What technology area does this patent fall under?

Primary CPC classification G06F21/6218. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Mar 10 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Masking sensitive information in raw data

US12572681B2 · US · B2

Patent metadata
Field	Value
Publication number	US-12572681-B2
Application number	US-202418583628-A
Country	US
Kind code	B2
Filing date	Feb 21, 2024
Priority date	Feb 21, 2024
Publication date	Mar 10, 2026
Grant date	Mar 10, 2026

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Obfuscated data comprising a plurality of alternative representations of raw data can be generated. At least one user, or at least one group of users, can be assigned to portions of the alternative representations of the raw data. Responsive to a user authenticating with a credential manager, a permission level of the user of the user can be determined. Responsive to the user submitting a data request, whether the data request requests raw data the user is not authorized to access can be determined. Responsive to determining that the data request requests raw data the user is not authorized to access, at least a portion of the obfuscated data the user is authorized to access can be presented to the user. The portion of the obfuscated data can include at least one plurality of alternative representations of the raw data.

First claim

Opening claim text (preview).

What is claimed is: 1 . A method, comprising: generating, using a processor, obfuscated data comprising a plurality of alternative representations of raw data, wherein the raw data is stored in a secure data vault; assigning at least one user, or at least one group of users, to each of at least a portion of the plurality of alternative representations of the raw data; responsive to a user authenticating with a credential manager, determining a permission level of the user; responsive to the user submitting a data request, determining whether the data request requests raw data the user is not authorized to access; responsive to determining that the data request requests raw data the user is not authorized to access, determining a plurality of similarly-oriented questions, each of the plurality of similarly-oriented questions being similar in scope to the data request, but configured to request obfuscated data the user is authorized to access; and presenting to the user at least a portion of the obfuscated data the user is authorized to access, the portion of the obfuscated data comprising at least one plurality of alternative representations of the raw data, wherein the obfuscated data provides at least one answer to at least one of the plurality of similarly-oriented questions. 2 . The method of claim 1 , further comprising: presenting to the user the plurality of similarly-oriented questions; wherein presenting to the user at least the portion of the obfuscated data the user is authorized to access comprises, responsive to the user selecting the at least one of the plurality of similarly-oriented questions, presenting to the user the obfuscated data. 3 . The method of claim 2 , further comprising: generating the plurality of similarly-oriented questions; for a similarly-oriented question, of the plurality of similarly-oriented questions, generating an answer to the similarly-oriented question; and for the similarly-oriented question, creating a question/answer pair comprising the similarly-oriented question and the answer to the similarly-oriented question. 4 . The method of claim 3 , further comprising: assigning to the question/answer pair a semantic embedding vector used to determine the answer to the similarly-oriented question in the question/answer pair. 5 . The method of claim 4 , further comprising: generating the semantic embedding vector using a large language model that preserves semantic proximity between values. 6 . The method of claim 3 , wherein the generating the plurality of similarly-oriented questions comprises: identifying sensitive attributes in the raw data; and creating the plurality of similarly-oriented questions and respective answers based on the sensitive attributes in the raw data. 7 . The method of claim 1 , wherein the alternative representations of the raw data comprise synthetic values or synthetic parameters that are analogous to, but different than, values or parameters contained in the raw data. 8 . A system, comprising: a processor programmed to initiate executable operations comprising: generating obfuscated data comprising a plurality of alternative representations of raw data, wherein the raw data is stored in a secure data vault; assigning at least one user, or at least one group of users, to each of at least a portion of the plurality of alternative representations of the raw data; responsive to a user authenticating with a credential manager, determining a permission level of the user; responsive to the user submitting a data request, determining whether the data request requests raw data the user is not authorized to access; responsive to determining that the data request requests raw data the user is not authorized to access, determining a plurality of similarly-oriented questions, each of the plurality of similarly-oriented questions being similar in scope to the data request, but configured to request obfuscated data the user is authorized to access; and presenting to the user at least a portion of the obfuscated data the user is authorized to access, the portion of the obfuscated data comprising at least one plurality of alternative representations of the raw data, wherein the obfuscated data provides at least one answer to the at least one of the plurality of similarly-oriented questions. 9 . The system of claim 8 , the executable operations further comprising: presenting to the user the plurality of similarly-oriented questions; wherein presenting to the user at least the portion of the obfuscated data the user is authorized to access comprises, responsive to the user selecting at least one of the plurality of similarly-oriented questions, presenting to the user the obfuscated data. 10 . The system of claim 9 , the executable operations further comprising: generating the plurality of similarly-oriented questions; for a similarly-oriented question, of the plurality of similarly-oriented questions, generating an answer to the similarly-oriented question; and for the similarly-oriented question, creating a question/answer pair comprising the similarly-oriented question and the answer to the similarly-oriented question. 11 . The system of claim 10 , the executable operations further comprising: assigning to the question/answer pair a semantic embedding vector used to determine the answer to the similarly-oriented question in the question/answer pair. 12 . The system of claim 11 , the executable operations further comprising: generating the semantic embedding vector using a large language model that preserves semantic proximity between values. 13 . The system of claim 10 , wherein the generating the plurality of similarly-oriented questions comprises: identifying sensitive attributes in the raw data; and creating the plurality of similarly-oriented questions and respective answers based on the sensitive attributes in the raw data. 14 . The system of claim 8 , wherein the alternative representations of the raw data comprise synthetic values or synthetic parameters that are analogous to, but different than, values or parameters contained in the raw data. 15 . A computer program product, comprising: one or more computer readable storage mediums having program code stored thereon, the program code stored on the one or more computer readable storage mediums collectively executable by a data processing system to initiate operations including: generating obfuscated data comprising a plurality of alternative representations of raw data, wherein the raw data is stored in a secure data vault; assigning at least one user, or at least one group of users, to each of at least a portion of the plurality of alternative representations of the raw data; responsive to a user authenticating with a credential manager, determining a permission level of the user; responsive to the user submitting a data request, determining whether the data request requests raw data the user is not authorized to access; responsive to determining that the data request requests raw data the user is not authorized to access, determining a plurality of similarly-oriented questions, each of the plurality of similarly-oriented questions being similar in scope to the data request, but configured to request obfuscated data the user is authorized to access; and presenting to the user at least a portion of the obfuscated data the user is authorized to access, the portion of the obfuscated data comprising at least one plurality of alternative representations of the raw data, wherein the obfuscated data provides at least one answer to the

Assignees

Inventors

Classifications

H04L63/105
Multiple levels of security · CPC title
H04L63/08
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
G06F21/6254
by anonymising data, e.g. decorrelating personal data from the owner's identification · CPC title
G06F21/6245
Protecting personal data, e.g. for financial or medical purposes · CPC title
G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title

Patent family

Related publications grouped by family.

View patent family 96739733

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US12572681B2 cover?: Obfuscated data comprising a plurality of alternative representations of raw data can be generated. At least one user, or at least one group of users, can be assigned to portions of the alternative representations of the raw data. Responsive to a user authenticating with a credential manager, a permission level of the user of the user can be determined. Responsive to the user submitting a data …
Who is the assignee on this patent?: IBM
What technology area does this patent fall under?: Primary CPC classification G06F21/6218. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Mar 10 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).