Abstract: Methods, computing systems and computer program products implement embodiments of the present invention that include defining multiple primitives, each of the primitives including ranking and unranking methods. Two or more of the multiple primitives are selected, and an operation is performed on the selected primitives, thereby defining a complex format. Upon an encryption processor receiving a data record including a plaintext, the complex format is applied to the plaintext, thereby generating a non-reversible token. In some embodiments, the generated token is transmitted a remote computer.

Abstract: A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input.

Abstract: Dynamic data masking by intercepting data derived from a database, creating a tabular representation of the data, and masking any of the data in accordance with a masking policy that specifies which of the data are to be masked if a masking condition is met, where the masking condition references the tabular representation of the data using a tabular positional reference.

Abstract: Accessing a password-secured computer software application by acquiring an input password, generating at a first computer an output password from the input password using password generation data, where the output password differs from the input password, and providing the output password to a second computer as part of a request to access a password-secured computer software application using the output password, where the password-secured computer software application is accessible using the output password, and where the password-secured computer software application is inaccessible using the input password.

Abstract: Methods, computing systems and computer program products implement embodiments of the present invention that include defining, for a data masking engine executing in a platform as a service (PaaS) based software environment, one or more data masking rules. Upon detecting, by the data masking engine, data processed by a software application executing within the PaaS based software environment and in accordance with a given data masking rule, the data masking engine can perform a data masking operation on the data.

Abstract: A data processing method is provided including intercepting a data query for deriving data from a data set, intercepting data results of processing the data query, and processing the data results in accordance with a processing rule that specifies a processing action to be performed with one or more portions of the data results if a processing condition is met, thereby producing processed data results, wherein the processing condition is dependent on both a) information associated with the data query, wherein the information associated with the data query is ascertained independently from the data results, and b) information associated with the data results, wherein the information associated with the data results is other than the information associated with the data query.

Abstract: Methods, computing systems and computer program products implement embodiments of the present invention that include defining multiple primitives, each of the primitives including ranking and unranking methods. Two or more of the multiple primitives are selected, and an operation is performed on the selected primitives, thereby defining a complex format. Upon an encryption processor receiving a data record including a plaintext, the complex format is applied to the plaintext, thereby generating a non-reversible token. In some embodiments, the generated token is transmitted a remote computer.

Abstract: A data security method including creating a token-including plaintext by including a predefined token into a plaintext, generating a cyphertext by encrypting the token-including plaintext using format-preserving encryption, generating a decrypted cyphertext by decrypting an input text, determining whether the decrypted cyphertext includes a first predefined token, if the decrypted cyphertext includes the first predefined token, recreating the plaintext by removing the first predefined token from the decrypted cyphertext, and if the decrypted cyphertext does not include the first predefined token, using the input text as the plaintext.

Abstract: In an approach to masking data in a software application associated with a mobile computing device, one or more computer processors receive a request to display data in a software application on a mobile computing device. The one or more computer processors determine whether one or more masking rules apply to the data, where determining whether one or more masking rules apply to the data is performed by an instrumentation of application binary of the software application. In response to determining that one or more masking rules apply to the data, the one or more computer processors mask, based on the one or more masking rules, the data, where masking is performed by the instrumentation of application binary of the software application.

Abstract: There is provided a method for receiving an image series including at least one image object, comprising: receiving, at an imaging server, a network message from an imaging client, the network message indicative of a start of transmission of an image series; applying a trained classifier to the network message to determine a number of image objects associated with the image series; counting the number of image objects transmitted by the imaging client and received at the imaging server; and generating a message indicative of termination of the image series when the determined number of image objects have been received at the imaging server.

Abstract: Machines, systems and methods for remotely provisioning computing power over a communications network are provided. The method may comprise selecting one or more tasks being executed on a first computing system to be migrated for execution on a second computing system connected to the first computing system by way of a communications network; determining a first point of execution reached during the execution of at least a selected task on the first computing system prior to the selected task being migrated for execution to the second computing system; migrating the selected task to the second computing system, wherein the second computing system continues to execute the selected task from the first point of execution; and monitoring the connection between the first computing system and the second computing system so that in response to detecting a disconnection, execution of the selected task continues seamlessly.

