Securing networks against spear phishing attacks
US-8990933-B1 · Mar 24, 2015 · US
Data processing systems for generating and populating a data inventory
US11222309B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11222309-B2 |
| Application number | US-202117222556-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 5, 2021 |
| Priority date | Jun 10, 2016 |
| Publication date | Jan 11, 2022 |
| Grant date | Jan 11, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or more data assets, etc. within the data model. In particular embodiments, a data asset (e.g., data system, software application, etc.) may include, for example, any entity that collects, processes, contains, and/or transfers personal data (e.g., such as a software application, “internet of things” computerized device, database, website, data-center, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular entity for such data collection, processing, transfer, storage, etc.
First claim
Opening claim text (preview).
What is claimed is: 1. A system comprising: computing hardware; computer memory; and a non-transitory computer-readable medium storing computer-executable instructions that, when executed by computing hardware, cause the computing hardware to perform operations comprising: generating a data model mapping one or more relationships between a plurality of data assets, the data model comprising one or more data inventories, wherein each data inventory of the one or more data inventories is associated with a respective data asset of the plurality of data assets; identifying a primary data asset from among the plurality of data assets that collects or stores personal data of one or more data subjects; generating a data inventory for the primary data asset, the data inventory storing one or more primary data asset inventory attributes comprising transfer data associated with the primary data asset; modifying the data model to include the data inventory for the primary data asset; using the transfer data associated with the primary data asset to identify an application programming interface key associated with the primary data asset; analyzing the application programming interface key associated with the primary data asset to identify a transfer data asset from among the plurality of data assets; at least partially in response to identifying the transfer data asset by analyzing the application programming interface key associated with the primary data asset: modifying the data inventory for the primary data asset to include the transfer data asset; and modifying a data inventory for the transfer data asset to include the primary data asset; digitally storing the modified data inventory for the primary data asset and the modified data inventory for the transfer data asset in computer memory; and electronically linking the primary data asset and the transfer data asset in the data model. 2. The system of claim 1 , wherein the operations further comprise: generating a visual representation of the data model, the visual representation of the data model comprising: a visual representation of the primary data asset; a visual representation of the transfer data asset; and a visual representation of a flow of data between the primary data asset and the transfer data asset. 3. The system of claim 2 , wherein: the visual representation of the primary data asset is comprised in a visual representation of a geographic location of the primary data asset; the visual representation of the transfer data asset is comprised in a visual representation of a geographic location of the transfer data asset; and the visual representation of the flow of data between the primary data asset and the transfer data asset comprises a visual representation of a flow of data between the geographic location of the primary data asset and the geographic location of the transfer data asset. 4. The system of claim 2 , wherein the visual representation of the data model further comprises a visual indication of a risk level associated with the flow of data between the primary data asset and the transfer data asset. 5. The system of claim 1 , wherein the operations further comprise: determining one or more individuals permitted to access the personal data of the one or more data subjects collected or stored by the primary data asset; and modifying the one or more primary data asset inventory attributes to include access data that identifies the one or more individuals permitted to access to the personal data of the one or more data subjects collected or stored by the primary data asset. 6. The system of claim 1 , wherein the operations further comprise: determining one or more software applications that collect the personal data of the one or more data subjects for storage in the primary data asset; and modifying the one or more primary data asset inventory attributes to include processing activity data that identifies the one or more software applications that collect the personal data of the one or more data subjects for storage in the primary data asset. 7. The system of claim 1 , wherein the one or more primary data asset inventory attributes further comprise one or more types of personal data collected or stored by the primary data asset. 8. A non-transitory computer-readable medium storing computer-executable instructions that, when executed by processing hardware, configure the processing hardware to perform operations comprising: identifying a first data asset that collect or stores personal data for one or more data subjects; generating a data inventory for the first data asset, the data inventory comprising a plurality of first data asset inventory attributes, wherein one or more of the plurality of first data asset inventory attributes are unpopulated first data asset inventory attributes; determining first data asset transfer data comprising remote system access data; analyzing the remote system access data; identifying based on analyzing the remote system access data, a remote system associated with an exchange of data between the first data asset and the remote system; identifying based at least in part on analyzing the remote system access data, a type of data that the first data asset exchanges with the remote system; populating a first attribute of the unpopulated first data asset inventory attributes with an indication of the remote system with which the first data asset exchanges data; populating a second attribute of the unpopulated first data asset inventory attributes with an indication of the type of data that the first data asset exchanges with the remote system; storing, in computer memory, the data inventory for the first data asset; linking the first data asset and the remote system; generating a visual representation of a flow of data between the first data asset and the remote system, wherein the visual representation comprises a visual indication of the first data asset, a visual indication of the remote system, and a visual indication of the flow of data between the first data asset and the remote system; presenting, on a graphical user interface, the visual representation of the flow of data between the first data asset and the remote system; and populating one or more of the unpopulated first data asset inventory attributes with information obtained from an application using an application programming interface.
Assignees
Inventors
Classifications
- G06Q10/087Primary
Inventory or stock management, e.g. order filling, procurement or balancing against orders · CPC title
Tracking the activity of the user (network monitoring arrangements H04L43/00; recording of computer activity G06F11/34) · CPC title
Protecting personal data, e.g. for financial or medical purposes · CPC title
User profiles · CPC title
- G06Q10/06Primary
Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11222309B2 cover?
- In particular embodiments, a data processing data inventory generation system is configured to: (1) generate a data model (e.g., a data inventory) for one or more data assets utilized by a particular organization; (2) generate a respective data inventory for each of the one or more data assets; and (3) map one or more relationships between one or more aspects of the data inventory, the one or m…
- Who is the assignee on this patent?
- Onetrust Llc
- What technology area does this patent fall under?
- Primary CPC classification G06Q10/087. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 11 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).