FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See Section 10 and Rule 13)
Title of invention:
METHOD AND SYSTEM FACILITAING SELECTIVE PRIVACY OF DATA OBJECTS SHARED IN A COMPUTING ENVIRONMENT
Applicant
TATA Consultancy Services Limited A Company Incorporated in India under The Companies Act, 1956
Having address:
Nirmal Building, 9th Floor,
Nariman Point, Mumbai 400021.
Maharashtra, India
The following specification particularly describes the invention and the manner in which it is to be performer

FIELD OF THE INVENTION
The present subject matter described herein relates to a method and system for facilitating privacy of data objects in computing environment, and more particularly, relates to the method and the system for achieving a tradeoff between utility and privacy while sharing of data objects in computer networking.
BACKGROUND OF THE INVENTION
Data sharing has reached a next level along with the development in computing resources. Online Social Network (OSN) serves as a huge platform for data sharing. This best followed mode of data sharing is not just attractive, but it also involves lot of security concerns due to limited privacy protection rights which one have while sharing the data. Hence, privacy of data in online social networks is a taxing issue which needs to be addressed with perseverance. The current online social networks cater to billions of users with different privacy needs.
Most of the current online social network activates the least restrictive privacy settings for the data to be shared. As the privacy needs may vary from user to user, the activation of the least restrictive privacy settings may not be acceptable to all the users, leading to a conflict concerning the privacy settings to be applied to the data to be shared. Thus, there is a need to achieve a fine granular trade-off between utility of one user and privacy of another user.
In a general situation concerning the privacy of images, the identity of the user may be revealed not only by the actual visuals of the image but also by the description of the image or show-off of a particular's personal belongings which are well known in general and are sufficient to disclose his identity without asking for his consent. In order to achieve a fine tradeoff, the privacy settings need to be applied to such descriptions and other identity revealing parameters or sub-sections as well.
Moreover, no such solution has been proposed which may address conflict resolution where data is shared through a group or individual and there is no direct connection of

an interested person but still a small part or section or portion of that data may reveal identity of an interested party without their prior concern. Such type of issues is still not resolved and is a challenge.
The solutions which are known so far provide either limited or no setting to the interested party where there is no direct relation but there is a loss of privacy. Even if some solutions are there, the rules are not defined or they are so complex that they are not so user friendly. The existing prior arts showcase a method for applying privacy settings to an entire image and treat an image as a single entity. Examples of such methods include masking, image carving etc. To achieve a fine tradeoff between utility and privacy there is a need to apply different privacy settings to a single image.
Thus, there is a need to device a system and method for achieving fine granular trade-off between utility and privacy by applying different privacy settings to different parts of the image.
SUMMARY OF THE INVENTION
The present invention provides a system facilitating selective privacy settings of data objects in a computing environment. The system comprises of an identification module configured to run one or more predefined methods of identifying joint users of the data object shared by a user in a social network and an authorization module configured to allow one or more joint users to recommend privacy settings over one or more sections of said data object. The system further comprises of a processor configured to determine a final section of the data object to be protected for one or more joint user and to create one or more protected version of said data object for each joint user. The processor further comprises of a calculating module configured to calculate a point for each of the joint user recommending the privacy settings with respect to one or more section of the data object, such that the privacy settings are recommended according to pre-defined rules and a selection tool configured to select the final section to be protected for at least one joint user based on the points thus calculated. The system further comprises of a development tool to reconfigure the data object by applying one or more protection

