GB2576332A - Information anonymisation - Google Patents

Information anonymisation Download PDF

Info

Publication number
GB2576332A
GB2576332A GB1813258.9A GB201813258A GB2576332A GB 2576332 A GB2576332 A GB 2576332A GB 201813258 A GB201813258 A GB 201813258A GB 2576332 A GB2576332 A GB 2576332A
Authority
GB
United Kingdom
Prior art keywords
information
data packets
anonymised
personally identifiable
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1813258.9A
Other versions
GB201813258D0 (en
Inventor
Barclay Moray
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Letsjoin Ltd
Original Assignee
Letsjoin Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Letsjoin Ltd filed Critical Letsjoin Ltd
Priority to GB1813258.9A priority Critical patent/GB2576332A/en
Publication of GB201813258D0 publication Critical patent/GB201813258D0/en
Publication of GB2576332A publication Critical patent/GB2576332A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0201Market modelling; Market analysis; Collecting market data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Abstract

An apparatus for a local area network (LAN), the apparatus connecting user devices 210 to a communications network (see communications network interface 208), the apparatus processing personally identifiable information (e.g. MAC address data) received from the user devices to generate unique anonymised data. The data may be sent to servers 212 or 214 via gateway 206. The servers may be an authentication, authorisation & accounting (AAA) server or an analytics server. The apparatus may be a router 202 that receives data packets from the user device 210 and generates a unique device identifier for each MAC address using a hash or encryption function (see anonymisation module 216). The MAC addresses and corresponding unique device identifiers may be stored on the router (store 218) and the MAC addresses may be removed periodically from the store. Anonymising the MAC addresses of user devices may address privacy concerns.

