US 11,888,863 B2
Maintaining user privacy via a distributed framework for security analytics
Lawrence Bruce Huston, III, Ann Arbor, MI (US); and David Coffey, Austin, TX (US)
Assigned to Forcepoint LLC, Austin, TX (US)
Filed by Forcepoint, LLC, Austin, TX (US)
Filed on Dec. 22, 2020, as Appl. No. 17/131,015.
Application 17/131,015 is a continuation of application No. 16/557,560, filed on Aug. 30, 2019, granted, now 10,999,296.
Application 16/557,560 is a continuation in part of application No. 16/415,726, filed on May 17, 2019, granted, now 10,834,097, issued on Nov. 10, 2020.
Application 16/415,726 is a continuation in part of application No. 16/162,655, filed on Oct. 17, 2018, granted, now 10,530,786, issued on Jan. 7, 2020.
Application 16/162,655 is a continuation of application No. 15/963,729, filed on Apr. 26, 2018, granted, now 10,129,269, issued on Nov. 13, 2018.
Application 15/963,729 is a continuation in part of application No. 15/878,898, filed on Jan. 24, 2018, granted, now 10,063,568, issued on Aug. 28, 2018.
Application 15/878,898 is a continuation of application No. 15/720,788, filed on Sep. 29, 2017, granted, now 9,882,918, issued on Jan. 30, 2018.
Claims priority of provisional application 63/119,116, filed on Nov. 30, 2020.
Claims priority of provisional application 63/017,400, filed on Apr. 29, 2020.
Claims priority of provisional application 62/964,372, filed on Jan. 22, 2020.
Claims priority of provisional application 62/839,060, filed on Apr. 26, 2019.
Claims priority of provisional application 62/506,300, filed on May 15, 2017.
Prior Publication US 2021/0112077 A1, Apr. 15, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/56 (2013.01); G06F 21/57 (2013.01); H04L 67/306 (2022.01)
CPC H04L 63/04 (2013.01) [G06F 21/566 (2013.01); G06F 21/577 (2013.01); H04L 63/102 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/205 (2013.01); H04L 67/306 (2013.01); G06F 2221/034 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A computer-implementable method for performing a security operation, comprising:
monitoring a plurality of actions of an entity, the plurality of actions of the entity corresponding to a plurality of events enacted by the entity;
maintaining information relating to the monitoring within a user edge component;
identifying an event of analytic utility;
analyzing the event of analytic utility at the user edge component, the analyzing generating a security risk assessment, the analyzing being performed by a hardware processor of the user edge component;
providing the security risk assessment to a network edge component;
anonymizing the information relating to the monitoring to provide anonymized information; and,
providing the anonymized information to the network edge component; and wherein
the network edge component performs a security operation using the anonymized information relating to the monitoring; and,
the network edge component requests de-anonymized information from the user edge component when the security operation generates an indication of a security risk of the entity.