methods and displaying the protected version of the data object, such that the protected version of the data object contains the privacy protection settings recommended by one or more respective joint users.
The present invention also provides a method facilitating selective privacy of data objects in a computing environment. The method comprises of steps of identifying one or more joint users of the data object by one or more predefined methods, the data object shared by a user in a social network and authorizing one or more joint user to recommend privacy protection settings over one or more section of said data object. The method further comprises of steps of processing the data object in order to determine a final section of the data object to be protected for one or more joint user and creating one or more protected version of said data object for each joint user. The processing further comprises of steps of calculating a point for each of the joint user recommending the privacy settings with respect to one or more section of the data object, such that the privacy settings are recommended according to pre-defined rules and selecting the final section to be protected for at least one joint user based on the points thus calculated. The method further comprises of steps of reconfiguring the data object by applying one or more protection method and displaying the protected version of the data object, such that the protected version of the data object contains the privacy protection settings recommended by one or more respective joint users.
OBJECTS OF THE INVENTION
It is the primary object of the invention to provide a system and method for facilitating selective privacy of data objects in a computing environment.
It is the other object of the invention to provide a system and method for identifying one or more joint users of the data object by one or more predefined methods.
It is the other object of the invention to process the data object in order to determine a final section of the data object to be protected for one or more joint user.

It is yet another object of the invention to provide one or more mechanisms for resolving conflicts amongst the users or joint users identified in the uploaded data while sharing.
It is yet another object of the invention to create one or more protected version of said data object for each joint user.
BRIEF DESCRIPTION OF DRAWINGS
Figure 1 illustrates the architecture of a system facilitating selective privacy of data objects in a computing environment in accordance with an embodiment of the invention.
Figure 2 illustrates a method of establishing co-ownership of upload images in accordance with an exemplary embodiment of the invention.
Figure 3 illustrates data object (image) - privacy using response modification in accordance with an exemplary embodiment of the invention.
Figure 4 illustrates data object (image) - privacy using query modification in accordance with an exemplary embodiment of the invention.
Figure 5 illustrates data object (image) - privacy using response modification with caching in accordance with an exemplary embodiment of the invention.
Figure 6 illustrates a storage optimizer as one of the possible caching strategy in accordance with an exemplary embodiment of the invention.
Figure 7(a) illustrates a method for facilitating selective privacy of an image in accordance with an exemplary embodiment of the invention.
Figure 7(b) illustrates output of a method for facilitating selective privacy of an image in accordance with an exemplary embodiment of the invention.
DETAILED DESCRIPTION
Some embodiments of this invention, illustrating its features, will now be discussed:

The words "comprising", "having", "containing", and "including", and other forms thereof, are intended to be equivalent in meaning and be open ended in that an item or items following any one of these words is not meant to be an exhaustive listing of such item or items, or meant to be limited to only the listed item or items.
It must also be noted that as used herein and in the appended claims, the singular forms "a", "an", and "the" include plural references unless the context clearly dictates otherwise. Although any systems, methods, apparatuses, and devices similar or equivalent to those described herein can be used in the practice or testing of embodiments of the present invention, the preferred, systems and parts are now'' described. In the following description for the purpose of explanation and understanding reference has been made to numerous embodiments for which the intent is not to limit the scope of the invention.
One or more components of the invention are described as module for the understanding of the specification. For example, a module may include self-contained component in a hardware circuit comprising of logical gate, semiconductor device, integrated circuits or any other discrete component. The module may also be a part of any software programme executed by any hardware entity for example processor. The implementation of module as a software programme may include a set of logical instructions to be executed by the processor or any other hardware entity. Further a module may be incorporated with the set of instructions or a programme by means of an interface.
The disclosed embodiments are merely exemplary of the invention, which may be embodied in various forms.
The present invention relates to a system and a method to facilitate selective privacy of data objects in a computing environment. In the first step, one or more joint users of a data object are identified. Further, the joint users are authorized to recommend privacy protection settings over one or more section of said data object. In the next step, the data object is processed in order to determine a final section of the data object to be protected for one or more joint user. Also, one or more protected versions of said data object are

