Disclosed are an electronic device for obfuscating user data and a server for decoding the same. A method for controlling an electronic device according to the present disclosure comprises the steps of: acquiring a security parameter according to data transmitted to an external server; applying an obfuscation algorithm to the data by using the security parameter; and transmitting the data, to which the obfuscation algorithm has been applied, to the external server. Furthermore, in connection with a method for controlling a system comprising an electronic device for obfuscating data and a server for decoding the same according to the present disclosure, a method for controlling the electronic device comprises the steps of: inserting a fingerprint into data; generating multiple pieces of split data having a preset first size on the basis of the data into which the fingerprint has been inserted; applying an obfuscation algorithm to one piece of split data selected from the multiple pieces of split data by using a preset security parameter; and transmitting the split data, to which the obfuscation algorithm has been applied, to the server. In addition, a method for controlling the server comprises the steps of: receiving the multiple pieces of split data, to which the obfuscation algorithm has been applied, from the electronic device; acquiring at least one piece of candidate data on the basis of the received multiple pieces of split data, to which the obfuscation algorithm has been applied; and acquiring data comprising the fingerprint among the at least one piece of candidate data.

A system and method for providing anonymous validation of a query among a plurality of nodes in a network: receives at a support node a query from a requester node; wherein the query comprises a one-way function representation of at least one data point of information of the requester node; receives at the support server, from at least one validator node, a one-way function representation of at least one data point of information of the validator node; compares by the support server the query from the requestor node with the one-way function representation of the at least one data point of information; determines by an aggregator server, based on the comparison, whether the at least one data point of information of the requester node matches the at least one data point of information of the at least one validator node; and outputs a match result to the requestor node.

Disclosed herein is a system for facilitating user privacy using encryption based pseudonymization, in accordance with some embodiments. Accordingly, the system may include a communication device configured for receiving a request to pseudonymize personal data associated with a user from a device. Further, the request may include credentials associated with the user. Further, the system may include a processing device configured for authenticating the user based on the credentials. Further, the processing device may be configured for verifying permissions associated with the request based on the authenticating of the user. Further, the processing device may be configured for pseudonymizing the personal data based on the verifying to obtain pseudonymized data. Further, the system may include a storage device configured for storing the pseudonymized data.

The present application generally relates to systems, devices, and methods to conduct the secure exchange of encrypted data using a three-element-core mechanism consisting of the key masters, the registries and the cloud lockboxes with application programming interfaces providing interaction with a wide variety of user-facing software applications. Together the mechanism provides full lifecycle encryption enabling cross-platform sharing of encrypted data within and between organizations, individuals, applications and devices. Further the mechanism generates chains of encrypted blocks to provide a distributed indelible ledger and support external validation. Triangulation among users, applications and the mechanism deliver both enterprise and business ecosystem cyber security features. Crowdsourcing of anomaly detection extends to users and to subjects of the data. Robust identity masking offers the benefits of anonymization while retaining accountability and enabling two-way communications. The mechanism may also provide high availability through multi-level fail over or operations to multiple instances of the core mechanism.

Methods, computer-readable media, software, and apparatuses may assist a consumer in deleting personal information held by a data broker. Entities holding the consumer's personal information may be discovered and automated actions for purging or deleting the consumer's personal information may be determined. The methods, computer-readable media, software, and apparatuses may assist the consumer in updating privacy settings associated with accounts at various entities.

A method may include receiving, from a first client, a first message. The first message may be matched to a second user based on a similarity between a first keyword included in the first message and a second keyword included in a profile of a second user. The first keyword may be determined to be similar to the second keyword based on a distance between a first vector representation of the first keyword and a second vector representation of the second keyword not exceeding a threshold value. In response to the first message being matched with the second user, the first message may be sent to a second client associated with the second user. In response to receiving, from the second client, a second message responsive to the first message, the second message may be sent to the first client. Related systems and articles of manufacture are also provided.

A traffic-monitoring system that monitors encrypted traffic exchanged between IP addresses used by devices and a network, and further receives the user-action details that are passed over the network. By correlating between the times at which the encrypted traffic is exchanged and the times at which the user-action details are received, the system associates the user-action details with the IP addresses. In particular, for each action specified in the user-action details, the system identifies one or more IP addresses that may be the source of the action. Based on the IP addresses, the system may identify one or more users who may have performed the action. The system may correlate between the respective action-times of the encrypted actions and the respective approximate action-times of the indicated actions. The system may hypothesize that the indicated action may correspond to one of the encrypted actions having these action-times.

A method and apparatus for tokenization of user-traceable data are described. User traceable data is data that is not directly personal data but can be traced back to the identity or an activity of the user. A first raw value is encrypted into a first token using a symmetric key encryption mechanism based on a combination of a second raw value including personal data of a user and a second token resulting from the tokenization of the second raw value where the first token is an anonymized representation of the first raw value.

The technology disclosed teaches protecting sensitive data in the cloud via indexable databases. The method includes identifying sensitive fields of metadata for encryption and for hashing. The method also includes hashing at least partial values in the indexable sensitive fields to non-reversible hash values, concatenating the non-reversible hash values with the metadata for the network events, and encrypting the sensitive fields of metadata. Also included is sending the metadata for the network events, with the non-reversible hash values and the encrypted sensitive fields, to a remote database server that does not have a decryption key for the encrypted sensitive fields and that indexes the non-reversible hash values for indexed retrieval against the indexable sensitive fields. The disclosed technology also teaches retrieving sensitive information that is secured at rest: receiving a sensitive field query, hashing the query, querying and receiving network event metadata responsive to the query, and decrypting the metadata.

Some embodiments provide a method for providing public keys for encrypting data. The method receives (i) a first request from a first source for a public key associated with a particular user and (ii) a second request from a second source for the public key associated with the particular user. In response to the first request, the method distributes a first public key for the particular user to the first source. In response to the second request, the method distributes a second, different public key for the particular user to the second source. Data encrypted with the first public key and data encrypted with the second public key are decrypted by a device of the particular user with a same private key.