network
US6560620B1 (en) 1999-08-03 2003-05-06 Aplix Research, Inc. Hierarchical document comparison system and method
US6662212B1 (en) 1999-08-31 2003-12-09 Qualcomm Incorporated Synchronization of a virtual workspace using E-mail extensions
US20030078880A1 (en) 1999-10-08 2003-04-24 Nancy Alley Method and system for electronically signing and processing digital documents
US6449624B1 (en) 1999-10-18 2002-09-10 Fisher-Rosemount Systems, Inc. Version control and audit trail in a process control system
US6263364B1 (en) 1999-11-02 2001-07-17 Alta Vista Company Web crawler system using plurality of parallel priority level queues having distinct associated download priority levels for prioritizing document downloading and maintaining document freshness
US6351755B1 (en) 1999-11-02 2002-02-26 Alta Vista Company System and method for associating an extensible set of data with documents downloaded by a web crawler
US6377984B1 (en) 1999-11-02 2002-04-23 Alta Vista Company Web crawler system using parallel queues for queing data sets having common address and concurrently downloading data associated with data set in each queue
US6321265B1 (en) 1999-11-02 2001-11-20 Altavista Company System and method for enforcing politeness while scheduling downloads in a web crawler
US6418453B1 (en) 1999-11-03 2002-07-09 International Business Machines Corporation Network repository service for efficient web crawling
US7321864B1 (en) 1999-11-04 2008-01-22 Jpmorgan Chase Bank, N.A. System and method for providing funding approval associated with a project based on a document collection
US6614789B1 (en) 1999-12-29 2003-09-02 Nasser Yazdani Method of and apparatus for matching strings of different lengths
US6745024B1 (en) 2000-01-10 2004-06-01 Qualcomm Incorporated System and method for preparing and sending an electronic mail communication using a wireless communications device
WO2001052473A1 (fr) 2000-01-14 2001-07-19 Critical Path, Inc. Gestion sure de documents electroniques dans un environnement en reseau
US6418443B1 (en) * 2000-02-01 2002-07-09 Bmc Software Hot spot analysis of IMS databases
ATE311063T1 (de) 2000-02-08 2005-12-15 Swisscom Mobile Ag Vereinter einloggungsprozess
US7085735B1 (en) 2000-02-23 2006-08-01 Iclosings.Com, Inc. System and method for conducting the closing of a real estate sale over a computerized network
US7111060B2 (en) 2000-03-14 2006-09-19 Aep Networks, Inc. Apparatus and accompanying methods for providing, through a centralized server site, a secure, cost-effective, web-enabled, integrated virtual office environment remotely accessible through a network-connected web browser
US6643661B2 (en) 2000-04-27 2003-11-04 Brio Software, Inc. Method and apparatus for implementing search and channel features in an enterprise-wide computer system
US6556982B1 (en) 2000-04-28 2003-04-29 Bwxt Y-12, Llc Method and system for analyzing and classifying electronic information
AU2001256612A1 (en) 2000-05-16 2001-11-26 Garrett O'carroll A document processing system and method
US8145724B1 (en) 2000-05-25 2012-03-27 International Business Machines Corporation Method of, system for, and computer program product for providing a data structure for configuring connections between a local workstation file system and a remote host file system
US20020063154A1 (en) 2000-05-26 2002-05-30 Hector Hoyos Security system database management
US20020019827A1 (en) 2000-06-05 2002-02-14 Shiman Leon G. Method and apparatus for managing documents in a centralized document repository system
US6963975B1 (en) * 2000-08-11 2005-11-08 Microsoft Corporation System and method for audio fingerprinting
WO2002008940A2 (fr) 2000-07-20 2002-01-31 Johnson Rodney D Systeme d'archivage et de retrait d'information utilise par des ordinateurs relies par un interreseau
US6778986B1 (en) 2000-07-31 2004-08-17 Eliyon Technologies Corporation Computer method and apparatus for determining site type of a web site
US7086050B2 (en) 2000-08-04 2006-08-01 Mcafee, Inc. Updating computer files
US7249314B2 (en) 2000-08-21 2007-07-24 Thoughtslinger Corporation Simultaneous multi-user document editing system
JP2002176671A (ja) 2000-09-28 2002-06-21 Takashi Fujimoto 移動体電話機
US7707153B1 (en) 2000-10-06 2010-04-27 Esys Technologies, Llc Automated work-flow management and document generation system and method
US7181492B2 (en) 2000-10-17 2007-02-20 Concerto Software, Inc. Transfer of an internet chat session between servers
GB2368670A (en) 2000-11-03 2002-05-08 Envisional Software Solutions Data acquisition system
US7903822B1 (en) 2000-11-10 2011-03-08 DMT Licensing, LLC. Method and system for establishing a trusted and decentralized peer-to-peer network
US7191252B2 (en) 2000-11-13 2007-03-13 Digital Doors, Inc. Data security system and method adjunct to e-mail, browser or telecom program