created for each user. In the last step, the data object is reconfigured by applying one or more protection method and displaying the same, such that the protected version of the data object contains the privacy protection settings as recommended by one or more respective joint users.
In accordance with an embodiment, referring to figure 1, the system (100) comprises of an identification module (102) configured to run or implement one or more predefined methods of identifying joint users of the data object shared by a user in a computing environment where the data objects are shared amongst plurality of users. The system (100) further comprises of an authorization module (104) configured to allow one or more joint users to recommend privacy settings over one or more sections of said data object. The system (100) further comprises of a processor (106) configured to determine a final section of the data object to be protected for one or more joint user and to create one or more protected version of said data object for each joint user. The processor (106) further comprises of a calculating module (108) and a selection tool (110). The system (100) further comprises of a development tool (112) configured to reconfigure the data object by applying one or more protection methods.
In accordance with an embodiment, still referring to figure 1, the system (100) comprises of an identification module (102) which is configured to run and/or implement one or more predefined methods of identifying joint users of the data object shared by a user in a social network. By way of a specific example, the data object may include but is not limited to an image data, a part of image data, a text data or a combination thereof.
The identification module (102) further comprises of a tagging module (not shown in the figure) which is configured to perform an automatic face tagging or to support an activity of manual tagging. In most of the cases, a person or a group of persons uploading the data becomes the owner of that uploaded data. Most of the authorities are dependent on this fact of data uploading. The present invention provides an advantage to other users who may have some direct or indirect relation in that shared data. Also, the

system of present invention provides some rights to those indirect users so that they may also protect their identity revealing parameters.
Referring to figure 2, the tagging module performs the tagging operation after the data object is uploaded in a computing environment by medium of a social networking platform, in the ways which are merely exemplary and the intent is not to limit the scope of the invention:
1. Owner Driven:
In this method the user who uploads the data object identifies or nominates the joint users of the data object (step 1).
1. Automated Face Tagging:
According to step 2, an image database stores all the data associated with an image or other data thus shared by the image owner. In this method a pre-defined section of the data object is compared with database of tagged data objects in order to recognize the identity of the data object. By way of a specific example, online social networks (OSN) like facebook have put in place highly accurate methods to identify within an image, regions that may contain a face. The methods that compare a given face, with database of tagged facial images, in order to recognize the identity of the given face are employed. Thus one way of identifying joint users is to discover the region containing faces in an image, followed by recognizing the identity of the faces, by comparing these regions with an evolving OSN test database, which consists of tagged-identified facial regions in all the images previously uploaded on the OSN. On account complexity, one may choose to limit the scope of comparison to images within a certain neighborhood of the uploaded, e.g. friends, or friend of friends etc.
3. Manual Face Tagging with Automated Signatures:
In another embodiment of the invention joint ownership of the data object is established by making a limited release of the data object, where initially the data

object uploader access rules are applied. By way of a specific example, one robust method of establishing co-ownership is to make a limited release of the image, where initially the image uploader access rules are applied, (e.g. all friends and friend of friends can see the entire image.) Anybody who can see the image can tag the face with identities of any OSN member. Initially a tag will be temporary; however, a temporarily tagged face is compared with a previously uploaded facial image of the tagged OSN member, to reaffirm the correctness of the temporary tag. Upon a successful reaffirmation, the tag is made permanent and the OSN member is made a joint user or a co-owner.
The identification module (102) further comprises of a mapping module (not shown in the figure) which is configured to map keywords with those stored in a database and to search and develop a relationship amongst the data object and the joint user. In a preferred embodiment of the invention the mapping module supports the identified joint user to list named entities to determine a relationship between the data object and the joint user. That list could be customized by selecting or manually entering options and always provides an opportunity to the joint user to add any particular information which may reveal his identity. The default entities stored in the database includes but is not limited to username, threshold on list size, points deducted proportional to list size. The default entities cannot include the username of other joint users of the identified data object.
The identification module (102) further comprises of a validation module (not shown in the figure) which is configured to validate the joint users identified by the identification module (102). The validation module uses techniques which may include but is not limited to face recognition to validate the joint users or co-owners named by the user. In a specific scenario, the validation of the joint users is essential to guard against friends of the user being artificially made co-owners, so that, the points of these co-owners may be used to block any bids or rights with respect to privacy. Furthermore, the system (100) may discover co-owners that the user has not explicitly identified. The user does

