This is one of those things that might give you a warm fussy about your security, but in actuality turn out insanely difficult to implement and to do very little to keep the hard core hackers out. How can text recognition program secure things client side like any combination of numbers formatted as a social security number or block an entire paragraph because it contains information on financials?
Plus, even if it could do that somehow, people are smarter then machines, we can figure out what is being said by context. If I describe the intricate details of a sexual harassment suit against an employee, what protection will blocking the names have if the victim is a co-worker I know?
This just seems fishy. Does anyone else have experience with similar technology or see a need for this?
IBM introduces data-masking technology
Summary
IBM has released proof-of-concept technology designed to protect sensitive data used in industries such as healthcare without the need to modify existing applications.
Topics
IBM has released proof-of-concept technology designed to protect sensitive data used in industries such as healthcare without the need to modify existing applications.
Masking Gateway for Enterprises (Magen), unveiled on Thursday, is designed to catch protected data before it reaches users' screens, IBM said. The technology, which runs on a server installed alongside existing server and client applications, was developed at IBM's Haifa research laboratory and takes its name from the Hebrew word for 'protection' or 'shield'.
Magen treats a screen of information as a picture and uses optical character recognition to identify the parts that an administrator has identified as confidential, IBM said. The software then places a mask over the details that need to remain hidden, without ever copying, changing or processing the data itself.
It is designed for cases when information needs to be shared either internally or externally, for example to outsourcing organizations or marketers.
"Magen provides a common solution for all applications, regardless of their operating system and communication protocols," said Tamar Domany, project leader at IBM's Haifa lab, in a statement. "The solution is completely generic and can be used with any data, any application, and for different levels of authorization."
Existing data-masking technologies generally make copies of the data with the protected elements masked, according to IBM, but this process of copying creates more data that needs to be kept secure. Magen is designed to eliminate the need to make such copies by masking protected information on the fly.
"Using optical character recognition technology and predefined configurations enables us to provide masking without changing the client applications," Domany said.
The system can be quickly adapted by the administrator to respond to the introduction of new privacy regulations or new types of users, IBM said. The company has applied for patents on the word-scrambling and image-manipulation techniques used in Magen.
Magen competes with data-masking software from rival companies such as DataGuise and Oracle.
This article was originally posted on ZDNet UK.
Talkback Most Recent of 2 Talkback(s)
-
Socratesfoot14th Jul 2009 -
RE: IBM introduces data-masking technology
but the protected data can still be copied out, and viewed on another system where the Magen server isn't running ?
drstrangelove15th Jul 2009
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Facebook Activity
