Method and system of quantifying risk

8,533,840

10/396088

March 25, 2003

The method of quantifying risk, implemented as a computerized program, quantifies the risk of releasing security sensitive words, data objects, characters or icons which may be part of data subject to analysis (target data). Security words, etc. are categorized, pre-existing data for each category is obtained and the categories (and subsumed pre-existing data) are ranked by risk. The target data is compared to the compiled pre-existing data and a risk output is generated. For unknown or undefined words, an indeterminable category is created and is ranked. The method may include inference engines, and contextual routines to add semantic equivalents and opposites to the critical list. Search engines may be employed to add to the list. A differential rank quantifier is assigned to the security words, etc. which has a different rank than the associated category. Frequency analysis, source analysis and stochastic analysis is also used. The risk output is altered.

Redlich, Ron M. (Miami Beach, FL, US); Nemzow, Martin A. (Miami Beach, FL, US)

DigitalDoors, Inc. (Miami Beach, FL, US)

1. A computerized method, operating on target data, of quantifying the risk of releasing security sensitive content in target data processed by a computer system, said security sensitive words consisting essentially of content understood by humans identifying personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, comprising: categorizing each one of said sensitive content words into one of a plurality of categories which includes the use of a semantic check for synonyms and antonyms with a thesaurus and a dictionary for categorizing each one of said sensitive content words into one of a plurality of categories; obtaining and compiling preexisting data for each category; ranking said categories by risk and assigning a risk rank quantifier to each respective category and preexisting data subsumed therein; comparing said target data to said preexisting data and generating a security risk score output representative of all rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive content; and processing said target data through a security program based upon said security risk score prior to release of said sensitive content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing word data in said computer system; and establishing an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of ranked categories; ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

2. The method as claimed in claim 1 wherein the step of comparing said target data to said preexisting data compilation occurs after establishing said indeterminable category for unknown or undefined words.

3. The method as claimed in claim 2 wherein the step of ranking includes ranking said security sensitive words.

4. The method as claimed in claim 3 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

5. The method as claimed in claim 4 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

6. The method as claimed in claim 5 wherein the step of categorizing said security sensitive words includes matching said security sensitive words, data objects, characters, images, data elements or icons with a predetermined plurality of preexisting categories.

7. The method as claimed in claim 6 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

8. The method as claimed in claim 7 including inferring additional security sensitive words from said respective ones of said plurality of categories.

9. The method as claimed in claim 8 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

10. The method as claimed in claim 9 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

11. The method as claimed in claim 10 including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

12. The method as claimed in claim 11 including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

13. The method as claimed in claim 1 including aggregating risk rank quantifiers representing said indeterminable words in said target data with said risk rank quantifiers associated with preexisting data found in said target data.

14. The method as claimed in claim 1 wherein the step of ranking includes ranking said security sensitive words.

15. The method as claimed in claim 14 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

16. The method as claimed in claim 1 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

17. The method as claimed in claim 1 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories.

18. The method as claimed in claim 17 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

19. The method as claimed in claim 1 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories.

20. The method as claimed in claim 19 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

21. The method as claimed in claim 20 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

22. The method as claimed in claim 1 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words which are different than said risk rank quantifier assigned to the subsumed category.

23. The Method as claimed in claim 1 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

24. The method as claimed in claim 1 wherein the step of comparing said target data to said preexisting data compilation occurs after establishing said indeterminable category for unknown or undefined words.

25. The computerized method as claimed in claim 24 wherein the step of ranking includes risk ranking said security sensitive words.

26. The computerized method as claimed in claim 25 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

27. The computerized method as claimed in claim 26 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

28. The computerized method as claimed in claim 27 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories.

29. The computerized method as claimed in claim 28 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

30. The computerized method as claimed in claim 29 including inferring additional security sensitive words from said respective ones of said plurality of categories.