not have an option of rejecting system (100) in identifying the co-owners by using the list and mapping the information disclosed in the shared data with any of the entity present in the list
The system (100) further comprises of an authorization module (104) which is configured to allow one or more joint users to recommend privacy settings over one or more sections of said data object. One or more section of data object may include but is not limited to face of the joint user, any identity revealing parameter of the joint user etc.
The system (100) further comprises of a processor (106) which is configured to determine a final section of the data object to be protected for one or more joint user and to create one or more protected version of said data object for each joint user while sharing the data especially in a case of social networking.
The processor (106) further comprises of a calculating module (108) which is configured to calculate a point for each of the joint user recommending the privacy settings with respect to one or more section of the data object, such that the privacy settings are recommended according to pre-defined rules. By way of a specific example, the predefined masking rules may simply point to an of a masked image in the Images Table or provide instructions to create the masked image from multiple images. In an alternative method, instructions create the masked image by processing the original image in real time.
The processor (106) also comprises of a selection tool (110) which is configured to select the final section to be protected for at least one joint user based on the points thus calculated.
By way of a specific example, in an exemplary case, where the section of the data object claimed by multiple users is overlapping, a conflict may arise. As a first step in resolving this conflict a rule that an OSN member cannot claim the section of the data object associated with a face of another OSN member, (or more generally the region associated with any face other than his own.) is enforced. The conflict resolution may be

implemented by exemplary ways for which the intent is not to limit the scope of invention:
1. Random Referee:
The conflict resolution module (not shown in the figure) is configured to select a moderator from a list of users in a database for further selecting the final section in case when the score of one joint user is equal to other recommending privacy settings for a similar section of the data object. By way of specific example, the selection may be automatically done by the system by identifying most common name in friends list of all users claiming their right over the shared data. It may also start an automatic voting mechanism where all the users claiming their right may vote and name with higher votes will be finalized as the moderator.
2. Section Bidding with Intra-image Currency:
The notion of virtual currency in order to start an automatic mechanism of bidding is created. The processor by way of embedded algorithm runs said
automatic bidding where each co-owner is provided with wealth equal to the user then bids this wealth uniformly over the region he/she chooses., i.e. if a user has chosen a region with P pixels, then the total value bid for each pixel is
Once the bidding is completed depending on their access preferences, each users bid will be for or against masking a pixel. A pixel is masked if the sum of wealth bid in favor of masking is greater than that bid against masking.
3. Section Bidding with Currency Credit:

The notion of virtual currency is limited to a single image. However, this concept can be generalized by letting an OSN member take credit for not utilizing all his wealth in an image. The developed credit can then be utilized to bid in favor of masking in other images. However, a credit to bid against masking is not allowed.
If a co-owner does not bid within a stipulated time then it is assumed that the co-owner has no masking or utility requirements. This stipulated time may be in a range and will the system may also send one or more reminders to the Co-owners (joint users) having a right to bid, that their opportunity to bid will end after this stipulated time. User name and sensitive named entities have been already listed by the mapping module to establish relationship amongst the user and any data object. By way of a specific example, relationship can be established between a joint user and a scrap (which may include a text matter). Points are deducted at a fixed rate up to a cap for owning a scrap. Points are spread evenly on all pixels, and are used to resolve conflicts. Discounting can be provided to the joint users on sections of the data object corresponding to their faces. Points are deducted from the database for all the bids placed by the joint users for a section of the data object. The total points available to be bid on the data object are capped. In the final step executed by the processor (106), the joint users are indicated the results of the bids. The processor (106) further comprising of a comparator (not shown in the figure) is configured to compare the score of joint users with each other, thereby recommending privacy settings for the similar section and selecting higher score for selecting the final section of the data object.
Still referring to figure 1, the system (100) further comprises of a development tool (112) which is configured to reconfigure the data object by applying one or more protection methods and displaying the protected version of the data object, such that the protected version of the data object contains the privacy protection settings recommended by one or more respective joint users.

