Abstract: The disclosure provides a system/method/scheme to securely send data from a cloud, or cloud service provider, to users via a secure connectionless system, referred to herein as a C-VPN communication infrastructure (C-VPN CI). In one example a method of communicating from a cloud service provider to a user via a C-VPN CI includes: (1) obtaining, by a cloud service provider, security parameters from a SDE Cloud server operating on a computing system of the cloud service provider, wherein the security parameters include a set of mathematical rules and values for converting plain text to ciphertext, (2) creating a secure communication using the security parameters received from the SDE Cloud server, wherein the secure communication includes a secure header and secure data, and (3) sending the secure communication to the user via a generic electronic message delivery system.

Abstract: A computer system may receive one or more requests for access to one or more cloud services and may store the one or more requests in a request log. The computer system may receive one or more access rules applicable to cloud service access rights. The computer system may aggregate the one or more requests of the request log to determine access requirements for a container, the container being configured to store one or more applications. The computer system may generate and store container access policies that define access of a container and the one or more cloud services, the container access policies based at least in part on the aggregated one or more requests and the one or more access rules. The computer system may send the container access policies to a request forwarder of a compute instance in a production environment.

Abstract: A system and method of performing a mutual attestation procedure for a trusted execution environment (TEE) of a cloud service system. The method includes receiving, by the cloud service provider, a request to provide a trusted service to a client device. The method includes performing, by a processing device of the cloud service provider using a first TEE, a mutual attestation procedure with a second TEE to obtain a grant to execute a third TEE that is trusted by the second TEE. The method includes initiating, using the second TEE, an execution of the third TEE responsive to obtaining the grant. The method includes providing, using the third TEE, the trusted service to the client device, where the client device trusts the trusted service.

Abstract: Techniques are disclosed for the detection of different states of a session comprising a bidirectional flow of network traffic between client devices so as to enable a network device to apply different network policies to different states of the session. In one example, a computing device identifies multiple states of a session and defines a plurality of network policies. Each network policy defines performance requirements for network traffic during each state of the session. A network device receives the plurality of network policies and determines a state of the session. The network device selects a path based on the performance requirements of the network policy associated with the determined state of the session. The network device forwards traffic associated with the session along the selected path while the session is in the determined state.

Abstract: Some embodiments relate to a method for use in connection with governance of a plurality of data assets managed by a data processing system, the method comprising: using at least one computer hardware processor to perform: accessing a data governance policy comprising a first data standard (e.g., by obtaining information about the first standard stored in a database system); generating a first data asset collection at least in part by automatically selecting, from among the plurality of data assets managed by the data processing system and using at least one data asset criterion, one or more data assets that meet the at least one data asset criterion; associating the first data asset collection with the first data standard; and verifying whether at least one of the one or more data assets in the first data asset collection complies with the first data standard.

Abstract: In one aspect, a device includes at least one processor and storage accessible to the at least one processor. The storage includes instructions executable by the at least one processor to determine a first context and to determine that a threshold number of messages of a message chain have been received within a threshold amount of time. Based on the first context and the threshold number of messages being received within the threshold amount of time, the instructions are executable to delay presenting at least one notification regarding one or more messages of the message chain.

Abstract: Techniques for utilizing a deception service to deploy deceptions at scale in a network, such as, for example, a client network. The deception service may be configured to generate a small number (e.g., 5, 10, 15, etc.) of deceptions of hosts and/or services associated with the network (or emulations of the hosts/services and/or emulations of protocols associated with the hosts/services) and deploy them to a number of deception host computing devices that cover all of the components and/or technologies found in the network. The deception service may map a large number (e.g., 1000, 100,000, 1,000,000, etc.) of IP addresses available in the network to the deceptions, making it appear as though a large number of deceptions exist, when in reality the IP addresses map back to a small number of deceptions. The deception service may assign/unassign IP addresses to and/or from deceptions and/or actual hosts in the network as needed.

Abstract: Overlapping functions called in robotic process automation scripts may be used to create new efficiencies in an IT infrastructure. For example, the overlaps may be used to identify code modification impact in the IT infrastructure, may be used to remediate duplication of coding efforts across silos in an organization, and may be merged to create new efficiencies in code/script storage and/or sustaining efforts.

