Abstract: Techniques for predicting a penal code and modifying an annotation based on the prediction are provided. A sentence describing a scene captured with a video capture device may be received form a video description system. The scene may depict a criminal act. An artificial intelligence bot may identify a penal code that has the highest probability of being associated with the criminal act described by the sentence. The sentence may be modified based on a lexicon associated with the identified penal code. Feedback indicating if the identification of the penal code was correct may be received. The feedback may be used to train the artificial intelligence bot.

Abstract: A system for reducing computational load for training machine learning models is provided. The system may provide an end-to-end-solution for automating development, testing and updating of machine learning models in various operational environments. The system may determine which machine learning models included in a computer program product need to be retrained in response to a change in training data. For a computer program product that includes multiple models, the system only retrains target models, resulting in significant savings in computing resources. The system may also reduce the number of machine learning models that need to be generated for testing environments, further reducing consumption of computational resources.

Abstract: Detecting fraudulent activity can be a complex, manual process. In this paper, we adapt statistical properties of count data in a novel algorithm to uncover records exhibiting high risk for fraud. Our method identifies shelves, partitioning data under the counts using a Student's t-distribution. We apply this methodology on a univariate dataset including cumulative results from phone calls to a customer service center. Additionally, we extend this technique to multivariate data, illustrating that the same method is applicable to both univariate and multivariate data.

Abstract: A method for pushing a data within a template in an educational setting comprising: scanning, via a first user device, a first tag, said first user device having first a unique ID and said first tag being a master tag and comprising a first tag ID; scanning, via a second user device, a second tag, said second user device having a second unique ID and said second tag having a second tag ID and being controlled by said master tag; defining a template being loaded onto said second user device upon the scanning of the second tag; and wherein the template comprises data corresponding to said second tag ID, said second unique ID, and a time corresponding to the scanning of said second tag.

Abstract: Detecting fraudulent activity can be a complex, manual process. In this paper, we adapt statistical properties of count data in a novel algorithm to uncover records exhibiting high risk for fraud. Our method identifies shelves, partitioning data under the counts using a Student's t-distribution. We apply this methodology on a univariate dataset including cumulative results from phone calls to a customer service center. Additionally, we extend this technique to multivariate data, illustrating that the same method is applicable to both univariate and multivariate data.

Abstract: Aspects of the present disclosure are operable to protect against malicious objects, such as JavaScript code, which may be encountered, downloaded, or otherwise accessed from a content source by a computing system. In an example, antivirus software implementing aspects disclosed herein may be capable of detecting malicious objects in real-time. Aspects of the present disclosure aim to reduce the amount of time used to detect malicious code while maintaining detection accuracy, as detection delays and/or a high false positive rate may result in a negative user experience. Among other benefits, the systems and methods disclosed herein are operable to identify malicious objects encountered by a computing system while maintaining a high detection rate, a low false positive rate, and a high scanning speed.

Abstract: Detecting fraudulent activity can be a complex, manual process. In this paper, we adapt statistical properties of count data in a novel algorithm to uncover records exhibiting high risk for fraud. Our method identifies shelves, partitioning data under the counts using a Student's t-distribution. We apply this methodology on a univariate dataset including cumulative results from phone calls to a customer service center. Additionally, we extend this technique to multivariate data, illustrating that the same method is applicable to both univariate and multivariate data.

Abstract: A system and a method are performed by a processor. A set of challenge questions for authenticating a plurality of customers to perform high-risk activities in their respective accounts associated with an entity is received. A machine learning model is used to determine an authentication score for each challenge question in the set and used to rank them. An electronic request on a computing device from an unverified customer who desires to perform a high-risk account activity is received. The unverified customer is authenticated either as a fraudster or a verified customer based on answers to the ranked challenge questions. The processor performs either allowing the verified customer to perform the at least one high-risk account activity with a respective account associated with the verified customer or blocking the fraudster to perform the at least one high-risk account activity.

Abstract: Various devices, systems, structures and methods are disclosed related to securely authorizing a transaction by synchronizing digital genomic data with associated synthetic genomic variants. An embodiment of the present invention utilizes digital genomic data associated with an entity, such as a person, who may utilize a genome-based security device to complete a transaction. In one embodiment, a person may use a genome-based security device to communicate with an external device over a wireless or other communication interface, synchronize digital genomic data and an associated synthetic variant received from the external device with digital genomic data and associated synthetic variant stored on the genome-based security device.