The development tool (112) further comprises of a morphing module, a masking module, a seam carving module or a combination thereof. By way of a specific example, the joint user of (he data object chooses to opt for any one of the below meatloaed strategies for reconfiguring the data object.
1. Face Masking: Once the section of the face has been identified the section can
be masked by:
a. In painting the region by black or any other color.
b. Morphing the face into another face or the OSN could maintain a large set of
synthetic faces, or faces of celebrities, that could be randomly chosen as
candidates as a target for model based morphing.
2. Generic Region Masking: There could be instances in which the user identity
can be revealed by the entities such as clothing, the License plate number on a
motorbike, a wrist watch etc., and such entities being listed by the mapping
module in the database. In such circumstances the joint user would desire to
mask regions other than only those that correspond to his/her face. In such an
instance, a marking/highlighting tool is provided which the joint user can utilize
to claim a certain part of the data object as his own for sole ownership.
The development tool (112) further comprises of a storage module which is configured to store the masked images and create one or more masked images in real time. Upon choosing the masking style by the joint user for reconfiguring the data object, a distinct version of the data object is created for the needs of each joint user. The reconfigured image can also be stored in the database. The reconfigured data objects can be pre-stored in the storage module or they can be created in real-time.
In order to describe the privacy protection settings implemented by the development tool (112), let be the social graph representing the user connections. Consider an
Image I and let be the set of co-owner for the image. For a co-ownerlet
be the set of OSN members that have been granted access control to the

image by0j.1. Furthermore, let Im, such that be the image obtained by applying
the mask corresponding to each of the co-owner Ot Є Im. Therefore when a OSN member u requests (queries) for an imaged the member is able to retrieve an image IQ, where
i.e. Q is a set of co-owners who do not want to reveal their image content to the OSN member u.
The reconfiguration process can be implemented by exemplary ways as discussed below for which the intent is not to limit the scope of the invention:
1. Response Modification:
Error! Reference source not found, describes a system where an image query is described by a search for a unique in the storage module containing all the images in an OSN. There will be a consumer id and an owner id in order to enable the masking by different users sharing some rights in the image thus uploaded. The unmodified response from the storage module provides the unmasked image that had been uploaded to the OSN, along with a list of the joint users associated with that image. The original image is then modified progressively, depending on whether or not the joint user permits access to the user that has requested for that image. Different co-owners (Col_id, Co2_id etc) may apply different privacy settings (based on their limited authority of doing so) for masking the images. Finally the masked image is presented as a modified response.
The above description of the system does not give any importance to the order in which the masks associated with each co-owner are applied. The order of masking does not matter if the individual mask is commutative, i.e. irrespective of the order the masks are applied, finally the composite masked image is going to look identical. Example of a commutative masking methodology would be "Face Masking" where only each user's face is in painted. Specifically, any in painting like technique would be commutative if the

section of the image owned by all the joint users is disjoint. Seam carving based masking is an example where the commutativity may not be valid, and the precise order in which people are carved out will dictate the distortion in the final image. Hence, in certain cases the mask may have to be applied in consolidated fashion. For example, in seam carving, the union of sections which are exclusively owned by members that wish to grant access to query can be set to highest importance. Meanwhile the unions of regions which are exclusively owned by members who do not wish to provide access to a query are set to the lowest priority.
2. Query Modification:
The response modification system described above can lead to significant computational complexity. Each time an image is queried the masks may have to be explicitly calculated. An alternative is to pre-calculate all possible masked versions of an image and store all the images along with originals in the storage module. Figure 4 illustrates such a system where user of an image uploads it and accordingly an image query is executed by using an imagejd. A co-ownership table (402) will store names of all the co-owners thus sharing some right in image. The image is then processed for query modification in order to provide pre-masked images. Later, there will be a separate image database where all the masked images will be stored and accordingly the masked images will be displayed as per the privacy settings of co-owners,
3. Response Modification with Caching:
The query modification approach described above leads to 2|o,| masked possibilities for each image. In images containing many people, such an approach can lead to significant increase in storage. Hence, it is possible to adopt a mixture of the query and response modification approaches. Specifically, one can pre-calculate the masked version of images which are frequently accessed, or pre-calculate only the frequently utilized masked version of an image. Figure 5