Abstract: Disclosed herein are systems, devices, and methods for improving cybersecurity in electric power systems. In one embodiment, a local controller configured for use in an electric power system may include a measurement subsystem to receive a plurality of conditions related to electrical conditions in a microgrid. A communication subsystem may communicate a set of data related to conditions in the microgrid to a remote controller; and receive a plurality of requests for control actions from the remote controller. An analysis subsystem may generate an assessment of the plurality of requests for control actions in relation to the plurality of conditions related to electrical conditions in the microgrid and identify a subset of the plurality of requests for control actions from the remote controller for execution based on the assessment. A control action subsystem may then issue a control action to an asset in the microgrid.

Abstract: Aspects of the subject disclosure may include, for example, examining first actions imposed as part of a maintenance activity in respect of a communication network while the communication network is subjected to second actions as part of the maintenance activity, determining, based on the examining, that the first actions, in whole or in part, fail to adhere to a threshold, a requirement, or a specification, and based on the determining, reversing at least one action of the first actions. Other embodiments are disclosed.

Abstract: Zero-trust dynamic discovery in provided by identifying a plurality of endpoints, including targets and initiators, connected to a software defined network, wherein the targets are provided on the software defined network according to a network addressable memory standard that lacks a native discovery service; grouping the targets into a plurality of target groups and the initiators into a plurality of initiator groups; and in response to receiving a discovery request from a given initiator grouped in a given initiator group of the plurality of initiator groups, returning addressing information for a target group of the plurality of target groups associated with the given initiator group in a security policy configuration for the software defined network.

Abstract: Artificial Intelligence (“AI”) apparatus and method are provided that correlate and consolidate operation of discrete vendor tools for detecting cyberthreats on a network. An AI engine may filter false positives and eliminate duplicates within cyberthreats detected by multiple vendor tools. The AI engine provides machine learning solutions to complexities associated with translating vendor-specific cyberthreats to known cyberthreats. The AI engine may ingest data generated by the multiple vendor tools. The AI engine may classify hardware devices or software applications scanned by each vendor tool. The AI engine may decommission vendor tools that provide redundant cyberthreat detection. The AI engine may display operational results on a dashboard directing cyberthreat defense teams to corroborated cyberthreats and away from false positives.

Abstract: A rule generation apparatus includes processing circuitry configured to enumerate rule candidates with different degrees of abstraction as candidates for a rule for detecting a malware trace using an analysis result of malware, and calculate evaluation values of the rule candidates enumerated using a predetermined evaluation function and sort a rule from among the rule candidates based on the evaluation values.

Abstract: As a default, a global permissions model is established. The global permissions model serves for applying a first set of resource access permissions to shared content objects. Additionally, a set of context-aware access policies that govern user interactions over the shared content object is established. When a particular user requests an interaction over a shared content object, then interaction attributes associated with the request are gathered. The context-aware access policies are applied to the request by determining a set of extensible access permissions that are derived from the interaction attributes. The context-aware access policies are enforced by overriding the first set of resource access permissions with dynamically-determined access permissions. When a particular access request is denied, a response is generated in accordance with the set of extensible access permissions and the user is notified. In some cases, the access request is permitted, but only after the user provides a justification.

Abstract: A server system obtains, for machines in a distributed system, system risk information, such as information identifying open sessions between respective users and respective machines, information identifying vulnerabilities in respective machines; and administrative rights information identifying groups of users having administrative rights to respective machines. The server system determines security risk factors, including risk factors related to lateral movement between logically coupled machines, and generates machine risk assessment values for at least a subset of the machines, based on a weighted combination of the risk factors. A user interface that includes a list of machines, sorted in accordance with the machine risk assessment values is presented to a user.

Abstract: Disclosed is a system and a method of threat detection in a computer network, the method including detecting by a first node a security threat, e.g. relating to anomalous or malicious behavior, digital object and/or context, at the first node, collecting context information at the first node relating to the detected security threat, reporting at least one detected security threat and the collected context information to at least a second node, analyzing at the second node the received information relating to the security threat and collecting context information relating to the analysis at the second node, and sending the threat related information with added analysis and context information collected from the second node to at least one further node or backend.

