US2014189349A1PendingUtilityA1
Decrypting Files for Data Leakage Protection in an Enterprise Network
Est. expiryDec 28, 2032(~6.5 yrs left)· nominal 20-yr term from priority
H04L 63/1408G06F 16/1873G06F 16/182H04L 63/0428G06F 16/137G06F 16/1756G06F 21/60G06F 16/162G06F 21/606G06F 11/1458G06F 16/20H04L 63/0227G06F 21/50G06F 21/10
49
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A method of decrypting an encrypted file within an enterprise network is provided. The method includes identifying by a password collecting module a password entered during a file encryption procedure performed at a terminal and storing the password; receiving an encrypted file by a data leakage protection (DLP) module; and attempting to decrypt the encrypted file with the password by the DLP module.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method, comprising:
monitoring: an application executed at a terminal; monitoring a procedure performed with a predetermined application executed at the terminal; and identifying a password entered by users for a file encryption procedure performed with the predetermined application.
2 . The method of claim 1 , wherein the identifying further comprises identifying meta data of the password.
3 . The method of claim 1 , further comprising:
receiving an encrypted file from the terminal; and decrypting the encrypted file with the password.
4 . The method of claim 3 , wherein the decrypting is performed in a real-time manner.
5 . The method of claim 3 , wherein the receiving an encrypted file further comprises identifying meta data of the encrypted file, wherein the decrypting further comprises selecting the password by determining that meta data of the encrypted file matches at least a potion of meta data of the password.
6 . The method of claim 3 , wherein the decrypting comprises decrypting the encrypted file with multiple passwords obtained by executing the method of claim 1 two or more times.
7 . The method of claim 6 , wherein the receiving an encrypted file further comprises identifying meta data of the encrypted file, wherein the decrypting further comprises determining priority given to attempting to decrypt with each password according to meta data of the multiple passwords obtained by executing the method of claim 2 several times.
8 . The method of claim 6 , wherein the receiving an encrypted file further comprises identifying meta data of the encrypted file, wherein the decrypting further comprises determining a degree of match between meta data of the encrypted file and meta data of the multiple passwords obtained by executing the method of claim 2 several times, so as to determine priority given to a decryption performed with each password.
9 . An apparatus, comprising:
a processor; a non-transitory, computer-readable medium coupled to the processor; and logic, stored on the computer-readable medium and executed on the processor, for:
monitoring an application executed at a terminal;
monitoring a procedure performed with a predetermined application executed at the terminal; and
identifying a password entered by users for a file encryption procedure performed with the predetermined application.
10 . The apparatus of claim 9 , wherein the logic for identifying further comprises logic for identifying meta data of the password.
11 . The apparatus of claim 9 , the logic further comprising logic for:
receiving an encrypted file from the terminal; and decrypting the encrypted file with the password.
12 . The apparatus of claim 11 , wherein the decrypting is performed in a real-time manner.
13 . The apparatus of claim 11 , wherein the logic for receiving an encrypted file further comprises logic for identifying meta data of the encrypted file, wherein the logic for decrypting further comprises logic for selecting the password by determining that meta data of the encrypted file matches at least a portion of meta data of the password.
14 . The apparatus of claim 11 , wherein the logic for decrypting comprises logic for decrypting the encrypted file with multiple passwords obtained by executing the logic of claim 9 two or more times.
15 . A computer programming product, comprising:
a non-transitory, computer-readable medium; and logic, stored on the computer-readable medium for execution on a processor, for:
monitoring an application executed at a terminal;
monitoring a procedure performed with a predetermined application executed at the terminal; and
identifying a password entered by users for a file encryption procedure performed with the predetermined application.
16 . The computer programming product of claim 15 , wherein the logic for identifying further comprises logic for identifying meta data of the password.
17 . The computer programming product of claim 15 , the logic further comprising logic for:
receiving an encrypted file from the terminal; and decrypting the encrypted file with the password.
18 . The computer programming product of claim 17 , wherein the decrypting is performed in a real-time manner.
19 . The computer programming product of claim 17 , wherein the logic for receiving an encrypted file further comprises logic fur identifying meta data of the encrypted file, wherein the logic for decrypting further comprises logic for selecting the password by determining that meta data of the encrypted file matches at least a portion of meta data of the password.
20 . The computer programming product of claim 17 , wherein the logic for decrypting comprises logic for decrypting the encrypted file with multiple passwords obtained by executing the logic of claim 9 two or more times.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.