This Application describes devices, and techniques for using them, capable of providing a secure hardware backdoor for digital devices, thus allowing valid access to secure target device data without the owner's consent, while still assuring the owner's knowledge whenever any access has occurred, whether validly or not. Each target device's data is protected by maintaining protected data encrypted on the target device, maintaining encryption keys for protected data in a “secure enclave”, causing the secure enclave to generate secure data in response to a hardware trigger, the secure data being usable to provide access to the device, and providing relatively difficult yet achievable retrieval of the secure data with physical access to the target device, and using the secure data to access protected data on the target device, while also assuring that the target device's owner can determine when the secure data was retrieved.

Methods, systems, and apparatuses for providing access to records of a database stored on a database server in a cloud database platform are described herein. A data sharing platform may determine a shared view definition for access to the database. The data sharing platform may determine rules that specify criteria that limit access to the records stored by the database. The one or more first rules may be received via a user interface. The data sharing platform may perform, based on the rules, a data access certification process on the records stored by the database to generate a table of certification results. The data sharing platform may generate, based on the table of certification results, and without modifying the records stored by the database, a limited consumer view definition. Based on updates to the records, a new limited consumer view definition may be generated.

A user using a client computer registers with a server computer over a computer network by submitting a biometric scan of a body part of the user. The user commands the client computer to encrypt an electronic file. The client computer generates a private key, encrypts the electronic file and transmits the key to the server computer. The client computer saves the encrypted file. The encrypted file and the key are saved at different physical locations. The owner of the file is able to grant permission to other registered users to unlock the encrypted file.

A computer implemented method of managing consent for sharing data, the method comprising: storing data sharing preferences for a data subject in relation to data held by a plurality of data controllers; receiving a data share request from a requestor to obtain personal data relating to the data subject and held by one or more of the data controllers; comparing the data share request to the data sharing preferences of the data subject; and for each of the one or more data controllers: instructing the one or more data controllers to share the personal data with the requestor, or rejecting the data share request, in dependence on the comparison.

Systems and methods for maintaining immutable data access logs with privacy are disclosed. In one embodiment, in a cloud provider comprising at least one computer processor, the cloud provider having a plurality of clients, a method for maintaining immutable data access logs with privacy may include: (1) receiving data from a data owner, wherein the data owner is one of the clients; (2) storing the data in cloud storage; (3) executing an action or condition that impacts the data stored in cloud storage; (4) generating a log entry associated with the action or condition; (5) encrypting at least a portion of the log entry with a public key for the data owner; and (6) committing the log entry including the encrypted portion to a distributed ledger so that the committed log entry is immutable and cryptographically verifiable.

Systems and methods allow for a variety of partners to store information in a database utilizing connected services to securely allow retrieval of such data by the partners. A collection of data points that make up a record allows for positive record matching. Individual data elements are generally stored for each partner connected to the record. Partners can only store data elements associated with a unique, known record. Numerous partners may contribute their data in the form of record components and each retains access rights to their own private data which is not shared within the platform. This allows for different data about the same record and data point to be stored by each party (partner). Partners can retrieve their own values should the need arise and also have access to the sureEcosystem Value for fields where the partner has contributed qualifying data. The sureEcosystem Value comes from an algorithm utilizing value frequency, submission dates, partner rankings, record owner input and other validation components in its analysis of contributed information to determine the value most likely accurate at any given time.

Systems and methods for providing an integration platform for abstracting and interacting with one or more third party platforms provided by one or more third party computing systems can include the utilization of one or more abstraction blocks and one or more application programming interfaces. In some implementations the systems and methods can include a user interface that can leveraged as an intermediary for intaking user inputs, processing the user inputs, and providing abstracted versions of the inputs to the third party computing systems in order to provide access to the third party platforms to the user.

A method includes obtaining audit records. Each of the audit records indicates a timestamp for a corresponding message, at least one event type code selected from a plurality of event type codes for a corresponding audit event of the corresponding message, and an identifier for a corresponding system entity associated with creation of the corresponding message. A number of audit records are aggregated over a period of time. An audit file is generated to include the number of audit records and integrity information. Storage of the audit file is facilitated by utilizing a name of the audit file.

Systems for collecting and securely transmitting and displaying sensitive data are described. In a described configuration, the system includes service provider software deployed to a customer endpoint for detecting sensitive data and encrypting the same to produce a cryptogram, at least one service provider server for receiving and storing cryptograms for later access, and a client deployed to a consumption device for requesting cryptograms from the at least one service provider server, transmitting the cryptogram to a customer decryption module for decryption, and for displaying the decrypted sensitive data via the consumption device. Corresponding methods and computer-readable media are also described.

The hybrid method (100) for storing digital information comprises: a configuration step (105), which comprises: a step (120) to define at least two information storage devices, at least one of the devices being local and not dedicated to storage, a step (125) to create a computer abstraction presenting common addressing characteristics between at least two storage devices, each abstraction being addressable by a central control device, iteratively, a dynamic step (110) to adjust local storage capacity, comprising: one step (130) of allocation, by at least one local device not dedicated to storage, of storage capacity and a step (135) of communication, to the central control device, of an allocated storage capacity and an execution step (115), which comprises: a step (140) to trigger a digital information backup, a step (145) of fragmenting digital information into at least one information segment, a step (150) of selecting, by the central control device and for each segment, a storage device according to the abstractions created and a step (155) of recording, on the selected storage device, the associated information segment.