Xerox researchers work on selective encryption

Xerox researchers work on selective encryption


New technology blocks access to [redacted] data

Researchers at Xerox's Palo Alto Research Center (Parc) have demonstrated new software designed to increase speed and accuracy when removing sensitive or confidential material from documents.

The 'Intelligent Redaction' software automates the process of removing confidential information from any document.

Once users have identified the information they want to protect, the software automatically redacts all references to this information throughout the document.

The same information can also be automatically redacted if it appears in other documents, helping to ensure a consistent level of security as well as saving time and increasing redaction accuracy.

"The tools available today cannot provide sufficient content analysis and security because it is difficult to determine what is sensitive," said Jessica Staddon, manager of the security research area at Parc.

"In a large organisation the level of sensitivity changes depending on the person accessing the document. The sheer numbers of documents to be tracked and sorted further complicates the problem."

Most documents containing classified information are protected by encrypting the entire document. Xerox's new software attempts to understand document context so that it can perform partial encryption.

This means that only sensitive sections or paragraphs are encrypted, while the rest of the document is not.

The Intelligent Redaction software also displays or hides restricted portions of the document so that it appears differently to different people without the need to manage several versions of the same data.

The software automates the process of removing confidential information in three steps.

The first is to analyse the content of the document and identify entities of interest such as the names of people or companies, topics, addresses and ID numbers and the relationships between them such as two people living at the same address.

The next step is for the author to review the document, highlight entities of interest and trace the relationship between the entities.

This simplifies the task of finding all sensitive information in a document and reduces the risk of missing anything sensitive.

Finally, the software allows for selective encryption or redaction of sensitive sections of the document.

Xerox said that the system is still in development, but that researchers hope to help address the growing problem of protecting sensitive data, particularly in financial services which depend heavily on easy access to digital documentation.