Abstract: Distributed computer system processes data having select content (SC) represented by one or more predetermined words, characters, etc. The system has a plurality of SC data stores in a server cloud for respective security designated (Sec-D) data and granular data, each with respective access controls thereat. The data stores are operatively coupled on a network. An identification module identifies SC and granular data stores for the respective data in the server cloud. A processor activates data stores in the server cloud thereby permitting access to the SC data and granular stores based upon an application of one or more access controls thereat. The processor has a reconstruction module operating as a data process employing the respective access controls to combine one or more of the Sec-D data and granular data.

Abstract: The present invention is a method of organizing and processing data in a distributed computing system. The invention is also implemented as a computer program on a computer medium and as a distributed computer system. Software modules can be configured as hardware. The method and system organizes select content which is important to an enterprise operating said distributed computing system. The select content is represented by one or more predetermined words, characters, images, data elements or data objects. The computing system has a plurality of select content data stores for respective ones of a plurality of enterprise designated categorical filters which include content-based filters, contextual filters and taxonomic classification filters, all operatively coupled over a communications network.

Abstract: The method for securing data includes establishing a group of security sensitive items, filtering data and extracting and separating the security items from remainder data. The filtered data are separately stored (locally on a PC or on another computer in a LAN or WAN or on the Internet.) A map may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Reconstruction of the data is permitted only in the presence of a predetermined security clearance. A plurality of security clearances may be used to enable a corresponding plurality of partial, reconstructed views of the plaintext (omitting higher security words).

Abstract: A method and system processes data in a distributed computing system to survive an electromagnetic pulse (EMP) attack. The computing system has proximal select content (SC) data stores and geographically distributed distal data stores, all with respective access controls. The data input or put through the computing system is processed to obtain the SC and other associated content. The process then extracts and stores such content in the proximal SC data stores and geographically distributed distal SC data stores. The system further processes data to geographically distribute the data with data processes including: copy, extract, archive, distribute, and a copy-extract-archive and distribute process with a sequential and supplemental data destruction process. In this manner, the data input is distributed or spread out over the geographically distributed distal SC data stores. The system and method permits reconstruction of the processed data only in the presence of a respective access control.

Abstract: Distributed computer system processes data having select content (SC) represented by one or more predetermined words, characters, etc. The system has a plurality of SC data stores in a server cloud for respective security designated (Sec-D) data and granular data, each with respective access controls thereat. The data stores are operatively coupled over a network. An identification module identifies SC data and granular data stores for in the server cloud. A processor activates data stores in the server cloud thereby permitting access to the SC data and granular data stores based upon an application of access controls thereat. The processor has a reconstruction module operating as a data process employing the respective access controls to combine one or more of the Sec-D data and granular data.

Abstract: Search engine process operates on data collections to expand a user's knowledge about select content (SC) words, data objects, etc. A prioritized hierarchical taxonomic system (H-tax-sys) encompasses some SC is set, input data is classified thereto, and non-matching data (non-SC) is identified. The non-SC are used as a search terms. Additionally-optionally, the process identifies input data as SC per n priority H-tax, and uses these as search terms. Additionally-optionally, input data matching SC is added as search terms. Additionally-optionally, search terms are extracted from the input based upon H-tax. Supplemental documents are gathered, H-tax classified, mapped and represented with and without mapped search terms.

Abstract: Data security for processing data or securing browser-input data operates on security sensitive content which is extracted, then either encrypted or stored in remote extract stores, and processed separate from remainder data. Extracted data, in one system, is remotely stored. Other methods attach, append, add or insert an encrypted version of the extract content to the document. The browser system operates with an extract store. Remainder data is sent to the addressee or designated client by the web server. The addressee is permitted to retrieve the extracted data from said extract store only with a security clearance and hence, reconstruct the source input data with the extract data. In other systems, the addressee reconstructs the input by decryption and integration. The browser method extracts data, facilitates the storage, forwards the remainder data to a target. Financial data or credit card scrubber may use pop-up windows for enablement.

