Remote identity interaction
US-2024380597-A1 · Nov 14, 2024 · US
Enterprise document classification
US2019318109A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2019318109-A1 |
| Application number | US-201816165274-A |
| Country | US |
| Kind code | A1 |
| Filing date | Oct 19, 2018 |
| Priority date | Apr 13, 2018 |
| Publication date | Oct 17, 2019 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A collection of documents or other files and the like within an enterprise network are labelled according to an enterprise document classification scheme, and then a recognition model such as a neural network or other machine learning model can be used to automatically label other files throughout the enterprise network. In this manner, documents and the like throughout an enterprise can be automatically identified and managed according to features such as confidentiality, sensitivity, security risk, business value, and so forth.
First claim
Opening claim text (preview).
What is claimed is: 1 . A computer program product comprising computer executable code embodied in a non-transitory computer readable medium that, when executing on one or more computing devices, performs the steps of: selecting a plurality of documents stored in an enterprise network; automatically labeling each of the plurality of documents with a category for sensitivity according to a location, an access control list, and content of each of the plurality of documents, thereby providing a labeled data set; configuring a recognition model to identify the category for a new file based on the plurality of documents in the labeled data set; locating other documents in the enterprise network different than the plurality of documents; associating a label with each of the other files based upon the category for sensitivity selected by the recognition model for each of the other files; and applying an enterprise policy for sensitivity to each of the other files based upon the category identified in the label, wherein the enterprise policy controls at least one of file access and file movement. 2 . A method comprising: selecting a plurality of files stored in an enterprise network; labeling each of the plurality of files according to a category selected from two or more predetermined categories, thereby providing a labeled data set; configuring a recognition model to identify the category from one of the two or more predetermined categories for a new file based on the plurality of files in the labeled data set; locating other files in the enterprise network different than the plurality of files; associating a label with each of the other files based upon the category selected for each of the other files from the two or more predetermined categories by the recognition model; and applying an enterprise policy to each of the other files based upon the category identified in the label. 3 . The method of claim 2 , further comprising controlling access to the other files based on at least in part on the category identified in the label. 4 . The method of claim 2 , further comprising taking action to prevent distribution of the other files based at least in part on the category identified in the label. 5 . The method of claim 2 wherein labeling each of the plurality of files includes automatically labeling each of the plurality of files based upon a file location. 6 . The method of claim 2 wherein labeling each of the plurality of files includes automatically labeling each of the plurality of files with an organizational role associated with a folder where a corresponding one of the plurality files is located. 7 . The method of claim 2 wherein labeling each of the plurality of files includes automatically labeling each of the plurality of files based upon a corresponding organizational role of one or more users associated with each of the plurality of files. 8 . The method of claim 2 wherein labeling each of the plurality of files includes automatically labeling each of the plurality of files based on permissions in a corresponding access control list. 9 . The method of claim 2 wherein labeling each of the plurality of files includes manually labeling each of the plurality of files. 10 . The method of claim 2 wherein the two or more predetermined categories identify at least one of confidentiality, sensitivity, and business value. 11 . The method of claim 2 wherein the two or more predetermined categories identify permissions for use of the plurality of files. 12 . The method of claim 2 wherein the two or more predetermined categories identify organizational roles associated with the plurality of files. 13 . The method of claim 2 wherein the plurality of files include one or more documents. 14 . The method of claim 2 wherein the plurality of files include one or more spreadsheets, word processing documents, or presentations. 15 . The method of claim 2 wherein the plurality of files include one or more executables. 16 . The method of claim 2 wherein locating other files includes locally searching for files with a local search agent on one or more endpoints within the enterprise network. 17 . The method of claim 2 wherein locating other files includes searching for files in a cloud storage facility for the enterprise network. 18 . The method of claim 2 wherein the enterprise policy controls at least one of file access and file movement. 19 . The method of claim 2 wherein the two or more predetermined categories include two or more organizational roles. 20 . The method of claim 19 wherein the enterprise policy includes one or more categories of authorized users associated with each of the two or more organizational roles. 21 . The method of claim 19 wherein the enterprise policy includes an access control list associated with each of the two or more organizational roles. 22 . The method of claim 19 wherein the enterprise policy includes one or more use restrictions associated with at least one of the one or more organizational roles. 23 . A system comprising: a training system configured to receive a user selection of a plurality of files stored in an enterprise network, to automatically label each of the plurality of files according to a category selected from two or more predetermined categories, thereby providing a labeled data set, and to train a recognition model with machine learning to identify the category for a new file based on the plurality of files in the labeled data set; a labeling system configured to locate other files in the enterprise network different than the plurality of files, and to associate a label with each of the other files based upon the category selected by the recognition model for each of the other files from the two or more predetermined categories; and a threat management facility configured to apply an enterprise policy for the enterprise network to each of the other files based on the category identified in the label.
Assignees
Inventors
Classifications
Fuzzy inferencing · CPC title
Forward inferencing; Production systems · CPC title
using electro-optical, acousto-optical or opto-electronic means · CPC title
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2019318109A1 cover?
- A collection of documents or other files and the like within an enterprise network are labelled according to an enterprise document classification scheme, and then a recognition model such as a neural network or other machine learning model can be used to automatically label other files throughout the enterprise network. In this manner, documents and the like throughout an enterprise can be aut…
- Who is the assignee on this patent?
- Sophos Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/45. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Oct 17 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).