Content-based security processing using distributed scan management protocols

摘要

A method and apparatus is provided for processing acquired document data, using distributed scan management protocols, according to a security classification of the data. A scanning device through which the document data is acquired includes a distributed scan management service that implements a distributed scan device protocol and a distributed scan processing protocol. In embodiments of the invention, the distributed scan device protocol and the distributed scan processing protocol are implemented using Web services. The distributed scan management service is configured to receive information for post scan processing instructions. The scanning device also includes a scan service configured to scan a document and generate scan data based on the document scan. The scanning device further includes a security handler service that is configured to identify a security classification for the scan data, and perform one or more actions, associated with the security classification, for the scan data.

主权项

1. A scanning device comprising:
a distributed scan management service that implements a distributed scan device protocol and a distributed scan processing protocol; wherein the distributed scan management service is configured to receive information for post scan processing instructions; a scan service configured to: scan a document, and generate scan data based on the document scan; a security handler service configured to: identify a security classification, for the scan data, based, at least in part, on at least a portion of the scan data; identify two or more security rules that are applicable to the scan data based on an association of each of the two or more security rules with the security classification for the scan data; wherein at least a particular security rule, of the two or more security rules, is associated with a security violation requirement; determine that the security violation requirement, associated with the particular security rule, is satisfied by at least a portion of one or more of: the scan data, user data for a user that is associated with the scan data, or the post scan processing instructions; in response to determining that the security violation requirement associated with the particular security rule is satisfied, identify the particular security rule from the two or more security rules to apply to the scan data; and in response to identifying the particular security rule, apply the particular security rule to the scan data by performing one or more actions for the scan data; wherein the one or more actions are indicated by the particular security rule; add a job for the scan data associated with the security classification into a job queue; and wherein the job includes a status for the scan data associated with the security classification; and a job handler service configured to: identify the status of the job in the job queue; and perform one or more actions based on the status of the job, comprising: responsive to identifying the status of the job as a ready status: cause the scan data and information for the post scan processing instructions to be sent to a scan server, and remove the job from the job queue; and responsive to identifying the status of the job as a cancel status: remove the job from the job queue.