US 12,229,288 B2
Method for data protection across sharing platforms
Arjun Sambamoorthy, Sunnyvale, CA (US); Prashanth Arun, Sunnyvale, CA (US); Dhananjay Sampath, Sunnyvale, CA (US); Sanjay Singh, Sunnyvale, CA (US); and Salil Kanetkar, Sunnyvale, CA (US)
Assigned to ArmorBlox LLC, San Jose, CA (US)
Filed by ARMORBLOX LLC, San Jose, CA (US)
Filed on Aug. 8, 2023, as Appl. No. 18/231,623.
Application 18/231,623 is a continuation of application No. 17/891,426, filed on Aug. 19, 2022, granted, now 11,763,012.
Claims priority of provisional application 63/235,366, filed on Aug. 20, 2021.
Prior Publication US 2024/0045978 A1, Feb. 8, 2024
Int. Cl. G06F 21/62 (2013.01); G06F 21/60 (2013.01); G06F 40/40 (2020.01); H04L 51/08 (2022.01)
CPC G06F 21/6209 (2013.01) [G06F 21/604 (2013.01); G06F 40/40 (2020.01); H04L 51/08 (2013.01); G06F 2221/2141 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method comprising:
storing a set of documents at a computing system, individual documents in the set of documents being associated with document tags that represent language included in the individual documents;
receiving first input indicating of a document of the set of documents;
identifying a document tag associated with the document;
obtaining a data access policy associated with the document tag, the data access policy indicating a set of identities of user accounts that are permitted to access the document associated with the document tag;
receiving second input indicating a recipient account for the document;
determining, using the data access policy, that a particular identity of the recipient account is included in the set of identities of the user accounts that are permitted to access the document;
based on the particular identity of the recipient account being not included in the set of identities, restricting access to the document by the recipient account; or
based on the particular identity of the recipient account being included in the set of identities, allowing access to the document by the recipient account;
receiving third input indicating a second document for the recipient account;
identifying a second document tag associated with the second document;
obtaining a second data access policy associated with the second document tag, the second data access policy indicating a second set of identities of user accounts that are permitted to access the second document associated with the second document tag;
determining, using the second data access policy, that the particular identity of the recipient account is not included in the second set of identities of the user accounts that are permitted to access the second document; and
based on the particular identity of the recipient account being not included in the second set of identities, restricting access to the document and the second document by the recipient account.