Patent · US Active

Data access threat detection and prevention

US11023605B1 · kind B1 · utility

0Cited by

1References

16Claims

0Family size

Assignee

EMC IP Holding Company LLC · US

Inventors

Victor Salamon · Swan Hills, CA
John Afaganis · Fort Saskatchewan, CA

Key dates

Filing date	Apr 20, 2017
Grant date	Jun 1, 2021
Priority date	—
Expiry date	Apr 20, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Data access threat detection and prevention modules are implemented proximate to data storage, e.g. in disk array controllers. The modules may be implemented in hardware or firmware. The modules monitor IOs from the disk array controllers to access managed drives. IOs exhibiting access parameters that deviate from a whitelist or match a blacklist are deemed to be suspicious. The whitelist may be created from monitoring normal, safe IOs and storing associated access patterns. In response to detection of suspicious activity the modules may halt or slow subsequent IOs, e.g. IOs to the same data, all data, an associated logical device, or the managed drive.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.