Abstract: Various devices, systems, structures and methods are disclosed related to securely authorizing a transaction by synchronizing digital genomic data with associated synthetic genomic variants. An embodiment of the present invention utilizes digital genomic data associated with an entity, such as a person, who may utilize a genome-based security device to complete a transaction. In one embodiment, a person may use a genome-based security device to communicate with an external device over a wireless or other communication interface, synchronize digital genomic data and an associated synthetic variant received from the external device with digital genomic data and associated synthetic variant stored on the genome-based security device.

Abstract: A hardware system enables computer network interaction between network identity services and account-based service applications. In some examples, the network identity service biometrically identifies people. The network identity services and/or account-based service applications interact to exchange data in order to monitor, track, initiate, and/or cooperatively and/or individually perform various functions while protecting data that should not be shared and minimizing communication network usage and hardware and software resources. This interaction enables both to accomplish more and different tasks than they could individually while improving operational efficiency of hardware and software components of both.

Abstract: System and media for determining whether to conduct a transaction with a consumer claiming an identity. Identity points for the identity are stored in a first blockchain. Past transactions conducted by the party are stored in a second blockchain. Permission to read and/or write to the various blockchains are stored in a third blockchain. When the consumer desires to conduct a transaction, they can append a permission for the counterparty to access the identity and/or transaction chains to their permission chain. The counterparty can then make an informed decision as to whether to conduct the transaction with the consumer based on the information stored in the various blockchains.

Abstract: In an anonymous matching system, a demand-side service platform (DSP) may select segments to populate a target audience. A data warehouse platform and a multichannel video programming distributor (MVPD) platform ingest address lists, eliminate personally identifiable information (PII) from the address lists, and process the de-identified addresses to generate deterministic unique anonymous household identifiers (UHIDs). Households may be selected, for example, at the DSP's direction, to form a query request without exposing the PII. In response to the query request, the MVPD platform determines a matching UHID and includes a matching household attribute, such as an IP address or the like, in a query response without exposing the PII.

Abstract: An integrated system for art examination includes a power module, an information receiving and a storage module, an information processing module, a control module, a display module, a paper printing module, and a paper processing module; the information receiving and storage module is used to receive and transmit an examinees registration information, an examination room information and an on-site identity information to the information processing module; the information processing module is used to verify whether the examinees registration information is consistent with the on-site identity information and transmits a conclusion to the control module; the control module controls the display module, the paper printing module and the paper processing module; the display module is used to display information to guide an exam worker how to operate, and an input of the examinee's on-site identity information is completed on the display module through a human-computer interaction.

Abstract: In an illustrative embodiment, an automated system engineers customized feature vectors from geospatial information system (GIS) metadata. The system may include computing systems and devices for extracting metadata for GIS features located within a predetermined distance of a property from a GIS map file and storing the extracted GIS features within a feature vector. The system can augment each of the extracted GIS features with amplifying data features extracted from external data sources. The system can calculate a distance between the property and each extracted GIS feature, which establishes a relationship between the property and each GIS feature and associated amplifying data features. Amounts of correlation between each of the extracted GIS features and associated amplifying data features within the feature vector and a market assessment of the property location can be identified using a data model trained with a data set customized to characteristics of the property.

Abstract: A computer-implemented method comprising: establishing, by an operation device, a wireless communication with a remote device; authenticating, by the operation device, the wireless communication with the remote device; receiving, at the operation device, a first command to perform a first operation; establishing a first maximum delay period using an estimated time delay, wherein the estimated time delay comprises an authentication delay, an encryption delay, or a combination thereof; determining, by the operation device, that the first command is received within a first maximum delay period; performing, by the operation device, the first operation; receiving, at the operation device, a second command to perform a second operation; establishing a second maximum delay period using the estimated time delay; determining, by the operation device, that the second command is received within a second maximum delay period; and performing, by the operation device, the second operation instructed in the second command.

Abstract: Systems and methods for automatically applying changed templates across user-facing applications are disclosed. A system may include at least one processor configured to store a customized template in a repository and integrate the customized template into the user-facing applications, wherein the integrated customized template enables tailoring of data associated with the user-facing applications into which the template is integrated. The processor may update the customized template, push the updated customized template to user-facing applications in which the customized template was integrated, and enable, via the pushed update, a simultaneous change in tailoring of data within each of the user-facing applications in which the customized template was integrated.

