Abstract: Methods for cellular network authentication utilizing unlinkable anonymous credentials are disclosed. In embodiments, a method includes: contacting, by a computing device, a mobile device network with a request to connect to the mobile device network; conducting, by the computing device, an interactive credential issuance protocol with an Issuer of the mobile device network to generate an unlinkable anonymous credential; and connecting, by the computing device, to the mobile device network based on a Verifier of the mobile device network verifying the computing device based on the unlinkable anonymous credential.

Abstract: Technology for voting, or endorsing with votes, a set of subjects under review, such as a group of human individual peers or a set of products. Each voter in this system is provided with an amount of voting credits that may be allocated among and between at least some of the subjects under review. In some embodiments a discounting scheme is applied to the voting credit allocations so that multiple credits allocated to a single subject will typically count for fewer net “votes” for the subject as the number of credits allocated to that single subject increases. In some embodiments, the discounting scheme is polynomial voting.

Abstract: Methods for cellular network authentication utilizing unlinkable anonymous credentials are disclosed. In embodiments, a method includes: contacting, by a computing device, a mobile device network with a request to connect to the mobile device network; conducting, by the computing device, an interactive credential issuance protocol with an Issuer of the mobile device network to generate an unlinkable anonymous credential; and connecting, by the computing device, to the mobile device network based on a Verifier of the mobile device network verifying the computing device based on the unlinkable anonymous credential.

Abstract: Methods for cellular network authentication utilizing unlinkable anonymous credentials are disclosed. In embodiments, a method includes: contacting, by a computing device, a mobile device network with a request to connect to the mobile device network; conducting, by the computing device, an interactive credential issuance protocol with an Issuer of the mobile device network to generate an unlinkable anonymous credential; and connecting, by the computing device, to the mobile device network based on a Verifier of the mobile device network verifying the computing device based on the unlinkable anonymous credential.

Abstract: A method, apparatus and computer program product to detect whether specific sensitive data of a client is present in a cloud computing infrastructure is implemented without requiring that data be shared with the cloud provider, or that the cloud provider provide the client access to all data in the cloud. Instead of requiring the client to share its database of sensitive information, preferably the client executes a tool that uses a cryptographic protocol, namely, Private Set Intersection (PSI), to enable the client to detect whether their sensitive information is present on the cloud. Any such information identified by the tool is then used to label a document or utterance, send an alert, and/or redact or tokenize the sensitive data.

Abstract: Training a deep neural network model using a trusted execution environment is provided. A selection of two or more encrypted files owned by different entities within a plurality of encrypted files containing sensitive datasets is made by a user of a client device. The two or more encrypted files owned by the different entities are decrypted within the trusted execution environment to form decrypted sensitive datasets owned by the different entities. The decrypted sensitive datasets owned by the different entities are combined within the trusted execution environment to form combined sensitive data owned by the different entities. The deep neural network model is generated within the trusted execution environment based on the combined sensitive data owned by the different entities. The deep neural network model is trained within the trusted execution environment using the combined sensitive data owned by the different entities.

Abstract: Technology for voting, or endorsing with votes, a set of subjects under review, such as a group of human individual peers or a set of products. Each voter in this system is provided with an amount of voting credits that may be allocated among and between at least some of the subjects under review. In some embodiments a discounting scheme is applied to the voting credit allocations so that multiple credits allocated to a single subject will typically count for fewer net “votes” for the subject as the number of credits allocated to that single subject increases. In some embodiments, the discounting scheme is polynomial voting.

Abstract: A method, a computer program product and a computer system update and share relevant event information among vehicles. The method includes acquiring event information by a device having a sensor. The method also includes classifying the event information as relevant to a vehicle. The method further includes the device transmitting the event information classified as relevant to a first intermediate storage device within a range of the first intermediate storage device. In addition, the method includes the first intermediate storage device transmitting the received event information to a node in a network. The network includes at least one other vehicle within a range of the first intermediate storage device and one or more other intermediate storage devices. Lastly, the method includes a vehicle receiving the event information classified as relevant and modifying the operation of the vehicle.

Abstract: An approach for detecting potential medical conditions may be provided. Privacy laws and healthcare regulations may prevent healthcare entities from sharing data or acknowledging even seeing a patient. Secure multi-party computation can allow for the analysis of or more patient's private health data in a secure database. The private health data will only be visible to the health entity which owns or controls the data. Further, a system with oblivious random access memory may be presented which allows for the analysis of one or more patient's multiple private healthcare records. A medical condition diagnosis may be made from the analysis of the multiple private healthcare records by the secure multi-party computation using oblivious random access memory, without divulging information any private healthcare data to unauthorized parties.

Abstract: Methods for secure data monitoring utilizing secure private set intersections are disclosed. In embodiments, a computer-implemented method includes: generating a garbled circuit program compiled into a first and second half; sending the second half of the garbled circuit program to a client server of a client; receiving social network data from a social network provider; and generating search results, utilizing the first half of the garbled circuit program in cooperation with the second half of the garbled circuit program, based on client data input at the second half of the garbled circuit program. The client data is private with respect to the social network provider and the social network data is private with respect to the client.

