Protection of sensitive data from unauthorized access

Assignee

• International Business Machines Corporation · US

Inventors

• Boas Betzler · Poughkeepsie, US
• Vinod S. Chavan · Tampa, US
• Ingo Dressler · Wiesloch, DE
• Holger Karn · Aidlingen, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/02
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method and associated computing system. Data received by a computing environment includes a mixture of non-sensitive data and sensitive data along with related metadata indicative of a sensitivity of the sensitive data. The computing system includes the computing environment. An operation is performed on the sensitive data in the computing environment by: (a) determining that the data used for the operation are sensitive data, (b) intercepting the operation on the sensitive data, and (c) registering newly created sensitive data, as a result of the operation, with metadata indicating one or more addresses of the sensitive data. An external access to the sensitive data in the computing environment is intercepted. A compliance firewall rule is applied to the sensitive data intended to leave the computing environment. The compliance firewall rule defines an action to be applied to the sensitive data such that the sensitive data are protected against unauthorized access.