Description

INFORMATION ANONYMISATION
Field of the Invention
The invention relates to apparatus for and a method of anonymisation of personally identifiable information and/or data related to personally identifiable information in a local or personal area network to avoid personally identifiable information and/or data related to personally identifiable information being sent outside the network.
Background
When user devices connect to a WiFi network, Personally Identifiable Information (PII) and/or data related to PII, such as the MAC address of a connected user device, may be logged locally at the WiFi router and is often sent to third party servers for various purposes, for example authentication, authorization and accounting servers and analytics servers.
Referring to Figure 1, it is known to configure a WiFi router 102 for communication with a plurality of user devices, two of which are indicated by way of example at 100, and to send and receive data packets to and from an Authentication Authorization and Accounting (AAA) server 103, or a similar network application. The WiFi router 102 has a log file store 105 stored in a memory, in which data including MAC addresses of the user devices that have probed and/or connected to the WiFi router 102 are stored. The WiFi router 102 is configured to send MAC addresses of connected user devices to the AAA server 103 in requests and to use the MAC addresses of such user devices in data packets received from the AAA server 103 for identification of the user devices. Where the devices 100 have probed the WiFi router 102, the WiFi router 102 may store those MAC addresses in the log file store 105, and this data may be available to other applications. The AAA server 103 may also be configured to send the MAC addresses, with other data, to an analytics server 104.
Problems exist relating to privacy and provision of information identifying user and user devices to third parties. It is an object of the present invention to address these problems.
Summary of the Invention
According to a first embodiment of the present invention, there is provided apparatus, particularly for a local or personal area network, comprising processing means locatable between at least one first interface enabling communication with user devices and at least one second interface enabling communication over a communications network, wherein the processing means is configured to: process personally identifiable information or data related thereto received in data packets from each of a plurality of user devices connected to the network via the at least one first interface, to generate respective unique anonymised information, for example in the form of a unique identifier; use the unique anonymised information for each user device in place of the respective personally identifiable information or data related thereto when sending data packets via the at least one second interface.
According to a second aspect of the present invention, there is provided a method comprising: processing at a processing means, in particular located between a local or personal area network, personally identifiable information or information related thereto received in data packets from each of a plurality of user devices connected to the local network, to generate respective unique anonymised information, for example in the form of a unique identifier; modifying the data packets to include the anonymised information in place of the respective personally identifiable information or information related thereto when sending the data packets over a communications network.
Brief Description of Figures
Embodiments of the present invention are now described, by way of example only, with reference to the accompanying drawings in which:
Figures 1 is a schematic diagram of a known system including a prior art WiFi router
Figure 2 is a schematic diagram of a system including a WiFi router in accordance with embodiments of the invention;
Figure 3 is a flow diagram indicating steps in generating an anonymous unique device identifier based on a MAC address;
Figure 4 is a flow diagram indicating steps in anonymising and forwarding a data packet;
Figure 5 is a schematic diagram of another system including a server in accordance with embodiments of the invention;
Figure 6 is a flow diagram indicating steps in anonymising and forwarding data packets to a data centre using the other system indicated in Figure 5;
Figure 7 is a block diagram indicating components of a system used to implement a server.
Detailed Description of the Invention
Like components are denoted with like reference numerals throughout.
Embodiments of the invention relate to a system for a local area network (LAN), connectable to a communications network, in which personally identifiable information (PII) is anonymised in the local area network to prevent the PII being sent in data packets outside the local area network. Embodiments are not limited to anonymisation of PII; other sensitive information may be anonymised that is in a predetermined location in data packets. Embodiments are not limited to any particular form that the PII takes. Personally identifiable information (PII) is information that can be used on its own or with other information to identify, contact, or locate a user or a user device. For example, the PII may be a media access control (MAC) address of a user device connected to the LAN. Embodiments may relate to anonymisation of MAC addresses received from user devices.
The anonymisation may take place in a wireless router. However, the anonymisation is not limited to taking place in a wireless router and the anonymisation may take place in apparatus anywhere between an interface at which data packets are received from user devices, that is, the antenna of the access point, and a network interface to an external communications network.
Referring to Figure 2, in an embodiment, a system 200 comprises a router 202 and an access point 204. The router 202 is operatively connected to the access point 204 and, when the system is in use, is connected to a gateway 206. The gateway is connected to the communications network 208.
The system is configured to communicate with local user devices, two of which are indicated at 210, via the access point 204, using WiFi. The system is configured to forward data packets received from the user devices 210 to servers connected to the communications network via the gateway 206. Two such servers are indicated at 212 and 214. The system is also configured to forward data packets received via the gateway 206 to the particular user devices connected to the system to which the data packets are addressed. In variant embodiments, the router 202 and the access point 204 may be integrated, such that the router is a wireless router.
