| CPC G06F 16/285 (2019.01) [G06F 16/2379 (2019.01)] | 17 Claims |
|
1. A data classification system for classifying data of a data store based on inspecting data transactions between clients and the data store, comprising:
a proxy, configured to intercept transactions that are conducted over a network between clients and the data store, wherein the transactions include queries and responses, and wherein the queries or responses carry data; and
a processor, configured to construct, based on the intercepted transactions, a classification map comprising a classification of at least some of the data that is stored in the data store into predefined classes, wherein the classification map lists memory locations of data in the data store along with a corresponding classification of the sensitivity of the data,
wherein the processor comprises:
a knowledge store including the classification map; and
a classifier which classifies the data as to whether it is sensitive and updates the classification map based on the results of the classification, wherein the classifier is configured to check for intercepted transactions whether their data already appears in the classification map, and to refrain from classifying data of transactions for which the data is already in the classification map.
|