Abstract: An example operation may include one or more of receiving, by an accident processing node, an accident report from a transport, determining, by an accident processing node, a time and location parameters of the accident based on the report, querying, by an accident processing node, transport profiles on a storage based on the time and location parameters, and responsive to the transport profiles containing data corresponding to the time and location parameters, sending a request to access the transport profiles.

Abstract: Techniques process an access management permission. Such techniques involve: receiving, from a client, a first request for obtaining an access management permission of a file. The techniques further involve: obtaining a current score of the file, wherein the current score indicates a probability of receiving, after the access management permission is assigned to the client, a second request conflicting with the first request. The techniques further involve: assigning the access management permission to the client if it is determined that the current score is greater than or equal to a threshold score. Such techniques alleviate the need to assign, to a client, the access management permission of a file with a high probability of an access conflict, thus enhancing the performance of the server as well as the user experience.

Abstract: A method of requesting a lock-event utilizing a regional lock-state system is configured to request a lock-event by sending a lock-event request from a mobile device to a control arrangement. Upon receipt, the lock-event request is recorded by the control arrangement. An administrator notification is then sent to an administrator device for alerting an administrator. The lock-event command is initiated by the administrator via the administrator device. A lock event directive is then sent to the mobile device. Upon receipt, a lock-event command is sent from the mobile device to a lock assembly.

Abstract: A mobile device presents representations of payment accepting unit events on a display, by identifying a payment accepting unit that is available to accept payment from a mobile payment application executing on the mobile device, displaying a visual indication of the payment accepting unit and accepting user input to receive selection of the payment accepting unit and trigger payment, establishing a wireless communication path including the mobile device and the payment accepting unit, enabling user interaction with the user interface to complete the transaction, exchanging information with the available payment accepting unit via the one or more radio transceivers in conjunction with the transaction, and displaying an updated user interface of the mobile payment application.

Abstract: A computing system comprises a controller configured to detect a reassignment input to reassign all computing resources from a source server farm to a target server farm, a resource capacity reassignment component configured to incrementally reassign all of the computing resources from the source server farm to the target server farm, in a plurality of fixed increments, and a database move component configured to, after reassigning each fixed increment of the computing resources to the target server farm, move a set of databases, corresponding to a previously reassigned fixed increment of computing resources, from the source server farm to the target server farm, for servicing at the target server farm.

Abstract: Embodiments described include a computing device for generating risk scores of network entities. The computing device can include one or more processors configured to detect a plurality of risk indicators. Each of the risk indicators identify one of a plurality of activities of a network entity of an organization. The network entity includes a device, an application or a user in the organization's network. The one or more processors can generate a risk score of the network entity, by combining a risk value, an amplification factor and a dampening factor of each of the plurality of risk indicators, and adding an adjustment value for the plurality of risk indicators. The one or more processors can determine, using the generated risk score, a normalized risk score of the network entity. The one or more processors can initiate an action according to the normalized risk score.

Abstract: Systems and methods are described, and an example system includes, in association with an intermediate, a server and a validation module on the server. The server receives a communication from a mobile device, carrying a customs information. The validation module performs a validation on the customs information and in association with an affirmative validation outcome stores the customs information as a validated information. Upon an occurrence, optionally an event and optionally a time, the validation module sends the validated information to an authorization authority server for vetting. The intermediate server receives an electronic receipt from the authorization authority server, the receipt including an indication of a result of the vetting, and communicates, via the network, the receipt to the mobile device.

Abstract: A system and method of this disclosure identifies and prioritizes utility services infrastructure assets and other structures located within a selected service territory that may be potentially impacted by a natural hazard event. The method dynamically displays a map on a graphical user interface, the map containing virtual representations of the utility services infrastructure assets, the non-utility services structures, and a magnitude of the natural hazard event in relation to those assets and structures. Using one of more predetermined rules, a prioritized list of the utility services infrastructure assets that should be inspected within the selected service territory may be dynamically generated. The predetermined rules may include a likelihood of damage and a consequence severity such as, but not limited to, effect on service or public health or safety. Users may be automatically notified when a magnitude of the event is at least as great as a predetermined threshold.

