IBM researchers said today they have developed software that uses optical character recognition and screen scraping to identify and cover up confidential data.
According to IBM the driving idea behind the MAGEN (Masking Gateway for Enterprises) system is to prevent data leakage and allow the sharing of data while safeguarding sensitive business data.
MAGEN works at the screen level by ‘catching’ the information before it hits the screen, analyzing the screen content, and then masking those details that need to be hidden from the person logged in. The major novelty lies in architecting a single system that handles a wide range of scenarios in a centralized and unified manner, IBM stated.
The IBM system treats the screen of information as a picture and uses optical character recognition to identify the pieces that were defined as confidential. It then places a data 'mask' over the details that need to remain hidden—without ever copying, changing, or processing the data, IBM said.
IBM said customers can set masking rules specify parts of screens to be masked and that such rules can be defined per screen structure or per application. Each role can be defined with a specific privacy level depending on the needs of the customer.
MAGEN does not change the software program or the data — it filters the information before it ever reaches the PC screen — and does not force companies to create modified copies of electronic records where information is masked, scrambled, or eliminated, IBM stated.
IBM cites an example of a MEGEN application a healthcare firm that outsources customer service and claims processing functions to a third-party. Although private medical information in the patient records can’t be shared with the contractors, customer service representatives need access to patient records. In these kinds of cases, MAGEN can hide private information so that it never appears on the agents’ screens, IBM stated. Or, it can partially hide data, such as for the screens of call center customer service representatives, who only need enough identifying data to access, confirm or update an account.
IBM researchers have been on a security roll of late. Big Blue last week said one of its researchers made it possible for computer systems to perform calculations on encrypted data without decrypting it. IBM said the technology would let computer services, such as Google or others storing the confidential, electronic data of others will be able to fully analyze data on their clients' behalf without expensive interaction with the client and without actually seeing any of the private data.