Audience-based sensitive information handling for shared collaborative documents

US 9,684,798 B2
Filed: 05/01/2015
Issued: 06/20/2017
Est. Priority Date: 05/01/2015
Status: Expired due to Fees

First Claim

Patent Images

1. A system for providing audience-based redaction of sensitive information in an electronic document, comprising:

a processor;

a memory;

a module for providing audience-based redaction of sensitive information stored in the memory, executable by the processor and configured for;

receiving a request from a first user via a first computing device to create a first electronic document;

creating the first electronic document and storing the first electronic document in a document database;

based on redaction rules, automatically searching the first electronic document to identify sensitive information, the sensitive information comprising first sensitive data;

creating a first rendering of the first electronic document, wherein the sensitive information is not redacted in the first rendering of the first electronic document, the first rendering of the first electronic document identifying the sensitive information as being sensitive;

providing the first rendering of the first electronic document to the first computing device for display;

receiving a request from a second computing device to access the first electronic document stored in the document database;

retrieving the first electronic document from the document database;

identifying one or more users associated with the second computing device;

based on identifying the one or more users associated with the second computing device, determining an access level for each of the one or more users associated with the second computing device, wherein determining the access level for each of the one or more users associated with the second computing device is further based on determining a social network relationship between the first user and the one or more users associated with the second computing device;

based on determining the access level for each of the one or more users associated with the second computing device, determining a weakest access level for the one or more users associated with the second computing device;

creating a second rendering of the first electronic document, wherein the second rendering of the first electronic document is created by redacting the first sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device; and

providing the second rendering of the first electronic document to the second computing device for display.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for providing audience-based redaction of sensitive information in an electronic document may include receiving a request from a computing device to access an electronic document, retrieving the electronic document, identifying the user(s) associated with the computing device, determining an access level for each user associated with the computing device, determining the lowest access level for the user(s) associated with the computing device, generating a rendering of the electronic document for display on the computing device based on the lowest access level for the user(s) associated with the computing device, and providing the rendering of the electronic document to the computing device for display. When generating the rendering of the electronic document for display, sensitive information in the electronic document is typically redacted based on the lowest access level for the user(s) associated with the computing device.

Citations

22 Claims

1. A system for providing audience-based redaction of sensitive information in an electronic document, comprising:
- a processor;
  
  a memory;
  
  a module for providing audience-based redaction of sensitive information stored in the memory, executable by the processor and configured for;
  
  receiving a request from a first user via a first computing device to create a first electronic document;
  
  creating the first electronic document and storing the first electronic document in a document database;
  
  based on redaction rules, automatically searching the first electronic document to identify sensitive information, the sensitive information comprising first sensitive data;
  
  creating a first rendering of the first electronic document, wherein the sensitive information is not redacted in the first rendering of the first electronic document, the first rendering of the first electronic document identifying the sensitive information as being sensitive;
  
  providing the first rendering of the first electronic document to the first computing device for display;
  
  receiving a request from a second computing device to access the first electronic document stored in the document database;
  
  retrieving the first electronic document from the document database;
  
  identifying one or more users associated with the second computing device;
  
  based on identifying the one or more users associated with the second computing device, determining an access level for each of the one or more users associated with the second computing device, wherein determining the access level for each of the one or more users associated with the second computing device is further based on determining a social network relationship between the first user and the one or more users associated with the second computing device;
  
  based on determining the access level for each of the one or more users associated with the second computing device, determining a weakest access level for the one or more users associated with the second computing device;
  
  creating a second rendering of the first electronic document, wherein the second rendering of the first electronic document is created by redacting the first sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device; and
  
  providing the second rendering of the first electronic document to the second computing device for display.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein:
    - a first access level has a right to view the first sensitive data, and a second access level does not have a right to view the first sensitive data; and
      
      the weakest access level for the one or more users associated with the second computing device is the second access level.
  - 3. The system of claim 2, wherein:
    - the sensitive information of the first electronic document comprises second sensitive data;
      
      the first access level has a right to view the second sensitive data, and the second access level has a right to view the second sensitive data; and
      
