A method for anonymizing user identifiable information to be transmitted outside of a local network includes generating a network entity hash input based on (i) a first MAC address assigned to a client station of the local network, (ii) a second MAC address assigned to the network gateway device of the local network, and (iii) an identifier of a cloud entity of an external network to which data of the client station is to be transmitted. The method further includes generating a hash value output based on the network entity hash input and a random token value using a hashing function, generating an anonymized MAC address associated with the client station based on the hash value output, and transmitting the anonymized MAC address associated with the client station to the cloud entity of the external network.

In general, interconnection of drug administration systems is provided. In an exemplary embodiment, a drug administration device and a remotely located server can establish a unique key for wireless communication between the device and the server. The drug administration device can be configured to sense information relating to at least one of the device and a drug and can be configured to anonymize data indicative of the sensed information using the key stored in memory of the device. The drug administration device can also be configured to use the key in decrypting data received from the server.

A method of propagating data packets in a network of nodes is disclosed. The method includes: collecting a set of first data packets during a first time period, the set including at least one data packet received from one or more first nodes in the network; generating a first mapping that assigns the first data packets of the set for relay to one or more neighbouring nodes connected to the node; computing a decorrelation metric value for the first mapping; determining whether the decorrelation metric value for the first mapping satisfies a first condition; in response to determining that the decorrelation metric value for the first mapping does not satisfy the condition of transmitting the first data packets of the set to neighbouring nodes according to the second mapping.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for creating and using virtual email addresses for user privacy protection and data security are described. In one aspect, a method includes receiving, from a user device and at an identity server, login credentials for a first email address mapped to a first set of user information values, detecting, by the identity server, a trigger event, in response to detecting the trigger event, creating, by the identity server, a new virtual email address separate from the first email address and mapped to a second set of user information values different from the first set of user information values, detecting, by the identity server, a request for credentials from a requesting entity, and in response to detecting the request, transmitting, by the identity server, the new virtual email address as new login credentials to the requesting entity.

This document describes systems and techniques for improving the integrity and protecting the security of information in content selection and distribution. In one aspect, a method includes receiving, by a first server of a secure multi-party computation (MPC) system and from an application on a client device, a request for a selection value. In response to receiving the request, the first server conducts, in collaboration with a second server of the secure MPC system, a privacy-preserving selection process and a counterfactual selection process. The first server transmits a selection result defining the first winning selection value from the privacy-preserving selection process and the second winning selection value from the counterfactual selection process and receives, from the application on the client device, a notification indicating that a digital component corresponding to the winning selection value from the privacy-preserving selection process was presented at the client device.

Techniques to privacy proof secure element generated certificates anonymous secure element attestations are described herein. An attestation certificate request can be generated that is signed using the static key of the secure element. The attestation certificate request can then be sent to an attestation server, which can verify the attestation certificate request and return an anonymized attestation certificate. The device containing the secure element can transmit the certificate to third parties to verify attestation data signed by the secure element using the certificate and provide assurance to the third parties that the data being attested to has been generated inside a secure element associated with a specific manufacturer.

Systems, methods, and apparatus are described herein for determining a location from anonymous data. For example, a computing device may receive anonymous data associated with a browser session initialized by a user via a browser on a user computing device. The computing device may determine that the user has not been assigned a unique identifier. The computing device may determine whether the user opted-in to location tracking. If the user opted-out of location tracking, the computing device may determine a latitude coordinate and a longitude coordinate of the user computing device during the browser session. The computing device may identify a physical address for the user based on the latitude coordinate and the longitude coordinate, for example, using a map application programming interface (API). The computing device may assign the unique identifier to the user. The computing device may associate the unique identifier to the physical address.

A method includes accessing a first intelligence feed including a plurality of cybersecurity incidents. A second intelligence feed is generated including a plurality of technical indicators defined on one or more virtual private network internet point of presence (“VPN internet PoP”) that connects a plurality of VPN tunnels to an internet. The first and second intelligence feeds are compared, a particular incident is determined, and a time frame of the particular incident is determined. Use of a particular VPN internet PoP by a plurality of sources including a plurality of clients is monitored to determine a plurality of time-based behaviors. The plurality of time-based behaviors are compared to the particular incident and to the time frame to determine a match. A particular source is blocked at the particular VPN internet PoP based on the determination of the match.

A computer-implemented system and method for providing access to secured content on a provisioning entity system are disclosed, the method may include: receiving, from a requesting entity system, a plurality of user requests to access the secured content stored at the provisioning entity system; determining, for each of the plurality of user requests, a respective user ID; generating, for each of the plurality of user requests, a respective trusted token based on the respective user request, the trusted token comprising at least a variable term different for each of the trusted tokens generated for the plurality of user requests; adding a proof of authentication to each of the trusted tokens to enable the provisioning entity system to validate the respective trusted token; and transmitting at least one of the trusted tokens to the requesting entity system.

An anonymization system (100) for anonymizing data within an anonymization receiver (110) for use by a first user (112) and a second user (114). The anonymization system (100) includes an anonymizer (102) and a database (104). The database (104) that is configured to store at least one of (i) a first data that corresponds to the first user (112), and (ii) a second data that corresponds to the second user (114). The anonymizer (102) anonymizes at least one of the first data and the second data. The anonymizer (102) is configured to transfer anonymized data to the anonymization receiver (110). The anonymizer (102) is configured to generate an anonymizing identifier that is based on at least one of the first data and the second data. The anonymizer (102) is configured to generate a token that represents the anonymizing identifier.