The system may be located statically, for example in a static home or office, or other location such as a bar, cafe, restaurant or shop. In such cases, the router 202 is generally connected to an ethemet port in a wall socket and an Internet Service Provider provides the gateway 206 to the communications network, in this case the internet. In this case, the gateway 206 can be considered to be part of the communications network, rather than part of the system 200. Alternatively, the gateway 206 may be a modem, where the communications network to which the gateway is attached is analogue.
The system may alternatively be located in a moving vehicle such as a train, bus, boat/ship or airplane, or the like. In this case, the communications network 208 may comprise a cellular communications network connected to the internet. The gateway 206 is configured for communication with a base station of the cellular communications network.
The local area network comprises the router 202, the access point 204 and the user devices 210. Some user devices may be connected to the router 202 via an ethernet connection rather than over WiFi.
The access point 204 is configured to receive MAC addresses from the connected devices 210, and to store these in the log file store 205. The access point is also configured to receive MAC addresses from probing devices 210 and in some embodiments may be configured to store these in the log file store 205. The router 202 is configured to receive data packets from each connected user device 210 in each of which is located a MAC address. The router 202 has stored on it a network management module 220, an anonymisation module 216, which stores a hash function, and an anonymised identifier store 218.
The anonymisation module 216 is configured to generate a unique device identifier for each received MAC address using the hash function and to store the unique device identifier in the anonymised identifier store 218 in association with the MAC address from which the unique device identifier was generated. The anonymisation module 216 may be configured to remove MAC addresses from the anonymised identifier store 218 periodically, for example daily. Alternatively, the MAC addresses may be stored permanently.
The network management module 220 is configured to handle sending and receiving of data packets between the anonymisation module 216 and server 212 via the gateway 206. The anonymisation module 216 is configured to replace the MAC address in each data packet with a corresponding unique device identifier. The anonymisation module 216 is also configured to determine if data packets received over the communications network 208 include a unique device identifier and to replace this identifier with the corresponding MAC address, so that the received data packets can be forwarded to the devices connected to the access point 204 to which they are addressed. The network management module 220 is also configured to write to the log file store 205, in particular to delete MAC address from the log file store 205, for example those that have been anonymised. In this case the network management module 220 may also be configured to write the unique device identifier in place of the deleted MAC address.
Referring to Figures 2 and 3, use of the system is described when a user device connects to the local area network for a first time. At step 300 the router 202 receives a data packet from the user device 210 at the network management module 220, and passes it to the anonymisation module 216. The anonymisation module 216 extracts and stores the MAC address. At step 302, the anonymisation module 216 generates a unique device identifier by applying the hash function. At step 304, the anonymisation module 216 stores the MAC address in the anonymised identifier store 218 in association with the unique device identifier.
Referring to Figure 4, subsequently, the router 202 receives a data packet from the user device for forwarding via the communications network 208 at step 400. The router 202 then extracts the MAC address from the data packet, identifies the MAC address in the anonymised identifier store 218 and determines the corresponding unique device identifier at step 402. The router 202 then replaces the MAC address in the data packet with the unique device identifier at step 404 and forwards the data packet in accordance with a destination address in its header.
The server 212 to which the data packet may be forwarded may be an accounting, authentication and accounting (AAA) server. The WiFi router 200 is configured to send data packets to and receive data packets from the AAA server 212 as described above. The AAA server need not receive any personally identifiable information in data packets from user devices.
The server 214 may be an analytics server. In this case, in embodiments the router 202 is configured to send anonymised data packets directly to the analytics server. Conventionally, data packets would be sent via the AAA server, but the anonymisation module 216 facilitates the data packets being sent directly. Such data packets may comprise tracking information, for example.
Referring to Figure 5, in another embodiment, a local server unit (LSU) 500 is located on a vehicle. The local server unit 500 includes a router 502, an access point 204 and may include a server 506. The router 502 and the access point 506 may be integrated with the server 506, but for explanatory purposes these components are considered separately. These components, together with any connected user devices 210, form the local area network.
The local area network is connected to the gateway and the communications network 208 is a cellular communications network. The gateway is configured to connect to at least one base station of the cellular communications network when within range of the at least one base station. The server 500 may alternatively be connected directly to the internet via a gateway of an internet service provider.
In contrast to the embodiment described with reference to Figure 2, the anonymisation module and the anonymised identifier store 218 are not in the router 202, but are instead stored in the server 500. Thus, the server 500 anonymises data packets received from connected user devices before they are sent to the gateway, for sending over the communications network 208. The anonymisation module is also configured to replace unique device identifiers received in data packets over the communications network with corresponding MAC addresses. The anonymisation module processes received data packets in the same way as described above, except data packets originating at user devices are received.
As indicated in Figure 5, data packets may be sent to a data centre 520. The servers 212, 214 may be located at the data centre 520.
