Methods, systems, and computer readable media can be operable to facilitate an exchange of messages between an access point and a station, wherein the access point requests a unique identifier from the station. The request can include a network requirements field that indicates that a unique identifier is required for access to the network. The station initiates a secure connection with the access point prior to associating with the access point. The station may either respond with a message declining to provide a unique identifier or respond with a message including a unique identifier to be used by the access point for the station via the secure connection. The response from the station may include additional limitations on the use of the unique identifier by the access point. The access point may enforce different policies against the station depending upon how the station responds to the unique identifier request.

Systems, program storage devices, and methods for improving data privacy/trust/anonymity/pseudonymity and data value, wherein data related to a Data Subject can be used and stored, while minimizing re-identification risk by unauthorized parties and enabling data related to the Data Subject to be disclosed to an authorized party by granting access only to the data relevant to that authorized party's purpose, time, place, and/or other criterion via the obfuscation of specific data values. The techniques described herein maintain this level of privacy/trust/anonymity/pseudonymity, while empowering Data Subjects, e.g., consumers or customers of such authorized parties, by enabling protection of data at the desired level of engagement with various business entities. The techniques described herein also allow Data Controllers to perform General Data Protection Regulation (GDPR) and Schrems II-compliant (and surveillance-proof) data processing, via the functional separation of heterogeneous data (e.g., via the use of “Variant Twins”) from embedded trust and privacy controls.

A provider receives a message from a user device requesting that the provider share user credentials associated with a user of the user device with a second provider when the user is attempting to enroll with or access goods or services associated with the second provider via an application on the user device. The message requests that the provider send the user credentials to the user device. The provider determines whether the user has been authenticated by the provider and whether a trust relationship exists between the provider and the second provider. The provider sends the user credentials to the user device when the user has been authenticated by the provider and when the trust relationship exists between the provider and the second provider. The user device forwards the user credentials to the second provider and the second provider authenticates the user based on the user credentials.

Systems, computer-readable media, and methods for improving both data privacy/anonymity and data value, wherein real-world, synthetic, or other data related to a data subject can be used while minimizing re-identification risk by unauthorized parties and enabling data, including quasi-identifiers, related to the data subject to be disclosed to any authorized party by granting access only to the data relevant to that authorized party's purpose, time period, purpose, place and/or other criterion via the required obfuscation of specific data values, e.g., pursuant to the GDPR or HIPAA, by incorporating a given range of those values into a cohort, wherein only the defined cohort values are disclosed to the given authorized party. Privacy policies may include any privacy enhancement techniques (PET), including: data protection, dynamic de-identification, anonymity, pseudonymity, granularization, and/or obscurity policies. Such systems, media and methods may be implemented on both classical and quantum computing devices.

A method of securely executing practically unbounded input stream of symbols, by non-interactive, multi-party computation, according to which the input stream is distributed among a plurality of parties, which do not communicate among themselves throughout execution, by a dealer with a secret initial state. The dealer distributes shares of the secret state between the parties. The input stream is executed by a finite-state automaton which may be an accumulating automaton with accumulating nodes or an automaton that is defined by a series of cascaded equations. During any execution stage, the input stream and the current state of the original automaton are concealed from any coalition of participants being smaller than a given threshold. Upon receiving a signal from the dealer, the parties terminate the execution and submit their internal state to the dealer, which computes the current state that defines the computation result.

A method performed by a UE. The method incudes generating a SUCI comprising: i) an encrypted part in which a Mobile Subscription Identification Number of a SUPI is encrypted and ii) a clear-text part comprising: a) a Mobile Country Code of the SUPI, b) a Mobile Network Code of the SUPI, c) a public key identifier for a public key of a home network of the user equipment, and d) an encryption scheme identifier that identifies an encryption scheme used by the UE to encrypt the Mobile Subscription Identification Number in the SUCI. The method also includes transmitting the SUCI to an authentication server in the home network for forwarding of the SUCI to a de-concealing server capable of decrypting the Mobile Subscription Identification Number.

In an approach to transient identification generation, one or more computer processors receive a request for one or more identification artifacts associated with a user from a requesting entity. One or more computer processors determine a first set of identification artifacts. One or more computer processors transmit the first set of identification artifacts to the requesting entity. One or more computer processors determine whether the first set of identification artifacts is an approved response to the request for the one or more identification artifacts. In response to determining the first set of identification artifacts is the approved response to the request for the one or more identification artifacts, one or more computer processors generate a transient identification that includes the first set of identification artifacts. One or more computer processors transmit the transient identification to the requesting entity.

A system and computer-implemented method for cloud-based anonymous traffic routing is disclosed. The method may include receiving, from a client application by a router, network traffic identified for a destination. The method may include determining, for a set of internal cloud nodes distinct from both the client application and the destination, a set of internet protocol (IP) addresses including a first IP address for a first internal cloud node of the set of internal cloud nodes. The method may also include establishing an anonymity algorithm for cloud-based anonymous traffic routing, the anonymity algorithm configured to use the set of IP addresses. The method may also include routing, based on the anonymity algorithm, the network traffic to the first internal cloud node using the first IP address. The method may also include routing the network traffic from the set of internal cloud nodes to the destination identified by the client application.

Disclosed is a method for disclosing mutual feelings, including receiving, by a processing unit (PU), one or more data about a first user from a first user device associated with the first user; selecting, by the first user, a second user associated with the first user; selecting, by the first user, a first feeling, from a plurality of feelings, wherein the first feeling is indicative of how the first user feels toward the second user, and transmitting, by the PU, a first notification to a second user device associated with the second user, wherein the first notification is so transmitted that an identity of the first user is not revealed.

A method of discovering a device in a communication network having multiple interconnected nodes includes continuously monitoring, by a device to be discovered, any IP packets sent by a discoverer. The method further includes transmitting, by the discoverer, an IP packet destined for a downstream device and receiving, by the device to be discovered, the IP packet. The method further includes determining, by the device to be discovered, whether the IP packet is intended for the device to be discovered. If the IP packet is not intended for the device to be discovered, retransmitting, by the device to be discovered, the IP packet to the downstream device via an egress port of the device to be discovered.