US7003551B2 (en) 2000-11-30 2006-02-21 Bellsouth Intellectual Property Corp. Method and apparatus for minimizing storage of common attachment files in an e-mail communications server
US20020099602A1 (en) 2000-12-04 2002-07-25 Paul Moskowitz Method and system to provide web site schedules
US20020073188A1 (en) 2000-12-07 2002-06-13 Rawson Freeman Leigh Method and apparatus for partitioning system management information for a server farm among a plurality of leaseholds
US7356704B2 (en) 2000-12-07 2008-04-08 International Business Machines Corporation Aggregated authenticated identity apparatus for and method therefor
US6825844B2 (en) 2001-01-16 2004-11-30 Microsoft Corp System and method for optimizing a graphics intensive software program for the user's graphics hardware
US20020129062A1 (en) 2001-03-08 2002-09-12 Wood River Technologies, Inc. Apparatus and method for cataloging data
US6820081B1 (en) 2001-03-19 2004-11-16 Attenex Corporation System and method for evaluating a structured message store for message redundancy
US8660017B2 (en) 2001-03-20 2014-02-25 Verizon Business Global Llc Systems and methods for updating IP communication service attributes using an LDAP
US7047406B2 (en) 2001-03-21 2006-05-16 Qurlo Holdings, Inc. Method and system for providing a secure peer-to-peer file delivery network
US7181017B1 (en) 2001-03-23 2007-02-20 David Felsher System and method for secure three-party communications
US7107518B2 (en) 2001-04-03 2006-09-12 Microsoft Corporation Automating a document review cycle
EP1490767B1 (fr) 2001-04-05 2014-06-11 Audible Magic Corporation Detection de copyright et systeme et procede de protection
KR20010078840A (ko) 2001-04-17 2001-08-22 유성경 컴퓨터저장매체를 통한 정보유출을 감시하는 보안시스템
US7428636B1 (en) * 2001-04-26 2008-09-23 Vmware, Inc. Selective encryption system and method for I/O operations
JP2002329183A (ja) 2001-04-27 2002-11-15 Matsushita Electric Ind Co Ltd Pcカード
US6961723B2 (en) 2001-05-04 2005-11-01 Sun Microsystems, Inc. System and method for determining relevancy of query responses in a distributed network search mechanism
US6778688B2 (en) 2001-05-04 2004-08-17 International Business Machines Corporation Remote authentication of fingerprints over an insecure network
WO2002101577A1 (fr) 2001-06-07 2002-12-19 Contentguard Holdings, Inc. Procede et systeme permettant de gerer des droits numeriques d'abonnement
US7562112B2 (en) 2001-07-06 2009-07-14 Intel Corporation Method and apparatus for peer-to-peer services for efficient transfer of information between networks
US7194513B2 (en) 2001-07-08 2007-03-20 Imran Sharif System and method for using an internet appliance to send/receive digital content files as E-mail attachments
US7006673B2 (en) 2001-07-25 2006-02-28 Activcard Ireland Limited Method of hash string extraction
US20030033353A1 (en) 2001-08-08 2003-02-13 Simpson Shell S. Method for web-based imaging service to redirect to a preferred destination based on a criteria
US7212955B2 (en) 2001-08-16 2007-05-01 Hewlett-Packard Development Company, L.P. Consumer product status monitoring
US7266699B2 (en) 2001-08-30 2007-09-04 Application Security, Inc. Cryptographic infrastructure for encrypting a database
US20090030948A9 (en) 2001-08-31 2009-01-29 Lipman L K Method and apparatus for matter-centric document management
US20030061260A1 (en) 2001-09-25 2003-03-27 Timesys Corporation Resource reservation and priority management
JP2003108519A (ja) 2001-09-27 2003-04-11 Hitachi Ltd ファイル転送システム及びプログラム
US7127740B2 (en) * 2001-10-29 2006-10-24 Pitney Bowes Inc. Monitoring system for a corporate network
JP3879594B2 (ja) 2001-11-02 2007-02-14 日本電気株式会社 スイッチ方法、装置およびプログラム
US6738762B1 (en) 2001-11-26 2004-05-18 At&T Corp. Multidimensional substring selectivity estimation using set hashing of cross-counts
US6915333B2 (en) 2001-12-14 2005-07-05 International Business Machines Corporation Method of managing attached document
US7496841B2 (en) 2001-12-17 2009-02-24 Workshare Technology, Ltd. Method and system for document collaboration
US20030112273A1 (en) 2001-12-17 2003-06-19 Workshare Technology, Ltd. Document collaboration suite using a common database
AU2003201491A1 (en) 2002-01-08 2003-07-24 Sap Aktiengesellschaft Enhanced email management system
US20030131005A1 (en) 2002-01-10 2003-07-10 International Business Machines Corporation Method and apparatus for automatic pruning of search engine indices
US7194761B1 (en) 2002-01-22 2007-03-20 Cisco Technology, Inc. Methods and apparatus providing automatic client authentication
GB0202431D0 (en) 2002-02-02 2002-03-20 F Secure Oyj Method and apparatus for encrypting data
US7299504B1 (en) 2002-03-08 2007-11-20 Lucent Technologies Inc. System and method for implementing security management using a database-modeled security policy
