Patent · US Active

System and method for code-based protection of sensitive data

US11074362B2 · kind B2 · utility

6Cited by

3References

20Claims

0Family size

Assignee

ShiftLeft Inc · US

Inventors

Chetan Conikee · Santa Clara, US
Markus Lottmann · Berlin, DE
Fabian Yamaguchi · Berlin, DE
Vlad A Ionescu · Redwood City, US

Key dates

Filing date	Dec 4, 2018
Grant date	Jul 27, 2021
Priority date	—
Expiry date	Sep 18, 2039

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A system and method for monitoring and protecting sensitive data that includes identifying sensitive data and statically tracking sensitive data using data flow analysis across a code base, monitoring flow of the data during application runtime, and responding to vulnerabilities according to a sensitive data characterization of the data. Identifying sensitive data includes processing a semantic description of the data in the application code and characterizing the sensitive data. Monitoring flow of the data includes: identifying and characterizing sensitive data through data usage, updating the characterization for the sensitive data through data usage, and enforcing security measures on the data according to the sensitive data characterization of the data.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.