Embodiments enforce user access rights to a data view, by initially generating a replication table of the view. The replication table may include all view data to which any user is entitled. This replication table may be generated during a first database session having a first value for a session variable. Next, a data access control structure is applied to the replication table to produce output comprising a subset of the view data for a specific user. This output may be produced during a second database session having a second value for the session variable. By initially generating the view replication table up front, processing resources are conserved in later stages when access control structures are applied to grant view access rights to particular users. Alternative embodiments may implement access control to data views, through the creation and storage of derived views.

Systems, methods, and devices for data ingestion, database management, and data security. A method includes storing a plurality of data entries in a project bucket on a database, wherein the plurality of data entries represents information applicable to a plurality of data units associated with a project. The method includes organizing at least a portion of the plurality of data units according to a polymorphous data schema. The method includes linking two or more data units of the plurality of data units to generate a project linkage. The method further includes restricting a user from removing only a portion of the project linkage from the project without first manually breaking the project linkage.

A user provides retailer-specific consents for access and use to private/sensitive information of the user. The private/sensitive information is centrally stored in a privacy vault. Retail services (retailer) that the user subscribes to are provided a user-specific and consent-specific token representing the user and consents to usage of specific private/sensitive information of the user. When the retailer has a need for user-specific private/sensitive information, the retailer presents the user-specific and consent-specific token to the privacy vault. Assuming, the retailer was given access to the requested private/sensitive information defined in the token, the privacy results returns the requested information to the retailer; otherwise, an unauthorized message is returned from the privacy vault to the retailer. The user defines the consents to each retailer and a record of the consents is maintained in the privacy vault.

Disclosed are various embodiments for sharing documents among users of an enterprise as well as with users external to an enterprise. A document is identified and document components extracted from the document. A browser representation is generated that, when rendered or interpreted by a browser, causes the browser to generate a user interface that presents at least a portion of the document as the document would be viewed by a native viewer.

A method including receiving, at a data distribution platform, a selection of a data package comprising a high fidelity ata package. The method also includes filtering, automatically by a filtering application of the data distribution platform, the high fidelity data package to form a marketing data package. Filtering includes removing sufficient data from the high fidelity data package such that the marketing data package is a marketing data package. The method also includes publishing the marketing data package within the data distribution platform.

A mobile device can detect an idle state and, in response, initiate an access monitoring function to covertly monitor activity involving a human interaction with the mobile device. The covert monitoring is undetectable by a user of the mobile device. The mobile device can then detect a human interaction with the mobile device and, in response, cause the mobile device to covertly capture and log one or more human interactions with the mobile device. An authorized user of the mobile device is enabled to review the log of human interactions with the mobile device.

A method and a device are for exchanging information regarding the clinical implications genomic variations. In an embodiment, the method includes receiving login-data of a user; evaluating the login-data received; establishing an encrypted data connection to the user after the evaluating indicates a positive evaluation of the login-data; saving, upon receiving a dataset in a context of a genomic variation, the dataset received in a memory, context-related with the genomic variation; and evaluating, upon a user request being received and connected with a search query for the genomic variation, a set of datasets from the memory, the datasets being context-related with the genomic variation and the set including the datasets that the user is authorized to receive, and sending the set of datasets to the user.

A method for performing data decryption upon data to be displayed on an augmented reality display device is provided. The method includes identifying a user of the augmented reality display device; obtaining access rights information that relates to the user; receiving a set of encrypted information; using the obtained access rights information to determine whether the user is authorized to access the encrypted information; when the user is so authorized, accessing a decryption key that is associated with the encrypted information; decrypting at least a portion of the encrypted information by using the decryption key; and displaying the decrypted portion of the encrypted information on the augmented reality display device.

A method for partially unmasking an object in a video stream comprises: displaying a first video stream in which objects are covered by privacy masks; receiving user input regarding a selection of an object being covered by a privacy mask, wherein the object has a first portion being associated with a first privacy level and a second portion being associated with a second, higher, privacy level; checking that a permission associated with the user input grants access to video data depicting object portions being associated with the first privacy level; giving access to video data depicting the first portion of the object; and displaying a second video stream which differs from the first video stream in that it includes the video data depicting the first portion of the object, while the second portion of the object is still covered by a privacy mask.

A system and method can provide charter-based access to resources using an object model. Charters are defined by an administrator to have certain markings, each marking indicating a control (e.g., permission, credential, qualification, constraint, requirement, etc.) that regulates work under the charter. Users are also associated with markings. A user starts a session to access the system and is authenticated. The system determines charters having markings that the user has, and these charters are provided to the user to select from. Selecting a charter allows the user access to resources associated with the charter, under the controls indicated by the markings. Charters, controls, qualifications, resources, authorizations and links between them can be implemented using an object model. Markings can control session parameters (e.g., geographic location), resource access, user credentials, qualifications, and/or data processing permissions for a group of users, simplifying project definition and revisions to controlling access under the charter.