US7260773B2 (en) 2002-03-28 2007-08-21 Uri Zernik Device system and method for determining document similarities and differences
US6971017B2 (en) 2002-04-16 2005-11-29 Xerox Corporation Ad hoc secure access to documents and services
US7274807B2 (en) 2002-05-30 2007-09-25 Activcard Ireland Limited Method and apparatus for supporting a biometric registration performed on a card
US7437664B2 (en) 2002-06-18 2008-10-14 Microsoft Corporation Comparing hierarchically-structured documents
US6946715B2 (en) 2003-02-19 2005-09-20 Micron Technology, Inc. CMOS image sensor and method of fabrication
FR2841673B1 (fr) 2002-06-26 2004-12-03 Solystic Chronomarquage d'objets postaux par signature d'image et machine de tri associee
US7733366B2 (en) 2002-07-01 2010-06-08 Microsoft Corporation Computer network-based, interactive, multimedia learning system and process
US20040031052A1 (en) 2002-08-12 2004-02-12 Liberate Technologies Information platform
US8041719B2 (en) * 2003-05-06 2011-10-18 Symantec Corporation Personal computing device-based mechanism to detect preselected data
AU2003277121A1 (en) 2002-09-30 2004-04-23 Interface Software, Inc. Managing changes in a relationship management system
JP4737914B2 (ja) 2002-10-02 2011-08-03 ケープレックス・インク 文書改訂支援プログラム及び当該支援プログラムを記録したコンピュータ読み取り可能媒体、並びに文書改訂支援装置。
US20060059196A1 (en) 2002-10-03 2006-03-16 In4S Inc. Bit string check method and device
US7818678B2 (en) 2002-10-31 2010-10-19 Litera Technology Llc Collaborative document development and review system
US20060069740A1 (en) 2002-11-14 2006-03-30 Omron Corporation Information distribution system, information acquistion device, information distribution server, information reproduction device, information reproduction method, information distribution control method, information distribution control program, and computer readable recording medium
KR100636909B1 (ko) 2002-11-14 2006-10-19 엘지전자 주식회사 확장성 표기 언어 기반의 전자문서 버전 매김 및 버전을이용한 갱신 문서 제공 방법
KR100458543B1 (ko) 2002-11-30 2004-12-03 삼성에스디에스 주식회사 그래픽방식에 의한 2d 캐드파일 비교 방법
US20040122659A1 (en) 2002-12-23 2004-06-24 Hourihane John Philip Tool and method for managing web pages in different languages
JP2004265267A (ja) 2003-03-04 2004-09-24 Sharp Corp 顔認証方法、および顔認証装置。
US7113948B2 (en) 2003-03-21 2006-09-26 Acellion Pte Ltd. Methods and systems for email attachment distribution and management
KR100390172B1 (en) 2003-03-22 2003-07-04 Knowledge Info Net Service Inc Method and system for controlling internet contents providing service using redirection method
US7188316B2 (en) 2003-03-24 2007-03-06 Microsoft Corporation System and method for viewing and editing multi-value properties
US7730175B1 (en) 2003-05-12 2010-06-01 Sourcefire, Inc. Systems and methods for identifying the services of a network
US20040261016A1 (en) 2003-06-20 2004-12-23 Miavia, Inc. System and method for associating structured and manually selected annotations with electronic document contents
US20050021980A1 (en) 2003-06-23 2005-01-27 Yoichi Kanai Access control decision system, access control enforcing system, and security policy
US7627613B1 (en) 2003-07-03 2009-12-01 Google Inc. Duplicate document detection in a web crawler system
US8042112B1 (en) 2003-07-03 2011-10-18 Google Inc. Scheduler for search engine crawler
US7171618B2 (en) 2003-07-30 2007-01-30 Xerox Corporation Multi-versioned documents and method for creation and use thereof
US20050033811A1 (en) 2003-08-07 2005-02-10 International Business Machines Corporation Collaborative email
US8458033B2 (en) 2003-08-11 2013-06-04 Dropbox, Inc. Determining the relevance of offers
GB2405293B (en) 2003-08-18 2007-04-25 Clearswift Ltd Email policy manager
US7181445B2 (en) 2003-09-05 2007-02-20 Bellsouth Intellectual Property Corporation Aggregating, retrieving, and providing access to document visuals
US20080215667A1 (en) 2003-10-09 2008-09-04 Pb&J Software, Llc Method and system for sharing storage space on a computer
US20130212707A1 (en) 2003-10-31 2013-08-15 James Donahue Document control system
US20050138540A1 (en) 2003-12-22 2005-06-23 Xerox Corporation Systems and methods for user-specific document change highlighting
US20050138350A1 (en) 2003-12-23 2005-06-23 Hariharan Ravi S. Configurable secure FTP
KR100552815B1 (ko) * 2003-12-31 2006-02-22 동부아남반도체 주식회사 반도체 소자의 듀얼 다마신 배선 형성 방법
US20050204008A1 (en) 2004-03-09 2005-09-15 Marc Shinbrood System and method for controlling the downstream preservation and destruction of electronic mail
US8572388B2 (en) 2004-03-10 2013-10-29 Elynx, Ltd. Electronic document management system
DE602005015435D1 (de) 2004-04-26 2009-08-27 Storewiz Inc Verfahren und system zur komprimierung von dateien zur speicherung und operation an komprimierten dateien
