Methods and systems are provided for decentralizing user data access rights control activities in networked organizations having diverse access control models and file server protocols. A folder management application enables end users of the file system to make requests for access to storage elements, either individually, or by becoming members of a user group having group access privileges. Responsibility for dealing with such requests is distributed to respective group owners and data owners, who may delegate responsibility to authorizers. The application may also consider automatically generated proposals for changes to access privileges. An automatic system continually monitors and analyzes access behavior by users who have been pre-classified into groups having common data access privileges. As the organizational structure changes, these groups are adaptively changed both in composition and in data access rights.

Systems and methods are described, and an example system includes an AI enhanced multi-source health data integration logic that receives a first source electronic health record (EHR) data from a first EHR system and a second source EHR data from a second EHR system, and transforms, according to a knowledge representation schema, health-related information content of the first source EHR data and the second source EHR data to a first source transformed health data and second source transformed health data. The system includes a collaboration platform, configured to host a multi-source transformed health data database, including the transformed first source health data and the transformed second source health data, and hosts AI-enhanced, multiple level telecollaborative analyses by a plurality of participants of the multi-source transformed health data database, generating health management data.

Provided are a method, a system, and a computer program product in which metadata associated with encrypted data is maintained in a cloud computing environment, wherein the metadata indicates whether reading of information in the encrypted data is restricted geographically. A controller provides a decryption code for decrypting the encrypted data to a cloud server located in a geographical location, based on whether the metadata indicates whether the reading of information in the encrypted data is restricted geographically.

Systems and methods which enable an authentication procedure to be used within the standard network security architecture to authenticate third party applications that are forbidden access to a particular secret key are disclosed. Third party smartphone applications that are unable to use SIM-based authentication due to being forbidden access to a SIM-based key are provided an alternate secret key for use in an EAP-AKA or EAP-SIM type procedure according to embodiments. An authentication server or other backend authentication infrastructure of embodiments requests authentication vectors from a backend system sharing the alternative secret key. Accordingly, the backend authentication platform of embodiments is adapted to know or detect that an application is using an alternative secret key (e.g., a secret key other than the SIM-based secret key) and to perform the appropriate procedure for the key type.

In an example of this disclosure, a method may include receiving, by a database server, a data write request. The data write request may include authentication information corresponding to a first call session and first additional information. The method may include generating, by the database server, a first unique identifier based on the first additional information. The authentication information may correspond to the first unique identifier. The method may include storing the first unique identifier and the authentication information in a data structure in a memory of the database server.

Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions. Decision and enforcement points are associated with the system entry points within software applications belonging to catalog(s).

A method for performing multi-system log access management and an associated SoC IC are provided. The method may include: utilizing multiple partial circuit of at least one processor in the SoC IC to run multiple systems, respectively; utilizing a first partial circuit to execute at least one first log management procedure, to configure at least one memory into multiple ring buffers, to record a set of first logs of a first system running on the first partial circuit into a first ring buffer, and to write multiple sets of logs respectively stored in the multiple ring buffers into a file system; and utilizing at least one second partial circuit to execute at least one second log management procedure, to record at least one set of second logs of at least one second system running on the at least one second partial circuit into at least one second ring buffer.

In an example of this disclosure, a method may include storing, by a first database server, first call session information in a data structure in a memory of the first database server. The first call session information may correspond to a unique identifier that corresponds to a caller. The method may include replicating the first call session information stored in the data structure in the memory of the first database server to a data structure in a memory of a second database server.

A method includes monitoring a job being executed at the source mainframe. A job comprises multiple tasks. A method includes monitoring a particular task of the multiple tasks being executed at a source mainframe and determining an application required to execute the particular task. In response to determining that the particular task requires an application to execute, determining a target mainframe where the application is installed. A method further includes validating the environment of the target mainframe to confirm that the particular task can be executed using the target mainframe, and upon validating the target mainframe, redirecting the particular task to the target mainframe for execution. A method also includes monitoring the particular task being executed at the target mainframe and returning the results of the particular task from the target mainframe to the source mainframe.

In an aspect, the present application may describe a method. The method may include: receiving, from a remote computing device, a first indication of consent for an authenticated entity to share data with a first third party server, the first indication of consent associated with a first sharing permission defining a first sharing scope; in response to receiving the first indication of consent: configuring a server to share data for the authenticated entity with the first third party server based on the sharing permission; identifying a first safety score, the first safety score associated with the first third party server; and updating a risk score for the authenticated entity based on the first safety score and the first sharing permission; and sending the updated risk score for the authenticated entity to the remote computing device for display thereon.