Abstract: The method for securing data in a distributed computer system for security sensitive content includes granularly extracting sensitive content, per security level, from remainder data. The security sensitive content is classified into security levels, each having a security clearance. The extracted data is remotely stored in extract stores. The controlled release of extracted data occurs with the appropriate security clearances. Maps of storage sites and filters for repetitive extraction may be employed, stored and then sometimes destroyed. The data input, extracted data and remainder data may be deleted from the originating source. Encryption, unique to each security level, enhances security (preferably during transfers, storage and retrieval). Full or partial reconstruction of the data is permitted with security clearances. An information processing system is encompassed.

Abstract: The method for securing data in a server-client computer system for security sensitive content includes extracting sensitive content and separating the security sensitive content from remainder data. The security sensitive content is grouped into security levels, each with a security clearance. The extracted data, for each security level, is remotely stored in extract stores. A map of storage sites may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Full or partial reconstruction of the data is permitted only in the presence of predetermined security clearances. The extraction and storage can be done on the input client computer or the web-based server. A computer readable medium containing programming instructions and an information processing system is encompassed.

Abstract: The method for securing data on a personal computer having security sensitive content grouped into security levels, each with a clearance code, includes filtering and extracting sensitive content by security level and separately storing the security content in remote extract stores. Remainder data is stored locally or remotely. A map for selected extract stores may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Reconstruction of the data is permitted only in the presence of a predetermined security clearance. Full or partial reconstruction is possible, based upon the security clearances. A computer readable medium containing programming instructions and an information processing system is encompassed.

Abstract: A method, program and information processing system filters and secures data (security sensitive words-characters-data objects) in a source document. The adaptive filter uses a compilation of additional data (typically networked) and identifies the sensitive words/objects in the compilation of additional data, and retrieves contextual, semiotic and taxonomic words/objects from the compilation related to the sensitive words/objects. The resulting compiled filter is used to extract sensitive words/objects and retrieved data (words/objects) from the source document to obtain extracted data and remainder data therefrom. Contextual words, related to the security sensitive words/objects, are based upon statistical analysis of the additional data compilation. Semiotic words related words are synonyms, antonyms, and pseudonyms, syntactics relative to the target words and retrieved words, and pragmatics relative to the sensitive words and retrieved words.

Abstract: A data security having parsing and dispersion aspects enables the user to parse, disperse and reconstruct the original, plain text data or data object, thereby enabling secure storage of the data. The original data may be maintained in its original state, encrypted or it may be destroyed. For example, financial data maintained by an institute, stored as is customary, be parsed with an algorithm, the parsed segments dispersed off-site (that is, separated and stored in extract and remainder stores or computer memories) and away from the financial institute, and, upon appropriate security clearance, the dispersed data can be reconstructed to duplicate the data. Large distribution of parsed data is contemplated by the system. The original data remains stable, operable and immediately useful in its customary storage location (or alternatively destroyed). The secured dispersed data is a back-up of the original data.

Abstract: The data security method, system and associated data mining enables multiple users, each having a respective security clearance level to access security sensitive words, data objects, characters or icons. The method extracts security sensitive words, data objects, characters or icons from plaintext or other source documents to obtain (a) subsets of extracted data and (b) remainder data. The extracted data is, in one embodiment, stored in a multilevel security system (MLS) which separates extract data of different security levels with MLS guards. Some or all of the original data is reconstructed via one or more of the subsets of extracted data and remainder data only in the presence of a predetermined security level. In this manner, an inquiring party, with the proper security clearance, can data mine the data in the MLS secured storage.

Abstract: The method, used with a portable computing device, secures security sensitive words, icons, etc. by determining device location within or without a predetermined region and then extracting the security data from the file, text, data object or whatever. The extracted data is separated from the remainder data and stored either on media in a local drive or remotely, typically via wireless network, to a remote store. Encryption is used to further enhance security levels. Extraction may be automatic, when the portable device is beyond a predetermined territory, or triggered by an event, such a “save document” or a time-out routine. Reconstruction of the data is permitted only in the presence of a predetermined security clearance and within certain geographic territories. A computer readable medium containing programming instructions carrying out the methodology for securing data is also described herein. An information processing system for securing data is also described.