Referring to Figure 6, operation of the system of Figure 5 is described. In step 600, the user device 210 probes or connects to the wireless access point 204. The access point 204 logs the MAC address at step 602. The network management module in the router 502 reads the MAC address and requests at step 604 its anonymisation from the anonymisation module. Anonymisation in step 606 is then carried out by the anonymisation module. The anonymisation module creates the anonymised device identifier and sends it to the network management module. At step 608, the network management module is adapted to delete the MAC address from the wireless access point log file store 205, replace it with an anonymised device identifier and communicate directly with a data centre /analytics function to send anonymised session data thereto in subsequent step(s), which is collected at step 610.
In variant embodiments of the invention, the anonymisation module and anonymised identifier store may be implemented in any dedicated hardware, firmware or software between an interface with the user devices 210, for example an antenna of the access point 204, and the gateway to the communications network 208, where the system can be arranged so that the anonymisation module can process the data packets before they are forwarded for routing to their destination addresses, and likewise can process data packets received via the communications network 208. Particularly in implementations where a gateway is local, for example where the gateway is on a vehicle coupled to or integrated with the local server unit, the anonymisation module may be provided at the gateway.
In a variant embodiment, the anonymised identifier store 218 may be absent. In this case, the anonymisation module 216 is configured to determine if data packets to be sent to a server, such as the analytics server, include the MAC address of a user device, to generate the hash of the MAC address, and to replace the MAC address in the data packet to be sent with the hash. Since the same hash is generated for a particular MAC address each time the hash function is applied, a server that receives data including the hash in separate data packets will be able to associate the requests. However, since the MAC address cannot be reproduced from the hash, a response cannot be routed to the user device where the anonymised identifier store 212 is absent. This is satisfactory where there is no requirement for a server to which data packets are sent to respond, for example where the server 214 is an analytics server.
In embodiments, the same hash function may be stored at multiple anonymisation modules 216 at, for example, multiple wireless routers 202 or at multiple server 506. Thus, the same unique device identifier would be identified for a particular MAC address. Thus, the server to which data packets are sent can associate data packets from a particular user device routed via multiple LANs or servers. The same hash function may be used in WiFi routers of a particular organisation. For example, the same hash function may be used on WiFi routers for location on vehicles of a particular transportation company.
Embodiments are not limited to any particular way in which the MAC addresses are anonymised. Other anonymisation processes may be used. The term “anonymise” should be construed as any functionality to process personal identifiable information or data related thereto, such as MAC addresses, via a hash or encryption process to render it anonymous. For example, instead of being hashed, the MAC addresses may be encrypted using an encryption process. In this case, the anonymised identifier store 218 is absent and, for routing data including an encrypted MAC address from a server to the user device 202, the WiFi router is required to first decrypt the MAC address. The anonymisation module 210 may also include a key required for encryption and/or decryption.
Embodiments of the invention are also not limited to use in a local area network. In alternative embodiments, the system may be used in a Personal Area Network in which sending and receiving of data packets to and from the user devices is performed using a Bluetooth ® communications standard. In this case, instead of the MAC address being anonymised, the Bluetooth Device Address is received and anonymised in an analogous manner
In variant embodiments, the anonymisation functionality may be incorporated in a mobile user device that functions as a hot spot, thereby providing a bridge to the internet for the user devices 100. In this case, communication between the hot spot and one or more connected user devices may use Wi-Fi or Bluetooth or another communications technology.
Embodiments of the invention may be implemented in any network that enables communication with user devices and also enables communication externally to the network.
There is no limitation to a particular wired or wireless technology over which communications with user devices takes place. Embodiments of the invention may be used in any network where a routing function, such as the network management module described above, is configured to receive data packets directly from user devices before routing the data packets onwards outside the network.
Referring to Figure 7, any of the above-mentioned servers or Wi-Fi routers comprise a system 700 that may include a processor 702 or processing circuit operatively coupled to a bus 704 or other communication component for communicating information. The system also includes a main memory 706, such as a random access memory (RAM) or other dynamic storage device, operatively coupled to the bus 704 for storing information, and instructions to be executed by the processor 702. The system may further include a read only memory (ROM) 708 or other static storage device operatively coupled to the bus 704, for storing static information and instructions for the processor 702. A storage device 710, such as a solid state device, magnetic disk or optical disk, is coupled to the bus 704 for persistently storing information and instructions.
Each user device 210 may be a smartphone, watch, laptop, tablet, or other user device configured for wireless communication with the router 202, 502.
Although the network management module and the anonymisation module are described separately above, these modules may be implemented as a single computer program in embodiments or as a plurality of computer programs, where in each case the computer programs are executable to provide the functionality described herein.
The applicant hereby discloses in isolation each individual feature or step described herein and any combination of two or more such features, to the extent that such features or steps or combinations of features and/or steps are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or steps or combinations of features and/or steps solve any problems disclosed herein, and without limitation to the scope of the claims.

