	US 12,111,773 B2
	Runtime protection of sensitive data
He Huang, Beijing (CN); Jin Hong Fu, Beijing (CN); Shi Chong Ma, Beijing (CN); Bao Zhang, Beijing (CN); Jia Yu, Beijing (CN); and Peng Hui Jiang, Beijing (CN)
Assigned to International Business Machines Corporation, Armonk, NY (US)
Filed by International Business Machines Corporation, Armonk, NY (US)
Filed on Sep. 8, 2022, as Appl. No. 17/930,439.
Prior Publication US 2024/0086333 A1, Mar. 14, 2024
Int. Cl. G06F 12/10 (2016.01); G06F 12/1036 (2016.01); G06F 12/14 (2006.01); G06F 21/62 (2013.01)

CPC G06F 12/1036 (2013.01) [G06F 12/145 (2013.01); G06F 21/6254 (2013.01)]

20 Claims

1. A computer-implemented method comprising:

receiving an indication of sensitive data in one or more files;

updating at least one bit in a virtual address space for the one or more files indicated to have sensitive data to mark data in an address range as containing sensitive data;

in response to a program accessing the one or more files, evaluating the respective virtual address for the one or more files;

in response to the evaluation of the at least one bit in the respective virtual address for the one or more files indicating the presence of sensitive data, marking intermediate data generated by the program as sensitive data.