Abstract: Embodiments provide system and methods for a DDoS service using a mix of mitigation systems (also called scrubbing centers) and non-mitigation systems. The non-mitigation systems are less expensive and thus can be placed at or near a customer's network resource (e.g., a computer, cluster of computers, or entire network). Under normal conditions, traffic for a customer's resource can go through a mitigation system or a non-mitigation system. When an attack is detected, traffic that would have otherwise gone through a non-mitigation system is re-routed to a mitigation system. Thus, the non-mitigation systems can be used to reduce latency and provide more efficient access to the customer's network resource during normal conditions. Since the non-mitigation servers are not equipped to respond to an attack, the non-mitigation systems are not used during an attack, thereby still providing protection to the customer network resource using the mitigation systems.

Abstract: Disclosed are various embodiments for customer-managed authentication in radio-based networks. In one embodiment, a radio-based network is managed for an organization. The radio-based network includes a radio access network and an associated core network. A request is received from the organization to configure one or more parameters affecting primary keys in the associated core network. The primary keys correspond to pre-shared keys of client devices permitted to access the radio-based network. Storage of the primary keys is customized in the associated core network based at least in part on the one or more parameters in response to the request.

Abstract: In an embodiment, a method includes receiving, via a processor, identity provider (IDP)/single sign on (SSO) data that is associated with an IDP and an SSO entity. The IDP and the SSO entity manage access to a plurality of cloud-based applications for a plurality of user compute devices for a plurality of users. The method further includes generating, via the processor and without accessing the plurality of cloud-based applications, analytics based on the IDP/SSO data. The method further includes causing, via the processor, an action based on the analytics.

Abstract: A management server retrieves access logs associated with a plurality of identities and generates a plurality of behavioral scores for the plurality of identities. The behavioral score for a particular identity increases responsive to access approvals and decreases responsive to access denials for that particular identity. A proxy server receives a first request to access a resource associated with a first identity of the plurality of identities and determines a zero trust access policy for the resource. When a first behavioral score for the first identity satisfies a behavioral score threshold for the zero trust access policy, the proxy server provides the resource. The proxy server receives a second request to access the resource associated with a second identity. When a second behavioral score for the second identity fails to satisfy the behavioral score threshold, the proxy server performs an action defined in the zero trust access policy.

Abstract: Disclosed is a method for timed pattern-based collaboration failure analysis in a platooning system-of-systems (SoS). A method for timed pattern-based collaboration failure analysis in a SoS performed by a computer device may include extracting an interaction collaboration failure pattern through a collaboration failure analysis in an interaction model generated from an interaction log executed in the SoS; and localizing a fault of an interaction bug from the extracted interaction collaboration failure pattern.

Abstract: An apparatus, having a server and processor, is configured to receive a first set of security rules applicable to a set of users or a set of files for a first period of time. The first set of security rules are executable in an order of priority. The processor receives an interim security policy that is different from the first set of security rules. The interim security policy is applicable to a subset of the set of users for a second period of time that is less than the first period, or a subset of the set of files for a second period of time that is less than the first period. The processor determines, in the first set of security rules, an insertion point among the order of priority. The processor executes, at the insertion point and in the first set of security rules, the interim security policy.

Abstract: The present disclosure provides systems, methods, and computer-readable media for implementing security polices at software call stack level. In one example, a method includes generating a call stack classification scheme for an application, detecting a call stack during deployment of the application; using the call stack classification scheme during runtime of the application, classifying the detected call stack as one of an authorized call stack or an unauthorized call stack to yield a classification; and applying a security policy based on the classification.

Abstract: Methods and systems are provided for enhanced data loss prevention. Data loss prevention may be applied to data that includes a plurality of records and a plurality of categories, with each record including a plurality of fields and each field corresponding to a different one of the categories. Applying of data loss prevention may include selecting a subset of records from the plurality of records; scanning fields of the selected subset of records for sensitive information; computing based on a result of the scanning, for each category, a likelihood the category contains the sensitive information; selecting a subset of categories based on the computed likelihoods of the categories to contain the sensitive information; searching the sensitive information in the selected subset of categories; and in response to detection of sensitive information in at least one of the subset of records, taking one or more data loss prevention related actions.

Abstract: Methods, systems, and computer storage media for providing observation stream data of security incidents using an observation stream engine in a security management system. An observation stream framework supports continuously generating and presenting observation stream data that facilitates developing a working hypothesis of an active security incident. The observation stream framework can also include observation stream query-types that can be selected for running queries against a plurality of security data sources. In operation, an observation stream query is accessed. The observation stream query is a user-generated observation stream query associated with an observation stream query-type. The observation stream query-type comprises parameters for querying a plurality of security data sources and dynamic tracking of a security incident. The observation stream query is executed and observation stream data is generated.