Abstract: A method, apparatus and computer program product to detect whether specific sensitive data of a client is present in a cloud computing infrastructure is implemented without requiring that data be shared with the cloud provider, or that the cloud provider provide the client access to all data in the cloud. Instead of requiring the client to share its database of sensitive information, preferably the client executes a tool that uses a cryptographic protocol, namely, Private Set Intersection (PSI), to enable the client to detect whether their sensitive information is present on the cloud. Any such information identified by the tool is then used to label a document or utterance, send an alert, and/or redact or tokenize the sensitive data.

Abstract: Systems for secure data monitoring utilizing secure private set intersections are disclosed. In embodiments, program instructions are executable by a computing device to cause the computing device to: generate a garbled circuit program compiled into a first half and a second half; send the second half of the garbled circuit program to a client server of a client; receive social network data from a social network provider; index, utilizing the first half of the garbled circuit program in cooperation with the second half of the garbled circuit program at the client server, the social network data based on predetermined intent categories; and generate search results, utilizing the first half of the garbled circuit program in cooperation with the second half of the garbled circuit program at the client server, based on client data at the second half of the garbled circuit program.

Abstract: A first request to perform an entity resolution operation is received from a first client. The first request is related to a first record uploaded by the first client. The first record has one or more first attributes. The first record is stored in a secure data store. The first request is transmitted to a first program split of a secure multi-party computation. An entity resolution operation is performed by the first program split of the secure multi-party computation and by a third program split of the secure multi-party computation. The entity resolution operation is performed based on the received request. The entity resolution operation is related to the first record and one or more second records uploaded to the secure data store by a second client. The third program split of the secure multi-party computation operates in the secure data store.

Abstract: A method, apparatus and computer program product to detect whether specific sensitive data of a client is present in a cloud computing infrastructure is implemented without requiring that data be shared with the cloud provider, or that the cloud provider provide the client access to all data in the cloud. Instead of requiring the client to share its database of sensitive information, preferably the client executes a tool that uses a cryptographic protocol, namely, Private Set Intersection (PSI), to enable the client to detect whether their sensitive information is present on the cloud. Any such information identified by the tool is then used to label a document or utterance, send an alert, and/or redact or tokenize the sensitive data.

Abstract: Training a deep neural network model using a trusted execution environment is provided. A selection of two or more encrypted files owned by different entities within a plurality of encrypted files containing sensitive datasets is made by a user of a client device. The two or more encrypted files owned by the different entities are decrypted within the trusted execution environment to form decrypted sensitive datasets owned by the different entities. The decrypted sensitive datasets owned by the different entities are combined within the trusted execution environment to form combined sensitive data owned by the different entities. The deep neural network model is generated within the trusted execution environment based on the combined sensitive data owned by the different entities. The deep neural network model is trained within the trusted execution environment using the combined sensitive data owned by the different entities.

Abstract: A first patient intervention is identified. The first patient intervention regards a first patient record that includes one or more attributes related to a first patient. The first patient intervention is transmitted to a first program split of a secure multi-party computation. A conflict is detected in the first patient intervention and an existing medical situation regarding the first patient. The conflict is detected by the first program split of the secure multi-party computation and by a third program split of the secure multi-party computation. Based on the detected conflict, a notification is generated by the first program split. The notification is based on the detected conflict. The notification based on the detected conflict is provided to a first client.

Abstract: A method, system, and computer program product for performing strong desensitization of sensitive data within a garbled circuit includes: compiling a predetermined program into a first program, where the compiled first program is encoded in a form of a garbled circuit, and where the predetermined program runs on sensitive data; and executing the first program, where executing the first program includes: executing an analytics function using tokenized data with a first set of sensitive information and analytics data with a second set of sensitive information, where the tokenized data originated from a data provider and the analytics data originated from an analytics provider; and generating an output of the first program using a result of the analytics function, where the output contains desensitized data.

Abstract: A method, system, and computer program product for performing strong desensitization of sensitive data within a garbled circuit includes: compiling a predetermined program into a first program, where the compiled first program is encoded in a form of a garbled circuit, and where the predetermined program runs on sensitive data; and executing the first program, where executing the first program includes: executing an analytics function using tokenized data with a first set of sensitive information and analytics data with a second set of sensitive information, where the tokenized data originated from a data provider and the analytics data originated from an analytics provider; and generating an output of the first program using a result of the analytics function, where the output contains desensitized data.

Abstract: Systems for cellular network authentication utilizing unlinkable anonymous credentials are disclosed. In embodiments, a computer program product is provided including a computer readable storage medium having program instructions embodied therewith. The program instructions are executable by a computing device to cause the computing device to: contact a mobile device network with a request to connect to the mobile device network; conduct an interactive credential issuance protocol with an Issuer of the mobile device network to generate an unlinkable anonymous credential; connect to the mobile device network based on a Verifier of the mobile device network verifying the computing device based on the unlinkable anonymous credential; and store a temporary mobile subscriber identity assigned to the mobile device by the mobile device network, wherein the temporary mobile subscriber identity is filled with a null value.

Abstract: A first request to perform an entity resolution operation is received from a first client. The first request is related to a first record uploaded by the first client. The first record has one or more first attributes. The first record is stored in a secure data store. The first request is transmitted to a first program split of a secure multi-party computation. An entity resolution operation is performed by the first program split of the secure multi-party computation and by a third program split of the secure multi-party computation. The entity resolution operation is performed based on the received request. The entity resolution operation is related to the first record and one or more second records uploaded to the secure data store by a second client. The third program split of the secure multi-party computation operates in the secure data store.