FORM - 2
THE PATENTS ACT, 1970
(39 of 1970)
THE PATENTS RULES, 2003
COMPLETE SPECIFICATION
(See Section 10 and Rule 13)
A SYSTEM TO PROVIDE ENHANCED PRIVACY FOR ACCESSING CONTENTS OF WEB BASED APPLICATIONS
TATA CONSULTANCY SERVICES LTD.,
an Indian Company of Nirmal Building, 9th Floor,
Nariman Point, Mumbai -21,
Maharashtra, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

FIELD OF THE INVENTION
The present invention relates to the field of data security and privacy.
Particularly, the present invention relates to security and privacy of data being transferred through communication networks and displayed using presentation tier.
DEFINITIONS OF TERMS USED IN THE SPECIFICATION
The term 'Masking' in this specification relates to the technique of superficially replacing confidential data for ensuring privacy and safety of sensitive information.
The term 'Credentials' in this specification relates to user identification number/employee identification number and the like which authenticates and entitles the users to gain access to sensitive information.
The term 'Tags' in this specification relates to attributes that are attached to the data so that the data can be viewed on a web-based interface.
BACKGROUND OF THE INVENTION AND PRIOR ART
Protecting the privacy of an individual's data is one of the top concerns of chief information officers in the world. It assumes even bigger proportion in the outsourcing world where data sharing is a must owing to business purpose, and the legal and business consequences of any breach being enormous. Thus, systems include bridging means for sharing purposes.

Usual physical security measures, administrative controls, authentication machinery and encryption based mechanisms are important for preventing unauthorized access to the data, but they cannot stop an authorized user from breaching privacy if the original data is made available as is. Legal agreements are not a great remedy either, for they serve only as a post-facto measure after data or identity thefts have already taken place, privacy breaches have happened, and brand, recognition, and business have suffered irreversible losses. Hence, there is a serious demand for cost effective privacy enhancing and utility preserving technology solutions which can protect individual privacy, keep data utility intact, and allow business to proceed smoothly.
Generally, the outsourced processes catered by the system are stable and archaic and often have no in-built privacy consideration, and therefore, a lot of Personally Identifiable Information (PII) is visible to the personnel on job. This puts personal privacy at high risk and increases the chances of identity leaks. Currently, a lot of physical, procedural, technical and compliance controls are placed such as, no mobile phones, no internet or access to outside world from their machines, one cannot talk or see their colleagues, no pencil and paper and the like. These practices have become standard all over, due to compliance control and they make the working environment very restrictive. This certainly adds to the chances of separation. In cases where attrition rate is very high, matters get further complicated because of the fact that people leaving may have some knowledge about PII of customers, and thus increasing the privacy concerns.

One of the technology solutions is to ensure that these people see only need-to-know data. That itself will reduce the risk of privacy breach. It will also allow organizations and systems to relax their physical and procedural controls, and work-life will be more humane in general. Indirectly, it will also mean lower cost of operations and more employee retention, hence more benefits to the organization.
To address data privacy concerns in static data, one such system named Masketeer™ was designed and developed as a data privacy solution system for off-line settings like setting up secure test-beds at off-shore and where data is shared less frequently like once in a week/month or more. It however, did not address data privacy concerns in real time delivery, where work environment is controlled and relatively uniform.
Privacy concerns exist wherever PII is collected and stored in digital or any other form. Improper or non-existent disclosure controls can be the root cause for privacy issues. The need-to-know principle of security where even if one has all the necessary official approvals (such as a security clearance) to access certain information, one would not be given access to such information unless one has a specific need to know; that is, access to the information must be necessary for the conduct of one's official duties. Similarly, one can also create a privacy need-to-know principle, where, even if one has all the necessary official approvals to access personally identifiable information, one would not be given access to such information unless one has a specific privacy need to know; that is, viewing of personally identifiable information must be necessary for the conduct of

one's official duties. The technological implementation of privacy need-to-know principle will have some features associated with it. To avoid disclosure of the PII in real time, the desired features of any feasible real time (online) data privacy solution are given below. The online data privacy solution must:
• preserve data utility, so that the intended purpose can be served. The online data privacy solution must not change the data integrity. The masked data must not replace the original data in the database or application after any workflow action taken (such as submit, or update) to avoid data integrity issues.
• be non-obtrusive, that is, it must not make changes to the existing application, as this will increase the project cost and may also introduce new bugs in the existing application. The application owner must not worry about the changes to the business application and their effect, such as new testing plan.
• have a negligible performance overhead, that is, it must not cause the application / system performance to degrade beyond acceptable limits.
• have a minimal infrastructure overhead, that is, it must make use of the existing hardware and software as far as possible so that the total cost of ownership (TCO) remains largely unaffected.
• be user friendly, that is, the solution's usage procedure should be intuitive and privacy officer should feel comfortable using it. Minimum training is required for other users, to make them familiar with the privacy need-to-know principle and way to work in the privacy enabled environment.

