A device obtains previously created data content. The device unmasks and extracts one or more chain of custody blocks stored in association with the data content. The one or more chain of custody blocks includes chain of custody data identifying who, when, where, and, with what hardware and/or software, created or edited the data content. The device analyzes the one or more chain of custody blocks and validates an origination of the data content based on the analysis of the one or more chain of custody blocks.

A protocol that is managed by a coordinating network element or third-party intermediary or peer network elements and utilizes tokens prohibits any subset of a union of the coordinating network element or third-party intermediary, if any, and a proper subset of the processors involved in token generation from substantively accessing underlying data. By one approach, processors utilize uniquely-held secrets. By one approach, an audit capability involves a plurality of processors. By one approach, the protocol enables data transference and/or corroboration. By one approach, transferred data is hosted independently of the coordinating network element. By one approach, the coordinating network element or third-party intermediary or a second requesting network element is at least partially blinded from access to tokens submitted by a first requesting network element. By one approach, a third-party intermediary uses a single- or consortium-sourced database. By one approach, network elements provisioned with tokens jointly manage the protocol.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for protecting user privacy in the playback of user sessions are described. In one aspect, a method includes accessing, for a user session with one or more user interfaces, event data that includes interface data specifying a structure of the user interface(s), and, for each of one or more user interface elements for which content was presented by the user interface(s) during the user session, an encrypted content element including the content of the user interface element encrypted using a public key corresponding to a rule enabling recording of the content of the user interface element and data identifying the rule. Playback of the user session is generated including, for each of the interface element(s), decrypting the encrypted content element for the user interface element and presenting the decrypted content during the playback of the user session.

A building system for operating a building and managing private building information includes a processing circuit configured to receive a request for information for a building entity of a building entity database. The processing circuit is configured to select one of the mask templates from the entity database based on access values associated with the requesting device and a relational link between the building entity and the mask templates, retrieve private information for the building entity in response to a reception of the request for the information, and generate a masked information data structure based on the private information and the one of the mask templates.

Information is removed from data transmitted over networks and stored in data storage facilities by generating non-informational data as an output from a series of nodes (routers, computing devices or logical routing applications) by using a function that applies random data to the data received at each node. The function may be an XOR and the random data may be a pseudorandom string of the same length as the informational data. The non-informational data may be managed normally without concern for security. When the informational data is needed it can be re-generated using the non-informational data and a cascade of the random data from the series of nodes as inputs to an inverse function (XOR is its own inverse). The random data may be generated from a smaller random seed.

This disclosure relates to a method for vertical federated learning. In multiple participation nodes deployed in a multi-way tree topology, an upper-layer participation node corresponds to k lower-layer participation nodes. After the upper-layer participation node and the k lower-layer participation nodes exchange public keys with each other, the upper-layer participation node performs secure two-party joint computation with the lower-layer participation nodes with a first public key and second public keys as encryption parameters to obtain k two-party joint outputs of a federated model. Further, the upper-layer participation node aggregates the k two-party joint outputs to obtain a first joint model output corresponding to the federated model. As such, a multi-way tree topology deployment-based vertical federated learning architecture is provided, improving the equality of each participation node in a vertical federated learning process.

According to an example, key splitting may include utilizing a masked version of a master key that is masked by using a mask.

Some embodiments enable distributing data (e.g., recorded video, photographs, recorded audio, etc.) to a plurality of users in a manner which preserves the privacy of the respective users. Some embodiments leverage homomorphic encryption and proxy re-encryption techniques to manipulate the respective data so that selected portions of it are revealed according to an identity of the user currently accessing the respective data.

One-to-many cryptographic systems and methods are disclosed, and a network employing the same, including numerous industry applications. The embodiments of the present invention can generate and regenerate the same symmetric key from a random token. The one-to-many cryptographic systems and methods include a central location and a cryptographic module being in communication with each other. The cryptographic module is configured to encrypt and/or decrypt data received a remote location and output encrypted and/or decrypted data. The cryptographic module includes a key generator configured to use two or more inputs to reproducibly generate the symmetric key and a cryptographic engine configured to use the symmetric key for encrypting and decrypting data. Corresponding methods, and network employing the same, are also provided.

Disclosed herein are methods and systems for strengthening encryption schemes to side channel attacks. The strengthening of the encryption schemes can involve affine masking of one or more elements of the encryption schemes.