Embodiments of the present disclosure may provide a data clean room allowing encryption based data analysis across multiple accounts, including different provider database user accounts that provide user data and a network service and a requesting user that generates one or more clean room requests. The data clean room may also restrict which data may be used in the analysis and may restrict the output.

Some implementations disclosed herein enable matching identifiers across multiple sources. This may involve adding a unique attribute (e.g., anonymous unique homomorphic identifiers) and/or using randomization to enable comparing data from multiple sources, while also maintaining data privacy. In one example, matches across multiple sources are identified, for example, identifying that there are 100 user identifiers that are in private data sets of three different sources. Such matching may be used to enable private, multi-touch attribution. In another example, techniques are used to determine that data maintained by one source is not also within other sources (e.g., identifying that there are 200 user identifiers that are in data from a first source but not in data from a second source and not in data from a third source. Such determinations may be used to generate control group data that does not match data from other sources.

Disclosed is a method for providing a public key for authenticating an integrated circuit. In the method, the integrated circuit obtains a hardware key and an integrated circuit identifier. The integrated circuit generates a derived key based on the hardware key using a key derivation function (KDF) shared with a manufacturing machine. The integrated circuit generates a private key and a corresponding public key using the derived key as an input to a deterministic function. The integrated circuit then provides the public key and the integrated circuit identifier to a partner service for authentication of the integrated circuit using an anonymized credential database to be provided to the partner service by a manufacturer.

Systems and applications are described that use group signature technology to allow for anonymous and/or semi-anonymous feedback while allowing for the application of rules and parameters. The use of group signature technology may serve to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback. Feedback may range from constructive feedback all the way to the ‘whistleblower’ variety. It may be desirable to identify the individuals as belonging to a particular group or having a particular status or position while maintaining the anonymity of the individuals within the particular group.

A computing system directs a transmission of a first data piece and a second data piece to an electronic device, when the electronic device is engaged in an initial web browser session on an initial web browser, for storage in an electronic device memory. The first data piece is associated with a first domain linked to the initial web browser and contains an electronic device identification. The second data piece is associated with a second domain linked to the initial web browser and contains the electronic device identification. The computing system retrieves the second data piece from the electronic device memory when the computing system is unable to retrieve the first data piece from the electronic device memory. The second data piece retrieved from the electronic device contains the electronic device identification and items of anonymous personal identification information provided by the electronic device during the initial web browser session.

Disclosed herein are systems and methods for protecting user privacy in networked data collection. One embodiment takes the form of a method that includes obtaining a user-data request that is associated with a requesting party. The method also includes preparing a first candidate response to the user-data request, where the first candidate response is based at least in part on data that is associated with a first user. The method also includes receiving additional candidate responses that are respectively based on data that is respectively associated with a plurality of additional users. The method also includes determining a privacy level of the first candidate response based at least in part on the received plurality of additional candidate responses. The method also includes determining that the privacy level exceeds a privacy threshold, and responsively sending, to the requesting party, a user-data response associated with the user-data request.

Systems and techniques for centralized threat intelligence are described herein. A connection may be established to a plurality of threat data sources. An anonymized set of threat data may be obtained by application of a set of privacy rules to the threat data from the plurality of threat data. A threat database may be populated with the anonymized set of threat data. A registration request may be received for a user of a device. A unique user identifier may be assigned for the user and a unique device identifier may be assigned for the device. A threat model may be generated based on a set of the characteristics from the threat database. A set of data access attributes may be received for a data access request. The data access request may be blocked based on an evaluation of the data access attributes using the threat model.

Methods and accompanying systems are provided for predicting outcomes, such as industrial asset failures, in heavy industries. The predicted outcomes can be used by owners and operators of oil rigs, mines, factories, and other operational sites to identify potential failures and take preventive and/or remedial action with respect to industrial assets. In one implementation, historical data associated with a plurality of outcomes is received at one or more central site servers from one or more data sources, and datasets are generated from the historical data. Using the datasets, a set of models is trained to predict an outcome. A particular model includes sub-models corresponding to a hierarchy of components of an industrial asset. The set of models is combined into an ensemble model, which is transmitted to remote sites.

A system for creating an anonymous social gathering of 3 or more persons. The system has a server digital device and a client digital device both operatively connected to a distributed network and thus to each other. The client device is configured to display an electronic mapping received from the server digital device through the distributed network and the electronic mapping displays at least one selectable geolocation indicator. Each geolocation indicator represents an indicated location of a gathering of at least two anonymous portable digital devices. The electronic mapping is configured to display indicator identification information on the user device for the momentarily selected indicator.

There is provided a method and system for supporting secure data routing for artificial intelligence services in a communication network. According to embodiments there is provided a system including a platform controller for managing artificial intelligence (AI) services and a coordinator for managing data transmission of the AI services. The platform controller is configured to obtain, from an AI controller, a first security credential used for re-encryption of uplink data for an AI service, wherein the uplink data includes encrypted data from a device and obtain, from the device, a second security credential for re-encryption of downlink data for the AI service, wherein the second downlink data includes encrypted data from an AI server. The platform controller is further configured to provide, to the coordinator, both the first security credential and the second security credential. The coordinator is configured to receive, from the platform controller, both the first security credential and the second security credential and perform re-encryption of the uplink data for the AI service and send re-encrypted uplink data to the AI server. The coordinator is further configured to perform re-encryption of the downlink data for the AI service and send re-encrypted downlink data to the device.