Abstract: Techniques for embedding secure feature selection at content delivery network (CDN) edge are described. In accordance with various embodiments, server(s) in a cloud receive from a client device a request for a media URL associated with a media asset. The server(s) identify feature state(s) associated with the client device and the media asset on a CDN edge node hosting the media asset. The server(s) then selectively generate a unique token or a common token specifying the feature state(s) before sending the media URL including the unique token or the common token to the client device. Upon receiving the media URL, the CDN edge node in an edge node with features deployed, determines whether the media URL causes a cache miss. Upon determining that the media URL causes the cache miss, the CDN edge node changes a feature state of a feature, applies the feature, and provides the media asset.

Abstract: Disclosed are techniques for identifying users within an enterprise who pose heightened security risks to the enterprise. A method can include receiving, by a computing system, information about users in the enterprise, grouping the users into groups based on at least one grouping feature and the user information, the at least one grouping feature including, for each of the users, behavior, activity, role, department, region, role-based risk score, event-based risk score, and/or composite risk score, identifying, for each group, normalized behavior of users in the group, generating, for each user in each group, a composite risk score based on deviation of the user's activity from the normalized behavior of the group, identifying, for each group, a subset of users in the group to be added to a watch list, and adding the subset of users to the watch list.

Abstract: Systems and methods for cyber risk analysis and remediation using network monitored sensors are provided herein. An example system includes one or more data collecting devices deployed within a network that collect entity information and monitor network traffic of the network that is related to security information. The network includes computing systems that are subject to a cyber risk policy having breach parameters defining one or more events that are indicative of a cyber security breach. A cyber security risk assessment and management system is used to automatically detect occurrence of one or more of the events that are indicative of a cyber security breach, automatically determine the breach parameters that apply for the one or more events that occurred, and generates a remediation of cyber security parameters for the network.

Abstract: Provided is a system that includes at least one processor programmed or configured to provision a client device for access to an online source of information, transmit a private encryption key of a public/private encryption key pair to a software agent of the client device, receive a first hash value from the software agent, wherein the first hash value is generated using the private encryption key, receive a second hash value from the software agent, determine whether to allow access to the online source of information by the software agent based on the first hash value and the second hash value received from the software agent, process a request to access the online source of information involving the software agent, and store a data record associated with a data transaction involving the online source of information in a data structure. Methods and computer program products are also provided.

Abstract: A method of interacting within a device-independent contextually driven application computing environment utilizing computer processes. The processes receive sensor data that is detected by a given client computing device. The sensor data pertains to a physical world interaction of the given client computing device. The processes process the sensor data and a user identification of a user to derive a current computing context that is both specific to the user and specific to a given location associated with the sensor data. The processes automatically communicate a current user interface configuration to a local browser process corresponding to the current computing context, so that the local browser process executing on the given client computing device automatically implements the current user interface configuration. The processes interacting with the local browser process according to the current computing context by selecting and automatically loading a given one of a set of context modules.

Abstract: An example network system includes processing circuitry and one or more memories coupled to the processing circuitry. The one or more memories are configured to store instructions which cause the system to obtain telemetry data, the telemetry data being associated with a plurality of applications running on a plurality of hosts. The instructions cause the system to, based on the telemetry data, determine a subset of applications of the plurality of applications that run on a first host of the plurality of hosts. The instructions cause the system to determine a subset of firewall policies of a plurality of firewall polices, each of the subset of firewall policies applying to at least one respective application of the subset of applications. The instructions cause the system to generate an indication of the subset of firewall policies and send the indication to a management plane of a distributed firewall.

Abstract: A network intrusion system for a protected network includes a ruleset module configured to receive metadata for rules. The metadata describes, for each of the rules, a set of associated network vulnerabilities. The ruleset module is configured to access vulnerability information describing a set of cumulative vulnerabilities that each is present in at least one network device within the protected network. The network intrusion system includes a rule management module configured to, for each rule of the plurality of rules: identify the set of associated network vulnerabilities described by the metadata for the rule, determine whether there is a match between any of the set of associated network vulnerabilities and the set of cumulative vulnerabilities, and, in response to determining that there is no match, transmit a first command signal to a network security module. The first command signal instructs the network security module to disable the rule.