31. The computerized method as claimed in claim 30 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

32. The computerized method as claimed in claim 31 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

33. The computerized method as claimed in claim 32 including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

34. The computerized method as claimed in claim 33 including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

35. The method as claimed in claim 1 including aggregating risk rank quantifiers representing said indeterminable words in said target data with said risk rank quantifiers associated with preexisting data found in said target data.

36. The method as claimed in claim 1 including aggregating risk rank quantifiers representing said indeterminable words in said target data with said risk rank quantifiers associated with preexisting data found in said target data.

37. A computerized method, operating on target data, of quantifying the risk of releasing security sensitive words, data objects, characters, images, data elements or icons in said target data processed by a computer system comprising:

38. The computerized method as claimed in claim 37 wherein the step of ranking includes risk ranking said security sensitive words.

39. The computerized method as claimed in claim 38 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

40. The computerized method as claimed in claim 37 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

41. The computerized method as claimed in claim 37 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories.

42. The computerized method as claimed in claim 41 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

43. The computerized method as claimed in claim 37 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories.

44. The computerized method as claimed in claim 43 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

45. The computerized method as claimed in claim 44 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

46. The computerized method as claimed in claim 37 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

47. The computerized method as claimed in claim 37 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

48. A computerized method, operating on target data, of quantifying the risk of releasing security sensitive words, said security sensitive words consisting essentially of personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, words which identify projects, tasks, tools, machines, systems and products and technical terms, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, in said target data processed by a computer system, wherein each one of said security sensitive words is categorized into one of a plurality of categories, and wherein said plurality of categories include an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of categories, the method comprising: obtaining and compiling preexisting data for each category; ranking said categories by risk and assigning a risk rank quantifier to each respective category and to preexisting data subsumed therein; comparing said target data to said preexisting data and generating risk score output representative of all rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive word content; and processing said target data through a security program based upon said security risk score prior to release of said sensitive word content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing sensitive word data in said computer system; and ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

49. The method as claimed in claim 48 wherein the step of ranking includes ranking said security sensitive words.

50. The method as claimed in claim 49 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

51. The method as claimed in claim 48 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories.

52. The method as claimed in claim 51 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

53. The method as claimed in claim 52 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

54. The method as claimed in claim 48 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words, data objects, characters, images, data elements or icons which is different than said risk rank quantifier assigned to the subsumed category.

55. The method as claimed in claim 48 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

56. The method as claimed in claim 48 wherein the step of ranking includes ranking said security sensitive words.

57. The method as claimed in claim 56 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

58. The method as claimed in claim 57 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method including inferring additional security sensitive words from said respective ones of said plurality of categories.

59. The method as claimed in claim 58 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

60. The method as claimed in claim 59 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

61. The Method as claimed in claim 60 including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

62. The method as claimed in claim 61 including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

63. A computerized method, operating on target data, of quantifying the risk of releasing security sensitive words, said security sensitive words consisting essentially of personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, words which identify projects, tasks, tools, machines, systems and products and technical terms, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, in said target data in a computer system wherein each one of said security sensitive words is categorized into one of a plurality of categories, and wherein said plurality of categories include an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of categories, the method comprising: obtaining and compiling preexisting data for each category; ranking said categories by risk and assigning a risk rank quantifier to each respective category and to preexisting data subsumed therein; comparing said target data to said preexisting data and generating risk score output representative of all rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive word content; and processing said target data through a security program based upon said security risk score prior to release of said sensitive word content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing sensitive word data in said computer system; and ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

64. The computerized method as claimed in claim 63 wherein the step of ranking includes ranking said security sensitive words.

65. The computerized method as claimed in claim 64 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

66. The computerized method as claimed in claim 63 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories.

67. The computerized method as claimed in claim 66 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

68. The computerized method as claimed in claim 67 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

69. The computerized method as claimed in claim 63 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

70. The computerized method as claimed in claim 63 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

71. The computerized method as claimed in claim 63 wherein the step of ranking includes ranking said security sensitive words.

72. The computerized method as claimed in claim 71 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

73. The computerized method as claimed in claim 72 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method including inferring additional security sensitive words from said respective ones of said plurality of categories.