      creating the second rendering of the first electronic document comprises not redacting the second sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device being the second access level.
  - 4. The system of claim 3, wherein the module is further configured for:
    - receiving a request from a third computing device to access the first electronic document;
      
      identifying one or more users associated with the third computing device;
      
      based on identifying the one or more users associated with the third computing device, determining an access level for each of the one or more users associated with the third computing device, wherein determining the access level for each of the one or more users associated with the third computing device is further based on determining a social network relationship between the first user and the one or more users associated with the third computing device;
      
      based on determining the access level for each of the one or more users associated with the third computing device, determining a weakest access level for the one or more users associated with the third computing device, the weakest access level for the one or more users associated with the third computing device being a third access level, the third access level does not have a right to view the first sensitive data or the second sensitive data;
      
      creating a third rendering of the first electronic document, wherein the third rendering of the first electronic document is created by redacting the first sensitive data and the second sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the third computing device being the third access level; and
      
      providing the third rendering of the first electronic document to the third computing device for display.
  - 5. The system of claim 2, wherein:
    - the module is further configured for, based on searching the first electronic document to identify the sensitive information, creating redaction metadata;
      
      the first electronic document comprises the redaction metadata identifying the sensitive information and required access levels; and
      
      redacting the first sensitive data from the first electronic document is further based on the redaction metadata.
  - 6. The system of claim 5, wherein the module is further configured for:
    - receiving an edit to the first electronic document from the first user via the first computing device;
      
      based on receiving the edit, automatically searching the first electronic document to identify changes to the sensitive information;
      
      based on identifying changes to the sensitive information, updating the redaction metadata and updating the first rendering and second rendering of the first electronic document.
  - 7. The system of claim 5, wherein the first rendering of the first electronic document comprises an overlay displaying how the first sensitive data would be rendered based on the first access level and the second access level.
  - 8. The system of claim 5, wherein the module is further configured for:
    - receiving a request from the first user to render the first electronic document based on the second access level; and
      
      based on receiving the request from the first user to render the first electronic document based on the second access level, updating the first rendering of the first electronic document to redact the first sensitive data from the first electronic document.
  - 9. The system of claim 5, wherein the module is further configured for:
    - receiving an edit to the redacted first sensitive data of the first electronic document from the second computing device;
      
      based on receiving the edit, updating the redaction metadata to preserve the first sensitive data; and
      
      updating the first rendering and second rendering of the first electronic document based on the edit to the redacted first sensitive data.
  - 10. The system of claim 2, wherein the module is further configured for:
    - determining that the weakest access level for the one or more users associated with the second computing device has changed; and
      
      based on determining that the weakest access level for the one or more users associated with the second computing device has changed, updating the second rendering of the first electronic document.
  - 11. The system of claim 1, wherein the one or more users associated with the second computing device comprise a plurality of users.

12. A computer program product for providing audience-based redaction of sensitive information in an electronic document comprising a non-transitory computer-readable storage medium having computer-executable instructions for:
- receiving a request from a first user via a first computing device to create a first electronic document;
  
  creating the first electronic document and storing the first electronic document in a document database;
  
  based on redaction rules, automatically searching the first electronic document to identify sensitive information, the sensitive information comprising first sensitive data;
  
  creating a first rendering of the first electronic document, wherein the sensitive information is not redacted in the first rendering of the first electronic document, the first rendering of the first electronic document identifying the sensitive information as being sensitive;
  
  providing the first rendering of the first electronic document to the first computing device for display;
  
  receiving a request from a second computing device to access the first electronic document stored in the document database;
  
  retrieving the first electronic document from the document database;
  
  identifying one or more users associated with the second computing device;
  
  based on identifying the one or more users associated with the second computing device, determining an access level for each of the one or more users associated with the second computing device, wherein determining the access level for each of the one or more users associated with the second computing device is further based on determining a social network relationship between the first user and the one or more users associated with the second computing device;
  
  based on determining the access level for each of the one or more users associated with the second computing device, determining a weakest access level for the one or more users associated with the second computing device;
  
