A method for obtaining a command relating to a profile for a security module of the equipment to access a network by mobile equipment. The method includes: sending, to a first server, a request including an anonymous identifier of the security module based on a physical identifier of the module and a random variable; receiving, from the first server, an address of a second server, which prepared the command and associated the command with the anonymous identifier, a request of the command having been previously received from a third server via the second server; sending, to the second server, the physical identifier of the module and of the random variable; receiving, from the second server, the command when a verification by the second server that the anonymous identifier of the security module has been computed on the basis of the received physical identifier and of the random variable is positive.

The present invention discloses a method of creating word-level differential privacy with the hashing trick to protect confidentiality of a textual data, the method comprising: receiving a list of a plurality of hashes with a weight (or weights) associated with each of the plurality of hashes; Updating said list with new hashes that are within the range of allowable hash values but not included in said received list of hashes; Updating said list with a new weight to each of said plurality of hashes that are missing said weight; Fitting a probability distribution to said list of said weights of said plurality of hashes; and generating said new weights and said adjusted weights based on sampling of said probability distribution.

Disclosed are embodiments for information barriers that are conditional on the type of information being communicated. Information barrier polices provided by the disclosed embodiments selectively allow communication between accounts or groups based on characteristics of the content of the communication. For example, communication between a marketing department and an engineering department may be conditional on the communication not including any sensitive information. The determination of whether the communication includes sensitive information is further designed to provide good performance even in environments that maintain substantial portions of data in an offsite or cloud environment, where latencies associated with searching large datastores can be prohibitive.

Embodiments disclosed herein are related to computing systems and methods for generating one or more pseudonymous names for use by a Decentralized Identifier (DID) owner when interacting with third party entities. An indication is received from a DID owner who is associated with a DID. The indication indicates that the DID owner desires to interact with various third party entities. A list is generated of pseudonymous names that are to be used in place of the DID as the DID owner interacts with the one or more third party entities. A selection is received for a specific one of the generated pseudonymous names. The selected specific pseudonymous name is bound to the DID so that the selected specific pseudonymous name is used during the interaction.

Techniques are described for transaction-based read and write operations in a distributed system. In an embodiment, an authorization protocol overlaid onto a transaction to control access to each of the data pools. Using the techniques described herein, the DTRS provides authorization mechanism to ensure that the entity, which hosts the data pool, may only access the data set from an originating entity based at least upon the access rules of the originating entity set for the data set. Additionally, the DTRS's read/write transactions keep the data pools of the DTRS in synch with each other, so each data pool stores the same data sets as another data pool of the DTRS. When a data integrity service of an entity generates a new data entry from a user transaction with a client application, a new write request is generated for the DTRS to which the data integrity service belongs. The DTRS receives the data entry and its metadata from the data integrity service and performs steps to update all data pool of the DTRS, in an embodiment.

Improved pseudonym certificate management is provided for connected vehicle authentication and other applications. Temporary revocation of a certificate is enabled. With respect to Security Credential Management Systems (SCMS), pre-linkage values can be employed. The pre-linkage values can be encrypted using homomorphic encryption. Other embodiments are also provided.

Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

The subject technology receives, in an application on an electronic device, a message, the message being associated with a user and including information in a header portion of the message. The subject technology determines, on the electronic device, a current state of messaging activity of the user based at least in part on a log of previous events associated with the user, where the log of previous events includes information that has been hashed using a cryptographic hash function. The subject technology determines, on the electronic device using a set of rules provided by a machine learning model, that the user is likely to view the message based on the current state of the messaging activity of the user. The subject technology sets, on the electronic device, an indication that the message is important based on the determining.

A method (40) of generating a pseudonym associated with a communication device (11) is disclosed. The method (40) is performed in a network node (13) of a communications system (10) and comprises generating (41) a pseudonym embryo based on one or more elements of a sequence (S.sub.1, S.sub.2, . . . , S.sub.n), obtaining (42) the pseudonym as output of a masking operation applied to the pseudonym embryo, wherein the masking operation comprises a one-to-one mapping, and transmitting (43) the pseudonym to the communication device (11). A corresponding network node (13), computer program and computer program product are also disclosed.

A distributed system that implements an online exchange may comprise a plurality of server nodes, each of which being configured to receive exchange transaction proposals from customers of the online exchange over a computer network and each being configured to store a copy of a blockchain distributed ledger of completed exchange transactions. A distributed coordination engine may be coupled, over the computer network, to the plurality of server nodes and may receive a plurality of exchange transaction proposals from the plurality of server nodes. The distributed coordination engine may be being further configured to achieve consensus on the plurality of exchange transaction proposals and to generate, in response, an ordering of agreed-upon exchange transaction proposals that includes the plurality of exchange transaction proposals on which consensus has been reached. This ordering of agreed-upon exchange transaction proposals is identically provided to each of the server nodes and specifies the order in which the server nodes are to execute exchange transactions and to update their copy of the distributed ledger. The ordering of agreed-upon exchange transaction proposals may optionally be re-ordered and identically provided to each server node to conform to the local orderings at the exchange transaction proposal's node server of origin.