illustrates such a system where the names of joint users are stored in co-ownership table and masked images are stored in the image database. Pre-masked subset of images will be there in order to support masking by joint users to further provide response modification with caching.
In an alternate embodiment of the invention, the data object can be reconfigured by implementing a caching strategy using a sub-module storage optimizer. By way of a specific example, the input to the storage optimizer is the set of masked images for all co-owners and the output is a subset of images and instructions for each owner to recreate respective masked images from this subset. The masked image with the smallest size is considered the base-image. The base image is stored as is. Let this image be denoted as Image - 1. All the images are divided into macroblocks, and the image that has the highest predictability from the base image is identified, Image-2. An image A's predictive power for an Image B can be measured by the number of macroblocks in Image B that have an exact match somewhere within A. An enhancement layer is created which includes the bit-syntax as well as the residue information to create the lmage-2 from Image-1. The process is repeated for the remaining images once with Image-1 as the base image and next with Image-2 as the base. The most predictive combination is chosen and a new enhancement layer is created. This process is repeated. Thus any masked image can be recreated with the base image and subset of the enhancement layers. Once the data objects are reconfigured, and the protected versions of a particular data object containing the privacy protection settings of the respective joint user, then only those versions are displayed when they are shared by multiple or individual user.
BEST MODE/EXAMPLE FOR WORKING OF THE INVENTION
The system and method illustrated to facilitate selective privacy settings of data objects in a computing environment may be illustrated by working example stated in the following paragraph; the process is not restricted to the said example only.

Example 1:
Consider a hypothetical scenario where 'A' and 'B' are friends on Facebook (FB). 'A' is bit privacy conscious and prefers that the photos that he has been tagged in are not revealed to anybody other than his friends. 'B' on the other hand has set the access control of his photos to 'everybody'. An image that 'B: uploaded can be accessed easily despite 'A' being tagged in it. Thus the least restrictive of the rules that applies to a particular photograph.
In the considered case the most restrictive rule is implied by 'AV settings, which does not allow a user any access to the photograph. However, such restrictive access control comes at the cost of 'BV user experience. 'B! has knowingly set his setting to 'everybody' since he enjoys the social feedback that a photo may instigate. For example, the objective maybe to just advertise that he had a good time with 'C\ The present invention relates to a system and method which solves this paradox.
The major steps involved in the method implemented are:
1. Image upload
2. Identifying the co-owners of the image (identification module (102))
3. Choosing and agreeing on masks (Processor (106))
4. Consolidating and executing the masks.
The entities involved are:
1. Supplier: Responsible for image upload
2. Co-owners: People whose privacy may get violated by the image
3. System (100)
4. Consumer: Person/Friend interested in viewing the image
5. Friend: Assist in identifying co-owners and resolving conflicts

Supplier is responsible for uploading the image, identifying the co-owners of the image (through identification module) and accepts co-owners validated by the validation module.
Co-owner accepts co-ownership, markups and places bid for the region considered private, markups and places bid for region considered useful (through calculating module), manage access rights for Friends and others (Group rights), chooses the masking strategy for regions that are lost and list named entities to determine scrap sensitivity.
The system (100) indicates to the co-owner which regions have been won by other and hence will get masked for some of his friends. The co-owner chooses the masking style, e.g. seam carving, face replacement etc.
Consumer (604) queries for an image or scrap which is initiated by clicking on the thumbnail/link. Also, a consumer tags co-owner in an image.
System Flow:
Referring to figure 6. upon an image upload, the 'Images Table (602)' is updated to index the image (storage module). Further, points are awarded to the supplier for the upload, and 'User Table' is updated and privacy credit is awarded to the supplier for identifying co-owners. Further, the co-ownership table (606) is updated with .
Some points are also awarded to all co-owners for presence in an image. For example, in some cases the co-owner may be an account held by a corporation such. In such a scenario multiple identities and hence faces may map to a single co-owner. These identities could of the key people in the corporation. The system (100) description also applies to such a scenario.
In the next step, upon bidding by all co-owners points are spread evenly on all pixels, and are used are to resolve conflicts. Discounting can be provided to co-owners on