Abstract: A method of using browsing activity to identify fraudulent online or virtual applications includes receiving a virtual application over one or more radio frequency links, determining an applicant name on the virtual application, determining an IP address of a source computer from which the virtual application originated, determining an online browsing or search history associated with the IP address, determining whether the online browsing or search history indicates recent Internet searches for the applicant name, and, in response to determining that the online browsing or search history does indicate recent Internet searches for the applicant name, flagging the virtual application as fraudulent and generating an electronic alert indicating that the virtual application is fraudulent to facilitate identifying fraudulent virtual applications for goods or services.

Abstract: Disclosed are systems and methods to create apparel and other goods that provide embedded verification of a transferrable non-fungible token (“NFT”). For instance, a system may identify a good with a visualization of an NFT artifact, and a tag that is encoded with a unique network identifier. The system may obtain data for a profile of a user that purchases the good, may link the data from the profile of the user to the unique network identifier, may record the user as an owner of a NFT created for the NFT artifact on a blockchain, and may link the NFT to the unique network identifier. The system may present a website that is dynamically populated with the data from the profile and ownership information recorded with the NFT on the blockchain in response to a request from a device that reads the unique network identifier from the tag.

Abstract: Provided is a computer-implemented method for verifying a user identity, including: receiving, from a user device, authentication data for a user, the authentication data including an account identifier corresponding to an account with a first issuer institution; generating, with at least one processor and based at least partially on the authentication data, a passcode; communicating the passcode to the user device or a second device associated with the user; receiving, with at least one processor, a verification request comprising the passcode; and verifying, with at least one processor, an identity of the user based on validating the passcode.

Abstract: Methods and systems are provided to efficiently update account profiles based on a predicted likelihood of use, including by ranking the account profiles according to the likelihood of use. The disclosed system can considerably improve the processing time to update account profiles with the most recent information available, including new access requests. An authentication platform receives a plurality of new access requests, including request data and account identifiers associated with account profiles. The request data is transmitted to a prediction engine that determines a ranking of the account identifiers based on a predicted likelihood of use during a next time interval. A profile batch scheduler retrieves a first set of access requests based on the ranking. The system updates a first set of account profiles based on the ranking, and stores the updated account profiles for use by the authentication platform.

Abstract: A computerized system for verifiably that individual is associated with an event comprising: a computer system in communication with an immutable storage; a set of computer readable instructions included in the computer system configured for: creating a first event record using a first data capture device wherein the first event record includes a first location, a first time and a first set of metadata wherein the first set of metadata includes a first digital representation of an individual, creating a subsequent event record using a second data capture device wherein the subsequent event record includes a second location, a second time and a second set of metadata wherein the second set of metadata includes a subsequent digital representation of a second individual; and, determining a timespan between the first time and the second time and determining if the timespan is consistent with the individual traveling from the first location to the second location.

Abstract: A security system executing on an intelligent assistant is provided. A computing device receives communicated data from a user within a threshold level of proximity of an intelligent assistant. A computing device determines an identity of the user based, in part, on the communicated data. Responsive to a computing device (i) analyzing the communicated data and (ii) a history of interactions between the user and an authorized user of the intelligent assistant, the one or more processors generate a predicted response of the authorized user to the communicated data. A computing data communicated the predicted response to the user via the intelligent assistant.

Abstract: A system and computerized method for monitoring and analyzing animal related data. In one embodiment, the system includes a processor and memory operable to identify a parameter related to animal management for species in a biological environment, aggregate animal related data from different sources about the parameter of the species, identify a baseline for the parameter, correlate the animal related data against the baseline to obtain correlated data, and analyze said correlated data to assess said animal management.

Abstract: In an anonymous matching system, a demand-side service platform (DSP) may select segments to populate a target audience. A data warehouse platform and a multichannel video programming distributor (MVPD) platform ingest address lists, eliminate personally identifiable information (PII) from the address lists, and process the de-identified addresses to generate deterministic unique anonymous household identifiers (UHIDs). Households may be selected, for example, at the DSP's direction, to form a query request without exposing the PII. In response to the query request, the MVPD platform determines a matching UHID and includes a matching household attribute, such as an IP address or the like, in a query response without exposing the PII.

Abstract: In a system for video data capture and sharing client devices may include one or more video cameras and sensors to capture video data and to generate associated metadata. A cloud-based component may receive metadata from the client devices and requests for sharing video data captured by other client devices. The system can be used to implement a ridesharing method to connect a rider to a driver. Information about the driver and rider is accessed when a driver accepts a ridesharing request. Camera devices in the pickup area can detect the license plate of the driver's vehicle to confirm its arrival and a client device in the vehicle can facially recognize the driver at the wheel. Similarly, the location of the rider in the pickup area can be verified, for example through a face recognition scan.

