Preventing secure data from leaving the network perimeter
US8316442B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jan 15, 2008 |
| Grant date | Nov 20, 2012 |
| Priority date | — |
| Expiry date | Dec 25, 2030 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Secure data is prevented from leaving the perimeter of a network such as an enterprise network or corporate network (“corpnet”) by an arrangement in which a hash of the secure data is periodically computed, and the hashes are pushed out to an edge device on the network such as a firewall where they are stored for later access. The edge device is configured so that it has access to all traffic that flows between the enterprise network and an external network, such as the Internet, that is located outside the enterprise network perimeter. Whenever a user attempts to send data to the external network, a process running on the edge device computes a hash for the outbound data and compares it against the stored hashes associated with the secure data. If a match is made between the hash for the outbound data and a stored hash for secure data, then the edge device blocks the outbound data from leaving the network perimeter.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.