Search

US-12619789-B2 - Automatically fingerprinting of cloud documents

US12619789B2US 12619789 B2US12619789 B2US 12619789B2US-12619789-B2

Abstract

Method, system, and/or computer readable medium for automatically selective updating a data fingerprint on a plurality of proxy datacenters, the method comprising: generating through a cloud connector fingerprints of a stored set of data on a cloud drive; transmitting, from the cloud connector the fingerprints to a plurality of proxy datacenters; periodically automatically obtaining, through the cloud connector, a list of updated files stored on the cloud drive; automatically running, on the cloud connector, a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files; and transmitting, from the cloud connector, the supplemental fingerprints to the plurality of proxy datacenters.

Inventors

  • Pak Ho Philip Kwok
  • Ahmed Hassan
  • Jack Davey
  • Roman Sosnin
  • Smitha Sushil

Assignees

  • CISCO TECHNOLOGY, INC.

Dates

Publication Date
20260505
Application Date
20231207

Claims (19)

  1. 1 . A method of automatically selective updating a data fingerprint on a plurality of proxy datacenters, the method comprising: generating, through a cloud connector, fingerprints of a stored set of data on a cloud drive; transmitting, from the cloud connector, the fingerprints to a cloud storage for later retrieval by a plurality of proxy datacenters; periodically automatically obtaining, through the cloud connector, a list of updated files stored on the cloud drive; automatically running, on the cloud connector, a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files; transmitting, from the cloud connector, the supplemental fingerprints to the cloud storage for later retrieval by the plurality of proxy datacenters; and performing data leak prevention using the fingerprints and supplemental fingerprints.
  2. 2 . The method of claim 1 , wherein the list of updated files includes files that were included on the stored set of data and subsequently modified.
  3. 3 . The method of claim 1 , wherein the list of updated files includes additional files that were not previously on the stored set of data.
  4. 4 . The method of claim 1 , further comprising: instructing the plurality of proxy datacenters to retrieve the fingerprints and the supplemental fingerprints from the cloud storage at predetermined intervals.
  5. 5 . The method of claim 4 , further comprising: determining that one or more files on the cloud drive have been deleted and transmitting a request to remove a corresponding fingerprint from the cloud storage and the plurality of proxy datacenters.
  6. 6 . The method of claim 1 , wherein the periodically automatically obtaining the list of updated files operates through an application programming interface.
  7. 7 . The method of claim 1 , wherein the plurality of proxy datacenters provide managed network access by obfuscating an original IP address.
  8. 8 . A system comprising: a storage configured to store instructions; and a processor configured to execute the instructions and cause the processor to: generate fingerprints of a stored set of data on a cloud drive; transmit the fingerprints to a cloud storage for later retrieval by a plurality of proxy datacenters; obtain, periodically and automatically, a list of updated files stored on the cloud drive; run automatically a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files; transmit the supplemental fingerprints to the cloud storage for later retrieval by the plurality of proxy datacenters; and perform data leak prevention using the fingerprints and supplemental fingerprints.
  9. 9 . The system of claim 8 , wherein the list of updated files includes files that were included on the stored set of data and subsequently modified.
  10. 10 . The system of claim 8 , wherein the list of updated files includes additional files that were not previously on the stored set of data.
  11. 11 . The system of claim 8 , wherein the processor is configured to execute the instructions and cause the processor to: instruct the plurality of proxy datacenters to retrieve the fingerprints and the supplemental fingerprints from the cloud storage at predetermined intervals.
  12. 12 . The system of claim 11 , wherein the processor is further configured to determine that one or more files on the cloud drive have been deleted and transmit a request to remove a corresponding fingerprint from the cloud storage and the plurality of proxy datacenters.
  13. 13 . The system of claim 8 , wherein the periodically automatically obtaining the list of updated files operates through an application programming interface.
  14. 14 . The system of claim 8 , wherein the plurality of proxy datacenters provide managed network access by obfuscating an original IP address.
  15. 15 . A non-transitory computer readable medium comprising instructions, the instructions, when executed by a computing system, cause the computing system to: generate fingerprints of a stored set of data on a cloud drive; transmit the fingerprints to a cloud storage for later retrieval by a plurality of proxy datacenters; obtain, periodically and automatically, a list of updated files stored on the cloud drive; run automatically a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files; and transmit the supplemental fingerprints to the cloud storage for later retrieval by the plurality of proxy datacenters; and perform data leak prevention using the fingerprints and supplemental fingerprints.
  16. 16 . The computer readable medium of claim 15 , the list of updated files includes files that were included on the stored set of data and subsequently modified.
  17. 17 . The computer readable medium of claim 15 , the list of updated files includes additional files that were not previously on the stored set of data.
  18. 18 . The computer readable medium of claim 15 , wherein the computer readable medium further comprises instructions that, when executed by the computing system, cause the computing system to: instruct the plurality of proxy datacenters to retrieve the fingerprints and the supplemental fingerprints from the cloud storage.
  19. 19 . The computer readable medium of claim 15 , the periodically automatically obtaining the list of updated files operates through an application programming interface.

