Aspects of the disclosure provide a technological improvement to a cipher by improving data security of format-preserving encryption (FPE), by, inter alia, embedding specific key identifiers for rotating keys directly into ciphertext. Aspects of the disclosure relate to methods, computer-readable media, and apparatuses for improving data security in a format-preserving encryption (FPE) context by using specific methods of rotating and identifying the appropriate encryption key from among numerous rotating keys stored in a key data store. Specific to FPE, a plaintext of the data and its corresponding ciphertext of the data remain the same in length/size; yet the methods, computer-readable media, and/or apparatuses disclosed herein permit embedding of an identification of a specific key among the plurality of rotating keys for the particular ciphertext without compromising the technical requirements of FPE.

A system for storing and managing secure information is disclosed that includes a secure identity and profiling system, which serves as a middleman between a user and an entity requesting personally identifiable information (PII) from the user. The system collects the PII from the user and stores it securely, such as in an alternate blockchain in an encrypted form. The location of the that PII within the alternate blockchain may be indexed using smart contracts in a main blockchain that can only be read with an access token generated and supplied by the user's mobile device. When an entity requests PII from the user that has already been collected and securely stored, the user can provide permission to release that PII by providing the access token. The system will use the access token to locate where the PII is stored and release the PII to the requesting entity.

Arrangements for controlling access to a protected entity include receiving a redirected client request to access the protected entity that includes a public key of the client; granting, in response to the received redirected request, access tokens of a first type to a client using the public key of the client; identifying a conversion transaction identifying a request to convert the first type of access tokens with access tokens of a second type, the transaction designating the protected entity; determining a conversion value for converting the first-type access tokens into second-type access tokens based on at least one access parameter; converting, using the conversion value, a first sum of the first-type access tokens into a second sum of second-type access tokens; and granting the client access to the protected entity when the sum of second-type of access tokens is received as a payment from the protected entity.

An example operation may include one or more of identifying transports operating on a roadway, determining a degree of transport traffic based on the identified transports, when the degree of transport traffic has exceeded a traffic level, assigning one or more of the identified transports as a roadway manager, controlling movement of the roadway manager, and generating a roadway indicator on the roadway manager to direct the identified transports.

Disclosed herein are system, method, and computer program product embodiments for scrubbing anomalies from an expanding dataset. In an embodiment, a data sanitization system may determine whether data is anomalous to a set of data stored on a first blockchain. The data sanitization system may perform this determination using a first machine learning algorithm trained using the set of data. Upon determining that data is anomalous, the data sanitization system may publish the data in a second blockchain different from the first blockchain. The data sanitization system may monitor data of the second blockchain and apply a second machine learning algorithm to this data to identify a pattern of anomalous data. In response to identifying the pattern, the data sanitization system may publish the anomalous data of the second blockchain to the first blockchain.

In a method for cogenerating a shared cryptographic material implemented within a first electronic device, which is connected to a second electronic cogeneration device and to a third electronic cogeneration device, a shared encryption material (pkx) is determined, as a function of a set of cogeneration parameters ECG. The shared encryption material (pkx) is transmitted, and corresponding shared encryption materials (pky, pkz) are received from the other devices. A shared seed (mx) is computed as a function of the shared encryption materials (pkx, pky, pkz) and the set of cogeneration parameters ECG. A masked form (Ox) of said shared seed (mx) is transmitted, and masked forms (Oy, Oz) of corresponding shared seeds (my, mz) are received. A final seed (ad) is computed as a function of the masked forms (Ox, Oy, Oz) of the shared seeds (mx, my, mz) and the set of cogeneration parameters ECG.

Embodiments are directed to generating and training a distributed machine learning model using data received from a plurality of third parties using a distributed ledger system, such as a blockchain. As each third party submits data suitable for model training, the data submissions are recorded onto the distributed ledger. By traversing the ledger, the learning platform identifies what data has been submitted and by which parties, and trains a model using the submitted data. Each party is also able to remove their data from the learning platform, which is also reflected in the distributed ledger. The distributed ledger thus maintains a record of which parties submitted data, and which parties removed their data from the learning platform, allowing for different third parties to contribute data for model training, while retaining control over their submitted data by being able to remove their data from the learning platform.

An incorrect copy of a record of data can be prevented from being transmitted to a distributed ledger system. A first file can be received and can include information, in audio or video form, with a description of a subject matter of the record of data and with an authorization to transmit the copy to the distributed ledger system. The first file can be sent to a device. A second file can be received from the device and can include information that confirms that the description of the subject matter, included in the first file, is correct, and that confirms that an entity, which controlled production of the first file, has permission to authorize causing the copy to be transmitted to the distributed ledger system. The correct copy can be caused, based on a receipt of the first and the second files, to be transmitted to the distributed ledger system.

Disclosed are various implementations for distributing and installing packages in response to user logon events. A logon event associated with a user account is detected for a client device. A query containing a respective user account identifier is sent to a provisioning service to retrieve a set of packages to install on the client device. The set of packages are received from the provisioning service and installed on the client device.

Permissioned blockchains with off-chain storage establish integrity and no-later-than date-of-existence for documents, leveraging records containing hash values of documents. When a document's integrity or date is challenged, a new hash value is compared with a record in the blockchain. Proving date-of-existence (via hash value in a publication and/or SMS) for the block containing the record establishes no-later-than date-of-existence for the document. Permissioning monetizes operations, enforcing rules for submission rights and content, thereby precluding problematic material (privacy, obscenity, malicious logic, copyright violations) that threatens long-term viability. Compact records and off-chain storage in a document corral (with quarantine capability) preserve document confidentiality and ease storage burdens for distributed blockchain copies. Using multiple hash values for each document hardens against preimage attacks with quantum computing. Daisy chaining records establishes that relationships existed among documents at registration. Self-addressed blockchain registration (SABRe) permits documents to self-identify their blockchain record address (block ID, index).