On-demand content classification using an out-of-band communications channel for facilitating file activity monitoring and control

摘要

Communications to a server over an in-band communications channel are monitored for requests to access a file. Based on the communications, a request to access a particular file stored by the server is identified. Security and/or audit rules are identified based on the request. A determination is thereafter made that the security and/or audit rules require evaluation of classification information for contents of the requested file. Thus, a determination is made as to whether classification information for the contents of the particular file is available, such as determining whether the classification information is stored in a local classification cache. Responsive to a determination that the classification information is not available, classification information is obtained for the contents of the particular file using an out-of-band communications channel. Thereafter, processing with respect to the request to access the particular file is performed based on the obtained classification information and the one or more security and/or audit rules.

主权项

1. A computer-implemented method for on-demand classification of content using an out-of-band communications channel comprising:
monitoring communications to a server over an in-band communications channel; identifying, based on the communications, a request to access a particular file stored by the server; identifying one or more rules based on the request to access the particular file; determining that the one or more rules specify that classification information for contents of the particular file should be evaluated; determining that the classification information for the contents of the particular file is not available; obtaining classification information for the particular file from a classifying entity via an out-of-band communications channel different from the in-band communications channel; and performing processing based on the classification information for the contents of the particular file and the identified one or more rules, the processing comprising evaluating the classification information to determine whether the contents of the particular file include one or more sensitive types of data.