-
公开(公告)号:US20140020044A1
公开(公告)日:2014-01-16
申请号:US13545854
申请日:2012-07-10
申请人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Vidyaraman Sankaranarayanan
发明人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Vidyaraman Sankaranarayanan
CPC分类号: H04L51/12 , G06F21/6209 , H04L51/063 , H04L51/34
摘要: System and methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A Data Loss Prevention (DLP) policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation of the policy.
摘要翻译: 介绍了实施和/或执行组织电子邮件系统的电子邮件策略的系统和方法。 数据丢失防护(DLP)策略可以在电子邮件系统之上实现。 在一个实施例中,DLP策略可以包括在电子邮件内测试这种敏感数据的电子邮件的模块和/或处理。 如果电子邮件包含这样的敏感数据,则DLP策略指令可以指定作为邮件处理的每个阶段的一部分应用的处理,从创作到服务器上的邮件处理和传递。 可以创建和管理单个策略,将将策略指令统一应用于消息生命周期的所有方面。 每个消息策略执行系统可以评估单个策略定义,并以与策略的上下文评估一致的方式应用策略指令。
-
公开(公告)号:US09438547B2
公开(公告)日:2016-09-06
申请号:US13545854
申请日:2012-07-10
申请人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Vidyaraman Sankaranarayanan
发明人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Vidyaraman Sankaranarayanan
CPC分类号: H04L51/12 , G06F21/6209 , H04L51/063 , H04L51/34
摘要: System and methods for the implementation and/or enforcement of an email policy for an organization's email system are presented. A Data Loss Prevention (DLP) policy may be implemented on top of the email system. In one embodiment, the DLP policy may comprise modules and/or processing that tests emails for such sensitive data within emails. If an email comprises such sensitive data, then the DLP policy directives may specify processing to be applied as part of each stage of mail processing, from authoring to mail processing on the server and delivery. A single policy may be authored and managed that will apply the policy directives uniformly across all aspects of the message lifecycle. Each of the message policy enforcement systems may evaluate the single policy definition and apply the policy directives in a manner consistent with the contextual evaluation of the policy.
摘要翻译: 介绍了实施和/或执行组织电子邮件系统的电子邮件策略的系统和方法。 数据丢失防护(DLP)策略可以在电子邮件系统之上实现。 在一个实施例中,DLP策略可以包括在电子邮件内测试这种敏感数据的电子邮件的模块和/或处理。 如果电子邮件包含这样的敏感数据,则DLP策略指令可以指定作为邮件处理的每个阶段的一部分应用的处理,从创作到服务器上的邮件处理和传递。 可以创建和管理单个策略,将将策略指令统一应用于消息生命周期的所有方面。 每个消息策略执行系统可以评估单个策略定义,并以与策略的上下文评估一致的方式应用策略指令。
-
公开(公告)号:US20070124308A1
公开(公告)日:2007-05-31
申请号:US11290961
申请日:2005-11-30
申请人: Gregory Johnson , Mashuri Libman , William Lees , William Jack
发明人: Gregory Johnson , Mashuri Libman , William Lees , William Jack
IPC分类号: G06F17/30
CPC分类号: H04L67/16 , Y10S707/99931 , Y10S707/99932 , Y10S707/99934 , Y10S707/99952
摘要: Communicating with a distributed service in the network computing environment. A method for communicating with a distributed service includes referencing a configuration registry to determine resources and permissions in a potential distributed service entry. A potential distributed service entry identifies a distributed service corresponding to the potential distributed service entry that is authorized to exist by virtue of an entry in the configuration registry for the potential distributed service entry specifying that the distributed service may exist, whether or not the distributed service corresponding to the potential distributed service entry exists. The method further includes using the resource information, attempting to contact the distributed service corresponding to the potential distributed service entry. Permissions of the distributed service corresponding to the potential distributed service entry are verified to match permissions of the potential distributed service entry.
摘要翻译: 与网络计算环境中的分布式服务通信。 与分布式服务通信的方法包括引用配置注册表以确定潜在的分布式服务条目中的资源和权限。 潜在的分布式服务条目通过凭借在配置注册表中的潜在分布式服务条目的条目来识别与被授权存在的潜在分布式服务条目相对应的分布式服务,该分配服务条目指定分布式服务可能存在,无论分布式服务 对应于潜在的分布式服务条目存在。 该方法还包括使用资源信息,试图联系对应于潜在分布式服务条目的分布式服务。 对与潜在分布式服务条目相对应的分布式服务的权限进行验证,以匹配潜在分布式服务条目的权限。
-
公开(公告)号:US20140020045A1
公开(公告)日:2014-01-16
申请号:US13545864
申请日:2012-07-10
申请人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Andrey Shur , Joseph Schulman
发明人: Jack Kabat , Lynn Ayres , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Andrey Shur , Joseph Schulman
IPC分类号: G06F21/60
CPC分类号: G06F21/60 , H04L51/063 , H04L51/12 , H04L51/34
摘要: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.
摘要翻译: 披露了用于部署和实施数据丢失预防(DLP)策略定义的系统和/或方法,该策略定义可以封装要求,控制目标和指令,和/或由监管策略直接或间接规定的敏感数据类型的定义。 在一个实施例中,DLP策略可以被组织识别以在一组电子文件系统(例如,电子邮件系统,文件系统,web服务器等等)之上运行。 组织及其管理员可以实现从DLP策略模板派生的一组DLP策略实例。 DLP策略模板可以包括结构和意义,并且可以通过用期望的参数值替换参数化表达式来获取给定的DLP策略。 在另一个实施例中,DLP策略实例的状态可以根据策略实例部署的生命周期而改变。
-
公开(公告)号:US09317696B2
公开(公告)日:2016-04-19
申请号:US13545864
申请日:2012-07-10
申请人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Andrey Shur
发明人: Lynn Ayres , Jack Kabat , Vikram Kakumani , Mashuri Libman , Benjamin Stull , Anatoly Koretsky , Andrey Shur , Joseph Schulman
CPC分类号: G06F21/60 , H04L51/063 , H04L51/12 , H04L51/34
摘要: Systems and/or methods for deploying and implementing data loss prevention (DLP) policy definition that may encapsulate the requirements, control objectives and directives, and/or the definitions of sensitive data types as stipulated directly or indirectly by the regulatory policy are disclosed. In one embodiment, DLP policies may be identified by an organization to run on top of a set of electronic file systems (e.g., email systems, file systems, web servers and the like). Organizations and their administrators may implement a set of DLP policy instance which are derived from DLP policy templates. DLP policy templates may comprise both structure and meaning—and may acquire a given DLP policy by the replacement of parameterized expressions with desired parameter values. In another embodiment, the state of the DLP policy instance may change according to the lifecycle of the policy instance deployment.
摘要翻译: 披露了用于部署和实施数据丢失预防(DLP)策略定义的系统和/或方法,该策略定义可以封装要求,控制目标和指令,和/或由监管策略直接或间接规定的敏感数据类型的定义。 在一个实施例中,DLP策略可以被组织识别以在一组电子文件系统(例如,电子邮件系统,文件系统,web服务器等等)之上运行。 组织及其管理员可以实现从DLP策略模板派生的一组DLP策略实例。 DLP策略模板可以包括结构和意义,并且可以通过用期望的参数值替换参数化表达式来获取给定的DLP策略。 在另一个实施例中,DLP策略实例的状态可以根据策略实例部署的生命周期而改变。
-
-
-
-