• be easy to manage, that is, to accept tunable parameters to support
business requirements. For instance, allow for role-based privacy
policy support.
Some available solutions through systems for achieving privacy in real time are discussed below:
• View Modification
The View Modification system provides each user with a personalized and restricted viewing means based on the policy. The idea behind view modification at a database level is to provide a personalized and restricted view of the complete database to each user. User queries are modified transparently to make sure that the user cannot access anything more than his/her view of the database. At high level, this type of approach can certainly help in preventing viewing of need-not-know PII and improving individual privacy. Following are ways to achieve view modifications. This approach works with arranged data stored in a database.
1. Oracle Virtual Private Database (VPD)
Oracle introduced view modification approach using the Row level security, also known as Fine Grained Access Control (FGAC) with Oracle 8i (8.1.5). This is largely known as Oracle Virtual Private Database. Virtual private database (VPD) enables you to enforce security to a fine level of granularity, directly on tables, views, or synonyms. Security policies are attached directly to tables, views, or synonyms, and automatically applied whenever a user accesses

data. When a user directly or indirectly accesses a table, view, or synonym that is protected with a VPD policy, the server dynamically modifies the user's SQL statement. When a user logs in, a secure application context is created in the database. This is used to store user-specific information, that is, parameter values, based on which the policy functions will return the appropriate predicates. In general, different applications can define different security policies, depending on their access control needs. Information requests which reference tables and views protected by VPD are modified according to the policy assigned to this table or view. VPD policies can restrict access by comparing the value of an attribute in an individual row with an application context value.
A major drawback of VPD results from the fact that the query that is executed on the database is a transparent modification of the user query. This may cause inconsistencies between what the user expects to see and what the system returns. This approach is well suited for Oracle database only and user heeds to define all the rules as PL/SQL queries. The queries which need to get aggregated results may return incorrect answers. If the application under consideration is not using Oracle Enterprise Edition, then its cost might be a major concern.

2. Oracle Label Security (OLS)
Oracle Label Security (OLS) is a security option for the Oracle Enterprise Edition database and was introduced with Oracle 8.1.7. It is an extension of the VPD technology introduced in Oracle8i. OLS allows access control to individual rows based on attached labels. OLS mediates access to data rows by comparing a row label or sensitivity label and a set of user label authorizations. Thus, it can be used to implement privacy policies on data, restricting access to only those who have a need-to-know. No coding or software development is required, allowing the administrator to focus completely on the policy.
OLS is best suited for situations where access control decisions need to be based on the sensitivity of the information, but the same drawbacks discussed in case of VPD persist in OLS.
• Data Modifications
The data modifications system and approach dynamically modifies the content by searching for sensitive data and masking it based on some rules, transparently to the user. This approach basically intercepts the content coming from source, detects sensitive information, analyses it, and modifies it before its delivery. Data is modified in transit and approach works on the data itself, rather than its arrangement in database. Following are some of the possible ways to achieve data modification:

1. Server Side Proxy
A user creates a central server through which data passes like a proxy. This server inspects the contents of the traffic and blocks or nullifies the PII contents as per the privacy rules. This can be constructed as per the application, but it is not scalable. It may also require high amount of memory and processor power to implement this in real time.
2. Embedded Privacy Logic
Another way to implement privacy is to embed the privacy logic and workflow as per the user's role in the application itself. But this needs to be done from the start of the application building. This cannot be used as add-on solution. The re-engineering cost may be very high for this solution.
• Client Side Modification
This approach is considered in case the application server side changes are difficult to implement considering the legacy systems and defined process as in case of outsourced work. The client side modifications can be enforced through controlled environment. One of such approaches for web based applications is defined in the next section.
Apart from the aforesaid techniques there are various other attempts in the prior art including:

US Patent Application US2009007278 discloses a privacy protection device which stores a determination data for determining whether to mask the privacy information included in the content, depending upon the provider terminal location information and browser terminal location information. The privacy protection device in accordance with US 20090007278 determines whether to mask the privacy information and edits the private content such that the information is concealed from the browser when the device determines to mask it. However, the device as disclosed in 20090007278 tampers the content to conceal it from the browser.
Similarly, US Patent Application US20090132419 discloses a method and a system for obfuscating sensitive data while preserving the data usability. The method as disclosed in US20090132419 comprises identifying the originating location of data per business application, analyzing the identified data for sensitivity, determining business rules and/or the information technology rules that are applicable to the sensitive data, selecting a masking method (data obfuscation or data masking) based on the business and/or IT rules and executing the selected masking method to replace the sensitive data with fictional data for storage or presentation purposes. However, as the sensitive data is transformed for storage or presentation purposes the data integrity is not maintained.
Therefore, a need was felt for a system which keeps the data integrity intact and does not replace the original sensitive data in the database, thus ensuring high data utility. In addition, there is felt a need for a system that has negligible performance overhead, requires minimal infrastructure for

deployment, can be easily ported into existing systems and is user friendly and easy to manage.
OBJECT OF THE INVENTION
An object of the present invention is to increase the privacy of the web based application system in a controlled environment.
Another object of the present invention is to enhance privacy for sensitive fields in the web based applications in a non-obtrusive way in real time, and without affecting application functionality and business requirements.
Yet another object of the present invention is to provide a system which keeps the data integrity intact and provides high data utility.
Still another object of the present invention is to provide a system which requires minimum infrastructure for deployment.
One more object of the present invention is to provide a system which is user-friendly and can be easily ported to existing applications.
An additional object is to provide 'role based privacy' based on 'privacy need-to-know' principle.

SUMMARY OF THE INVENTION
The present invention envisages a distributed computing system having a server co-operating with a plurality of computing nodes via a web based interface and a data storage for storing data pertaining to an organization, the system adapted to selectively display data to a plurality of nodes, the system comprising:
• a compiler adapted to compile a list of sensitive data stored in the data storage in the form of tags and its relevant attributes;
• a first database to store credentials and access level details of users of an organization;
• means to generate privacy rules for the tagged sensitive data based on the compiled list of sensitive data and access level details of users;
• a second database adapted to store the generated privacy rules;
• means to capture the credentials of a user connected to one of the nodes;
• comparator means adapted to compare the credentials of the user with the details stored in the first database and further adapted to determine the access level details of the user;
• fetching means co-operating with the comparator and the second database and adapted to fetch the privacy rules based on the determined access level details;
• masking means adapted to non-obtrusively mask sensitive data based on the fetched privacy rules; and

• display means adapted to receive and display the masked data to the user connected to the node.
Typically, the second database stores the generated privacy rules in a predefined format.
Typically, the second database stores the generated privacy rules in XML format
Typically, the fetching means fetches the privacy rules from the second database over a secure encrypted channel of communication channel.
Typically, the second database is hosted on a web server running on a secure port.
Typically, the system includes updation means adapted to automatically generate new privacy rules and update the second database incase there are changes in the data storage.
In accordance with the present invention there is provided a method for selectively displaying data to a plurality of nodes connected to a server in a distributed computing system, the method comprising the following steps:
• storing data pertaining to an organization in a data storage;
• compiling a list of sensitive data stored in the data storage in the form of tags;
• storing credentials and access level details of users of the organization in a first database;

• generating privacy rules for the tagged sensitive data based on the compiled list of sensitive data and access level details of users;
• storing the generated privacy rules in a second database;
• capturing the credentials of a user connected to one of the nodes;
• comparing the credentials of the user with the details stored in the first database and determining the access level details of the user;
• fetching the privacy rules based on the determined access level details;
• masking non-obtrusively the sensitive data based on the fetched privacy rules in real time; and
• displaying the masked data to the user connected to the node.
Typically, the step of compiling a list of sensitive data includes the step of collecting all data tags inside the data storage and selecting appropriate tags that are associated with the private or sensitive data.
Typically, the step of masking includes the step of receiving the data to be displayed to the users from the data storage and masking the data using predetermined masking techniques.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
Other aspects of the invention will become apparent by consideration of the accompanying drawings and their description stated below, which is merely illustrative of a preferred embodiment of the invention and does not limit in any way the nature and scope of the invention.