Claims (19)

1. Apparatus for a local or personal area network, comprising processing means locatable between at least one first interface enabling communication with user devices and at least one second interface enabling communication over a communications network, wherein the processing means is configured to:
process personally identifiable information or data related thereto received in data packets from each of a plurality of user devices connected to the network via the at least one first interface, to generate respective unique anonymised information;
use the unique anonymised information for each user device in place of the respective personally identifiable information or data related thereto when sending data packets via the at least one second interface.
2. The apparatus of claim 1, wherein the at least one second interface comprises a gateway, wherein the processing means is further configured to provide data packets with the anonymised information to the gateway, wherein the gateway is connected to the communications network for sending of data packets over the communications network.
3. The apparatus of any one of the preceding claims, wherein the processing means is further configured to:
store the anonymised information in a data store thereat in association with the respective personally identifiable information or information related thereto, wherein the personally identifiable information or information related thereto enables routing of data packets to user devices, receive data packets over the communications network that include the anonymised information, determine the personally identifiable information or data related thereto from the anonymised information;
route data in the data packets to the respective user device using the personally identifiable information or data related thereto.
4. The apparatus of claims 3, wherein the apparatus is configured to route data packets including the anonymised information to an authentication, authorisation and accounting (AAA) server, and to route data packets including the anonymised information received from the AAA server to the respective user device.
5. The apparatus of any one of the preceding claims, wherein the processing means is configured to anonymise the personally identifiable information or data related thereto by applying a predetermined hash function or encryption process to the received personally identifiable information data or related thereto.
6. The apparatus of any one of the preceding claims, wherein the apparatus is configured to route a plurality of data packets each same particular anonymised information to a server over the communications network, wherein the server can determine that the data packets originate with the same user device.
7. The apparatus of any one of the preceding claims, wherein the processing means is configured to receive data packets from each of the user devices via the at least one first interface using a first communications technology.
8. The apparatus of any one of the preceding claims, wherein the processing means is configured to remove personally identifiable information or data related thereto from a log file at an access point of the local or personal area network.
9. The apparatus of claim 8, wherein the first communications technology is according to Wi-Fi or Bluetooth standards.
10. The apparatus of claim 8, wherein the first communications technology is Wi-Fi and the personally identifiable information or information related thereto is a MAC address.
11. The apparatus of claim 8, wherein the first communications technology is according to a Bluetooth® standard and the personally identifiable information or information related thereto is a Bluetooth Device Address.
12. A Wi-Fi router including the apparatus of claim 10.
13. A server unit for location on a vehicle, comprising:
the apparatus of any one of claims 3 and claims 4 to 11 when dependent on claim 3;
wherein the at least one first interface is for wireless communication with a plurality of user devices;
wherein the processing means is configured to receive the data packets from the user devices, to replace the personally identifiable information or information related thereto in the data packets with the anonymised information, and to provide the data packets to the gateway for transmitting to the communications network.
14. A method comprising:
processing at a processing means, in a local or personal area network, personally identifiable information or information related thereto received in data packets from each of a plurality of user devices connected to the local network, to generate respective unique anonymised information;
modifying the data packets to include the anonymised information in place of the respective personally identifiable information or information related thereto when sending the data packets over a communications network.
15. The method of claim 14, further comprising receiving the data packets using a wireless communications technology.
16. The method of claim 14, wherein the wireless communications technology is based on Wi-Fi or Bluetooth ® standards.
17. The method of any one of claims 14 to 16, further comprising anonymising the personally identifiable information or information related thereto by applying a predetermined hash function or encryption process to generate the anonymised information.
18. The method of claim 7, further comprising locally storing each received personally identifiable information or information related thereto in association with the respective anonymised information.
19. The method of any one of claims 14 to 18, further comprising sending a data packet including the anonymised information in place of the personally identifiable information or data related thereto to an analytics server.
GB1813258.9A 2018-08-14 2018-08-14 Information anonymisation Withdrawn GB2576332A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1813258.9A GB2576332A (en) 2018-08-14 2018-08-14 Information anonymisation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1813258.9A GB2576332A (en) 2018-08-14 2018-08-14 Information anonymisation

Publications (2)

Publication Number Publication Date
GB201813258D0 GB201813258D0 (en) 2018-09-26
GB2576332A true GB2576332A (en) 2020-02-19

