The assignee for this patent application is
Reporters obtained the following quote from the background information supplied by the inventors: "This disclosure relates generally to secure data scanning in a data processing system.
"Enterprises often desire to store data securely. Information technology (IT) administrators can then run tests on these data storage systems to detect the continued integrity of the secure data. Data scanning tools for this purpose are well-known in the prior art. These tools are configured to search for data strings located within files or data objects and to return scan results. These tests are designed to identify whether the secure data is in the location at which it was originally stored or whether it might have been moved (either inadvertently or maliciously) to other locations. When scanning for the presence of the secure data, known scanning and reporting techniques tend to expose the secure data to potential additional scrutiny in a manner that is undesirable. In particular, these techniques may expose both the secure data itself, as well as the location of that secure data within the enterprise's data storage system."
In addition to obtaining background information on this patent application, VerticalNews editors also obtained the inventor's summary information for this patent application: "A method of scanning secure data in a data store is performed in a manner that does not expose the scan data, the files being searched, or information about when matches occur between the scan data and the files. In one embodiment, and for each of a set of secure files, the method begins by encrypting into a data string a sample of the secure file and associated metadata. The resulting data strings are then stored in a container file. A scan of the secure data is then initiated by identifying a list of files to be searched. For each file on the list of files, an encrypted version of the file is then compared against the data strings in the container file. If the encrypted version of the file matches any data strings in the container file, information about the match is encrypted and written into a results file. As the scan iterates through the files on the list of files, an encrypted version of at least one dummy match item is inserted into the results file to disguise when matches have occurred. Upon completion of the scan, an encrypted version of the list of files also is written to the results file. The results file, which does not expose any details about the scan data or the matches, can then be used to output an indication identifying where each match occurred during the scan.
"According to another embodiment, an article comprising a tangible machine readable medium is provided and stores a program. The program is executed by a machine to perform a method of scanning secure data. According to the method, and for each file of a list of files, the program compares for a match an encrypted version of the file against a set of data strings, each of the data strings having been generated by applying a key to a sample of a secure file and associated metadata. Upon determining a match, the program encrypts information about the match and saves it to a results file. During this process, the program also inserts at random intervals into the results file an encrypted version of a dummy data item to disguise when matches have occurred.
"The foregoing has outlined some of the more pertinent features of the invention. These features should be construed to be merely illustrative. Many other beneficial results can be attained by applying the disclosed invention in a different manner or by modifying the invention as will be described.
BRIEF DESCRIPTION OF THE DRAWINGS
"For a more complete understanding of the present invention and the advantages thereof, reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
"FIG. 1 depicts an exemplary block diagram of a distributed data processing environment in which exemplary aspects of the illustrative embodiments may be implemented;
"FIG. 2 is an exemplary block diagram of a data processing system in which exemplary aspects of the illustrative embodiments may be implemented;
"FIG. 3 is a block diagram of high level components of privacy-protected data scanning mechanism in which the disclosed subject matter may be implemented;
"FIG. 4 is a process flow diagram illustrating a setup routine of the scanning mechanism;
"FIG. 5 is a process flow diagram illustrating a scan routine of the scanning mechanism;
"FIG. 6 is a process flow diagram illustrating a matching sub-routine of the scan routine; and
"FIG. 7 is a process flow diagram illustrating a report routine."
For more information, see this patent application: McCormack, Robert John. Secure Data Scanning Method and System. Filed
Keywords for this news article include: Information Technology, Information and
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- Colo. Raises $3.5 Million in Pot Revenue
- Miley Cyrus Performs in Undies After Costume Goes Missing
- HBO No Go During 'True Detective' Finale
- Neil Young Debuts PonoMusic This Week
- Uninsured Rate Continues to Fall
- FBI Helping Ukraine Recover Stolen Billions
- Kim Jong Un Elected in Remarkable Unanimous Vote
- Rodman Calls It Quits With Kim Jong Un
- Growth Expected if Congress Passes Budget
- Shipwright Jobs Offered in N.C.