A system and a method for classifying sensitive data elements in a file is provided. The method includes receiving and converting, the unstructured data file into a machine-readable format and generating, a plurality of sensitive data features. The plurality of sensitive data features represents single element of the sensitive data. The method includes generating, a plurality of adjacent elements corresponding to the single elements of the sensitive data and generating a plurality of feature categories. The method includes aggregating, the plurality of adjacent node features and the plurality of edge features. The method includes calculating and concatenating the plurality of aggregated adjacent nodes features and the plurality of aggregated edge features. The method includes comparing, the distance of the sensitive data from all of the adjacent sensitive data. The method includes classifying and predicting, the sensitive data to be a true positive or false positive sensitive data by using machine learning.

A system can receive a database query that is associated with a user account and that is directed to a first database that stores graph data. The system can determine, based on information received from a second database, whether the user account has authorization to make the database query, wherein the second database stores graph metadata information about the first database, and wherein a schema of the second database corresponds to data entities of the first database and relations between respective data entries of the first database. The system can in response to determining from the second database that the user account has the authorization to make the database query, perform the database query with respect to the first database to produce a query result, and return the database query result to be accessible via a device associated with authenticated use of the user account.

Techniques for managing access to physical assets based on captured digital data and a database are provided. In one technique, one or more functions in an application that executes on a client device are locked. A smart badge that is associated with healthcare information is then received from a remote server system. In response to receiving the smart badge, the one or more functions are unlocked. After unlocking the one or more functions and in response to user input that selects a particular function of the one or more functions, a request and identification data that pertain to the particular function are transmitted over a computer network.

The technologies described herein are generally directed toward monitoring file sharing commands between network equipment to identify adverse conditions. According to an embodiment, a system can comprise a processor and a memory that can enable performance of operations including monitoring resource sharing communication between first network equipment and second network equipment via a network. In one or more embodiments, the method can additionally include based on the resource sharing communication, detecting a condition of the resource sharing communication that has a likelihood of indicating a defined adverse event that has at least a threshold likelihood. Further, the method can include, but are not limited to, in response to detecting the condition, facilitating suspending the resource sharing communication between the first network equipment and the second network equipment.

Systems and methods are provided for interacting with an Application Programming Interface (API) using a digital signature. In one embodiment, a system includes one or more processors that execute the instructions to perform operations. The operations include receiving a digital signature from a requesting device, the digital signature including an array of one or more bits, where each position in the array is associated with a field in the database and with the data stored in the field of an API; identifying one or more requested fields; accessing the database to retrieve the information associated with the one or more requested fields, the information being associated with at least one API; and providing instructions to the requesting device, based on the retrieved information, causing the requesting application to use the API.

An access request is received. The access request comprises a physical page address corresponding to a primary memory block of a memory device, an input security key, and a logical page address corresponding to the physical page address. The input security key is provided as input to a (CAM) block that stores a plurality of security keys to verify that the input security key matches a stored security key. A location of the stored security key is checked to verify that it corresponds to the logical page address included in the access request based a predetermined mapping. Based on verifying that the stored security key corresponds to the logical page address included in the access request, the physical page address corresponding to the primary memory block is accessed.

Embodiments of the present disclosure may provide a data clean room architecture that restricts data included in the clean room. The data clean room architecture can implement a policy to enable data restrictions for data shared between multiple parties via a distributed database. Multiple database accounts can implement validation instances to validate queries when received from other database accounts. One or more of the database accounts can provide a query template that is congruent with the validation instance for use by the other database accounts to generate queries against the data shared in the data clean room.

Disclosed herein are computer-implemented method, system, and computer-program product (computer-readable storage medium) embodiments for discovering contextualized placeholder variables in template code. Some embodiments include invoking a render call to a template engine to render an input template and then receiving a message identifying a placeholder variable within the input template in response to invoking the render call. These embodiments may further include generating multiple rendered templates by rendering the input template based at least in part on a unique value and a modified unique value for the placeholder variable. Further still, these embodiments may also include storing the placeholder variable in a security vulnerability data structure in response to detecting a change in context associated with the placeholder variable between the multiple rendered templates.

An endpoint determines whether a client is authorized to access data. A database stores separate authorizations of a permission model in a data table along with the data. Mapping templates of the endpoint convert a client request for data into a database query for client authorization and the requested data. In response to the query, the database returns to the endpoint the requested data as well as an indication of authorization from the data table. The mapping templates of the endpoint are then used to generate an appropriate response to the client. When the database response indicates the client is authorized, the endpoint can return the requested data to the client. When the database response indicates the client is not authorized, the endpoint can return an error. In some embodiments, the endpoint is an application programming interface (API) gateway that conforms to representational state transfer (REST) software architecture.

An apparatus is described that includes an execution unit to execute a first instruction and a second instruction. The execution unit includes input register space to store a first data structure to be replicated when executing the first instruction and to store a second data structure to be replicated when executing the second instruction. The first and second data structures are both packed data structures. Data values of the first packed data structure are twice as large as data values of the second packed data structure. The execution unit also includes replication logic circuitry to replicate the first data structure when executing the first instruction to create a first replication data structure, and, to replicate the second data structure when executing the second data instruction to create a second replication data structure. The execution unit also includes masking logic circuitry to mask the first replication data structure at a first granularity and mask the second replication data structure at a second granularity. The second granularity is twice as fine as the first granularity.