Family

ID=63667028

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1813258.9A Withdrawn GB2576332A (en) 2018-08-14 2018-08-14 Information anonymisation

Country Status (1)

Country Link
GB (1) GB2576332A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3941013A1 (en) * 2020-07-14 2022-01-19 Juniper Networks, Inc. Providing anonymous network data to an artificial intelligence model for processing in near-real time

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150019721A1 (en) * 2013-07-11 2015-01-15 Cinarra Systems Pte. Ltd. Method and system for correlation of internet application domain identities and network device identifiers
US20160344681A1 (en) * 2015-05-18 2016-11-24 Marvell World Trade Ltd. Apparatus and Methods for Assigning Internetwork Addresses
US20170024763A1 (en) * 2012-03-06 2017-01-26 Boingo Wireless, Inc. Systems and Methods for MAC Address Tracking for a Mobile Device
US20170149741A1 (en) * 2014-04-18 2017-05-25 Locality Systems Inc. Source Based Anonymity and Segmentation for Visitors

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170024763A1 (en) * 2012-03-06 2017-01-26 Boingo Wireless, Inc. Systems and Methods for MAC Address Tracking for a Mobile Device
US20150019721A1 (en) * 2013-07-11 2015-01-15 Cinarra Systems Pte. Ltd. Method and system for correlation of internet application domain identities and network device identifiers
US20170149741A1 (en) * 2014-04-18 2017-05-25 Locality Systems Inc. Source Based Anonymity and Segmentation for Visitors
US20160344681A1 (en) * 2015-05-18 2016-11-24 Marvell World Trade Ltd. Apparatus and Methods for Assigning Internetwork Addresses

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3941013A1 (en) * 2020-07-14 2022-01-19 Juniper Networks, Inc. Providing anonymous network data to an artificial intelligence model for processing in near-real time
US11503002B2 (en) 2020-07-14 2022-11-15 Juniper Networks, Inc. Providing anonymous network data to an artificial intelligence model for processing in near-real time
US11949665B1 (en) 2020-07-14 2024-04-02 Juniper Networks, Inc. Providing anonymous network data to an artificial intelligence model for processing in near-real time

Also Published As

Publication number Publication date
GB201813258D0 (en) 2018-09-26

Similar Documents

Publication Publication Date Title
US10454879B2 (en) Methods and systems for processing a DNS request
US9338093B2 (en) Mobile phone docking station VPNs
US9722966B2 (en) DNS-based determining whether a device is inside a network
US8073936B2 (en) Providing support for responding to location protocol queries within a network node
US7774592B2 (en) Encrypted communication method
US10033736B2 (en) Methods, systems, and computer readable media for remote authentication dial-in user service (radius) topology hiding
US10372775B2 (en) Anonymous identity in identity oriented networks and protocols
US8737396B2 (en) Communication method and communication system
TW201828645A (en) Network authentication method and apparatus
WO2020063829A1 (en) Enterpise egress access request processing method, apparatus, system, device and medium
US11133933B1 (en) Rapid secure authentication and communications through multitenant components in provider networks
EP2928117B1 (en) System and method for device registration and discovery in content-centric networks
RU2654854C1 (en) Method for collecting data on wireless communication device user and machine-readable medium for method implementation
JP7476366B2 (en) Relay method, relay system, and relay program
GB2576332A (en) Information anonymisation
US8892139B2 (en) Systems and methods enabling a short message service gateway via cloud computing services
WO2017219816A1 (en) Data transmission method and network address translation device
US20220078162A1 (en) Privacy network system
US20230044885A1 (en) Method for resolving naming identifiers
US10735316B2 (en) Receiver directed anonymization of identifier flows in identity enabled networks
US20090103729A1 (en) HAIPE Peer Discovery Using BGP
KR102220994B1 (en) Data push function providing system and method in enterprise network
US20230006998A1 (en) Management of private networks over multiple local networks
US10841283B2 (en) Smart sender anonymization in identity enabled networks
Lu Novel method for transferring access control list rules to synchronize security protection in a locator/identifier separation protocol environment with cross‐segment host mobility

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)