OBFUSCATION OF USER CONTENT IN STRUCTURED USER DATA FILES

US 20180276393A1
Filed: 03/23/2017
Published: 09/27/2018
Est. Priority Date: 03/23/2017
Status: Active Grant

First Claim

Patent Images

1. A method of providing a data obfuscation framework for a user application, the method comprising:

providing user content to a classification service configured to process the user content to classify portions of the user content as comprising sensitive content corresponding to one or more predetermined data schemes;

receiving from the classification service indications of one or more portions of the user content that contain the sensitive content;

presenting graphical indications in a user interface to the user application that annotate the one or more portions of the user content as containing the sensitive content;

presenting obfuscation options in the user interface for masking the sensitive content within at least a selected portion among the one or more portions of the user content; and

responsive to a user selection of at least one of the obfuscation options, replacing associated user content with obfuscated content that maintains a data scheme of the associated user content.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and software for data obfuscation frameworks for user applications are provided herein. An exemplary method includes providing user content to a classification service configured to process the user content to classify portions of the user content as comprising sensitive content, and receiving from the classification service indications of the user content that contains the sensitive content. The method includes presenting graphical indications in a user interface to the user application that annotate the user content as containing the sensitive content, and presenting obfuscation options in the user interface for masking the sensitive content within at least a selected portion among the user content. Responsive to a user selection of at least one of the obfuscation options, the method includes replacing associated user content with obfuscated content that maintains a data scheme of the associated user content.

31 Citations

View as Search Results

20 Claims

1. A method of providing a data obfuscation framework for a user application, the method comprising:
- providing user content to a classification service configured to process the user content to classify portions of the user content as comprising sensitive content corresponding to one or more predetermined data schemes;
  
  receiving from the classification service indications of one or more portions of the user content that contain the sensitive content;
  
  presenting graphical indications in a user interface to the user application that annotate the one or more portions of the user content as containing the sensitive content;
  
  presenting obfuscation options in the user interface for masking the sensitive content within at least a selected portion among the one or more portions of the user content; and
  
  responsive to a user selection of at least one of the obfuscation options, replacing associated user content with obfuscated content that maintains a data scheme of the associated user content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - presenting the obfuscation options as comprising a first option to mask the sensitive content within the selected portion and a second option to mask the sensitive content within the selected portion and further portions of the user content comprising further sensitive content having a similar data scheme as the selected portion.
  - 3. The method of claim 1, further comprising:
    - presenting the obfuscation options as indicating at least an example obfuscated version of target user content within the selected portion.
  - 4. The method of claim 1, wherein the graphical indications that annotate the one or more portions of the user content comprise indicators positioned proximate to the one or more portions that are selectable in the user interface to present the obfuscation options.
  - 5. The method of claim 1, wherein the obfuscated content that maintains the data scheme of the associated user content comprises symbols selected based in part on the data scheme of the associated user content to prevent identification of the associated user content while maintaining the data scheme of the associated user content.
  - 6. The method of claim 1, further comprising:
    - responsive to replacing the associated user content with the obfuscated content, providing the obfuscated content to the classification service to confirm the obfuscated content does not contain further sensitive content.
  - 7. The method of claim 1, wherein the one or more predetermined data schemes are defined by one or more regular expressions used to parse the user content to identify the portions as being indicative of one or more predetermined content patterns or one or more predetermined content types.
  - 8. The method of claim 1, wherein the one or more predetermined data schemes each comprise first portions to be obfuscated and second portions to remain non-obfuscated, the first portions to be obfuscated corresponding to locations having more than one allowed character, and the second portions to remain non-obfuscated having only one allowed character comprising a delimiter character;
    - and further comprising;
      
      identifying if a part of the first portions are designated to remain discernable for uniqueness after obfuscation, and designating the part to remain un-obfuscated.

9. A data obfuscation framework for a user application, comprising:
- one or more computer readable storage media;
  
  a processing system operatively coupled with the one or more computer readable storage media; and
  
  program instructions stored on the one or more computer readable storage media that, based at least on being read and executed by the processing system, direct the processing system to at least;
  
  provide user content to a classification service configured to process the user content to classify portions of the user content as comprising sensitive content corresponding to one or more predetermined data schemes;
  
  receive from the classification service indications of one or more portions of the user content that contain the sensitive content;
  
  present graphical indications in a user interface to the user application that annotate the one or more portions of the user content as containing the sensitive content;
  
  present obfuscation options in the user interface for masking the sensitive content within at least a selected portion among the one or more portions of the user content; and
  
