Computer-implemented techniques for managing transactions of machine learning algorithm updates are described. In one embodiment, a computer-implemented is provided that comprises receiving, by a system operatively coupled to a processor, a request for an update to a machine learning model associated with a software program, wherein the request is received in accordance with a defined blockchain protocol, and wherein the request comprises model development data used in association with optimization of an instance of the machine learning model. The method further comprises, employing, by the system, a blockchain network to facilitate managing fulfillment of the request.

Embodiments of the present invention relate to password authentication. According to an embodiment of the present invention, a password associated with a user identification is received from a user device. The password is authenticated based on a preset relationship between a seed password and a graphical password associated with the user identification. The seed password consists of a string of characters. The graphical password is a directed path traversing all keys of a keypad in an order. Each of the keys represents one of the characters and is associated with an order number according to the order of the keys being traversed. The preset relationship is that the password consists of respective order numbers associated with respective keys representing corresponding characters of the seed password.

A technique to implement access control from within an application begins by dynamically-generating a “management scope” for a transaction associated with a set of managed resources. The management scope is a collection of permissions defined by at least one of: a set of roles, and a set of resource administration rights, that are assigned to a first operator that issues the transaction. As the transaction executes, a request to alter the transaction is then received from a second operator. According to the technique, the management scope for the transaction and associated with the first operator is then evaluated against a management scope associated with the second operator. Upon determining the management scope associated with the first operator has a given relationship to the management scope for the second operator, the transaction is permitted to be altered in response to the request. The given relationship is scoped by one or more rules.

Methods, systems, and apparatus, including computer programs encoded on computer storage media for data security protection are provided. One of the methods includes: receiving a job associated with a project, wherein the project is associated with one or more data sources; identifying a plurality of inputs and a plurality of outputs associated with the job; determining a plurality of required permissions associated with the job, wherein each of the required permissions comprises an operation on a required data source, the operation corresponding to at least one of the inputs or the outputs; verifying that the one or more data sources associated with the project comprise the required data source associated with each of the required permissions; and generating a token associated with the job, the token encoding the required permissions associated with the job, wherein the token is required for execution of the job.

A network controller (102) for granting a device and/or an application (120) access rights to at least one device of a set of devices (112, 130) is disclosed. The set of devices (112, 130) comprises a controllable device (130) and a control device (110), wherein the control device (110) comprises a user input element (112) configured to receive a user input, and wherein the control device (110) is configured to generate an input signal (114) based on the received user input. The network controller (102) comprises a communication unit (104) configured to receive an access request signal (124) from the device and/or the application (120), and to receive the input signal (114) from the control device (110), and a processor (106) configured to switch, upon receipt of the access request signal (124), the network controller (102) from a control mode to a configuration mode, wherein the processor (106) is configured to control, if the network controller (102) is in the control mode, the controllable device (130) based on the input signal (114), wherein the processor (106) is configured to grant, if the network controller (102) is in the configuration mode, the access rights to the device and/or the application (120) upon receipt of the input signal (114).

A system for intelligent managing whitelists and blacklist provides options and/or suggestions to the administrators and/or information technology team to allow administration of whitelists and/or blacklists based upon history and rules. For example, if permission to run a certain program is requested by several people in a group or organization and the program is not believed to have a virus, then, the administrator if presented with an option to enable (e.g., add to the whitelist) that program for the entire group or organization.

A robotic process automation system provides a capability to deploy software robots (bots) by receiving from a deployment user a bot deployment request comprising a bot identification that identifies a specific preexisting bot and an authorized class of user to execute the specific preexisting bot. Credentials of the deployment user are checked. An execution device upon which the specific preexisting bot will execute is identified from a set of available devices. An authorization token is issued for the execution device to uniquely identify the execution device and to authorize the execution device to communicate with the robotic process automation system. In response to a request by the execution device the specific preexisting bot and credentials corresponding to the authorized class of user are provided, wherein the specific preexisting bot executes on the execution device automatically without input from any individual corresponding to the authorized class of user.

A predetermined access control policy is generated with reference to a lineage table and a metadata table to be stored in a policy table, and an access control policy which should be applied or recommended to treated data is provided with reference to the policy table.

A method for facilitating assessment, authorization, and monitoring of policy documents in organizations for cyber security. The method includes a process of receiving indications of policy documents related to an organization from a user, thus, allowing the user to manager cyber security controls of written policy documents in accordance with regulations and standards. The method also includes retrieving regulations from external databases. Further, the method includes analysis of policy documents against regulations and generating insights. Subsequently, the method transmits the generated insights and/or reports to the user. Further, the method includes receiving monitoring data related to the organization from one or more user's PC devices. Further, the method uses a MD5 (Message Digest algorithm 5) hashing function to ensure that a document has not been tampered with and may include a time-based trigger utilizing a standard green/yellow/red light chart for ongoing authorizations and monitoring.

A system and method for determining consent user interface validity for a provided consent user interface of a web form presenting consent information, comprising: accessing a consent user interface presented on a web form; determining one or more configuration attributes of the consent user interface; accessing one or more privacy regulations associated with presenting consent information; comparing the one or more configuration attributes of the consent user interface to each of the one or more privacy regulations; determining whether the consent user interface is compliant with each of the one or more privacy regulations; and in response to determining that the consent user interface is not compliant with one or more privacy regulations, flagging the consent user interface.