Systems and methods of a cipher-based system for tracking a patient within a clinical pharmacy workflow, the system includes providing a meshed network having patient devices that communicate patient data with aggregators. The patient devices and aggregators located within the space form a meshed network, the aggregators communicate data to a computer in communication with a cloud-based network. A patient device with a mobile application wirelessly communicates with an internet system in communication with the cloud-based network. Receiving by the computer, information about the user patient device entering the meshed network by wireless tags positioned within the space. Information is obtained by the patient devices during a recognition process by wirelessly transmitting messages between the wireless tags to aggregators, and then wirelessly transmitting information from the aggregators to the computer, the computer communicates with the cloud-based network, the cloud-based network communicates with healthcare administrator systems via jointly defined API interface.

An approach is provided for device-side probe trajectory anonymization based on negative gapping. The approach involves, for example, collecting a probe trajectory stream from a sensor of a probe device, wherein the probe trajectory stream comprises a time-sequence of location data points representing a sensed movement of the probe device. The approach also involves generating a plurality of subtrajectory streams from the probe trajectory stream. The approach further involves processing the plurality of subtrajectory streams to create a negative gap between the plurality of subtrajectory streams. The approach further involves providing the plurality of subtrajectory streams as an output in place of the probe trajectory.

The present disclosure provides systems and methods for content quasi-personalization or anonymized content retrieval via aggregated browsing history of a large plurality of devices, such as millions or billions of devices. A sparse matrix may be constructed from the aggregated browsing history, and dimensionally reduced, reducing entropy and providing anonymity for individual devices. Relevant content may be selected via quasi-personalized clusters representing similar browsing histories, without exposing individual device details to content providers.

Performance of devices can be evaluated and enhanced in software-defined systems. For example, a computing device can receive, at a server of a software-defined system, a first plurality of properties describing a client system in the software-defined system. The computing device can compare, by the server, the first plurality of properties to additional properties describing at least one additional client system in the software-defined system. The computing device can determine, by the server, an adjustment for the client system based on the comparison and a similarity of the client system to each of the at least one additional client system. The computing device can output, by the server, an indication of the adjustment to the client system.

Systems, methods, and apparatus are described herein for determining a location from anonymous data. For example, a computing device may receive anonymous data associated with a browser session initialized by a user via a browser on a user computing device. The computing device may determine that the user has not been assigned a unique identifier. The computing device may determine whether the user opted-in to location tracking. If the user opted-out of location tracking, the computing device may determine a latitude coordinate and a longitude coordinate of the user computing device during the browser session. The computing device may identify a physical address for the user based on the latitude coordinate and the longitude coordinate, for example, using a map application programming interface (API). The computing device may assign the unique identifier to the user. The computing device may associate the unique identifier to the physical address.

The disclosed computer-implemented method may include receiving, from a third party, a portion of data or computer-executable logic that is part of a specified model. Each model may include various portions of independently verifiable computer-executable logic. The method may further include receiving data at a processing engine. The processing engine may be configured to apply the specified model to the received data. The method may then execute the specified model at the processing engine to modify the received data and send the modified data to an application that is configured to process the modified data. Various other methods, systems, and computer-readable media are also disclosed.

A first request is received for a temporary alternate identifier for a user, wherein the user is identified within a service using a user service identifier, and wherein the temporary alternate identifier assists in transferring the user service identifier from the service to a resource. In response to the first request, the temporary alternate identifier is generated and associated with the user service identifier. The temporary alternate identifier is then provided the user, and the temporary alternate identifier is also provided by the user to the resource. A second request is received, from the resource, for an associated service identifier that is associated with the temporary alternate identifier. An indication is then provided, to the resource, that the user service identifier is the associated service identifier.

An apparatus comprises a network node, a random number generator, and a message generator to schedule transmission of a beacon message, wherein an administrative rule engine applies appropriate security safeguards to modify PII collection policies of the node. The node having an application collecting data to reside in at least one segregated data storage. The application comprises a distinguishing module, a de-identification module, an anonymization module, a minimum collection module, a minimum retention module, and a categorization module. The random number generator generates random times for transmitting the beacon message and for generating random channels for transmitting the beacon message. The message generator generates the beacon message, which includes dynamic configuration updates for the administrative rule engine, wherein the dynamic configuration updates comprises obligations to protect confidentiality, context of use, user assignments, permission assignments, role hierarchy relations, access authorizations, access restrictions, and job duties.

A device, system and method for privacy enhanced proximity detection by secure collaboration between a first party without access to user locations and a second party without access to a target user identifier. The second party may receive from the first party a homomorphic encryption public key and homomorphic encrypted target user identifier or masked target location, and may determine an associated homomorphic encrypted target user location. The second party may search a homomorphically encrypt database of user locations and associated user identifiers for homomorphic encrypted proximate user identifiers associated with homomorphic encrypted user locations proximate to the homomorphic encrypted target user location. The second party may send the first user the search result of homomorphic encrypted proximate user identifiers to be decrypted by the first party with a private key to identify proximate user identifiers without knowing their locations.

A system and method for creating priority-based regulated network interlinks between electronic devices is disclosed. The system receives a communication request from a first device to communicate with a second device and identifies whether the first device is comprised within a primary affinity group associated with the second device. If the first device is not found in the primary affinity group one or more secondary affinity groups are identified, each secondary affinity group associated with an electronic device different than the first and second devices. Based on scoring of each secondary affinity group, handling criteria for the communication object is determined and used to create a network interlink between the first device and the second device.