Abstract: This disclosure provides systems, methods, and devices for wireless communication that support improved routing of image sensors that share a PHY within different secure domains. In a first aspect, a device may receive a packet from an image sensor along a physical data connection. The device may determine a virtual channel associated with the packet and may determining a secure domain for the packet based on the virtual channel. The first secure domain may be selected from a plurality of secure domains accessible via the physical data connection, such as based on a mapping maintained by the device. The device may then route the packet within the first secure domain such that further processing and storage of the packet occurs within the first secure domain, such as within a context base associated with the first secure domain. Other aspects and features are also claimed and described.

Abstract: A system is provided for controlling resources using parallel computing devices. In particular, the system may comprise one or more applications installed across one or more computing devices, where the one or more applications may be configured to control resource transfers. Certain applications may be configured such that one application, such as a primary application, may implement one or more controls or restrictions on resource transfers that may be executed by another application, or a secondary application. The primary application may further be configured to monitor the secondary application to retrieve various types of data from the secondary application, such as resource transfer metrics data. The system may be configured to, based on the data associated with the secondary application, generate one or more resource-related projections with respect to the secondary application. In this way, the system provides an efficient way to control resource transfers across parallel computing devices.

Abstract: Systems and methods for an identity management router to allow application clients/servers to communicate via an identity management protocol to facilitate communication of identity management artifacts with a simplified topology. Specifically, embodiments of an IM router may adhere to various data protection requirements, including, but not limited to, local data protection regulations, when routing identity management information. The identity management router is location aware and applies data compliance policies for areas of data compliance to selectively route or not route identity management data based on location.

Abstract: A device includes a first interface unit connected to a first controller area network (CAN) bus, a second interface unit connected to a second CAN bus, and a control unit configured to identify, in a case where transmission of a CAN frame is started, a CAN bus detected to be in a dominant state first after end of arbitration from the first CAN bus or the second CAN bus, as a CAN bus to which a transmission source device of the CAN frame is connected.

Abstract: A system and method for authorization policy validation. A validator takes as input an authorization policy to be analyzed and a schema that specifies entity types and their attributes, types of entity parents in an entity hierarchy, and which entity types can be used with which actions. The validator checks that the policy conforms to the schema. If the check passes, then the policy is guaranteed to be free of both type errors and attribute access errors for any input that conforms to the schema.

Abstract: The disclosure relates to a method for verifying an implementation of a security policy by a computer program. The method comprises obtaining (S3) the computer program. The method further comprises, based on obtaining (S2) a security policy correspondence table, annotating (S4) the computer program with at least one annotation comprising an expected security type associated to a variable output by a critical instruction of the computer program. The method further comprises, based on obtaining (S1) propagation rule sets, analyzing the instructions of the annotated computer program to associate (S5) a propagated security type to each variable output by an instruction of the annotated computer program. The method further comprises verifying the implementation of the security policy by comparing (S6) the propagated and expected security types. The disclosure further relates to a corresponding computer program, a corresponding computer-readable storage medium and a corresponding processing circuit.

Abstract: Disclosed herein are systems and methods that allow for secure access to websites and web-based applications and other resources available through the browser. Also described are systems and methods for invocation of a secure web container which may display data representative of a requesting party's application at a user's machine. The secure web container is invoked upon receipt of an API call from the requesting party. Thus, described in the present specification are systems and methods for constructing and destroying private, secure, browsing environments (a secure disposable web container), insulating the user and requesting parties from the threats associated with being online for the purposes of providing secure, policy-based interaction with a requesting party's online services.

Abstract: The technical solution relates to technologies for detecting fraudulent serial user verification requests.

Abstract: Communications service programs (e.g., packet-switched phone and conferencing software with recordings and voicemail) are enabled to process user data files using custom encryption methods, where the existing service programs should migrate to work with the encrypted data files. A framework is introduced between application and system layer for replacing the major file routines to apply user file encryption routines in a manner that is transparent for existing service programs without requiring re-compiling.

Abstract: The present invention extends to methods, systems, and computer program products for identifying and consenting to permissions for workflow and code execution. Aspects of the invention can be used to automatically scan a workflow or code definition to identify (potentially all) the actions/triggers a workflow or program intends to perform on behalf of a user. The user is shown the actions/triggers the workflow or program intends to perform (e.g., at a user interface) before consent to perform the actions/triggers is granted. As such, a user is aware of intended actions/triggers of a workflow or program before granting consent. Further, since actions/triggers are identified from the workflow or code definition (and not formulated by an author), permission requests better align with permissions that workflow or program functionality actually uses during execution.