74. The computerized method as claimed in claim 73 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

75. The computerized method as claimed in claim 74 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

76. The computerized method as claimed in claim 75 including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

77. The computerized method as claimed in claim 76 including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

78. A computerized method, operating on target data, of quantifying the risk of releasing security sensitive words, said security sensitive words consisting essentially of personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, words which identify projects, tasks, tools, machines, systems and products and technical terms, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, in said target data processed by a computer system deployed in a client-server computer system with at least one server computer operatively coupled to at least one client computer over a communications network comprising: categorizing each one of said security sensitive words into one of a plurality of categories on said at least one server computer; obtaining and compiling preexisting data for each category via said at least one server computer; ranking said categories by risk and assigning a risk rank quantifier to each respective category and preexisting data subsumed therein via said at least one server computer; comparing said target data to said preexisting data and generating risk score output representative of all rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive word content in an exchange between said at least one server computer and said at least one client computer; and processing said target data through a security program based upon said security risk score prior to release of said sensitive word content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing word data in said computer system; and establishing an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of ranked categories; ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

79. The computerized method as claimed in claim 78 wherein the step of comparing said target data to said preexisting data compilation occurs after establishing said indeterminable category for unknown or undefined words.

80. The computerized method as claimed in claim 78 including aggregating rank quantifiers representing said indeterminable words in said target data with said rank quantifiers associated with preexisting data found in said target data via said at least one server computer.

81. The computerized method as claimed in claim 78 wherein the step of ranking includes ranking said security sensitive words.

82. The computerized method as claimed in claim 81 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

83. The computerized method as claimed in claim 78 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

84. The computerized method as claimed in claim 78 wherein the step of categorizing said security sensitive words includes matching said security sensitive words, data objects, characters, images, data elements or icons with a predetermined plurality of preexisting categories on said at least one server computer.

85. The computerized method as claimed in claim 84 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

86. The computerized method as claimed in claim 78 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories on said at least one server computer.

87. The computerized method as claimed in claim 86 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

88. The computerized method as claimed in claim 87 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet via said at least one server computer, the step of searching used to infer said additional security sensitive words.

89. The computerized method as claimed in claim 78 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category on said at least one server computer.

90. The computerized method as claimed in claim 78 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data via said at least one server computer; and altering said risk score output based upon said analysis in said exchange between said at least one server computer and said at least one client computer.

91. A server-based computerized method, operating on target data, of quantifying the risk of releasing security sensitive words, said security sensitive words consisting essentially of personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, words which identify projects, tasks, tools, machines, systems and products and technical terms, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, in said target data processed by a computer deployed in a client-server computer system with at least one server computer operatively coupled to at least one client computer over a communications network comprising: categorizing each one of said security sensitive words into one of a plurality of categories on said at least one server computer; obtaining and compiling preexisting data for each category via said at least one server computer; ranking said categories by risk and assigning a risk rank quantifier to each respective category and preexisting data subsumed therein via said at least one server computer; comparing said target data to said preexisting data and generating risk score output, directed at said at least one client computer, representative of all rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive word content; and, processing said target data through a security program based upon said security risk score prior to release of said sensitive word content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing word data in said computer system; and establishing an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of ranked categories; ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

92. The server-based computerized method as claimed in claim 91 including: wherein ranking and assigning a respective risk rank quantifier to said indeterminable category utilizes said at least one server computer; and directing the modified risk score output to said at least one client computer.

93. The server-based computerized method as claimed in claim 92 wherein the step of comparing said target data to said preexisting data compilation occurs after establishing said indeterminable category for unknown or undefined words.

94. The server-based computerized method as claimed in claim 92 including aggregating rank quantifiers representing said indeterminable words in said target data with said rank quantifiers associated with preexisting data found in said target data via said at least one server computer.

95. The server-based computerized method as claimed in claim 91 wherein the step of ranking includes ranking said security sensitive words.