FIGURE 1 illustrates the schematic of the system to provide enhanced privacy and security, in accordance with the present invention; and
FIGURE 2 is a flowchart showing the steps for providing enhanced privacy and security, in accordance with the present invention.
DETAILED DESCRIPTION
The present invention envisages a system and method to provide enhanced privacy of sensitive organizational data while accessing web based applications.
In accordance with one aspect of the present invention, the privacy is achieved by data masking, which is performed without affecting data utility. The masking happens at the client side while rendering the data without the need for changing the source code of the existing application. This avoids data integrity issues in case of database updates.
The solution proposed by the present invention is user friendly and only privacy administration training is required for managing the system. On deployment of the system, the users of an organization will see only the required information for carrying out their duties as per "need-to-know" privacy principle.
In accordance with another aspect of the present invention, the rules for masking the data are defined on the hooks or tags of the application source code. For a same web page screen of the application the hooks or tags values

with same masking logic can be seen different depending on the user role. The consistency of masking is maintained based on the hooks or tags and their position. There is no change required in the application source code, nor are any patches required. The solution is 100% non-obtrusive. The only requirement is to disable other methods to infer information from available or displayed data.
Organizations are reluctant to change the legacy application due to fear of generating new leaks or bugs in the application. In such a case, a system which provides the option of using client side changes in a controlled environment with existing technical security controls in place can be very useful.
Referring to the accompanying drawings, FIGURE 1 shows an overview of the system envisaged by the present invention. The system is a distributed computing system having a server co-operating with a plurality of computing nodes via a web based interface and data storage 102 for storing data pertaining to an organization, the system selectively displays data to a plurality of nodes.
In accordance with the present invention, the system comprises:
• a compiler 100 to compile a list of sensitive data stored in the data storage 102 in the form of tags and its relevant attributes;
• a first database 104 to store credentials and access level details of users of an organization;

• a privacy rule configuration console 106 to generate privacy rules for the tagged sensitive data based on the compiled list of sensitive data and access level details of users;
• a second database 108 adapted to store the generated privacy rules;
• means 110 to capture the credentials of a user connected to one of the nodes;
• a comparator 112 adapted to compare the credentials of the user with the details stored in the first database and further adapted to determine the access level details of the user;
• fetching means 114 co-operating with the comparator 112 and the second database and adapted to fetch the privacy rules based on the determined access level details;
• masking means 116 adapted to non-obtrusively mask sensitive data based on the fetched privacy rules; and
• display means 118 adapted to receive and display the masked data to the user connected to the node.
The privacy rule configuration console 106 and the second database 108 are hosted on a web server. The web server typically runs on port 443 (https) which is a secure port. The web server is adapted to function as a central control, whereby it helps in creation/generation of rules, maintenance of privacy rules in the XML format or a predefined format in the second database 108 and to create and maintain privacy rules based on various roles, provide them on-demand to the fetching means 114, facilitate automatic

update of the rules in the second database 108 and also provide license based usage of the system and the updates.
In accordance with this invention, the privacy rule configuration console 106 facilitates the privacy rules creation. Syntactically, the web based applications are deployed using HTML elements that are typically constructed with a start tag marking the beginning of an element, any number of attributes (and their associated values), some amount of content (characters and other elements), and an end tag. Thus, every data item that is being rendered has an associated tag. A privacy administrator can manually write down the tags of data items stored in the data storage, sort them for listing down private or sensitive tags and associate privacy rules by studying the page source and explicitly decide the hooks or tags, but to save the manual effort the web server includes a compiler 100 which collects the hooks or tags inside web application. The Privacy Administrator can then select appropriate hooks or tags that are associated with the "private or sensitive" data. These short-listed tags or hooks are passed to the next stage, where privacy rules are created using Privacy Rule Configuration Console 106 along with various masking techniques.
Typically, effective real time data masking requires data to be altered efficiently, in such a way that the actual values cannot be determined from the displayed values, that is, masking transformation is irreversible and the functional appearance is maintained so that the end user can do his/her job without too much hassle, that is, utility is unaffected.