Abstract: Methods, systems, and media are shown for reducing the vulnerability of user accounts to attack that involve creating a rule for a user account that includes a permitted parameter corresponding to a user account activity property, monitoring the account activity of the user account. If it is determined that account activity property is inconsistent with the permitted parameter, then the user account is disabled. An example of a permitted parameter is a permitted time period, such as a start time, an end time, a recurrence definition, a days of the week definition, a start date, an end date, and a number of occurrences definition. Other examples are a physical parameter, such as a permitted geographic location, device, or network, or a permitted usage parameter, such as a permitted application, data access, or domain.

Abstract: The disclosure relates to a system and method for consumers to identify articles at a place of sales before purchasing, which are high in security level, low in cost, mobile, high in availability and easy to use. The system and the method are based upon capture of the physical and logic features of a security label containing at least two security tracers applied to an article, and also upon local or remote processing, and at least one of the tracers comprises an invisible energy response material. The identification operation can be performed in a special and offline way by any system of registered consumers through a mobile communication device that has an image capture component and is combined with other particular functions of system software.

Abstract: An emergency management system having a downloadable cloud base website that assists in the management of an emergency event. Based upon an emergency notification from a first responder, the website sends an initial emergency notification to primary parties. Based upon the type of emergency, a second emergency notification is sent to secondary parties. A two-way communication system is activated between the secondary parties and at least one of the primary parties known as an administrator.

Abstract: Systems and methods for detecting a tampering and identifying a location of a digital recording are provided. A frequency sequence and a phase angle sequence may be extracted from the digital recording. A portion of the frequency sequence may be matched to one of a plurality of reference frequency sequences, and a portion of the phase angle sequence may be matched to one of a plurality of reference phase angle sequences. Tampering of the digital recording may be detected when the frequency and phase sequences differ from the matched reference sequences. Moreover, a noise sequence may be extracted from the extracted frequency sequence. A location of the digital recording may be identified by matching the noise sequence to one of a plurality of noise sequences of the plurality of reference frequency sequences.

Abstract: A method and system for contact tracing and alerting anonymously tracks persons within and across digitally modeled areas using registration stations within the area having scannable digital codes which are unique to the area. Upon being alerted to a contagion situation, either from a laboratory or from an area administrator, the system compares electronic visit tickets unique to each person's visit to determine overlap and generates at least one of an exposure event notifications and a contamination event notifications responsive to one or more determinations made by the comparing.

Abstract: Disclosed herein are systems and methods executing a security server that perform various processes using alert elements containing various data fields indicating threats of fraud or attempts to penetrate an enterprise network. Using alert elements, the security server generate integrated alerts that are associated with customers of the system and assign a risk score for the integrated alerts, which the security server uses to store and sort the integrated alerts according to a priority, based on the relative risk scores. Analyst computers may query and fetch integrated alerts from an integrate alert database, and then present the integrate alerts to be addressed by an analyst according to the priority level of the respective integrated alerts. This allows to ensure that the right customer, is worked by the right analyst, at the right time, to maximize fraud prevention and minimize customer impact.

Abstract: A threat assessment and response facilitation system is provided for facilitating communication relating to threat assessment, responding to a traumatic event, and provision of training materials for professionals engaged in threat assessment and trauma response activities. The threat assessment and trauma response facilitation system may include modules such as a threat assessment assistance module, learning portal module, client portal module, response coordination module, training broker module, and messaging module. A method for facilitating communication relating to threat assessment and trauma response using the threat assessment and response facilitation system is also provided.

Abstract: A disaster detection system may include a device processor; and a non-transitory computer readable medium including instructions executable by the device processor to perform the following steps: receiving data from a plurality of geographically distributed personal electronic devices; determining, based on the data received from the personal electronic devices, that a disaster has occurred; and sending information pertaining to the disaster to one or more of the personal electronic devices.

Abstract: Systems and methods are provided for managing personal identifying information (PII). An exemplary method includes receiving, from a requestor, a request related to PII for an individual. In connection therewith, a computing device determines whether a restriction on the PII or the individual applies to the request, and then broadcasts the request, subject to the determined restriction, to a service provider of a service associated with the individual where the service provider is a controller of PII of the individual. The computing device also compiles a reply to the request, based on a response from the service provider, where the reply includes the PII, and transmits the reply to the requestor. The computing device then logs multiple interactions related to the request in an audit data structure, thereby permitting compliance with PII controls to be demonstrated.