96. The server-based computerized method as claimed in claim 95 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

97. The server-based computerized method as claimed in claim 91 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

98. The server-based computerized method as claimed in claim 91 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories on said at least one server computer.

99. The server-based computerized method as claimed in claim 98 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

100. The server-based computerized method as claimed in claim 91 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories on said at least one server computer.

101. The server-based computerized method as claimed in claim 100 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

102. The server-based computerized method as claimed in claim 101 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet via said at least one server computer, the step of searching used to infer said additional security sensitive words.

103. The server-based computerized method as claimed in claim 91 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category on said at least one server computer.

104. The server-based computerized method as claimed in claim 91 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data via said at least one server computer; and altering said risk score output based upon said analysis and directing the altered risk score output to said at least one client computer.

105. A non-transitory computer readable storage medium having stored thereon and encoded with non-transitory programming instructions, operating on target data, for quantifying the risk of releasing security sensitive words, said security sensitive words consisting essentially of personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, words which identify projects, tasks, tools, machines, systems and products and technical terms, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, in said target data processed by a computer system, the programming instructions comprising: categorizing each one of said security sensitive words into one of a plurality of categories; obtaining and compiling preexisting data for each category; ranking said categories by risk and assigning a risk rank quantifier to each respective category and preexisting data subsumed therein; comparing said target data to said preexisting data and generating risk score output representative of all risk rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive word content, and, processing said target data through a security program based upon said security risk score prior to release of said sensitive word content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing word data in said computer system; and establishing an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of ranked categories; ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

106. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein the step of comparing said target data to said preexisting data compilation occurs after establishing said indeterminable category for unknown or undefined words.

107. The non-transitory computer readable medium with programming instructions as claimed in claim 106 wherein the step of ranking includes ranking said security sensitive words.

108. The non-transitory computer readable medium with programming instructions as claimed in claim 107 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

109. The non-transitory computer readable medium with programming instructions as claimed in claim 108 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

110. The non-transitory computer readable medium with programming instructions as claimed in claim 109 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories.

111. The non-transitory computer readable medium with programming instructions as claimed in claim 110 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

112. The non-transitory computer readable medium with programming instructions as claimed in claim 111 including inferring additional security sensitive words from said respective ones of said plurality of categories.

113. The non-transitory computer readable medium with programming instructions as claimed in claim 112 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

114. The non-transitory computer readable medium with programming instructions as claimed in claim 113 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

115. The non-transitory computer readable medium with programming instructions as claimed in claim 114 including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

116. The non-transitory computer readable medium with programming instructions as claimed in claim 115 including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

117. The non-transitory computer readable medium with programming instructions as claimed in claim 105 including aggregating risk rank quantifiers representing said indeterminable words in said target data with said risk rank quantifiers associated with preexisting data found in said target data.

118. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein the step of ranking includes ranking said security sensitive words.

119. The non-transitory computer readable medium with programming instructions as claimed in claim 118 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

120. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

121. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories.

122. The non-transitory computer readable medium with programming instructions as claimed in claim 121 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

123. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the computer readable medium with programming instructions includes inferring additional security sensitive words from said respective ones of said plurality of categories.

124. The non-transitory computer readable medium with programming instructions as claimed in claim 123 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

125. The non-transitory computer readable medium with programming instructions as claimed in claim 124 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

126. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the computer readable medium with programming instructions including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

127. The non-transitory computer readable medium with programming instructions as claimed in claim 105 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the computer readable medium with programming instructions including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis in said and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