  responsive to a user selection of at least one of the obfuscation options, replace associated user content with obfuscated content that maintains a data scheme of the associated user content.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The data obfuscation framework of claim 9, comprising further program instructions, based at least on being read and executed by the processing system, direct the processing system to at least:
    - present the obfuscation options as comprising a first option to mask the sensitive content within the selected portion and a second option to mask the sensitive content within the selected portion and further portions of the user content comprising further sensitive content having a similar data scheme as the selected portion.
  - 11. The data obfuscation framework of claim 9, comprising further program instructions, based at least on being read and executed by the processing system, direct the processing system to at least:
    - present the obfuscation options as indicating at least an example obfuscated version of target user content within the selected portion.
  - 12. The data obfuscation framework of claim 9, wherein the graphical indications that annotate the one or more portions of the user content comprise indicators positioned proximate to the one or more portions that are selectable in the user interface to present the obfuscation options.
  - 13. The data obfuscation framework of claim 9, wherein the obfuscated content that maintains the data scheme of the associated user content comprises symbols selected based in part on the data scheme of the associated user content to prevent identification of the associated user content while maintaining the data scheme of the associated user content.
  - 14. The data obfuscation framework of claim 9, comprising further program instructions, based at least on being read and executed by the processing system, direct the processing system to at least:
    - responsive to replacing the associated user content with the obfuscated content, provide the obfuscated content to the classification service to confirm the obfuscated content does not contain further sensitive content.
  - 15. The data obfuscation framework of claim 9, wherein the one or more predetermined data schemes are defined by one or more regular expressions used to parse the user content to identify the portions as being indicative of one or more predetermined content patterns or one or more predetermined content types.
  - 16. The data obfuscation framework of claim 9, wherein the one or more predetermined data schemes each comprise first portions to be obfuscated and second portions to remain non-obfuscated, the first portions to be obfuscated corresponding to locations having more than one allowed character, and the second portions to remain non-obfuscated having only one allowed character comprising a delimiter character;
    - and comprising further program instructions, based at least on being read and executed by the processing system, direct the processing system to at least;
      
      identify if a part of the first portions are designated to remain discernable for uniqueness after obfuscation, and designate the part to remain un-obfuscated.

17. A method of operating a user application, the method comprising:
- providing user content of a user data file to a classification service configured to process the user content to classify one or more portions of the user content as comprising sensitive content corresponding to one or more data schemes;
  
  presenting indicators in a user interface that flag the one or more portions of the user content as containing the sensitive content, wherein the indicators are positioned proximate to the one or more portions and are selectable in the user interface to present obfuscation options;
  
  responsive to selection of a first of the indicators, presenting first obfuscation options in the user interface for replacing associated sensitive content within a first portion of the user content flagged by the first of the indicators; and
  
  responsive to a user selection of at least one of the first obfuscation options, replacing the associated sensitive content with obfuscated content that maintains a data scheme of the associated sensitive content.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising:
    - presenting the first obfuscation options as comprising a first option to replace the associated sensitive content with the obfuscated content and a second option to replace the associated sensitive content and further sensitive content of the user data file having a similar data scheme as the associated sensitive content.
  - 19. The method of claim 17, wherein the obfuscated content that maintains the data scheme of the associated sensitive content comprises one or more symbols selected to prevent identification of the associated sensitive content while maintaining the data scheme of the associated user content, wherein the one or more symbols are selected based in part on the data scheme of the associated sensitive content.
  - 20. The method of claim 17, wherein the one or more data schemes each comprise first portions to be obfuscated and second portions to remain non-obfuscated, the first portions to be obfuscated corresponding to locations having more than one allowed character, and the second portions to remain non-obfuscated having only one allowed character comprising a delimiter character;
    - and further comprising;
      
      identifying if a part of the first portions are designated to remain discernable for uniqueness after obfuscation, and designating the part to remain un-obfuscated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Allen, Phillip David, Hernandez, Sara Cristina Oropeza

Granted Patent

US 10,380,355 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6254   by anonymising data, e.g. d...

G06F 3/0482   Interaction with lists of s...

G06F 40/169   Annotation, e.g. comment da...

G06F 40/205   Parsing

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 63/0428   wherein the data content is...

H04W 12/02   Protecting privacy or anony...

OBFUSCATION OF USER CONTENT IN STRUCTURED USER DATA FILES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

OBFUSCATION OF USER CONTENT IN STRUCTURED USER DATA FILES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links