There are various masking techniques supported presently, with the various configuration parameters such as position of masking, number of positions to be masked, and masking symbol to be used (s), or range (a-b) and the like. These are pluggable techniques and new technique can be added based on the application and privacy requirements.
Typically, the web server generates the rules in the form of an xml file or some other pre-defined format based on the requirement and stores it in the second database 108.
As different users may play different roles, and as each role requires a different "view" of the same data in the context of privacy "need-to-know" principle, a first database 104 is provided for support of role based privacy rules creation. The first database 104 stores the credentials including the unique identification numbers of the users and their access level details based on their hierarchy or role in the organization.
The privacy administrator can edit the XML file and create role-based privacy rules, and store the XML file for different roles with corresponding authentication details (such as Username and password). The web server stores the files which can be fetched by fetching means 114 based on the user role appropriately from the second database 104.
The fetching means 114 typically located at the client side / computer node can fetch rules from the web server based on pre-determined requirements. The fetching means 114 gives the fetched privacy rules.to the masking means 116. The masking means 116 has masking logic embedded inside

with a way to receive fetched rules from the fetching means 114 (depending on the situation) and apply them to mask incoming data from prescribed application server before rendering it on the display means 118 (to an user connected to a computing node).
Typically, as soon as a user/employee of an organization connected to a node clicks the URL of a web based application on which real time masking transformations in accordance with this invention are applied, a client side browser means 110 captures the credentials of the user using a comparator 112 and compares the credentials with the details stored in a first database 104 and determines the access level details of the user. For instance, if the user belongs to the management level then the access level setting will be 'unrestricted access' thus no masking will be applied to the contents of the web based application, as against if the user is an executive then 'limited access' access level setting will be applied and all sensitive content as determined by the access level setting will be masked.
Based on the determined access level setting the browser means 110 instructs the fetching means 114 to fetch the privacy rules from the web server. Once the rules are available inside the client browser means 110, the browser means 110 is adapted to use the masking means 116 to fetch the rule file to create a transformed view at runtime, typically using the HTML elements in the page. The users will see the web page after data modifications, without knowing about the masking means and process.

A privacy administrator or the person in-charge of data privacy will create the rules as per the role of the users and privacy need-to-know based on the business requirement. The use of available technology can help administrators to assign policies, deploy software, and apply critical updates from a central location. This system will not replace the original data, except on user screens or in printed reports hence it will keep data integrity intact. The non-obtrusive nature of the system helps in keeping the application safe from new bugs or system testing.
In accordance with this invention, if there are any logical updates of the privacy rules to be done at the computer node, they can be automatically supported through the web server's updation means. Any communication that takes place between the web server and the fetching means 114 enabled computer node is always through a secure encrypted channel.
The computer node in accordance with this invention has masking transformation logic encoded in it. Typically, these computer nodes are loaded /pre-installed with browser means for capturing user credentials 110, fetching means 114, masking means 116 and display means 118 via a domain controller means or through login-scripting means or any other suitable available means and methodology. The aforementioned means at each of said node are adapted to execute various masking transformations on incoming data items as per the rules that are simultaneously being fetched from the web server in real-time. The browser means 110 renders this transformed data on the screen 118 thus satisfying the privacy need.

There is provided only one type of fetching means 114 based on the application of the organization. Typically, different roles of the users in the organization necessitate varying transformations on different data items according to the privacy need-to-know principle. But, in the architecture of the system of this invention, this only indicates changing the rule files at the web server and performing no change to the fetching means 114.
In accordance with one more aspect of the present invention, the transformations done to the data by the masking means 116 do not get reflected in the page source. So users can potentially view actual data using "View Source" option of the browser means. Therefore, it is recommended to disable the "View Source" option in the browser means 110, which can be achieved by customizing browser options.
In accordance with the present invention there is provided a method for selectively displaying data to a plurality of nodes connected to a server in a distributed computing system, the method comprising the following steps as seen in FIGURE 2:
• storing data pertaining to an organization in a data storage, 1000;
• compiling a list of sensitive data stored in the data storage in the form of tags, 1002;
• storing credentials and access level details of users of the organization in a first database, 1004;
• generating privacy rules for the tagged sensitive data based on the compiled list of sensitive data and access level details of users, 1006;
• storing the generated privacy rules in a second database, 1008;