Abstract: Machines, systems and methods for remotely provisioning computing power over a communications network are provided. The method may comprise selecting one or more tasks being executed on a first computing system to be migrated for execution on a second computing system connected to the first computing system by way of a communications network; determining a first point of execution reached during the execution of at least a selected task on the first computing system prior to the selected task being migrated for execution to the second computing system; migrating the selected task to the second computing system, wherein the second computing system continues to execute the selected task from the first point of execution; and monitoring the connection between the first computing system and the second computing system so that in response to detecting a disconnection, execution of the selected task continues seamlessly.

Abstract: A method comprising using at least one hardware processor for: obtaining haptic data comprising multiple data channels representing multiple characteristics of the haptic data; analyzing the haptic data to identify sensitive portions of the haptic data to which haptic masking rules apply; and masking the haptic data by applying the haptic masking rules to the sensitive portions of the haptic data in one or more data channels of the multiple data channels.

Abstract: A method comprising using at least one hardware processor for: receiving input from a user with respect to masking of a data element in one or more documents of a java script object notation (JSON) type, wherein the input comprises: an identifier of the data element, and one or more constraints for masking the data element based on the hierarchy of the one or more documents of the JSON-type; and generating a masking rule for the one or more documents of the JSON-type based on the input.

Abstract: A method comprising using at least one hardware processor for: computing a tree edit distance between two medical treatment plans; and displaying an output based on the computed tree edit distance. The two medical treatment plans are optionally a recommended treatment plan and an executed treatment plan. The output is optionally indicative of compliance of the executed treatment plan with the recommended treatment plan.

Abstract: Machines, systems and methods for supporting clinical decisions comprises providing a graphical user interface (GUI) to facilitate selection of one or more treatment plans (TPs) for one or more clinical presentations (CPs), wherein data records for the TPs and the CPs are implemented over a data structure that defines one or more relationship between the CPs and the TPs, according to medical guidelines or clinical data, wherein interaction with the GUI allows for filtering through TPs associated with one or more CPs, or filtering through CPs associated with one or more TPs, wherein selecting a CP from among a plurality of the CPs results in display of one or more TPs associated with the selected CP, and wherein cross-referencing between results displayed in response to the selection of the selected CP and TP provides details that help determine one or more relevant TPs for a target CP.

Abstract: Method, system, and computer program product are provided for predicting diagnosis of a patient performed by a computerized device. The method may include: modeling data from a group of successfully diagnosed patients, wherein the data is modeled as treatment paths of patients including referrals to medical practitioners; and predicting diagnosis for a current patient by comparing a treatment path of the current patient with the modeled treatment paths of successfully diagnosed patients, including calculating a probability of a given diagnosis from the modeled treatment paths. The method may include: defining a set of medical entities including medical practitioners to which a patient has been referred; and gathering treatment paths of successfully diagnosed patients, wherein the treatment path links medical entities in a directional route.

Abstract: A method, system or computer usable program product for masking communication data using context based rules including intercepting a communication between a server and a client by an intermediary, the communication having a recipient, parsing the communication by the intermediary to determine whether a context based alteration rule should be applied, responsive to an affirmative determination, applying the rule to the communication to produce an altered communication with altered data, and sending the altered communication to the recipient so that the altered data in the communication is utilized in a masked manner.

Abstract: A method for simplifying an extensible markup language (XML) schema, including: identifying data in an instance specification as variable or fixed, wherein the instance specification corresponds to a complex XML schema; determining a set of types including the variable data, wherein the set of types conforms to a structure of the complex XML schema; capturing the set of types as metadata annotations associated with the instance specification; and generating a simplified XML schema from the instance specification, wherein the simplified XML schema is stored on a memory device.

Abstract: Machines, systems and methods for remotely provisioning computing power over a communications network are provided. The method may comprise selecting one or more tasks being executed on a first computing system to be migrated for execution on a second computing system connected to the first computing system by way of a communications network; determining a first point of execution reached during the execution of at least a selected task on the first computing system prior to the selected task being migrated for execution to the second computing system; migrating the selected task to the second computing system, wherein the second computing system continues to execute the selected task from the first point of execution; and monitoring the connection between the first computing system and the second computing system so that in response to detecting a disconnection, execution of the selected task continues seamlessly.