128. A computerized method, operating on target data, of quantifying the risk of releasing security sensitive content represented by sensitive words, said security sensitive words not including malicious data but said security sensitive words consisting essentially of personal names, addresses, geographic terms, conceptual words and abbreviations derived from original security sensitive words, words in dictionaries and lists, personal identifying information, names associated with business entities, words which identify projects, tasks, tools, machines, systems and products and technical terms, societal groups or associations related to heritage, demographics, religion, race, ethnicity, or political beliefs, in said target data processed by a computer system, comprising: categorizing each one of said sensitive content words into one of a plurality of categories which includes the use of a semantic check for synonyms and antonyms with a thesaurus and a dictionary for categorizing each one of said sensitive content words into one of a plurality of categories; obtaining and compiling preexisting data for each category; ranking said categories by risk and assigning a risk rank quantifier to each respective category and preexisting data subsumed therein; comparing said target data to said preexisting data and generating a security risk score output representative of all rank quantifiers associated with preexisting data found in said target data to quantify the risk of releasing security sensitive content; and processing said target data through a security program based upon said security risk score prior to release of said sensitive content, the security program including at least one of extracting word data, encrypting word data or extracting and securely distributing word data in said computer system; and establishing an indeterminable category for unknown or undefined words which are not present in said preexisting data in the plurality of ranked categories; ranking and assigning a respective risk rank quantifier to said indeterminable category; modifying said risk score output with rank quantifiers representing said indeterminable words in said target data.

129. The method as claimed in claim 128 wherein the step of comparing said target data to said preexisting data compilation occurs after establishing said indeterminable category for unknown or undefined words.

130. The method as claimed in claim 128 wherein the step of ranking includes ranking said security sensitive words.

131. The method as claimed in claim 130 wherein ranking said security sensitive words occurs concurrently or prior to ranking said categories.

132. The method as claimed in claim 128 wherein said security sensitive words are subsumed in respective ones of said plurality of categories.

133. The method as claimed in claim 128 wherein the step of categorizing said security sensitive words includes matching said security sensitive words with a predetermined plurality of preexisting categories.

134. The method as claimed in claim 133 wherein each preexisting category of said predetermined plurality of preexisting categories has associated therewith preexisting data and the step of matching correlates said security sensitive words with said preexisting data in said predetermined plurality of preexisting categories.

135. The method as claimed in claim 128 wherein said security sensitive words are subsumed in respective ones of said plurality of categories and the method includes inferring additional security sensitive words from said respective ones of said plurality of categories.

136. The method as claimed in claim 135 wherein the step of inferring utilizes contextual and semantic rules to identify said additional security sensitive words.

137. The method as claimed in claim 136 including the step of searching one or more data sources from the group of data sources including the Internet, an intranet and an extranet, the step of searching used to infer said additional security sensitive words.

138. The method as claimed in claim 128 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including assigning a differential risk rank quantifier to said security sensitive words which is different than said risk rank quantifier assigned to the subsumed category.

139. The method as claimed in claim 128 wherein said security sensitive words are subsumed in respective ones of said plurality of categories, the method including: analyzing the presence of said security sensitive words in said target data, said analysis including a frequency analysis and a stochastic analysis in said target data; and altering said risk score output based upon said analysis.

726/25

5036315 July 1991 Gurley
5485474 January 1996 Rabin
5532950 July 1996 Moses
5539906 July 1996 Abraham et al.
5581682 December 1996 Anderson et al.
5748973 May 1998 Palmer et al.
5798950 August 1998 Fitzgerald
5832212 November 1998 Cragun et al.
5905980 May 1999 Masuichi et al.
5915019 June 1999 Ginter et al.
5924090 July 1999 Krellenstein
5933498 August 1999 Schneck et al.
5960080 September 1999 Fahlman
5996011 November 1999 Humes
6044375 March 2000 Shmueli
6055544 April 2000 DeRose et al.
6070140 May 2000 Tran
6073165 June 2000 Narasimhan et al.
6078907 June 2000 Lamm
6094483 July 2000 Fridrich et al.
6101515 August 2000 Wical et al.
6148342 November 2000 Ho
6192472 February 2001 Garay et al.
6253203 June 2001 O'Flaherty
6301668 October 2001 Gleichauf
6389542 May 2002 Flyntz
6487538 November 2002 Gupta
6598161 July 2003 Kluttz
6602298 August 2003 Kirshenbaum
6611846 August 2003 Stoodley
6662189 December 2003 Oyanagi
6714977 March 2004 Fowler
6771290 August 2004 Hoyle
6778703 August 2004 Zlotnick
6922696 July 2005 Lincoln et al.
6925454 August 2005 Lam et al.
6944138 September 2005 Song
7007301 February 2006 Crosbie et al.
7027055 April 2006 Anderson et al.
7031961 April 2006 Pitkow et al.
7032022 April 2006 Shanumgam et al.
7039700 May 2006 Saeidi
7054268 May 2006 Parantainen et al.
7089428 August 2006 Farley et al.
7110976 September 2006 Heimermann et al.
7113932 September 2006 Tayebnejad et al.
7136877 November 2006 Volcani et al.
7188107 March 2007 Moon et al.
7197479 March 2007 Franciscus de Heer et al.
7227950 June 2007 Faith et al.
7240016 July 2007 Sturgis et al.
7305548 December 2007 Pierce et al.
7437408 October 2008 Schwartz et al.
7526426 April 2009 Shaw
7801896 September 2010 Szabo
2002/0073313 June 2002 Brown et al.
2002/0116641 August 2002 Mastrianni
2004/0054630 March 2004 Ginter
WO 00/75779 December 2000