Abstract: Data security for e-mail or browser-input data operates on identified security sensitive words, characters or icons which are extracted leaving remainder data. Extracted data, in one system, is stored in a remote, extract store in a distributed computer system. Other methods attach an encrypted version of the extract to the email. The browser system operates with an extract store. Remainder data is sent to the addressee or designated web server. The addressee is permitted to retrieve the extracted data from said extract store only in the presence of a security clearance and hence, reconstruct the source e-mail or browser-input data with the extract data. In other systems, the addressee reconstructs the email by decryption and integration. Parsing rather than identifying critical words is an option. The browser method extracts data, facilitates the storage in an extract store, forwards the remainder data to a targeted destination.

Abstract: An adaptive method, system and program for securing data against a plurality of electronic and environmental events directed at computers utilizes a hacking monitor which generates attack warnings (such as a hacking warning) dependent upon the severity of the attack. Based upon these warnings, data is filtered to extract security sensitive words etc. and the extract and remainder data (if necessary) is stored in assigned memory. Full or partial reconstruction is permitted, manually or automatically, with a security clearance. Encryption is typically used dependent upon the warning. The information processing system includes a filter which is adjusted based upon the degree of attack warning to extract security sensitive words. A storage system stores extracted data and remainder data (if necessary) based upon the level of the warning and a compiler is used to reconstruct the data in the presence of the appropriate security clearance level.

Abstract: Data is secured in a computer network to transparently establish and manage a separation of user-based communities of interest based upon crypto-graphically separated, need to know, security levels. Data from a source document, data object or data stream is filtered to form subsets of extracted data and remainder data based upon security levels for the communities. Extracts are stored in assigned memories. Full or partial plaintext reconstruction is permitted only in the presence of assigned security clearance for the community of the inquiring party. Encryption, corresponding to security levels, establishes separation of secured data. The information processing system uses a data filter to extract security sensitive words, data objects, etc., a distributed storage system and a compiler is used to reconstruct plaintext based on security clearance. Multiple level encryption in one document is also available.

Abstract: The method for securing data includes establishing a group of security sensitive items, filtering data and extracting and separating the security items from remainder data. The filtered data are separately stored (locally on a PC or on another computer in a LAN or WAN or on the Internet.) A map may be generated. The filter and/or map may be destroyed or stored. The data input, extracted data and remainder data may be deleted from the originating computer. Encryption may be utilized to enhance security (including transfers of data, filter and map). Reconstruction of the data is permitted only in the presence of a predetermined security clearance. A plurality of security clearances may be used to enable a corresponding plurality of partial, reconstructed views of the plaintext (omitting higher security words). A computer readable medium containing programming instructions and an information processing system is encompassed.

Abstract: The method of quantifying risk, implemented as a computerized program, quantifies the risk of releasing security sensitive words, data objects, characters or icons which may be part of data subject to analysis (target data). Security words, etc. are categorized, pre-existing data for each category is obtained and the categories (and subsumed pre-existing data) are ranked by risk. The target data is compared to the compiled pre-existing data and a risk output is generated. For unknown or undefined words, an indeterminable category is created and is ranked. The method may include inference engines, and contextual routines to add semantic equivalents and opposites to the critical list. Search engines may be employed to add to the list. A differential rank quantifier is assigned to the security words, etc. which has a different rank than the associated category. Frequency analysis, source analysis and stochastic analysis is also used. The risk output is altered.

Abstract: The method, used with a portable computing device, secures security sensitive words, icons, etc. by determining device location within or without a predetermined region and then extracting the security data from the file, text, data object or whatever. The extracted data is separated from the remainder data and stored either on media in a local drive or remotely, typically via wireless network, to a remote store. Encryption is used to further enhance security levels. Extraction may be automatic, when the portable device is beyond a predetermined territory, or triggered by an event, such a “save document” or a time-out routine. Reconstruction of the data is permitted only in the presence of a predetermined security clearance and within certain geographic territories. A computer readable medium containing programming instructions carrying out the methodology for securing data is also described herein. An information processing system for securing data is also described.