GB2413655A (en) 2004-04-30 2005-11-02 Hewlett Packard Development Co Method and system for updating hierarchical data structures
US20050268327A1 (en) 2004-05-14 2005-12-01 Secure Communications Technology, Llc Enhanced electronic mail security system and method
GB0411560D0 (en) 2004-05-24 2004-06-23 Protx Group Ltd A method of encrypting and transferring data between a sender and a receiver using a network
US7594277B2 (en) 2004-06-30 2009-09-22 Microsoft Corporation Method and system for detecting when an outgoing communication contains certain content
US7606821B2 (en) 2004-06-30 2009-10-20 Ebay Inc. Method and system for preventing fraudulent activities
US7797724B2 (en) 2004-08-31 2010-09-14 Citrix Systems, Inc. Methods and apparatus for secure online access on a client device
JP2006072752A (ja) 2004-09-02 2006-03-16 Fuji Xerox Co Ltd 電子メール通信システムおよび電子メール通信装置および方法およびプログラム
US7373586B2 (en) 2004-09-03 2008-05-13 International Business Machines Corporation Differencing and merging tree-structured documents
JP2006086637A (ja) 2004-09-14 2006-03-30 Sony Corp 情報処理装置および方法、並びにプログラム
US7454778B2 (en) * 2004-09-30 2008-11-18 Microsoft Corporation Enforcing rights management through edge email servers
JP4639734B2 (ja) 2004-09-30 2011-02-23 富士ゼロックス株式会社 スライドコンテンツ処理装置およびプログラム
US7640308B2 (en) 2004-09-30 2009-12-29 Microsoft Corporation Systems and methods for detection and removal of metadata and hidden information in files
US8396897B2 (en) 2004-11-22 2013-03-12 International Business Machines Corporation Method, system, and computer program product for threading documents using body text analysis
US7152019B2 (en) 2004-11-30 2006-12-19 Oracle International Corporation Systems and methods for sensor-based computing
US7716162B2 (en) 2004-12-30 2010-05-11 Google Inc. Classification of ambiguous geographic references
JP4827523B2 (ja) 2005-01-17 2011-11-30 キヤノン株式会社 情報処理装置、情報処理方法、ならびに制御プログラム
US7664323B2 (en) 2005-01-28 2010-02-16 Microsoft Corporation Scalable hash-based character recognition
US9734139B2 (en) 2005-02-14 2017-08-15 Cluster Seven Limited Auditing and tracking changes of data and code in spreadsheets and other documents
US8011003B2 (en) * 2005-02-14 2011-08-30 Symantec Corporation Method and apparatus for handling messages containing pre-selected data
US20060236246A1 (en) 2005-03-23 2006-10-19 Bono Charles A On-line slide kit creation and collaboration system
US20060218004A1 (en) 2005-03-23 2006-09-28 Dworkin Ross E On-line slide kit creation and collaboration system
US7526812B2 (en) 2005-03-24 2009-04-28 Xerox Corporation Systems and methods for manipulating rights management data
US7680785B2 (en) 2005-03-25 2010-03-16 Microsoft Corporation Systems and methods for inferring uniform resource locator (URL) normalization rules
US20060261112A1 (en) 2005-04-20 2006-11-23 Gates George D ATV mounting bracket and associated methods
US8051487B2 (en) * 2005-05-09 2011-11-01 Trend Micro Incorporated Cascading security architecture
US8140664B2 (en) * 2005-05-09 2012-03-20 Trend Micro Incorporated Graphical user interface based sensitive information and internal information vulnerability management system
EP1889423A1 (fr) 2005-05-16 2008-02-20 Mandalogo Ltd Systeme et procede permettant de transferer des fichiers joints de courrier electronique sur un reseau de telecommunication au moyen d'une connexion point a point
US20060271947A1 (en) 2005-05-23 2006-11-30 Lienhart Rainer W Creating fingerprints
US7570964B2 (en) 2005-05-25 2009-08-04 Oracle International Corporation Mobile e-mail confirmation support
US20060277229A1 (en) 2005-05-31 2006-12-07 Michihiro Yoshida Document management server, information terminal, document managing method, and program
WO2006137057A2 (fr) * 2005-06-21 2006-12-28 Onigma Ltd. Methode et systeme pour fournir une protection globale contre les fuites d'actifs constitues d'informations sensibles, faisant appel a des agents fondes sur des hotes, sur des metadonnees de contenu et sur des reglements fondes sur des regles
US7493561B2 (en) 2005-06-24 2009-02-17 Microsoft Corporation Storage and utilization of slide presentation slides
US7590939B2 (en) 2005-06-24 2009-09-15 Microsoft Corporation Storage and utilization of slide presentation slides
US7433869B2 (en) 2005-07-01 2008-10-07 Ebrary, Inc. Method and apparatus for document clustering and document sketching
US7724717B2 (en) 2005-07-22 2010-05-25 Sri International Method and apparatus for wireless network security
US20070027830A1 (en) 2005-07-29 2007-02-01 Microsoft Corporation Dynamic content development based on user feedback
US7756932B2 (en) 2005-07-29 2010-07-13 Research In Motion Limited System and method for processing messages being composed by a user
US8201254B1 (en) 2005-08-30 2012-06-12 Symantec Corporation Detection of e-mail threat acceleration