regions corresponding to their faces. Points are deducted from the User Table for all the bids. The total points available to be bid on picture are capped and the co-owner are indicated the results of the bids.
In the final step, upon co-owners choosing the masking style, a distinct masked image is created by the masked image creator (608) for the needs of each co-owner. In an extreme case, each of the masked images can be added to the images Table.
In the 'Co-ownership Table' there is column for masking rules. The masking rules may simply point to an of a masked image in the Images Table or provide instructions to create the masked image from multiple images. In an extreme case, instructions create the masked image by processing the original image in real time.
Example 2:
Consider a hypothetical scenario where Fardeen, Govinda. and Tushar are friends on Facebook (FB). Govinda and Tushar are bit privacy conscious and prefer that the photos that they have been tagged in are not revealed to anybody other than their friends. Fardeen on the other hand has set the access control of his photos to 'everybody'. An image that Fardeen has uploaded can be accessed easily despite Govinda and Tushar being tagged in it. Thus the least restrictive of the rules applies to a particular photograph.
In the considered case the most restrictive rule is implied by Tushar's and Govinda's settings, which does not allow a user any access to the photograph. However, such restrictive access control comes at the cost of Fardeen's user experience. The present invention relates to a system and method which solves this paradox.
Referring to figure 7(a), let us consider that Fardeen had uploaded an image on facebook which shows Fardeen, Govinda and Tushar sitting on steps (Step 701). In the next step Fardeen is awarded 100 points for uploading the image (702). Further, Govinda and Tushar are identified as the co-owners (joint-users) of the image (703). In the next step (704), Fardeen validates the identity of Govinda and Tushar as co-owners. In the next

steps, 705 and 706 Govinda and Tushar are awarded 50 points for being co-owners of the image uploaded. Further. Fardeen, Govinda and Tushar specify their masking or utility demands. In step 707. Fardeen specifies his utility demand for the whole image being visible to 'everybody'. In the next step 708, Tushar specifies his masking demand for masking his entire body when the image is accessed by anyone other than his friends. Similarly, in the next step 709, Govinda specifies his masking demand for masking his entire body when the image is accessed by anyone other than his friends. At the same time, points are bid by all the co-owners for each pixel while specifying their masking or utility demands. In the next step. 710, 711 and 712 Fardeen, Govinda and Tushar choose their respective masking style according to the bidding results. Further, a distinct masked image is created for each co-owner. In this particular scenario, step 713 describes a distinct image (Carve Tushar replace Govinda's face) which is created when a user who is only Fardeen's friend accesses the image. The next step, 714 describes a distinct image (Carve Tushar) which is created when a user who is only Govinda's friend accesses the image. Similarly, step 715 describes a distinct image (Carve Govinda) which is created when a user who is only Tushar's friend accesses the image.
Part I of the figure 7(b) depicts the overall utility won by Fardeen in the conflict resolution process implemented by the system (100).
Part II of the figure 7(b) shows an exemplary scenario of the social graph on facebook.
Referring to the figure 7(a) and figure 7(b), if a user 'X' who is only Fardeen's friend accesses the image, then the image will display only Fardeen and morphed face of Govinda. Further, if a user 'T' who is only Govinda's friend accesses the image, then the image will display only Fardeen and Govinda. Similarly, if the image is requested by a user 'Y' who is only Tushar's friend, then the image will showcase Fardeen, Morphed Face of Govinda and Tushar. Also, in an exemplary scenario in which a user 'Z' who is friends with both Govinda and Tushar accesses the image then the image originally uploaded will be displayed.

