Abstract: Techniques are described for generating a monosemous (i.e., single sense) keyword list associated with a particular domain (e.g., a medical or financial domain) for document classification. An input term frequency dictionary, a candidate keyword list, and a document corpus may be used to generate the keyword list. A collection of documents is divided into two sets, one related to a target domain and one not. A statistical approach may be used to evaluate each term in the candidate list to determine a measure of how monosemous each remaining candidate term is, i.e., how strongly the term (or short phrase) identifies with a single sense. Terms with a primarily single sense related to the target domain are added to the monosemous keyword list. The keyword list may be used to identify documents associated with the domain, allowing, the appropriate protections to be applied to the document (e.g., do not send outside an enterprise boundary or permit copying).

Abstract: Techniques are disclosed for encrypting application data files using a format-friendly encryption process. A software agent may create an encrypted version of an application file using the same data file format of the unencrypted file. For example, when a user encrypts a word processing document, the software agent outputs a word processing document which includes an encrypted copy of the first word processing document. Application data files for other file formats may be encrypted in a similar manner. Further, format-friendly encrypted documents may include instructions for accessing the encrypted content, allowing the standard applications for accessing a given file format to present the instructions to a user. Creating encrypted document using the format-friendly encryption formats allows users who access an encrypted file hosted by a cloud storage provider to receive the information needed to access that application file.

Abstract: Techniques are disclosed for authenticating users to a computing application. A relying application transmits a login page to a user requesting access to the application. The login page may include a QR code (or other barcode) displayed to the user. The QR code may encode a nonce along with a URL address indicating where a response to the login challenge should be sent. In response, the user scans the barcode with an app on a mobile device (e.g., using a camera on a smart phone) to recover both the nonce and the URL address. The mobile device may also include a certificate store containing a private key named in a PKI certificate. The app signs the nonce using the private key and sends the signed nonce in to the URL in a response message.

Abstract: Methods and systems for providing data security scanning in a network. A network device ascertains, based on a network's security policy, security technologies that are should or must be applied to the network traffic. The network device applies the not yet applied security technologies, based on a determination that the not yet applied security technologies are available to the network device. Next, the network device tags the network traffic with a security marker indicating the not yet applied security technologies as applied to reflect the security technologies applied to the network traffic.