Browse Prior Art Database

Method and System for Obfuscation of Private Data at View Time

IP.com Disclosure Number: IPCOM000193623D
Original Publication Date: 2010-Mar-05
Included in the Prior Art Database: 2010-Mar-05
Document File: 2 page(s) / 65K

Publishing Venue

IBM

Abstract

A method and system for obfuscation of private data for a user at view time is disclosed. The method and system enables dynamic modification of requested data at view time for a user, without storing the modified version of the data.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 71% of the total text.

Page 1 of 2

Method and System for Obfuscation of Private Data at View Time

Disclosed is a method and system for obfuscation of private data for a user at view time. The method and system involves employing a three-tiered architecture to achieve required obfuscation of the private data, such as Secure and Private Information (SPI)
or Private Information (PI) data, at view time for a user.

A block diagram displaying the three-tiered architecture of the disclosed method and system is shown Fig. 1.

Figure 1

In the three-tiered architecture, at the first level, a database repository is maintained to store rules about rights of one or more users to view a given set of data. The rules provide information about whether a user can view a piece of the given data in a particular column or whether the piece of the given data is private and is to be obfuscated before being presented.

In order to render data to a user, an Application Program Interface (API) is maintained at the second level. When a user requests data, for example, a web page, the API processes the request. The API extracts rules corresponding to the User from the database repository. If the requested data needs to be obfuscated for the user based on the extracted rules, the API obfuscates the required portion of the requested data during view time.

Therefore, the requested data is presented to the user by displaying only the data which is not identified as being private in a required format. The required format may be a Dy...