US7624447B1 (en) 2005-09-08 2009-11-24 Cisco Technology, Inc. Using threshold lists for worm detection
US7734925B2 (en) 2005-10-21 2010-06-08 Stewart Title Company System and method for the electronic management and execution of transaction documents
US7877790B2 (en) 2005-10-31 2011-01-25 At&T Intellectual Property I, L.P. System and method of using personal data
US7890752B2 (en) 2005-10-31 2011-02-15 Scenera Technologies, Llc Methods, systems, and computer program products for associating an originator of a network packet with the network packet using biometric information
US7970834B2 (en) 2005-11-03 2011-06-28 International Business Machines Corporation Method and program product for tracking a file attachment in an e-mail
KR100751691B1 (ko) 2005-11-08 2007-08-23 삼성에스디에스 주식회사 다수의 파워포인트 문서 편집 방법
US7650387B2 (en) 2005-11-15 2010-01-19 Cisco Technology, Inc. Method and system for managing storage on a shared storage space
US20070179967A1 (en) 2005-11-22 2007-08-02 Zhang Xiaoge G Intuitive and Dynamic File Retrieval Method and User Interface System
US7966654B2 (en) 2005-11-22 2011-06-21 Fortinet, Inc. Computerized system and method for policy-based content filtering
EP1955526B1 (fr) 2005-12-02 2010-05-05 Citrix Systems, Inc. Systemes et procedes de mise a disposition d informations d authentification au travers d environnements applicatifs
US7882119B2 (en) 2005-12-22 2011-02-01 Xerox Corporation Document alignment systems for legacy document conversions
US7958101B1 (en) 2006-01-03 2011-06-07 Emc Corporation Methods and apparatus for mounting a file system
US7895166B2 (en) 2006-01-18 2011-02-22 Echosign, Inc. Automatic document exchange with archiving capability
US20070192728A1 (en) 2006-01-26 2007-08-16 Finley William D Method for dynamic document navigation
US7818660B2 (en) 2006-01-29 2010-10-19 Litera Technology Llc Method of compound document comparison
US20100217987A1 (en) 2006-02-07 2010-08-26 Ravindra Waman Shevade Document Security Management System
US20070220068A1 (en) 2006-02-15 2007-09-20 Bruce Thompson Electronic document and business process control
US8005277B2 (en) 2006-03-03 2011-08-23 Research Foundation-State University of NY Secure fingerprint matching by hashing localized information
JP4348353B2 (ja) 2006-04-04 2009-10-21 日本電信電話株式会社 パターン認識装置,パターン認識方法及びその方法を実現したプログラムを格納した記録媒体
US7428306B2 (en) 2006-04-18 2008-09-23 International Business Machines Corporation Encryption apparatus and method for providing an encrypted file system
US20070261099A1 (en) 2006-05-02 2007-11-08 Broussard Scott J Confidential content reporting system and method with electronic mail verification functionality
US7890612B2 (en) * 2006-05-08 2011-02-15 Electro Guard Corp. Method and apparatus for regulating data flow between a communications device and a network
WO2007128131A1 (fr) 2006-05-10 2007-11-15 Margaret Atwood Système, procédé et programme informatique destinés à l'activation d'une entrée dans des transactions sur une base distante
US20080033913A1 (en) * 2006-05-26 2008-02-07 Winburn Michael L Techniques for Preventing Insider Theft of Electronic Documents
US20070294612A1 (en) 2006-06-20 2007-12-20 Microsoft Corporation Comparing and Managing Multiple Presentations
WO2007149942A2 (fr) 2006-06-20 2007-12-27 Freightdesk Technologies (Assignee) Procédé, système et appareil pour vérifier, poursuivre ou inspecter des données, des objets ou leurs modifications correspondantes
JP4816281B2 (ja) 2006-06-22 2011-11-16 富士ゼロックス株式会社 文書利用管理システム、文書管理サーバ及びそのプログラム
EP2035995B1 (fr) 2006-06-22 2018-09-26 Nokia Technologies Oy Application de contraintes géographiques dans une distribution de contenu
US7613770B2 (en) 2006-06-30 2009-11-03 Microsoft Corporation On-demand file transfers for mass P2P file sharing
CA2554991A1 (fr) 2006-07-28 2008-01-28 Ibm Canada Limited - Ibm Canada Limitee Systeme et methode de distribution des pieces jointes des courriers electroniques
US7853566B2 (en) 2006-08-04 2010-12-14 Apple Inc. Navigation of electronic backups
US8527751B2 (en) 2006-08-24 2013-09-03 Privacydatasystems, Llc Systems and methods for secure and certified electronic messaging
US7895209B2 (en) 2006-09-11 2011-02-22 Microsoft Corporation Presentation of information based on current activity
KR100882349B1 (ko) 2006-09-29 2009-02-12 한국전자통신연구원 기밀문서 유출 방지 방법 및 장치
US7788235B1 (en) * 2006-09-29 2010-08-31 Symantec Corporation Extrusion detection using taint analysis
US8181036B1 (en) * 2006-09-29 2012-05-15 Symantec Corporation Extrusion detection of obfuscated content
US8121875B2 (en) 2006-09-29 2012-02-21 Morgan Stanley Comparing taxonomies
FR2906668A1 (fr) 2006-10-02 2008-04-04 Alcatel Sa Marqueur pour systemes de communication composes d'une pluralite de serveurs sip.