  creating a second rendering of the first electronic document, wherein the second rendering of the first electronic document is created by redacting the first sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device; and
  
  providing the second rendering of the first electronic document to the second computing device for display.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The computer program product of claim 12, wherein:
    - a first access level has a right to view the first sensitive data, and a second access level does not have a right to view the first sensitive data; and
      
      the weakest access level for the one or more users associated with the second computing device is the second access level.
  - 14. The computer program product of claim 13, wherein:
    - the sensitive information of the first electronic document comprises second sensitive data;
      
      the first access level has a right to view the second sensitive data, and the second access level has a right to view the second sensitive data; and
      
      creating the second rendering of the first electronic document comprises not redacting the second sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the second computing device being the second access level.
  - 15. The computer program product of claim 14, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving a request from a third computing device to access the first electronic document;
      
      identifying one or more users associated with the third computing device;
      
      based on identifying the one or more users associated with the third computing device, determining an access level for each of the one or more users associated with the third computing device, wherein determining the access level for each of the one or more users associated with the third computing device is further based on determining a social network relationship between the first user and the one or more users associated with the third computing device;
      
      based on determining the access level for each of the one or more users associated with the third computing device, determining a weakest access level for the one or more users associated with the third computing device, the weakest access level for the one or more users associated with the third computing device being a third access level, the third access level does not have a right to view the first sensitive data or the second sensitive data;
      
      creating a third rendering of the first electronic document, wherein the third rendering of the first electronic document is created by redacting the first sensitive data and the second sensitive data from the first electronic document based on the weakest access level for the one or more users associated with the third computing device being the third access level; and
      
      providing the third rendering of the first electronic document to the sec-end third computing device for display.
  - 16. The computer program product of claim 13, wherein:
    - the non-transitory computer-readable storage medium has computer-executable instructions for, based on searching the first electronic document to identify the sensitive information, creating redaction metadata;
      
      the first electronic document comprises the redaction metadata identifying the sensitive information and required access levels; and
      
      redacting the first sensitive data from the first electronic document is further based on the redaction metadata.
  - 17. The computer program product of claim 16, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving an edit to the first electronic document from the first user via the first computing device;
      
      based on receiving the edit, automatically searching the first electronic document to identify changes to the sensitive information;
      
      based on identifying changes to the sensitive information, updating the redaction metadata and updating the first rendering and second rendering of the first electronic document.
  - 18. The computer program product of claim 16, wherein the first rendering of the first electronic document comprises an overlay displaying how the first sensitive data would be rendered based on the first access level and the second access level.
  - 19. The computer program product of claim 16, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving a request from the first user to render the first electronic document based on the second access level; and
      
      based on receiving the request from the first user to render the first electronic document based on the second access level, updating the first rendering of the first electronic document to redact the first sensitive data from the first electronic document.
  - 20. The computer program product of claim 16, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - receiving an edit to the redacted first sensitive data of the first electronic document from the second computing device;
      
      based on receiving the edit, updating the redaction metadata to preserve the first sensitive data; and
      
      updating the first rendering and second rendering of the first electronic document based on the edit to the redacted first sensitive data.
  - 21. The computer program product of claim 13, wherein the non-transitory computer-readable storage medium has computer-executable instructions for:
    - determining that the weakest access level for the one or more users associated with the second computing device has changed; and
      
      based on determining that the weakest access level for the one or more users associated with the second computing device has changed, updating the second rendering of the first electronic document.
  - 22. The computer program product of claim 12, wherein the one or more users associated with the second computing device comprise a plurality of users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Bhogal, Kulvir S., Hoy, Jeffrey R., Silva, Asima, Brunn, Jonathan F.
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US14/702,200
Publication Number

US 20160321462A1
Time in Patent Office

781 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 16/3331   Query processing

G06F 16/93   Document management systems

G06F 21/6209   to a single file or object,...

G06F 21/6254   by anonymising data, e.g. d...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 40/166   Editing, e.g. inserting or ...

Audience-based sensitive information handling for shared collaborative documents

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Audience-based sensitive information handling for shared collaborative documents

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links