Abstract: Techniques for securing control and user plane separation in mobile networks (e.g., service provider networks for mobile subscribers, such as for 4G/5G networks) are disclosed. In some embodiments, a system/process/computer program product for securing control and user plane separation in mobile networks in accordance with some embodiments includes monitoring network traffic on a mobile network at a security platform to identify an Packet Forwarding Control Protocol (PFCP) message associated with a new session, in which the mobile network includes a 4G network or a 5G network; extracting a plurality of parameters from the PFCP message at the security platform; and enforcing a security policy at the security platform on the new session based on one or more of the plurality of parameters to secure control and user plane separation in the mobile network.

Abstract: Systems and methods include receiving messages from local security agents each on a host in a network, wherein the messages include network topology of the network in terms of addresses and sockets; incrementally creating a network topology of the network based on the messages; determining security policies for one or more microsegments in the network based on flow data and the network topology; and providing the security policies to respective hosts for local implementation of the one or more microsegments.

Abstract: A specialized service engine receives data from an entity located in one domain about transactions performed by the entity with other entities from another domain. The service engine determines if the entity must follow the rules regarding selected resources in the other domain. The service engine then determines which of the rules established by the other domain the entity must follow. The service engine then determines and communicates to another computer of the entity the burden of complying with the rules of the other domain. The service engine then further computes the cost of the burden, and communicates the computed cost to the other computer.

Abstract: Methods, systems, apparatuses, and computer-readable storage mediums are described for authorizing publishing of a message and/or a subscription from an Internet of Things (IoT) device. In an example system, a message broker receives a list of attributes from a claims provider. The message broker determines whether publishing of the message is authorized based at least on the list of attributes, and publishes the message if it is determined that the publishing is authorized. The message broker may also receive a subscription specifying a topic filter. The message broker determines whether the subscription is authorized for the IoT device based at least on the list of attributes, and transmits a subscription message to the IoT device if it is determined that the subscription is authorized.

Abstract: What is disclosed is tagging a first flow of a multi-tenant virtual private network (VPN) with a first tag. Continuously tracking, based on the first tag, the first flow of the multi-tenant VPN. Capturing one or more characteristics of the first flow of the multi-tenant VPN. Categorizing the first flow of the multi-tenant VPN based on the one or more characteristics of the first flow. Providing the categorization of the first flow to a first tenant of the multi-tenant VPN. Receiving, based on input from the first tenant and the categorization of the first flow, a first policy. Enforcing the first policy on the first flow based on the first tag of the first flow and the continuous tracking of the first flow.

Abstract: Systems and methods for controlling access to a blockchain are disclosed. The systems and methods are comprised of a security agent, a controller, an authenticator, a rules engine, and a policy engine. In certain embodiments, the security agent receives a message from an application, parses the message, and transmits the message to the controller if the message comprises one or more predetermined applicable rules or policies. The controller receives the message with its rules and policies, queries the rules engine and the policy engine to apply the rules and policies, and transmits an authentication request to the authenticator. The authenticator then requests an authentication signal from a user and transmits the results to the controller. The controller applies the results and forwards them to the security agent, which may or may not release the message to the blockchain depending the results.

Abstract: Computer-implemented methods, apparatuses, and computer program products are provided for frequency based operations. An example computer-implemented method includes receiving a request for data transfer of a plurality of data elements of a production data environment to a non-production data environment. The method includes determining an access frequency associated with each data element and grouping each data element into a first set of data elements or a second set of data elements based upon the determined access frequency. The method further includes refreshing the first set of data elements according to a first refresh protocol defining a first refresh rate and refreshing the second set of data elements according to a second refresh protocol defining a second refresh rate less than the first refresh rate. The method also includes outputting the plurality of data elements to the non-production data environment.

Abstract: Systems and methods of dynamic management of private data during communication between a remote server and a user's device, including receipt of a request for retrieval of at least one data packet from the user's device, wherein the user's device is configured to provide a response corresponding to the received request, determination of at least one communication data type of the at least one data packet corresponding to the received request, receipt of a privacy preference for the user's device, wherein the privacy preference comprises a list of allowed data packet communication types for sharing during communication, modification of data packets corresponding to requests for sharing of responses that are not compatible with the received privacy preference and maintenance of communication between the remote server and the user's device, with sharing of the modified data packet.