Description

BACKGROUND Attacks on networks continues to increase. The attack on a network can be an internal network or a cloud based network. Many companies implement a storage solution that involves both cloud-based resources and internal resources. Cloud based resources can be implemented to provide enhanced access from any remote location. BRIEF DESCRIPTION OF THE DRAWINGS Details of one or more aspects of the subject matter described in this disclosure are set forth in the accompanying drawings and the description below. However, the accompanying drawings illustrate only some typical aspects of this disclosure and are therefore not to be considered limiting of its scope. Other features, aspects, and advantages will become apparent from the description, the drawings and the claims. FIG. 1 illustrates an example of a network topology in according to the present disclosure; FIG. 2 illustrates an example of a method according to the present disclosure; and FIG. 3 shows an example of computing system, which can be for example any computing device that can implement components of the system. DESCRIPTION The detailed description set forth below is intended as a description of various configurations of embodiments and is not intended to represent the only configurations in which the subject matter of this disclosure can be practiced. The appended drawings are incorporated herein and constitute a part of the detailed description. The detailed description includes specific details for the purpose of providing a more thorough understanding of the subject matter of this disclosure. However, it will be clear and apparent that the subject matter of this disclosure is not limited to the specific details set forth herein and may be practiced without these details. In some instances, structures and components are shown in block diagram form in order to avoid obscuring the concepts of the subject matter of this disclosure. Systems, methods, and computer-readable media are provided for automatically selective updating a data fingerprint on a plurality of proxy datacenters. An example method can include generating through a cloud connector fingerprints of a stored set of data on a cloud drive. The method can also include transmitting from the cloud connector the fingerprints to a plurality of proxy datacenters. The method can further include periodically automatically obtaining, through the cloud connector, a list of updated files stored on the cloud drive. Still further, the method can include automatically running, on the cloud connector, a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files. Additionally, the method can include transmitting, from the cloud connector, the supplemental fingerprints to the plurality of proxy datacenters. An example system can include one or more processors and at least one computer-readable storage medium storing instructions which, when executed by the one or more processors, cause the one or more processors to generate fingerprints of a stored set of data on a cloud drive; transmit the fingerprints to a plurality of proxy datacenters; obtain, periodically and automatically, a list of updated files stored on the cloud drive; running automatically a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files; and transmitting the supplemental fingerprints to the plurality of proxy datacenters. An example non-transitory computer-readable storage medium having stored therein instructions which, when executed by a processor, cause the processor to generate fingerprints of a stored set of data on a cloud drive; transmit the fingerprints to a plurality of proxy datacenters; obtain, periodically and automatically, a list of updated files stored on the cloud drive; running automatically a fingerprinter on the list of updated files that generates supplemental fingerprints for the updated files; and transmitting the supplemental fingerprints to the plurality of proxy datacenters. FIG. 1 illustrates an example of a network topology 100 for showing various aspects of the network architecture. The network topology 100 can include a management network 102, a pair of network sites 104A and 104B (e.g., the data center(s), the campus network(s), the branch office network(s), the home office network(s), cloud service provider network(s), etc.), and Internet transport network 160. The management network 102 can include one or more network orchestrator appliances 105, one or more network management appliance 122, and one or more network controller appliances 132. Although the management network 102 is shown as a single network in this example, one of ordinary skill in the art will understand that each element of the management network 102 can be distributed across any number of networks and/or be co-located with the pair of network sites 104A, 10B. In this example, each element of the management network 102 can be reache