JP2008097517A (ja) 2006-10-16 2008-04-24 Matsushita Electric Ind Co Ltd 文書管理システム
US20080091465A1 (en) 2006-10-17 2008-04-17 Siemens Medical Solutions Usa, Inc. Customizable System for Monitoring Record Completion for Healthcare and Other Uses
US7796309B2 (en) 2006-11-14 2010-09-14 Microsoft Corporation Integrating analog markups with electronic documents
US20080162527A1 (en) 2006-12-29 2008-07-03 Ceelox Inc. System and method for secure and/or interactive dissemination of information
US20080177782A1 (en) 2007-01-10 2008-07-24 Pado Metaware Ab Method and system for facilitating the production of documents
EP2122900A4 (fr) 2007-01-22 2014-07-23 Spyrus Inc Dispositif de chiffrement de données portable avec fonctionnalité de sécurité configurable et procédé de chiffrement de fichier
US8839100B1 (en) 2007-01-26 2014-09-16 The Mathworks, Inc. Updating information related to data set changes
US20100287246A1 (en) 2007-02-14 2010-11-11 Thomas Klos System for processing electronic mail messages with specially encoded addresses
US20080209001A1 (en) 2007-02-28 2008-08-28 Kenneth James Boyle Media approval method and apparatus
US20080219495A1 (en) 2007-03-09 2008-09-11 Microsoft Corporation Image Comparison
JP2008243066A (ja) 2007-03-28 2008-10-09 Canon Inc 情報処理装置及びその制御方法
US7917493B2 (en) 2007-04-19 2011-03-29 Retrevo Inc. Indexing and searching product identifiers
US7844116B2 (en) 2007-04-30 2010-11-30 Xerox Corporation Method for identifying images after cropping
US7899666B2 (en) 2007-05-04 2011-03-01 Expert System S.P.A. Method and system for automatically extracting relations between concepts included in text
US8185592B2 (en) 2007-05-17 2012-05-22 International Business Machines Corporation Method and program product for preventing distribution of an e-mail message
US8265382B2 (en) 2007-05-29 2012-09-11 Livescribe, Inc. Electronic annotation of documents with preexisting content
US8037004B2 (en) 2007-06-11 2011-10-11 Oracle International Corporation Computer-implemented methods and systems for identifying and reporting deviations from standards and policies for contracts, agreements and other business documents
CA2693743C (fr) 2007-07-17 2016-10-04 Chris Alexander Peirson Systemes et procedes pour obtenir et gerer des signatures electroniques pour des documents de transaction de biens immobiliers
KR100945489B1 (ko) 2007-08-02 2010-03-09 삼성전자주식회사 터치 스크린을 이용한 보안 작업 방법 및 터치 스크린을 가지는 사무기기
US20090049132A1 (en) 2007-08-15 2009-02-19 Moshe Livne Gutovski Device, system, and method of routing electronic mail
US20090064326A1 (en) 2007-09-05 2009-03-05 Gtb Technologies Method and a system for advanced content security in computer networks
US20090083073A1 (en) 2007-09-26 2009-03-26 Jayesh Mehta Home Healthcare Documentation Clearing House
CN201122265Y (zh) 2007-11-20 2008-09-24 鸿富锦精密工业(深圳)有限公司 电脑机箱
US8233723B2 (en) 2007-12-06 2012-07-31 Ebay Inc. Image categorization based on comparisons between images
US8312023B2 (en) 2007-12-21 2012-11-13 Georgetown University Automated forensic document signatures
JP4645644B2 (ja) 2007-12-25 2011-03-09 富士ゼロックス株式会社 セキュリティポリシー管理装置、セキュリティポリシー管理システム及びセキュリティポリシー管理プログラム
US9584343B2 (en) 2008-01-03 2017-02-28 Yahoo! Inc. Presentation of organized personal and public data using communication mediums
US8276200B2 (en) * 2008-01-09 2012-09-25 International Business Machines Corporation Systems and methods for securely processing sensitive streams in a mixed infrastructure
US8316442B2 (en) * 2008-01-15 2012-11-20 Microsoft Corporation Preventing secure data from leaving the network perimeter
US8019769B2 (en) 2008-01-18 2011-09-13 Litera Corp. System and method for determining valid citation patterns in electronic documents
US8117225B1 (en) 2008-01-18 2012-02-14 Boadin Technology, LLC Drill-down system, method, and computer program product for focusing a search
US20090216843A1 (en) 2008-02-26 2009-08-27 Willner Barry E System and method for collaborative email review
US20090234863A1 (en) 2008-03-12 2009-09-17 Jeremy Evans Method and apparatus for predictive downloading of attachments
US8407784B2 (en) 2008-03-19 2013-03-26 Websense, Inc. Method and system for protection against information stealing software
US8539229B2 (en) 2008-04-28 2013-09-17 Novell, Inc. Techniques for secure data management in a distributed environment
US8196030B1 (en) 2008-06-02 2012-06-05 Pricewaterhousecoopers Llp System and method for comparing and reviewing documents
EP2144406B1 (fr) 2008-07-09 2012-11-21 Research In Motion Limited Distribution de messages de courrier électronique avec pièces jointes répétitives
US9104682B2 (en) 2008-07-15 2015-08-11 International Business Machines Corporation Method and apparatus to elegantly and automatically track emails and its attachments for enhanced user convenience
US8286171B2 (en) 2008-07-21 2012-10-09 Workshare Technology, Inc. Methods and systems to fingerprint textual information using word runs
US9342621B1 (en) * 2008-08-04 2016-05-17 Zscaler, Inc. Phrase matching
US8843566B2 (en) * 2008-08-20 2014-09-23 First Data Corporation Securing outbound mail
US8646105B2 (en) 2008-08-29 2014-02-04 Blackberry Limited System, method and security device for authorizing use of a software tool
US20100064004A1 (en) 2008-09-10 2010-03-11 International Business Machines Corporation Synchronizing documents by designating a local server
