1. Field of the Invention
The present invention generally relates to data loss prevention and, in particular, to mitigating risks of misappropriation of data by authorized users of computer information systems.
2. Description of the Related Art
From the earliest application of digital computer systems to business data processing there has been a need to protect the data stored in a computer system. Despite the best current efforts, data loss still occurs and, in many cases, is perpetrated not by hackers or unauthorized entry into a computer system, but by authorized “trusted” users of the system. Recognizing this vulnerability has led to the formation of a field called data loss protection or data loss prevention where a variety of techniques are used to monitor and detect the misappropriation of sensitive data.
For example, in the case of computer source code, one common technique to reduce misappropriation of the code is to partition a system so that any individual user may only see a fraction of the entire code base. Source code management (SCM) systems, which are typically used to store and perform change management over large source code repositories, provide a variety of mechanisms to enable partitioning. For example, the IBM Rational ClearCase system allows a single code base to be divided across multiple versioned object bases (VOBs), with each VOB having discrete and disjoint sets of users. Another source code management system, the Configuration Management Version Control (CMVC) system developed and used by IBM software development, allows partitioning a product into discrete components, each with their own discrete sets of users and access permissions. While a user could gain access to a portion of the source code for the software system and misappropriate the code by copying it to a removable hard drive, USB thumb drive, CD-ROM drive, or via an e-mail to a third party, the idea is that, due to the partitioning of the source code, the devious user cannot reproduce the entire product. Especially sensitive source code containing key algorithm implementations could be further partitioned to impose even more strict limitations regarding access to the code.
While partitioning of valuable intellectual property is a well-known method for reducing data loss, there is still a need for improved monitoring of the actions and behavior of authorized users to computer resources such as computer source code.