Privacy list snapshot
US-2016205105-A1 · Jul 14, 2016 · US
Audience-based sensitive information handling for shared collaborative documents
US9684799B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9684799-B2 |
| Application number | US-201615155877-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 16, 2016 |
| Priority date | May 1, 2015 |
| Publication date | Jun 20, 2017 |
| Grant date | Jun 20, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for providing audience-based redaction of sensitive information in an electronic document may include receiving a request from a computing device to access an electronic document, retrieving the electronic document, identifying the user(s) associated with the computing device, determining an access level for each user associated with the computing device, determining the lowest access level for the user(s) associated with the computing device, generating a rendering of the electronic document for display on the computing device based on the lowest access level for the user(s) associated with the computing device, and providing the rendering of the electronic document to the computing device for display. When generating the rendering of the electronic document for display, sensitive information in the electronic document is typically redacted based on the lowest access level for the user(s) associated with the computing device.
First claim
Opening claim text (preview).
What is claimed is: 1. A computerized method for providing audience-based redaction of sensitive information in an electronic document, comprising: receiving, by a computer processor, a request from a first user via a first computing device to create a first electronic document; creating, by a computer processor, the first electronic document and storing the first electronic document in a document database; based on redaction rules, automatically searching, by a computer processor, the first electronic document to identify sensitive information, the sensitive information comprising first sensitive data; creating, by a computer processor, a first rendering of the first electronic document, wherein the sensitive information is not redacted in the first rendering of the first electronic document, the first rendering of the first electronic document identifying the sensitive information as being sensitive; providing, by a computer processor, the first rendering of the first electronic document to the first computing device for display; receiving, by a computer processor, a request from a second computing device to access the first electronic document stored in the document database; retrieving, by a computer processor, the first electronic document from the document database; identifying, by a computer processor, one or more users associated with the second computing device; based on identifying the one or more users associated with the second computing device, determining, by a computer processor, an access level for each of the one or more users associated with the second computing device, wherein determining the access level for each of the one or more users associated with the second computing device is further based on determining a social network relationship between the first user and the one or more users associated with the second computing device; based on determining the access level for each of the one or more users associated with the second computing device, determining, by a computer processor, a weakest access level for the one or more users associated with the second computing device; creating, by a computer processor, a second rendering of the first electronic document, wherein the second rendering of the first electronic document is created by redacting the first sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device; and providing, by a computer processor, the second rendering of the first electronic document to the second computing device for display. 2. The method of claim 1 , wherein: a first access level has a right to view the first sensitive data, and a second access level does not have a right to view the first sensitive data; and the weakest access level for the one or more users associated with the second computing device is the second access level. 3. The method of claim 2 , wherein: the sensitive information of the first electronic document comprises second sensitive data; the first access level has a right to view the second sensitive data, and the second access level has a right to view the second sensitive data; and creating the second rendering of the first electronic document comprises not redacting the second sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device being the second access level. 4. The method of claim 3 , comprising: receiving a request from a third computing device to access the first electronic document; identifying, by a computer processor, one or more users associated with the third computing device; based on identifying the one or more users associated with the third computing device, determining, by a computer processor, an access level for each of the one or more users associated with the third computing device, wherein determining the access level for each of the one or more users associated with the third computing device is further based on determining a social network relationship between the first user and the one or more users associated with the third computing device; based on determining the access level for each of the one or more users associated with the third computing device, determining, by a computer processor, a weakest access level for the one or more users associated with the third computing device, the weakest access level for the one or more users associated with the third computing device being a third access level, the third access level does not have a right to view the first sensitive data or the second sensitive data; creating, by a computer processor, a third rendering of the first electronic document, wherein the third rendering of the first electronic document is created by redacting the first sensitive data and the second sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the third computing device being the third access level; and providing the third rendering of the first electronic document to the third computing device for display. 5. The method of claim 2 , comprising: determining that the weakest access level for the one or more users associated with the second computing device has changed; and based on determining that the weakest access level for the one or more users associated with the second computing device has changed, updating the second rendering of the first electronic document. 6. The method of claim 2 , comprising, based on searching the first electronic document to identify the sensitive information, creating redaction metadata; wherein: the first electronic document comprises the redaction metadata identifying the sensitive information and required access levels; and redacting the first sensitive data from the first electronic document is further based on the redaction metadata. 7. The method of claim 6 , comprising: receiving an edit to the first electronic document from the first user via the first computing device; based on receiving the edit, automatically searching the first electronic document to identify changes to the sensitive information; based on identifying changes to the sensitive information, updating the redaction metadata and updating the first rendering and second rendering of the first electronic document. 8. The method of claim 6 , wherein the first rendering of the first electronic document comprises an overlay displaying how the first sensitive data would be rendered based on the first access level and the second access level. 9. The method of claim 6 , comprising: receiving a request from the first user to render the first electronic document based on the second access level; and based on receiving the request from the first user to render the first electronic document based on the second access level, updating the first rendering of the first electronic document to redact the first sensitive data from the first electronic document. 10. The method of claim 6 , comprising: receiving an edit to the redacted first sensitive data of the first electronic document from the second computing device; based on receiving the edit, updating the redaction metadata to preserve the first sensitive data; and updating the first rendering and second rendering of the first electronic document based on the edit to the redacted first sensitive data. 11. The method of claim 1 , wherein the one or more users associated with the second computing device comprise a plurality of users.
Assignees
Inventors
Classifications
to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself · CPC title
Access rights, e.g. capability lists, access control lists, access tables, access matrices · CPC title
Document management systems · CPC title
Query processing · CPC title
- G06F21/6254Primary
by anonymising data, e.g. decorrelating personal data from the owner's identification · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9684799B2 cover?
- A method for providing audience-based redaction of sensitive information in an electronic document may include receiving a request from a computing device to access an electronic document, retrieving the electronic document, identifying the user(s) associated with the computing device, determining an access level for each user associated with the computing device, determining the lowest access …
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6254. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 20 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).