System and method for efficient fingerprinting in cloud multitenant data loss prevention
US-11190589-B1 · Nov 30, 2021 · US
Data loss prevention framework using cloud infrastructure
US11829504B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11829504-B2 |
| Application number | US-202017039138-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 30, 2020 |
| Priority date | Sep 30, 2020 |
| Publication date | Nov 28, 2023 |
| Grant date | Nov 28, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system and method for data loss prevention (DLP) is disclosed, the system and method including at least: receiving, by one or more computing devices and from one or more remote sources, one or more data streams each containing a textual data; consolidating, by the one or more computing devices, the one or more data streams into a single data stream, wherein the single data stream includes a field indicating from which of the one or more remote sources the textual data for each of the one or more data streams originates; transmitting, by the one or more computing devices, the single data stream to an analytics engine; determining, with the analytics engine, whether the textual data of each of the one or more data streams contains a sensitive data using a reference table; and based on the determining, transmitting, by the one or more computing devices, a request to the one or more remote sources to delete the textual data.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer implemented method for data loss prevention, the method comprising: (a) receiving, by one or more computing devices and from one or more remote sources, one or more data streams each containing a textual data; (b) consolidating, by the one or more computing devices, the one or more data streams into a single data stream, wherein the single data stream includes a field indicating from which of the one or more remote sources the textual data for each of the one or more data streams originates; (c) transmitting, by the one or more computing devices, the single data stream to an analytics engine; (d) determining, with the analytics engine, whether the textual data of each of the one or more data streams contains a sensitive data using a reference table, wherein the reference table is a data structure storing keywords and regular expressions custom to each of the one or more remote sources and used to match to the textual data; and (e) based on the determining in (d), transmitting, by the analytics engine and in real-time after it is determined that the one or more data streams contains the sensitive data, a request to the one or more remote sources to delete the textual data. 2. The computer implemented method of claim 1 , wherein the determining in (d) is performed by applying a filtering logic, wherein the filtering logic matches one or more keywords or one or more regular expressions to the textual data. 3. The computer implemented method of claim 2 , wherein the filtering logic is implemented with a query language. 4. The computer implemented method of claim 2 , wherein the one or more keywords and the one or more regular expressions are customizable for each of the one or more remote sources. 5. The computer implemented method of claim 1 , wherein the transmitting in (e) is performed by transmitting the request to a serverless function of a cloud computing service to delete the textual data. 6. The computer implemented method of claim 1 , further comprising: generating, by the one or more computing devices, one or more metrics based on the determining in (d); and transmitting, by the one or more computing devices, the one or more metrics for display on a display interface. 7. The computer implemented method of claim 1 , wherein (a)-(e) are implemented in a cloud computing service. 8. A non-transitory computer readable medium including instructions for a computing system for data loss prevention, the instructions comprising: (a) receiving, by one or more computing devices and from one or more remote sources, one or more data streams each containing a textual data; (b) consolidating, by the one or more computing devices, the one or more data streams into a single data stream, wherein the single data stream includes a field indicating from which of the one or more remote sources the textual data for each of the one or more data streams originates; (c) transmitting, by the one or more computing devices, the single data stream to an analytics engine; (d) determining, with the analytics engine, whether the textual data of each of the one or more data streams contains a sensitive data using a reference table, wherein the reference table is a data structure storing keywords and regular expressions custom to each of the one or more remote sources and used to match to the textual data; and (e) based on the determining in (d), transmitting, by the analytics engine and in real-time after it is determined that the one or more data streams contains the sensitive data, a request to the one or more remote sources to delete the textual data. 9. The non-transitory computer readable medium of claim 8 , wherein the determining in (d) is performed by applying a filtering logic, wherein the filtering logic matches one or more keywords or one or more regular expressions to the textual data. 10. The non-transitory computer readable medium of claim 9 , wherein the filtering logic is implemented with a query language. 11. The non-transitory computer readable medium of claim 9 , wherein the one or more keywords and the one or more regular expressions are customizable for each of the one or more remote sources. 12. The non-transitory computer readable medium of claim 8 , wherein the transmitting in (e) is performed by transmitting the request to a serverless function of a cloud computing service to delete the textual data. 13. The non-transitory computer readable medium of claim 8 , the instructions further comprising: generating, by the one or more computing devices, one or more metrics based on the determining in (d); and transmitting, by the one or more computing devices, the one or more metrics for display on a display interface. 14. The non-transitory computer readable medium of claim 8 , wherein (a)-(e) are implemented in a cloud computing service. 15. A computing system for data loss prevention comprising: a memory storing instructions; a communication unit including microelectronics, coupled to the memory and configured to process the instructions to: (a) receive, from one or more remote sources, one or more data streams each containing a textual data; and a processor, coupled to the memory and configured to process the instructions to: (b) consolidate the one or more data streams into a single data stream, wherein the single data stream includes a field indicating from which of the one or more remote sources the textual data for each of the one or more data streams originates, (c) determine whether the textual data of each of the one or more data streams contains a sensitive data using a reference table, wherein the reference table is a data structure storing keywords and regular expressions custom to each of the one or more remote sources and used to match to the textual data, (d) based on the determining in (c), generate a request to the one or more remote sources to delete the textual data; and wherein the communication unit is further configured to (e) transmit in real-time after it is determined that the one or more data streams contains the sensitive data, the request to the one or more remote sources to delete the textual data. 16. The computing system of claim 15 , wherein the processor is further configured to determine in (c) based on applying a filtering logic, wherein the filtering logic matches one or more keywords or one or more regular expressions to the textual data. 17. The computing system of claim 16 , wherein the filtering logic is implemented with a query language. 18. The computing system of claim 16 , wherein the one or more keywords and the one or more regular expressions are customizable for each of the one or more remote sources. 19. The computing system of claim 15 , wherein the communication unit is further configured to transmit the request to a serverless function of a cloud computing service to delete the textual data. 20. The computing system of claim 15 , wherein: the processor is further configured to generate one or more metrics based on the determining in (c); and the communication unit is further configured to transmit the one or more metrics for display on a display interface.
Assignees
Inventors
Classifications
- G06F21/6227Primary
where protection concerns the structure of data, e.g. records, types, queries · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
- H04L67/1097Primary
for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS] · CPC title
Protecting personal data, e.g. for financial or medical purposes · CPC title
involving long-term monitoring or reporting · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11829504B2 cover?
- A system and method for data loss prevention (DLP) is disclosed, the system and method including at least: receiving, by one or more computing devices and from one or more remote sources, one or more data streams each containing a textual data; consolidating, by the one or more computing devices, the one or more data streams into a single data stream, wherein the single data stream includes a f…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6227. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 28 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 9 related publications on this page (citations in our corpus or others sharing the same primary CPC).