WE CLAIM;
1. A method facilitating selective privacy of data objects in a computing
environment, the method comprising steps of:
identifying one or more joint users of the data object by one or more predefined methods, the data object shared by a user in a social network; authorizing one or more joint user to recommend privacy protection settings over one or more section of said data object;
processing the data object in order to determine a final section of the data object to be protected for one or more joint user and creating one or more protected version of said data object for each joint user, the processing further comprising: calculating a point for each of the joint user recommending the privacy settings with respect to one or more section of the data object, such that the privacy settings are recommended according to pre-defined rules; selecting the final section to be protected for at least one joint user based on the points thus calculated; and
reconfiguring the data object by applying one or more protection method and displaying the protected version of the data object, such that the protected version of the data object contains the privacy protection settings recommended by one or more respective joint users.
2. The method of claim 1, wherein the data object may include but is not limited to an image data, a text data or a combination thereof,
3. The method of claim J, wherein one or more predefined methods for identifying the joint user may include but is not limited to automatic face tagging, mapping

one or more keywords with those stored in a database, manual tagging performed by the user, searching and developing a relation amongst the data object and the joint user.
4. The method of claim 1, wherein one or more section of the data object may include but is not limited to face of the joint user, any identity revealing parameter of the joint user etc.
5. The method of claim 1, wherein the selection of the final section further comprises of comparing the score of joint users with each other, recommending privacy settings for the similar section and selecting higher score for selecting the final section of the data object.
6. The method of claim 1, wherein the processing further comprises of resolving a conflict by selecting a moderator from a list of users in a database for further selecting the final section in case when the score of one joint user is equal to other, recommending privacy settings for a similar section of the data object.
7. A system facilitating selective privacy settings of data objects in a computing environment, the system comprising:
an identification module configured to run one or more predefined methods of identifying joint users of the data object shared by a user in a social network; an authorization module configured to allow one or more joint users to recommend privacy settings over one or more sections of said data object; a processor configured to determine a final section of the data object to be protected for one or more joint user and to create one or more protected version of said data object for each joint user,, the processor further comprising:
a calculating module configured to calculate a point for each of the joint user recommending the privacy settings with respect to one or more section of the data object, such that the privacy settings are recommended according to pre-defined rules;

a selection tool configured to select the final section to be protected for at least one joint user based on the points thus calculated; and
a development tool to reconfigure the data object by applying one or more protection methods and displaying the protected version of the data object, such that the protected version of the data object contains the privacy protection settings recommended by one or more respective joint users.
8. The system of claim 7, wherein the data object may include but is not limited to an image data, a text data or a combination thereof.
9. The system of claim 7, wherein the identification module further comprises of a tagging module configured to perform automatic face tagging or support manual tagging, a mapping module configured to map keywords with those stored in a database and to search and develop a relationship amongst the data object and the joint user.
10. The system of claim 7, wherein the identification module further comprises of a validation module which is configured to validate the joint users identified by the identification module.
11. The system of claim 7, wherein one or more section of data object may include but is not limited to face of the joint user, any identity revealing parameter of the joint user etc.
12. The system of claim 7, wherein the processor further comprises of a comparator configured to compare the score of joint users with each other, recommending privacy settings for the similar section and selecting higher score for selecting the final section of the data object.

13. The system of claim 7. wherein the processor further comprises of a conflict resolution module configured to select a moderator from a list of users in a database for further selecting the final section in case when the score of one joint user is equal to other recommending privacy settings for a similar section of the data object.
14. The system of claim 7, wherein the development tool further comprises of a morphing module, a masking module, a seam carving module or a combination thereof.
15. The system of claim 7, wherein the development tool further comprises of a storage module which is configured to store the masked images and create one or more masked images in real time.