US8620872B1 (en) * 2008-09-10 2013-12-31 Amazon Technologies, Inc. System for comparing content
US8555080B2 (en) 2008-09-11 2013-10-08 Workshare Technology, Inc. Methods and systems for protect agents using distributed lightweight fingerprints
US8301994B1 (en) 2008-09-12 2012-10-30 Adobe Systems Incorporated Synchronizing multiple hierarchal data structures
US8307010B2 (en) 2008-09-26 2012-11-06 Microsoft Corporation Data feature tracking through hierarchical node sets
US9928242B2 (en) 2008-11-05 2018-03-27 Oracle International Corporation Managing the content of shared slide presentations
WO2010059747A2 (fr) 2008-11-18 2010-05-27 Workshare Technology, Inc. Procédés et systèmes de filtrage par correspondance exacte de données
US8406456B2 (en) 2008-11-20 2013-03-26 Workshare Technology, Inc. Methods and systems for image fingerprinting
US7877451B2 (en) 2008-11-26 2011-01-25 International Business Machines Corporation System, method and program product for distribution of content contained in an electronic mail message
US8392513B2 (en) 2009-01-05 2013-03-05 International Business Machines Corporation Reducing email size by using a local archive of email components
US10685177B2 (en) 2009-01-07 2020-06-16 Litera Corporation System and method for comparing digital data in spreadsheets or database tables
US8978091B2 (en) 2009-01-20 2015-03-10 Microsoft Technology Licensing, Llc Protecting content from third party using client-side security protection
US9384295B2 (en) 2009-01-22 2016-07-05 Adobe Systems Incorporated Method and apparatus for viewing collaborative documents
WO2010093288A1 (fr) 2009-02-13 2010-08-19 Visiarc Ab Procédé de prise en charge de messages électroniques et de pièces jointes dans un système de communication mobile
US8136031B2 (en) 2009-03-17 2012-03-13 Litera Technologies, LLC Comparing the content of tables containing merged or split cells
US8769055B2 (en) 2009-04-24 2014-07-01 Microsoft Corporation Distributed backup and versioning
US8473847B2 (en) 2009-07-27 2013-06-25 Workshare Technology, Inc. Methods and systems for comparing presentation slide decks
CN101989335A (zh) 2009-07-31 2011-03-23 国际商业机器公司 电子邮件附件的处理方法和系统
US20110035655A1 (en) 2009-08-04 2011-02-10 Sap Ag Generating Forms Using One or More Transformation Rules
US8327434B2 (en) 2009-08-14 2012-12-04 Novell, Inc. System and method for implementing a proxy authentication server to provide authentication for resources not located behind the proxy authentication server
US8286085B1 (en) 2009-10-04 2012-10-09 Jason Adam Denise Attachment suggestion technology
FR2951560B1 (fr) 2009-10-19 2011-11-18 Alcatel Lucent Procede de gestion des pieces jointes a un courriel dans une application de courrier electronique
US8832205B2 (en) 2009-11-02 2014-09-09 Lextine Software, Llc System and method for extracting calendar events from free-form email
US8732848B2 (en) 2009-11-05 2014-05-20 Kyocera Document Solutions Inc. File-distribution apparatus and recording medium having file-distribution authorization program recorded therein
KR101279442B1 (ko) 2009-11-24 2013-06-26 삼성전자주식회사 웹데브 서버가 내장된 화상형성장치에서 파일을 관리하는 방법 및 이를 수행하는 화상형성시스템
US8711419B2 (en) 2009-12-15 2014-04-29 Xerox Corporation Preserving user applied markings made to a hardcopy original document
US9514103B2 (en) 2010-02-05 2016-12-06 Palo Alto Research Center Incorporated Effective system and method for visual document comparison using localized two-dimensional visual fingerprints
US9098500B1 (en) 2010-04-08 2015-08-04 Xilinx, Inc. Revision history storage and maintenance
US8726151B2 (en) 2010-04-09 2014-05-13 Sap Ag Comparing encrypted documents having structured data
EP2558960A1 (fr) 2010-04-12 2013-02-20 Google, Inc. Collaboration en temps réel dans logiciel de traitement de texte hébergé
US8156189B2 (en) 2010-04-13 2012-04-10 Yahoo! Inc. Creating rich experiences in mail through attachments
US8826001B2 (en) 2010-04-27 2014-09-02 International Business Machines Corporation Securing information within a cloud computing environment
US8745091B2 (en) 2010-05-18 2014-06-03 Integro, Inc. Electronic document classification
US8868506B1 (en) 2010-06-17 2014-10-21 Evolphin Software, Inc. Method and apparatus for digital asset management
US8448246B2 (en) 2010-07-08 2013-05-21 Raytheon Company Protecting sensitive email
US8719239B2 (en) 2010-07-16 2014-05-06 International Business Machines Corporation Displaying changes to versioned files
EP2609537A1 (fr) 2010-08-26 2013-07-03 Verisign, Inc. Procédé et système pour la détection automatique et l'analyse de logiciels malveillants
US8838962B2 (en) 2010-09-24 2014-09-16 Bryant Christopher Lee Securing locally stored Web-based database data
WO2012053649A1 (fr) 2010-10-22 2012-04-26 富士通株式会社 Dispositif de contrôle d'accès, programme de contrôle d'accès et procédé de contrôle d'accès
US8626852B2 (en) 2010-10-29 2014-01-07 International Business Machines Corporation Email thread monitoring and automatic forwarding of related email messages
US8732181B2 (en) 2010-11-04 2014-05-20 Litera Technology Llc Systems and methods for the comparison of annotations within files
US8578487B2 (en) 2010-11-04 2013-11-05 Cylance Inc. System and method for internet security
US20120131635A1 (en) 2010-11-23 2012-05-24 Afore Solutions Inc. Method and system for securing data
