Abstract: A method, apparatus and a product for data generalization for predictive models. The method comprising: obtaining a training dataset that comprises a plurality of training instances and predicted labels thereof, wherein each training instance is a valuation of a set of features, wherein the set of features comprises a feature having a domain, wherein the predicted label of each training instance is a label predicted thereto by a predictive model; training an auxiliary model using the training dataset; based on the auxiliary model, determining an alternative set of features that is a generalization of the set of features, wherein the alternative set of features comprises a generalized feature having a generalized domain, wherein each value in the generalized domain corresponds to one or more values in the domain; obtaining a generalized instance having a valuation of the alternative set of features; and determining a label for the generalized instance.

Abstract: Embodiments of the present systems and methods may provide techniques to distinguish between data categories. For example, a method implemented in a computer system may comprise obtaining, at the computer system, a plurality of data strings in different categories, each category having a same string pattern, determining a loose string format and a set of restrictions based on at least one string pattern, classifying the plurality of data strings to respective different categories based on a loose string format of the data strings and on the restrictions on the data strings of the different categories using a classification score indicating utilizing restriction information of other categories when determining the matching of a category, and decreasing the classification score if a mean restriction matching proportion is not part of a category or is a threshold amount above an expected mean restriction matching proportion.

Abstract: Embodiments of the present systems and methods may provide techniques for verifying the correct application purpose for applications that serve multiple purposes and to determine the correct purpose for each requested data access. For example, in an embodiment, a method for controlling application access to data implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor may comprise: receiving an application comprising a plurality of application parts, each application part associated with a declared data access purpose and generating a cryptographic certificate for each application part to be certified by determining whether a declared data access purpose for each application part to be certified is correct and the only data access purpose for that part, wherein the declared purpose is included in purpose information associated with each application part to be certified.

Abstract: Machines, systems and methods for sanitizing data are provided. The method comprises determining whether a data request is submitted by an authorized user, in response to receiving the data request, wherein the data request is for accessing first data stored on a data storage system; in response to determining that the data request is submitted by an authorized user, analyzing data access history by the user to the data storage system; in response to determining that the user has previously accessed data on the data storage system that in light of the first data reveal confidential information which the user is not authorized to access, restricting user's access to the confidential information.