Aspects of the present disclosure involve a system comprising a computer-readable storage medium storing a program and method for managing compliance with respect to use of personal data. The program and method provide for receiving structured information relating to personal data intended for use by a product or process; generating, based on the structured information, a set of questions corresponding to privacy compliance of the product or process with respect to the personal data; and providing a user interface for presenting the set of questions to a user, for reviewing the product or process for privacy compliance with respect to the personal data.

The present disclosure provides methods and systems for secure logon. One or more method includes: determining, via authentication information provided by a user of an electronic device, that the user is authorized to access an online account provided by the online account provider; providing the user with a selectable option to enable an expedited logon process by which the user can access the online account by solely providing a particular authentication item of the user; receiving a verification credential in response to a next logon attempt using the expedited logon process; and verifying that the received verification credential matches an assigned verification credential provided to the user for use in conjunction with the next logon attempt using the expedited logon process.

Systems and methods for selectively authenticating an untrusted device based on a trust level are disclosed. The system can include transmitting an authentication request from a first device seeking to authenticate a second device to access to an account. The first device receives an authentication token that can be used by the second device for authentication. The authentication token can be transmitted wirelessly to the second device or can be scanned by the second device in the case that the token is a scannable image displayed on the first device. The systems can determine a trust level for the second device based on an association between the first device and the second device. The system can provide the second device a degree of access to the account that relates to the trust level.

An information processing system, a device, and an authentication method. The information processing system includes an information processing apparatus and a device communicably connected to the information processing apparatus, and the device requests the information processing apparatus for account information in response to receiving a predetermined operation, and the information processing apparatus transmits the account information to the device, and the device requests authentication from an authentication server, designating the account information received from the information processing apparatus, and acquires an authentication result.

A method may include providing a user with one or more questions regarding permissions for use of personal data related to the user, and compiling the permissions for the use of the personal data. The method may also include receiving a request from a third party for access to the personal data, and providing a response to the third party based on the compiled permissions. The method may also include, based on the response indicating that the third party is permitted access to the personal data, sending a responsive dataset to a data holder, where the responsive dataset is responsive to the request from the third party. The method may also include facilitating the third party accessing the personal data.

A method for implementing zero-knowledge private key management for decentralized applications including receiving a session request, establishing a session responsive to the session request, transmitting a response to the session request to the decentralized application, receiving a session approval from a client application, updating the session with the information included in the session approval, and transmitting the public key and the blockchain network selection to the decentralized application.

A method includes receiving, at a server and from a sharing entity, data encrypted using a first encryption key associated with the sharing entity. The server receives from the sharing entity a copy of the first encryption key encrypted using a second encryption key different from the first encrypted key and associated with the relying entity. The server receives from the sharing entity a license that includes data defining at least one rule associated with the relying entity accessing the data stored on the server. The server sends to the relying entity the copy of the first encryption key such that the relying entity can decrypt the copy of the first encryption key to access the data using the first encryption key, in accordance with the at least one rule. The server removes from memory the data in accordance with the at least one rule of the license.

A system is disclosed for providing a data obfuscation platform useful for improved data security of preprocessing analysis of the data by a third party server. The system comprises: (a) a data store for storing: (1) sets of pre-processing analysis data created by a plurality of applications of different formats and/or organized by different standards; (2) a plurality of categories for the pre-processing the data and a plurality of rules for obfuscating the pre-processing data based on the categories; and (3) a data obfuscation engine for obfuscating the pre-processing analysis data; (b) one or more servers coupled to the data store and programmed to obfuscate the data by the data obfuscation engine before data preprocessing analysis by the third party server.

A storage node that maintains separate storage objects for storage of data for different host applications protects those storage objects against ransomware attacks by recognizing variations in data reducibility. Separate data reducibility profiles are generated for each protected storage object. In response to new data being written to one of the protected storage objects, the reducibility of the new data is compared with the data reducibility profile of the protected storage object to which the new data is being written. A mismatch indicates a ransomware attack. Counter-measures may include halting generation or overwriting of snaps, halting replication, and halting backups of the storage object, and generating ransomware attack alert messages. Decryption keys are provided to the storage node if new data is normally provided in an encrypted state.

Systems and methods are provided executing jobs immediately upon receipt of a notification. The systems and methods may include receiving, at a cloud compute service, a notification that a sensitive file comprising sensitive data has been received at a file receipt location, the sensitive file being sent by a client device; generating, by the cloud compute service, a container instance in response to the notification; retrieving, by the container instance, the sensitive file from the file receipt location; generating, by the container instance, a stripped file by stripping the sensitive data from the sensitive file based on a configuration file; transmitting, by the container instance, the stripped file to a storage location; deleting the sensitive file and associated file pointers from the file receipt location; and terminating the container instance, wherein terminating the container instance comprises deleting files comprising sensitive data and associated file pointers.