US10783326B2 (en) 2013-03-14 2020-09-22 Workshare, Ltd. System for tracking changes in a collaborative document editing environment
US8776190B1 (en) 2010-11-29 2014-07-08 Amazon Technologies, Inc. Multifactor authentication for programmatic interfaces
US20120136862A1 (en) 2010-11-29 2012-05-31 Workshare Technology, Inc. System and method for presenting comparisons of electronic documents
US20120173881A1 (en) 2011-01-03 2012-07-05 Patient Always First Method & Apparatus for Remote Information Capture, Storage, and Retrieval
US8442998B2 (en) 2011-01-18 2013-05-14 Apple Inc. Storage of a document using multiple representations
US8812439B2 (en) 2011-03-22 2014-08-19 Oracle International Corporation Folder structure and authorization mirroring from enterprise resource planning systems to document management systems
US8843734B2 (en) 2011-04-04 2014-09-23 Nextlabs, Inc. Protecting information using policies and encryption
US20120260188A1 (en) 2011-04-06 2012-10-11 Microsoft Corporation Potential communication recipient prediction
US8797603B1 (en) 2011-05-12 2014-08-05 Montcastle Development, LLC Method and system for document version management
US10963584B2 (en) 2011-06-08 2021-03-30 Workshare Ltd. Method and system for collaborative editing of a remotely stored document
US9507874B2 (en) 2011-06-30 2016-11-29 International Business Machines Corporation Validation of schema and schema conformance verification
US9047258B2 (en) 2011-09-01 2015-06-02 Litera Technologies, LLC Systems and methods for the comparison of selected text
US8661558B2 (en) 2011-09-20 2014-02-25 Daon Holdings Limited Methods and systems for increasing the security of electronic messages
US8732127B1 (en) 2011-12-28 2014-05-20 Emc Corporation Method and system for managing versioned structured documents in a database
US9311623B2 (en) 2012-02-09 2016-04-12 International Business Machines Corporation System to view and manipulate artifacts at a temporal reference point
US20130227397A1 (en) 2012-02-24 2013-08-29 Microsoft Corporation Forming an instrumented text source document for generating a live web page
US9385980B2 (en) 2012-09-27 2016-07-05 Dropbox, Inc. Automatic routing of electronic mail file attachments to a user directory in a file management system, by a recipient electronic mail server, based on email sender defined processing rules
US20140115436A1 (en) 2012-10-22 2014-04-24 Apple Inc. Annotation migration
US20140136497A1 (en) 2012-11-13 2014-05-15 Perforce Software, Inc. System And Method To Compare And Merge Documents
US11567907B2 (en) 2013-03-14 2023-01-31 Workshare, Ltd. Method and system for comparing document versions encoded in a hierarchical representation
US9197655B2 (en) 2013-07-16 2015-11-24 Bank Of America Corporation Steganography detection
US9544149B2 (en) 2013-12-16 2017-01-10 Adobe Systems Incorporated Automatic E-signatures in response to conditions and/or events
JP2016218967A (ja) 2015-05-26 2016-12-22 富士ゼロックス株式会社 情報処理装置及び情報処理プログラム

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107577751A (zh) * 2017-08-30 2018-01-12 安徽天达网络科技有限公司 一种用于信息传输的文字过滤系统

Also Published As

Publication number Publication date
US20150286831A1 (en) 2015-10-08
US20180196953A1 (en) 2018-07-12
US9092636B2 (en) 2015-07-28
US20100299727A1 (en) 2010-11-25
WO2010059747A3 (fr) 2010-08-05
US9959417B2 (en) 2018-05-01
US10963578B2 (en) 2021-03-30

Similar Documents

Publication Publication Date Title
US10963578B2 (en) Methods and systems for preventing transmission of sensitive data from a remote computer device
US11985170B2 (en) Endpoint data loss prevention (DLP)
JP7402183B2 (ja) 小さいフットプリントのエンドポイント・データ損失防止(dlp)
US8943603B2 (en) System and method for document policy enforcement
US10454932B2 (en) Search engine with privacy protection
US8555080B2 (en) Methods and systems for protect agents using distributed lightweight fingerprints
US8041719B2 (en) Personal computing device-based mechanism to detect preselected data
JP4625334B2 (ja) 情報処理装置、情報処理方法、情報処理プログラム及び記録媒体、並びに資源管理装置
US10354078B2 (en) Multi-focused fine-grained security framework
JP4903386B2 (ja) 事前選択されたデータに関し探索可能な情報コンテンツ
CN102882933B (zh) 一种加密云存储系统
EP4315096B1 (fr) Détection de secret sur une plateforme informatique
US12242548B2 (en) Data enrichment systems and methods for abbreviated domain name classification
JP2012182737A (ja) 秘密資料流出防止システム、判定装置、秘密資料流出防止方法およびプログラム
RU2747514C2 (ru) Система и способ категоризации приложения на вычислительном устройстве
US9141808B1 (en) Data loss prevention
Fugkeaw et al. Enabling efficient personally identifiable information detection with automatic consent discovery
RU2660643C1 (ru) Система и способ выявления вредоносного CIL-файла
US12229209B2 (en) Systems and methods for host name based network device pre-recognition and discovery
RU2739833C1 (ru) Система и способ снижения нагрузки на сервис обнаружения вредоносных приложений
US20250006310A1 (en) Data security for data sequences
RU2665915C1 (ru) Система и способ определения текста, содержащего конфиденциальные данные

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09828182

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09828182

Country of ref document: EP

Kind code of ref document: A2

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载