• capturing the credentials of a user connected to one of the nodes, 1010;
• comparing the credentials of the user with the details stored in the first database and determining the access level details of the user, 1012;
• fetching the privacy rules based on the determined access level details, 1014;
• masking non-obtrusively the sensitive data based on the fetched privacy rules in real time, 1016; and
• displaying the masked data to the user connected to the node, 1018.
TECHNICAL ADVANTAGES
The technical advantages of the present invention include:
• providing a system that masks data and ensures data privacy without affecting utility or integrity of the organization data;
• providing a system where masking happens at a client node while rendering the data, without changing the web application source code;
• providing a user friendly system which only requires privacy administration training for its execution;
% providing an accurate system which ensure 100% data privacy as per "need-to-know privacy" principle and the roles of the users;
• providing a system which generates rules that are defined on the hooks or
tags of the stored data of the applications;

• providing a system where masking is done to the sensitive or private hooks or tags values without manual intervention. The consistency of masking is maintained based on the hooks or tags and their position;
• providing a system which requires minimum infrastructure for its deployment. No change is required in the application source code, nor are any patches required. The solution is 100% non-obtrusive. The only requirement is to disable other methods to infer information from available or displayed data. This can be achieved by security controls like blocking "View Page Source".
• providing a system that manages the privacy rules through a central web server which makes the changes to the rules very easy.
While considerable emphasis has been placed herein on the components and component parts of the preferred embodiments, it will be appreciated that many embodiments can be made and that many changes can be made in the preferred embodiments without departing from the principles of the invention. These and other changes in the preferred embodiment as well as other embodiments of the invention will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the invention and not as a limitation.

WE CLAIM
1. A distributed computing system having a server co-operating with a plurality of computing nodes via a web based interface and a data storage for storing data pertaining to an organization, the system adapted to selectively display data to a plurality of nodes, said system comprising:
• a compiler adapted to compile a list of sensitive data stored in the data storage in the form of tags and its relevant attributes;
• a first database to store credentials and access level details of users of an organization;
• means to generate privacy rules for the tagged sensitive data based on said compiled list of sensitive data and access level details of users;
• a second database adapted to store said generated privacy rules;
• means to capture the credentials of a user connected to one of the nodes;
• comparator means adapted to compare said credentials of the user with the details stored in the first database and further adapted to determine the access level details of the user;
• fetching means co-operating with said comparator and said second database and adapted to fetch the privacy rules based on the determined access level details;
• masking means adapted to non-obtrusively mask sensitive data in real-time based on said fetched privacy rules; and

• display means adapted to receive and display the masked data to the user connected to the node.
2. The system as claimed in claim 1, wherein said second database stores the generated privacy rules in a predefined format.
3. The system as claimed in claim 1, wherein said second database stores the generated privacy rules in XML format.
4. The system as claimed in claim 1, wherein said fetching means fetches the privacy rules from the second database over a secure encrypted channel of communication channel.
5. The system as claimed in claim 1, wherein said compiler, said first database, said second database and said means to generate privacy rules are hosted on a web server running on a secure port.
6. The system as claimed in claim 4, wherein said web server includes updation means adapted to automatically generate new privacy rules and update the second database incase there are changes in the data storage.
7. The system as claimed in claim 1, wherein said comparator, said fetching means, said masking means and said display means are provided at each one of said nodes using a domain controller means or through login-scripting means.

8. A method for selectively displaying data to a plurality of nodes
connected to a server in a distributed computing system, the method
comprising the following steps:
• storing data pertaining to an organization in a data storage;
• compiling a list of sensitive data stored in the data storage in the form of tags;
• storing credentials and access level details of users of the organization in a first database;
• generating privacy rules for the tagged sensitive data based on said compiled list of sensitive data and access level details of users;
• storing said generated privacy rules in a second database;
• capturing the credentials of a user connected to one of the nodes;
• comparing said credentials of the user with the details stored in the first database and determining the access level details of the user;
• fetching the privacy rules based on the determined access level details;
• masking non-obtrusively the sensitive data based on said fetched privacy rules; and
• displaying the masked data to the user connected to the node.
9. The method as claimed in claim 8, wherein the step of compiling a list of
sensitive data includes the step of collecting all data tags inside the data
storage and selecting appropriate tags that are associated with the private
or sensitive data.

10 The method as claimed in claim S, wherein the step of masking includes the step of receiving the data to be displayed to the users from the data storage and masking the data using pre-determined masking techniques.