Restrict variable visibility of process instance using authorization

I want to set authorization in such a way that,
User should see cockpit and process instances but should not see all variables (since confidential information) but must see some variables to identify minimum process information.

I did not found anything for this, is this possible?