IBM Researchers Develop Shield to Mask Sensitive On-Screen Information
IBM Research - Haifa has developed software that more efficiently and effectively hides sensitive or personal information that might otherwise appear on the computer screens of unauthorized personnel. It could prove particularly useful for security conscious fields such as healthcare, insurance, government or financial services.
When refined and fully developed, this technology -- dubbed MAGEN (Masking Gateway for Enterprises), the Hebrew word for "shield" -- might help organizations better comply with privacy laws, and lessen the vulnerability of information to theft.
This is the latest in a string of proofs-of-concept developed by IBM Researchers designed to preserve privacy. For instance, IBM Research - India last year created voice recognition technology that automatically detects and muffles the most sensitive portions of recorded conversations, such as those between customer service representatives and clients. And several weeks ago, an IBM Researcher solved a longstanding cryptography challenge, demonstrating that encrypted information could be thoroughly analyzed, yet protected at the same time.
In the course of developing the MAGEN proof-of-concept, IBM applied for at least two U.S. patents, including one for unique ways of manipulating images, and one for scrambling words. MAGEN treats information on the screen as a picture, and relies on optical character-recognition technology to determine which onscreen fields need to be blanked out or replaced with random values. Unlike other solutions, MAGEN does not change the software program or the data itself -- it filters the information before it ever reaches the PC screen -- and does not force companies to create modified copies of electronic records where information is masked, scrambled, or eliminated.
This results in an extremely fast and flexible system. If companies had to create and store modified copies, the process would be relatively expensive and slow, as well as take up valuable electronic storage space. MAGEN's rules can also be easily modified as confidentiality regulations change, or for different types of users. The solution can be deployed in any environment where screen images are delivered -- no matter which operating system, application, or protocols are used.
When fully fleshed out, MAGEN will have very practical applications. For example, it might be used by a health insurance company that outsources customer service and claims processing functions to a third-party. Although private medical information in the patient records can't be shared with the contractors, customer service representatives need access to patient records. In these kinds of cases, MAGEN can hide private information so that it never appears on the agents' screens. Or, it can partially hide data, such as for the screens of call center customer service representatives, who only need enough identifying data to access, confirm or update an account.
"MAGEN's screen masking approach eliminates the need to painstakingly tailor 'data masking' solutions to specific environments," says Haim Nelken, Manager Integration Technologies at the IBM's Haifa, Israel Research Lab, where MAGEN was developed. "The bottom line is faster performance, simpler database security, and reduced costs for protecting sensitive data."