Developing an Automatic Hybrid Data and Text System for Downgrading Sensitive Documents, Mikhail J. Atallah, Cerias and Dep. of Computer Science, Victor Cerias, Dep. of English, Interdepartmental Program in Linguistics, and Natural Language Processing Laboratory,pub. Apr. 4, 2000, (12 pgs), mia.raskin@cerias.purdue.edu. cited by applicant
Natural Language Processing for Information Assurance and Security: An Overview and Implementations, Mikhail J. Atallah, Craig J. McDonough, Victor Raskin, Center for Education and Research in Information Assurance and Security, Pub. Sep. 2000, (15 pgs.), mja, raskin, mcdonoug@cerias.purdue.edu. cited by applicant
High View Automated Declassification System Build to Meet the Needs of Executive Order 12958, dated Apr. 17, 1995 (2 pgs.). cited by applicant
MIMEsweeper—Content Security for E-mail, Web Browsing & Webmail, Nov. 12, 2001. cited by applicant
Cisco IDS Host Sensor Product, Oct. 16, 2001. cited by applicant
Element-Wise XML Encryption, Hiroshi Maruyama and Takeshi Imamura, IBM Research, Tokyo Research Laboratory (4 pages). cited by applicant
Survival Information Storage Systems by Jay J. Wylie, Michael W. Brigrigg, John D. Strunk, Gregory R. Ganger, Han Kiloccote Pradeep K. Khosla (8 pages). cited by applicant
ZD Net Interactive Week—IBS—SSP: XML to Boost Security Integration (1 page). cited by applicant
Myers, A.C. “Mostly-Static Decentralized Information Flow Control” M.I.T. Doctoral Thesis Jan. 1999. cited by applicant
The 1996 book, Applied Cryptogaphy, by Schneier. cited by applicant
The Uniform Resource Locator article “FOLD OC”. cited by applicant
Microsoft Word “Learning Microsoft Word 7.0”. cited by applicant
Developing an Automatic Hybrid Data and Text System for Downgrading Sensitive Documents, Mikhail J. Atallah, Apr. 24, 2000. cited by applicant
Natural Language Processing for Information Assurance and Security: An Overview and Implementations, Mikhail J. Atallah, Sep. 2000. cited by applicant
HighView Automated Declassification System Build to Meet the Needs of Executive Order 12958, Oct. 28, 2002. cited by applicant
“Secure External References in Multimedia Email Messages” by B. Wiegel, German National Research Center, Mar. 14, 1996. cited by applicant
“Process of Confidential Information in Distributed Systems by Fragmentation” by J. Fabre, Computer Communications 20:177-188, 1997. cited by applicant
Canadian Patent Publication by S. Lanis, CA 2345148, Apr. 6, 2000. cited by applicant

edspgr.08533840