Abstract: The systems and methods described herein, given a population of entities each with associated information technology (IT) security risk scores, computes an aggregate risk score which quantifies the overall risk of the population. The method works for any arbitrary population of any size, and of any combination of different entity types and results in normalized risk scores for the arbitrary population (i.e. in the [0,1] range, regardless of population size or makeup). Since the risk scores are normalized, it affords comparison across different arbitrary entity populations having different combinations of entity types (e.g. users, servers, and printers). The aggregation technique allows for sensitivity to small numbers of high risk entities, which is a highly desirable characteristic for risk-based applications, and allows for sensitivity to different entity types or other relevant factors such as higher risk users, different threat types.

Abstract: The invention relates to a method for authenticating a face presented to a device comprising the steps in which the imager acquires an initial image of a face, the processing unit determines a pose of the face from the initial image, and determines a reference pose and a target position placed randomly or pseudo-randomly in a target space, the screen displays a displayed image (6) comprising at least one visual orientation mark (7) initially at a reference position, and a visual target (8) at the target position, updated by moving the visual orientation mark (7) according to the successive poses of the face, and the processing unit authenticates the face presented if there is a match between the position of the visual orientation mark (7) and the target position where the visual target is located (8).

Abstract: A hybrid data collection and analysis infrastructure combines edge-level and cloud-level computing to perform high-level monitoring and control of industrial systems and processes. Edge devices located on-premise at one or more plant facilities can collect data from multiple industrial devices on the plant floor and perform local edge-level analytics on the collected data. In addition, the edge devices maintain a communication channel to a cloud platform executing cloud-level data collection and analytic services. As necessary, the edge devices can pass selected sets of data to the cloud platform, where the cloud-level analytic services perform higher level analytics on the industrial data. The hybrid architecture operates in a bi-directional manner, allowing the cloud-level and edge-level analytics to send control instructions to industrial devices based on results of the edge-level and cloud-level analytics.

Abstract: A delivery system includes: a first vehicle configured to deliver a delivery object to a predetermined delivery destination; a second vehicle configured to deliver the delivery object to the first vehicle; and an authentication information issuing device configured to perform at least one of first issuance control and second issuance control. The first issuance control is control of issuing first authentication information to a second user terminal. The first authentication information is information for locking and unlocking the predetermined area of the first vehicle. The second issuance control is control of issuing second authentication information to a first user terminal. The second authentication information is information for locking and unlocking the predetermined area of the second vehicle.

Abstract: A computer implemented method and system for optimization of model parameters of at least one predictive model for detecting suspicious financial activity. The processor may select a reduced set of key indicators and corresponding scores to optimize from each of the at least one predictive model, each key indicator and corresponding score in the reduced set having an influence ranking above a predetermined influence ranking. The processor may select a best performing model candidate based on an evaluation of each reduced set of key indicators and corresponding scores. The processor may preform gradient-ascent optimization on the best performing model candidate and the at least one random model to generate a set of at least two new models for each of the best performing model candidate and the at least one random model. The processor may select the new model with the highest performance ranking.

Abstract: Identifying a person committing a crime in video data captured by a security device. An information request message identifying the video data and a need for information about the video data is received. When the video data is determined suitable for sharing within a geographic network, an access control of the video data is set to allow a client device registered with the geographic network to display the video data. A display control value of the video data is set to direct display of a label with the video data to indicate the need for the information. A rating of usefulness of the information received from the client device is determined and a first value is added to an account associated with the client device based at least in part upon the rating.

Abstract: Methods, systems and computer program products for health data protection. Embodiments commence upon receiving a data access request message from a participant in a health ecosystem. The data access request message comprises an indication of one or more health data sets that are held by or at least potentially of interest to the participant. System components are configured to receive the message and to identify the participant. Based on parameter values corresponding to a data protection policy of the participant, a data protection scheme is generated. The scheme includes parameter values derived from the data protection policy. The parameter values of the scheme are used to generate a variation of the health data set that is formed by applying one or more data anonymization, data obfuscation or other data protection techniques to the health data set. A balance among the parameters is calculated so as to achieve a desired outcome.